--- sssd-1.11.2.orig/.git-commit-template +++ sssd-1.11.2/.git-commit-template @@ -0,0 +1,9 @@ +COMPONENT: Subject + +Explanation + +Resolves: +https://fedorahosted.org/sssd/ticket/XXXX + +# Try to keep the subject line within 52 chars ----| +# Also please try to not exceed 72 characters of length for the body --| --- sssd-1.11.2.orig/.tx/config +++ sssd-1.11.2/.tx/config @@ -0,0 +1,13 @@ +[main] +host = https://www.transifex.com + +[sssd.master-po-sssd-pot] +file_filter = po/.po +source_file = po/sssd.pot +source_lang = en + +[sssd.sssd-docspot_1] +file_filter = src/man/po/.po +source_file = src/man/po/sssd-docs.pot +source_lang = en + --- sssd-1.11.2.orig/contrib/suse/sssd.spec.in +++ sssd-1.11.2/contrib/suse/sssd.spec.in @@ -0,0 +1,301 @@ +%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib(1))")} +%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")} + +Name: @PACKAGE_NAME@ +Version: @PACKAGE_VERSION@ +Release: 0@PRERELEASE_VERSION@%{?dist} +Group: Applications/System +Summary: System Security Services Daemon +# The entire source code is GPLv3+ except replace/ which is LGPLv3+ +License: GPLv3+ and LGPLv3+ +URL: http://fedorahosted.org/sssd/ +Source0: %{name}-%{version}.tar.gz +BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) + +%global dhash_version 0.4.0 + +### Patches ### + +### Dependencies ### + +Requires: libldb0 >= 0.9.3 +Requires: libtdb1 >= 1.1.3 +Requires: sssd-client = %{version}-%{release} +Requires: libdhash = %{dhash_version}-%{release} +Requires: cyrus-sasl-gssapi +Requires(post): python +Requires(preun): aaa_base procps filesystem +Requires(postun): /sbin/service + +%global servicename sssd +%global sssdstatedir %{_localstatedir}/lib/sss +%global dbpath %{sssdstatedir}/db +%global pipepath %{sssdstatedir}/pipes +%global pubconfpath %{sssdstatedir}/pubconf + +### Build Dependencies ### + +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool +BuildRequires: m4 +BuildRequires: popt-devel +BuildRequires: libtalloc-devel +BuildRequires: libtevent0-devel +BuildRequires: libtdb1-devel +BuildRequires: libldb0-devel +BuildRequires: libcares-devel +BuildRequires: dbus-1-devel +BuildRequires: dbus-1 +BuildRequires: openldap2-devel +BuildRequires: pam-devel +BuildRequires: mozilla-nss-devel +BuildRequires: mozilla-nspr-devel +BuildRequires: pcre-devel +BuildRequires: libxslt +BuildRequires: libxml2 +BuildRequires: docbook-xsl-stylesheets +BuildRequires: krb5-devel +BuildRequires: python-devel + + +%description +Provides a set of daemons to manage access to remote directories and +authentication mechanisms. It provides an NSS and PAM interface toward +the system and a pluggable backend system to connect to multiple different +account sources. It is also the basis to provide client auditing and policy +services for projects like FreeIPA. + +%package client +Summary: SSSD Client libraries for NSS and PAM +Group: Applications/System + +%description client +Provides the libraries needed by the PAM and NSS stacks to connect to the SSSD +service. + +%package -n libdhash +Summary: Dynamic hash table +Group: Development/Libraries +Version: %{dhash_version} +License: LGPLv3+ + +%description -n libdhash +A hash table which will dynamically resize to achieve optimal storage & access +time properties + +%package -n libdhash-devel +Summary: Development files for libdhash +Group: Development/Libraries +Version: %{dhash_version} +Requires: libdhash = %{dhash_version}-%{release} +License: LGPLv3+ + +%description -n libdhash-devel +A hash table which will dynamically resize to achieve optimal storage & access +time properties + + +%prep +%setup -q + +%build +%configure \ + --without-tests \ + --with-db-path=%{dbpath} \ + --with-pipe-path=%{pipepath} \ + --with-pubconf-path=%{pubconfpath} \ + --with-init-dir=%{_initrddir} \ + --enable-nsslibdir=/%{_lib} \ + --without-selinux \ + --without-semanage \ + --with-os=suse \ + --disable-static + +make %{?_smp_mflags} + +%install +rm -rf $RPM_BUILD_ROOT + +make install DESTDIR=$RPM_BUILD_ROOT + +# Remove the example files from the output directory +# We will copy them directly from the source directory +# for packaging +rm -f \ + $RPM_BUILD_ROOT/usr/share/doc/dhash/README \ + $RPM_BUILD_ROOT/usr/share/doc/dhash/examples/dhash_example.c \ + $RPM_BUILD_ROOT/usr/share/doc/dhash/examples/dhash_test.c + +# Prepare language files +/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_daemon +/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client + +# Copy default sssd.conf file +mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd +install -m600 server/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf +install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf +install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/ + +# Remove .la files created by libtool +rm -f \ + $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \ + $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \ + $RPM_BUILD_ROOT/%{_libdir}/libdhash.la \ + $RPM_BUILD_ROOT/%{_libdir}/ldb/memberof.la \ + $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \ + $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \ + $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \ + $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ipa.la \ + $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \ + $RPM_BUILD_ROOT/%{python_sitearch}/pysss.la + +if test -e $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so +then + # Apppend this file to the sss_daemon.lang + # Older versions of rpmbuild can only handle one -f option + echo %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so >> sss_daemon.lang +fi +for file in `ls $RPM_BUILD_ROOT/%{python_sitelib}/*.egg-info 2> /dev/null` +do + echo %{python_sitelib}/`basename $file` >> sss_daemon.lang +done + +%clean +rm -rf $RPM_BUILD_ROOT + +%files -f sss_daemon.lang +%defattr(-,root,root,-) +%doc COPYING +%{_initrddir}/%{name} +%{_sbindir}/sssd +%{_sbindir}/sss_useradd +%{_sbindir}/sss_userdel +%{_sbindir}/sss_usermod +%{_sbindir}/sss_groupadd +%{_sbindir}/sss_groupdel +%{_sbindir}/sss_groupmod +%{_sbindir}/sss_groupshow +%{_sbindir}/sss_debuglevel +%{_libexecdir}/%{servicename}/ +%{_libdir}/%{name}/ +%{_libdir}/ldb/memberof.so +%dir %{sssdstatedir} +%attr(700,root,root) %dir %{dbpath} +%attr(755,root,root) %dir %{pipepath} +%attr(755,root,root) %dir %{pubconfpath} +%attr(700,root,root) %dir %{pipepath}/private +%attr(750,root,root) %dir %{_var}/log/%{name} +%attr(700,root,root) %dir %{_sysconfdir}/sssd +%config(noreplace) %{_sysconfdir}/sssd/sssd.conf +%config %{_sysconfdir}/sssd/sssd.api.conf +%attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d +%config %{_sysconfdir}/sssd/sssd.api.d/ +%{_mandir}/man5/sssd.conf.5* +%{_mandir}/man5/sssd-ipa.5* +%{_mandir}/man5/sssd-krb5.5* +%{_mandir}/man5/sssd-ldap.5* +%{_mandir}/man8/sssd.8* +%{_mandir}/man8/sss_groupadd.8* +%{_mandir}/man8/sss_groupdel.8* +%{_mandir}/man8/sss_groupmod.8* +%{_mandir}/man8/sss_groupshow.8* +%{_mandir}/man8/sss_useradd.8* +%{_mandir}/man8/sss_userdel.8* +%{_mandir}/man8/sss_usermod.8* +%{_mandir}/man8/sss_debuglevel.8* +%{_mandir}/man8/sssd_krb5_locator_plugin.8* +%{python_sitearch}/pysss.so +%{python_sitelib}/*.py* + + +%files client -f sss_client.lang +%defattr(-,root,root,-) +/%{_lib}/libnss_sss.so.2 +/%{_lib}/security/pam_sss.so +%{_mandir}/man8/pam_sss.8* + +%files -n libdhash +%defattr(-,root,root,-) +%doc common/dhash/COPYING +%doc common/dhash/COPYING.LESSER +%{_libdir}/libdhash.so.1 +%{_libdir}/libdhash.so.1.0.0 + +%files -n libdhash-devel +%defattr(-,root,root,-) +%{_includedir}/dhash.h +%{_libdir}/libdhash.so +%{_libdir}/pkgconfig/dhash.pc +%doc common/dhash/README +%doc common/dhash/examples + +%post +/sbin/ldconfig +/sbin/chkconfig --add %{servicename} +if [ $1 -ge 2 ] ; then +# a one-time upgrade from confdb v1 to v2, only if upgrading + python %{_libexecdir}/%{servicename}/upgrade_config.py +fi + +%preun +if [ $1 = 0 ]; then + /sbin/service %{servicename} stop 2>&1 > /dev/null + /sbin/chkconfig --del %{servicename} +fi + +%postun +/sbin/ldconfig +if [ $1 -ge 1 ] ; then + /sbin/service %{servicename} condrestart 2>&1 > /dev/null +fi + +%post client -p /sbin/ldconfig + +%postun client -p /sbin/ldconfig + +%post -n libdhash -p /sbin/ldconfig + +%postun -n libdhash -p /sbin/ldconfig + +%changelog +* Mon Sep 28 2009 Sumit Bose - 0.6.0-0 +- New upstream release 0.6.0 + +* Fri Sep 25 2009 Simo Sorce - 0.5.0-1 +- Split package into server and clients components +- Convert to new config file format + +* Wed Sep 02 2009 Stephen Gallagher - 0.5.0-0 +- New upstream release 0.5.0 + +* Mon May 18 2009 Stephen Gallagher - 0.4.0-1 +- Convert build system to automake + +* Mon Apr 20 2009 Jakub Hrozek - 0.3.2-1 +- bugfix release 0.3.2 + +* Mon Apr 13 2009 Simo Sorce - 0.3.1-1 +- bugfix release + +* Sun Apr 12 2009 Stephen Gallagher - 0.3.0-2 +- Remove InfoPipe from RPM build + +* Sun Apr 12 2009 Stephen Gallagher - 0.3.0-1 +- Convert to using /etc/sssd/sssd.conf for configuration + +* Tue Mar 10 2009 Simo Sorce - 0.2.1-1 +- Bump up to version 0.2.1 + +* Fri Mar 06 2009 Jakub Hrozek - 0.1.0-4 +- fixed items found during review +- added initscript + +* Thu Mar 05 2009 Sumit Bose - 0.1.0-3 +- added sss_client + +* Mon Feb 23 2009 Jakub Hrozek - 0.1.0-2 +- Small cleanup and fixes in the spec file + +* Thu Feb 12 2009 Stephen Gallagher - 0.1.0-1 +- Initial release (based on version 0.1.0 upstream code) --- sssd-1.11.2.orig/debian/README.source +++ sssd-1.11.2/debian/README.source @@ -0,0 +1,58 @@ +This package uses quilt to manage all modifications to the upstream +source. Changes are stored in the source package as diffs in +debian/patches and applied during the build. + +To configure quilt to use debian/patches instead of patches, you want +either to export QUILT_PATCHES=debian/patches in your environment +or use this snippet in your ~/.quiltrc: + + for where in ./ ../ ../../ ../../../ ../../../../ ../../../../../; do + if [ -e ${where}debian/rules -a -d ${where}debian/patches ]; then + export QUILT_PATCHES=debian/patches + break + fi + done + +To get the fully patched source after unpacking the source package, cd to +the root level of the source package and run: + + quilt push -a + +The last patch listed in debian/patches/series will become the current +patch. + +To add a new set of changes, first run quilt push -a, and then run: + + quilt new + +where is a descriptive name for the patch, used as the filename in +debian/patches. Then, for every file that will be modified by this patch, +run: + + quilt add + +before editing those files. You must tell quilt with quilt add what files +will be part of the patch before making changes or quilt will not work +properly. After editing the files, run: + + quilt refresh + +to save the results as a patch. + +Alternately, if you already have an external patch and you just want to +add it to the build system, run quilt push -a and then: + + quilt import -P /path/to/patch + quilt push -a + +(add -p 0 to quilt import if needed). as above is the filename to +use in debian/patches. The last quilt push -a will apply the patch to +make sure it works properly. + +To remove an existing patch from the list of patches that will be applied, +run: + + quilt delete + +You may need to run quilt pop -a to unapply patches first before running +this command. --- sssd-1.11.2.orig/debian/apparmor-profile +++ sssd-1.11.2/debian/apparmor-profile @@ -0,0 +1,42 @@ +#include + +/usr/sbin/sssd { + #include + #include + #include + #include + + capability dac_override, + capability dac_read_search, + capability setgid, + capability setuid, + capability sys_nice, + + @{PROC} r, + @{PROC}/[0-9]*/status r, + + /etc/krb5.keytab k, + /etc/ldap/ldap.conf r, + /etc/localtime r, + /etc/shells r, + /etc/sssd/sssd.conf r, + + /usr/sbin/sssd rmix, + /usr/lib/@{multiarch}/ldb/modules/ldb/* m, + /usr/lib/@{multiarch}/sssd/* rix, + + /tmp/{,.}krb5cc_* rwk, + + /var/lib/sss/* rw, + /var/lib/sss/db/* rwk, + /var/lib/sss/pipes/* rw, + /var/lib/sss/pipes/private/* rw, + /var/lib/sss/pubconf/* rw, + /var/log/sssd/* rw, + /var/tmp/host_* rw, + + /{,var/}run/sssd.pid rw, + + # Site-specific additions and overrides. See local/README for details. + #include +} --- sssd-1.11.2.orig/debian/changelog +++ sssd-1.11.2/debian/changelog @@ -0,0 +1,476 @@ +sssd (1.11.2-1) UNRELEASED; urgency=low + + * New upstream release. + * rules, sssd-common.install: Use the correct path for the systemd + service file. + * control: Build depend on libpam0g-dev | libpam-dev. + + -- Timo Aaltonen Wed, 06 Nov 2013 14:03:36 +0200 + +sssd (1.11.1-1) unstable; urgency=low + + * New upstream release. + * sssd-common.postinst, generate-config: Don't create a config on install, + drop generate-config. (Closes: #717587) + * sssd-common.postrm: Remove /etc/apparmor.d too, if empty. + * control, rules, sssd-common.install: Install the systemd service + file provided by upstream. + * control: Drop M-A: foreign from sssd-* and add back to sssd instead. + * control: Don't hardcode 'multiarch-support'. + * control: Drop unnecessary multiarch declarations. + * control: Drop obsolete Breaks/Conflicts. + * rules: Enable parallel build. + * control: Add libltdl-dev to build-depends. + * control: Prepare for new unified samba package, adjust build- + dependencies. Thanks, Ivo De Decker! (Closes: #725992) + + -- Timo Aaltonen Tue, 06 Aug 2013 17:04:28 +0300 + +sssd (1.10.0-1) unstable; urgency=low + + [ Timo Aaltonen ] + * New upstream release (Closes: #693054, #705357, #711101) + * Update the packaging for the new version, thanks Esko Järnfors! + - Add libsss-idmap0, libsss-idmap-dev packages + - Add sssd Depends on libsss-idmap0 + - Add /var/lib/sss/mc directory for the new mmap cache + * Split authentication providers to separate packages and make sssd + a metapackage. + * control: Drop libunistring-dev from build-depends and add libglib2.0-dev + for unicode support. + * sssd-*.install: Install new manpages. + * python-sss.install: py-files got moved under SSSDConfig. + * control, rules: Use default build flags, bump dpkg-dev build-dep to + 1.16.1~. + * rules: Install the apparmor profile with -m644. + * python-sss: Add pysss_murmur.so. + * rules, control, sssd-ad-common.install: PAC responder support. + - Add libndr-dev, libndr-standard-dev, libsamba-util-dev, samba4-dev, + libdcerpc-dev to build-depends + - Add -I/usr/include/samba-4.0 to CFLAGS + * control: Mark sssd-common as Multi-Arch: foreign. + * watch: Add a comment about the upstream git tree. + * Replace perl snippet from libnss-sss.post* with sed, drop perl from + Depends. (Closes: #686237) + * compat: Bump compat to 9. + * rules: Set DEB_HOST_MULTIARCH, drop --libdir and remnants of cdbs. + * sssd-common.install: Install the support binaries under the multiarch path. + * rules,sssd-common.postinst: Move generate-config to /usr/share/sssd. + * rules, sssd-common.install: Use the correct install path for the + krb5_locator plugin. + * libnss-sss.postinst: SSSD doesn't handle shadow maps, so don't pretend + that it would. + * libsss-sudo*, control: Remove the soname from the library, move .so to + the libsss-sudo, drop -dev package. + * rules: Pass --datadir, so the path in autogenerated python files is + correctly substituted. (LP: #1079938) + * sssd-krb5-common.dirs: Add krb5 include dir. + * fix-cve-2013-0219*.diff, -0220.diff: Dropped, included upstream. + * libsss-sudo.postrm: Run ldconfig on remove/purge. + * apparmor-profile: Fix the profile to use the multiarch path for it's + helper location (LP: #1175317). + * Add packaging for libsss-nss-idmap0, libsss-nss-idmap-dev, + python-libsss-nss-idmap. + * watch: Updated to work with alpha/beta releases. + * control: Migrate to libnl-3 now that it's supported. (Closes: #688174) + * sssd-common.{preinst,postrm}: Install the apparmor profile in force-complain + mode on install, and remove the profile directory on purge (if empty). Also + migrate from previous setup which installed it as disabled. + (Closes: #676140) + * control: Bump policy to 3.9.4, no changes. + * control: Add libpam-pwquality (>= 1.2.2-1) to libpam-sss depends, which + makes the password stack work in all cases. (LP: #1159983) + * control: Drop check from build-depends for now, to work around a linking bug + in check (#712140) that makes the tests fail on (at least) i386. + + [ Stéphane Graber ] + * Add postinst/postrm script for libsss-sudo. Those will add a "sudoers" + entry to /etc/nsswitch.conf upon first installation of the package and + will then take care of adding/removing sss from the stack as required. + * Set CK_DEFAULT_TIMEOUT to 30 so that slower buildds (armhf at least) can + run the tests without hitting the default 4s timeout. + + -- Timo Aaltonen Fri, 05 Jul 2013 14:53:06 +0300 + +sssd (1.8.4-2) unstable; urgency=low + + * fix-cve-2013-0219-1.diff, fix-cve-2013-0219-2.diff, + fix-cve-2013-0220.diff: Upstream commits from the stable tree to fix + recent CVE reports. (Closes: #698871) + + -- Timo Aaltonen Wed, 27 Feb 2013 23:38:28 +0200 + +sssd (1.8.4-1) unstable; urgency=low + + * New upstream bugfix release 1.8.2. + - Several fixes to case-insensitive domain functions + - Fix for GSSAPI binds when the keytab contains unrelated + principals + - Fixed several segfaults + - Workarounds added for LDAP servers with unreadable RootDSE + - SSH knownhostproxy will no longer enter an infinite loop + preventing login + - The provided SYSV init script now starts SSSD earlier at startup + and stops it later during shutdown + - Assorted minor fixes for issues discovered by static analysis + tools + * New upstream bugfix release 1.8.3. + - Numerous manpage and translation updates + - LDAP: Handle situations where the RootDSE isn't available anonymously + - LDAP: Fix regression for users using non-standard LDAP attributes for + user information + * New upstream bugfix release 1.8.4. (LP: #981125, #985031) + - Fix a bug causing AD servers not to fail over properly when the KDC + on the primary server is down + - Fix an endianness bug on big-endian systems when looking up services + - Fix a segfault dealing with nested groups (LP: #981125) + - Make the nowait cache updates work for netgroups + - Fix a regression that broke domains with use_fully_qualified_names = True + (LP: #985031) + * control: Move the dependency of libsasl2-modules-gssapi-mit to + Recommends. + * control: sssd works with Heimdal gssapi modules too, add + libsasl2-modules-gssapi-mit as an option for the Recommends. + (LP: #966146) + * libpam-sss.pam-auth-update: + - Drop the dependency to 128, since pam_sss should always be below + pam_unix. (LP: #957486) + - Drop 'use_authtok' from the password stack, since it only works when + pam_cracklib is installed. This will allow password changes on the + default install. + * sssd.postrm: Try to remove /etc/sssd only if it exists. + (Closes: #666226) + * Add disabled by default Apparmor profile (LP: #933342) + - debian/sssd.upstart.in: load the profile during pre-start + - add debian/apparmor-profile, install to /etc/apparmor.d + - debian/rules: use dh_apparmor to install profile before sssd is + restarted + - debian/control: sssd Suggests apparmor (>= 2.3) + - debian/control: Add dh-apparmor to build-depends + - debian/sssd.preinst: disable profile on clean install or upgrades + from earlier than when we shipped the profile + * rules: Mangle the date stamp on pam_sss.8 so that the compressed file is + identical across all archs. (Closes: #670019) + * control: Add build-depends on libnl-dev to enable Netlink support. + * control: Add build-depends on libkeyutil-dev to enable support for + kernel keyring manipulation. + * sssd.logrotate: Rotate logs weekly, keep four previous rotations. + (Closes: #672984) + * sssd.upstart.in: Delete an invisible control character from the pre-start + script. (LP: #1003845) + + -- Timo Aaltonen Fri, 01 Jun 2012 11:43:42 +0300 + +sssd (1.8.1-1) unstable; urgency=low + + * New maintainer, Debian SSSD Team. (Closes: #660985) + + [ Timo Aaltonen ] + * New upstream release (1.8.1) (Closes: #647980, #624194, #639965) + - Support for the service map in NSS + - Support for setting default SELinux user context from FreeIPA + - Support for retrieving SSH user and host keys from LDAP (Experimental) + - Support for caching autofs LDAP requests (Experimental) + - Support for caching SUDO rules (Experimental) + * Update build-deps: + - Add libunistring-dev, libdhash-dev, libcollection-dev and + libini-config-dev. + - Add check for unit tests. + - Drop cvs and python-central. + - Migrate to dh, drop cdbs build-dep, add quilt, dh-autoreconf and + autopoint to build-deps. + * Add new packages: + - libipa-hbac0, libipa-hbac-dev, libsss-sudo0, libsss-sudo-dev, + and python-libipa-hbac. + - Split sssd-tools: add Breaks/Replaces sssd (<< 1.8.0~beta3-1) and + add to sssd Suggests + * Drop patch to ensure LDAP authentication never accept a zero + length password, which is now included upstream. + * sssd.upstart.ubuntu: + - Don't start before net-device-up. (LP: 812943) + - Source /etc/default/sssd. (LP: 812943) + * sssd.default: Added a file to include the sssd daemon defaults, + currently has '-D -f'. + * sssd.init: Drop separate OPTIONS, '-D' comes from /etc/default/sssd + now.. + * rules: Install the Python API files to /usr/share/sssd, as discussed + with upstream. (LP: 859611) + * fix-python-api-path.dpatch: Use the new location for the API files. + (LP: 859611) + * libpam-sss.pam-auth-update: + - Add 'forward_pass' to auth stack to fix ecryptfs mounts. (LP: 826643) + - Add pam_localuser.so to account stack to allow local users to log in. + (LP: 860488) + * control: sssd now Recommends libpam-sss and libnss-sss, since sssd is + mostly useless without them. (LP: 767337) + * control, compat: Bump debhelper build-dep and compat level to 8. + * Switch patch-system to quilt. + * Do not install a working config file by default. The local domain + definition was broken (upstream #1014). The daemon will need to be + configured by other means before it's usable. + * Add support for Multi-Arch (Closes: #634123). + * Remove unnecessary libnss-sss.links. + * libnss-sss.overrides: Add an override for + "package-name-doesnt-match-sonames". + * Determine the used init system during build, add lsb-release to + build-deps. Default to sysvinit, use upstart if Ubuntu. + * sssd.upstart.in: Test if the config file exists, and exit if not. + * Fail gracefully if invoke-rc.d returns an error on postinst/prerm, like + when the daemon fails to start when there is no config file. + * sssd.init.in: Check that /etc/default/sssd is a real file before sourcing + it (Closes: #587895). + * control: Add libsasl2-modules-gssapi-mit and libsasl2-modules-ldap to + Recommends for sssd. + * rules: Move the rule for purging .la files before dh_install + (Closes: #633206). + * sssd.install: Fix the wildcard for plugins to include .so symlinks. + * rules: Add configure flags + - Disable RPATH + - Disable building static libs + - Enable ssh user and host key retrieval, autofs request + and sudo rules caching. The respective packages need to add support + for these to be useful. + * Drop fix-python-api-path.patch, included upstream. + * sssd.examples: Install the renamed example config. + * rules: Drop special handling of the sssd.api.d, upstream uses + the proper path now. + * rules: Add --fail-missing to dh_install. + * sssd.install: Add new files. + * libpam-sss.install, control: Move pam_sss.8 to the correct package, + add Breaks/Replaces. + * rules: Remove some files we don't want to install, to make dh_install + happy. + * rules: Clean po/*.gmo, po/stamp-po and *.pyc. + * Install lintian overrides using dh_lintian. + * {sssd,libnss-sss}.lintian-overrides: Update. + * Move libsasl2-modules-gssapi to sssd Depends to make sure it gets + installed, as it's needed in most cases. + * control: Update maintainer address and repo location. + * control: Bump the Standards-Version to 3.9.3, no changes. + * control: Bump the debhelper build-dep to 9. + * control: Add ${misc:Depends} to libipa-hbac*, libsss-sudo*. + * control, rules: Migrate to dh_python2 (Closes: #617071). + * control: Add myself to uploaders. + + [ Petter Reinholdtsen ] + * New upstream version 1.2.4: + - Resolves long-standing issues related to group processing with + RFC2307bis LDAP servers. + - Fixed bugs in RFC2307bis group memberships related to initgroups + (Closes: #595564). + - Fix tight-loop bug on systems with older OpenLDAP client + libraries (such as Red Hat Enterprise Linux 5) + * New Upstream Version 1.2.3: + - Resolves CVE-2010-2940. + * New Upstream Version 1.2.2: + - The LDAP provider no longer requires access to the LDAP + RootDSE. If it is unavailable, we will continue on with our best + guess. + - The LDAP provider will now log issues with TLS and GSSAPI to the + syslog. + - Significant performance improvement when performing initgroups + on users who are members of large groups in LDAP. + - The sss_client will now reconnect properly to the SSSD if the + daemon is restarted. + * This resolves an issue causing GDM to crash when logging out + of a user after the SSSD had been restarted. + * Correct package description for python-sss (Closes: #596215). + * Update Standards-Version from 3.8.4 to 3.9.1. No changes needed. + + [ Stéphane Graber ] + * Fix prerm invoke_failure hook to simply return as empty functions + are invalid shell syntax. + + -- Timo Aaltonen Thu, 22 Mar 2012 13:28:27 +0200 + +sssd (1.2.1-4.4) unstable; urgency=low + + * Non-maintainer upload. + * Fix FTBFS with -Werror=format-security. Thanks Philippe De Swert for patch. + (Closes: #643806). + + -- Hector Oron Sun, 19 Feb 2012 19:33:04 +0000 + +sssd (1.2.1-4.3) unstable; urgency=medium + + * Non-maintainer upload. + * Adjust install path to consider GNU triplet (Closes: #640626). + + -- Luca Falavigna Tue, 20 Sep 2011 20:02:34 +0200 + +sssd (1.2.1-4.2) unstable; urgency=low + + * Non-maintainer upload. + * debian/sssd.install + - updated location for ldb modules; Closes: #618159 + + -- Sandro Tosi Fri, 03 Jun 2011 23:53:59 +0200 + +sssd (1.2.1-4.1) unstable; urgency=medium + + * Non-maintainer upload by the Security Team + * Fix CVE-2010-4341 (Closes: #610032) + + -- Moritz Muehlenhoff Tue, 25 Jan 2011 22:09:21 +0100 + +sssd (1.2.1-4) unstable; urgency=low + + * Add patch from Stephen Gallagher to ensure LDAP authentication + never accept a zero length password (Closes: #594413). Solves + CVE-2010-2940. + + -- Petter Reinholdtsen Wed, 25 Aug 2010 22:33:40 +0200 + +sssd (1.2.1-3) unstable; urgency=low + + [ Petter Reinholdtsen ] + * Look for /etc/default/sssd, not /etc/defaults/sssd in init.d + script (Closes: #588252). + * Make sssd.conf generation more robust, and make sure missing SRV + records are ignored and not handled as host names. + * Add code in generate-config to look up Kerberos realm using + _kerberos TXT record in DNS if it exist. + * Recommend bind9-host used by generate-config for SRV and TXT + lookups. + + [ Morten Werner Forsbring ] + * Check if /etc/default/sssd is a file and executable, not a directory, + before sourcing in init-script. Thanks to lintian. + + -- Morten Werner Forsbring Thu, 12 Aug 2010 16:31:14 +0200 + +sssd (1.2.1-2) unstable; urgency=low + + * Make sure init.d script sources /etc/default/sssd (Closes: #588252). + * Drop /etc/default/sssd from package, to avoid conffile question + from dpkg during upgrades. + * Make sure to only remove obsolete sssd conffiles on upgrades, not + on first time installation. + * Add new script generate-config and call it from the sssd postinst + during first time installation to try to generate the sssd.conf + file dynamically for LDAP and Kerberos using DNS entries, and fall + back to the static example configuration if this fail. + * Let sssd suggest libnss-sss and libpam-sss, to make those + installing sssd aware of the other packages. + * Add netgroup to nsswitch.conf entries added at first time + installation, to make sure those installing now get working + netgroups when sssd get netgroup support + * Let sssd recommend ldap-utils as ldapsearch is used for generating + the configuration. + + -- Petter Reinholdtsen Fri, 06 Aug 2010 23:44:26 +0200 + +sssd (1.2.1-1) unstable; urgency=low + + [ Petter Reinholdtsen ] + * Move calls to pam-auth-update from the package scripts in sssd to + libpam-sss, and correct prerm call to remove the correct pam config. + Add versioned dependency on libpam-runtime to make sure + pam-auth-update is available. + * Add code to the postinst and postrm of libnss-sss to update + passwd, group and shadow entries in /etc/nsswitch.conf. + * Make sure init.d/sssd start after $named, to ensure it can look up + in DNS also when the DNS server is on the local machine. + + [ Morten Werner Forsbring ] + * New upstream release. + + -- Morten Werner Forsbring Thu, 24 Jun 2010 14:16:30 +0200 + +sssd (1.2.0-1) unstable; urgency=low + + [ Petter Reinholdtsen ] + * New upstream release. + - Add libsemanage1-dev as build dependency, as it is now required. + - Drop python-build-with-deb-layout.dpatch, now handled upstream. + - Adjust provide-default-working-sssd-config-file.dpatch to + work with new package source layout and config file content. + - Adjust build rules to cope with server/ changing to src/ in the + source tarball. + - Add --enable-krb5-locator-plugin to keep building the plugin. + * Change the pam-auth-update configuration to make the session + script optional instead of sufficient, to make sure the other + session modules are executed too. + * Change initial pam password entry from requisite to sufficient, + to make sure local users can have their password set even if + sssd is enabled. + * Rename pam-configs/sssd to pam-configs/sss, to have a name that + is consistent with the package name libpam-sss. + * Add VCS links to the GIT repository. + * Move configuration API documentation from /etc/sssd/ to + /usr/share/doc/sssd/. It is not configuration and do not belong + in /etc/. + * Drop autoconf, automake, libtool, m4 and autotools-dev from + build-depends. There is no need to regenerate the build files any + more. + + [ Morten Werner Forsbring ] + * Add dnsutils as build-dependency. + + -- Morten Werner Forsbring Tue, 01 Jun 2010 20:41:59 +0200 + +sssd (1.0.5-1) unstable; urgency=low + + * Initial upload based on package from Ubuntu (Closes: #579593). + * Update standards-version from 3.8.3 to 3.8.4. No changes needed. + * Add init.d script and rename sssd.upstart to sssd.upstart.ubuntu + to make sure init.d script is installed instead of upstart job. + * Add draft pam-auth-update configuration based on proposals in + Launcepad bug #557398. + * Update address to FSF in copyright file. Thanks lintian. + * Set section for python-sss to python after advice from lintian. + * Rewrite python-build-with-deb-layout.dpatch to patch Makefile.in + instead of Makefile.am, to avoid having to run autoreconf. + * Make sssd depend on python for its upgrade script. + * Extend clean rule to remove generated file server/config/.files. + * Make sure sssd.api.conf is installed into the sssd package, and + put it in /etc/sssd/sssd.api.conf. Fixes typo in Ubuntu package. + + -- Petter Reinholdtsen Wed, 05 May 2010 21:53:29 +0200 + +sssd (1.0.5-0ubuntu1) lucid; urgency=low + + * New upstream bugfix release. (LP: #510290) + * sssd.dirs: Add /var/lib/sss/pubconf (LP: #557394) + + -- Timo Aaltonen Fri, 16 Apr 2010 11:37:16 +0300 + +sssd (1.0.2-0ubuntu2) lucid; urgency=low + + * No change rebuild due to libldb downgrade + + -- Scott Kitterman Fri, 02 Apr 2010 17:48:19 -0400 + +sssd (1.0.2-0ubuntu1) lucid; urgency=low + + * New upstream release (LP: #473262): + - python API for managing sssd daemon configuration and + native SSSD users. + - support for asynchronous cache refreshes. + - support password changing in LDAP and Kerberos providers. + - support for server failover. + * debian/control: + - update tdb build dependency to use libtdb-dev. + - add libselinux1-dev and libsasl2-dev build dependencies. + * debian/sssd.upstart: replace init script with an upstart job. + * Turn sssd.conf into a configuration file. + * Create sssd log directory. + + -- Mathias Gug Tue, 19 Jan 2010 15:17:13 -0500 + +sssd (0.5.0-0ubuntu2) karmic; urgency=low + + * debian/libnss-sss.overrides, debian/sssd.overrides: + + Fix linitian errors and warnings (LP: #425697): + sssd ships an nss library - these are false-positives. + * debian/fix-dbus-watch.dpatch: Update dbus-patch to final + upstream version. + * debian/fix-proxy-segfault.dpatch: Fix proxy enumeration. + + -- Mathias Gug Wed, 09 Sep 2009 20:21:04 -0400 + +sssd (0.5.0-0ubuntu1) karmic; urgency=low + + * Initial release. + + -- Mathias Gug Mon, 24 Aug 2009 16:35:11 -0400 --- sssd-1.11.2.orig/debian/compat +++ sssd-1.11.2/debian/compat @@ -0,0 +1 @@ +9 --- sssd-1.11.2.orig/debian/control +++ sssd-1.11.2/debian/control @@ -0,0 +1,318 @@ +Source: sssd +Section: utils +Priority: extra +Maintainer: Debian SSSD Team +Uploaders: Timo Aaltonen +Build-Depends: debhelper (>= 9), quilt, dh-autoreconf, autopoint, lsb-release, + dpkg-dev (>= 1.16.1~), + dnsutils, + libpopt-dev, + libdbus-1-dev, + libkeyutils-dev, + libldap2-dev, + libpam0g-dev | libpam-dev, + libnl-3-dev, + libnl-route-3-dev, + libnss3-dev, + libnspr4-dev, + libpcre3-dev, + libselinux1-dev, + libsasl2-dev, + libtevent-dev, + libldb-dev, + libtalloc-dev, + libtdb-dev, + libltdl-dev, + xml-core, + docbook-xsl, + docbook-xml, + libxml2-utils, + xsltproc, + krb5-config, + libkrb5-dev, + libc-ares-dev, + python-dev (>= 2.6.6-3~), + libsemanage1-dev, + libdhash-dev, + libcollection-dev, + libini-config-dev, +# check, + dh-apparmor, + libglib2.0-dev, + samba-dev, + dh-systemd (>= 1.5), +Standards-Version: 3.9.4 +Vcs-Git: git://git.debian.org/git/pkg-sssd/sssd +Vcs-Browser: http://git.debian.org/?p=pkg-sssd/sssd.git +Homepage: https://fedorahosted.org/sssd/ + +Package: sssd +Section: metapackages +Architecture: any +Multi-Arch: foreign +Pre-Depends: ${misc:Pre-Depends} +Depends: ${misc:Depends}, + sssd-common (= ${binary:Version}), + sssd-ad (= ${binary:Version}), + sssd-ipa (= ${binary:Version}), + sssd-krb5 (= ${binary:Version}), + sssd-ldap (= ${binary:Version}), + sssd-proxy (= ${binary:Version}), + python-sss (= ${binary:Version}), +Description: System Security Services Daemon -- metapackage + Provides a set of daemons to manage access to remote directories and + authentication mechanisms. It provides an NSS and PAM interface toward + the system and a pluggable backend system to connect to multiple different + account sources. It is also the basis to provide client auditing and policy + services for projects like FreeIPA. + . + This package is a metapackage which installs the daemon and existing + authentication back ends. + +Package: sssd-common +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + python, + python-sss, +Recommends: + bind9-host, + libnss-sss, + libpam-sss, + libsss-sudo, +Suggests: + apparmor, + sssd-tools +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- common files + Provides a set of daemons to manage access to remote directories and + authentication mechanisms. It provides an NSS and PAM interface toward + the system and a pluggable backend system to connect to multiple different + account sources. It is also the basis to provide client auditing and policy + services for projects like FreeIPA. + . + This package provides the daemon and other common files needed by the + authentication back ends. + +Package: sssd-ad +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), + sssd-ad-common (= ${binary:Version}), + sssd-krb5-common (= ${binary:Version}), + libsss-idmap0 (= ${binary:Version}), +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- Active Directory back end + Provides the Active Directory back end that the SSSD can utilize to fetch + identity data from and authenticate against an Active Directory server. + +Package: sssd-ad-common +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- PAC responder + Provides the PAC responder that the AD and IPA backends can use for + fetching additional attributes from the kerberos ticket. + +Package: sssd-ipa +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), + sssd-ad-common (= ${binary:Version}), + sssd-krb5-common (= ${binary:Version}), + libipa-hbac0 (= ${binary:Version}), + libsss-idmap0 (= ${binary:Version}), +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- IPA back end + Provides the IPA back end that the SSSD can utilize to fetch identity data + from and authenticate against an IPA server. + +Package: sssd-krb5 +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), + sssd-krb5-common (= ${binary:Version}), +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- Kerberos back end + Provides the Kerberos back end that the SSSD can utilize authenticate + against a Kerberos server. + +Package: sssd-krb5-common +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), +Recommends: + libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal, +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- Kerberos helpers + Provides helper processes that the LDAP and Kerberos back ends can use for + Kerberos user or host authentication. + +Package: sssd-ldap +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), + sssd-krb5-common (= ${binary:Version}), + libsss-idmap0 (= ${binary:Version}), +Recommends: + ldap-utils, + libsasl2-modules-ldap, +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- LDAP back end + Provides the LDAP back end that the SSSD can utilize to fetch identity data + from and authenticate against an LDAP server. + +Package: sssd-proxy +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), +Breaks: sssd (<< 1.10.0~beta2-1), +Replaces: sssd (<< 1.10.0~beta2-1), +Description: System Security Services Daemon -- proxy back end + Provides the proxy back end which can be used to wrap an existing NSS and/or + PAM modules to leverage SSSD caching. + +Package: sssd-tools +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, + sssd-common (= ${binary:Version}), + python, +Description: System Security Services Daemon -- tools + Provides a set of daemons to manage access to remote directories and + authentication mechanisms. It provides an NSS and PAM interface toward + the system and a pluggable backend system to connect to multiple different + account sources. It is also the basis to provide client auditing and policy + services for projects like FreeIPA. + . + This package provides tools to manage users, groups and nested groups when + using the local id provider. + +Package: libnss-sss +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Pre-Depends: ${misc:Pre-Depends} +Recommends: sssd +Multi-Arch: same +Description: Nss library for the System Security Services Daemon + Provides a set of daemons to manage access to remote directories and + authentication mechanisms. It provides an NSS and PAM interface toward + the system and a pluggable backend system to connect to multiple different + account sources. It is also the basis to provide client auditing and policy + services for projects like FreeIPA. + . + This package provide the nss library to connect to the sssd daemon. + +Package: libpam-sss +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (>= 1.0.1-6), + libpam-pwquality (>= 1.2.2-1), +Recommends: sssd +Multi-Arch: same +Description: Pam module for the System Security Services Daemon + Provides a set of daemons to manage access to remote directories and + authentication mechanisms. It provides an NSS and PAM interface toward + the system and a pluggable backend system to connect to multiple different + account sources. It is also the basis to provide client auditing and policy + services for projects like FreeIPA. + . + This package provide the pam module to connect to the sssd daemon. + +Package: libipa-hbac0 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, +Description: FreeIPA HBAC Evaluator library + Utility library to validate FreeIPA HBAC rules for authorization requests. + +Package: libipa-hbac-dev +Section: libdevel +Architecture: any +Depends: ${misc:Depends}, libipa-hbac0 (= ${binary:Version}) +Description: FreeIPA HBAC Evaluator library + Utility library to validate FreeIPA HBAC rules for authorization requests. + . + This package contains header files and symlinks to develop programs which will + use the libipa-hbac library. + +Package: libsss-idmap0 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, +Description: ID mapping library for SSSD + Utility library to convert SIDs to Unix uids and gids. + +Package: libsss-idmap-dev +Section: libdevel +Architecture: any +Depends: ${misc:Depends}, libsss-idmap0 (= ${binary:Version}) +Description: ID mapping library for SSSD -- development files + Utility library to convert SIDs to Unix uids and gids. + . + This package contains header files and symlinks to develop programs which will + use the libsss-idmap library. + +Package: libsss-nss-idmap0 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, +Description: SID based lookups library for SSSD + Utility library for SID based lookups. + +Package: libsss-nss-idmap-dev +Section: libdevel +Architecture: any +Depends: ${misc:Depends}, libsss-nss-idmap0 (= ${binary:Version}) +Description: SID based lookups library for SSSD -- development files + Utility library for SID based lookups. + . + This package contains header files and symlinks to develop programs which will + use the libsss-nss-idmap library. + +Package: libsss-sudo +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, +Replaces: libsss-sudo-dev (<= 1.9.3) +Description: Communicator library for sudo + Utility library to allow communication between sudo and SSSD for caching + sudo rules by SSSD. + +Package: python-libipa-hbac +Section: python +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, + libipa-hbac0 (= ${binary:Version}) +Description: Python bindings for the FreeIPA HBAC Evaluator library + The libipa_hbac-python contains the bindings so that libipa_hbac can be + used by Python applications. + +Package: python-libsss-nss-idmap +Section: python +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, + libsss-nss-idmap0 (= ${binary:Version}) +Description: Python bindings for the SID lookups library + This package contains the bindings for libnss_sss_idmap to be used by + Python applications. + +Package: python-sss +Section: python +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends} +Provides: ${python:Provides} +Recommends: sssd +Description: Python module for the System Security Services Daemon + Provides a set of daemons to manage access to remote directories and + authentication mechanisms. It provides an NSS and PAM interface toward + the system and a pluggable backend system to connect to multiple different + account sources. It is also the basis to provide client auditing and policy + services for projects like FreeIPA. + . + This package provide a module to access the configuration of the sssd daemon. --- sssd-1.11.2.orig/debian/copyright +++ sssd-1.11.2/debian/copyright @@ -0,0 +1,223 @@ +This package was debianized by Mathias Gug on +Wed, 05 Aug 2009 08:58:56 +0100. + +It was downloaded from https://fedorahosted.org/sssd/ + +Upstream Authors: + Dmitri Pal + Jakub Hrozek + Simo Sorce + Stephen Gallagher + Sumit Bose + +Copyright: + + Copyright (C) Red Hat 2008, 2009 + + Copyright (C) Dmitri Pal 2009 + Copyright (C) Jakub Hrozek 2009 + Copyright (C) Simo Sorce 2007, 2008, 2009 + Copyright (C) Stephen Gallagher 2008,2009 + Copyright (C) Sumit Bose 2009 + + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Andrew Tridgell 1992-2006 + Copyright (C) James J Myers 2003 + Copyright (C) Jelmer Vernooij 2002, 2006, 2007 + Copyright (C) Jeremy Allison 1998-2002, 2007 + Copyright (C) Martin Pool 2002 + Copyright (C) Michael Adam 2008 + Copyright (C) Tim Potter 2000 + Copyright (c) 1997 Kungliga Tekniska Högskolan + + Copyright (c) 1996-2005, The PostgreSQL Global Development Group + Copyright (c) 1994, The Regents of the University of California + Copyright (c) 1996-2007, PostgreSQL Global Development Group + Copyright (C) 1996-2001 Internet Software Consortium. + + +License: + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +The Debian packaging is Copyright (C) Canonical Ltd 2009 and is licensed under +the GPL-3 or later, see `/usr/share/common-licenses/GPL-3'. + +======================== +replace/repdir_getdents.c +replace/test/testsuite.c +replace/test/main.c +replace/getpass.c +replace/replace.c +replace/socketpair.c +replace/inet_ntoa.c +replace/strptime.c +replace/inet_aton.c +replace/dlfcn.c +replace/repdir_getdirentries.c +common/collection/* +common/ini/* +======================== +License: LGPL3 or later - see `/usr/share/common-licenses/LGPL-3'. + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 3 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, see . + + +=================== +sss_client/group.c +sss_client/common.c +sss_client/passwd.c +=================== +License: LGPL (v2.1 or later) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, + USA. + + +===================== +replace/getaddrinfo.c +replace/getaddrinfo.h +===================== + + Permission to use, copy, modify, and distribute this software and its + documentation for any purpose, without fee, and without a written agreement + is hereby granted, provided that the above copyright notice and this paragraph + and the following two paragraphs appear in all copies. + + IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR + DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING + LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, + EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + + THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS + ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS + TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. + +=================== +replace/inet_pton.c +replace/inet_ntop.c +=================== +License: ISC + + Permission to use, copy, modify, and distribute this software for any + purpose with or without fee is hereby granted, provided that the above + copyright notice and this permission notice appear in all copies. + + THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM + DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, + INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING + FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, + NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION + WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +================ +replace/timegm.c +================ +License: BSD (3 clause) + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + 3. Neither the name of the Institute nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + +================== +replace/snprintf.c +================== + + This code is based on code written by Patrick Powell (papowell@astart.com) + It may be used for any purpose as long as this notice remains intact + on all source code distributions + +=========================== +sss_client/sss_cli.h +sss_client/protos.h +sss_client/sss_pam_macros.h +sss_client/sss_errno.h +=========================== + + You can used this header file in any way you see fit provided copyright + notices are preserved. + +============================= +server/resolv/ares/ares_dns.h +============================= + + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. + +============================= +server/util/nss_sha512crypt.c +============================= + + Released into the Public Domain by Ulrich Drepper . + --- sssd-1.11.2.orig/debian/libipa-hbac-dev.install +++ sssd-1.11.2/debian/libipa-hbac-dev.install @@ -0,0 +1,3 @@ +usr/include/ipa_hbac.h +usr/lib/*/libipa_hbac.so +usr/lib/*/pkgconfig/ipa_hbac.pc --- sssd-1.11.2.orig/debian/libipa-hbac0.install +++ sssd-1.11.2/debian/libipa-hbac0.install @@ -0,0 +1 @@ +usr/lib/*/libipa_hbac.so.* --- sssd-1.11.2.orig/debian/libnss-sss.install +++ sssd-1.11.2/debian/libnss-sss.install @@ -0,0 +1 @@ +lib/*/libnss_sss.so.2 --- sssd-1.11.2.orig/debian/libnss-sss.lintian-overrides +++ sssd-1.11.2/debian/libnss-sss.lintian-overrides @@ -0,0 +1 @@ +package-name-doesnt-match-sonames libnss-sss2 --- sssd-1.11.2.orig/debian/libnss-sss.postinst +++ sssd-1.11.2/debian/libnss-sss.postinst @@ -0,0 +1,45 @@ +#!/bin/sh +set -e + +#DEBHELPER# + +# This code was taken from libnss-myhostname, which got it from nss-mdns: + +log() { + echo "$*" +} + +# try to insert sss entries to the passwd, group, shadow and netgroup +# lines in /etc/nsswitch.conf to automatically enable libnss-sss +# support; do not change the configuration if the lines already +# references some sss lookups +insert_nss_entry() { + log "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + log "Could not find /etc/nsswitch.conf." + return + fi + # append 'sss' to the end of the line if it's not found already + sed -i --regexp-extended ' + /^(passwd|group|netgroup):/ { + /\bsss\b/! s/$/ sss/ + } + ' /etc/nsswitch.conf +} + +action="$1" + +if [ configure = "$action" ]; then + if [ -z "$2" ]; then + log "First installation detected..." + # first install: setup the recommended configuration (unless + # nsswitch.conf already contains sss entries) + insert_nss_entry + else + # upgrade + version="$2" + + # Nothing to do here yet + fi +fi --- sssd-1.11.2.orig/debian/libnss-sss.postrm +++ sssd-1.11.2/debian/libnss-sss.postrm @@ -0,0 +1,38 @@ +#!/bin/sh +set -e + +#DEBHELPER# + +# This code was taken from libnss-myhostname, which got it from nss-mdns: + +log() { + echo "$*" +} + +remove_nss_entry() { + log "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + log "Could not find /etc/nsswitch.conf." + return + fi + sed -i --regexp-extended ' + /^(passwd|group|shadow|netgroup):/ { + s/\bsss\b//g + s/[[:space:]]+$// + } + ' /etc/nsswitch.conf +} + +case "$1" in + remove|purge) + remove_nss_entry + ;; + upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac --- sssd-1.11.2.orig/debian/libpam-sss.install +++ sssd-1.11.2/debian/libpam-sss.install @@ -0,0 +1,2 @@ +lib/*/security/pam_sss.so +usr/share/man/man8/pam_sss.8* --- sssd-1.11.2.orig/debian/libpam-sss.pam-auth-update +++ sssd-1.11.2/debian/libpam-sss.pam-auth-update @@ -0,0 +1,22 @@ +Name: SSS authentication +Default: yes +Priority: 128 + +Auth-Type: Primary +Auth: + [success=end default=ignore] pam_sss.so use_first_pass +Auth-Initial: + [success=end default=ignore] pam_sss.so forward_pass +Account-Type: Additional +Account: + sufficient pam_localuser.so + [default=bad success=ok user_unknown=ignore] pam_sss.so +Session-Type: Additional +Session-Interactive-Only: yes +Session: + optional pam_sss.so +Password-Type: Primary +Password: + sufficient pam_sss.so use_authtok +Password-Initial: + sufficient pam_sss.so --- sssd-1.11.2.orig/debian/libpam-sss.postinst +++ sssd-1.11.2/debian/libpam-sss.postinst @@ -0,0 +1,40 @@ +#!/bin/sh +# postinst script for sssd +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + configure) + pam-auth-update --package + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- sssd-1.11.2.orig/debian/libpam-sss.prerm +++ sssd-1.11.2/debian/libpam-sss.prerm @@ -0,0 +1,5 @@ +#! /bin/sh -e + +pam-auth-update --package --remove sss + +#DEBHELPER# --- sssd-1.11.2.orig/debian/libsss-idmap-dev.install +++ sssd-1.11.2/debian/libsss-idmap-dev.install @@ -0,0 +1,3 @@ +usr/include/sss_idmap.h +usr/lib/*/libsss_idmap.so +usr/lib/*/pkgconfig/sss_idmap.pc --- sssd-1.11.2.orig/debian/libsss-idmap0.install +++ sssd-1.11.2/debian/libsss-idmap0.install @@ -0,0 +1 @@ +usr/lib/*/libsss_idmap.so.* --- sssd-1.11.2.orig/debian/libsss-nss-idmap-dev.install +++ sssd-1.11.2/debian/libsss-nss-idmap-dev.install @@ -0,0 +1,3 @@ +usr/include/sss_nss_idmap.h +usr/lib/*/libsss_nss_idmap.so +usr/lib/*/pkgconfig/sss_nss_idmap.pc --- sssd-1.11.2.orig/debian/libsss-nss-idmap0.install +++ sssd-1.11.2/debian/libsss-nss-idmap0.install @@ -0,0 +1 @@ +usr/lib/*/libsss_nss_idmap.so.* --- sssd-1.11.2.orig/debian/libsss-sudo.install +++ sssd-1.11.2/debian/libsss-sudo.install @@ -0,0 +1 @@ +usr/lib/*/libsss_sudo.so --- sssd-1.11.2.orig/debian/libsss-sudo.lintian-overrides +++ sssd-1.11.2/debian/libsss-sudo.lintian-overrides @@ -0,0 +1,2 @@ +dev-pkg-without-shlib-symlink usr/lib/*/libsss_sudo.so +shlib-without-versioned-soname usr/lib/*/libsss_sudo.so libsss_sudo.so --- sssd-1.11.2.orig/debian/libsss-sudo.postinst +++ sssd-1.11.2/debian/libsss-sudo.postinst @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +case "$1" in + configure) + ldconfig + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# + +# This code was taken from libnss-myhostname, which got it from nss-mdns: + +log() { + echo "$*" +} + +# try to insert sss entries to the passwd, group, shadow and netgroup +# lines in /etc/nsswitch.conf to automatically enable libnss-sss +# support; do not change the configuration if the lines already +# references some sss lookups +insert_nss_entry() { + log "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + log "Could not find /etc/nsswitch.conf." + return + fi + + if grep -q ^sudoers /etc/nsswitch.conf; then + # append 'sss' to the end of the line if it's not found already + sed -i --regexp-extended ' + /^(sudoers):/ { + /\bsss\b/! s/$/ sss/ + } + ' /etc/nsswitch.conf + else + echo "sudoers: files sss" >> /etc/nsswitch.conf + fi +} + +action="$1" + +if [ configure = "$action" ]; then + if [ -z "$2" ]; then + log "First installation detected..." + # first install: setup the recommended configuration (unless + # nsswitch.conf already contains sss entries) + insert_nss_entry + else + # upgrade + version="$2" + + # Nothing to do here yet + fi +fi + +exit 0 --- sssd-1.11.2.orig/debian/libsss-sudo.postrm +++ sssd-1.11.2/debian/libsss-sudo.postrm @@ -0,0 +1,39 @@ +#!/bin/sh +set -e + +#DEBHELPER# + +# This code was taken from libnss-myhostname, which got it from nss-mdns: + +log() { + echo "$*" +} + +remove_nss_entry() { + log "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + log "Could not find /etc/nsswitch.conf." + return + fi + sed -i --regexp-extended ' + /^(sudoers):/ { + s/\bsss\b//g + s/[[:space:]]+$// + } + ' /etc/nsswitch.conf +} + +case "$1" in + remove|purge) + remove_nss_entry + ldconfig + ;; + upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac --- sssd-1.11.2.orig/debian/patches/series +++ sssd-1.11.2/debian/patches/series @@ -0,0 +1 @@ +#placeholder --- sssd-1.11.2.orig/debian/python-libipa-hbac.install +++ sssd-1.11.2/debian/python-libipa-hbac.install @@ -0,0 +1 @@ +usr/lib/python*/dist-packages/pyhbac.so --- sssd-1.11.2.orig/debian/python-libsss-nss-idmap.install +++ sssd-1.11.2/debian/python-libsss-nss-idmap.install @@ -0,0 +1 @@ +usr/lib/python*/dist-packages/pysss_nss_idmap.so --- sssd-1.11.2.orig/debian/python-sss.install +++ sssd-1.11.2/debian/python-sss.install @@ -0,0 +1,3 @@ +usr/lib/python*/dist-packages/pysss.so +usr/lib/python*/dist-packages/pysss_murmur.so +usr/lib/python*/dist-packages/SSSDConfig/*.py --- sssd-1.11.2.orig/debian/rules +++ sssd-1.11.2/debian/rules @@ -0,0 +1,72 @@ +#!/usr/bin/make -f +%: + dh $@ --with quilt,autoreconf,python2,systemd --parallel --builddirectory=build + +DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/buildflags.mk + +CFLAGS = $(shell dpkg-buildflags --get CFLAGS) +CFLAGS += -I/usr/include/samba-4.0 + +export CK_DEFAULT_TIMEOUT=30 + +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) + +APIDOCDIR = /usr/share/sssd +DISTRIBUTION = $(shell lsb_release -i | sed 's/.*:\t//') +INIT = init +PKGDATE = $(shell dpkg-parsechangelog | \ + awk -F" " '/^Date/ { print $$4 "/" $$3 "/" $$5 }' | \ + sed 's/Jan/01/;s/Feb/02/;s/Mar/03/;s/Apr/04/;s/May/05/;s/Jun/06/;s/Jul/07/;s/Aug/08/;s/Sep/09/;s/Oct/10/;s/Nov/11/;s/Dec/12/;s/\//\\\//g') +CURDATE = $(shell date +%m/%d/%Y | sed 's/\//\\\//g') + +ifeq ($(DISTRIBUTION), Ubuntu) + INIT = upstart +endif + +override_dh_auto_configure: + dh_auto_configure -- --enable-krb5-locator-plugin \ + --datadir=/usr/share/ \ + --with-ldb-lib-dir=/usr/lib/$(DEB_HOST_MULTIARCH)/ldb/modules/ldb \ + --with-krb5-plugin-path=/usr/lib/$(DEB_HOST_MULTIARCH)/krb5/plugins/krb5 \ + --enable-nsslibdir=/lib/$(DEB_HOST_MULTIARCH) \ + --enable-pammoddir=/lib/$(DEB_HOST_MULTIARCH)/security \ + --disable-static \ + --disable-rpath \ + --with-autofs \ + --with-ssh \ + --with-initscript=systemd --with-systemdunitdir=/lib/systemd/system \ + --with-sudo + +override_dh_install: + mkdir -p $(CURDIR)/debian/libpam-sss/usr/share/pam-configs + install -m644 debian/libpam-sss.pam-auth-update \ + $(CURDIR)/debian/libpam-sss/usr/share/pam-configs/sss + install -m644 -D $(CURDIR)/debian/apparmor-profile \ + $(CURDIR)/debian/sssd-common/etc/apparmor.d/usr.sbin.sssd + + cat $(CURDIR)/debian/sssd-common.sssd.$(INIT).in > $(CURDIR)/debian/sssd-common.sssd.$(INIT) + + # remove files we don't want to install + find $(CURDIR)/debian/tmp/ -name '*.la' -exec rm '{}' ';' + find $(CURDIR)/debian/tmp/ -name '*.pyc' -exec rm '{}' ';' + find $(CURDIR)/debian/tmp/ -name '*.egg-info' -exec rm '{}' ';' + rm -f $(CURDIR)/debian/tmp/etc/rc.d/init.d/sssd + + sed -i 's/${CURDATE}/${PKGDATE}/g' $(CURDIR)/debian/tmp/usr/share/man/man8/pam_sss.8 + + dh_install --fail-missing + +override_dh_python2: + dh_python2 --no-guessing-versions + +override_dh_installinit: + dh_apparmor -psssd-common --profile-name=usr.sbin.sssd + dh_installinit --name sssd --error-handler=invoke_failure + +override_dh_auto_clean: + dh_auto_clean + rm -f $(CURDIR)/debian/sssd-common.$(INIT) + rm -f $(CURDIR)/po/*.gmo + rm -f $(CURDIR)/src/config/*.pyc + rm -f $(CURDIR)/po/stamp-po --- sssd-1.11.2.orig/debian/source/format +++ sssd-1.11.2/debian/source/format @@ -0,0 +1 @@ +1.0 --- sssd-1.11.2.orig/debian/sssd-ad-common.install +++ sssd-1.11.2/debian/sssd-ad-common.install @@ -0,0 +1 @@ +usr/lib/*/sssd/sssd_pac --- sssd-1.11.2.orig/debian/sssd-ad.install +++ sssd-1.11.2/debian/sssd-ad.install @@ -0,0 +1,2 @@ +usr/lib/*/sssd/libsss_ad.so +usr/share/man/man5/sssd-ad.5* --- sssd-1.11.2.orig/debian/sssd-common.dirs +++ sssd-1.11.2/debian/sssd-common.dirs @@ -0,0 +1,8 @@ +etc/sssd +var/lib/sss +var/lib/sss/db +var/lib/sss/mc +var/lib/sss/pipes +var/lib/sss/pipes/private +var/lib/sss/pubconf +var/log/sssd --- sssd-1.11.2.orig/debian/sssd-common.docs +++ sssd-1.11.2/debian/sssd-common.docs @@ -0,0 +1 @@ +BUILD.txt --- sssd-1.11.2.orig/debian/sssd-common.examples +++ sssd-1.11.2/debian/sssd-common.examples @@ -0,0 +1 @@ +src/examples/sssd-example.conf --- sssd-1.11.2.orig/debian/sssd-common.install +++ sssd-1.11.2/debian/sssd-common.install @@ -0,0 +1,29 @@ +lib/systemd/system/sssd.service +usr/bin/sss_ssh_authorizedkeys +usr/bin/sss_ssh_knownhostsproxy +usr/lib/*/ldb/modules/ldb/memberof.so +usr/lib/*/krb5/plugins/krb5/* +usr/lib/*/krb5/plugins/authdata/* +usr/lib/*/sssd/libsss_child.so +usr/lib/*/sssd/libsss_crypt.so +usr/lib/*/sssd/libsss_debug.so +usr/lib/*/sssd/libsss_ldap_common.so +usr/lib/*/sssd/libsss_simple.so +usr/lib/*/sssd/libsss_util.so +usr/lib/*/sssd/sssd_autofs +usr/lib/*/sssd/sssd_be +usr/lib/*/sssd/sssd_nss +usr/lib/*/sssd/sssd_pam +usr/lib/*/sssd/sssd_sudo +usr/lib/*/sssd/sssd_ssh +usr/lib/*/sssd/modules/libsss_autofs.so +usr/share/locale/*/LC_MESSAGES/* +usr/share/sssd/* +usr/sbin/sssd +usr/share/man/man1/sss_ssh_authorizedkeys.1* +usr/share/man/man1/sss_ssh_knownhostsproxy.1* +usr/share/man/man5/sssd.conf.5* +usr/share/man/man5/sssd-simple.5* +usr/share/man/man5/sssd-sudo.5* +usr/share/man/man8/sssd.8* +usr/share/man/man8/sssd_krb5_locator_plugin.8* --- sssd-1.11.2.orig/debian/sssd-common.lintian-overrides +++ sssd-1.11.2/debian/sssd-common.lintian-overrides @@ -0,0 +1 @@ +manpage-has-errors-from-man usr/share/man/man5/sssd-ldap.5.* --- sssd-1.11.2.orig/debian/sssd-common.logrotate +++ sssd-1.11.2/debian/sssd-common.logrotate @@ -0,0 +1,11 @@ +/var/log/sssd/*.log { + rotate 4 + weekly + missingok + notifempty + compress + delaycompress + postrotate + kill -HUP `cat /var/run/sssd.pid` > /dev/null 2>&1 || true + endscript +} --- sssd-1.11.2.orig/debian/sssd-common.manpages +++ sssd-1.11.2/debian/sssd-common.manpages @@ -0,0 +1 @@ +usr/share/man/man*/* --- sssd-1.11.2.orig/debian/sssd-common.postinst +++ sssd-1.11.2/debian/sssd-common.postinst @@ -0,0 +1,49 @@ +#!/bin/sh +# postinst script for sssd +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +case "$1" in + configure) + # Fix configuration file on package upgrade + if dpkg --compare-versions "$2" lt-nl 1.0.2-0ubuntu1; then + /usr/lib/sssd/sssd/upgrade_config.py + fi + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +invoke_failure() { + # invoke-rc.d failed, likely because of a missing sssd.conf + if [ ! -s /etc/sssd/sssd.conf ]; then + echo "... because /etc/sssd/sssd.conf is not available yet" + fi +} + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- sssd-1.11.2.orig/debian/sssd-common.postrm +++ sssd-1.11.2/debian/sssd-common.postrm @@ -0,0 +1,50 @@ +#!/bin/sh +# postrm script for sssd +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + purge) + rm -f /etc/sssd/sssd.conf + if [ -d /etc/sssd ]; then + rmdir --ignore-fail-on-non-empty /etc/sssd/ + fi + rm -rf /var/log/sssd/ + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +# work around buggy dh_apparmor which doesn't do this for us +if [ "$1" = "purge" ]; then + rmdir /etc/apparmor.d/force-complain 2>/dev/null || true + rmdir /etc/apparmor.d 2>/dev/null || true +fi + +exit 0 --- sssd-1.11.2.orig/debian/sssd-common.preinst +++ sssd-1.11.2/debian/sssd-common.preinst @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +# Remove a no-longer used conffile +# Copied from http://wiki.debian.org/DpkgConffileHandling +rm_conffile() { + local PKGNAME="$1" + local CONFFILE="$2" + + [ -e "$CONFFILE" ] || return 0 + + local md5sum="$(md5sum $CONFFILE | sed -e 's/ .*//')" + local old_md5sum="$(dpkg-query -W -f='${Conffiles}' $PKGNAME | \ + sed -n -e "\' $CONFFILE ' { s/ obsolete$//; s/.* //; p }")" + if [ "$md5sum" != "$old_md5sum" ]; then + echo "Obsolete conffile $CONFFILE has been modified by you." + echo "Saving as $CONFFILE.dpkg-bak ..." + mv -f "$CONFFILE" "$CONFFILE".dpkg-bak + else + echo "Removing obsolete conffile $CONFFILE ..." + mv -f "$CONFFILE" "$CONFFILE".dpkg-del + fi +} + +APP_PROFILE="usr.sbin.sssd" +APP_CONFFILE="/etc/apparmor.d/$APP_PROFILE" +APP_COMPLAIN="/etc/apparmor.d/force-complain/$APP_PROFILE" +APP_DISABLE="/etc/apparmor.d/disable/$APP_PROFILE" + +inst_complain_profile() { + # Create a symlink to the yet-to-be-unpacked profile + mkdir -p `dirname $APP_COMPLAIN` 2>/dev/null || true + ln -sf $APP_CONFFILE $APP_COMPLAIN +} + +case "$1" in +install) + # Force the AppArmor profile to complain mode on install + inst_complain_profile + ;; +upgrade) + if dpkg --compare-versions "$2" le "1.0.5-1"; then + rm_conffile sssd "/etc/sssd/sssd.api.conf" + rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-proxy.conf" + rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-simple.conf" + rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-ipa.conf" + rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-local.conf" + rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-krb5.conf" + rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-ldap.conf" + fi + if dpkg --compare-versions "$2" lt "1.10.0~beta2-1"; then + inst_complain_profile + if [ -e "$APP_DISABLE" ]; then + rm -f "$APP_DISABLE" + fi + fi + ;; +esac + +#DEBHELPER# --- sssd-1.11.2.orig/debian/sssd-common.prerm +++ sssd-1.11.2/debian/sssd-common.prerm @@ -0,0 +1,9 @@ +#! /bin/sh -e + +invoke_failure() { + # invoke-rc.d failed + return +} + +#DEBHELPER# + --- sssd-1.11.2.orig/debian/sssd-common.sssd.default +++ sssd-1.11.2/debian/sssd-common.sssd.default @@ -0,0 +1,10 @@ +# Defaults for sssd initscript +# sourced by /etc/init.d/sssd +# installed at /etc/default/sssd by the maintainer scripts + +# +# This is a POSIX shell fragment +# + +# Additional options that are passed to the Daemon. +DAEMON_OPTS="-D -f" --- sssd-1.11.2.orig/debian/sssd-common.sssd.init.in +++ sssd-1.11.2/debian/sssd-common.sssd.init.in @@ -0,0 +1,86 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: sssd +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Should-Start: $named +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: System Security Services Daemon +# Description: Provides a set of daemons to manage access to +# remote directories and authentication +# mechanisms. It provides an NSS and PAM interface +# toward the system and a pluggable backend system +# to connect to multiple different account sources. +### END INIT INFO +# start on filesystem +# stop on runlevel [06] + +DESCRIPTION="System Security Services Daemon" +PATH=/bin:/usr/bin:/sbin:/usr/sbin +NAME=sssd +DAEMON_OPTS="" +DAEMON=/usr/sbin/$NAME +PIDFILE=/var/run/$NAME.pid + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. +. /lib/lsb/init-functions + +if [ -f /etc/default/sssd ] ; then + . /etc/default/sssd +fi + +initdmain() { + case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESCRIPTION" "$NAME" + start_daemon -p $PIDFILE $DAEMON $DAEMON_OPTS + RC=$? + case "$RC" in + 0) + [ "$VERBOSE" != no ] && log_end_msg $RC + ;; + *) + # Report error also when VERBOSE=no + log_daemon_msg "Starting $DESCRIPTION" "$NAME" + log_end_msg $RC + ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESCRIPTION" "$NAME" + killproc -p $PIDFILE $DAEMON + RC=$? + case "$RC" in + 0) + [ "$VERBOSE" != no ] && log_end_msg $RC + ;; + *) + # Report error also when VERBOSE=no + log_daemon_msg "Stopping $DESCRIPTION" "$NAME" + log_end_msg $RC + ;; + esac + ;; + force-reload|restart) + $0 stop + $0 start + ;; + status) + status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $? + ;; + *) + echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|status}" + exit 1 + ;; + esac +} + +initdmain $@ + +exit 0 --- sssd-1.11.2.orig/debian/sssd-common.sssd.upstart.in +++ sssd-1.11.2/debian/sssd-common.sssd.upstart.in @@ -0,0 +1,28 @@ +# sssd - System Security Services Daemon +# +# Provides a set of daemons to manage access to remote directories and +# authentication mechanisms. It provides an NSS and PAM interface toward +# the system and a pluggable backend system to connect to multiple different +# account sources. + +description "System Security Services Daemon" + +start on (filesystem and net-device-up) +stop on runlevel [06] + +expect fork +respawn + +env DEFAULTFILE=/etc/default/sssd + +pre-start script + test -f /etc/sssd/sssd.conf || { stop; exit 0; } + /lib/init/apparmor-profile-load usr.sbin.sssd +end script + +script + if [ -f "$DEFAULTFILE" ]; then + . "$DEFAULTFILE" + fi + exec sssd $DAEMON_OPTS +end script --- sssd-1.11.2.orig/debian/sssd-ipa.install +++ sssd-1.11.2/debian/sssd-ipa.install @@ -0,0 +1,3 @@ +usr/lib/*/sssd/libsss_ipa.so +usr/share/man/man5/sssd-ipa.5* + --- sssd-1.11.2.orig/debian/sssd-krb5-common.dirs +++ sssd-1.11.2/debian/sssd-krb5-common.dirs @@ -0,0 +1,2 @@ +var/lib/sss/pubconf/krb5.include.d + --- sssd-1.11.2.orig/debian/sssd-krb5-common.install +++ sssd-1.11.2/debian/sssd-krb5-common.install @@ -0,0 +1,3 @@ +usr/lib/*/sssd/libsss_krb5_common.so +usr/lib/*/sssd/ldap_child +usr/lib/*/sssd/krb5_child --- sssd-1.11.2.orig/debian/sssd-krb5.install +++ sssd-1.11.2/debian/sssd-krb5.install @@ -0,0 +1,3 @@ +usr/lib/*/sssd/libsss_krb5.so +usr/share/man/man5/sssd-krb5.5* + --- sssd-1.11.2.orig/debian/sssd-ldap.install +++ sssd-1.11.2/debian/sssd-ldap.install @@ -0,0 +1,3 @@ +usr/lib/*/sssd/libsss_ldap.so +usr/share/man/man5/sssd-ldap.5* + --- sssd-1.11.2.orig/debian/sssd-proxy.install +++ sssd-1.11.2/debian/sssd-proxy.install @@ -0,0 +1,2 @@ +usr/lib/*/sssd/libsss_proxy.so +usr/lib/*/sssd/proxy_child --- sssd-1.11.2.orig/debian/sssd-tools.install +++ sssd-1.11.2/debian/sssd-tools.install @@ -0,0 +1,22 @@ +usr/sbin/sss_cache +usr/sbin/sss_debuglevel +usr/sbin/sss_groupadd +usr/sbin/sss_groupdel +usr/sbin/sss_groupmod +usr/sbin/sss_groupshow +usr/sbin/sss_obfuscate +usr/sbin/sss_seed +usr/sbin/sss_useradd +usr/sbin/sss_userdel +usr/sbin/sss_usermod +usr/share/man/man8/sss_cache.8* +usr/share/man/man8/sss_debuglevel.8* +usr/share/man/man8/sss_groupadd.8* +usr/share/man/man8/sss_groupdel.8* +usr/share/man/man8/sss_groupmod.8* +usr/share/man/man8/sss_groupshow.8* +usr/share/man/man8/sss_obfuscate.8* +usr/share/man/man8/sss_seed.8* +usr/share/man/man8/sss_useradd.8* +usr/share/man/man8/sss_userdel.8* +usr/share/man/man8/sss_usermod.8* --- sssd-1.11.2.orig/debian/watch +++ sssd-1.11.2/debian/watch @@ -0,0 +1,4 @@ +#git=git://git.fedorahosted.org/sssd.git +version=3 +opts="uversionmangle=s/alpha/~alpha/;s/beta/~beta/" \ +https://fedorahosted.org/released/sssd/sssd-(.*)\.tar\.gz --- sssd-1.11.2.orig/po/ca.po +++ sssd-1.11.2/po/ca.po @@ -0,0 +1,1742 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR Red Hat, Inc. +# This file is distributed under the same license as the PACKAGE package. +# +# Translators: +# muzzol mussol , 2012 +# muzzol mussol , 2012 +# sgallagh , 2011 +msgid "" +msgstr "" +"Project-Id-Version: SSSD\n" +"Report-Msgid-Bugs-To: https://fedorahosted.org/sssd\n" +"POT-Creation-Date: 2013-07-24 14:24+0200\n" +"PO-Revision-Date: 2013-07-24 12:27+0000\n" +"Last-Translator: jhrozek \n" +"Language-Team: Catalan (http://www.transifex.com/projects/p/fedora/language/ca/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: ca\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#: src/config/SSSDConfig/__init__.py.in:39 +msgid "Set the verbosity of the debug logging" +msgstr "Estableix la verbositat del registre de depuració" + +#: src/config/SSSDConfig/__init__.py.in:40 +msgid "Include timestamps in debug logs" +msgstr "Inclou les marques horàries als registres de depuració" + +#: src/config/SSSDConfig/__init__.py.in:41 +msgid "Include microseconds in timestamps in debug logs" +msgstr "Inclou mil·lisegons a les marques horàries als registres de depuració" + +#: src/config/SSSDConfig/__init__.py.in:42 +msgid "Write debug messages to logfiles" +msgstr "Escriu els missatges de depuració als fitxers de registre" + +#: src/config/SSSDConfig/__init__.py.in:43 +msgid "Ping timeout before restarting service" +msgstr "Temps d'espera del ping abans de reiniciar el servei" + +#: src/config/SSSDConfig/__init__.py.in:44 +msgid "" +"Timeout between three failed ping checks and forcibly killing the service" +msgstr "Temps d'espera entre tres comprovacions de ping fallades i matar forçadament el servei" + +#: src/config/SSSDConfig/__init__.py.in:45 +msgid "Command to start service" +msgstr "Comanda per iniciar el servei" + +#: src/config/SSSDConfig/__init__.py.in:46 +msgid "Number of times to attempt connection to Data Providers" +msgstr "Número d'intents de connexió als Proveïdors de Dades" + +#: src/config/SSSDConfig/__init__.py.in:47 +msgid "The number of file descriptors that may be opened by this responder" +msgstr "El número de descriptors de fitxers que pot obrir aquesta resposta" + +#: src/config/SSSDConfig/__init__.py.in:48 +msgid "Idle time before automatic disconnection of a client" +msgstr "Temps d'inactivitat abans de desconnexió automàtica d'un client" + +#: src/config/SSSDConfig/__init__.py.in:51 +msgid "SSSD Services to start" +msgstr "Serveis del SSSD per iniciar" + +#: src/config/SSSDConfig/__init__.py.in:52 +msgid "SSSD Domains to start" +msgstr "Dominis del SSD per iniciar" + +#: src/config/SSSDConfig/__init__.py.in:53 +msgid "Timeout for messages sent over the SBUS" +msgstr "Temps d'espera per missatges enviats per SBUS" + +#: src/config/SSSDConfig/__init__.py.in:54 +msgid "Regex to parse username and domain" +msgstr "Expressió regular per analitzar el nom d'usuari i el domini" + +#: src/config/SSSDConfig/__init__.py.in:55 +msgid "Printf-compatible format for displaying fully-qualified names" +msgstr "Format compatible amb printf per mostrar els noms plenament qualificats" + +#: src/config/SSSDConfig/__init__.py.in:56 +msgid "" +"Directory on the filesystem where SSSD should store Kerberos replay cache " +"files." +msgstr "Directori al sistema de fitxers on el SSSD ha d'emmagatzemar els fitxers cau de Kerberos" + +#: src/config/SSSDConfig/__init__.py.in:57 +msgid "Domain to add to names without a domain component." +msgstr "Domini a afegir als noms sense un component de domini." + +#: src/config/SSSDConfig/__init__.py.in:60 +msgid "Enumeration cache timeout length (seconds)" +msgstr "Llargària del temps d'espera de l'enumeració en el cau (en segons)" + +#: src/config/SSSDConfig/__init__.py.in:61 +msgid "Entry cache background update timeout length (seconds)" +msgstr "Llargària del temps d'espera de l'actualització en rerefons de les entrades en cau (en segons)" + +#: src/config/SSSDConfig/__init__.py.in:62 +#: src/config/SSSDConfig/__init__.py.in:88 +msgid "Negative cache timeout length (seconds)" +msgstr "Llargària del temps d'espera del cau negatiu (en segons)" + +#: src/config/SSSDConfig/__init__.py.in:63 +msgid "Users that SSSD should explicitly ignore" +msgstr "Usuaris que l'SSSD hauria d'ignorar explícitament" + +#: src/config/SSSDConfig/__init__.py.in:64 +msgid "Groups that SSSD should explicitly ignore" +msgstr "Grups que l'SSSD hauria d'ignorar explícitament" + +#: src/config/SSSDConfig/__init__.py.in:65 +msgid "Should filtered users appear in groups" +msgstr "Haurien d'apareixer als grups els usuaris filtrats" + +#: src/config/SSSDConfig/__init__.py.in:66 +msgid "The value of the password field the NSS provider should return" +msgstr "El valor al camp de contrasenya que el proveïdor NSS hauria de respondre" + +#: src/config/SSSDConfig/__init__.py.in:67 +msgid "Override homedir value from the identity provider with this value" +msgstr "Substitueix el valor de directori d'usuari del proveïdor d'identitat amb aquest valor" + +#: src/config/SSSDConfig/__init__.py.in:68 +msgid "" +"Substitute empty homedir value from the identity provider with this value" +msgstr "Substitueix el valor buit de directori d'usuari del proveïdor d'identitat amb aquest valor" + +#: src/config/SSSDConfig/__init__.py.in:69 +msgid "Override shell value from the identity provider with this value" +msgstr "Substituir el valor de l'intèrpret d'ordres des del proveïdor d'identitat amb aquest valor" + +#: src/config/SSSDConfig/__init__.py.in:70 +msgid "The list of shells users are allowed to log in with" +msgstr "Llista d'intèrprets d'ordres amb que els usuaris poden iniciar sessió" + +#: src/config/SSSDConfig/__init__.py.in:71 +msgid "" +"The list of shells that will be vetoed, and replaced with the fallback shell" +msgstr "Llista d'intèrprets d'ordres que seran vetats i substituits amb l'intèrpret alternatiu" + +#: src/config/SSSDConfig/__init__.py.in:72 +msgid "" +"If a shell stored in central directory is allowed but not available, use " +"this fallback" +msgstr "Si un intèrpret d'ordres establert al directori central està permés però no es troba disponible, utilitza aquesta alternativa" + +#: src/config/SSSDConfig/__init__.py.in:73 +msgid "Shell to use if the provider does not list one" +msgstr "Intèrpret d'ordres a utilitzar si el proveïdor no en llista un" + +#: src/config/SSSDConfig/__init__.py.in:74 +msgid "How long will be in-memory cache records valid" +msgstr "Quant temps seran vàlids els registres de memòria cau" + +#: src/config/SSSDConfig/__init__.py.in:77 +msgid "How long to allow cached logins between online logins (days)" +msgstr "Quant temps s'ha de permetre els inicis de sessió en cau entre inicis de sessió en línia (en dies)" + +#: src/config/SSSDConfig/__init__.py.in:78 +msgid "How many failed logins attempts are allowed when offline" +msgstr "Quants intents fallits d'inicis de sessió es permeten en estar fora de línia" + +#: src/config/SSSDConfig/__init__.py.in:79 +msgid "" +"How long (minutes) to deny login after offline_failed_login_attempts has " +"been reached" +msgstr "Quant temps (en minuts) s'ha de denegar l'inici de sessió després d'haver assolit offline_failed_login_attempts" + +#: src/config/SSSDConfig/__init__.py.in:80 +msgid "What kind of messages are displayed to the user during authentication" +msgstr "Quins tipus de missatges es mostres a l'usuari durant l'autenticació" + +#: src/config/SSSDConfig/__init__.py.in:81 +msgid "How many seconds to keep identity information cached for PAM requests" +msgstr "Quants segons s'ha de mantenir la informació en cau per les peticions PAM" + +#: src/config/SSSDConfig/__init__.py.in:82 +msgid "How many days before password expiration a warning should be displayed" +msgstr "Quants dies abans de l'expiració de la contrasenya s'hauria de mostrar un avís" + +#: src/config/SSSDConfig/__init__.py.in:85 +msgid "Whether to evaluate the time-based attributes in sudo rules" +msgstr "Si s'han d'avaluar els atributs de temps a les regles sudo" + +#: src/config/SSSDConfig/__init__.py.in:91 +msgid "Whether to hash host names and addresses in the known_hosts file" +msgstr "Si s'han d'utilitzar els algoritmes hash als noms d'ordinadors i a les adreces dins el fitxer known_hosts" + +#: src/config/SSSDConfig/__init__.py.in:92 +msgid "" +"How many seconds to keep a host in the known_hosts file after its host keys " +"were requested" +msgstr "Quants segons s'ha de mantenir una màquina a l'arxiu de known_hosts després que s'ha sol·licitat la seva clau" + +#: src/config/SSSDConfig/__init__.py.in:95 +msgid "List of UIDs or user names allowed to access the PAC responder" +msgstr "Llista d'UIDs o noms d'usuari que poden accedir al contestador de PAC" + +#: src/config/SSSDConfig/__init__.py.in:98 +msgid "Identity provider" +msgstr "Proveïdor d'identitat" + +#: src/config/SSSDConfig/__init__.py.in:99 +msgid "Authentication provider" +msgstr "Proveïdor d'autenticació" + +#: src/config/SSSDConfig/__init__.py.in:100 +msgid "Access control provider" +msgstr "Proveïdor de control d'accés" + +#: src/config/SSSDConfig/__init__.py.in:101 +msgid "Password change provider" +msgstr "Proveïdor de canvi de contrasenya" + +#: src/config/SSSDConfig/__init__.py.in:102 +msgid "SUDO provider" +msgstr "Proveïdor de SUDO" + +#: src/config/SSSDConfig/__init__.py.in:103 +msgid "Autofs provider" +msgstr "Proveïdor d'Autofs" + +#: src/config/SSSDConfig/__init__.py.in:104 +msgid "Session-loading provider" +msgstr "Proveïdor de càrrega de sessió" + +#: src/config/SSSDConfig/__init__.py.in:105 +msgid "Host identity provider" +msgstr "Proveïdor d'identitat d'ordinadors" + +#: src/config/SSSDConfig/__init__.py.in:108 +msgid "Minimum user ID" +msgstr "ID mínim d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:109 +msgid "Maximum user ID" +msgstr "ID màxim d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:110 +msgid "Enable enumerating all users/groups" +msgstr "Activa l'enumeració de tots els usuaris/grups" + +#: src/config/SSSDConfig/__init__.py.in:111 +msgid "Cache credentials for offline login" +msgstr "Credencials en cau per inicis de sessió fora de línia" + +#: src/config/SSSDConfig/__init__.py.in:112 +msgid "Store password hashes" +msgstr "Emmagatzema els codis hash de les contrasenyes" + +#: src/config/SSSDConfig/__init__.py.in:113 +msgid "Display users/groups in fully-qualified form" +msgstr "Mostra els usuaris/grups en format plenament qualificat" + +#: src/config/SSSDConfig/__init__.py.in:114 +msgid "Don't include group members in group lookups" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:115 +#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 +#: src/config/SSSDConfig/__init__.py.in:124 +#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 +msgid "Entry cache timeout length (seconds)" +msgstr "Llargària del temps d'espera de les entrades cau (en segons)" + +#: src/config/SSSDConfig/__init__.py.in:116 +msgid "" +"Restrict or prefer a specific address family when performing DNS lookups" +msgstr "Restringeix o prefereix una família específica d'adreces en efectuar peticions DNS" + +#: src/config/SSSDConfig/__init__.py.in:117 +msgid "How long to keep cached entries after last successful login (days)" +msgstr "Quant temps s'ha de mantenir les entrades en cau després d'un inici de sessió amb èxit (en dies)" + +#: src/config/SSSDConfig/__init__.py.in:118 +msgid "How long to wait for replies from DNS when resolving servers (seconds)" +msgstr "Temps d'espera per les respostes DNS en resoldre servidors (en segons)" + +#: src/config/SSSDConfig/__init__.py.in:119 +msgid "The domain part of service discovery DNS query" +msgstr "La part del domini de la petició DNS de la recerca de servei" + +#: src/config/SSSDConfig/__init__.py.in:120 +msgid "Override GID value from the identity provider with this value" +msgstr "Substitueix el valor GID del proveïdor d'identitat amb aquest valor" + +#: src/config/SSSDConfig/__init__.py.in:121 +msgid "Treat usernames as case sensitive" +msgstr "Distingeix entre majúscules i minúscules als noms d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:128 +msgid "How often should expired entries be refreshed in background" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:129 +msgid "Whether to automatically update the client's DNS entry" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:143 +msgid "The TTL to apply to the client's DNS entry after updating it" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:144 +msgid "The interface whose IP should be used for dynamic DNS updates" +msgstr "La interfície amb la IP que s'hauria d'utilitzar per les actualitzacions dinàmiques de DNS" + +#: src/config/SSSDConfig/__init__.py.in:132 +msgid "How often to periodically update the client's DNS entry" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:133 +msgid "Whether the provider should explicitly update the PTR record as well" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:134 +msgid "Whether the nsupdate utility should default to using TCP" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:135 +msgid "What kind of authentication should be used to perform the DNS update" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:138 +msgid "IPA domain" +msgstr "Domini IPA" + +#: src/config/SSSDConfig/__init__.py.in:139 +msgid "IPA server address" +msgstr "Adreça del servidor IPA" + +#: src/config/SSSDConfig/__init__.py.in:140 +msgid "Address of backup IPA server" +msgstr "Adreça del servidor IPA de reserva " + +#: src/config/SSSDConfig/__init__.py.in:141 +msgid "IPA client hostname" +msgstr "Nom d'ordinador del client IPA" + +#: src/config/SSSDConfig/__init__.py.in:142 +msgid "Whether to automatically update the client's DNS entry in FreeIPA" +msgstr "Si actualitzar automàticament l'entrada DNS del client a FreeIPA" + +#: src/config/SSSDConfig/__init__.py.in:145 +msgid "Search base for HBAC related objects" +msgstr "Base de cerca pels objectes HBAC" + +#: src/config/SSSDConfig/__init__.py.in:146 +msgid "" +"The amount of time between lookups of the HBAC rules against the IPA server" +msgstr "Quantitat de temps entre peticions de les regles HBAC contra el servidor IPA" + +#: src/config/SSSDConfig/__init__.py.in:147 +msgid "" +"The amount of time in seconds between lookups of the SELinux maps against " +"the IPA server" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:148 +msgid "If DENY rules are present, either DENY_ALL or IGNORE" +msgstr "Si les regles DENY són presents, o DENY_ALL o IGNORE" + +#: src/config/SSSDConfig/__init__.py.in:149 +msgid "If set to false, host argument given by PAM will be ignored" +msgstr "Si s'estableix a fals, l'argument d'ordinador facilitat per PAM serà ignorat" + +#: src/config/SSSDConfig/__init__.py.in:150 +msgid "The automounter location this IPA client is using" +msgstr "La ubicació del muntador automàtic que aquest client IPA està utilitzant" + +#: src/config/SSSDConfig/__init__.py.in:151 +msgid "Search base for object containing info about IPA domain" +msgstr "Base de cerca per a l'objecte que conté informació sobre el domini de l'IPA" + +#: src/config/SSSDConfig/__init__.py.in:152 +msgid "Search base for objects containing info about ID ranges" +msgstr "Base de cerca per a objectes que contenen informació sobre intervals d'ID" + +#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:160 +msgid "Enable DNS sites - location based service discovery" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:156 +msgid "Active Directory domain" +msgstr "Domini d'Active Directory" + +#: src/config/SSSDConfig/__init__.py.in:157 +msgid "Active Directory server address" +msgstr "Adreça de servidor d'Active Directory" + +#: src/config/SSSDConfig/__init__.py.in:158 +msgid "Active Directory backup server address" +msgstr "Adreça del servidor d'Active Directory de reserva" + +#: src/config/SSSDConfig/__init__.py.in:159 +msgid "Active Directory client hostname" +msgstr "Nom de màquina del client d'Active Directory" + +#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 +msgid "Kerberos server address" +msgstr "Adreça del servidor Kerberos" + +#: src/config/SSSDConfig/__init__.py.in:165 +msgid "Kerberos backup server address" +msgstr "Adreça de servidor Kerberos de reserva" + +#: src/config/SSSDConfig/__init__.py.in:166 +msgid "Kerberos realm" +msgstr "Reialme Kerberos" + +#: src/config/SSSDConfig/__init__.py.in:167 +msgid "Authentication timeout" +msgstr "Temps d'espera de la autenticació" + +#: src/config/SSSDConfig/__init__.py.in:168 +msgid "Whether to create kdcinfo files" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:171 +msgid "Directory to store credential caches" +msgstr "Directori on emmagatzemar el cau de credencials" + +#: src/config/SSSDConfig/__init__.py.in:172 +msgid "Location of the user's credential cache" +msgstr "Ubicació de la cau de credencials d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:173 +msgid "Location of the keytab to validate credentials" +msgstr "Ubicació de la clau per validar les credencials" + +#: src/config/SSSDConfig/__init__.py.in:174 +msgid "Enable credential validation" +msgstr "Activa la validació de credencials" + +#: src/config/SSSDConfig/__init__.py.in:175 +msgid "Store password if offline for later online authentication" +msgstr "Emmagatzema la contrasenya quan estigui fora de línia per autenticació en línia posterior" + +#: src/config/SSSDConfig/__init__.py.in:176 +msgid "Renewable lifetime of the TGT" +msgstr "Temps de vida renovable del TGT" + +#: src/config/SSSDConfig/__init__.py.in:177 +msgid "Lifetime of the TGT" +msgstr "Temps de vida del TGT" + +#: src/config/SSSDConfig/__init__.py.in:178 +msgid "Time between two checks for renewal" +msgstr "Temps entre les dues comprovacions per renovar" + +#: src/config/SSSDConfig/__init__.py.in:179 +msgid "Enables FAST" +msgstr "Activa FAST" + +#: src/config/SSSDConfig/__init__.py.in:180 +msgid "Selects the principal to use for FAST" +msgstr "Selecciona el principal per utilitzar amb FAST" + +#: src/config/SSSDConfig/__init__.py.in:181 +msgid "Enables principal canonicalization" +msgstr "Activa la canonització del principal" + +#: src/config/SSSDConfig/__init__.py.in:182 +msgid "Enables enterprise principals" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:186 +msgid "Server where the change password service is running if not on the KDC" +msgstr "Servidor on es troba el servei de canvi de contrasenya si no és al KDC" + +#: src/config/SSSDConfig/__init__.py.in:189 +msgid "ldap_uri, The URI of the LDAP server" +msgstr "ldap_uri, La URI del servidor LDAP" + +#: src/config/SSSDConfig/__init__.py.in:190 +msgid "ldap_backup_uri, The URI of the LDAP server" +msgstr "ldap_backup_uri, la URI del servidor LDAP" + +#: src/config/SSSDConfig/__init__.py.in:191 +msgid "The default base DN" +msgstr "La base DN per defecte" + +#: src/config/SSSDConfig/__init__.py.in:192 +msgid "The Schema Type in use on the LDAP server, rfc2307" +msgstr "El tipus d'esquema en us al servidor LDAP, rfc2307" + +#: src/config/SSSDConfig/__init__.py.in:193 +msgid "The default bind DN" +msgstr "La connexió DN per defecte" + +#: src/config/SSSDConfig/__init__.py.in:194 +msgid "The type of the authentication token of the default bind DN" +msgstr "El tipus del testimoni d'autenticació a la connexió DN per defecte" + +#: src/config/SSSDConfig/__init__.py.in:195 +msgid "The authentication token of the default bind DN" +msgstr "El testimoni d'autenticació de la connexió DN per defecte" + +#: src/config/SSSDConfig/__init__.py.in:196 +msgid "Length of time to attempt connection" +msgstr "Llargària del temps per intentar una connexió" + +#: src/config/SSSDConfig/__init__.py.in:197 +msgid "Length of time to attempt synchronous LDAP operations" +msgstr "Llargària del temps per intentar operacions LDAP asíncrones" + +#: src/config/SSSDConfig/__init__.py.in:198 +msgid "Length of time between attempts to reconnect while offline" +msgstr "Llargària del temps entre intents per re-connectar quan estigui fora de línia" + +#: src/config/SSSDConfig/__init__.py.in:199 +msgid "Use only the upper case for realm names" +msgstr "Utilitza només majúscules pels noms de reialme" + +#: src/config/SSSDConfig/__init__.py.in:200 +msgid "File that contains CA certificates" +msgstr "Fitxer que conté els certificats CA" + +#: src/config/SSSDConfig/__init__.py.in:201 +msgid "Path to CA certificate directory" +msgstr "Ruta al directori de certificats CA" + +#: src/config/SSSDConfig/__init__.py.in:202 +msgid "File that contains the client certificate" +msgstr "Fitxer que conté el certificat de client" + +#: src/config/SSSDConfig/__init__.py.in:203 +msgid "File that contains the client key" +msgstr "Fitxer que conté la clau de client" + +#: src/config/SSSDConfig/__init__.py.in:204 +msgid "List of possible ciphers suites" +msgstr "Llista de paquets de xifrat possibles" + +#: src/config/SSSDConfig/__init__.py.in:205 +msgid "Require TLS certificate verification" +msgstr "Requereix verificació de certificat TLS" + +#: src/config/SSSDConfig/__init__.py.in:206 +msgid "Specify the sasl mechanism to use" +msgstr "Especifica el mecanisme sasl a utilitzar" + +#: src/config/SSSDConfig/__init__.py.in:207 +msgid "Specify the sasl authorization id to use" +msgstr "Escecifica l'id d'autorització sasl a utilitzar" + +#: src/config/SSSDConfig/__init__.py.in:208 +msgid "Specify the sasl authorization realm to use" +msgstr "Especifica el reialme d'autorització sasl a utilitzar" + +#: src/config/SSSDConfig/__init__.py.in:209 +msgid "Specify the minimal SSF for LDAP sasl authorization" +msgstr "Especifica el SSF mínim per autorització sasl de LDAP" + +#: src/config/SSSDConfig/__init__.py.in:210 +msgid "Kerberos service keytab" +msgstr "Clau de servei Kerberos" + +#: src/config/SSSDConfig/__init__.py.in:211 +msgid "Use Kerberos auth for LDAP connection" +msgstr "Utilitza autenticació Kerberos per la connexió LDAP" + +#: src/config/SSSDConfig/__init__.py.in:212 +msgid "Follow LDAP referrals" +msgstr "Segueix les referències LDAP" + +#: src/config/SSSDConfig/__init__.py.in:213 +msgid "Lifetime of TGT for LDAP connection" +msgstr "Temps de vida del TGT per la connexió LDAP" + +#: src/config/SSSDConfig/__init__.py.in:214 +msgid "How to dereference aliases" +msgstr "Com desreferenciar àlies" + +#: src/config/SSSDConfig/__init__.py.in:215 +msgid "Service name for DNS service lookups" +msgstr "Nom del servei per les peticions DNS" + +#: src/config/SSSDConfig/__init__.py.in:216 +msgid "The number of records to retrieve in a single LDAP query" +msgstr "El número de registres a recuperar en una sola petició LDAP" + +#: src/config/SSSDConfig/__init__.py.in:217 +msgid "The number of members that must be missing to trigger a full deref" +msgstr "El número de membres que han de faltar per activar una de-referència completa" + +#: src/config/SSSDConfig/__init__.py.in:218 +msgid "" +"Whether the LDAP library should perform a reverse lookup to canonicalize the" +" host name during a SASL bind" +msgstr "Si la biblioteca LDAP hauria de realitzar una petició inversa per canonalitzar el nom d'ordinador durant la connexió SASL" + +#: src/config/SSSDConfig/__init__.py.in:220 +msgid "entryUSN attribute" +msgstr "atribut entryUSN" + +#: src/config/SSSDConfig/__init__.py.in:221 +msgid "lastUSN attribute" +msgstr "atribut lastUSN" + +#: src/config/SSSDConfig/__init__.py.in:223 +msgid "" +"How long to retain a connection to the LDAP server before disconnecting" +msgstr "Quant temps s'ha de retenir una connexió al servidor LDAP abans de desconnectar" + +#: src/config/SSSDConfig/__init__.py.in:225 +msgid "Disable the LDAP paging control" +msgstr "Desactiva el control de paginació LDAP" + +#: src/config/SSSDConfig/__init__.py.in:226 +msgid "Disable Active Directory range retrieval" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:229 +msgid "Length of time to wait for a search request" +msgstr "Llargària de temps a esperar per una petició de cerca" + +#: src/config/SSSDConfig/__init__.py.in:230 +msgid "Length of time to wait for a enumeration request" +msgstr "Llargària de temps a esperar per una petició d'enumeració" + +#: src/config/SSSDConfig/__init__.py.in:231 +msgid "Length of time between enumeration updates" +msgstr "Llargària de temps entre actualitzacions d'enumeració" + +#: src/config/SSSDConfig/__init__.py.in:232 +msgid "Length of time between cache cleanups" +msgstr "Llargària de temps entre neteges del cau" + +#: src/config/SSSDConfig/__init__.py.in:233 +msgid "Require TLS for ID lookups" +msgstr "Requereix TLS per cerques d'ID" + +#: src/config/SSSDConfig/__init__.py.in:234 +msgid "Use ID-mapping of objectSID instead of pre-set IDs" +msgstr "Utilitza mapejat d'IDs enlloc de IDs pre-establerts" + +#: src/config/SSSDConfig/__init__.py.in:235 +msgid "Base DN for user lookups" +msgstr "DN base per cerques d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:236 +msgid "Scope of user lookups" +msgstr "Abast de les cerques d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:237 +msgid "Filter for user lookups" +msgstr "Filtre per les cerques d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:238 +msgid "Objectclass for users" +msgstr "Objectclass dels usuaris" + +#: src/config/SSSDConfig/__init__.py.in:239 +msgid "Username attribute" +msgstr "Atribut del nom d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:241 +msgid "UID attribute" +msgstr "Atribut de l'UID" + +#: src/config/SSSDConfig/__init__.py.in:242 +msgid "Primary GID attribute" +msgstr "Atribut del GID primari" + +#: src/config/SSSDConfig/__init__.py.in:243 +msgid "GECOS attribute" +msgstr "Atribut GECOS" + +#: src/config/SSSDConfig/__init__.py.in:244 +msgid "Home directory attribute" +msgstr "Atribut del directori d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:245 +msgid "Shell attribute" +msgstr "Atribut d'intèrpret d'ordres" + +#: src/config/SSSDConfig/__init__.py.in:246 +msgid "UUID attribute" +msgstr "Atribut de l'UUID" + +#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:283 +msgid "objectSID attribute" +msgstr "Atribut de l'objectSID" + +#: src/config/SSSDConfig/__init__.py.in:248 +msgid "Active Directory primary group attribute for ID-mapping" +msgstr "Atribut del grup primari de l'Active Directory per mapejat d'IDs" + +#: src/config/SSSDConfig/__init__.py.in:249 +msgid "User principal attribute (for Kerberos)" +msgstr "Atribut d'usuari principal (per a Kerberos)" + +#: src/config/SSSDConfig/__init__.py.in:250 +msgid "Full Name" +msgstr "Nom complet" + +#: src/config/SSSDConfig/__init__.py.in:251 +msgid "memberOf attribute" +msgstr "Atribut de memberOf" + +#: src/config/SSSDConfig/__init__.py.in:252 +msgid "Modification time attribute" +msgstr "Atribut de data de modificació" + +#: src/config/SSSDConfig/__init__.py.in:254 +msgid "shadowLastChange attribute" +msgstr "Atribut de shadowLastChange" + +#: src/config/SSSDConfig/__init__.py.in:255 +msgid "shadowMin attribute" +msgstr "Atribut de shadowMin" + +#: src/config/SSSDConfig/__init__.py.in:256 +msgid "shadowMax attribute" +msgstr "Atribut de shadowMax" + +#: src/config/SSSDConfig/__init__.py.in:257 +msgid "shadowWarning attribute" +msgstr "Atribut de shadowWarning" + +#: src/config/SSSDConfig/__init__.py.in:258 +msgid "shadowInactive attribute" +msgstr "Atribut de shadowInactive" + +#: src/config/SSSDConfig/__init__.py.in:259 +msgid "shadowExpire attribute" +msgstr "Atribut de shadowExpire" + +#: src/config/SSSDConfig/__init__.py.in:260 +msgid "shadowFlag attribute" +msgstr "Atribut de shadowFlag" + +#: src/config/SSSDConfig/__init__.py.in:261 +msgid "Attribute listing authorized PAM services" +msgstr "Atribut que llista els serveis PAM autoritzats" + +#: src/config/SSSDConfig/__init__.py.in:262 +msgid "Attribute listing authorized server hosts" +msgstr "Atribut que llista els servidors autoritzats" + +#: src/config/SSSDConfig/__init__.py.in:263 +msgid "krbLastPwdChange attribute" +msgstr "Atribut de krbLastPwdChange" + +#: src/config/SSSDConfig/__init__.py.in:264 +msgid "krbPasswordExpiration attribute" +msgstr "Atribut de krbPasswordExpiration" + +#: src/config/SSSDConfig/__init__.py.in:265 +msgid "Attribute indicating that server side password policies are active" +msgstr "Atribut que indica l'activació de les polítiques de contrasenya de servidor" + +#: src/config/SSSDConfig/__init__.py.in:266 +msgid "accountExpires attribute of AD" +msgstr "Atribut de l'AD de accountExpires" + +#: src/config/SSSDConfig/__init__.py.in:267 +msgid "userAccountControl attribute of AD" +msgstr "Atribut de l'AD de userAccountControl" + +#: src/config/SSSDConfig/__init__.py.in:268 +msgid "nsAccountLock attribute" +msgstr "Atribut de nsAccountLock" + +#: src/config/SSSDConfig/__init__.py.in:269 +msgid "loginDisabled attribute of NDS" +msgstr "Atribut del NDS de loginDisabled" + +#: src/config/SSSDConfig/__init__.py.in:270 +msgid "loginExpirationTime attribute of NDS" +msgstr "Atribut del NDS de loginExpirationTime" + +#: src/config/SSSDConfig/__init__.py.in:271 +msgid "loginAllowedTimeMap attribute of NDS" +msgstr "Atribut del NDS de loginAllowedTimeMap" + +#: src/config/SSSDConfig/__init__.py.in:272 +msgid "SSH public key attribute" +msgstr "Atribut de la clau pública SSH" + +#: src/config/SSSDConfig/__init__.py.in:274 +msgid "Base DN for group lookups" +msgstr "DN base per cerques de grup" + +#: src/config/SSSDConfig/__init__.py.in:277 +msgid "Objectclass for groups" +msgstr "Objectclass per grups" + +#: src/config/SSSDConfig/__init__.py.in:278 +msgid "Group name" +msgstr "Nom del grup" + +#: src/config/SSSDConfig/__init__.py.in:279 +msgid "Group password" +msgstr "Contrasenya del grup" + +#: src/config/SSSDConfig/__init__.py.in:280 +msgid "GID attribute" +msgstr "Atribut GID" + +#: src/config/SSSDConfig/__init__.py.in:281 +msgid "Group member attribute" +msgstr "Atribut del membre de grup" + +#: src/config/SSSDConfig/__init__.py.in:282 +msgid "Group UUID attribute" +msgstr "Atribut de l'UUID de grup" + +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Modification time attribute for groups" +msgstr "Atribut de data de modificació per grups" + +#: src/config/SSSDConfig/__init__.py.in:286 +msgid "Maximum nesting level SSSd will follow" +msgstr "El nivell d'imbricament màxim que seguirà l'SSSd" + +#: src/config/SSSDConfig/__init__.py.in:288 +msgid "Base DN for netgroup lookups" +msgstr "DN base per cerques de grups de xarxa" + +#: src/config/SSSDConfig/__init__.py.in:289 +msgid "Objectclass for netgroups" +msgstr "Objectclass per grups de xarxa" + +#: src/config/SSSDConfig/__init__.py.in:290 +msgid "Netgroup name" +msgstr "Nom de grup de xarxa" + +#: src/config/SSSDConfig/__init__.py.in:291 +msgid "Netgroups members attribute" +msgstr "Atribut de membres de grup de xarxa" + +#: src/config/SSSDConfig/__init__.py.in:292 +msgid "Netgroup triple attribute" +msgstr "Atribut triple de grup de xarxa" + +#: src/config/SSSDConfig/__init__.py.in:293 +msgid "Netgroup UUID attribute" +msgstr "Atribut d'UUID de grup de xarxa" + +#: src/config/SSSDConfig/__init__.py.in:294 +msgid "Modification time attribute for netgroups" +msgstr "Atribut de data de modificació de grups de xarxa" + +#: src/config/SSSDConfig/__init__.py.in:296 +msgid "Base DN for service lookups" +msgstr "DN base per cerques de serveis" + +#: src/config/SSSDConfig/__init__.py.in:297 +msgid "Objectclass for services" +msgstr "Objectclass per serveis" + +#: src/config/SSSDConfig/__init__.py.in:298 +msgid "Service name attribute" +msgstr "Atribut de nom de serveis" + +#: src/config/SSSDConfig/__init__.py.in:299 +msgid "Service port attribute" +msgstr "Atribut de port de serveis" + +#: src/config/SSSDConfig/__init__.py.in:300 +msgid "Service protocol attribute" +msgstr "Atribut de protocol de serveis" + +#: src/config/SSSDConfig/__init__.py.in:303 +msgid "Lower bound for ID-mapping" +msgstr "Límit inferior per mapejat d'IDs" + +#: src/config/SSSDConfig/__init__.py.in:304 +msgid "Upper bound for ID-mapping" +msgstr "Límit superior per mapejat d'IDs" + +#: src/config/SSSDConfig/__init__.py.in:305 +msgid "Number of IDs for each slice when ID-mapping" +msgstr "Número d'IDS per cada llesca en mapejar IDs" + +#: src/config/SSSDConfig/__init__.py.in:306 +msgid "Use autorid-compatible algorithm for ID-mapping" +msgstr "Utilitza l'algoritme compatible d'autorid per mapejat d'IDs" + +#: src/config/SSSDConfig/__init__.py.in:307 +msgid "Name of the default domain for ID-mapping" +msgstr "Nom del domini per defecte per mapejat d'IDs" + +#: src/config/SSSDConfig/__init__.py.in:308 +msgid "SID of the default domain for ID-mapping" +msgstr "SID del domini per defecte per mapejat d'IDs" + +#: src/config/SSSDConfig/__init__.py.in:310 +msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" +msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a cerques de grup" + +#: src/config/SSSDConfig/__init__.py.in:311 +msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" +msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a cerques d'initgroup" + +#: src/config/SSSDConfig/__init__.py.in:312 +msgid "Set lower boundary for allowed IDs from the LDAP server" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:313 +msgid "Set upper boundary for allowed IDs from the LDAP server" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:316 +msgid "Policy to evaluate the password expiration" +msgstr "Política per avaluar l'expiració de contrasenya" + +#: src/config/SSSDConfig/__init__.py.in:319 +msgid "LDAP filter to determine access privileges" +msgstr "Filtre LDAP per determinar els privilegis d'accés" + +#: src/config/SSSDConfig/__init__.py.in:320 +msgid "Which attributes shall be used to evaluate if an account is expired" +msgstr "Quins atributs s'haurien d'utilitzar per avaluar si el compte està expirat" + +#: src/config/SSSDConfig/__init__.py.in:321 +msgid "Which rules should be used to evaluate access control" +msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés" + +#: src/config/SSSDConfig/__init__.py.in:324 +msgid "URI of an LDAP server where password changes are allowed" +msgstr "L'URI d'un servidor LDAP on es permeten els canvis de contrasenya" + +#: src/config/SSSDConfig/__init__.py.in:325 +msgid "URI of a backup LDAP server where password changes are allowed" +msgstr "URI d'un servidor LDAP reserva on es permet canvis de contrasenya" + +#: src/config/SSSDConfig/__init__.py.in:326 +msgid "DNS service name for LDAP password change server" +msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes" + +#: src/config/SSSDConfig/__init__.py.in:327 +msgid "" +"Whether to update the ldap_user_shadow_last_change attribute after a " +"password change" +msgstr "Si voleu actualitzar l'atribut ldap_user_shadow_last_change després d'un canvi de contrasenya" + +#: src/config/SSSDConfig/__init__.py.in:330 +msgid "Base DN for sudo rules lookups" +msgstr "DN base per cerques de regles sudo" + +#: src/config/SSSDConfig/__init__.py.in:331 +msgid "Automatic full refresh period" +msgstr "Període d'actualització automàtica completa" + +#: src/config/SSSDConfig/__init__.py.in:332 +msgid "Automatic smart refresh period" +msgstr "Període d'actualització automàtica intel·ligent" + +#: src/config/SSSDConfig/__init__.py.in:333 +msgid "Whether to filter rules by hostname, IP addresses and network" +msgstr "Si voleu filtrar les normes per nom de màquina, adreça IP i xarxa" + +#: src/config/SSSDConfig/__init__.py.in:334 +msgid "" +"Hostnames and/or fully qualified domain names of this machine to filter sudo" +" rules" +msgstr "Noms de màquina i/o noms de domini plenament qualificat d'aquesta màquina per filtrar regles de sudo" + +#: src/config/SSSDConfig/__init__.py.in:335 +msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +msgstr "Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo" + +#: src/config/SSSDConfig/__init__.py.in:336 +msgid "Whether to include rules that contains netgroup in host attribute" +msgstr "Si voleu incloure regles que contenen netgroup en l'atribut de màquina" + +#: src/config/SSSDConfig/__init__.py.in:337 +msgid "" +"Whether to include rules that contains regular expression in host attribute" +msgstr "Si voleu incloure regles que contenen expressions regulars en l'atribut de màquina" + +#: src/config/SSSDConfig/__init__.py.in:338 +msgid "Object class for sudo rules" +msgstr "Objectclass de les regles sudo" + +#: src/config/SSSDConfig/__init__.py.in:339 +msgid "Sudo rule name" +msgstr "Nom de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:340 +msgid "Sudo rule command attribute" +msgstr "Attribut de la comanda de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:341 +msgid "Sudo rule host attribute" +msgstr "Atribut de l'ordinador de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:342 +msgid "Sudo rule user attribute" +msgstr "Atribut de l'usuari de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:343 +msgid "Sudo rule option attribute" +msgstr "Atribut de l'opció de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:344 +msgid "Sudo rule runasuser attribute" +msgstr "Atribut de runasuser de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:345 +msgid "Sudo rule runasgroup attribute" +msgstr "Atribut de runasgroup de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:346 +msgid "Sudo rule notbefore attribute" +msgstr "Atribut de notbefore de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:347 +msgid "Sudo rule notafter attribute" +msgstr "Atribut de notafter de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:348 +msgid "Sudo rule order attribute" +msgstr "Atribut d'ordre de la regla sudo" + +#: src/config/SSSDConfig/__init__.py.in:351 +msgid "Object class for automounter maps" +msgstr "Objectclass dels mapes automounter" + +#: src/config/SSSDConfig/__init__.py.in:352 +msgid "Automounter map name attribute" +msgstr "Atribut del nom del mapa automounter" + +#: src/config/SSSDConfig/__init__.py.in:353 +msgid "Object class for automounter map entries" +msgstr "Objectclass de les entrades del mapa automounter" + +#: src/config/SSSDConfig/__init__.py.in:354 +msgid "Automounter map entry key attribute" +msgstr "Atribut de la clau d'entrada del mapa automounter" + +#: src/config/SSSDConfig/__init__.py.in:355 +msgid "Automounter map entry value attribute" +msgstr "Atribut del valor de l'entrada del mapa automounter" + +#: src/config/SSSDConfig/__init__.py.in:356 +msgid "Base DN for automounter map lookups" +msgstr "DN base per cerques del mapa automounter" + +#: src/config/SSSDConfig/__init__.py.in:359 +msgid "Comma separated list of allowed users" +msgstr "Llista separada per comes dels usuaris autoritzats" + +#: src/config/SSSDConfig/__init__.py.in:360 +msgid "Comma separated list of prohibited users" +msgstr "Llista separada per comes dels usuaris no autoritzats" + +#: src/config/SSSDConfig/__init__.py.in:363 +msgid "Default shell, /bin/bash" +msgstr "Intèrpret d'ordres per defecte, /bin/bash" + +#: src/config/SSSDConfig/__init__.py.in:364 +msgid "Base for home directories" +msgstr "Base pels directoris d'usuari" + +#: src/config/SSSDConfig/__init__.py.in:367 +msgid "The name of the NSS library to use" +msgstr "El nom de la biblioteca NSS a utilitzar" + +#: src/config/SSSDConfig/__init__.py.in:368 +msgid "Whether to look up canonical group name from cache if possible" +msgstr "Cercar nom de grup canònic al cau si és possible" + +#: src/config/SSSDConfig/__init__.py.in:371 +msgid "PAM stack to use" +msgstr "Pila PAM a utilitzar" + +#: src/monitor/monitor.c:2644 +msgid "Become a daemon (default)" +msgstr "Esdevé un dimoni (per defecte)" + +#: src/monitor/monitor.c:2646 +msgid "Run interactive (not a daemon)" +msgstr "Executa interactivament (no com a dimoni)" + +#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71 +msgid "Specify a non-default config file" +msgstr "Especifica un fitxer de configuració diferent al per defecte" + +#: src/monitor/monitor.c:2650 +msgid "Print version number and exit" +msgstr "Imprimeix el número de versió i surt" + +#: src/providers/krb5/krb5_child.c:2167 src/providers/ldap/ldap_child.c:435 +#: src/util/util.h:93 +msgid "Debug level" +msgstr "Nivell de depuració" + +#: src/providers/krb5/krb5_child.c:2169 src/providers/ldap/ldap_child.c:437 +#: src/util/util.h:97 +msgid "Add debug timestamps" +msgstr "Afegeix marques de temps de depuració" + +#: src/providers/krb5/krb5_child.c:2171 src/providers/ldap/ldap_child.c:439 +#: src/util/util.h:99 +msgid "Show timestamps with microseconds" +msgstr "Mostra les marques de temps amb microsegons" + +#: src/providers/krb5/krb5_child.c:2173 src/providers/ldap/ldap_child.c:441 +msgid "An open file descriptor for the debug logs" +msgstr "Un descriptor de fitxer obert pels registres de depuració" + +#: src/providers/data_provider_be.c:2847 +msgid "Domain of the information provider (mandatory)" +msgstr "Domini del proveïdor d'informació (obligatori)" + +#: src/sss_client/common.c:946 +msgid "Privileged socket has wrong ownership or permissions." +msgstr "El sòcol privilegiat té els permisos o la propietat incorrectes." + +#: src/sss_client/common.c:949 +msgid "Public socket has wrong ownership or permissions." +msgstr "El sòcol públic té els permisos o la propietat incorrectes." + +#: src/sss_client/common.c:952 +msgid "Unexpected format of the server credential message." +msgstr "Format inesperat del missatge de credencials del servidor." + +#: src/sss_client/common.c:955 +msgid "SSSD is not run by root." +msgstr "L'SSSD no s'està executant com a root." + +#: src/sss_client/common.c:960 +msgid "An error occurred, but no description can be found." +msgstr "Ha ocorregut un error però no es pot trobar cap descripció." + +#: src/sss_client/common.c:966 +msgid "Unexpected error while looking for an error description" +msgstr "Error inesperat en cercar una descripció de l'error" + +#: src/sss_client/pam_sss.c:387 +msgid "Passwords do not match" +msgstr "Les contrasenyes no coincideixen" + +#: src/sss_client/pam_sss.c:575 +msgid "Password reset by root is not supported." +msgstr "La reinicialització de la contrasenya pel root no està suportada." + +#: src/sss_client/pam_sss.c:616 +msgid "Authenticated with cached credentials" +msgstr "S'ha autenticat amb credencials del cau" + +#: src/sss_client/pam_sss.c:617 +msgid ", your cached password will expire at: " +msgstr ", la seva contrasenya del cau expirarà el: " + +#: src/sss_client/pam_sss.c:647 +#, c-format +msgid "Your password has expired. You have %1$d grace login(s) remaining." +msgstr "La seva contrasenya ha expirat. Teniu %1$d inici(s) de sessió de gràcia restants." + +#: src/sss_client/pam_sss.c:693 +#, c-format +msgid "Your password will expire in %1$d %2$s." +msgstr "La vostra contrasenya expirarà en %1$d %2$s." + +#: src/sss_client/pam_sss.c:742 +msgid "Authentication is denied until: " +msgstr "S'ha denegat l'autenticació fins: " + +#: src/sss_client/pam_sss.c:763 +msgid "System is offline, password change not possible" +msgstr "El sistema es troba fora de línia, el canvi de contrasenya no és possible" + +#: src/sss_client/pam_sss.c:793 src/sss_client/pam_sss.c:806 +msgid "Password change failed. " +msgstr "Ha fallat el canvi de contrasenya." + +#: src/sss_client/pam_sss.c:796 src/sss_client/pam_sss.c:807 +msgid "Server message: " +msgstr "Missatge del servidor: " + +#: src/sss_client/pam_sss.c:1231 +msgid "New Password: " +msgstr "Nova contrasenya: " + +#: src/sss_client/pam_sss.c:1232 +msgid "Reenter new Password: " +msgstr "Re-introduïu la nova contrasenya: " + +#: src/sss_client/pam_sss.c:1318 +msgid "Password: " +msgstr "Contrasenya: " + +#: src/sss_client/pam_sss.c:1350 +msgid "Current Password: " +msgstr "Contrasenya actual: " + +#: src/sss_client/pam_sss.c:1497 +msgid "Password expired. Change your password now." +msgstr "La contrasenya ha expirat. Canviau la vostra contrasenya ara." + +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48 +#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 +#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652 +#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:528 src/tools/sss_debuglevel.c:69 +msgid "The debug level to run with" +msgstr "El nivell de depuració amb el que executar-se" + +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:196 +msgid "The SSSD domain to use" +msgstr "El domini SSSD a utilitzar" + +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73 +#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53 +#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663 +#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74 +#: src/tools/sss_cache.c:561 +msgid "Error setting the locale\n" +msgstr "S'ha produït un error en establir la localització\n" + +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 +msgid "Not enough memory\n" +msgstr "No hi ha memòria suficient\n" + +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 +msgid "User not specified\n" +msgstr "No s'ha especificat l'usuari\n" + +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92 +msgid "Error looking up public keys\n" +msgstr "S'ha produït un error en cercar les claus públiques\n" + +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:194 +msgid "The port to use to connect to the host" +msgstr "El port a utilitzar per connectar-se a l'ordinador" + +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:238 +msgid "Invalid port\n" +msgstr "Port invàlid\n" + +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:243 +msgid "Host not specified\n" +msgstr "No s'ha especificat l'ordinador\n" + +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249 +msgid "The path to the proxy command must be absolute\n" +msgstr "La ruta a la comanda proxy ha de ser absoluta\n" + +#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 +msgid "The UID of the user" +msgstr "El UID de l'usuari" + +#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 +msgid "The comment string" +msgstr "La cadena de comentari" + +#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 +msgid "Home directory" +msgstr "Directori d'usuari" + +#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 +msgid "Login shell" +msgstr "Intèrpret d'ordres de l'inici de sessió" + +#: src/tools/sss_useradd.c:53 +msgid "Groups" +msgstr "Grups" + +#: src/tools/sss_useradd.c:54 +msgid "Create user's directory if it does not exist" +msgstr "Crea el directori de l'usuari si no existeix" + +#: src/tools/sss_useradd.c:55 +msgid "Never create user's directory, overrides config" +msgstr "No creis mai el directori de l'usuari, substitueix la configuració" + +#: src/tools/sss_useradd.c:56 +msgid "Specify an alternative skeleton directory" +msgstr "Especifica un directori d'esquelet alternatiu" + +#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:57 +msgid "The SELinux user for user's login" +msgstr "L'usuari SELinux per l'inici de sessió de l'usuari" + +#: src/tools/sss_useradd.c:86 src/tools/sss_groupmod.c:78 +#: src/tools/sss_usermod.c:87 +msgid "Specify group to add to\n" +msgstr "Especifica el grup a afegir-se\n" + +#: src/tools/sss_useradd.c:110 +msgid "Specify user to add\n" +msgstr "Especifica l'usuari a afegir\n" + +#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84 +#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111 +#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196 +#: src/tools/sss_usermod.c:128 +msgid "Error initializing the tools - no local domain\n" +msgstr "S'ha produït un error en inicialitzar les eines - no hi ha cap domini local\n" + +#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 +#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 +#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198 +#: src/tools/sss_usermod.c:130 +msgid "Error initializing the tools\n" +msgstr "S'ha produït un error en inicialitzar les eines\n" + +#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95 +#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121 +#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207 +#: src/tools/sss_usermod.c:139 +msgid "Invalid domain specified in FQDN\n" +msgstr "S'ha especificat un domini invàlid al FQDN\n" + +#: src/tools/sss_useradd.c:139 src/tools/sss_groupmod.c:141 +#: src/tools/sss_groupmod.c:168 src/tools/sss_usermod.c:162 +#: src/tools/sss_usermod.c:189 +msgid "Internal error while parsing parameters\n" +msgstr "S'ha produït un error intern en analitzar els paràmetres\n" + +#: src/tools/sss_useradd.c:147 src/tools/sss_usermod.c:170 +#: src/tools/sss_usermod.c:197 +msgid "Groups must be in the same domain as user\n" +msgstr "Els grups han d'ésser al mateix domini que l'usuari\n" + +#: src/tools/sss_useradd.c:155 +#, c-format +msgid "Cannot find group %1$s in local domain\n" +msgstr "No es pot trobar el grup %1$s al domini local\n" + +#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217 +msgid "Cannot set default values\n" +msgstr "No es poden establir els valors per defecte\n" + +#: src/tools/sss_useradd.c:177 src/tools/sss_usermod.c:153 +msgid "The selected UID is outside the allowed range\n" +msgstr "L'UID seleccionat es troba fora del rang permès\n" + +#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264 +msgid "Cannot set SELinux login context\n" +msgstr "No es pot establir el context d'inici de sessió de SELinux\n" + +#: src/tools/sss_useradd.c:221 +msgid "Cannot get info about the user\n" +msgstr "No es pot obtenir la informació sobre l'usuari\n" + +#: src/tools/sss_useradd.c:233 +msgid "User's home directory already exists, not copying data from skeldir\n" +msgstr "El directori d'usuari ja existeix, no es copiaran les dades del directori esquelet\n" + +#: src/tools/sss_useradd.c:236 +#, c-format +msgid "Cannot create user's home directory: %1$s\n" +msgstr "No es pot crear el directori de l'usuari: %1$s\n" + +#: src/tools/sss_useradd.c:247 +#, c-format +msgid "Cannot create user's mail spool: %1$s\n" +msgstr "No es pot crear la gestió de cues del correu de l'usuari: %1$s\n" + +#: src/tools/sss_useradd.c:266 +msgid "Could not allocate ID for the user - domain full?\n" +msgstr "No s'ha pogut assignar un ID per l'usuari - és ple el domini?\n" + +#: src/tools/sss_useradd.c:270 +msgid "A user or group with the same name or ID already exists\n" +msgstr "Ja existeix un usuari o grup amb el mateix nom o ID\n" + +#: src/tools/sss_useradd.c:276 +msgid "Transaction error. Could not add user.\n" +msgstr "S'ha produït un error de transacció. No s'ha pogut afegir l'usuari\n" + +#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 +msgid "The GID of the group" +msgstr "El GID del grup" + +#: src/tools/sss_groupadd.c:75 +msgid "Specify group to add\n" +msgstr "Especifica el grup a afegir\n" + +#: src/tools/sss_groupadd.c:104 src/tools/sss_groupmod.c:192 +msgid "The selected GID is outside the allowed range\n" +msgstr "El GID seleccionat és fora del rang permès\n" + +#: src/tools/sss_groupadd.c:141 +msgid "Could not allocate ID for the group - domain full?\n" +msgstr "No s'ha pogut assignar un ID pel grup - és ple el domini?\n" + +#: src/tools/sss_groupadd.c:145 +msgid "A group with the same name or GID already exists\n" +msgstr "Ja existeix un grup amb el mateix nom o GID\n" + +#: src/tools/sss_groupadd.c:150 +msgid "Transaction error. Could not add group.\n" +msgstr "S'ha produït un error en la transacció. No s'ha pogut afegir el grup.\n" + +#: src/tools/sss_groupdel.c:69 +msgid "Specify group to delete\n" +msgstr "Especificau el grup a eliminar\n" + +#: src/tools/sss_groupdel.c:102 +#, c-format +msgid "Group %1$s is outside the defined ID range for domain\n" +msgstr "El grup %1$s es troba fora del rand d'IDs definit pel domini\n" + +#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219 +#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233 +#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241 +#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255 +#, c-format +msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" +msgstr "" + +#: src/tools/sss_groupdel.c:129 +msgid "" +"No such group in local domain. Removing groups only allowed in local " +"domain.\n" +msgstr "No existeix el grup al domini local. L'eliminació de grups només es permet al domini local.\n" + +#: src/tools/sss_groupdel.c:134 +msgid "Internal error. Could not remove group.\n" +msgstr "S'ha produït un error intern. No s'ha pogut eliminar el grup.\n" + +#: src/tools/sss_groupmod.c:44 +msgid "Groups to add this group to" +msgstr "Grups als que afegir aquest grup" + +#: src/tools/sss_groupmod.c:46 +msgid "Groups to remove this group from" +msgstr "Grups dels que s'ha d'eliminar aquest grup" + +#: src/tools/sss_groupmod.c:86 src/tools/sss_usermod.c:95 +msgid "Specify group to remove from\n" +msgstr "Especifica el grup del que s'ha d'eliminar\n" + +#: src/tools/sss_groupmod.c:100 +msgid "Specify group to modify\n" +msgstr "Especifica el grup a modificar\n" + +#: src/tools/sss_groupmod.c:128 +msgid "" +"Cannot find group in local domain, modifying groups is allowed only in local" +" domain\n" +msgstr "No es pot trobar el grup al domini local, la modificació de grups només es permet al domini local\n" + +#: src/tools/sss_groupmod.c:149 src/tools/sss_groupmod.c:176 +msgid "Member groups must be in the same domain as parent group\n" +msgstr "Els grups membres han d'esser al mateix domini que els grups pare\n" + +#: src/tools/sss_groupmod.c:157 src/tools/sss_groupmod.c:184 +#: src/tools/sss_usermod.c:178 src/tools/sss_usermod.c:205 +#, c-format +msgid "" +"Cannot find group %1$s in local domain, only groups in local domain are " +"allowed\n" +msgstr "No s'ha pogut trobar el grup %1$s al domini local, només es permeten els grups al domini local\n" + +#: src/tools/sss_groupmod.c:250 +msgid "Could not modify group - check if member group names are correct\n" +msgstr "No s'ha pogut modificar el grup - comprovau si els noms dels membres del grup són correctes\n" + +#: src/tools/sss_groupmod.c:254 +msgid "Could not modify group - check if groupname is correct\n" +msgstr "No s'ha pogut modificar el grup - comprovau si el nom de grup és correcte\n" + +#: src/tools/sss_groupmod.c:258 +msgid "Transaction error. Could not modify group.\n" +msgstr "S'ha produït un error en la transacció. No s'ha pogut modificar el grup.\n" + +#: src/tools/sss_groupshow.c:599 +#, c-format +msgid "%1$s%2$sGroup: %3$s\n" +msgstr "%1$s%2$sGrup: %3$s\n" + +#: src/tools/sss_groupshow.c:600 +msgid "Magic Private " +msgstr "Privat màgic " + +#: src/tools/sss_groupshow.c:602 +#, c-format +msgid "%1$sGID number: %2$d\n" +msgstr "%1$sNúmero GID: %2$d\n" + +#: src/tools/sss_groupshow.c:604 +#, c-format +msgid "%1$sMember users: " +msgstr "%1$sUsuaris membre: " + +#: src/tools/sss_groupshow.c:611 +#, c-format +msgid "" +"\n" +"%1$sIs a member of: " +msgstr "\n%1$sÉs un membre de: " + +#: src/tools/sss_groupshow.c:618 +#, c-format +msgid "" +"\n" +"%1$sMember groups: " +msgstr "\n%1$sGrups membre: " + +#: src/tools/sss_groupshow.c:654 +msgid "Print indirect group members recursively" +msgstr "Imprimeix els membres de grup indirectes recursivament" + +#: src/tools/sss_groupshow.c:687 +msgid "Specify group to show\n" +msgstr "Especifica el grup a mostrar\n" + +#: src/tools/sss_groupshow.c:726 +msgid "" +"No such group in local domain. Printing groups only allowed in local " +"domain.\n" +msgstr "No s'ha trobat el grup al domini local. L'impressió de grups només es permet al domini local.\n" + +#: src/tools/sss_groupshow.c:731 +msgid "Internal error. Could not print group.\n" +msgstr "S'ha produït un error intern. No es pot imprimir el grup.\n" + +#: src/tools/sss_userdel.c:136 +msgid "Remove home directory and mail spool" +msgstr "Elimina el directori d'usuari i la gestió de cues de correu" + +#: src/tools/sss_userdel.c:138 +msgid "Do not remove home directory and mail spool" +msgstr "No eliminis el directori d'usuari i la gestió de cues de correu" + +#: src/tools/sss_userdel.c:140 +msgid "Force removal of files not owned by the user" +msgstr "Força l'eliminació de fitxers que no són propietat de l'usuari" + +#: src/tools/sss_userdel.c:142 +msgid "Kill users' processes before removing him" +msgstr "Mata els processos de l'usuari abans d'eliminar-lo" + +#: src/tools/sss_userdel.c:187 +msgid "Specify user to delete\n" +msgstr "Especifica l'usuari a eliminar\n" + +#: src/tools/sss_userdel.c:233 +#, c-format +msgid "User %1$s is outside the defined ID range for domain\n" +msgstr "L'usuari %1$s és fora del rang d'IDs del domini\n" + +#: src/tools/sss_userdel.c:258 +msgid "Cannot reset SELinux login context\n" +msgstr "No es pot reiniciar el context d'inici de sessió de SELinux\n" + +#: src/tools/sss_userdel.c:270 +#, c-format +msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" +msgstr "ATENCIÓ: L'usuari (uid %1$lu) era encara a la sessió quan es va eliminar\n" + +#: src/tools/sss_userdel.c:275 +msgid "Cannot determine if the user was logged in on this platform" +msgstr "No es pot determinar si l'usuari tenia la sessió iniciada a aquesta plataforma" + +#: src/tools/sss_userdel.c:280 +msgid "Error while checking if the user was logged in\n" +msgstr "S'ha produït un error en comprovar si l'usuari havia iniciat la sessió\n" + +#: src/tools/sss_userdel.c:287 +#, c-format +msgid "The post-delete command failed: %1$s\n" +msgstr "La comanda post-eliminació ha fallat: %1$s\n" + +#: src/tools/sss_userdel.c:307 +msgid "Not removing home dir - not owned by user\n" +msgstr "No s'ha eliminat el directori de l'usuari - no és propietat de l'usuari\n" + +#: src/tools/sss_userdel.c:309 +#, c-format +msgid "Cannot remove homedir: %1$s\n" +msgstr "No es pot eliminar el directori d'usuari: %1$s\n" + +#: src/tools/sss_userdel.c:322 +msgid "" +"No such user in local domain. Removing users only allowed in local domain.\n" +msgstr "No s'ha trobat l'usuari al domini local. L'eliminació d'usuaris només es permet al domini local.\n" + +#: src/tools/sss_userdel.c:327 +msgid "Internal error. Could not remove user.\n" +msgstr "S'ha produït un error intern. No s'ha pogut eliminar l'usuari.\n" + +#: src/tools/sss_usermod.c:49 +msgid "The GID of the user" +msgstr "El GID de l'usuari" + +#: src/tools/sss_usermod.c:53 +msgid "Groups to add this user to" +msgstr "Grups als que afegir aquest usuari" + +#: src/tools/sss_usermod.c:54 +msgid "Groups to remove this user from" +msgstr "Grups dels que eliminar aquest usuari" + +#: src/tools/sss_usermod.c:55 +msgid "Lock the account" +msgstr "Bloqueja aquest compte" + +#: src/tools/sss_usermod.c:56 +msgid "Unlock the account" +msgstr "Desbloqueja aquest compte" + +#: src/tools/sss_usermod.c:119 +msgid "Specify user to modify\n" +msgstr "Especifica l'usuari a modificar\n" + +#: src/tools/sss_usermod.c:146 +msgid "" +"Cannot find user in local domain, modifying users is allowed only in local " +"domain\n" +msgstr "No es pot trobar l'usuari al domini local, la modificació d'usuaris només es permet al domini local\n" + +#: src/tools/sss_usermod.c:281 +msgid "Could not modify user - check if group names are correct\n" +msgstr "No s'ha pogut modificar l'usuari - comprovau si els noms dels grups són correctes\n" + +#: src/tools/sss_usermod.c:285 +msgid "Could not modify user - user already member of groups?\n" +msgstr "No s'ha pogut modificar l'usuari - l'usuari ja pertany als grups?\n" + +#: src/tools/sss_usermod.c:289 +msgid "Transaction error. Could not modify user.\n" +msgstr "S'ha produït un error en la transacció. No s'ha pogut modificar l'usuari.\n" + +#: src/tools/sss_cache.c:171 +msgid "No cache object matched the specified search\n" +msgstr "Cap objecte cau ha coincidit amb la cerca especificada\n" + +#: src/tools/sss_cache.c:400 +#, c-format +msgid "Couldn't invalidate %1$s" +msgstr "No s'ha pogut invalidar %1$s" + +#: src/tools/sss_cache.c:407 +#, c-format +msgid "Couldn't invalidate %1$s %2$s" +msgstr "No s'ha pogut invalidar %1$s %2$s" + +#: src/tools/sss_cache.c:530 +msgid "Invalidate all cached entries except for sudo rulese" +msgstr "" + +#: src/tools/sss_cache.c:532 +msgid "Invalidate particular user" +msgstr "Invalida l'usuari particular" + +#: src/tools/sss_cache.c:534 +msgid "Invalidate all users" +msgstr "Invalida tots els usuaris" + +#: src/tools/sss_cache.c:536 +msgid "Invalidate particular group" +msgstr "Invalida el grup particular" + +#: src/tools/sss_cache.c:538 +msgid "Invalidate all groups" +msgstr "Invalida tots els grups" + +#: src/tools/sss_cache.c:540 +msgid "Invalidate particular netgroup" +msgstr "Invalida el grup de xarxa particular" + +#: src/tools/sss_cache.c:542 +msgid "Invalidate all netgroups" +msgstr "Invalida tots els grups de xarxa" + +#: src/tools/sss_cache.c:544 +msgid "Invalidate particular service" +msgstr "Invalida el servei particular" + +#: src/tools/sss_cache.c:546 +msgid "Invalidate all services" +msgstr "Invalida tots els serveis" + +#: src/tools/sss_cache.c:549 +msgid "Invalidate particular autofs map" +msgstr "Invalida el mapa autofs particular" + +#: src/tools/sss_cache.c:551 +msgid "Invalidate all autofs maps" +msgstr "Invalida tots els mapes autofs" + +#: src/tools/sss_cache.c:554 +msgid "Only invalidate entries from a particular domain" +msgstr "Invalida les entrades només d'un domini particular" + +#: src/tools/sss_cache.c:599 +msgid "Please select at least one object to invalidate\n" +msgstr "Si us plau, seleccionau al menys un objecte per invalidar\n" + +#: src/tools/sss_cache.c:669 +#, c-format +msgid "" +"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " +"use fully qualified name instead of --domain/-d parameter.\n" +msgstr "" + +#: src/tools/sss_cache.c:673 +msgid "Could not open available domains\n" +msgstr "No s'han pogut obrir els dominis disponibles\n" + +#: src/tools/sss_debuglevel.c:40 +msgid "\n" +msgstr "\n" + +#: src/tools/sss_debuglevel.c:96 +msgid "Specify debug level you want to set\n" +msgstr "Especificau el nivell de depuració que voleu establir\n" + +#: src/tools/sss_debuglevel.c:102 +msgid "Only one argument expected\n" +msgstr "" + +#: src/tools/tools_util.c:200 +#, c-format +msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" +msgstr "" + +#: src/tools/tools_util.c:303 +msgid "Out of memory\n" +msgstr "Sense memòria\n" + +#: src/tools/tools_util.h:43 +#, c-format +msgid "%1$s must be run as root\n" +msgstr "S'ha d'executar %1$s com a root\n" + +#: src/util/util.h:95 +msgid "Send the debug output to files instead of stderr" +msgstr "Envia la sortida de depuració a fitxers enlloc d'stderr" --- sssd-1.11.2.orig/scripts/release.sh +++ sssd-1.11.2/scripts/release.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +function config() +{ + autoreconf -i -f || return $? + ./configure +} + +SAVED_PWD=$PWD +version=`grep '\[VERSION_NUMBER], \[.*\]' version.m4 |grep '[0-9]\+\.[0-9]\+\.[0-9]\+' -o` +tag=$(echo ${version} | tr "." "_") + +trap "cd $SAVED_PWD; rm -rf sssd-${version} sssd-${version}.tar" EXIT + +git archive --format=tar --prefix=sssd-${version}/ sssd-${tag} > sssd-${version}.tar +if [ $? -ne 0 ]; then + echo "Cannot perform git-archive, check if tag $tag is present in git tree" + exit 1 +fi +tar xf sssd-${version}.tar + +pushd sssd-${version} +config || exit 1 +make dist-gzip || exit 1 # also builds docs +popd + +mv sssd-${version}/sssd-${version}.tar.gz . +gpg --detach-sign --armor sssd-${version}.tar.gz + --- sssd-1.11.2.orig/src/man/po/LINGUAS +++ sssd-1.11.2/src/man/po/LINGUAS @@ -0,0 +1 @@ +cs --- sssd-1.11.2.orig/src/resolv/ares/ares_dns.h +++ sssd-1.11.2/src/resolv/ares/ares_dns.h @@ -0,0 +1,91 @@ +/* $Id: ares_dns.h,v 1.8 2007-02-16 14:22:08 yangtse Exp $ */ + +/* Copyright 1998 by the Massachusetts Institute of Technology. + * + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. + */ + +#ifndef ARES__DNS_H +#define ARES__DNS_H + +#define DNS__16BIT(p) (((p)[0] << 8) | (p)[1]) +#define DNS__32BIT(p) (((p)[0] << 24) | ((p)[1] << 16) | \ + ((p)[2] << 8) | (p)[3]) + +#define DNS__SET16BIT(p, v) (((p)[0] = (unsigned char)(((v) >> 8) & 0xff)), \ + ((p)[1] = (unsigned char)((v) & 0xff))) +#define DNS__SET32BIT(p, v) (((p)[0] = (unsigned char)(((v) >> 24) & 0xff)), \ + ((p)[1] = (unsigned char)(((v) >> 16) & 0xff)), \ + ((p)[2] = (unsigned char)(((v) >> 8) & 0xff)), \ + ((p)[3] = (unsigned char)((v) & 0xff))) + +#if 0 +/* we cannot use this approach on systems where we can't access 16/32 bit + data on un-aligned addresses */ +#define DNS__16BIT(p) ntohs(*(unsigned short*)(p)) +#define DNS__32BIT(p) ntohl(*(unsigned long*)(p)) +#define DNS__SET16BIT(p, v) *(unsigned short*)(p) = htons(v) +#define DNS__SET32BIT(p, v) *(unsigned long*)(p) = htonl(v) +#endif + +/* Macros for parsing a DNS header */ +#define DNS_HEADER_QID(h) DNS__16BIT(h) +#define DNS_HEADER_QR(h) (((h)[2] >> 7) & 0x1) +#define DNS_HEADER_OPCODE(h) (((h)[2] >> 3) & 0xf) +#define DNS_HEADER_AA(h) (((h)[2] >> 2) & 0x1) +#define DNS_HEADER_TC(h) (((h)[2] >> 1) & 0x1) +#define DNS_HEADER_RD(h) ((h)[2] & 0x1) +#define DNS_HEADER_RA(h) (((h)[3] >> 7) & 0x1) +#define DNS_HEADER_Z(h) (((h)[3] >> 4) & 0x7) +#define DNS_HEADER_RCODE(h) ((h)[3] & 0xf) +#define DNS_HEADER_QDCOUNT(h) DNS__16BIT((h) + 4) +#define DNS_HEADER_ANCOUNT(h) DNS__16BIT((h) + 6) +#define DNS_HEADER_NSCOUNT(h) DNS__16BIT((h) + 8) +#define DNS_HEADER_ARCOUNT(h) DNS__16BIT((h) + 10) + +/* Macros for constructing a DNS header */ +#define DNS_HEADER_SET_QID(h, v) DNS__SET16BIT(h, v) +#define DNS_HEADER_SET_QR(h, v) ((h)[2] |= (unsigned char)(((v) & 0x1) << 7)) +#define DNS_HEADER_SET_OPCODE(h, v) ((h)[2] |= (unsigned char)(((v) & 0xf) << 3)) +#define DNS_HEADER_SET_AA(h, v) ((h)[2] |= (unsigned char)(((v) & 0x1) << 2)) +#define DNS_HEADER_SET_TC(h, v) ((h)[2] |= (unsigned char)(((v) & 0x1) << 1)) +#define DNS_HEADER_SET_RD(h, v) ((h)[2] |= (unsigned char)((v) & 0x1)) +#define DNS_HEADER_SET_RA(h, v) ((h)[3] |= (unsigned char)(((v) & 0x1) << 7)) +#define DNS_HEADER_SET_Z(h, v) ((h)[3] |= (unsigned char)(((v) & 0x7) << 4)) +#define DNS_HEADER_SET_RCODE(h, v) ((h)[3] |= (unsigned char)((v) & 0xf)) +#define DNS_HEADER_SET_QDCOUNT(h, v) DNS__SET16BIT((h) + 4, v) +#define DNS_HEADER_SET_ANCOUNT(h, v) DNS__SET16BIT((h) + 6, v) +#define DNS_HEADER_SET_NSCOUNT(h, v) DNS__SET16BIT((h) + 8, v) +#define DNS_HEADER_SET_ARCOUNT(h, v) DNS__SET16BIT((h) + 10, v) + +/* Macros for parsing the fixed part of a DNS question */ +#define DNS_QUESTION_TYPE(q) DNS__16BIT(q) +#define DNS_QUESTION_CLASS(q) DNS__16BIT((q) + 2) + +/* Macros for constructing the fixed part of a DNS question */ +#define DNS_QUESTION_SET_TYPE(q, v) DNS__SET16BIT(q, v) +#define DNS_QUESTION_SET_CLASS(q, v) DNS__SET16BIT((q) + 2, v) + +/* Macros for parsing the fixed part of a DNS resource record */ +#define DNS_RR_TYPE(r) DNS__16BIT(r) +#define DNS_RR_CLASS(r) DNS__16BIT((r) + 2) +#define DNS_RR_TTL(r) DNS__32BIT((r) + 4) +#define DNS_RR_LEN(r) DNS__16BIT((r) + 8) + +/* Macros for constructing the fixed part of a DNS resource record */ +#define DNS_RR_SET_TYPE(r) DNS__SET16BIT(r, v) +#define DNS_RR_SET_CLASS(r) DNS__SET16BIT((r) + 2, v) +#define DNS_RR_SET_TTL(r) DNS__SET32BIT((r) + 4, v) +#define DNS_RR_SET_LEN(r) DNS__SET16BIT((r) + 8, v) + +#endif /* ARES__DNS_H */ --- sssd-1.11.2.orig/src/tests/python-test.py +++ sssd-1.11.2/src/tests/python-test.py @@ -0,0 +1,445 @@ +#!/usr/bin/python +#coding=utf-8 + +# Authors: +# Jakub Hrozek +# +# Copyright (C) 2009 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +import os +import tempfile +import shutil +import unittest +import commands +import errno + +# module under test +import pysss + +class LocalTest(unittest.TestCase): + local_path = "/var/lib/sss/db/sssd.ldb" + + def setUp(self): + self.local = pysss.local() + + def _run_and_check(self, runme): + (status, output) = commands.getstatusoutput(runme) + self.failUnlessEqual(status, 0, output) + + def _get_object_info(self, name, subtree, domain): + search_dn = "dn=name=%s,cn=%s,cn=%s,cn=sysdb" % (name, subtree, domain) + (status, output) = commands.getstatusoutput("ldbsearch -H %s %s" % (self.local_path,search_dn)) + + if status: return {} + + kw = {} + for key, value in [ l.split(':') for l in output.split('\n') if ":" in l ]: + kw[key] = value.strip() + + del kw['asq'] + return kw + + def get_user_info(self, name, domain="LOCAL"): + return self._get_object_info(name, "users", domain) + + def get_group_info(self, name, domain="LOCAL"): + return self._get_object_info(name, "groups", domain) + + def _validate_object(self, kw, name, **kwargs): + if kw == {}: self.fail("Could not get %s info" % name) + for key in kwargs.keys(): + self.assert_(str(kwargs[key]) == str(kw[key]), "%s %s != %s %s" % (key, kwargs[key], key, kw[key])) + + def validate_user(self, username, **kwargs): + return self._validate_object(self.get_user_info(username), "user", **kwargs) + + def validate_group(self, groupname, **kwargs): + return self._validate_object(self.get_group_info(groupname), "group", **kwargs) + + def _validate_no_object(self, kw, name): + if kw != {}: + self.fail("Got %s info" % name) + + def validate_no_user(self, username): + return self._validate_no_object(self.get_user_info(username), "user") + + def validate_no_group(self, groupname): + return self._validate_no_object(self.get_group_info(groupname), "group") + + def _get_object_membership(self, name, subtree, domain): + search_dn = "dn=name=%s,cn=%s,cn=%s,cn=sysdb" % (name, subtree, domain) + (status, output) = commands.getstatusoutput("ldbsearch -H %s %s" % (self.local_path,search_dn)) + + if status: + return [] + + members = [ value.strip() for key, value in [ l.split(':') for l in output.split('\n') if ":" in l ] if key == "memberof" ] + return members + + def _assertMembership(self, name, group_list, subtree, domain): + members = self._get_object_membership(name, subtree, domain) + for group in group_list: + group_dn = "name=%s,cn=groups,cn=%s,cn=sysdb" % (group, domain) + if group_dn in members: + members.remove(group_dn) + else: + self.fail("Cannot find required group %s" % group_dn) + + if len(members) > 0: + self.fail("More groups than selected") + + def assertUserMembership(self, name, group_list, domain="LOCAL"): + return self._assertMembership(name, group_list, "users", domain) + + def assertGroupMembership(self, name, group_list, domain="LOCAL"): + return self._assertMembership(name, group_list, "groups", domain) + + def get_user_membership(self, name, domain="LOCAL"): + return self._get_object_membership(name, "users", domain) + + def get_group_membership(self, name, domain="LOCAL"): + return self._get_object_membership(name, "groups", domain) + + def add_group(self, groupname): + self._run_and_check("sss_groupadd %s" % (groupname)) + + def remove_group(self, groupname): + self._run_and_check("sss_groupdel %s" % (groupname)) + + def add_user(self, username): + self._run_and_check("sss_useradd %s" % (username)) + + def add_user_not_home(self, username): + self._run_and_check("sss_useradd -M %s" % (username)) + + def remove_user(self, username): + self._run_and_check("sss_userdel %s" % (username)) + + def remove_user_not_home(self, username): + self._run_and_check("sss_userdel -R %s" % (username)) + +class SanityTest(unittest.TestCase): + def testInstantiate(self): + "Test that the local backed binding can be instantiated" + local = pysss.local() + self.assert_(local.__class__, "") + +class UseraddTest(LocalTest): + def tearDown(self): + if self.username: + self.remove_user(self.username) + + def testUseradd(self): + "Test adding a local user" + self.username = "testUseradd" + self.local.useradd(self.username) + self.validate_user(self.username) + # check home directory was created with default name + self.assertEquals(os.access("/home/%s" % self.username, os.F_OK), True) + + def testUseraddWithParams(self): + "Test adding a local user with modified parameters" + self.username = "testUseraddWithParams" + self.local.useradd(self.username, + gecos="foo bar", + homedir="/home/foobar", + shell="/bin/zsh") + self.validate_user(self.username, + gecos="foo bar", + homeDirectory="/home/foobar", + loginShell="/bin/zsh") + # check home directory was created with nondefault name + self.assertEquals(os.access("/home/foobar", os.F_OK), True) + + def testUseraddNoHomedir(self): + "Test adding a local user without creating his home dir" + self.username = "testUseraddNoHomedir" + self.local.useradd(self.username, create_home = False) + self.validate_user(self.username) + # check home directory was not created + self.assertEquals(os.access("/home/%s" % self.username, os.F_OK), False) + self.local.userdel(self.username, remove = False) + self.username = None # fool tearDown into not removing the user + + def testUseraddAlternateSkeldir(self): + "Test adding a local user and init his homedir from a custom location" + self.username = "testUseraddAlternateSkeldir" + + skeldir = tempfile.mkdtemp() + fd, path = tempfile.mkstemp(dir=skeldir) + fdo = os.fdopen(fd) + fdo.flush() + fdo.close + self.assertEquals(os.access(path, os.F_OK), True) + filename = os.path.basename(path) + + try: + self.local.useradd(self.username, skel = skeldir) + self.validate_user(self.username) + self.assertEquals(os.access("/home/%s/%s"%(self.username,filename), os.F_OK), True) + finally: + shutil.rmtree(skeldir) + + def testUseraddToGroups(self): + "Test adding a local user with group membership" + self.username = "testUseraddToGroups" + self.add_group("gr1") + self.add_group("gr2") + try: + self.local.useradd(self.username, + groups=["gr1","gr2"]) + self.assertUserMembership(self.username, + ["gr1","gr2"]) + finally: + self.remove_group("gr1") + self.remove_group("gr2") + + def testUseraddWithUID(self): + "Test adding a local user with a custom UID" + self.username = "testUseraddWithUID" + self.local.useradd(self.username, + uid=1024) + self.validate_user(self.username, + uidNumber=1024) + +class UseraddTestNegative(LocalTest): + def testUseraddNoParams(self): + "Test that local.useradd() requires the username parameter" + self.assertRaises(TypeError, self.local.useradd) + + def testUseraddUserAlreadyExists(self): + "Test adding a local with a duplicite name" + self.username = "testUseraddUserAlreadyExists" + self.local.useradd(self.username) + try: + self.local.useradd(self.username) + except IOError, e: + self.assertEquals(e.errno, errno.EEXIST) + else: + self.fail("Was expecting exception") + finally: + self.remove_user(self.username) + + def testUseraddUIDAlreadyExists(self): + "Test adding a local with a duplicite user ID" + self.username = "testUseraddUIDAlreadyExists1" + self.local.useradd(self.username, uid=1025) + try: + self.local.useradd("testUseraddUIDAlreadyExists2", uid=1025) + except IOError, e: + self.assertEquals(e.errno, errno.EEXIST) + else: + self.fail("Was expecting exception") + finally: + self.remove_user(self.username) + +class UserdelTest(LocalTest): + def testUserdel(self): + self.add_user("testUserdel") + self.assertEquals(os.access("/home/testUserdel", os.F_OK), True) + self.validate_user("testUserdel") + self.local.userdel("testUserdel") + self.validate_no_user("testUserdel") + self.assertEquals(os.access("/home/testUserdel", os.F_OK), False) + + def testUserdelNotHomedir(self): + self.add_user("testUserdel") + self.assertEquals(os.access("/home/testUserdel", os.F_OK), True) + self.validate_user("testUserdel") + self.local.userdel("testUserdel", remove=False) + self.validate_no_user("testUserdel") + self.assertEquals(os.access("/home/testUserdel", os.F_OK), True) + shutil.rmtree("/home/testUserdel") + os.remove("/var/mail/testUserdel") + + def testUserdelNegative(self): + self.validate_no_user("testUserdelNegative") + try: + self.local.userdel("testUserdelNegative") + except IOError, e: + self.assertEquals(e.errno, errno.ENOENT) + else: + fail("Was expecting exception") + +class UsermodTest(LocalTest): + def setUp(self): + self.local = pysss.local() + self.username = "UsermodTest" + self.add_user_not_home(self.username) + + def tearDown(self): + self.remove_user_not_home(self.username) + + def testUsermod(self): + "Test modifying user attributes" + self.local.usermod(self.username, + gecos="foo bar", + homedir="/home/foobar", + shell="/bin/zsh") + self.validate_user(self.username, + gecos="foo bar", + homeDirectory="/home/foobar", + loginShell="/bin/zsh") + + def testUsermodUID(self): + "Test modifying UID" + self.local.usermod(self.username, + uid=1024) + self.validate_user(self.username, + uidNumber=1024) + + def testUsermodGroupMembership(self): + "Test adding to and removing from groups" + self.add_group("gr1") + self.add_group("gr2") + + try: + self.local.usermod(self.username, + addgroups=["gr1","gr2"]) + self.assertUserMembership(self.username, + ["gr1","gr2"]) + self.local.usermod(self.username, + rmgroups=["gr2"]) + self.assertUserMembership(self.username, + ["gr1"]) + self.local.usermod(self.username, + rmgroups=["gr1"]) + self.assertUserMembership(self.username, + []) + finally: + self.remove_group("gr1") + self.remove_group("gr2") + + def testUsermodLockUnlock(self): + "Test locking and unlocking user" + self.local.usermod(self.username, + lock=self.local.lock) + self.validate_user(self.username, + disabled="true") + self.local.usermod(self.username, + lock=self.local.unlock) + self.validate_user(self.username, + disabled="false") + +class GroupaddTest(LocalTest): + def tearDown(self): + if self.groupname: + self.remove_group(self.groupname) + + def testGroupadd(self): + "Test adding a local group" + self.groupname = "testGroupadd" + self.local.groupadd(self.groupname) + self.validate_group(self.groupname) + + def testGroupaddWithGID(self): + "Test adding a local group with a custom GID" + self.groupname = "testUseraddWithGID" + self.local.groupadd(self.groupname, + gid=1024) + self.validate_group(self.groupname, + gidNumber=1024) + +class GroupaddTestNegative(LocalTest): + def testGroupaddNoParams(self): + "Test that local.groupadd() requires the groupname parameter" + self.assertRaises(TypeError, self.local.groupadd) + + def testGroupaddUserAlreadyExists(self): + "Test adding a local with a duplicite name" + self.groupname = "testGroupaddUserAlreadyExists" + self.local.groupadd(self.groupname) + try: + self.local.groupadd(self.groupname) + except IOError, e: + self.assertEquals(e.errno, errno.EEXIST) + else: + self.fail("Was expecting exception") + finally: + self.remove_group(self.groupname) + + def testGroupaddGIDAlreadyExists(self): + "Test adding a local with a duplicite group ID" + self.groupname = "testGroupaddGIDAlreadyExists1" + self.local.groupadd(self.groupname, gid=1025) + try: + self.local.groupadd("testGroupaddGIDAlreadyExists2", gid=1025) + except IOError, e: + self.assertEquals(e.errno, errno.EEXIST) + else: + self.fail("Was expecting exception") + finally: + self.remove_group(self.groupname) + +class GroupdelTest(LocalTest): + def testGroupdel(self): + self.add_group("testGroupdel") + self.validate_group("testGroupdel") + self.local.groupdel("testGroupdel") + self.validate_no_group("testGroupdel") + + def testGroupdelNegative(self): + self.validate_no_group("testGroupdelNegative") + try: + self.local.groupdel("testGroupdelNegative") + except IOError, e: + self.assertEquals(e.errno, errno.ENOENT) + else: + fail("Was expecting exception") + + +class GroupmodTest(LocalTest): + def setUp(self): + self.local = pysss.local() + self.groupname = "GroupmodTest" + self.add_group(self.groupname) + + def tearDown(self): + self.remove_group(self.groupname) + + def testGroupmodGID(self): + "Test modifying UID" + self.local.groupmod(self.groupname, + gid=1024) + self.validate_group(self.groupname, + gidNumber=1024) + + def testGroupmodGroupMembership(self): + "Test adding to groups" + self.add_group("gr1") + self.add_group("gr2") + try: + self.local.groupmod(self.groupname, + addgroups=["gr1","gr2"]) + self.assertGroupMembership(self.groupname, + ["gr1","gr2"]) + self.local.groupmod(self.groupname, + rmgroups=["gr2"]) + self.assertGroupMembership(self.groupname, + ["gr1"]) + self.local.groupmod(self.groupname, + rmgroups=["gr1"]) + self.assertGroupMembership(self.groupname, + []) + finally: + self.remove_group("gr1") + self.remove_group("gr2") + +# -------------- run the test suite -------------- # +if __name__ == "__main__": + unittest.main() +