diff --git a/po/POTFILES.in b/po/POTFILES.in index e045852443..16899fd5f9 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -2,6 +2,7 @@ src/core/org.freedesktop.systemd1.policy.in src/home/org.freedesktop.home1.policy +src/home/pam_systemd_home.c src/hostname/org.freedesktop.hostname1.policy src/import/org.freedesktop.import1.policy src/locale/org.freedesktop.locale1.policy diff --git a/po/systemd.pot b/po/systemd.pot index 6873b10fbf..19802a4b89 100644 --- a/po/systemd.pot +++ b/po/systemd.pot @@ -5,7 +5,7 @@ msgid "" msgstr "" "Project-Id-Version: systemd\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2023-07-06 20:45+0100\n" +"POT-Creation-Date: 2023-07-14 10:32+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -116,6 +116,159 @@ msgid "" "Authentication is required to change the password of a user's home area." msgstr "" +#: src/home/pam_systemd_home.c:287 +#, c-format +msgid "" +"Home of user %s is currently absent, please plug in the necessary storage " +"device or backing file system." +msgstr "" + +#: src/home/pam_systemd_home.c:292 +#, c-format +msgid "Too frequent login attempts for user %s, try again later." +msgstr "" + +#: src/home/pam_systemd_home.c:304 +msgid "Password: " +msgstr "" + +#: src/home/pam_systemd_home.c:306 +#, c-format +msgid "Password incorrect or not sufficient for authentication of user %s." +msgstr "" + +#: src/home/pam_systemd_home.c:307 +msgid "Sorry, try again: " +msgstr "" + +#: src/home/pam_systemd_home.c:329 +msgid "Recovery key: " +msgstr "" + +#: src/home/pam_systemd_home.c:331 +#, c-format +msgid "" +"Password/recovery key incorrect or not sufficient for authentication of user " +"%s." +msgstr "" + +#: src/home/pam_systemd_home.c:332 +msgid "Sorry, reenter recovery key: " +msgstr "" + +#: src/home/pam_systemd_home.c:352 +#, c-format +msgid "Security token of user %s not inserted." +msgstr "" + +#: src/home/pam_systemd_home.c:353 src/home/pam_systemd_home.c:356 +msgid "Try again with password: " +msgstr "" + +#: src/home/pam_systemd_home.c:355 +#, c-format +msgid "" +"Password incorrect or not sufficient, and configured security token of user " +"%s not inserted." +msgstr "" + +#: src/home/pam_systemd_home.c:376 +msgid "Security token PIN: " +msgstr "" + +#: src/home/pam_systemd_home.c:393 +#, c-format +msgid "Please authenticate physically on security token of user %s." +msgstr "" + +#: src/home/pam_systemd_home.c:404 +#, c-format +msgid "Please confirm presence on security token of user %s." +msgstr "" + +#: src/home/pam_systemd_home.c:415 +#, c-format +msgid "Please verify user on security token of user %s." +msgstr "" + +#: src/home/pam_systemd_home.c:424 +msgid "" +"Security token PIN is locked, please unlock it first. (Hint: Removal and re-" +"insertion might suffice.)" +msgstr "" + +#: src/home/pam_systemd_home.c:432 +#, c-format +msgid "Security token PIN incorrect for user %s." +msgstr "" + +#: src/home/pam_systemd_home.c:433 src/home/pam_systemd_home.c:452 +#: src/home/pam_systemd_home.c:471 +msgid "Sorry, retry security token PIN: " +msgstr "" + +#: src/home/pam_systemd_home.c:451 +#, c-format +msgid "Security token PIN of user %s incorrect (only a few tries left!)" +msgstr "" + +#: src/home/pam_systemd_home.c:470 +#, c-format +msgid "Security token PIN of user %s incorrect (only one try left!)" +msgstr "" + +#: src/home/pam_systemd_home.c:616 +#, c-format +msgid "Home of user %s is currently not active, please log in locally first." +msgstr "" + +#: src/home/pam_systemd_home.c:618 +#, c-format +msgid "Home of user %s is currently locked, please unlock locally first." +msgstr "" + +#: src/home/pam_systemd_home.c:645 +#, c-format +msgid "Too many unsuccessful login attempts for user %s, refusing." +msgstr "" + +#: src/home/pam_systemd_home.c:868 +msgid "User record is blocked, prohibiting access." +msgstr "" + +#: src/home/pam_systemd_home.c:872 +msgid "User record is not valid yet, prohibiting access." +msgstr "" + +#: src/home/pam_systemd_home.c:876 +msgid "User record is not valid anymore, prohibiting access." +msgstr "" + +#: src/home/pam_systemd_home.c:881 src/home/pam_systemd_home.c:932 +msgid "User record not valid, prohibiting access." +msgstr "" + +#: src/home/pam_systemd_home.c:893 +#, c-format +msgid "Too many logins, try again in %s." +msgstr "" + +#: src/home/pam_systemd_home.c:904 +msgid "Password change required." +msgstr "" + +#: src/home/pam_systemd_home.c:908 +msgid "Password expired, change required." +msgstr "" + +#: src/home/pam_systemd_home.c:914 +msgid "Password is expired, but can't change, refusing login." +msgstr "" + +#: src/home/pam_systemd_home.c:918 +msgid "Password will expire soon, please change." +msgstr "" + #: src/hostname/org.freedesktop.hostname1.policy:20 msgid "Set hostname" msgstr "" diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c index 5ef773bc8c..ba8d8f6054 100644 --- a/src/home/pam_systemd_home.c +++ b/src/home/pam_systemd_home.c @@ -11,6 +11,7 @@ #include "errno-util.h" #include "fd-util.h" #include "home-util.h" +#include "locale-util.h" #include "memory-util.h" #include "pam-util.h" #include "parse-util.h" @@ -283,12 +284,12 @@ static int handle_generic_user_record_error( if (sd_bus_error_has_name(error, BUS_ERROR_HOME_ABSENT)) { (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, - "Home of user %s is currently absent, please plug in the necessary storage device or backing file system.", user_name); + _("Home of user %s is currently absent, please plug in the necessary storage device or backing file system."), user_name); return pam_syslog_pam_error(handle, LOG_ERR, PAM_PERM_DENIED, "Failed to acquire home for user %s: %s", user_name, bus_error_message(error, ret)); } else if (sd_bus_error_has_name(error, BUS_ERROR_AUTHENTICATION_LIMIT_HIT)) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Too frequent login attempts for user %s, try again later.", user_name); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Too frequent login attempts for user %s, try again later."), user_name); return pam_syslog_pam_error(handle, LOG_ERR, PAM_MAXTRIES, "Failed to acquire home for user %s: %s", user_name, bus_error_message(error, ret)); @@ -300,10 +301,10 @@ static int handle_generic_user_record_error( /* This didn't work? Ask for an (additional?) password */ if (strv_isempty(secret->password)) - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Password: "); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Password: ")); else { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Password incorrect or not sufficient for authentication of user %s.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, try again: "); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Password incorrect or not sufficient for authentication of user %s."), user_name); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Sorry, try again: ")); } if (r != PAM_SUCCESS) return PAM_CONV_ERR; /* no logging here */ @@ -325,10 +326,10 @@ static int handle_generic_user_record_error( /* Hmm, homed asks for recovery key (because no regular password is defined maybe)? Provide it. */ if (strv_isempty(secret->password)) - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Recovery key: "); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Recovery key: ")); else { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Password/recovery key incorrect or not sufficient for authentication of user %s.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, reenter recovery key: "); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Password/recovery key incorrect or not sufficient for authentication of user %s."), user_name); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Sorry, reenter recovery key: ")); } if (r != PAM_SUCCESS) return PAM_CONV_ERR; /* no logging here */ @@ -348,11 +349,11 @@ static int handle_generic_user_record_error( assert(secret); if (strv_isempty(secret->password)) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token of user %s not inserted.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Try again with password: "); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Security token of user %s not inserted."), user_name); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Try again with password: ")); } else { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Password incorrect or not sufficient, and configured security token of user %s not inserted.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Try again with password: "); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Password incorrect or not sufficient, and configured security token of user %s not inserted."), user_name); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Try again with password: ")); } if (r != PAM_SUCCESS) return PAM_CONV_ERR; /* no logging here */ @@ -372,7 +373,7 @@ static int handle_generic_user_record_error( assert(secret); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Security token PIN: "); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Security token PIN: ")); if (r != PAM_SUCCESS) return PAM_CONV_ERR; /* no logging here */ @@ -389,7 +390,7 @@ static int handle_generic_user_record_error( assert(secret); - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please authenticate physically on security token of user %s.", user_name); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Please authenticate physically on security token of user %s."), user_name); r = user_record_set_pkcs11_protected_authentication_path_permitted(secret, true); if (r < 0) @@ -400,7 +401,7 @@ static int handle_generic_user_record_error( assert(secret); - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please confirm presence on security token of user %s.", user_name); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Please confirm presence on security token of user %s."), user_name); r = user_record_set_fido2_user_presence_permitted(secret, true); if (r < 0) @@ -411,7 +412,7 @@ static int handle_generic_user_record_error( assert(secret); - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please verify user on security token of user %s.", user_name); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Please verify user on security token of user %s."), user_name); r = user_record_set_fido2_user_verification_permitted(secret, true); if (r < 0) @@ -420,7 +421,7 @@ static int handle_generic_user_record_error( } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PIN_LOCKED)) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN is locked, please unlock it first. (Hint: Removal and re-insertion might suffice.)"); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Security token PIN is locked, please unlock it first. (Hint: Removal and re-insertion might suffice.)")); return PAM_SERVICE_ERR; } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN)) { @@ -428,8 +429,8 @@ static int handle_generic_user_record_error( assert(secret); - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN incorrect for user %s.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Security token PIN incorrect for user %s."), user_name); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Sorry, retry security token PIN: ")); if (r != PAM_SUCCESS) return PAM_CONV_ERR; /* no logging here */ @@ -447,8 +448,8 @@ static int handle_generic_user_record_error( assert(secret); - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only a few tries left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Security token PIN of user %s incorrect (only a few tries left!)"), user_name); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Sorry, retry security token PIN: ")); if (r != PAM_SUCCESS) return PAM_CONV_ERR; /* no logging here */ @@ -466,8 +467,8 @@ static int handle_generic_user_record_error( assert(secret); - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only one try left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Security token PIN of user %s incorrect (only one try left!)"), user_name); + r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, _("Sorry, retry security token PIN: ")); if (r != PAM_SUCCESS) return PAM_CONV_ERR; /* no logging here */ @@ -612,9 +613,9 @@ static int acquire_home( * failure. */ if (home_not_active) - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Home of user %s is currently not active, please log in locally first.", ur->user_name); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Home of user %s is currently not active, please log in locally first."), ur->user_name); if (home_locked) - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Home of user %s is currently locked, please unlock locally first.", ur->user_name); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Home of user %s is currently locked, please unlock locally first."), ur->user_name); if (please_authenticate || debug) pam_syslog(handle, please_authenticate ? LOG_ERR : LOG_DEBUG, "Failed to prompt for password/prompt."); @@ -641,7 +642,7 @@ static int acquire_home( if (++n_attempts >= 5) { (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, - "Too many unsuccessful login attempts for user %s, refusing.", ur->user_name); + _("Too many unsuccessful login attempts for user %s, refusing."), ur->user_name); return pam_syslog_pam_error(handle, LOG_ERR, PAM_MAXTRIES, "Failed to acquire home for user %s: %s", ur->user_name, bus_error_message(&error, r)); } @@ -864,20 +865,20 @@ _public_ PAM_EXTERN int pam_sm_acct_mgmt( break; case -ENOLCK: - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "User record is blocked, prohibiting access."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("User record is blocked, prohibiting access.")); return PAM_ACCT_EXPIRED; case -EL2HLT: - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "User record is not valid yet, prohibiting access."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("User record is not valid yet, prohibiting access.")); return PAM_ACCT_EXPIRED; case -EL3HLT: - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "User record is not valid anymore, prohibiting access."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("User record is not valid anymore, prohibiting access.")); return PAM_ACCT_EXPIRED; default: if (r < 0) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "User record not valid, prohibiting access."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("User record not valid, prohibiting access.")); return PAM_ACCT_EXPIRED; } @@ -889,7 +890,7 @@ _public_ PAM_EXTERN int pam_sm_acct_mgmt( usec_t n = now(CLOCK_REALTIME); if (t > n) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Too many logins, try again in %s.", + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Too many logins, try again in %s."), FORMAT_TIMESPAN(t - n, USEC_PER_SEC)); return PAM_MAXTRIES; @@ -900,21 +901,21 @@ _public_ PAM_EXTERN int pam_sm_acct_mgmt( switch (r) { case -EKEYREVOKED: - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Password change required."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Password change required.")); return PAM_NEW_AUTHTOK_REQD; case -EOWNERDEAD: - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Password expired, change required."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Password expired, change required.")); return PAM_NEW_AUTHTOK_REQD; + /* Strictly speaking this is only about password expiration, and we might want to allow + * authentication via PKCS#11 or so, but let's ignore this fine distinction for now. */ case -EKEYREJECTED: - /* Strictly speaking this is only about password expiration, and we might want to allow - * authentication via PKCS#11 or so, but let's ignore this fine distinction for now. */ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Password is expired, but can't change, refusing login."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Password is expired, but can't change, refusing login.")); return PAM_AUTHTOK_EXPIRED; case -EKEYEXPIRED: - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Password will expire soon, please change."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("Password will expire soon, please change.")); break; case -ESTALE: @@ -928,7 +929,7 @@ _public_ PAM_EXTERN int pam_sm_acct_mgmt( default: if (r < 0) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "User record not valid, prohibiting access."); + (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, _("User record not valid, prohibiting access.")); return PAM_AUTHTOK_EXPIRED; }