diff --git a/po/sssd.pot b/po/sssd.pot index 19f6994ff88..075f908a857 100644 --- a/po/sssd.pot +++ b/po/sssd.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2021-02-05 11:58+0100\n" +"POT-Creation-Date: 2021-02-19 16:47+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -153,7 +153,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:61 -#: src/config/SSSDConfig/sssdoptions.py:117 +#: src/config/SSSDConfig/sssdoptions.py:119 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -337,1532 +337,1538 @@ msgstr "" msgid "Whether to match authenticated UPN with target user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:111 +#: src/config/SSSDConfig/sssdoptions.py:109 +msgid "" +"List of pairs : that must be enforced " +"for PAM access with GSSAPI authentication" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:113 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:112 +#: src/config/SSSDConfig/sssdoptions.py:114 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:113 +#: src/config/SSSDConfig/sssdoptions.py:115 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:120 +#: src/config/SSSDConfig/sssdoptions.py:122 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:121 +#: src/config/SSSDConfig/sssdoptions.py:123 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:123 +#: src/config/SSSDConfig/sssdoptions.py:125 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:124 +#: src/config/SSSDConfig/sssdoptions.py:126 msgid "Allow to generate ssh-keys from certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:125 +#: src/config/SSSDConfig/sssdoptions.py:127 msgid "" "Use the following matching rules to filter the certificates for ssh-key " "generation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:129 +#: src/config/SSSDConfig/sssdoptions.py:131 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:130 +#: src/config/SSSDConfig/sssdoptions.py:132 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:133 +#: src/config/SSSDConfig/sssdoptions.py:135 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:136 +#: src/config/SSSDConfig/sssdoptions.py:138 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:137 +#: src/config/SSSDConfig/sssdoptions.py:139 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:138 +#: src/config/SSSDConfig/sssdoptions.py:140 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:139 +#: src/config/SSSDConfig/sssdoptions.py:141 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:140 +#: src/config/SSSDConfig/sssdoptions.py:142 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:142 +#: src/config/SSSDConfig/sssdoptions.py:144 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:143 +#: src/config/SSSDConfig/sssdoptions.py:145 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:144 +#: src/config/SSSDConfig/sssdoptions.py:146 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:146 +#: src/config/SSSDConfig/sssdoptions.py:148 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:147 +#: src/config/SSSDConfig/sssdoptions.py:149 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:148 +#: src/config/SSSDConfig/sssdoptions.py:150 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:149 +#: src/config/SSSDConfig/sssdoptions.py:151 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:150 +#: src/config/SSSDConfig/sssdoptions.py:152 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:151 +#: src/config/SSSDConfig/sssdoptions.py:153 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:153 +#: src/config/SSSDConfig/sssdoptions.py:155 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:154 +#: src/config/SSSDConfig/sssdoptions.py:156 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:155 +#: src/config/SSSDConfig/sssdoptions.py:157 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:156 +#: src/config/SSSDConfig/sssdoptions.py:158 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:159 +#: src/config/SSSDConfig/sssdoptions.py:161 msgid "" "One of the following strings specifying the scope of session recording: none " "- No users are recorded. some - Users/groups specified by users and groups " "options are recorded. all - All users are recorded." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:162 +#: src/config/SSSDConfig/sssdoptions.py:164 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " "replacement, case changes, etc." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:164 +#: src/config/SSSDConfig/sssdoptions.py:166 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " "possible space replacement, case changes, etc." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:167 +#: src/config/SSSDConfig/sssdoptions.py:169 msgid "" "A comma-separated list of users to be excluded from recording, only when " "scope=all" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:168 +#: src/config/SSSDConfig/sssdoptions.py:170 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording, only when scope=all. " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:172 +#: src/config/SSSDConfig/sssdoptions.py:174 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:173 +#: src/config/SSSDConfig/sssdoptions.py:175 msgid "Authentication provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:174 +#: src/config/SSSDConfig/sssdoptions.py:176 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:175 +#: src/config/SSSDConfig/sssdoptions.py:177 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:176 +#: src/config/SSSDConfig/sssdoptions.py:178 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:177 +#: src/config/SSSDConfig/sssdoptions.py:179 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:178 +#: src/config/SSSDConfig/sssdoptions.py:180 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:179 +#: src/config/SSSDConfig/sssdoptions.py:181 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:180 +#: src/config/SSSDConfig/sssdoptions.py:182 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:181 +#: src/config/SSSDConfig/sssdoptions.py:183 msgid "Resolver provider" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:184 +#: src/config/SSSDConfig/sssdoptions.py:186 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:185 +#: src/config/SSSDConfig/sssdoptions.py:187 msgid "Enable or disable the domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:186 +#: src/config/SSSDConfig/sssdoptions.py:188 msgid "Minimum user ID" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:187 +#: src/config/SSSDConfig/sssdoptions.py:189 msgid "Maximum user ID" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:188 +#: src/config/SSSDConfig/sssdoptions.py:190 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:189 +#: src/config/SSSDConfig/sssdoptions.py:191 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:190 +#: src/config/SSSDConfig/sssdoptions.py:192 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:191 +#: src/config/SSSDConfig/sssdoptions.py:193 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:192 -#: src/config/SSSDConfig/sssdoptions.py:202 -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:194 #: src/config/SSSDConfig/sssdoptions.py:204 #: src/config/SSSDConfig/sssdoptions.py:205 #: src/config/SSSDConfig/sssdoptions.py:206 #: src/config/SSSDConfig/sssdoptions.py:207 #: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:210 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:193 +#: src/config/SSSDConfig/sssdoptions.py:195 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:194 +#: src/config/SSSDConfig/sssdoptions.py:196 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:195 +#: src/config/SSSDConfig/sssdoptions.py:197 msgid "" "How long should SSSD talk to single DNS server before trying next server " "(miliseconds)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:197 +#: src/config/SSSDConfig/sssdoptions.py:199 msgid "How long should keep trying to resolve single DNS query (seconds)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:198 +#: src/config/SSSDConfig/sssdoptions.py:200 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:199 +#: src/config/SSSDConfig/sssdoptions.py:201 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:200 +#: src/config/SSSDConfig/sssdoptions.py:202 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 +#: src/config/SSSDConfig/sssdoptions.py:203 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:211 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:212 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:243 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:218 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:220 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:223 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:222 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:223 +#: src/config/SSSDConfig/sssdoptions.py:225 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:224 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:227 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:226 +#: src/config/SSSDConfig/sssdoptions.py:228 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:232 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:238 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 -#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:253 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:253 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:255 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:256 +#: src/config/SSSDConfig/sssdoptions.py:258 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 +#: src/config/SSSDConfig/sssdoptions.py:260 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:261 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:266 -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:268 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:268 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:271 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:271 +#: src/config/SSSDConfig/sssdoptions.py:273 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:276 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:279 +#: src/config/SSSDConfig/sssdoptions.py:281 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:281 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:286 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:290 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:290 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:292 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:293 +#: src/config/SSSDConfig/sssdoptions.py:295 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:297 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:305 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 -#: src/config/SSSDConfig/sssdoptions.py:500 +#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:502 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:307 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:310 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:312 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:316 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:319 +#: src/config/SSSDConfig/sssdoptions.py:321 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:323 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:328 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:329 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 -#: src/config/SSSDConfig/sssdoptions.py:331 +#: src/config/SSSDConfig/sssdoptions.py:332 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:332 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:336 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:337 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:348 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:349 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:353 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:352 +#: src/config/SSSDConfig/sssdoptions.py:354 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:358 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:387 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:389 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:390 +#: src/config/SSSDConfig/sssdoptions.py:392 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:394 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:395 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:396 +#: src/config/SSSDConfig/sssdoptions.py:398 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:400 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:401 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:402 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:407 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:427 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:453 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:458 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:468 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:473 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:475 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:480 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:481 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:486 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:489 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:494 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:497 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:504 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:505 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:509 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:510 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:512 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:515 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:516 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:517 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:535 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:536 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:540 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:541 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:544 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:545 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:549 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:550 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:556 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:557 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:562 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:564 +#: src/config/SSSDConfig/sssdoptions.py:566 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:565 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "Indicate if a home directory should be created for new users." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:568 msgid "Indicate if a home directory should be removed for deleted users." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:567 +#: src/config/SSSDConfig/sssdoptions.py:569 msgid "Specify the default permissions on a newly created home directory." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:568 +#: src/config/SSSDConfig/sssdoptions.py:570 msgid "The skeleton directory." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The mail spool directory." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:572 msgid "The command that is run after a user is removed." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:573 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:576 +#: src/config/SSSDConfig/sssdoptions.py:578 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:580 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:581 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:584 +#: src/config/SSSDConfig/sssdoptions.py:586 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:585 +#: src/config/SSSDConfig/sssdoptions.py:587 msgid "Path of group file sources." msgstr "" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index 6485edd8eb3..2c75d72b1e0 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.4.1\n" +"Project-Id-Version: sssd-docs 2.4.2\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2021-02-05 11:57+0100\n" +"POT-Creation-Date: 2021-02-19 16:49+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -18,7 +18,17 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" #. type: Content of: -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 pam_sss_gss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sss-certmap.5.xml:5 sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_override.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5 sss_rpcidmapd.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 idmap_sss.8.xml:5 sssctl.8.xml:5 sssd-files.5.xml:5 sssd-secrets.5.xml:5 sssd-session-recording.5.xml:5 sssd-kcm.8.xml:5 sssd-systemtap.5.xml:5 sssd-ldap-attributes.5.xml:5 +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 +#: pam_sss_gss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 +#: sss-certmap.5.xml:5 sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 +#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_override.8.xml:5 sss_useradd.8.xml:5 +#: sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 +#: sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5 +#: sss_rpcidmapd.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 idmap_sss.8.xml:5 sssctl.8.xml:5 +#: sssd-files.5.xml:5 sssd-secrets.5.xml:5 sssd-session-recording.5.xml:5 +#: sssd-kcm.8.xml:5 sssd-systemtap.5.xml:5 sssd-ldap-attributes.5.xml:5 msgid "SSSD Manual pages" msgstr "" @@ -28,7 +38,12 @@ msgid "sss_groupmod" msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:12 pam_sss_gss.8.xml:12 sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_override.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 sss_debuglevel.8.xml:11 sss_seed.8.xml:11 idmap_sss.8.xml:11 sssctl.8.xml:11 sssd-kcm.8.xml:11 +#: sss_groupmod.8.xml:11 pam_sss.8.xml:12 pam_sss_gss.8.xml:12 +#: sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 +#: sss_override.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 +#: sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 +#: sss_usermod.8.xml:11 sss_cache.8.xml:11 sss_debuglevel.8.xml:11 +#: sss_seed.8.xml:11 idmap_sss.8.xml:11 sssctl.8.xml:11 sssd-kcm.8.xml:11 msgid "8" msgstr "" @@ -46,7 +61,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:63 pam_sss_gss.8.xml:30 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sss-certmap.5.xml:21 sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_override.8.xml:30 sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_seed.8.xml:31 sssd-ifp.5.xml:21 sss_ssh_authorizedkeys.1.xml:30 sss_ssh_knownhostsproxy.1.xml:31 idmap_sss.8.xml:20 sssctl.8.xml:30 sssd-files.5.xml:21 sssd-secrets.5.xml:21 sssd-session-recording.5.xml:21 sssd-kcm.8.xml:21 sssd-systemtap.5.xml:21 sssd-ldap-attributes.5.xml:21 +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:63 +#: pam_sss_gss.8.xml:30 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 +#: sss-certmap.5.xml:21 sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd-sudo.5.xml:21 +#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_override.8.xml:30 +#: sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 +#: sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 +#: sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30 +#: sss_seed.8.xml:31 sssd-ifp.5.xml:21 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 idmap_sss.8.xml:20 sssctl.8.xml:30 +#: sssd-files.5.xml:21 sssd-secrets.5.xml:21 sssd-session-recording.5.xml:21 +#: sssd-kcm.8.xml:21 sssd-systemtap.5.xml:21 sssd-ldap-attributes.5.xml:21 msgid "DESCRIPTION" msgstr "" @@ -58,7 +83,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:70 pam_sss_gss.8.xml:76 sssd.8.xml:42 sss_obfuscate.8.xml:58 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 sss_cache.8.xml:39 sss_seed.8.xml:42 sss_ssh_authorizedkeys.1.xml:123 sss_ssh_knownhostsproxy.1.xml:62 +#: sss_groupmod.8.xml:39 pam_sss.8.xml:70 pam_sss_gss.8.xml:89 sssd.8.xml:42 +#: sss_obfuscate.8.xml:58 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 +#: sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 +#: sss_usermod.8.xml:39 sss_cache.8.xml:39 sss_seed.8.xml:42 +#: sss_ssh_authorizedkeys.1.xml:123 sss_ssh_knownhostsproxy.1.xml:62 msgid "OPTIONS" msgstr "" @@ -98,12 +127,20 @@ msgid "sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 sss-certmap.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 sssd-files.5.xml:11 sssd-secrets.5.xml:11 sssd-session-recording.5.xml:11 sssd-systemtap.5.xml:11 sssd-ldap-attributes.5.xml:11 +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 +#: sss-certmap.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 +#: sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 +#: sssd-files.5.xml:11 sssd-secrets.5.xml:11 sssd-session-recording.5.xml:11 +#: sssd-systemtap.5.xml:11 sssd-ldap-attributes.5.xml:11 msgid "5" msgstr "" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 sss-certmap.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 sssd-files.5.xml:12 sssd-secrets.5.xml:12 sssd-session-recording.5.xml:12 sssd-kcm.8.xml:12 sssd-systemtap.5.xml:12 sssd-ldap-attributes.5.xml:12 +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 +#: sss-certmap.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 +#: sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 +#: sssd-files.5.xml:12 sssd-secrets.5.xml:12 sssd-session-recording.5.xml:12 +#: sssd-kcm.8.xml:12 sssd-systemtap.5.xml:12 sssd-ldap-attributes.5.xml:12 msgid "File Formats and Conventions" msgstr "" @@ -254,7 +291,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:331 sssd.conf.5.xml:612 sssd.conf.5.xml:941 sssd.conf.5.xml:1872 sssd.conf.5.xml:1902 sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1127 sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:341 sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1177 sssd-ad.5.xml:1325 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:331 sssd.conf.5.xml:612 +#: sssd.conf.5.xml:941 sssd.conf.5.xml:1936 sssd.conf.5.xml:1966 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1127 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:341 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1177 sssd-ad.5.xml:1325 +#: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -271,12 +313,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:146 sssd.conf.5.xml:609 sssd.conf.5.xml:823 sssd.conf.5.xml:1805 sssd.conf.5.xml:3622 sssd-ldap.5.xml:312 sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 sssd-ldap.5.xml:1463 sssd-ldap.5.xml:1668 sssd-ipa.5.xml:151 sssd-ipa.5.xml:253 sssd-ipa.5.xml:589 sssd-ad.5.xml:1083 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 sssd-krb5.5.xml:573 +#: sssd.conf.5.xml:146 sssd.conf.5.xml:609 sssd.conf.5.xml:823 +#: sssd.conf.5.xml:1869 sssd.conf.5.xml:3686 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1463 sssd-ldap.5.xml:1668 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:253 sssd-ipa.5.xml:589 sssd-ad.5.xml:1083 sssd-krb5.5.xml:266 +#: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 sssd-krb5.5.xml:573 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1520 sssd-ldap.5.xml:1691 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 include/autofs_attributes.xml:1 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1691 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 +#: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 +#: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 +#: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 +#: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -299,7 +353,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1161 sssd.conf.5.xml:1550 sssd.conf.5.xml:3638 sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1161 sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:3702 sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -314,7 +369,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3727 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3791 msgid "Section parameters" msgstr "" @@ -396,7 +451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:260 sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:260 sssd.conf.5.xml:3203 msgid "re_expression (string)" msgstr "" @@ -416,12 +471,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:3187 +#: sssd.conf.5.xml:277 sssd.conf.5.xml:3251 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:280 sssd.conf.5.xml:3190 +#: sssd.conf.5.xml:280 sssd.conf.5.xml:3254 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -430,39 +485,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:3201 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3265 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:292 sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:292 sssd.conf.5.xml:3266 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:295 sssd.conf.5.xml:3269 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3272 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:304 sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3278 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:307 sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:307 sssd.conf.5.xml:3281 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:3198 +#: sssd.conf.5.xml:288 sssd.conf.5.xml:3262 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -600,7 +655,13 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:436 sssd.conf.5.xml:1348 sssd-ldap.5.xml:772 sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:897 sssd-ad.5.xml:972 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:609 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:959 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:436 sssd.conf.5.xml:1348 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:897 sssd-ad.5.xml:972 +#: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:609 +#: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 +#: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 +#: sssd-ldap-attributes.5.xml:959 include/ldap_id_mapping.xml:205 +#: include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -853,7 +914,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:657 sssd.conf.5.xml:1562 sssd.conf.5.xml:3688 sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 +#: sssd.conf.5.xml:657 sssd.conf.5.xml:1562 sssd.conf.5.xml:3752 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -972,7 +1034,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:758 sssd.conf.5.xml:1072 sssd.conf.5.xml:1414 sssd.conf.5.xml:1651 sssd-ldap.5.xml:469 +#: sssd.conf.5.xml:758 sssd.conf.5.xml:1072 sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1651 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1039,7 +1102,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:811 sssd.conf.5.xml:1085 sssd.conf.5.xml:2026 sssd-ldap.5.xml:326 +#: sssd.conf.5.xml:811 sssd.conf.5.xml:1085 sssd.conf.5.xml:2090 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1117,7 +1181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:877 sssd.conf.5.xml:1826 +#: sssd.conf.5.xml:877 sssd.conf.5.xml:1890 msgid "Default: 50" msgstr "" @@ -1135,7 +1199,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 sssd.conf.5.xml:1850 +#: sssd.conf.5.xml:891 sssd.conf.5.xml:1914 msgid "Default: 15" msgstr "" @@ -1221,7 +1285,8 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:960 sssd.conf.5.xml:1481 sssd.conf.5.xml:1500 sssd-krb5.5.xml:592 include/override_homedir.xml:59 +#: sssd.conf.5.xml:960 sssd.conf.5.xml:1481 sssd.conf.5.xml:1500 +#: sssd-krb5.5.xml:592 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -1386,7 +1451,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1119 sssd.conf.5.xml:1144 sssd.conf.5.xml:1169 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1119 sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1169 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1406,7 +1472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1111 sssd.conf.5.xml:2559 sssd-ldap.5.xml:513 +#: sssd.conf.5.xml:1111 sssd.conf.5.xml:2623 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" @@ -1431,7 +1497,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 sssd.conf.5.xml:3276 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 sssd-krb5.5.xml:248 include/failover.xml:116 +#: sssd.conf.5.xml:1136 sssd.conf.5.xml:3340 sssd-ldap.5.xml:453 +#: sssd-ldap.5.xml:495 sssd-krb5.5.xml:248 include/failover.xml:116 msgid "Default: 6" msgstr "" @@ -1709,7 +1776,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1383 sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:1383 sssd.conf.5.xml:2647 msgid "Display a warning N days before the password expires." msgstr "" @@ -1722,7 +1789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1392 sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:1392 sssd.conf.5.xml:2650 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1737,7 +1804,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 sssd.conf.5.xml:3470 sssd-ldap.5.xml:549 sssd.8.xml:79 +#: sssd.conf.5.xml:1402 sssd.conf.5.xml:3534 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1798,7 +1865,9 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 sssd.conf.5.xml:1487 sssd.conf.5.xml:1506 sssd.conf.5.xml:1684 sssd.conf.5.xml:2332 sssd.conf.5.xml:3399 sssd-ldap.5.xml:1091 +#: sssd.conf.5.xml:1462 sssd.conf.5.xml:1487 sssd.conf.5.xml:1506 +#: sssd.conf.5.xml:1684 sssd.conf.5.xml:2396 sssd.conf.5.xml:3463 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1863,7 +1932,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1520 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 sssd-ldap.5.xml:1169 sssd-ad.5.xml:482 sssd-ad.5.xml:558 sssd-ad.5.xml:1103 sssd-ad.5.xml:1152 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1520 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1169 sssd-ad.5.xml:482 sssd-ad.5.xml:558 sssd-ad.5.xml:1103 +#: sssd-ad.5.xml:1152 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1878,12 +1949,12 @@ msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1531 sssd.conf.5.xml:1952 sssd.conf.5.xml:3926 +#: sssd.conf.5.xml:1531 sssd.conf.5.xml:2016 sssd.conf.5.xml:3990 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:1954 +#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2018 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" @@ -1944,7 +2015,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 sssd-ad.5.xml:621 sssd-ad.5.xml:730 sssd-ad.5.xml:788 sssd-ad.5.xml:846 sssd-ad.5.xml:924 +#: sssd.conf.5.xml:1589 sssd-ad.5.xml:621 sssd-ad.5.xml:730 sssd-ad.5.xml:788 +#: sssd-ad.5.xml:846 sssd-ad.5.xml:924 msgid "Default: the default set of PAM service names includes:" msgstr "" @@ -2101,7 +2173,7 @@ msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1721 sssd.conf.5.xml:3865 +#: sssd.conf.5.xml:1721 sssd.conf.5.xml:3929 msgid "pam_gssapi_services" msgstr "" @@ -2120,7 +2192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1733 sssd.conf.5.xml:1764 +#: sssd.conf.5.xml:1733 sssd.conf.5.xml:1764 sssd.conf.5.xml:1802 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2136,7 +2208,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1739 sssd.conf.5.xml:3393 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:1739 sssd.conf.5.xml:3457 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -2146,7 +2218,7 @@ msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1750 sssd.conf.5.xml:3866 +#: sssd.conf.5.xml:1750 sssd.conf.5.xml:3930 msgid "pam_gssapi_check_upn" msgstr "" @@ -2170,13 +2242,103 @@ msgstr "" msgid "Default: True" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1775 +msgid "pam_gssapi_indicators_map" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1778 +msgid "" +"Comma separated list of authentication indicators required to be present in " +"a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " +"authentication using pam_sss_gss.so module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1784 +msgid "" +"Each element of the list can be either an authentication indicator name or a " +"pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " +"service name will be required to access any PAM service configured to be " +"used with <option>pam_gssapi_services</option>. A resulting list of " +"indicators per PAM service is then checked against indicators in the " +"Kerberos ticket during authentication by pam_sss_gss.so. Any indicator from " +"the ticket that matches the resulting list of indicators for the PAM service " +"would grant access. If none of the indicators in the list match, access will " +"be denied. If the resulting list of indicators for the PAM service is empty, " +"the check will not prevent the access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1797 +msgid "" +"To disable GSSAPI authentication indicator check, set this option to " +"<quote>-</quote> (dash). To disable the check for a specific PAM service, " +"add <quote>service:-</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1808 +msgid "" +"Following authentication indicators are supported by IPA Kerberos " +"deployments:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"pkinit -- pre-authentication using X.509 certificates -- whether stored in " +"files or on smart cards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1814 +msgid "" +"hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " +"FAST channel." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1817 +msgid "radius -- pre-authentication with the help of a RADIUS server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1820 +msgid "" +"otp -- pre-authentication using integrated two-factor authentication (2FA or " +"one-time password, OTP) in IPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1830 +#, no-wrap +msgid "" +"pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1825 +msgid "" +"Example: to require access to SUDO services only for users which obtained " +"their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " +"set <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1834 +msgid "Default: not set (use of authentication indicators is not required)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1842 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1780 +#: sssd.conf.5.xml:1844 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> " @@ -2188,24 +2350,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1861 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1800 +#: sssd.conf.5.xml:1864 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1812 +#: sssd.conf.5.xml:1876 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1879 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2216,22 +2378,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1898 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1900 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1840 +#: sssd.conf.5.xml:1904 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1843 +#: sssd.conf.5.xml:1907 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2239,51 +2401,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1923 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1861 +#: sssd.conf.5.xml:1925 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1865 +#: sssd.conf.5.xml:1929 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1868 +#: sssd.conf.5.xml:1932 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1877 +#: sssd.conf.5.xml:1941 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1880 +#: sssd.conf.5.xml:1944 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1948 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1953 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1956 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2293,12 +2455,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1971 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1974 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2308,7 +2470,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1919 +#: sssd.conf.5.xml:1983 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2316,7 +2478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1926 +#: sssd.conf.5.xml:1990 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2325,38 +2487,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:1997 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1938 +#: sssd.conf.5.xml:2002 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1944 +#: sssd.conf.5.xml:2008 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1947 +#: sssd.conf.5.xml:2011 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1967 +#: sssd.conf.5.xml:2031 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1969 +#: sssd.conf.5.xml:2033 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2367,7 +2529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:2042 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2378,24 +2540,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2050 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1992 +#: sssd.conf.5.xml:2056 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1996 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:2060 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1999 +#: sssd.conf.5.xml:2063 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2403,12 +2565,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2005 +#: sssd.conf.5.xml:2069 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2009 +#: sssd.conf.5.xml:2073 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2417,24 +2579,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2018 +#: sssd.conf.5.xml:2082 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2021 +#: sssd.conf.5.xml:2085 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2034 +#: sssd.conf.5.xml:2098 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2036 +#: sssd.conf.5.xml:2100 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> " @@ -2445,66 +2607,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2113 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2053 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2117 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2124 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2127 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2068 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2132 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2071 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2135 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2080 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2144 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2083 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2147 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2056 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2120 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2090 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2154 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2095 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2159 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2098 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2162 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording " "enabled. Matches user names as returned by NSS. I.e. after the possible " @@ -2512,17 +2674,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2104 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2168 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2173 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2112 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2176 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2530,7 +2692,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2118 sssd.conf.5.xml:2150 sssd-session-recording.5.xml:129 sssd-session-recording.5.xml:161 +#: sssd.conf.5.xml:2182 sssd.conf.5.xml:2214 sssd-session-recording.5.xml:129 +#: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2538,56 +2701,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2125 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2189 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2130 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2194 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2133 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2197 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2137 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2201 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2142 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2206 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2145 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2209 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2221 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2231 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2238 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2241 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -2597,12 +2760,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2189 +#: sssd.conf.5.xml:2253 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2192 +#: sssd.conf.5.xml:2256 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2611,14 +2774,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2264 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2204 +#: sssd.conf.5.xml:2268 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2627,38 +2790,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2212 +#: sssd.conf.5.xml:2276 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2280 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 +#: sssd.conf.5.xml:2284 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2226 +#: sssd.conf.5.xml:2290 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2229 +#: sssd.conf.5.xml:2293 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2298 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -2667,24 +2830,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2305 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2309 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2315 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2318 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2693,29 +2856,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2262 +#: sssd.conf.5.xml:2326 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2265 +#: sssd.conf.5.xml:2329 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2268 sssd.conf.5.xml:2538 sssd.conf.5.xml:2714 +#: sssd.conf.5.xml:2332 sssd.conf.5.xml:2602 sssd.conf.5.xml:2778 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 +#: sssd.conf.5.xml:2335 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2340 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2729,14 +2892,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2291 +#: sssd.conf.5.xml:2355 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2360 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2745,39 +2908,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2368 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2376 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2319 +#: sssd.conf.5.xml:2383 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2384 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2387 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2324 +#: sssd.conf.5.xml:2388 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2379 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2786,19 +2949,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2338 +#: sssd.conf.5.xml:2402 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2405 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2345 +#: sssd.conf.5.xml:2409 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2809,137 +2972,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2358 +#: sssd.conf.5.xml:2422 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2428 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2367 +#: sssd.conf.5.xml:2431 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2371 sssd.conf.5.xml:2384 sssd.conf.5.xml:2397 sssd.conf.5.xml:2410 sssd.conf.5.xml:2424 sssd.conf.5.xml:2437 sssd.conf.5.xml:2451 sssd.conf.5.xml:2465 sssd.conf.5.xml:2478 +#: sssd.conf.5.xml:2435 sssd.conf.5.xml:2448 sssd.conf.5.xml:2461 +#: sssd.conf.5.xml:2474 sssd.conf.5.xml:2488 sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2515 sssd.conf.5.xml:2529 sssd.conf.5.xml:2542 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2377 +#: sssd.conf.5.xml:2441 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2444 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2454 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 +#: sssd.conf.5.xml:2457 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2403 +#: sssd.conf.5.xml:2467 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2470 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2416 +#: sssd.conf.5.xml:2480 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2483 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2430 +#: sssd.conf.5.xml:2494 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2497 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 +#: sssd.conf.5.xml:2507 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 +#: sssd.conf.5.xml:2510 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2521 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2460 +#: sssd.conf.5.xml:2524 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2535 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2474 +#: sssd.conf.5.xml:2538 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2484 +#: sssd.conf.5.xml:2548 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 +#: sssd.conf.5.xml:2551 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2492 +#: sssd.conf.5.xml:2556 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2948,17 +3113,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2500 +#: sssd.conf.5.xml:2564 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2568 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 +#: sssd.conf.5.xml:2572 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -2970,32 +3135,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2521 sssd-ldap.5.xml:350 sssd-ipa.5.xml:269 +#: sssd.conf.5.xml:2585 sssd-ldap.5.xml:350 sssd-ipa.5.xml:269 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2527 +#: sssd.conf.5.xml:2591 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2530 +#: sssd.conf.5.xml:2594 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2598 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2544 +#: sssd.conf.5.xml:2608 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2547 +#: sssd.conf.5.xml:2611 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3003,19 +3168,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2554 +#: sssd.conf.5.xml:2618 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2565 +#: sssd.conf.5.xml:2629 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2632 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3024,17 +3189,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2639 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2580 +#: sssd.conf.5.xml:2644 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2655 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3043,34 +3208,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2598 +#: sssd.conf.5.xml:2662 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2604 +#: sssd.conf.5.xml:2668 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2671 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2611 +#: sssd.conf.5.xml:2675 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2678 msgid "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2618 +#: sssd.conf.5.xml:2682 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> " "<refentrytitle>sssd-files</refentrytitle> <manvolnum>5</manvolnum> " @@ -3079,7 +3244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2626 +#: sssd.conf.5.xml:2690 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3087,7 +3252,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 sssd.conf.5.xml:2740 sssd.conf.5.xml:2795 sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2698 sssd.conf.5.xml:2804 sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2922 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3096,7 +3262,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2643 sssd.conf.5.xml:2749 sssd.conf.5.xml:2804 sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2707 sssd.conf.5.xml:2813 sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2931 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -3104,19 +3271,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2718 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2721 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2662 +#: sssd.conf.5.xml:2726 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3125,7 +3292,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2670 +#: sssd.conf.5.xml:2734 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3133,24 +3300,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2677 +#: sssd.conf.5.xml:2741 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2684 +#: sssd.conf.5.xml:2748 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2687 +#: sssd.conf.5.xml:2751 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2690 +#: sssd.conf.5.xml:2754 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3162,7 +3329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2772 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3170,19 +3337,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2783 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2786 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2726 sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2790 sssd.conf.5.xml:2852 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3190,7 +3357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2733 +#: sssd.conf.5.xml:2797 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -3198,34 +3365,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2821 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2824 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 +#: sssd.conf.5.xml:2828 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2767 +#: sssd.conf.5.xml:2831 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2837 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2776 +#: sssd.conf.5.xml:2840 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3233,19 +3400,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2782 +#: sssd.conf.5.xml:2846 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2849 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2876 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -3254,7 +3421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2819 +#: sssd.conf.5.xml:2883 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> " @@ -3263,29 +3430,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2890 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2829 +#: sssd.conf.5.xml:2893 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2898 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2837 +#: sssd.conf.5.xml:2901 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2906 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -3294,7 +3461,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2914 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -3302,34 +3469,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:2939 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2879 +#: sssd.conf.5.xml:2943 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2946 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:2953 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2892 +#: sssd.conf.5.xml:2956 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2896 +#: sssd.conf.5.xml:2960 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3337,31 +3504,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2904 +#: sssd.conf.5.xml:2968 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2908 +#: sssd.conf.5.xml:2972 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2912 +#: sssd.conf.5.xml:2976 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2915 sssd.conf.5.xml:3001 sssd.conf.5.xml:3071 sssd.conf.5.xml:3096 sssd.conf.5.xml:3132 +#: sssd.conf.5.xml:2979 sssd.conf.5.xml:3065 sssd.conf.5.xml:3135 +#: sssd.conf.5.xml:3160 sssd.conf.5.xml:3196 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2919 +#: sssd.conf.5.xml:2983 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3372,7 +3540,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2998 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3381,12 +3549,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2944 +#: sssd.conf.5.xml:3008 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2947 +#: sssd.conf.5.xml:3011 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3394,7 +3562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3017 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3403,31 +3571,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2961 +#: sssd.conf.5.xml:3025 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2964 +#: sssd.conf.5.xml:3028 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2970 +#: sssd.conf.5.xml:3034 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2973 +#: sssd.conf.5.xml:3037 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:3043 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3436,7 +3604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2988 +#: sssd.conf.5.xml:3052 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3445,17 +3613,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2997 +#: sssd.conf.5.xml:3061 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3071 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3010 +#: sssd.conf.5.xml:3074 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3463,41 +3631,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3081 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3021 +#: sssd.conf.5.xml:3085 msgid "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3025 +#: sssd.conf.5.xml:3089 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3029 +#: sssd.conf.5.xml:3093 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3101 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3040 +#: sssd.conf.5.xml:3104 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3044 +#: sssd.conf.5.xml:3108 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3505,7 +3673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3051 +#: sssd.conf.5.xml:3115 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -3513,7 +3681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3059 +#: sssd.conf.5.xml:3123 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -3521,24 +3689,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3068 +#: sssd.conf.5.xml:3132 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3142 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3081 +#: sssd.conf.5.xml:3145 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3149 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3547,31 +3715,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3093 +#: sssd.conf.5.xml:3157 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3103 +#: sssd.conf.5.xml:3167 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3106 +#: sssd.conf.5.xml:3170 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3110 +#: sssd.conf.5.xml:3174 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 +#: sssd.conf.5.xml:3178 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -3580,7 +3748,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3121 +#: sssd.conf.5.xml:3185 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3589,12 +3757,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3129 +#: sssd.conf.5.xml:3193 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3142 +#: sssd.conf.5.xml:3206 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3604,7 +3772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3215 msgid "" "Default for the AD and IPA provider: " "<quote>(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> " @@ -3612,29 +3780,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3220 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3159 +#: sssd.conf.5.xml:3223 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3226 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3229 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3234 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3642,7 +3810,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3176 +#: sssd.conf.5.xml:3240 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3652,59 +3820,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3291 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3233 +#: sssd.conf.5.xml:3297 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3236 +#: sssd.conf.5.xml:3300 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3240 +#: sssd.conf.5.xml:3304 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3307 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3246 +#: sssd.conf.5.xml:3310 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3249 +#: sssd.conf.5.xml:3313 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3252 +#: sssd.conf.5.xml:3316 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3255 +#: sssd.conf.5.xml:3319 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3261 +#: sssd.conf.5.xml:3325 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3264 +#: sssd.conf.5.xml:3328 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is " @@ -3713,71 +3881,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3271 +#: sssd.conf.5.xml:3335 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3282 +#: sssd.conf.5.xml:3346 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3285 +#: sssd.conf.5.xml:3349 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3289 +#: sssd.conf.5.xml:3353 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3295 +#: sssd.conf.5.xml:3359 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3298 +#: sssd.conf.5.xml:3362 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3304 +#: sssd.conf.5.xml:3368 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3315 +#: sssd.conf.5.xml:3379 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3318 +#: sssd.conf.5.xml:3382 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3324 +#: sssd.conf.5.xml:3388 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3326 +#: sssd.conf.5.xml:3390 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3330 +#: sssd.conf.5.xml:3394 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3333 +#: sssd.conf.5.xml:3397 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3785,14 +3953,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3341 +#: sssd.conf.5.xml:3405 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3307 +#: sssd.conf.5.xml:3371 msgid "" "Treat user and group names as case sensitive. <phrase " "condition=\"enable_local_provider\"> At the moment, this option is not " @@ -3801,24 +3969,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3415 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3356 +#: sssd.conf.5.xml:3420 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3426 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3429 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3826,44 +3994,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3435 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3438 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3377 sssd-ldap.5.xml:390 +#: sssd.conf.5.xml:3441 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3444 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3383 +#: sssd.conf.5.xml:3447 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3387 +#: sssd.conf.5.xml:3451 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3390 +#: sssd.conf.5.xml:3454 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3395 +#: sssd.conf.5.xml:3459 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3871,27 +4039,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3466 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:3473 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3420 +#: sssd.conf.5.xml:3484 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3421 +#: sssd.conf.5.xml:3485 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3412 +#: sssd.conf.5.xml:3476 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3901,32 +4069,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3490 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3430 +#: sssd.conf.5.xml:3494 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3435 +#: sssd.conf.5.xml:3499 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3438 +#: sssd.conf.5.xml:3502 msgid "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3444 +#: sssd.conf.5.xml:3508 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3511 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3935,19 +4103,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3519 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3524 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3528 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3955,24 +4123,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3475 +#: sssd.conf.5.xml:3539 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3545 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3484 +#: sssd.conf.5.xml:3548 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3488 +#: sssd.conf.5.xml:3552 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3981,24 +4149,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3561 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3500 +#: sssd.conf.5.xml:3564 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3570 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3573 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4008,14 +4176,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3522 +#: sssd.conf.5.xml:3586 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3529 +#: sssd.conf.5.xml:3593 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4023,21 +4191,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3478 +#: sssd.conf.5.xml:3542 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3605 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3549 +#: sssd.conf.5.xml:3613 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4045,7 +4213,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3555 +#: sssd.conf.5.xml:3619 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4054,7 +4222,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3546 +#: sssd.conf.5.xml:3610 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4063,7 +4231,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2169 +#: sssd.conf.5.xml:2233 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -4072,29 +4240,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3634 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3573 +#: sssd.conf.5.xml:3637 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3576 +#: sssd.conf.5.xml:3640 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3584 +#: sssd.conf.5.xml:3648 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3587 +#: sssd.conf.5.xml:3651 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4102,12 +4270,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3597 +#: sssd.conf.5.xml:3661 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3664 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4115,12 +4283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3611 +#: sssd.conf.5.xml:3675 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3614 +#: sssd.conf.5.xml:3678 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4129,12 +4297,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3628 +#: sssd.conf.5.xml:3692 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3631 +#: sssd.conf.5.xml:3695 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4142,19 +4310,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3630 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3647 +#: sssd.conf.5.xml:3711 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3649 +#: sssd.conf.5.xml:3713 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> " @@ -4172,7 +4340,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3733 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4180,17 +4348,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3739 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3677 +#: sssd.conf.5.xml:3741 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3680 +#: sssd.conf.5.xml:3744 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4199,7 +4367,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3694 +#: sssd.conf.5.xml:3758 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4209,7 +4377,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3702 +#: sssd.conf.5.xml:3766 #, no-wrap msgid "" "[sssd]\n" @@ -4229,12 +4397,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3720 +#: sssd.conf.5.xml:3784 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3786 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4242,73 +4410,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3793 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3732 +#: sssd.conf.5.xml:3796 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3736 +#: sssd.conf.5.xml:3800 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3741 +#: sssd.conf.5.xml:3805 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3744 +#: sssd.conf.5.xml:3808 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3749 +#: sssd.conf.5.xml:3813 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3818 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3757 +#: sssd.conf.5.xml:3821 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3761 sssd.conf.5.xml:3773 +#: sssd.conf.5.xml:3825 sssd.conf.5.xml:3837 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3766 +#: sssd.conf.5.xml:3830 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3769 +#: sssd.conf.5.xml:3833 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3778 +#: sssd.conf.5.xml:3842 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3781 +#: sssd.conf.5.xml:3845 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4316,17 +4484,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3789 +#: sssd.conf.5.xml:3853 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3794 +#: sssd.conf.5.xml:3858 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3797 +#: sssd.conf.5.xml:3861 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4335,17 +4503,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3807 +#: sssd.conf.5.xml:3871 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3812 +#: sssd.conf.5.xml:3876 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3815 +#: sssd.conf.5.xml:3879 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4353,17 +4521,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3822 +#: sssd.conf.5.xml:3886 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3827 +#: sssd.conf.5.xml:3891 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3830 +#: sssd.conf.5.xml:3894 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4371,17 +4539,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3836 +#: sssd.conf.5.xml:3900 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3910 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3848 +#: sssd.conf.5.xml:3912 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called " @@ -4392,69 +4560,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3919 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3856 +#: sssd.conf.5.xml:3920 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3857 +#: sssd.conf.5.xml:3921 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3922 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3859 +#: sssd.conf.5.xml:3923 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3860 +#: sssd.conf.5.xml:3924 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3925 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3862 +#: sssd.conf.5.xml:3926 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3863 +#: sssd.conf.5.xml:3927 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3864 sssd-ipa.5.xml:811 +#: sssd.conf.5.xml:3928 sssd-ipa.5.xml:811 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3868 +#: sssd.conf.5.xml:3932 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3874 +#: sssd.conf.5.xml:3938 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3940 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4468,7 +4636,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3890 +#: sssd.conf.5.xml:3954 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4476,7 +4644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3899 +#: sssd.conf.5.xml:3963 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like " @@ -4485,55 +4653,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3906 +#: sssd.conf.5.xml:3970 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3909 +#: sssd.conf.5.xml:3973 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:3977 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3920 +#: sssd.conf.5.xml:3984 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3923 +#: sssd.conf.5.xml:3987 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3993 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3935 +#: sssd.conf.5.xml:3999 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3944 +#: sssd.conf.5.xml:4008 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3947 +#: sssd.conf.5.xml:4011 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4542,17 +4710,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3954 +#: sssd.conf.5.xml:4018 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3959 +#: sssd.conf.5.xml:4023 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3962 +#: sssd.conf.5.xml:4026 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4560,26 +4728,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3968 +#: sssd.conf.5.xml:4032 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3974 +#: sssd.conf.5.xml:4038 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:4044 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3986 +#: sssd.conf.5.xml:4050 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like " @@ -4588,17 +4756,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:4059 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4003 +#: sssd.conf.5.xml:4067 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4005 +#: sssd.conf.5.xml:4069 msgid "" "If a special file " "(<filename>/var/lib/sss/pubconf/pam_preauth_available</filename>) exists " @@ -4608,7 +4776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4013 +#: sssd.conf.5.xml:4077 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4617,59 +4785,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4025 +#: sssd.conf.5.xml:4089 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4028 +#: sssd.conf.5.xml:4092 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4029 +#: sssd.conf.5.xml:4093 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4027 +#: sssd.conf.5.xml:4091 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4101 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4041 +#: sssd.conf.5.xml:4105 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4042 +#: sssd.conf.5.xml:4106 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4109 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4046 +#: sssd.conf.5.xml:4110 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4049 +#: sssd.conf.5.xml:4113 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4050 +#: sssd.conf.5.xml:4114 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4677,14 +4845,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4039 +#: sssd.conf.5.xml:4103 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4020 +#: sssd.conf.5.xml:4084 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -4693,7 +4861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4062 +#: sssd.conf.5.xml:4126 msgid "" "It is possible to add a subsection for specific PAM services, " "e.g. <quote>[prompting/password/sshd]</quote> to individual change the " @@ -4701,12 +4869,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4069 pam_sss_gss.8.xml:144 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4133 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4075 +#: sssd.conf.5.xml:4139 #, no-wrap msgid "" "[sssd]\n" @@ -4736,7 +4904,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4071 +#: sssd.conf.5.xml:4135 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4745,7 +4913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4108 +#: sssd.conf.5.xml:4172 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4753,7 +4921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4102 +#: sssd.conf.5.xml:4166 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4764,7 +4932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4122 +#: sssd.conf.5.xml:4186 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4779,7 +4947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4177 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4829,7 +4997,9 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:115 sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:78 sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:166 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:115 +#: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:78 +#: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:166 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -4928,7 +5098,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:143 sss_override.8.xml:240 sssd-ldap-attributes.5.xml:453 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:143 +#: sss_override.8.xml:240 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -5225,7 +5396,8 @@ msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:389 sssd-ipa.5.xml:408 sssd-ipa.5.xml:427 sssd-ipa.5.xml:446 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:389 sssd-ipa.5.xml:408 sssd-ipa.5.xml:427 +#: sssd-ipa.5.xml:446 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -6503,7 +6675,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1598 sssd-ldap.5.xml:1621 sssd-ldap.5.xml:1639 sssd-ldap.5.xml:1657 +#: sssd-ldap.5.xml:1598 sssd-ldap.5.xml:1621 sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1657 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." @@ -6659,7 +6832,9 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1763 sssd-simple.5.xml:131 sssd-ipa.5.xml:857 sssd-ad.5.xml:1363 sssd-krb5.5.xml:623 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:130 sssd-session-recording.5.xml:176 +#: sssd-ldap.5.xml:1763 sssd-simple.5.xml:131 sssd-ipa.5.xml:857 +#: sssd-ad.5.xml:1363 sssd-krb5.5.xml:623 sss_rpcidmapd.5.xml:98 +#: sssd-files.5.xml:130 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" @@ -6685,7 +6860,10 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1770 sssd-ldap.5.xml:1788 sssd-simple.5.xml:139 sssd-ipa.5.xml:865 sssd-ad.5.xml:1371 sssd-sudo.5.xml:56 sssd-krb5.5.xml:632 sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1770 sssd-ldap.5.xml:1788 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:865 sssd-ad.5.xml:1371 sssd-sudo.5.xml:56 sssd-krb5.5.xml:632 +#: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:182 +#: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -6718,7 +6896,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1804 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 sssd-ad.5.xml:1386 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1804 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1386 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" @@ -6976,7 +7155,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:256 pam_sss_gss.8.xml:90 +#: pam_sss.8.xml:256 pam_sss_gss.8.xml:103 msgid "MODULE TYPES PROVIDED" msgstr "" @@ -6997,22 +7176,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:267 pam_sss_gss.8.xml:95 +#: pam_sss.8.xml:267 pam_sss_gss.8.xml:108 msgid "RETURN VALUES" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:270 pam_sss_gss.8.xml:98 +#: pam_sss.8.xml:270 pam_sss_gss.8.xml:111 msgid "PAM_SUCCESS" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:273 pam_sss_gss.8.xml:101 +#: pam_sss.8.xml:273 pam_sss_gss.8.xml:114 msgid "The PAM operation finished successfully." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:278 pam_sss_gss.8.xml:106 +#: pam_sss.8.xml:278 pam_sss_gss.8.xml:119 msgid "PAM_USER_UNKNOWN" msgstr "" @@ -7024,7 +7203,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:287 pam_sss_gss.8.xml:115 +#: pam_sss.8.xml:287 pam_sss_gss.8.xml:128 msgid "PAM_AUTH_ERR" msgstr "" @@ -7074,12 +7253,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:325 pam_sss_gss.8.xml:123 +#: pam_sss.8.xml:325 pam_sss_gss.8.xml:136 msgid "PAM_AUTHINFO_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:328 pam_sss_gss.8.xml:126 +#: pam_sss.8.xml:328 pam_sss_gss.8.xml:139 msgid "" "Unable to access the authentication information. This might be due to a " "network or hardware failure." @@ -7099,12 +7278,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:344 pam_sss_gss.8.xml:132 +#: pam_sss.8.xml:344 pam_sss_gss.8.xml:145 msgid "PAM_SYSTEM_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:347 pam_sss_gss.8.xml:135 +#: pam_sss.8.xml:347 pam_sss_gss.8.xml:148 msgid "" "A system error occurred. The SSSD log files may contain additional " "information about the error." @@ -7347,35 +7526,53 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry> for more details on these options." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss_gss.8.xml:74 +msgid "" +"Some Kerberos deployments allow to assocate authentication indicators with a " +"particular pre-authentication method used to obtain the ticket granting " +"ticket by the user. <command>pam_sss_gss.so</command> allows to enforce " +"presence of authentication indicators in the service tickets before a " +"particular PAM service can be accessed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss_gss.8.xml:82 +msgid "" +"If <option>pam_gssapi_indicators_map</option> is set in the [pam] or domain " +"section of sssd.conf, then SSSD will perform a check of the presence of any " +"configured indicators in the service ticket." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss_gss.8.xml:80 +#: pam_sss_gss.8.xml:93 msgid "<option>debug</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss_gss.8.xml:83 +#: pam_sss_gss.8.xml:96 msgid "Print debugging information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:91 +#: pam_sss_gss.8.xml:104 msgid "Only the <option>auth</option> module type is provided." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss_gss.8.xml:109 +#: pam_sss_gss.8.xml:122 msgid "" "The user is not known to the authentication service or the GSSAPI " "authentication is not supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss_gss.8.xml:118 +#: pam_sss_gss.8.xml:131 msgid "Authentication failure." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:146 +#: pam_sss_gss.8.xml:159 msgid "" "The main use case is to provide password-less authentication in sudo but " "without the need to disable authentication completely. To achieve this, " @@ -7383,7 +7580,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> -#: pam_sss_gss.8.xml:152 +#: pam_sss_gss.8.xml:165 #, no-wrap msgid "" "[domain/MYDOMAIN]\n" @@ -7392,14 +7589,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:156 +#: pam_sss_gss.8.xml:169 msgid "" "And then enable the module in desired PAM stack (e.g. /etc/pam.d/sudo and " "/etc/pam.d/sudo-i)." msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> -#: pam_sss_gss.8.xml:160 +#: pam_sss_gss.8.xml:173 #, no-wrap msgid "" "...\n" @@ -7409,19 +7606,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss_gss.8.xml:167 +#: pam_sss_gss.8.xml:180 msgid "TROUBLESHOOTING" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:169 +#: pam_sss_gss.8.xml:182 msgid "" "SSSD logs, pam_sss_gss debug output and syslog may contain helpful " "information about the error. Here are some common issues:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:173 +#: pam_sss_gss.8.xml:186 msgid "" "1. I have KRB5CCNAME environment variable set and the authentication does " "not work: Depending on your sudo version, it is possible that sudo does not " @@ -7431,7 +7628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:180 +#: pam_sss_gss.8.xml:193 msgid "" "2. Authentication does not work and syslog contains \"Server not found in " "Kerberos database\": Kerberos is probably not able to resolve correct realm " @@ -7440,7 +7637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:187 +#: pam_sss_gss.8.xml:200 msgid "" "3. Authentication does not work and syslog contains \"No Kerberos " "credentials available\": You don't have any credentials that can be used to " @@ -7449,7 +7646,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss_gss.8.xml:193 +#: pam_sss_gss.8.xml:206 msgid "" "4. Authentication does not work and SSSD sssd-pam log contains \"User with " "UPN [$UPN] was not found.\" or \"UPN [$UPN] does not match target user " @@ -7460,7 +7657,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> -#: pam_sss_gss.8.xml:201 +#: pam_sss_gss.8.xml:214 #, no-wrap msgid "" "[domain_realm]\n" @@ -9240,7 +9437,10 @@ msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:637 sssd-ldap-attributes.5.xml:496 sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 +#: sssd-ipa.5.xml:637 sssd-ldap-attributes.5.xml:496 +#: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 +#: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -10057,7 +10257,8 @@ msgid "results" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd-ad.5.xml:503 sssd-ad.5.xml:506 sssd-ad.5.xml:509 sssd-ad.5.xml:529 sssd-ad.5.xml:532 sssd-ad.5.xml:535 +#: sssd-ad.5.xml:503 sssd-ad.5.xml:506 sssd-ad.5.xml:509 sssd-ad.5.xml:529 +#: sssd-ad.5.xml:532 sssd-ad.5.xml:535 msgid "missing" msgstr "" @@ -10067,7 +10268,8 @@ msgid "all users are allowed" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd-ad.5.xml:506 sssd-ad.5.xml:509 sssd-ad.5.xml:512 sssd-ad.5.xml:532 sssd-ad.5.xml:535 sssd-ad.5.xml:538 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:509 sssd-ad.5.xml:512 sssd-ad.5.xml:532 +#: sssd-ad.5.xml:535 sssd-ad.5.xml:538 msgid "present" msgstr "" @@ -11290,7 +11492,8 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:127 sss_ssh_knownhostsproxy.1.xml:78 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:127 +#: sss_ssh_knownhostsproxy.1.xml:78 msgid "" "<option>-d</option>,<option>--domain</option> " "<replaceable>DOMAIN</replaceable>" @@ -13298,7 +13501,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><title> -#: sss_rpcidmapd.5.xml:120 sssd-kcm.8.xml:249 include/seealso.xml:2 +#: sss_rpcidmapd.5.xml:120 sssd-kcm.8.xml:256 include/seealso.xml:2 msgid "SEE ALSO" msgstr "" @@ -14889,57 +15092,65 @@ msgstr "" msgid "Default: <replaceable>/var/run/.heim_org.h5l.kcm-socket</replaceable>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd-kcm.8.xml:207 +msgid "" +"<phrase condition=\"have_systemd\"> Note: on platforms where systemd is " +"supported, the socket path is overwritten by the one defined in the " +"sssd-kcm.socket unit file. </phrase>" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-kcm.8.xml:209 +#: sssd-kcm.8.xml:216 msgid "max_ccaches (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-kcm.8.xml:212 +#: sssd-kcm.8.xml:219 msgid "How many credential caches does the KCM database allow for all users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-kcm.8.xml:216 +#: sssd-kcm.8.xml:223 msgid "Default: 0 (unlimited, only the per-UID quota is enforced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-kcm.8.xml:221 +#: sssd-kcm.8.xml:228 msgid "max_uid_ccaches (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-kcm.8.xml:224 +#: sssd-kcm.8.xml:231 msgid "" "How many credential caches does the KCM database allow per UID. This is " "equivalent to <quote>with how many principals you can kinit</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-kcm.8.xml:229 +#: sssd-kcm.8.xml:236 msgid "Default: 64" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-kcm.8.xml:234 +#: sssd-kcm.8.xml:241 msgid "max_ccache_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-kcm.8.xml:237 +#: sssd-kcm.8.xml:244 msgid "" "How big can a credential cache be per ccache. Each service ticket accounts " "into this quota." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-kcm.8.xml:241 +#: sssd-kcm.8.xml:248 msgid "Default: 65536" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-kcm.8.xml:251 +#: sssd-kcm.8.xml:258 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " @@ -15034,7 +15245,8 @@ msgid "Start of a sysdb transaction, probes the sysdb_transaction_start() functi msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-systemtap.5.xml:91 sssd-systemtap.5.xml:105 sssd-systemtap.5.xml:118 sssd-systemtap.5.xml:131 +#: sssd-systemtap.5.xml:91 sssd-systemtap.5.xml:105 sssd-systemtap.5.xml:118 +#: sssd-systemtap.5.xml:131 #, no-wrap msgid "" "nesting:integer\n" @@ -15237,7 +15449,8 @@ msgid "Probes the sdap_search_user_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-systemtap.5.xml:283 sssd-systemtap.5.xml:295 sssd-systemtap.5.xml:307 sssd-systemtap.5.xml:319 +#: sssd-systemtap.5.xml:283 sssd-systemtap.5.xml:295 sssd-systemtap.5.xml:307 +#: sssd-systemtap.5.xml:319 #, no-wrap msgid "" "filter:string\n" @@ -15616,14 +15829,16 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap-attributes.5.xml:180 sssd-ldap-attributes.5.xml:732 sssd-ldap-attributes.5.xml:855 +#: sssd-ldap-attributes.5.xml:180 sssd-ldap-attributes.5.xml:732 +#: sssd-ldap-attributes.5.xml:855 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap-attributes.5.xml:184 sssd-ldap-attributes.5.xml:736 sssd-ldap-attributes.5.xml:862 +#: sssd-ldap-attributes.5.xml:184 sssd-ldap-attributes.5.xml:736 +#: sssd-ldap-attributes.5.xml:862 msgid "Default: modifyTimestamp" msgstr ""