freeipa/ipaserver/plugins/internal.py
Serhii Tsymbaliuk 30eceb504a WebUI: Improve subordinate ids user workflow
- add "Subordinate ID Statistics" page
- add button for generating subid in "Subordinate ids" tab of user details page
- allow to navigate directly to owner details from subordinate id page
- adjust i18n strings

Ticket: https://pagure.io/freeipa/issue/8361
Signed-off-by: Serhii Tsymbaliuk <stsymbal@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2021-07-09 09:47:30 -04:00

2011 lines
89 KiB
Python

# Authors:
# Pavel Zuna <pzuna@redhat.com>
# Adam Young <ayoung@redhat.com>
# Endi S. Dewata <edewata@redhat.com>
#
# Copyright (c) 2010 Red Hat
# See file 'copying' for use and warranty information
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipalib import Command
from ipalib import Str
from ipalib.frontend import Local
from ipalib.output import Output
from ipalib.text import _
from ipalib.util import json_serialize
from ipalib.plugable import Registry
__doc__ = _("""
Plugins not accessible directly through the CLI, commands used internally
""")
register = Registry()
@register()
class json_metadata(Command):
__doc__ = _('Export plugin meta-data for the webUI.')
NO_CLI = True
takes_args = (
Str('objname?',
doc=_('Name of object to export'),
),
Str('methodname?',
doc=_('Name of method to export'),
),
)
takes_options = (
Str('object?',
doc=_('Name of object to export'),
),
Str('method?',
doc=_('Name of method to export'),
),
Str('command?',
doc=_('Name of command to export'),
),
)
has_output = (
Output('objects', dict, doc=_('Dict of JSON encoded IPA Objects')),
Output('methods', dict, doc=_('Dict of JSON encoded IPA Methods')),
Output('commands', dict, doc=_('Dict of JSON encoded IPA Commands')),
)
def execute(self, objname=None, methodname=None, **options):
objects = dict()
methods = dict()
commands = dict()
empty = True
try:
if not objname:
objname = options['object']
if objname in self.api.Object:
o = self.api.Object[objname]
objects = dict([(o.name, json_serialize(o))])
elif objname == "all":
objects = dict(
(o.name, json_serialize(o)) for o in self.api.Object()
if o is self.api.Object[o.name]
)
empty = False
except KeyError:
pass
try:
if not methodname:
methodname = options['method']
if (methodname in self.api.Method and
not isinstance(self.api.Method[methodname], Local)):
m = self.api.Method[methodname]
methods = dict([(m.name, json_serialize(m))])
elif methodname == "all":
methods = dict(
(m.name, json_serialize(m)) for m in self.api.Method()
if (m is self.api.Method[m.name] and
not isinstance(m, Local))
)
empty = False
except KeyError:
pass
try:
cmdname = options['command']
if (cmdname in self.api.Command and
not isinstance(self.api.Command[cmdname], Local)):
c = self.api.Command[cmdname]
commands = dict([(c.name, json_serialize(c))])
elif cmdname == "all":
commands = dict(
(c.name, json_serialize(c)) for c in self.api.Command()
if (c is self.api.Command[c.name] and
not isinstance(c, Local))
)
empty = False
except KeyError:
pass
if empty:
objects = dict(
(o.name, json_serialize(o)) for o in self.api.Object()
if o is self.api.Object[o.name]
)
methods = dict(
(m.name, json_serialize(m)) for m in self.api.Method()
if (m is self.api.Method[m.name] and
not isinstance(m, Local))
)
commands = dict(
(c.name, json_serialize(c)) for c in self.api.Command()
if (c is self.api.Command[c.name] and
not isinstance(c, Local))
)
retval = dict([
("objects", objects),
("methods", methods),
("commands", commands),
])
return retval
@register()
class i18n_messages(Command):
__doc__ = _('Internationalization messages')
NO_CLI = True
messages = {
"ajax": {
"401": {
"message": _("Your session has expired. Please log in again."),
},
},
"actions": {
"apply": _("Apply"),
"automember_rebuild": _("Rebuild auto membership"),
"automember_rebuild_confirm": _("Are you sure you want to rebuild auto membership?"),
"automember_rebuild_success": _("Automember rebuild membership task completed"),
"confirm": _("Are you sure you want to proceed with the action?"),
"delete_confirm": _("Are you sure you want to delete ${object}?"),
"disable_confirm": _("Are you sure you want to disable ${object}?"),
"enable_confirm": _("Are you sure you want to enable ${object}?"),
"title": _("Actions"),
},
"association": {
"add_title_default": _("Add"),
"added": _("${count} item(s) added"),
"direct_membership": _("Direct Membership"),
"filter_placeholder": _("Filter available ${other_entity}"),
"indirect_membership": _("Indirect Membership"),
"no_entries": _("No entries."),
"paging": _("Showing ${start} to ${end} of ${total} entries."),
"remove_title_default": _("Remove"),
"removed": _("${count} item(s) removed"),
"show_results": _("Show Results"),
},
"authtype": {
"auth_indicators": _("Authentication indicators"),
"auth_indicator": _("Authentication indicator"),
"config_tooltip": _("<p>Implicit method (password) will be used if no method is chosen.</p><p><strong>Password + Two-factor:</strong> LDAP and Kerberos allow authentication with either one of the authentication types but Kerberos uses pre-authentication method which requires to use armor ccache.</p><p><strong>RADIUS with another type:</strong> Kerberos always use RADIUS, but LDAP never does. LDAP only recognize the password and two-factor authentication options.</p>"),
"custom_auth_ind_title": _("Add Custom Authentication Indicator"),
"otp": _("OTP"),
"type_otp": _("Two factor authentication (password + OTP)"),
"type_password": _("Password"),
"type_radius": _("RADIUS"),
"type_pkinit": _("PKINIT"),
"type_hardened": _("Hardened Password (by SPAKE or FAST)"),
"type_disabled": _("Disable per-user override"),
"user_tooltip": _("<p>Per-user setting, overwrites the global setting if any option is checked.</p><p><strong>Password + Two-factor:</strong> LDAP and Kerberos allow authentication with either one of the authentication types but Kerberos uses pre-authentication method which requires to use armor ccache.</p><p><strong>RADIUS with another type:</strong> Kerberos always use RADIUS, but LDAP never does. LDAP only recognize the password and two-factor authentication options.</p>"),
},
"buttons": {
"about": _("About"),
"activate": _("Activate"),
"add": _("Add"),
"add_and_add_another": _("Add and Add Another"),
"add_and_close": _("Add and Close"),
"add_and_edit": _("Add and Edit"),
"add_many": _("Add Many"),
"apply": _("Apply"),
"back": _("Back"),
"cancel": _("Cancel"),
"clear": _("Clear"),
"clear_title": _("Clear all fields on the page."),
"close": _("Close"),
"disable": _("Disable"),
"download": _("Download"),
"download_title": _("Download certificate as PEM formatted file."),
"edit": _("Edit"),
"enable": _("Enable"),
"filter": _("Filter"),
"find": _("Find"),
"get": _("Get"),
"hide": _("Hide"),
"issue": _("Issue"),
"match": _("Match"),
"match_title": _("Match users according to certificate."),
"migrate": _("Migrate"),
"ok": _("OK"),
"refresh": _("Refresh"),
"refresh_title": _("Reload current settings from the server."),
"remove": _("Delete"),
"remove_hold": _("Remove hold"),
"reset": _("Reset"),
"reset_password": _("Reset Password"),
"reset_password_and_login": _("Reset Password and Log in"),
"restore": _("Restore"),
"retry": _("Retry"),
"revert": _("Revert"),
"revert_title": ("Undo all unsaved changes."),
"revoke": _("Revoke"),
"save": _("Save"),
"set": _("Set"),
"show": _("Show"),
"stage": _("Stage"),
"unapply": ("Un-apply"),
"update": _("Update"),
"view": _("View"),
},
"customization": {
"customization": _("Customization"),
"table_pagination": _("Pagination Size"),
},
"details": {
"collapse_all": _("Collapse All"),
"expand_all": _("Expand All"),
"general": _("General"),
"identity": _("Identity Settings"),
"record": _("Record Settings"),
"settings": _("${entity} ${primary_key} Settings"),
"to_top": _("Back to Top"),
"updated": _("${entity} ${primary_key} updated"),
},
"dialogs": {
"add_confirmation": _("${entity} successfully added"),
"add_custom_value": _("Add custom value"),
"add_title_default": _("Add"),
"available": _("Available"),
"batch_error_message": _("Some operations failed."),
"batch_error_title": _("Operations Error"),
"confirmation": _("Confirmation"),
"custom_value": _("Custom value"),
"dirty_message": _("This page has unsaved changes. Please save or revert."),
"dirty_title": _("Unsaved Changes"),
"edit_title": _("Edit ${entity}"),
"hide_details": _("Hide details"),
"about_title": _("About"),
"about_message": _("${product}, version: ${version}"),
"prospective": _("Prospective"),
"redirection": _("Redirection"),
"remove_empty": _("Select entries to be removed."),
"remove_title_default": _("Remove"),
"result": _("Result"),
"show_details": _("Show details"),
"success": _("Success"),
"validation_title": _("Validation error"),
"validation_message": _("Input form contains invalid or missing values."),
},
"error_report": {
"options": _("Please try the following options:"),
"problem_persists": _("If the problem persists please contact the system administrator."),
"refresh": _("Refresh the page."),
"reload": _("Reload the browser."),
"main_page": _("Return to the main page and retry the operation"),
"title": _("An error has occurred (${error})"),
},
"errors": {
"error": _("Error"),
"http_error": _("HTTP Error"),
"internal_error": _("Internal Error"),
"ipa_error": _("IPA Error"),
"no_response": _("No response"),
"unknown_error": _("Unknown Error"),
"url": _("URL"),
},
"facet_groups": {
"managedby": _("${primary_key} is managed by:"),
"member": _("${primary_key} members:"),
"memberof": _("${primary_key} is a member of:"),
"membermanager": _("${primary_key} member managers:"),
},
"facets": {
"details": _("Settings"),
"search": _("Search"),
},
"false": _("False"),
"keytab": {
"add_groups_create": _(
"Allow user groups to create keytab of '${primary_key}'"
),
"add_groups_retrieve": _(
"Allow user groups to retrieve keytab of '${primary_key}'"
),
"add_hostgroups_create": _(
"Allow host groups to create keytab of '${primary_key}'"
),
"add_hostgroups_retrieve": _(
"Allow host groups to retrieve keytab of '${primary_key}'"
),
"add_hosts_create": _(
"Allow hosts to create keytab of '${primary_key}'"
),
"add_hosts_retrieve": _(
"Allow hosts to retrieve keytab of '${primary_key}'"
),
"add_users_create": _(
"Allow users to create keytab of '${primary_key}'"
),
"add_users_retrieve": _(
"Allow users to retrieve keytab of '${primary_key}'"
),
"allowed_to_create": _("Allowed to create keytab"),
"allowed_to_retrieve": _("Allowed to retrieve keytab"),
"remove_groups_create": _(
"Disallow user groups to create keytab of '${primary_key}'"
),
"remove_groups_retrieve": _(
"Disallow user groups to retrieve keytab of '${primary_key}'"
),
"remove_hostgroups_create": _(
"Disallow host groups to create keytab of '${primary_key}'"
),
"remove_hostgroups_retrieve": _(
"Disallow host groups to retrieve keytab of '${primary_key}'"
),
"remove_hosts_create": _(
"Disallow hosts to create keytab of '${primary_key}'"
),
"remove_hosts_retrieve": _(
"Disallow hosts to retrieve keytab of '${primary_key}'"
),
"remove_users_create": _(
"Disallow users to create keytab of '${primary_key}'"
),
"remove_users_retrieve": _(
"Disallow users to retrieve keytab of '${primary_key}'"
),
},
"krbaliases": {
"adder_title": _("Add Kerberos Principal Alias"),
"add_krbal_label": _("New kerberos principal alias"),
"remove_title": _("Remove Kerberos Alias"),
"remove_message": _("Do you want to remove kerberos alias ${alias}?"),
},
"krbauthzdata": {
"inherited": _("Inherited from server configuration"),
"mspac": _("MS-PAC"),
"override": _("Override inherited settings"),
"pad": _("PAD"),
},
"login": {
"authenticating": _("Authenticating"),
"cert_auth_failed": _(
"Authentication with personal certificate failed"),
"cert_msg": _(
"<i class=\"fa fa-info-circle\"></i> To log in with "
"<strong>certificate</strong>, please make sure you have "
"valid personal certificate. "
),
"continue_msg": _("Continue to next page"),
"form_auth": _(
"<i class=\"fa fa-info-circle\"></i> To log in with "
"<strong>username and password</strong>, enter them in the "
"corresponding fields, then click 'Log in'."),
"form_auth_failed": _("Login failed due to an unknown reason"),
"header": _("Logged In As"),
"krb_auth_failed": _("Authentication with Kerberos failed"),
"krb_auth_msg": _(
"<i class=\"fa fa-info-circle\"></i> To log in with "
"<strong>Kerberos</strong>, please make sure you have valid "
"tickets (obtainable via kinit) and <a href='${protocol}//"
"${host}/ipa/config/ssbrowser.html'>configured</a> the browser"
" correctly, then click 'Log in'."),
"loading": _("Loading"),
"krbprincipal_expired": _(
"Kerberos Principal you entered is expired"),
"loading_md": _("Loading data"),
"login": _("Log in"),
"login_certificate": _("Log In Using Certificate"),
"login_certificate_desc": _("Log in using personal certificate"),
"logout": _("Log out"),
"logout_error": _("Log out error"),
"password": _("Password"),
"password_and_otp": _("Password or Password+One-Time Password"),
"redirect_msg": _("You will be redirected in ${count}s"),
"sync_otp_token": _("Sync OTP Token"),
"synchronizing": _("Synchronizing"),
"username": _("Username"),
"user_locked": _("The user account you entered is locked"),
},
"measurement_units": {
"number_of_passwords": _("number of passwords"),
"seconds": _("seconds"),
},
"migration": {
"migrating": _("Migrating"),
"migration_error_msg": _(
"There was a problem with your request. Please, try again "
"later."),
"migration_failure_msg": _(
"Password migration was not successful"),
"migration_info_msg": _(
"<h1>Password Migration</h1><p>If you have been sent here by "
"your administrator, your personal information is being "
"migrated to a new identity management solution (IPA).</p><p>"
"Please, enter your credentials in the form to complete the "
"process. Upon successful login your kerberos account will be "
"activated.</p>"),
"migration_invalid_password": _(
"The password or username you entered is incorrect"),
"migration_success": _("Password migration was successful"),
},
"objects": {
"aci": {
"attribute": _("Attribute"),
},
"acidelegation": {
"add": _("Add delegation"),
"remove": _("Remove delegations"),
},
"acipermission": {
"add": _("Add permission"),
"add_privileges": _(
"Add privileges into permission '${primary_key}'"
),
"remove": _("Remove permissions"),
"remove_privileges": _(
"Remove privileges from permission '${primary_key}'"
),
},
"aciprivilege": {
"add": _("Add privilege"),
"add_into_permissions": _(
"Add privilege '${primary_key}' into permissions"
),
"add_roles": _(
"Add roles into privilege '${primary_key}'"
),
"remove": _("Remove privileges"),
"remove_from_permissions": _(
"Remove privilege '${primary_key}' from permissions"
),
"remove_roles": _(
"Remove roles from privilege '${primary_key}'"
),
},
"acirole": {
"identity": _("Role Settings"),
"add": _("Add role"),
"add_groups": _(
"Add user groups into role '${primary_key}'"
),
"add_hosts": _(
"Add hosts into role '${primary_key}'"
),
"add_hostgroups": _(
"Add host groups into role '${primary_key}'"
),
"add_into_privileges": _(
"Add role '${primary_key}' into privileges"
),
"add_services": _(
"Add services into role '${primary_key}'"
),
"add_users": _(
"Add users into role '${primary_key}'"
),
"remove": _("Remove roles"),
"remove_from_privileges": _(
"Remove role '${primary_key}' from privileges"
),
"remove_groups": _(
"Remove user groups from role '${primary_key}'"
),
"remove_hosts": _(
"Remove hosts from role '${primary_key}'"
),
"remove_hostgroups": _(
"Remove host groups from role '${primary_key}'"
),
"remove_services": _(
"Remove services from role '${primary_key}'"
),
"remove_users": _(
"Remove users from role '${primary_key}'"
),
},
"aciselfservice": {
"add": _("Add self service permission"),
"remove": _("Remove self service permissions"),
},
"automember": {
"add": _("Add rule"),
"add_inc_condition": _(
"Add inclusive condition into '${primary_key}'"
),
"add_exc_condition": _(
"Add exclusive condition into '${primary_key}'"
),
"attribute": _("Attribute"),
"default_group_confirm": _(
"Are you sure you want to change default group?"
),
"default_host_group": _("Default host group"),
"default_user_group": _("Default user group"),
"exclusive": _("Exclusive"),
"expression": _("Expression"),
"hostgrouprule": _("Host group rule"),
"hostgrouprules": _("Host group rules"),
"inclusive": _("Inclusive"),
"remove": _("Remove auto membership rules"),
"remove_exc_conditions": _(
"Remove exclusive conditions from rule '${primary_key}'"
),
"remove_inc_conditions": _(
"Remove inclusive conditions from rule '${primary_key}'"
),
"usergrouprule": _("User group rule"),
"usergrouprules": _("User group rules"),
},
"automountkey": {
"add": _("Add automount key"),
"remove": _("Remove automount keys"),
},
"automountlocation": {
"add": _("Add automount location"),
"identity": _("Automount Location Settings"),
"remove": _("Remove automount locations"),
},
"automountmap": {
"add": _("Add automount map"),
"map_type": _("Map Type"),
"direct": _("Direct"),
"indirect": _("Indirect"),
"remove": _("Remove automount maps"),
},
"ca": {
"add": _("Add certificate authority"),
"remove": _("Remove certificate authorities"),
},
"caacl": {
"add": _("Add CA ACL"),
"add_ca": _(
"Add Certificate Authorities into CA ACL "
"'${primary_key}'"
),
"add_groups": _(
"Add user groups into CA ACL '${primary_key}'"
),
"add_hostgroups": _(
"Add host groups into CA ACL '${primary_key}'"
),
"add_hosts": _(
"Add hosts into CA ACL '${primary_key}'"
),
"add_profiles": _(
"Add certificate profiles into CA ACL '${primary_key}'"
),
"add_services": _(
"Add services into CA ACL '${primary_key}'"
),
"add_users": _(
"Add users into CA ACL '${primary_key}'"
),
"all": _("All"),
"any_ca": _("Any CA"),
"any_host": _("Any Host"),
"any_service": _("Any Service"),
"any_profile": _("Any Profile"),
"anyone": _("Anyone"),
"ipaenabledflag": _("Rule status"),
"no_ca_msg": _("If no CAs are specified, requests to the default CA are allowed."),
"profile": _("Profiles"),
"remove": _("Remove CA ACLs"),
"remove_ca": _(
"Remove Certificate Authorities from CA ACL "
"'${primary_key}'"
),
"remove_groups": _(
"Remove user groups from CA ACL '${primary_key}'"
),
"remove_hostgroups": _(
"Remove host groups from CA ACL '${primary_key}'"
),
"remove_hosts": _(
"Remove hosts from CA ACL '${primary_key}'"
),
"remove_profiles": _(
"Remove certificate profiles from CA ACL '${primary_key}'"
),
"remove_services": _(
"Remove services from CA ACL '${primary_key}'"
),
"remove_users": _(
"Remove users from CA ACL '${primary_key}'"
),
"specified_cas": _("Specified CAs"),
"specified_hosts": _("Specified Hosts and Groups"),
"specified_profiles": _("Specified Profiles"),
"specified_services": _("Specified Services and Groups"),
"specified_users": _("Specified Users and Groups"),
"who": _("Permitted to have certificates issued"),
},
"caprofile": {
"remove": _("Remove certificate profiles"),
},
"cert": {
"aa_compromise": _("AA Compromise"),
"add_principal": _("Add principal"),
"affiliation_changed": _("Affiliation Changed"),
"ca": _("CA"),
"ca_compromise": _("CA Compromise"),
"certificate": _("Certificate"),
"certificates": _("Certificates"),
"certificate_hold": _("Certificate Hold"),
"cessation_of_operation": _("Cessation of Operation"),
"common_name": _("Common Name"),
"download": _("Download"),
"delete_cert_end": _("the certificate with serial number "),
"expires_on": _("Expires On"),
"find_issuedon_from": _("Issued on from"),
"find_issuedon_to": _("Issued on to"),
"find_max_serial_number": _("Maximum serial number"),
"find_min_serial_number": _("Minimum serial number"),
"find_revocation_reason": _("Revocation reason"),
"find_revokedon_from": _("Revoked on from"),
"find_revokedon_to": _("Revoked on to"),
"find_subject": _("Subject"),
"find_validnotafter_from": _("Valid not after from"),
"find_validnotafter_to": _("Valid not after to"),
"find_validnotbefore_from": _("Valid not before from"),
"find_validnotbefore_to": _("Valid not before to"),
"fingerprints": _("Fingerprints"),
"get_certificate": _("Get Certificate"),
"hold_removed": _("Certificate Hold Removed"),
"issue_for_host": _(
"Issue new certificate for host '${primary_key}'"
),
"issue_for_service": _(
"Issue new certificate for service '${primary_key}'"
),
"issue_for_user": _(
"Issue new certificate for user '${primary_key}'"
),
"issue_certificate_generic": _("Issue new certificate"),
"issued_by": _("Issued By"),
"issued_on": _("Issued On"),
"issued_to": _("Issued To"),
"key_compromise": _("Key Compromise"),
"missing": _("No Valid Certificate"),
"new_certificate": _("New Certificate"),
"new_cert_format": _("Certificate in base64 or PEM format"),
"note": _("Note"),
"organization": _("Organization"),
"organizational_unit": _("Organizational Unit"),
"present": _("${count} certificate(s) present"),
"privilege_withdrawn": _("Privilege Withdrawn"),
"reason": _("Reason for Revocation"),
"remove_hold": _("Remove hold"),
"remove_certificate_hold_simple": _("Remove certificate hold"),
"remove_certificate_hold_confirmation": _("Do you want to remove the certificate hold?"),
"remove_from_crl": _("Remove from CRL"),
"request_message": _("<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d &lt;database path&gt;</code> </li> <li>Create a CSR with subject <em>CN=&lt;${cn_name}&gt;,O=&lt;realm&gt;</em>, for example:<br/> <code># certutil -R -d &lt;database path&gt; -a -g &lt;key size&gt; -s 'CN=${cn},O=${realm}'${san}</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>"),
"request_message_san": _(" -8 '${cn}'"),
"requested": _("Certificate requested"),
"revocation_reason": _("Revocation reason"),
"revoke_certificate_simple": _("Revoke certificate"),
"revoke_confirmation": _("Do you want to revoke this certificate? Select a reason from the pull-down list."),
"revoked": _("Certificate Revoked"),
"revoked_status": _("REVOKED"),
"serial_number": _("Serial Number"),
"serial_number_hex": _("Serial Number (hex)"),
"sha1_fingerprint": _("SHA1 Fingerprint"),
"sha256_fingerprint": _("SHA256 Fingerprint"),
"status": _("Status"),
"superseded": _("Superseded"),
"unspecified": _("Unspecified"),
"valid": _("Valid Certificate Present"),
"valid_from": _("Valid from"),
"valid_to": _("Valid to"),
"validity": _("Validity"),
"view_certificate": _("Certificate for ${entity} ${primary_key}"),
"view_certificate_btn": _("View Certificate"),
},
"certmap_match": {
"cert_data": _("Certificate Data"),
"cert_for_match": _("Certificate For Match"),
"facet_label": _("Certificate Mapping Match"),
"domain": _("Domain"),
"matched_users": _("Matched Users"),
"userlogin": _("User Login"),
},
"certmap": {
"add": _("Add certificate identity mapping rule"),
"adder_title": _("Add certificate mapping data"),
"data_label": _("Certificate mapping data"),
"certificate": _("Certificate"),
"conf_str": _("Configuration string"),
"deleter_content": _("Do you want to remove certificate mapping data ${data}?"),
"deleter_title": _("Remove certificate mapping data"),
"issuer": _("Issuer"),
"issuer_subject": _("Issuer and subject"),
"remove": _("Remove certificate identity mapping rules"),
"subject": _("Subject"),
"version": _("Version"),
},
"config": {
"group": _("Group Options"),
"search": _("Search Options"),
"selinux": _("SELinux Options"),
"server": _("Server Options"),
"service": _("Service Options"),
"user": _("User Options"),
},
"delegation": {
},
"dnsconfig": {
"forward_first": _("Forward first"),
"forward_none": _("Forwarding disabled"),
"forward_only": _("Forward only"),
"options": _("Options"),
"update_dns": _("Update System DNS Records"),
"update_dns_dialog_msg": _("Do you want to update system DNS records?"),
"updated_dns": _("System DNS records updated"),
},
"dnsforwardzone": {
"add": _("Add DNS forward zone"),
"remove": _("Remove DNS forward zones"),
},
"dnsrecord": {
"add": _("Add DNS resource record"),
"data": _("Data"),
"deleted_no_data": _("DNS record was deleted because it contained no data."),
"other": _("Other Record Types"),
"ptr_redir_address_err": _("Address not valid, can't redirect"),
"ptr_redir_create": _("Create dns record"),
"ptr_redir_creating": _("Creating record."),
"ptr_redir_creating_err": _("Record creation failed."),
"ptr_redir_record": _("Checking if record exists."),
"ptr_redir_record_err": _("Record not found."),
"ptr_redir_title": _("Redirection to PTR record"),
"ptr_redir_zone": _("Zone found: ${zone}"),
"ptr_redir_zone_err": _("Target reverse zone not found."),
"ptr_redir_zones": _("Fetching DNS zones."),
"ptr_redir_zones_err": _("An error occurred while fetching dns zones."),
"redirection_dnszone": _("You will be redirected to DNS Zone."),
"remove": _("Remove DNS resource records"),
"standard": _("Standard Record Types"),
"title": _("Records for DNS Zone"),
"type": _("Record Type"),
},
"dnszone": {
"add": _("Add DNS zone"),
"add_permission": _("Add permission"),
"add_permission_confirm":_("Are you sure you want to add permission for DNS Zone ${object}?"),
"identity": _("DNS Zone Settings"),
"remove": _("Remove DNS zones"),
"remove_permission": _("Remove Permission"),
"remove_permission_confirm": _("Are you sure you want to remove permission for DNS Zone ${object}?"),
"skip_dns_check": _("Skip DNS check"),
"skip_overlap_check": _("Skip overlap check"),
"soamname_change_message": _("Do you want to check if new authoritative nameserver address is in DNS"),
"soamname_change_title": _("Authoritative nameserver change"),
},
"domainlevel": {
"label": _("Domain Level"),
"label_singular": _("Domain Level"),
"ipadomainlevel": _("Level"),
"set": _("Set Domain Level"),
},
"group": {
"add": _("Add user group"),
"add_groups": _(
"Add user groups into user group '${primary_key}'"
),
"add_into_groups": _(
"Add user group '${primary_key}' into user groups"
),
"add_into_hbac": _(
"Add user group '${primary_key}' into HBAC rules"
),
"add_into_netgroups": _(
"Add user group '${primary_key}' into netgroups"
),
"add_into_roles": _(
"Add user group '${primary_key}' into roles"
),
"add_into_sudo": _(
"Add user group '${primary_key}' into sudo rules"
),
"add_services": _(
"Add services into user group '${primary_key}'"
),
"add_users": _(
"Add users into user group '${primary_key}'"
),
"add_membermanager_group": _(
"Add groups as member managers for user group "
"'${primary_key}'"
),
"remove_membermanager_group": _(
"Remove groups from member managers for user group "
"'${primary_key}'"
),
"add_membermanager_user": _(
"Add users as member managers for user group "
"'${primary_key}'"
),
"remove_membermanager_user": _(
"Remove users from member managers for user group "
"'${primary_key}'"
),
"add_idoverride_user": _(
"Add user ID override into user group '${primary_key}'"
),
"details": _("Group Settings"),
"external": _("External"),
"groups": _("Groups"),
"group_categories": _("Group categories"),
"make_external": _("Change to external group"),
"make_posix": _("Change to POSIX group"),
"nonposix": _("Non-POSIX"),
"posix": _("POSIX"),
"remove": _("Remove user groups"),
"remove_from_groups": _(
"Remove user group '${primary_key}' from user groups"
),
"remove_from_netgroups": _(
"Remove user group '${primary_key}' from netgroups"
),
"remove_from_roles": _(
"Remove user group '${primary_key}' from roles"
),
"remove_from_hbac": _(
"Remove user group '${primary_key}' from HBAC rules"
),
"remove_from_sudo": _(
"Remove user group '${primary_key}' from sudo rules"
),
"remove_groups": _(
"Remove user groups from user group '${primary_key}'"
),
"remove_services": _(
"Remove services from user group '${primary_key}'"
),
"remove_users": _(
"Remove users from user group '${primary_key}'"
),
"remove_idoverride_users": _(
"Remove user ID overrides from user group '${primary_key}'"
),
"type": _("Group Type"),
"user_groups": _("User Groups"),
},
"hbacrule": {
"add": _("Add HBAC rule"),
"add_groups": _(
"Add user groups into HBAC rule '${primary_key}'"
),
"add_hostgroups": _(
"Add host groups into HBAC rule '${primary_key}'"
),
"add_hosts": _(
"Add hosts into HBAC rule '${primary_key}'"
),
"add_servicegroups": _(
"Add HBAC service groups into HBAC rule "
"'${primary_key}'"
),
"add_services": _(
"Add HBAC services into HBAC rule '${primary_key}'"
),
"add_users": _(
"Add users into HBAC rule '${primary_key}'"
),
"any_host": _("Any Host"),
"any_service": _("Any Service"),
"anyone": _("Anyone"),
"host": _("Accessing"),
"ipaenabledflag": _("Rule status"),
"remove": _("Remove HBAC rules"),
"remove_groups": _(
"Remove user groups from HBAC rule '${primary_key}'"
),
"remove_hostgroups": _(
"Remove host groups from HBAC rule '${primary_key}'"
),
"remove_hosts": _(
"Remove hosts from HBAC rule '${primary_key}'"
),
"remove_servicegroups": _(
"Remove HBAC service groups from HBAC rule "
"'${primary_key}'"
),
"remove_services": _(
"Remove HBAC services from HBAC rule '${primary_key}'"
),
"remove_users": _(
"Remove users from HBAC rule '${primary_key}'"
),
"service": _("Via Service"),
"specified_hosts": _("Specified Hosts and Groups"),
"specified_services": _("Specified Services and Groups"),
"specified_users": _("Specified Users and Groups"),
"user": _("Who"),
},
"hbacsvc": {
"add": _("Add HBAC service"),
"add_hbacsvcgroups": _(
"Add HBAC service '${primary_key}' into HBAC service "
"groups"
),
"remove": _("Remove HBAC services"),
"remove_from_hbacsvcgroups": _(
"Remove HBAC service '${primary_key}' from HBAC service "
"groups"
),
},
"hbacsvcgroup": {
"add": _("Add HBAC service group"),
"add_hbacsvcs": _(
"Add HBAC services into HBAC service group "
"'${primary_key}'"
),
"remove": _("Remove HBAC service groups"),
"remove_hbacsvcs": _(
"Remove HBAC services from HBAC service group "
"'${primary_key}'"
),
"services": _("Services"),
},
"hbactest": {
"access_denied": _("Access Denied"),
"access_granted": _("Access Granted"),
"include_disabled": _("Include Disabled"),
"include_enabled": _("Include Enabled"),
"label": _("HBAC Test"),
"matched": _("Matched"),
"missing_values": _("Missing values: "),
"new_test": _("New Test"),
"rules": _("Rules"),
"run_test": _("Run Test"),
"specify_external": _("Specify external ${entity}"),
"unmatched": _("Unmatched"),
},
"host": {
"add": _("Add host"),
"add_hosts_managing": _(
"Add hosts managing host '${primary_key}'"
),
"add_into_groups": _(
"Add host '${primary_key}' into host groups"
),
"add_into_hbac": _(
"Add host '${primary_key}' into HBAC rules"
),
"add_into_netgroups": _(
"Add host '${primary_key}' into netgroups"
),
"add_into_roles": _(
"Add host '${primary_key}' into roles"
),
"add_into_sudo": _(
"Add host '${primary_key}' into sudo rules"
),
"certificate": _("Host Certificate"),
"cn": _("Host Name"),
"delete_key_unprovision": _("Delete Key, Unprovision"),
"details": _("Host Settings"),
"enrolled": _("Enrolled"),
"enrollment": _("Enrollment"),
"fqdn": _("Fully Qualified Host Name"),
"generate_otp": _("Generate OTP"),
"generated_otp": _("Generated OTP"),
"keytab": _("Kerberos Key"),
"keytab_missing": _("Kerberos Key Not Present"),
"keytab_present": _("Kerberos Key Present, Host Provisioned"),
"password": _("One-Time Password"),
"password_missing": _("One-Time Password Not Present"),
"password_present": _("One-Time Password Present"),
"password_reset_button": _("Reset OTP"),
"password_reset_title": _("Reset One-Time Password"),
"password_set_button": _("Set OTP"),
"password_set_success": _("OTP set"),
"password_set_title": _("Set One-Time Password"),
"remove": _("Remove hosts"),
"remove_hosts_managing": _(
"Remove hosts managing host '${primary_key}'"
),
"remove_from_groups": _(
"Remove host '${primary_key}' from host groups"
),
"remove_from_netgroups": _(
"Remove host '${primary_key}' from netgroups"
),
"remove_from_roles": _(
"Remove host '${primary_key}' from roles"
),
"remove_from_hbac": _(
"Remove host '${primary_key}' from HBAC rules"
),
"remove_from_sudo": _(
"Remove host '${primary_key}' from sudo rules"
),
"status": _("Status"),
"unprovision": _("Unprovision"),
"unprovision_confirmation": _("Are you sure you want to unprovision this host?"),
"unprovision_title": _("Unprovisioning host"),
"unprovisioned": _("Host unprovisioned"),
},
"hostgroup": {
"add": _("Add host group"),
"add_hosts": _(
"Add hosts into host group '${primary_key}'"
),
"add_hostgroups": _(
"Add host groups into host group '${primary_key}'"
),
"add_into_hostgroups": _(
"Add host group '${primary_key}' into host groups"
),
"add_into_hbac": _(
"Add host group '${primary_key}' into HBAC rules"
),
"add_into_netgroups": _(
"Add host group '${primary_key}' into netgroups"
),
"add_into_sudo": _(
"Add host group '${primary_key}' into sudo rules"
),
"add_membermanager_group": _(
"Add groups as member managers for host group "
"'${primary_key}'"
),
"remove_membermanager_group": _(
"Remove groups from member managers for host group "
"'${primary_key}'"
),
"add_membermanager_user": _(
"Add users as member managers for host group "
"'${primary_key}'"
),
"remove_membermanager_user": _(
"Remove users from member managers for host group "
"'${primary_key}'"
),
"host_group": _("Host Groups"),
"identity": _("Host Group Settings"),
"remove": _("Remove host groups"),
"remove_from_hostgroups": _(
"Remove host group '${primary_key}' from host groups"
),
"remove_from_netgroups": _(
"Remove host group '${primary_key}' from netgroups"
),
"remove_from_hbac": _(
"Remove host group '${primary_key}' from HBAC rules"
),
"remove_from_sudo": _(
"Remove host group '${primary_key}' from sudo rules"
),
"remove_hosts": _(
"Remove hosts from host group '${primary_key}'"
),
"remove_hostgroups": _(
"Remove host groups from host group '${primary_key}'"
),
},
"idoverrideuser": {
"anchor_label": _("User to override"),
"anchor_tooltip": _("Enter trusted or IPA user login. Note: search doesn't list users from trusted domains."),
"anchor_tooltip_ad": _("Enter trusted user login."),
"profile": _("Profile"),
},
"idoverridegroup": {
"anchor_label": _("Group to override"),
"anchor_tooltip": _("Enter trusted or IPA group name. Note: search doesn't list groups from trusted domains."),
"anchor_tooltip_ad": _("Enter trusted group name."),
},
"idview": {
"add": _("Add ID view"),
"add_group": _("Add group ID override"),
"add_user": _("Add user ID override"),
"appliesto_tab": _("${primary_key} applies to:"),
"appliedtohosts": _("Applied to hosts"),
"appliedtohosts_title": _("Applied to hosts"),
"apply_hostgroups": _("Apply to host groups"),
"apply_hostgroups_title": _(
"Apply ID view '${primary_key}' on hosts of host groups"
),
"apply_hosts": _("Apply to hosts"),
"apply_hosts_title": _(
"Apply ID view '${primary_key}' on hosts"
),
"ipaassignedidview": _("Assigned ID View"),
"overrides_tab": _("${primary_key} overrides:"),
"remove": _("Remove ID views"),
"remove_users": _("Remove user ID overrides"),
"remove_groups": _("Remove group ID overrides"),
"unapply_hostgroups": _("Un-apply from host groups"),
"unapply_hostgroups_all_title": _("Un-apply ID Views from hosts of hostgroups"),
"unapply_hosts": _("Un-apply"),
"unapply_hosts_all": _("Un-apply from hosts"),
"unapply_hosts_all_title": _("Un-apply ID Views from hosts"),
"unapply_hosts_confirm": _("Are you sure you want to un-apply ID view from selected entries?"),
"unapply_hosts_title": _(
"Un-apply ID view '${primary_key}' from hosts"
),
},
"krbtpolicy": {
"identity": _("Kerberos Ticket Policy"),
},
"netgroup": {
"add": _("Add netgroup"),
"add_into_netgroups": _(
"Add netgroup '${primary_key}' into netgroups"
),
"add_netgroups": _(
"Add netgroups into netgroup '${primary_key}'"
),
"add_groups": _(
"Add user groups into netgroup '${primary_key}'"
),
"add_hosts": _(
"Add hosts into netgroup '${primary_key}'"
),
"add_hostgroups": _(
"Add host groups into netgroup '${primary_key}'"
),
"add_users": _(
"Add users into netgroup '${primary_key}'"
),
"any_host": _("Any Host"),
"anyone": _("Anyone"),
"external": _("External"),
"host": _("Host"),
"hostgroups": _("Host Groups"),
"hosts": _("Hosts"),
"identity": _("Netgroup Settings"),
"netgroups": _("Netgroups"),
"remove": _("Remove netgroups"),
"remove_from_netgroups": _(
"Remove netgroup '${primary_key}' from netgroups"
),
"remove_groups": _(
"Remove user groups from netgroup '${primary_key}'"
),
"remove_hosts": _(
"Remove hosts from netgroup '${primary_key}'"
),
"remove_hostgroups": _(
"Remove host groups from netgroup '${primary_key}'"
),
"remove_netgroups": _(
"Remove netgroups from netgroup '${primary_key}'"
),
"remove_users": _(
"Remove users from netgroup '${primary_key}'"
),
"specified_hosts": _("Specified Hosts and Groups"),
"specified_users": _("Specified Users and Groups"),
"user": _("User"),
"usergroups": _("User Groups"),
"users": _("Users"),
},
"otptoken": {
"add": _("Add OTP token"),
"add_users_managing": _(
"Add users managing OTP token '${primary_key}'"
),
"app_link": _("You can use <a href=\"${link}\" target=\"_blank\">FreeOTP<a/> as a software OTP token application."),
"config_title": _("Configure your token"),
"config_instructions": _("Configure your token by scanning the QR code below. Click on the QR code if you see this on the device you want to configure."),
"details": _("OTP Token Settings"),
"disable": _("Disable token"),
"enable": _("Enable token"),
"remove": _("Remove OTP tokens"),
"remove_users_managing": _(
"Remove users managing OTP token '${primary_key}'"
),
"show_qr": _("Show QR code"),
"show_uri": _("Show configuration uri"),
"type_hotp": _("Counter-based (HOTP)"),
"type_totp": _("Time-based (TOTP)"),
},
"permission": {
"add_custom_attr": _("Add Custom Attribute"),
"attribute": _("Attribute"),
"filter": _("Filter"),
"identity": _("Permission settings"),
"managed": _("Attribute breakdown"),
"target": _("Target"),
},
"privilege": {
"identity": _("Privilege Settings"),
},
"publickey": {
"set_dialog_help": _("Public key:"),
"set_dialog_title": _("Set public key"),
"show_set_key": _("Show/Set key"),
"status_mod_ns": _("Modified: key not set"),
"status_mod_s": _("Modified"),
"status_new_ns": _("New: key not set"),
"status_new_s": _("New: key set"),
},
"pwpolicy": {
"add": _("Add password policy"),
"identity": _("Password Policy"),
"remove": _("Remove password policies"),
},
"idrange": {
"add": _("Add ID range"),
"details": _("Range Settings"),
"ipaautoprivategroups": _("Auto private groups"),
"ipabaseid": _("Base ID"),
"ipabaserid": _("Primary RID base"),
"ipaidrangesize": _("Range size"),
"ipanttrusteddomainsid": _("Domain SID"),
"ipasecondarybaserid": _("Secondary RID base"),
"remove": _("Remove ID ranges"),
"type": _("Range type"),
"type_ad": _("Active Directory domain"),
"type_ad_posix": _("Active Directory domain with POSIX attributes"),
"type_detect": _("Detect"),
"type_local": _("Local domain"),
"type_ipa": _("IPA trust"),
"type_winsync": _("Active Directory winsync"),
},
"radiusproxy": {
"add": _("Add RADIUS server"),
"details": _("RADIUS Proxy Server Settings"),
"remove": _("Remove RADIUS servers"),
},
"realmdomains": {
"identity": _("Realm Domains"),
"check_dns": _("Check DNS"),
"check_dns_confirmation": _("Do you also want to perform DNS check?"),
"force_update": _("Force Update"),
},
"selfservice": {
},
"selinuxusermap": {
"add": _("Add SELinux user map"),
"add_groups": _(
"Add user groups into SELinux user map '${primary_key}'"
),
"add_hostgroups": _(
"Add host groups into SELinux user map '${primary_key}'"
),
"add_hosts": _(
"Add hosts into SELinux user map '${primary_key}'"
),
"add_users": _(
"Add users into SELinux user map '${primary_key}'"
),
"any_host": _("Any Host"),
"anyone": _("Anyone"),
"host": _("Host"),
"remove": _("Remove selinux user maps"),
"remove_groups": _(
"Remove user groups from SELinux user map '${primary_key}'"
),
"remove_hostgroups": _(
"Remove host groups from SELinux user map '${primary_key}'"
),
"remove_hosts": _(
"Remove hosts from SELinux user map '${primary_key}'"
),
"remove_users": _(
"Remove users from SELinux user map '${primary_key}'"
),
"specified_hosts": _("Specified Hosts and Groups"),
"specified_users": _("Specified Users and Groups"),
"user": _("User"),
},
"server_role": {
"label": _("Server Roles"),
"label_singular": _("Server Role"),
},
"servers": {
"svc_warning_title": _("Warning: Consider service replication"),
"svc_warning_message": _("It is strongly recommended to keep the following services installed on more than one server:"),
"remove_server": _("Delete Server"),
"remove_server_msg": _("Deleting a server removes it permanently from the topology. Note that this is a non-reversible action.")
},
"service": {
"add": _("Add service"),
"add_hosts_managing": _(
"Add hosts managing service '${primary_key}'"
),
"add_into_roles": _(
"Add service '${primary_key}' into roles"
),
"certificate": _("Service Certificate"),
"delete_key_unprovision": _("Delete Key, Unprovision"),
"details": _("Service Settings"),
"host": _("Host Name"),
"missing": _("Kerberos Key Not Present"),
"provisioning": _("Provisioning"),
"remove": _("Remove services"),
"remove_from_roles": _(
"Remove service '${primary_key}' from roles"
),
"remove_hosts_managing": _(
"Remove hosts managing service '${primary_key}'"
),
"service": _("Service"),
"status": _("Status"),
"unprovision": _("Unprovision"),
"unprovision_confirmation": _("Are you sure you want to unprovision this service?"),
"unprovision_title": _("Unprovisioning service"),
"unprovisioned": _("Service unprovisioned"),
"valid": _("Kerberos Key Present, Service Provisioned"),
},
"sshkeystore": {
"keys": _("SSH public keys"),
"set_dialog_help": _("SSH public key:"),
"set_dialog_title": _("Set SSH key"),
"show_set_key": _("Show/Set key"),
"status_mod_ns": _("Modified: key not set"),
"status_mod_s": _("Modified"),
"status_new_ns": _("New: key not set"),
"status_new_s": _("New: key set"),
},
"stageuser": {
"activate_confirm": _("Are you sure you want to activate selected users?"),
"activate_one_confirm": _("Are you sure you want to activate ${object}?"),
"activate_success": _("${count} user(s) activated"),
"add": _("Add stage user"),
"label": _("Stage users"),
"preserved_label": _("Preserved users"),
"preserved_remove": _("Remove preserved users"),
"remove": _("Remove stage users"),
"stage_confirm": _("Are you sure you want to stage selected users?"),
"stage_success": _("${count} users(s) staged"),
"stage_one_confirm": _("Are you sure you want to stage ${object}?"),
"undel_confirm": _("Are you sure you want to restore selected users?"),
"undel_one_confirm": _("Are you sure you want to restore ${object}?"),
"undel_success": _("${count} user(s) restored"),
"user_categories": _("User categories"),
},
"subid": {
"add": _("Add subid"),
"assigned_subids": _("Assigned subids"),
"baseid": _("Base ID"),
"dna_remaining": _("DNA remaining"),
"ipaowner": _("Owner"),
"ipasubgidcount": _("SubGID range size"),
"ipasubgidnumber": _("SubGID range start"),
"ipasubuidcount": _("SubUID range size"),
"ipasubuidnumber": _("SubUID range start"),
"rangesize": _("Range size"),
"remaining_subids": _("Remaining subids"),
"stats": _("Subordinate ID Statistics"),
},
"sudocmd": {
"add": _("Add sudo command"),
"add_into_sudocmdgroups": _(
"Add sudo command '${primary_key}' into sudo command "
"groups"
),
"groups": _("Groups"),
"remove": _("Remove sudo commands"),
"remove_from_sudocmdgroups": _(
"Remove sudo command '${primary_key}' from sudo command "
"groups"
),
},
"sudocmdgroup": {
"add": _("Add sudo command group"),
"add_sudocmds": _(
"Add sudo commands into sudo command group "
"'${primary_key}'"
),
"commands": _("Commands"),
"remove": _("Remove sudo command groups"),
"remove_sudocmds": _(
"Remove sudo commands from sudo command group "
"'${primary_key}'"
),
},
"sudorule": {
"add": _("Add sudo rule"),
"add_option": _("Add sudo option"),
"add_allow_cmds": _(
"Add allow sudo commands into sudo rule "
"'${primary_key}'"
),
"add_allow_cmdgroups": _(
"Add allow sudo command groups into sudo rule "
"'${primary_key}'"
),
"add_deny_cmds": _(
"Add deny sudo commands into sudo rule "
"'${primary_key}'"
),
"add_deny_cmdgroups": _(
"Add deny sudo command groups into sudo rule "
"'${primary_key}'"
),
"add_groups": _(
"Add user groups into sudo rule '${primary_key}'"
),
"add_hostgroups": _(
"Add host groups into sudo rule '${primary_key}'"
),
"add_hosts": _(
"Add hosts into sudo rule '${primary_key}'"
),
"add_runas_users": _(
"Add RunAs users into sudo rule '${primary_key}'"
),
"add_runas_usergroups": _(
"Add RunAs user groups into sudo rule '${primary_key}'"
),
"add_runas_groups": _(
"Add RunAs groups into sudo rule '${primary_key}'"
),
"add_users": _(
"Add users into sudo rule '${primary_key}'"
),
"allow": _("Allow"),
"any_command": _("Any Command"),
"any_group": _("Any Group"),
"any_host": _("Any Host"),
"anyone": _("Anyone"),
"command": _("Run Commands"),
"deny": _("Deny"),
"external": _("External"),
"host": _("Access this host"),
"ipaenabledflag": _("Rule status"),
"option_added": _("Option added"),
"option_removed": _("${count} option(s) removed"),
"options": _("Options"),
"remove": _("Remove sudo rules"),
"remove_allow_cmds": _(
"Remove allow sudo commands from sudo rule "
"'${primary_key}'"
),
"remove_allow_cmdgroups": _(
"Remove allow sudo command groups from sudo rule "
"'${primary_key}'"
),
"remove_deny_cmds": _(
"Remove deny sudo commands from sudo rule "
"'${primary_key}'"
),
"remove_deny_cmdgroups": _(
"Remove deny sudo command groups from sudo rule "
"'${primary_key}'"
),
"remove_groups": _(
"Remove user groups from sudo rule '${primary_key}'"
),
"remove_hostgroups": _(
"Remove host groups from sudo rule '${primary_key}'"
),
"remove_hosts": _(
"Remove hosts from sudo rule '${primary_key}'"
),
"remove_runas_users": _(
"Remove RunAs users from sudo rule '${primary_key}'"
),
"remove_runas_usergroups": _(
"Remove RunAs user groups from sudo rule '${primary_key}'"
),
"remove_runas_groups": _(
"Remove RunAs groups from sudo rule '${primary_key}'"
),
"remove_users": _(
"Remove users from sudo rule '${primary_key}'"
),
"runas": _("As Whom"),
"specified_commands": _("Specified Commands and Groups"),
"specified_groups": _("Specified Groups"),
"specified_hosts": _("Specified Hosts and Groups"),
"specified_users": _("Specified Users and Groups"),
"user": _("Who"),
},
"sudooptions": {
"remove": _("Remove sudo options"),
},
"topology": {
"autogenerated": _("Autogenerated"),
"segment_details": _("Segment details"),
"replication_config": _("Replication configuration"),
"insufficient_domain_level" : _("Managed topology requires minimal domain level ${domainlevel}"),
},
"topologylocation": {
"add": _("Add IPA location"),
"add_server": _(
"Add IPA server into IPA location '${primary_key}'"
),
"remove": _("Remove IPA locations"),
"remove_servers": _(
"Remove IPA servers from IPA location '${primary_key}'"
),
},
"topologysegment": {
"add": _("Add topology segment"),
"remove": _("Remove topology segments"),
},
"trust": {
"account": _("Account"),
"add": _("Add trust"),
"admin_account": _("Administrative account"),
"blocklists": _("SID blocklists"),
"details": _("Trust Settings"),
"domain": _("Domain"),
"establish_using": _("Establish using"),
"fetch_domains": _("Fetch domains"),
"ipantflatname": _("Domain NetBIOS name"),
"ipanttrusteddomainsid": _("Domain Security Identifier"),
"preshared_password": _("Pre-shared password"),
"remove": _("Remove trusts"),
"remove_domains": _("Remove domains"),
"trustdirection": _("Trust direction"),
"truststatus": _("Trust status"),
"trusttype": _("Trust type"),
"ipantadditionalsuffixes": _("Alternative UPN suffixes"),
},
'smb_attributes': {
"title": _(
"User attributes for SMB services"
),
"ipantlogonscript_tooltip": _(
"Path to a script executed on a Windows system at logon"
),
"ipantprofilepath_tooltip": _(
"Path to a user profile, in UNC format \\\\server\\share\\"
),
"ipanthomedirectory_tooltip": _(
"Path to a user home directory, in UNC format"
),
"ipanthomedirectorydrive_tooltip": _(
"Drive to mount a home directory"
),
},
"trustconfig": {
"options": _("Options"),
},
"user": {
"account": _("Account Settings"),
"account_status": _("Account Status"),
"activeuser_label": _("Active users"),
"add": _("Add user"),
"add_into_groups": _(
"Add user '${primary_key}' into user groups"
),
"add_into_hbac": _(
"Add user '${primary_key}' into HBAC rules"
),
"add_into_netgroups": _(
"Add user '${primary_key}' into netgroups"
),
"add_into_roles": _(
"Add user '${primary_key}' into roles"
),
"add_into_sudo": _(
"Add user '${primary_key}' into sudo rules"
),
"auto_subid": _("Auto assign subordinate ids"),
"auto_subid_confirm": _(
"Are you sure you want to auto-assign a subordinate id "
"to user ${object}?"
),
"contact": _("Contact Settings"),
"delete_mode": _("Delete mode"),
"employee": _("Employee Information"),
"error_changing_status": _("Error changing account status"),
"krbpasswordexpiration": _("Password expiration"),
"mailing": _("Mailing Address"),
"misc": _("Misc. Information"),
"mode_delete": _("delete"),
"mode_preserve": _("preserve"),
"noprivate": _("No private group"),
"remove": _("Remove users"),
"remove_from_groups": _(
"Remove user '${primary_key}' from user groups"
),
"remove_from_netgroups": _(
"Remove user '${primary_key}' from netgroups"
),
"remove_from_roles": _(
"Remove user '${primary_key}' from roles"
),
"remove_from_hbac": _(
"Remove user '${primary_key}' from HBAC rules"
),
"remove_from_sudo": _(
"Remove user '${primary_key}' from sudo rules"
),
"status_confirmation": _("Are you sure you want to ${action} the user?<br/>The change will take effect immediately."),
"status_link": _("Click to ${action}"),
"unlock": _("Unlock"),
"unlock_confirm": _("Are you sure you want to unlock user ${object}?"),
},
"vault": {
"add": _("Add vault"),
"add_member_groups": _(
"Add user groups into members of vault '${primary_key}'"
),
"add_member_services": _(
"Add services into members of vault '${primary_key}'"
),
"add_member_users": _(
"Add users into members of vault '${primary_key}'"
),
"add_owner_groups": _(
"Add user groups into owners of vault '${primary_key}'"
),
"add_owner_services": _(
"Add services into owners of vault '${primary_key}'"
),
"add_owner_users": _(
"Add users into owners of vault '${primary_key}'"
),
"add_warn_arch_ret": _(
"Secrets can be added/retrieved to vault only by using "
"vault-archive and vault-retrieve from CLI."
),
"add_warn_standard": _(
"Content of 'standard' vaults can be seen by users with "
"higher privileges (admins)."
),
"asymmetric_type": _("Asymmetric"),
"config_title": _("Vaults Config"),
"group": _("Group"),
"members": _("Members"),
"my_vaults_title": _("My User Vaults"),
"owners": _("Owners"),
"remove": _("Remove vaults"),
"remove_member_groups": _(
"Remove user groups from members of vault '${primary_key}'"
),
"remove_member_services": _(
"Remove services from members of vault '${primary_key}'"
),
"remove_member_users": _(
"Remove users from members of vault '${primary_key}'"
),
"remove_owner_groups": _(
"Remove user groups from owners of vault '${primary_key}'"
),
"remove_owner_services": _(
"Remove services from owners of vault '${primary_key}'"
),
"remove_owner_users": _(
"Remove users from owners of vault '${primary_key}'"
),
"service": _("Service"),
"service_vaults_title": _("Service Vaults"),
"shared": _("Shared"),
"shared_vaults_title": _("Shared Vaults"),
"standard_type": _("Standard"),
"symmetric_type": _("Symmetric"),
"type": _("Vault Type"),
"type_tooltip": _(
"Only standard vaults can be created in WebUI, use CLI "
"for other types of vaults."
),
"user": _("User"),
"user_vaults_title": _("User Vaults"),
},
},
"password": {
"current_password": _("Current Password"),
"current_password_required": _("Current password is required"),
"expires_in": _("Your password expires in ${days} days."),
"first_otp": _("First OTP"),
"invalid_password": _(
"The password or username you entered is incorrect"),
"new_password": _("New Password"),
"new_password_required": _("New password is required"),
"otp": _("OTP"),
"otp_info":
_("<i class=\"fa fa-info-circle\"></i> <strong>"
"OTP (One-Time Password):</strong>"
"Generate new OTP code for each OTP field."),
"otp_reset_info":
_("<i class=\"fa fa-info-circle\"></i> <strong>"
"OTP (One-Time Password):</strong>"
"Leave blank if you are not using OTP tokens"
"for authentication."),
"otp_long": _("One-Time Password"),
"otp_sync_fail": _("Token synchronization failed"),
"otp_sync_invalid": _("The username, password or token codes are not correct"),
"otp_sync_success":_("Token was synchronized"),
"password": _("Password"),
"password_and_otp": _("Password or Password+One-Time Password"),
"password_change_complete": _("Password change complete"),
"password_expired": _(
"Your password has expired. Please enter a new password."),
"password_must_match": _("Passwords must match"),
"reset_failure": _("Password reset was not successful."),
"reset_password": _("Reset Password"),
"reset_password_sentence": _("Reset your password."),
"second_otp": _("Second OTP"),
"token_id": _("Token ID"),
"verify_password": _("Verify Password"),
},
"profile-menu": {
"about": _("About"),
"configuration": _("Customization"),
"logout": _("Log out"),
"password_reset": _("Change password"),
"profile": _("Profile"),
},
"search": {
"delete_confirm": _("Are you sure you want to delete selected entries?"),
"deleted": _("${count} item(s) deleted"),
"disable_confirm": _("Are you sure you want to disable selected entries?"),
"disabled": _("${count} item(s) disabled"),
"enable_confirm": _("Are you sure you want to enable selected entries?"),
"enabled": _("${count} item(s) enabled"),
"partial_delete": _("Some entries were not deleted"),
"placeholder": _("Search"),
"placeholder_filter": _("Filter"),
"quick_links": _("Quick Links"),
"select_all": _("Select All"),
"truncated": _("Query returned more results than the configured size limit. Displaying the first ${counter} results."),
"unselect_all": _("Unselect All"),
},
"ssbrowser-page": {
"header": _(
"<h1>Browser Kerberos Setup</h1>\n"
"\n"
),
"firefox-header": _(
"<h2>Firefox</h2>\n"
"\n"
"<p>\n"
" You can configure Firefox to use Kerberos for "
"Single Sign-on. The following instructions will guide you in "
"configuring your web browser to send your Kerberos "
"credentials to the appropriate Key Distribution Center which "
"enables Single Sign-on.\n"
"</p>\n"
"\n"
),
"firefox-actions": _(
"<ol>\n"
"<li>\n"
"<p>\n"
"<a href=\"ca.crt\" id=\"ca-link\" class=\"btn btn-default\">"
"Import Certificate Authority certificate</a>\n"
"</p>\n"
"<p>\n"
" Make sure you select <b>all three</b> "
"checkboxes.\n"
"</p>\n"
"</li>\n"
"<li>\n"
" In the address bar of Firefox, type <code>"
"about:config</code> to display the list of current "
"configuration options.\n"
"</li>\n"
"<li>\n"
" In the Filter field, type <code>negotiate"
"</code> to restrict the list of options.\n"
"</li>\n"
"<li>\n"
" Double-click the <code>network.negotiate-auth"
".trusted-uris</code> entry to display the Enter string value "
"dialog box.\n"
"</li>\n"
"<li>\n"
" Enter the name of the domain against which "
"you want to authenticate, for example, <code class=\""
"example-domain\">.example.com</code>.\n"
"</li>\n"
"<li><a href=\"../ui/index.html\" id=\"return-link\" class=\""
"btn btn-default\">Return to Web UI</a></li>\n"
"</ol>\n"
"\n"
),
"chrome-header": _(
"<h2>Chrome</h2>\n"
"\n"
"<p>\n"
" You can configure Chrome to use Kerberos for "
"Single Sign-on. The following instructions will guide you in "
"configuring your web browser to send your Kerberos "
"credentials to the appropriate Key Distribution Center which "
"enables Single Sign-on.\n"
"</p>\n"
"\n"
),
"chrome-certificate": _(
"<h3>Import CA Certificate</h3>\n"
"<ol>\n"
"<li>\n"
" Download the <a href=\"ca.crt\">CA "
"certificate</a>. Alternatively, if the host is also an IdM "
"client, you can find the certificate in /etc/ipa/ca.crt.\n"
"</li>\n"
"<li>\n"
" Click the menu button with the <em>Customize "
"and control Google Chrome</em> tooltip, which is by default "
"in the top right-hand corner of Chrome, and click <em>"
"Settings</em>.\n"
"</li>\n"
"<li>\n"
" Click <em>Show advanced settings</em> to "
"display more options, and then click the <em>Manage "
"certificates</em> button located under the HTTPS/SSL heading."
"\n"
"</li>\n"
"<li>\n"
" In the <em>Authorities</em> tab, click the "
"<em>Import</em> button at the bottom.\n"
"</li>\n"
"<li>Select the CA certificate file that you downloaded in the"
" first step.</li>\n"
"</ol>\n"
"\n"
),
"chrome-spnego": _(
"<h3>\n"
" Enable SPNEGO (Simple and Protected GSSAPI "
"Negotiation Mechanism) to Use Kerberos Authentication\n"
" in Chrome\n"
"</h3>\n"
"<ol>\n"
"<li>\n"
" Make sure you have the necessary directory "
"created by running:\n"
"<div><code>\n"
" [root@client]# mkdir -p /etc/opt/chrome/"
"policies/managed/\n"
"</code></div>\n"
"</li>\n"
"<li>\n"
" Create a new <code>/etc/opt/chrome/policies/"
"managed/mydomain.json</code> file with write privileges "
"limited to the system administrator or root, and include the "
"following line:\n"
"<div><code>\n"
" { \"AuthServerWhitelist\": \"*<span "
"class=\"example-domain\">.example.com</span>\" }\n"
"</code></div>\n"
"<div>\n"
" You can do this by running:\n"
"</div>\n"
"<div><code>\n"
" [root@server]# echo \'{ \""
"AuthServerWhitelist\": \"*<span class=\"example-domain\">"
".example.com</span>\" }' > /etc/opt/chrome/policies/managed/"
"mydomain.json\n"
"</code></div>\n"
"</li>\n"
"</ol>\n"
"<ol>\n"
"<p>\n"
"<strong>Note:</strong> If using Chromium, use <code>/etc/"
"chromium/policies/managed/</code> instead of <code>/etc/opt/"
"chrome/policies/managed/</code> for the two SPNEGO Chrome "
"configuration steps above.\n"
"</p>\n"
"</ol>\n"
"\n"
),
"ie-header": _(
"<h2>Internet Explorer</h2>\n"
"<p><strong>WARNING:</strong> Internet Explorer is no longer a"
" supported browser.</p>\n"
"<p>\n"
" Once you are able to log into the workstation "
"with your kerberos key you are now able to use that ticket in"
" Internet Explorer.\n"
"</p>\n"
"<p>\n"
),
"ie-actions": _(
"<strong>Log into the Windows machine using an account of your"
" Kerberos realm (administrative domain)</strong>\n"
"</p>\n"
"<p>\n"
"<strong>In Internet Explorer, click Tools, and then click "
"Internet Options.</strong>\n"
"</p>\n"
"<div>\n"
"<ol>\n"
"<li>Click the Security tab</li>\n"
"<li>Click Local intranet</li>\n"
"<li>Click Sites </li>\n"
"<li>Click Advanced </li>\n"
"<li>Add your domain to the list</li>\n"
"</ol>\n"
"<ol>\n"
"<li>Click the Security tab</li>\n"
"<li>Click Local intranet</li>\n"
"<li>Click Custom Level</li>\n"
"<li>Select Automatic logon only in Intranet zone</li>\n"
"</ol>\n"
"\n"
"<ol>\n"
"<li> Visit a kerberized web site using IE (You must use the "
"fully-qualified Domain Name in the URL)</li>\n"
"<li><strong> You are all set.</strong></li>\n"
"</ol>\n"
"</div>\n"
"\n"
),
},
"status": {
"disable": _("Disable"),
"disabled": _("Disabled"),
"enable": _("Enable"),
"enabled": _("Enabled"),
"label": _("Status"),
"working": _("Working"),
},
"tabs": {
"audit": _("Audit"),
"authentication": _("Authentication"),
"automember": _("Automember"),
"automount": _("Automount"),
"cert": _("Certificates"),
"dns": _("DNS"),
"hbac": _("Host-Based Access Control"),
"identity": _("Identity"),
"ipaserver": _("IPA Server"),
"network_services": _("Network Services"),
"policy": _("Policy"),
"role": _("Role-Based Access Control"),
"subid": _("Subordinate IDs"),
"sudo": _("Sudo"),
"topology": _("Topology"),
"trust": _("Trusts"),
},
"true": _("True"),
"unauthorized-page": _(
"<h1>Unable to verify your Kerberos credentials</h1>\n"
"<p>\n"
" Please make sure that you have valid Kerberos "
"tickets (obtainable via <strong>kinit</strong>), and that you"
" have configured your browser correctly.\n"
"</p>\n"
"\n"
"<h2>Browser configuration</h2>\n"
"\n"
"<div id=\"first-time\">\n"
"<p>\n"
" If this is your first time, please <a href="
"\"ssbrowser.html\">configure your browser</a>.\n"
"</p>\n"
"</div>\n"
),
"widget": {
"api_browser": _("API Browser"),
"first": _("First"),
"last": _("Last"),
"next": _("Next"),
"page": _("Page"),
"prev": _("Prev"),
"undo": _("Undo"),
"undo_title": _("Undo this change."),
"undo_all": _("Undo All"),
"undo_all_title": _("Undo all changes in this field."),
"validation": {
"error": _("Text does not match field pattern"),
"datetime": _("Must be an UTC date/time value (e.g., \"2014-01-20 17:58:01Z\")"),
"decimal": _("Must be a decimal number"),
"format": _("Format error"),
"integer": _("Must be an integer"),
"ip_address": _('Not a valid IP address'),
"ip_v4_address": _('Not a valid IPv4 address'),
"ip_v6_address": _('Not a valid IPv6 address'),
"max_value": _("Maximum value is ${value}"),
"min_value": _("Minimum value is ${value}"),
"net_address": _("Not a valid network address (examples: 2001:db8::/64, 192.0.2.0/24)"),
"parse": _("Parse error"),
"positive_number": _("Must be a positive number"),
"port": _("'${port}' is not a valid port"),
"required": _("Required field"),
"unsupported": _("Unsupported value"),
},
},
}
has_output = (
Output('texts', dict, doc=_('Dict of I18N messages')),
)
def execute(self, **options):
return dict(texts=json_serialize(self.messages))