Use Sudo rather than SUDO as a label.

ticket 1005

install/share/bootstrap-template.ldif

@@ -289,16 +289,16 @@ cn: kdm
 description: kdm
 ipauniqueid:autogenerate
 
-dn: cn=SUDO,cn=hbacservicegroups,cn=hbac,$SUFFIX
+dn: cn=Sudo,cn=hbacservicegroups,cn=hbac,$SUFFIX
 changetype: add
 objectClass: ipaobject
 objectClass: ipahbacservicegroup
 objectClass: nestedGroup
 objectClass: groupOfNames
 objectClass: top
-cn: SUDO
+cn: Sudo
 ipauniqueid:autogenerate
-description: Default group of SUDO related services
+description: Default group of Sudo related services
 member: cn=sudo,cn=hbacservices,cn=hbac,$SUFFIX
 member: cn=sudo-i,cn=hbacservices,cn=hbac,$SUFFIX
 

install/updates/40-delegation.update

@@ -102,86 +102,86 @@ add:aci: '(targetattr = "member")(target = "ldap:///cn=*,cn=hbacservicegroups,cn
 
 # SUDO
 
-dn: cn=Add SUDO rule,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Add Sudo rule,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Add SUDO rule
+default:cn: Add Sudo rule
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Delete SUDO rule,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Delete Sudo rule,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Delete SUDO rule
+default:cn: Delete Sudo rule
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Modify SUDO rule,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Modify Sudo rule,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Modify SUDO rule
+default:cn: Modify Sudo rule
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Add SUDO command,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Add Sudo command,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Add SUDO command
+default:cn: Add Sudo command
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Delete SUDO command,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Delete Sudo command,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Delete SUDO command
+default:cn: Delete Sudo command
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Modify SUDO command,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Modify Sudo command,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Modify SUDO command
+default:cn: Modify Sudo command
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Add SUDO command group,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Add Sudo command group,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Add SUDO command group
+default:cn: Add Sudo command group
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Delete SUDO command group,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Delete Sudo command group,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Delete SUDO command group
+default:cn: Delete Sudo command group
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=Manage SUDO command group membership,cn=permissions,cn=pbac,$SUFFIX
+dn: cn=Manage Sudo command group membership,cn=permissions,cn=pbac,$SUFFIX
 default:objectClass: groupofnames
 default:objectClass: ipapermission
 default:objectClass: top
-default:cn: Manage SUDO command group membership
+default:cn: Manage Sudo command group membership
-default:member: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+default:member: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 
-dn: cn=SUDO Administrator,cn=privileges,cn=pbac,$SUFFIX
+dn: cn=Sudo Administrator,cn=privileges,cn=pbac,$SUFFIX
 default:objectClass: nestedgroup
 default:objectClass: groupofnames
 default:objectClass: top
-default:cn: SUDO Administrator
+default:cn: Sudo Administrator
-default:description: SUDO Administrator
+default:description: Sudo Administrator
 
 dn: $SUFFIX
-add:aci: '(target = "ldap:///ipauniqueid=*,cn=sudorules,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Add SUDO rule";allow (add) groupdn = "ldap:///cn=Add SUDO rule,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(target = "ldap:///ipauniqueid=*,cn=sudorules,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Add Sudo rule";allow (add) groupdn = "ldap:///cn=Add Sudo rule,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(target = "ldap:///ipauniqueid=*,cn=sudorules,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Delete SUDO rule";allow (delete) groupdn = "ldap:///cn=Delete SUDO rule,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(target = "ldap:///ipauniqueid=*,cn=sudorules,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Delete Sudo rule";allow (delete) groupdn = "ldap:///cn=Delete Sudo rule,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(targetattr = "description || ipaenabledflag || usercategory || hostcategory || cmdcategory || ipasudorunasusercategory || ipasudorunasgroupcategory || externaluser || ipasudorunasextuser || ipasudorunasextgroup || memberdenycmd || memberallowcmd || memberuser")(target = "ldap:///ipauniqueid=*,cn=sudorules,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Modify SUDO rule";allow (write) groupdn = "ldap:///cn=Modify SUDO rule,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(targetattr = "description || ipaenabledflag || usercategory || hostcategory || cmdcategory || ipasudorunasusercategory || ipasudorunasgroupcategory || externaluser || ipasudorunasextuser || ipasudorunasextgroup || memberdenycmd || memberallowcmd || memberuser")(target = "ldap:///ipauniqueid=*,cn=sudorules,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Modify Sudo rule";allow (write) groupdn = "ldap:///cn=Modify Sudo rule,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(targetattr = "description")(target = "ldap:///sudocmd=*,cn=sudocmds,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Modify SUDO command";allow (write) groupdn = "ldap:///cn=Modify SUDO command,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(targetattr = "description")(target = "ldap:///sudocmd=*,cn=sudocmds,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Modify Sudo command";allow (write) groupdn = "ldap:///cn=Modify Sudo command,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(target = "ldap:///sudocmd=*,cn=sudocmds,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Delete SUDO command";allow (delete) groupdn = "ldap:///cn=Delete SUDO command,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(target = "ldap:///sudocmd=*,cn=sudocmds,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Delete Sudo command";allow (delete) groupdn = "ldap:///cn=Delete Sudo command,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(target = "ldap:///sudocmd=*,cn=sudocmds,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Add SUDO command";allow (add) groupdn = "ldap:///cn=Add SUDO command,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(target = "ldap:///sudocmd=*,cn=sudocmds,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Add Sudo command";allow (add) groupdn = "ldap:///cn=Add Sudo command,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(target = "ldap:///cn=*,cn=sudocmdgroups,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Add SUDO command group";allow (add) groupdn = "ldap:///cn=Add SUDO command group,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(target = "ldap:///cn=*,cn=sudocmdgroups,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Add Sudo command group";allow (add) groupdn = "ldap:///cn=Add Sudo command group,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(target = "ldap:///cn=*,cn=sudocmdgroups,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Delete SUDO command group";allow (delete) groupdn = "ldap:///cn=Delete SUDO command group,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(target = "ldap:///cn=*,cn=sudocmdgroups,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Delete Sudo command group";allow (delete) groupdn = "ldap:///cn=Delete Sudo command group,cn=permissions,cn=pbac,$SUFFIX";)'
-add:aci: '(targetattr = "member")(target = "ldap:///cn=*,cn=sudocmdgroups,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Manage SUDO command group membership";allow (write) groupdn = "ldap:///cn=Manage SUDO command group membership,cn=permissions,cn=pbac,$SUFFIX";)'
+add:aci: '(targetattr = "member")(target = "ldap:///cn=*,cn=sudocmdgroups,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Manage Sudo command group membership";allow (write) groupdn = "ldap:///cn=Manage Sudo command group membership,cn=permissions,cn=pbac,$SUFFIX";)'
 
 # Password Policy
 dn: cn=Add Group Password Policy costemplate,cn=permissions,cn=pbac,$SUFFIX

install/updates/45-roles.update

@@ -66,7 +66,7 @@ add:member: 'cn=IT Security Specialist,cn=roles,cn=accounts,$SUFFIX'
 dn: cn=HBAC Administrator,cn=privileges,cn=pbac,$SUFFIX
 add:member: 'cn=IT Security Specialist,cn=roles,cn=accounts,$SUFFIX'
 
-dn: cn=SUDO administrator,cn=privileges,cn=pbac,$SUFFIX
+dn: cn=Sudo administrator,cn=privileges,cn=pbac,$SUFFIX
 add:member: 'cn=IT Security Specialist,cn=roles,cn=accounts,$SUFFIX'
 
 dn: cn=Security Architect,cn=roles,cn=accounts,$SUFFIX

ipalib/plugins/baseldap.py

@@ -66,7 +66,7 @@ global_output_params = (
         label=_('Roles'),
     ),
     Str('memberof_sudocmdgroup?',
-        label=_('SUDO Command Groups'),
+        label=_('Sudo Command Groups'),
     ),
     Str('member_privilege?',
         label='Granted to Privilege',
@@ -96,7 +96,7 @@ global_output_params = (
         label='Member of HBAC service groups',
     ),
     Str('member_sudocmd?',
-        label='Member SUDO commands',
+        label='Member Sudo commands',
     ),
     Str('memberindirect_user?',
         label=_('Indirect Member users'),

ipalib/plugins/internal.py

@@ -262,11 +262,11 @@ class i18n_messages(Command):
                 "unprovision":_("Unprovision"),
                 },
             "sudocmd": {
-                "add":_("Add New SUDO Command"),
+                "add":_("Add New Sudo Command"),
                 "groups":_("Groups"),
                 },
             "sudocmdgroup": {
-                "add":_("Add New SUDO Command Group"),
+                "add":_("Add New Sudo Command Group"),
                 "commands":_("Commands"),
                 },
             "sudorule": {
@@ -361,7 +361,7 @@ class i18n_messages(Command):
             "policy":_("Policy"),
             "audit": _("Audit"),
             "ipaserver":_("IPA Server"),
-            "sudo":_("SUDO"),
+            "sudo":_("Sudo"),
             "hbac":_("HBAC"),
             "role":_("Role Based Access Control")
             },

ipalib/plugins/sudocmd.py

@@ -61,7 +61,7 @@ class sudocmd(LDAPObject):
         'memberof': ['sudocmdgroup'],
     }
     uuid_attribute = 'ipauniqueid'
-    label = _('SUDO Commands')
+    label = _('Sudo Commands')
 
     takes_params = (
         Str('sudocmd',

ipalib/plugins/sudocmdgroup.py

@@ -63,7 +63,7 @@ class sudocmdgroup(LDAPObject):
         'member': ['sudocmd'],
     }
 
-    label = _('SUDO Command Groups')
+    label = _('Sudo Command Groups')
 
     takes_params = (
         Str('cn',

ipalib/plugins/sudorule.py

@@ -22,7 +22,7 @@ give certain users (or groups of users) the ability to run some (or all)
 commands as root or another user while providing an audit trail of the
 commands and their arguments.
 
-FreeIPA provides a designated binddn to use with SUDO located at:
+FreeIPA provides a designated binddn to use with Sudo located at:
 uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com
 
 To enable the binddn run the following command to set the password:
@@ -65,7 +65,7 @@ class sudorule(LDAPObject):
         'ipasudorunasgroup': ['group'],
     }
 
-    label = _('SUDO')
+    label = _('Sudo')
 
     takes_params = (
         Str('cn',
@@ -607,7 +607,7 @@ class sudorule_add_option(LDAPQuery):
         dn = self.obj.get_dn(cn)
 
         (dn, entry_attrs) = ldap.get_entry(dn, ['ipasudoopt'])
-        
+
         entry_attrs.setdefault('ipasudoopt', []).append(
             options['ipasudoopt']
         )

ipaserver/install/dsinstance.py

@@ -250,7 +250,7 @@ class DsInstance(service.Service):
         self.step("adding replication acis", self.__add_replication_acis)
         self.step("configuring user private groups", self.__user_private_groups)
         self.step("configuring netgroups from hostgroups", self.__host_nis_groups)
-        self.step("creating default SUDO bind user", self.__add_sudo_binduser)
+        self.step("creating default Sudo bind user", self.__add_sudo_binduser)
         if hbac_allow:
             self.step("creating default HBAC rule allow_all", self.add_hbac)