[Pkg-sssd-devel] sssd: Changes to 'debian-unstable'
Timo Aaltonen
tjaalton-guest at alioth.debian.org
Thu May 31 21:26:14 UTC 2012
Makefile.am | 1
contrib/sssd.spec.in | 12
debian/changelog | 21 -
debian/patches/fix-upstream-1297.diff | 254 ------------
debian/patches/fix-upstream-1298.diff | 51 --
debian/patches/fix-upstream-1330.diff | 40 --
debian/patches/fix-upstream-1343.diff | 52 --
debian/patches/series | 5
po/de.po | 16
po/es.po | 54 +-
po/fr.po | 63 +--
po/hu.po | 30 -
po/id.po | 34 -
po/it.po | 49 +-
po/ja.po | 73 ++-
po/nb.po | 14
po/nl.po | 54 +-
po/pl.po | 136 +++++-
po/pt.po | 53 +-
po/ru.po | 46 +-
po/sssd.pot | 10
po/sv.po | 36 -
po/tg.po | 16
po/uk.po | 178 ++++++---
po/zh_TW.po | 38 -
src/db/sysdb_ops.c | 46 +-
src/external/krb5.m4 | 15
src/krb5_plugin/sssd_krb5_locator_plugin.c | 3
src/man/po/cs.po | 4
src/man/po/es.po | 12
src/man/po/fr.po | 21 -
src/man/po/ja.po | 134 ++++++
src/man/po/nl.po | 8
src/man/po/pt.po | 8
src/man/po/ru.po | 8
src/man/po/sssd-docs.pot | 4
src/man/po/tg.po | 8
src/man/po/uk.po | 567 ++++++++++++++++++++++++++++-
src/providers/ipa/ipa_session.c | 2
src/providers/krb5/krb5_child.c | 33 +
src/providers/ldap/ldap_child.c | 18
src/providers/ldap/sdap_async.c | 17
src/providers/ldap/sdap_async_autofs.c | 2
src/providers/ldap/sdap_async_connection.c | 33 -
src/providers/ldap/sdap_async_groups.c | 24 -
src/providers/proxy/proxy_id.c | 2
src/responder/nss/nsssrv_cmd.c | 6
src/responder/nss/nsssrv_netgroup.c | 10
src/sss_client/nss_services.c | 16
src/tests/sysdb-tests.c | 143 +++++++
src/util/murmurhash3.c | 4
src/util/sss_krb5.c | 145 +++++++
src/util/sss_krb5.h | 8
version.m4 | 2
54 files changed, 1719 insertions(+), 920 deletions(-)
New commits:
commit ddd751b407cc64dc0e19414141e192ad06dd0ac4
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Fri Jun 1 00:25:59 2012 +0300
update the changelog, drop upstream patches
diff --git a/debian/changelog b/debian/changelog
index bbf93bd..dbdc9fb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-sssd (1.8.3-1) UNRELEASED; urgency=low
+sssd (1.8.4-1) UNRELEASED; urgency=low
* New upstream bugfix release 1.8.2.
- Several fixes to case-insensitive domain functions
@@ -17,6 +17,14 @@ sssd (1.8.3-1) UNRELEASED; urgency=low
- LDAP: Handle situations where the RootDSE isn't available anonymously
- LDAP: Fix regression for users using non-standard LDAP attributes for
user information
+ * New upstream bugfix release 1.8.4. (LP: #981125, #985031)
+ - Fix a bug causing AD servers not to fail over properly when the KDC
+ on the primary server is down
+ - Fix an endianness bug on big-endian systems when looking up services
+ - Fix a segfault dealing with nested groups (LP: #981125)
+ - Make the nowait cache updates work for netgroups
+ - Fix a regression that broke domains with use_fully_qualified_names = True
+ (LP: #985031)
* control: Move the dependency of libsasl2-modules-gssapi-mit to
Recommends.
* control: sssd works with Heimdal gssapi modules too, add
@@ -46,17 +54,6 @@ sssd (1.8.3-1) UNRELEASED; urgency=low
kernel keyring manipulation.
* sssd.logrotate: Rotate logs weekly, keep four previous rotations.
(Closes: #672984)
- * Pull patches from the stable branch to fix an issue that results in broken
- credential cache (LP: #985031)
- - patches/fix-upstream-1298.diff
- If canon'ing principals, write ccache with updated default principal
- - patches/fix-upstream-1297.diff
- Limit krb5_get_init_creds_keytab() to etypes in keytab
- - patches/fix-upstream-1330.diff
- KRB5: Avoid NULL-dereference with empty keytab
- * patches/fix-upstream-1343.diff
- - LDAP nested groups: Do not process callback with _post deep in the nested
- structure (LP: #981125)
* sssd.upstart.in: Delete an invisible control character from the pre-start
script. (LP: #1003845)
diff --git a/debian/patches/fix-upstream-1297.diff b/debian/patches/fix-upstream-1297.diff
deleted file mode 100644
index 46a3b12..0000000
--- a/debian/patches/fix-upstream-1297.diff
+++ /dev/null
@@ -1,254 +0,0 @@
-commit fbd3a264e5ab80f8aa8918732cd5360389b42a90
-Author: Stef Walter <stefw at gnome.org>
-Date: Tue Apr 10 22:20:53 2012 +0200
-
- Limit krb5_get_init_creds_keytab() to etypes in keytab
-
- * Load the enctypes for the keys in the keytab and pass
- them to krb5_get_init_creds_keytab().
- * This fixes the problem where the server offers a enctype
- that krb5 supports, but we don't have a key for in the keytab.
-
- https://bugzilla.redhat.com/show_bug.cgi?id=811375
-
-diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
-index 209643a..9a84684 100644
---- a/src/providers/krb5/krb5_child.c
-+++ b/src/providers/krb5/krb5_child.c
-@@ -610,6 +610,14 @@ static krb5_error_code get_and_save_tgt_with_keytab(krb5_context ctx,
- krb5_error_code kerr = 0;
- krb5_creds creds;
- krb5_get_init_creds_opt options;
-+ krb5_enctype *etype_list;
-+ krb5_error_code krberr;
-+ TALLOC_CTX *tmp_ctx;
-+ int n_etype_list;
-+
-+ tmp_ctx = talloc_new(NULL);
-+ if (tmp_ctx == NULL)
-+ return ENOMEM;
-
- memset(&creds, 0, sizeof(creds));
- memset(&options, 0, sizeof(options));
-@@ -619,6 +627,18 @@ static krb5_error_code get_and_save_tgt_with_keytab(krb5_context ctx,
- krb5_get_init_creds_opt_set_proxiable(&options, 0);
- krb5_set_canonicalize(&options);
-
-+ krberr = sss_krb5_read_etypes_for_keytab(tmp_ctx, ctx, keytab, princ,
-+ &etype_list, &n_etype_list);
-+ if (krberr) {
-+ DEBUG(SSSDBG_MINOR_FAILURE, ("Failed to load etypes from keytab: %s\n",
-+ sss_krb5_get_error_message(ctx, krberr)));
-+ } else if (n_etype_list > 0) {
-+ krb5_get_init_creds_opt_set_etype_list(&options, etype_list,
-+ n_etype_list);
-+ DEBUG(SSSDBG_FUNC_DATA, ("Loaded %d enctypes from keytab\n",
-+ n_etype_list));
-+ }
-+
- kerr = krb5_get_init_creds_keytab(ctx, &creds, princ, keytab, 0, NULL,
- &options);
- if (kerr != 0) {
-@@ -635,6 +655,7 @@ static krb5_error_code get_and_save_tgt_with_keytab(krb5_context ctx,
-
- done:
- krb5_free_cred_contents(ctx, &creds);
-+ talloc_free(tmp_ctx);
-
- return kerr;
-
-diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c
-index e66406c..0679dbf 100644
---- a/src/providers/ldap/ldap_child.c
-+++ b/src/providers/ldap/ldap_child.c
-@@ -155,6 +155,8 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
- krb5_get_init_creds_opt options;
- krb5_error_code krberr;
- krb5_timestamp kdc_time_offset;
-+ krb5_enctype *etype_list;
-+ int n_etype_list;
- int canonicalize = 0;
- int kdc_time_offset_usec;
- int ret;
-@@ -270,6 +272,19 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
- }
- sss_krb5_get_init_creds_opt_set_canonicalize(&options, canonicalize);
-
-+ krberr = sss_krb5_read_etypes_for_keytab(memctx, context, keytab, kprinc,
-+ &etype_list, &n_etype_list);
-+ if (krberr) {
-+ DEBUG(SSSDBG_MINOR_FAILURE, ("Failed to load etypes from keytab: %s\n",
-+ sss_krb5_get_error_message(context,
-+ krberr)));
-+ } else if (n_etype_list > 0) {
-+ krb5_get_init_creds_opt_set_etype_list(&options, etype_list,
-+ n_etype_list);
-+ DEBUG(SSSDBG_FUNC_DATA, ("Loaded %d enctypes from keytab for %s\n",
-+ n_etype_list, full_princ));
-+ }
-+
- krberr = krb5_get_init_creds_keytab(context, &my_creds, kprinc,
- keytab, 0, NULL, &options);
-
-diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
-index a38a0c1..a59afb2 100644
---- a/src/util/sss_krb5.c
-+++ b/src/util/sss_krb5.c
-@@ -981,3 +981,140 @@ sss_krb5_free_keytab_entry_contents(krb5_context context,
- return krb5_kt_free_entry(context, entry);
- }
- #endif
-+
-+static int
-+is_preferred_etype (krb5_enctype etype)
-+{
-+ static const krb5_enctype preferred[] = {
-+ ENCTYPE_DES3_CBC_SHA1,
-+ ENCTYPE_ARCFOUR_HMAC,
-+ ENCTYPE_AES128_CTS_HMAC_SHA1_96,
-+ ENCTYPE_AES256_CTS_HMAC_SHA1_96,
-+#ifdef ENCTYPE_CAMELLIA128_CTS_CMAC
-+ ENCTYPE_CAMELLIA128_CTS_CMAC,
-+#endif
-+#ifdef ENCTYPE_CAMELLIA128_CTS_CMAC
-+ ENCTYPE_CAMELLIA256_CTS_CMAC,
-+#endif
-+ 0
-+ };
-+ int i;
-+
-+ for (i = 0; preferred[i] != 0; i++) {
-+ if (preferred[i] == etype) {
-+ return 1;
-+ }
-+ }
-+
-+ return 0;
-+}
-+
-+static int
-+compare_etypes (const void *one,
-+ const void *two)
-+{
-+ const krb5_enctype *e1 = one;
-+ const krb5_enctype *e2 = two;
-+ int p1, p2;
-+
-+ p1 = is_preferred_etype(*e1);
-+ p2 = is_preferred_etype(*e2);
-+
-+ if (p1 == p2) {
-+ return (int)*e2 - (int)*e1;
-+ }
-+
-+ /* Sort preferred etypes first */
-+ return p2 - p1;
-+}
-+
-+krb5_error_code
-+sss_krb5_read_etypes_for_keytab(TALLOC_CTX *mem_ctx,
-+ krb5_context context,
-+ krb5_keytab keytab,
-+ krb5_principal princ,
-+ krb5_enctype **etype_list,
-+ int *n_etype_list)
-+{
-+ krb5_kt_cursor cursor;
-+ krb5_keytab_entry entry;
-+ krb5_enctype *etypes = NULL;
-+ krb5_kvno max_kvno = 0;
-+ int allocated = 0;
-+ TALLOC_CTX *tmp_ctx;
-+ int count = 0;
-+ int ret;
-+
-+ tmp_ctx = talloc_new(NULL);
-+ if (!tmp_ctx) return ENOMEM;
-+
-+ ret = krb5_kt_start_seq_get(context, keytab, &cursor);
-+ if (ret != 0) {
-+ talloc_free(tmp_ctx);
-+ return ret;
-+ }
-+
-+ for (;;) {
-+ ret = krb5_kt_next_entry(context, keytab, &entry, &cursor);
-+ if (ret != 0) {
-+ break;
-+ }
-+
-+ if (!krb5_c_valid_enctype(entry.key.enctype) ||
-+ !krb5_principal_compare(context, entry.principal, princ)) {
-+ continue;
-+ }
-+
-+ /* Make sure our list is for the highest kvno found for client. */
-+ if (entry.vno > max_kvno) {
-+ count = 0;
-+ max_kvno = entry.vno;
-+ } else if (entry.vno != max_kvno) {
-+ continue;
-+ }
-+
-+ /*
-+ * Reallocate and add enctype. When reallocating always reserve
-+ * one for extra logic below.
-+ */
-+ if (count + 1 >= allocated) {
-+ allocated += 16;
-+ etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, allocated);
-+ if (etypes == NULL) {
-+ ret = ENOMEM;
-+ break;
-+ }
-+ }
-+ etypes[count] = entry.key.enctype;
-+ count++;
-+
-+ /* All DES key types work with des-cbc-crc, which is more likely to be
-+ * accepted by the KDC (since MIT KDCs refuse des-cbc-md5). */
-+ if (entry.key.enctype == ENCTYPE_DES_CBC_MD5 ||
-+ entry.key.enctype == ENCTYPE_DES_CBC_MD4) {
-+ etypes[count] = ENCTYPE_DES_CBC_CRC;
-+ count++;
-+ }
-+ }
-+
-+ krb5_kt_end_seq_get(context, keytab, &cursor);
-+
-+ if (ret == KRB5_KT_END) {
-+ ret = 0;
-+ }
-+
-+ if (ret == 0) {
-+ /* Sort the preferred enctypes first */
-+ qsort(etypes, count, sizeof(*etypes), compare_etypes);
-+ etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
-+ if (etypes == NULL) {
-+ ret = ENOMEM;
-+ } else {
-+ *etype_list = talloc_steal(mem_ctx, etypes);
-+ *n_etype_list = count;
-+ }
-+ }
-+
-+ talloc_free(tmp_ctx);
-+ return ret;
-+}
-diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h
-index 50c4b69..349dbaa 100644
---- a/src/util/sss_krb5.h
-+++ b/src/util/sss_krb5.h
-@@ -132,4 +132,12 @@ typedef krb5_ticket_times sss_krb5_ticket_times;
- typedef krb5_times sss_krb5_ticket_times;
- #endif
-
-+krb5_error_code
-+sss_krb5_read_etypes_for_keytab(TALLOC_CTX *mem_ctx,
-+ krb5_context context,
-+ krb5_keytab keytab,
-+ krb5_principal princ,
-+ krb5_enctype **etype_list,
-+ int *n_etype_list);
-+
- #endif /* __SSS_KRB5_H__ */
diff --git a/debian/patches/fix-upstream-1298.diff b/debian/patches/fix-upstream-1298.diff
deleted file mode 100644
index dbb59fa..0000000
--- a/debian/patches/fix-upstream-1298.diff
+++ /dev/null
@@ -1,51 +0,0 @@
-commit 4d1a261202d828efc84e3a84d16c30548f29f76d
-Author: Stef Walter <stefw at gnome.org>
-Date: Wed Apr 11 12:12:57 2012 +0200
-
- If canon'ing principals, write ccache with updated default principal
-
- * When calling krb5_get_init_creds_keytab() with
- krb5_get_init_creds_opt_set_canonicalize() the credential
- principal can get updated.
- * Create the cache file with the correct default credential.
- * LDAP GSSAPI SASL would fail due to the mismatched credentials
- before this patch.
-
- https://bugzilla.redhat.com/show_bug.cgi?id=811518
-
---- a/src/providers/krb5/krb5_child.c
-+++ b/src/providers/krb5/krb5_child.c
-@@ -626,7 +626,8 @@
- return kerr;
- }
-
-- kerr = create_ccache_file(ctx, princ, ccname, &creds);
-+ /* Use the updated principal in the creds in case canonicalized */
-+ kerr = create_ccache_file(ctx, creds.client, ccname, &creds);
- if (kerr != 0) {
- KRB5_DEBUG(1, kerr);
- goto done;
-@@ -683,7 +684,10 @@
- }
- }
-
-- kerr = create_ccache_file(kr->ctx, kr->princ, kr->ccname, kr->creds);
-+ /* Use the updated principal in the creds in case canonicalized */
-+ kerr = create_ccache_file(kr->ctx,
-+ kr->creds ? kr->creds->client : kr->princ,
-+ kr->ccname, kr->creds);
- if (kerr != 0) {
- KRB5_DEBUG(1, kerr);
- goto done;
---- a/src/providers/ldap/ldap_child.c
-+++ b/src/providers/ldap/ldap_child.c
-@@ -285,7 +285,8 @@
- goto done;
- }
-
-- krberr = krb5_cc_initialize(context, ccache, kprinc);
-+ /* Use updated principal if changed due to canonicalization. */
-+ krberr = krb5_cc_initialize(context, ccache, my_creds.client);
- if (krberr) {
- DEBUG(2, ("Failed to init ccache: %s\n",
- sss_krb5_get_error_message(context, krberr)));
diff --git a/debian/patches/fix-upstream-1330.diff b/debian/patches/fix-upstream-1330.diff
deleted file mode 100644
index e6251c0..0000000
--- a/debian/patches/fix-upstream-1330.diff
+++ /dev/null
@@ -1,40 +0,0 @@
-commit 6da9b3bcbee97fbfdb02c652ddcd0ab048224997
-Author: Stephen Gallagher <sgallagh at redhat.com>
-Date: Mon May 21 20:36:44 2012 -0400
-
- KRB5: Avoid NULL-dereference with empty keytab
-
- https://fedorahosted.org/sssd/ticket/1330
-
-diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
-index a59afb2..c944bf0 100644
---- a/src/util/sss_krb5.c
-+++ b/src/util/sss_krb5.c
-@@ -1104,14 +1104,20 @@ sss_krb5_read_etypes_for_keytab(TALLOC_CTX *mem_ctx,
- }
-
- if (ret == 0) {
-- /* Sort the preferred enctypes first */
-- qsort(etypes, count, sizeof(*etypes), compare_etypes);
-- etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
-- if (etypes == NULL) {
-- ret = ENOMEM;
-+ if (etypes) {
-+ /* Sort the preferred enctypes first */
-+ qsort(etypes, count, sizeof(*etypes), compare_etypes);
-+ etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
-+ if (etypes == NULL) {
-+ ret = ENOMEM;
-+ } else {
-+ *etype_list = talloc_steal(mem_ctx, etypes);
-+ *n_etype_list = count;
-+ }
- } else {
-- *etype_list = talloc_steal(mem_ctx, etypes);
-- *n_etype_list = count;
-+ /* The key table was empty. There are no enctypes to match */
-+ *etype_list = NULL;
-+ *n_etype_list = 0;
- }
- }
-
diff --git a/debian/patches/fix-upstream-1343.diff b/debian/patches/fix-upstream-1343.diff
deleted file mode 100644
index 4fb589e..0000000
--- a/debian/patches/fix-upstream-1343.diff
+++ /dev/null
@@ -1,52 +0,0 @@
-commit 6efb62b8b94405cfd0afecbf2d04985b6f44419b
-Author: Jakub Hrozek <jhrozek at redhat.com>
-Date: Tue May 22 17:41:52 2012 +0200
-
- LDAP nested groups: Do not process callback with _post deep in the nested structure
-
- https://fedorahosted.org/sssd/ticket/1343
-
-diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
-index 84eb7cb..b587f66 100644
---- a/src/providers/ldap/sdap_async_groups.c
-+++ b/src/providers/ldap/sdap_async_groups.c
-@@ -2498,14 +2498,13 @@ static errno_t sdap_nested_group_lookup_user(struct tevent_req *req,
- ret = sdap_nested_group_process_step(req);
- }
-
-- if (ret == EOK) {
-- /* EOK means it's complete */
-- tevent_req_done(req);
-- tevent_req_post(req, state->ev);
-- } else if (ret != EAGAIN) {
-+ if (ret != EOK && ret != EAGAIN) {
-+ DEBUG(SSSDBG_OP_FAILURE, ("Nested group processing failed\n"));
- return ret;
-+ } else if (ret == EOK) {
-+ DEBUG(SSSDBG_TRACE_FUNC, ("All done.\n"));
-+ tevent_req_done(req);
- }
--
- return EOK;
- }
- /*
-@@ -2583,14 +2582,13 @@ static errno_t sdap_nested_group_lookup_group(struct tevent_req *req)
- ret = sdap_nested_group_process_step(req);
- }
-
-- if (ret == EOK) {
-- /* EOK means it's complete */
-- tevent_req_done(req);
-- tevent_req_post(req, state->ev);
-- } else if (ret != EAGAIN) {
-+ if (ret != EOK && ret != EAGAIN) {
-+ DEBUG(SSSDBG_OP_FAILURE, ("Nested group processing failed\n"));
- return ret;
-+ } else if (ret == EOK) {
-+ DEBUG(SSSDBG_TRACE_FUNC, ("All done.\n"));
-+ tevent_req_done(req);
- }
--
- return EOK;
- }
-
diff --git a/debian/patches/series b/debian/patches/series
index a8f55b1..a82d1b4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1 @@
-fix-upstream-1297.diff
-fix-upstream-1298.diff
-fix-upstream-1330.diff
-fix-upstream-1343.diff
+#placeholder
commit 558afba68839090487e809f9aac7835e49ee38bf
Author: Stephen Gallagher <sgallagh at redhat.com>
Date: Wed May 30 12:32:53 2012 -0400
Updating translations for 1.8.4 release
diff --git a/po/de.po b/po/de.po
index 8382ff9..fd81f77 100644
--- a/po/de.po
+++ b/po/de.po
@@ -9,8 +9,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel at lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-04-20 11:22-0400\n"
-"PO-Revision-Date: 2012-04-20 16:09+0000\n"
+"POT-Creation-Date: 2012-05-30 12:29-0400\n"
+"PO-Revision-Date: 2012-05-22 13:42+0000\n"
"Last-Translator: sgallagh <sgallagh at redhat.com>\n"
"Language-Team: German <trans-de at lists.fedoraproject.org>\n"
"Language: de\n"
@@ -865,22 +865,22 @@ msgstr ""
msgid "Print version number and exit"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1577 src/providers/ldap/ldap_child.c:386
+#: src/providers/krb5/krb5_child.c:1604 src/providers/ldap/ldap_child.c:402
#: src/util/util.h:89
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1579 src/providers/ldap/ldap_child.c:388
+#: src/providers/krb5/krb5_child.c:1606 src/providers/ldap/ldap_child.c:404
#: src/util/util.h:93
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1581 src/providers/ldap/ldap_child.c:390
+#: src/providers/krb5/krb5_child.c:1608 src/providers/ldap/ldap_child.c:406
#: src/util/util.h:95
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1583 src/providers/ldap/ldap_child.c:392
+#: src/providers/krb5/krb5_child.c:1610 src/providers/ldap/ldap_child.c:408
msgid "An open file descriptor for the debug logs"
msgstr ""
@@ -1260,9 +1260,9 @@ msgid "Transaction error. Could not modify group.\n"
msgstr ""
#: src/tools/sss_groupshow.c:562
-#, c-format
+#, fuzzy, c-format
msgid "%s%sGroup: %s\n"
-msgstr ""
+msgstr "Gruppen"
#: src/tools/sss_groupshow.c:563
msgid "Magic Private "
diff --git a/po/es.po b/po/es.po
index 7195125..e985ca2 100644
--- a/po/es.po
+++ b/po/es.po
@@ -12,8 +12,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel at lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-04-20 11:22-0400\n"
-"PO-Revision-Date: 2012-04-20 16:09+0000\n"
+"POT-Creation-Date: 2012-05-30 12:29-0400\n"
+"PO-Revision-Date: 2012-05-22 13:42+0000\n"
"Last-Translator: sgallagh <sgallagh at redhat.com>\n"
"Language-Team: Spanish (Castilian) <trans-es at lists.fedoraproject.org>\n"
"Language: es\n"
@@ -914,22 +914,22 @@ msgstr "Indicar un archivo de configuración diferente al predeterminado"
msgid "Print version number and exit"
msgstr "Muestra el número de versión y finaliza"
-#: src/providers/krb5/krb5_child.c:1577 src/providers/ldap/ldap_child.c:386
+#: src/providers/krb5/krb5_child.c:1604 src/providers/ldap/ldap_child.c:402
#: src/util/util.h:89
msgid "Debug level"
msgstr "Nive de depuración"
-#: src/providers/krb5/krb5_child.c:1579 src/providers/ldap/ldap_child.c:388
+#: src/providers/krb5/krb5_child.c:1606 src/providers/ldap/ldap_child.c:404
#: src/util/util.h:93
msgid "Add debug timestamps"
msgstr "Agregar marcas de tiempo de depuración"
-#: src/providers/krb5/krb5_child.c:1581 src/providers/ldap/ldap_child.c:390
+#: src/providers/krb5/krb5_child.c:1608 src/providers/ldap/ldap_child.c:406
#: src/util/util.h:95
msgid "Show timestamps with microseconds"
msgstr "Mostrar marcas de tiempo con microsegundos"
-#: src/providers/krb5/krb5_child.c:1583 src/providers/ldap/ldap_child.c:392
+#: src/providers/krb5/krb5_child.c:1610 src/providers/ldap/ldap_child.c:408
msgid "An open file descriptor for the debug logs"
msgstr "Un arhivo abierto de descriptor para los registros de depuración"
@@ -981,12 +981,12 @@ msgstr ", su contraseña cacheada vencerá el:"
#: src/sss_client/pam_sss.c:643
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
-msgstr "Su contraseña ha expirado. Dispone de %d ingreso(s) excepcionales. "
+msgstr ""
#: src/sss_client/pam_sss.c:689
-#, c-format
+#, fuzzy, c-format
msgid "Your password will expire in %d %s."
-msgstr "Su contraseña expirará en %d %s."
+msgstr ", su contraseña cacheada vencerá el:"
#: src/sss_client/pam_sss.c:738
msgid "Authentication is denied until: "
@@ -1177,7 +1177,7 @@ msgstr "Los grupos deben estar en el mismo dominio que el usuario\n"
#: src/tools/sss_useradd.c:153
#, c-format
msgid "Cannot find group %s in local domain\n"
-msgstr "No se pudo encontrar el grupo %s en el dominio local\n"
+msgstr ""
#: src/tools/sss_useradd.c:168 src/tools/sss_userdel.c:214
msgid "Cannot set default values\n"
@@ -1204,12 +1204,12 @@ msgstr ""
#: src/tools/sss_useradd.c:232
#, c-format
msgid "Cannot create user's home directory: %s\n"
-msgstr "No se pudo crear el directorio personal del usuario: %s\n"
+msgstr ""
#: src/tools/sss_useradd.c:243
#, c-format
msgid "Cannot create user's mail spool: %s\n"
-msgstr "No se pudo crear el receptor de correo del usuario: %s\n"
+msgstr ""
#: src/tools/sss_useradd.c:255
msgid "Could not allocate ID for the user - domain full?\n"
@@ -1254,7 +1254,7 @@ msgstr "Especifique el grupo a borrar\n"
#: src/tools/sss_groupdel.c:101
#, c-format
msgid "Group %s is outside the defined ID range for domain\n"
-msgstr "El grupo %s está fuera del rango de ID definido para los dominios\n"
+msgstr ""
#: src/tools/sss_groupdel.c:115
msgid ""
@@ -1299,13 +1299,13 @@ msgstr ""
#: src/tools/sss_groupmod.c:155 src/tools/sss_groupmod.c:182
#: src/tools/sss_usermod.c:176 src/tools/sss_usermod.c:203
-#, c-format
+#, fuzzy, c-format
msgid ""
"Cannot find group %s in local domain, only groups in local domain are "
"allowed\n"
msgstr ""
-"No se pudo encontrar el grupo %s en el dominio local, solo se permiten los "
-"grupos del dominio local\n"
+"No se pudo encontrar el grupo en el dominio local, la modificación de grupos "
+"se permite sólo en el dominio local\n"
#: src/tools/sss_groupmod.c:216
msgid "Could not modify group - check if member group names are correct\n"
@@ -1323,9 +1323,9 @@ msgid "Transaction error. Could not modify group.\n"
msgstr "Error de transacción. No se pudo modificar el grupo.\n"
#: src/tools/sss_groupshow.c:562
-#, c-format
+#, fuzzy, c-format
msgid "%s%sGroup: %s\n"
-msgstr "%s%sGrupo: %s\n"
+msgstr "Grupos"
#: src/tools/sss_groupshow.c:563
msgid "Magic Private "
@@ -1334,12 +1334,12 @@ msgstr "Magia privada"
#: src/tools/sss_groupshow.c:565
#, c-format
msgid "%sGID number: %d\n"
-msgstr "%sGID número: %d\n"
+msgstr ""
#: src/tools/sss_groupshow.c:567
#, c-format
msgid "%sMember users: "
-msgstr "%sMember usuarios: "
+msgstr ""
#: src/tools/sss_groupshow.c:574
#, c-format
@@ -1347,8 +1347,6 @@ msgid ""
"\n"
"%sIs a member of: "
msgstr ""
-"\n"
-"%sEs miembro de: "
#: src/tools/sss_groupshow.c:581
#, c-format
@@ -1356,8 +1354,6 @@ msgid ""
"\n"
"%sMember groups: "
msgstr ""
-"\n"
-"%sGrupos de miembro: "
#: src/tools/sss_groupshow.c:617
msgid "Print indirect group members recursively"
@@ -1402,7 +1398,7 @@ msgstr "Especifique el usuario a borrar\n"
#: src/tools/sss_userdel.c:230
#, c-format
msgid "User %s is outside the defined ID range for domain\n"
-msgstr "El usuario %s está fuera del rango de ID para el dominio\n"
+msgstr ""
#: src/tools/sss_userdel.c:255
msgid "Cannot reset SELinux login context\n"
@@ -1412,8 +1408,6 @@ msgstr "No es posible reiniciar contexto de registro de SELinux\n"
#, c-format
msgid "WARNING: The user (uid %lu) was still logged in when deleted.\n"
msgstr ""
-"ADVERTENCIA: El usuario (uid %lu) todavía se encontraba registrado mientras "
-"se lo eliminaba.\n"
#: src/tools/sss_userdel.c:272
msgid "Cannot determine if the user was logged in on this platform"
@@ -1427,7 +1421,7 @@ msgstr "Error mientras se verificaba si el usuario se encontraba registrado\n"
#: src/tools/sss_userdel.c:284
#, c-format
msgid "The post-delete command failed: %s\n"
-msgstr "Falló el comando de post-eliminación: %s\n"
+msgstr ""
#: src/tools/sss_userdel.c:296
msgid "Not removing home dir - not owned by user\n"
@@ -1436,7 +1430,7 @@ msgstr "No eliminando el directorio de inicio - no pertenece al usuario\n"
#: src/tools/sss_userdel.c:298
#, c-format
msgid "Cannot remove homedir: %s\n"
-msgstr " Imposible eliminar el directorio de inicio: %s\n"
+msgstr ""
#: src/tools/sss_userdel.c:309
msgid ""
@@ -1549,7 +1543,7 @@ msgstr "Falta memoria\n"
#: src/tools/tools_util.h:40
#, c-format
msgid "%s must be run as root\n"
-msgstr "%s se debe ejecutar como root\n"
+msgstr ""
#: src/util/util.h:91
msgid "Send the debug output to files instead of stderr"
diff --git a/po/fr.po b/po/fr.po
index 63c742b..0c136ab 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -4,13 +4,14 @@
#
# Translators:
# Fabien Archambault <marbolangos at gmail.com>, 2012.
+# Jérôme Fenal <jfenal at gmail.com>, 2012.
# Mariko Vincent <dweu60 at gmail.com>, 2012.
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel at lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-04-20 11:22-0400\n"
-"PO-Revision-Date: 2012-04-20 16:09+0000\n"
+"POT-Creation-Date: 2012-05-30 12:29-0400\n"
+"PO-Revision-Date: 2012-05-22 13:42+0000\n"
"Last-Translator: sgallagh <sgallagh at redhat.com>\n"
"Language-Team: French <trans-fr at lists.fedoraproject.org>\n"
"Language: fr\n"
@@ -885,7 +886,7 @@ msgstr "Nom de la bibliothèque NSS à utiliser"
#: src/config/SSSDConfig.py:302
msgid "Whether to look up canonical group name from cache if possible"
-msgstr ""
+msgstr "Rechercher le nom canonique du groupe dans le cache si possible"
#: src/config/SSSDConfig.py:305
msgid "PAM stack to use"
@@ -907,22 +908,22 @@ msgstr "Définir un fichier de configuration différent de celui par défaut"
msgid "Print version number and exit"
msgstr "Afficher le numéro de version et quitte"
-#: src/providers/krb5/krb5_child.c:1577 src/providers/ldap/ldap_child.c:386
+#: src/providers/krb5/krb5_child.c:1604 src/providers/ldap/ldap_child.c:402
#: src/util/util.h:89
msgid "Debug level"
msgstr "Niveau de débogage"
-#: src/providers/krb5/krb5_child.c:1579 src/providers/ldap/ldap_child.c:388
+#: src/providers/krb5/krb5_child.c:1606 src/providers/ldap/ldap_child.c:404
#: src/util/util.h:93
msgid "Add debug timestamps"
msgstr "Ajouter l'horodatage au débogage"
-#: src/providers/krb5/krb5_child.c:1581 src/providers/ldap/ldap_child.c:390
+#: src/providers/krb5/krb5_child.c:1608 src/providers/ldap/ldap_child.c:406
#: src/util/util.h:95
msgid "Show timestamps with microseconds"
msgstr "Afficher l'horodatage en microsecondes"
-#: src/providers/krb5/krb5_child.c:1583 src/providers/ldap/ldap_child.c:392
+#: src/providers/krb5/krb5_child.c:1610 src/providers/ldap/ldap_child.c:408
msgid "An open file descriptor for the debug logs"
msgstr "Un descripteur de fichier ouvert pour les journaux de débogage"
@@ -976,12 +977,12 @@ msgstr ", votre mot de passe en cache expirera à :"
#: src/sss_client/pam_sss.c:643
#, c-format
msgid "Your password has expired. You have %d grace login(s) remaining."
-msgstr "Votre mot de passe a expiré. Il vous reste %d connexion autorisée."
+msgstr ""
#: src/sss_client/pam_sss.c:689
-#, c-format
+#, fuzzy, c-format
msgid "Your password will expire in %d %s."
-msgstr "Votre mot de passe expirera dans %d %s."
+msgstr ", votre mot de passe en cache expirera à :"
#: src/sss_client/pam_sss.c:738
msgid "Authentication is denied until: "
@@ -1086,11 +1087,11 @@ msgstr "Le chemin vers la commande de proxy doit être absolue\n"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:263
msgid "Host name cannot be resolved\n"
-msgstr ""
+msgstr "Le nom du système ne peut être résolu\n"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:274
msgid "Reverse lookup failed\n"
-msgstr ""
+msgstr "Échec de la recherche inverse\n"
#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48
msgid "The UID of the user"
@@ -1172,7 +1173,7 @@ msgstr "Les groupes doivent être dans le même domaine que l'utilisateur\n"
#: src/tools/sss_useradd.c:153
#, c-format
msgid "Cannot find group %s in local domain\n"
-msgstr "Impossible de trouver le groupe %s dans le domaine local\n"
+msgstr ""
#: src/tools/sss_useradd.c:168 src/tools/sss_userdel.c:214
msgid "Cannot set default values\n"
@@ -1199,14 +1200,12 @@ msgstr ""
#: src/tools/sss_useradd.c:232
#, c-format
msgid "Cannot create user's home directory: %s\n"
-msgstr "Impossible de créer le répertoire de l'utilisateur : %s\n"
+msgstr ""
#: src/tools/sss_useradd.c:243
#, c-format
msgid "Cannot create user's mail spool: %s\n"
msgstr ""
-"Impossible de créer le répertoire de gestion des mails pour l'utilisateur : "
-"%s\n"
#: src/tools/sss_useradd.c:255
msgid "Could not allocate ID for the user - domain full?\n"
@@ -1253,7 +1252,6 @@ msgstr "Spécifier le groupe à supprimer\n"
#, c-format
msgid "Group %s is outside the defined ID range for domain\n"
msgstr ""
-"Le groupe %s est en dehors de la plage d'identifiants pour le domaine\n"
#: src/tools/sss_groupdel.c:115
msgid ""
@@ -1299,13 +1297,13 @@ msgstr ""
#: src/tools/sss_groupmod.c:155 src/tools/sss_groupmod.c:182
#: src/tools/sss_usermod.c:176 src/tools/sss_usermod.c:203
-#, c-format
+#, fuzzy, c-format
msgid ""
"Cannot find group %s in local domain, only groups in local domain are "
"allowed\n"
msgstr ""
-"Impossible de trouver le groupe %s dans le domaine local, seuls les groupes "
-"dans le domaine local sont autorisés\n"
+"Impossible de trouver le groupe dans le domaine local, la modification des "
+"groupes n'est autorisée que dans le domaine local\n"
#: src/tools/sss_groupmod.c:216
msgid "Could not modify group - check if member group names are correct\n"
@@ -1324,9 +1322,9 @@ msgid "Transaction error. Could not modify group.\n"
msgstr "Erreur de transaction. Impossible de modifier le groupe.\n"
#: src/tools/sss_groupshow.c:562
-#, c-format
+#, fuzzy, c-format
msgid "%s%sGroup: %s\n"
-msgstr "%s%s groupe : %s\n"
+msgstr "Groupes"
#: src/tools/sss_groupshow.c:563
msgid "Magic Private "
@@ -1335,12 +1333,12 @@ msgstr "Magie privée"
#: src/tools/sss_groupshow.c:565
#, c-format
msgid "%sGID number: %d\n"
-msgstr "%s GID numéro : %d\n"
+msgstr ""
#: src/tools/sss_groupshow.c:567
#, c-format
msgid "%sMember users: "
-msgstr "%s utilisateurs membres :"
+msgstr ""
#: src/tools/sss_groupshow.c:574
#, c-format
@@ -1348,8 +1346,6 @@ msgid ""
"\n"
"%sIs a member of: "
msgstr ""
-"\n"
-"%s est membre de :"
#: src/tools/sss_groupshow.c:581
#, c-format
@@ -1357,8 +1353,6 @@ msgid ""
"\n"
"%sMember groups: "
msgstr ""
-"\n"
-"%s groupes membres :"
#: src/tools/sss_groupshow.c:617
msgid "Print indirect group members recursively"
@@ -1404,7 +1398,6 @@ msgstr "Définir l'utilisateur à supprimer\n"
#, c-format
msgid "User %s is outside the defined ID range for domain\n"
msgstr ""
-"L'utilisateur %s est en dehors de la plage d'identifiants pour le domaine\n"
#: src/tools/sss_userdel.c:255
msgid "Cannot reset SELinux login context\n"
@@ -1414,8 +1407,6 @@ msgstr "Impossible de réinitialiser le contexte de connexion SELinux\n"
#, c-format
msgid "WARNING: The user (uid %lu) was still logged in when deleted.\n"
msgstr ""
-"ATTENTION : l'utilisateur (uid %lu) était encore connecté lors de la "
-"suppression.\n"
#: src/tools/sss_userdel.c:272
msgid "Cannot determine if the user was logged in on this platform"
@@ -1429,7 +1420,7 @@ msgstr "Erreur en vérifiant si l'utilisateur était connecté\n"
#: src/tools/sss_userdel.c:284
#, c-format
msgid "The post-delete command failed: %s\n"
-msgstr "La commande de post-suppression a échoué : %s\n"
More information about the Pkg-sssd-devel
mailing list