Commit ba59f985 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#8544 - Grammar and escaping fixes

parent 7b3a8537
......@@ -28,7 +28,7 @@ ldapurl \- LDAP URL formatting tool
.BI \-S \ scheme\fR]
.SH DESCRIPTION
.I ldapurl
is a command that allows to either compose or decompose LDAP URIs.
is a command that allows one to either compose or decompose LDAP URIs.
.LP
When invoked with the \fB\-H\fP option,
.B ldapurl
......
......@@ -64,7 +64,7 @@ applications that need more control than
.BR ber_printf ()
provides. In
general, these routines return the length of the element encoded, or
-1 if an error occurred.
\-1 if an error occurred.
.LP
The
.BR ber_alloc_t ()
......
......@@ -338,9 +338,9 @@ token name first, followed by a colon:
.nf
TLS_CERT my hardware device:Certificate for Sam Carter
.fi
Use certutil -L to list the certificates by name:
Use certutil \-L to list the certificates by name:
.nf
certutil -d /path/to/certdbdir -L
certutil \-d /path/to/certdbdir \-L
.fi
.TP
.B TLS_KEY <filename>
......@@ -358,7 +358,7 @@ database. For example, if TLS_CACERTDIR specifies /home/scarter/.moznss as
the location of the cert/key database, use modutil to change the password
to the empty string:
.nf
modutil -dbdir ~/.moznss -changepw 'NSS Certificate DB'
modutil \-dbdir ~/.moznss \-changepw 'NSS Certificate DB'
.fi
You must have the old password, if any. Ignore the WARNING about the running
browser. Press 'Enter' for the new password.
......
......@@ -109,7 +109,7 @@ directive.
.TP
.B onerr {CONTINUE|report|stop}
This directive allows to select the behavior in case an error is returned
This directive allows one to select the behavior in case an error is returned
by one target during a search.
The default, \fBcontinue\fP, consists in continuing the operation,
trying to return as much data as possible.
......@@ -263,7 +263,7 @@ overridden by any per-target directive.
.TP
.B client\-pr {accept-unsolicited|DISABLE|<size>}
This feature allows to use RFC 2696 Paged Results control when performing
This feature allows one to use RFC 2696 Paged Results control when performing
search operations with a specific target,
irrespective of the client's request. See
.B slapd\-meta(5)
......@@ -322,7 +322,7 @@ for details on the syntax of this field.
.B [tls_cipher_suite=<ciphers>]
.B [tls_protocol_min=<major>[.<minor>]]
.B [tls_crlcheck=none|peer|all]
Allows to define the parameters of the authentication method that is
Allows one to define the parameters of the authentication method that is
internally used by the proxy to authorize connections that are
authenticated by other databases. See
.B slapd\-meta(5)
......@@ -403,7 +403,7 @@ section of
.TP
.B subtree\-{exclude|include} "<rule>"
This directive allows to indicate what subtrees are actually served
This directive allows one to indicate what subtrees are actually served
by a target. See
.B slapd\-meta(5)
for details.
......@@ -427,7 +427,7 @@ overridden by any per-target directive.
.TP
.B timeout [<op>=]<val> [...]
This directive allows to set per-operation timeouts.
This directive allows one to set per-operation timeouts.
Operations can be
\fB<op> ::= bind, add, delete, modrdn, modify, compare, search\fP
......
......@@ -89,7 +89,7 @@ child entries corresponding
to any overlays configured on the database. The olcDatabase and
olcOverlay entries may also have miscellaneous child entries for
other settings as needed. There are two special database entries
that are predefined - one is an entry for the config database itself,
that are predefined \- one is an entry for the config database itself,
and the other is for the "frontend" database. Settings in the
frontend database are inherited by the other databases, unless
they are explicitly overridden in a specific database.
......@@ -452,7 +452,7 @@ A SIGHUP signal will only cause a 'gentle' shutdown-attempt:
will stop listening for new connections, but will not close the
connections to the current clients. Future write operations return
unwilling-to-perform, though. Slapd terminates when all clients
have closed their connections (if they ever do), or - as before -
have closed their connections (if they ever do), or \- as before \-
if it receives a SIGTERM signal. This can be useful if you wish to
terminate the server and start a new
.B slapd
......@@ -888,9 +888,9 @@ token name first, followed by a colon:
.nf
olcTLSCertificateFile: my hardware device:Server-Cert
.fi
Use certutil -L to list the certificates by name:
Use certutil \-L to list the certificates by name:
.nf
certutil -d /path/to/certdbdir -L
certutil \-d /path/to/certdbdir \-L
.fi
.TP
.B olcTLSCertificateKeyFile: <filename>
......@@ -911,7 +911,7 @@ protection for the cert/key database. For example, if olcTLSCACertificatePath
specifes /etc/openldap/certdb as the location of the cert/key database, use
modutil to change the password to the empty string:
.nf
modutil -dbdir /etc/openldap/certdb -changepw 'NSS Certificate DB'
modutil \-dbdir /etc/openldap/certdb \-changepw 'NSS Certificate DB'
.fi
You must have the old password, if any. Ignore the WARNING about the running
browser. Press 'Enter' for the new password.
......@@ -1303,7 +1303,7 @@ is equivalent to
(see above).
The
.B extended
keyword allows to indicate the OID of the specific operation
keyword allows one to indicate the OID of the specific operation
to be restricted.
.TP
.B olcSchemaDN: <dn>
......@@ -1618,8 +1618,8 @@ The keyword
indicates that no limit is applied to the pagedResults control page size.
The syntax
.B size.prtotal={<integer>|unlimited|disabled}
allows to set a limit on the total number of entries that a pagedResults
control allows to return.
allows one to set a limit on the total number of entries that the pagedResults
control will return.
By default it is set to the
.B hard
limit.
......
......@@ -117,7 +117,7 @@ needs to be created.
.B [tls_protocol_min=<major>[.<minor>]]
.B [tls_crlcheck=none|peer|all]
.RS
Allows to define the parameters of the authentication method that is
Allows one to define the parameters of the authentication method that is
internally used by the proxy to collect info related to access control,
and whenever an operation occurs with the identity of the rootdn
of the LDAP proxy database.
......@@ -229,7 +229,7 @@ for details on the syntax of this field.
.B [tls_protocol_min=<version>]
.B [tls_crlcheck=none|peer|all]
.RS
Allows to define the parameters of the authentication method that is
Allows one to define the parameters of the authentication method that is
internally used by the proxy to authorize connections that are
authenticated by other databases.
Direct binds are always proxied without any idassert handling.
......@@ -471,7 +471,7 @@ which corresponds to the empty result set.
.TP
.B onerr {CONTINUE|stop}
This directive allows to select the behavior in case an error is returned
This directive allows one to select the behavior in case an error is returned
by the remote server during a search.
The default, \fBcontinue\fP, consists in returning success.
If the value is set to \fBstop\fP, the error is returned to the client.
......@@ -542,7 +542,7 @@ support is detected by reading the remote server's root DSE.
.TP
.B timeout [<op>=]<val> [...]
This directive allows to set per-operation timeouts.
This directive allows one to set per-operation timeouts.
Operations can be
\fB<op> ::= bind, add, delete, modrdn, modify, compare, search\fP
......
......@@ -125,7 +125,7 @@ directive.
.TP
.B onerr {CONTINUE|report|stop}
This directive allows to select the behavior in case an error is returned
This directive allows one to select the behavior in case an error is returned
by one target during a search.
The default, \fBcontinue\fP, consists in continuing the operation,
trying to return as much data as possible.
......@@ -313,7 +313,7 @@ overridden by any per-target directive.
.TP
.B client\-pr {accept-unsolicited|DISABLE|<size>}
This feature allows to use RFC 2696 Paged Results control when performing
This feature allows one to use RFC 2696 Paged Results control when performing
search operations with a specific target,
irrespective of the client's request.
When set to a numeric value, Paged Results control is always
......@@ -384,7 +384,7 @@ for details on the syntax of this field.
.B [tls_protocol_min=<major>[.<minor>]]
.B [tls_crlcheck=none|peer|all]
.RS
Allows to define the parameters of the authentication method that is
Allows one to define the parameters of the authentication method that is
internally used by the proxy to authorize connections that are
authenticated by other databases.
The identity defined by this directive, according to the properties
......@@ -612,7 +612,7 @@ The rewrite options are described in the "REWRITING" section.
.TP
.B subtree\-{exclude|include} "<rule>"
This directive allows to indicate what subtrees are actually served
This directive allows one to indicate what subtrees are actually served
by a target.
The syntax of the supported rules is
......@@ -689,7 +689,7 @@ overridden by any per-target directive.
.TP
.B timeout [<op>=]<val> [...]
This directive allows to set per-operation timeouts.
This directive allows one to set per-operation timeouts.
Operations can be
\fB<op> ::= bind, add, delete, modrdn, modify, compare, search\fP
......@@ -891,7 +891,7 @@ An incoming string is matched against a set of rules.
Rules are made of a regex match pattern, a substitution pattern
and a set of actions, described by a set of flags.
In case of match a string rewriting is performed according to the
substitution pattern that allows to refer to substrings matched in the
substitution pattern that allows one to refer to substrings matched in the
incoming string.
The actions, if any, are finally performed.
The substitution pattern allows map resolution of substrings.
......@@ -1111,7 +1111,7 @@ Examples are reported below.
.SH "Additional configuration syntax:"
.TP
.B rewriteMap "<map type>" "<map name>" "[ <map attrs> ]"
Allows to define a map that transforms substring rewriting into
Allows one to define a map that transforms substring rewriting into
something else.
The map is referenced inside the substitution pattern of a rule.
.TP
......
......@@ -84,7 +84,7 @@ database does not refer to any specific database, but the most
appropriate one is looked-up after rewriting the request DN
for the operation that is being handled.
.LP
This allows to write carefully crafted rewrite rules that
This allows one to write carefully crafted rewrite rules that
cause some of the requests to be directed to one database, and
some to another; e.g., authentication can be mapped to one
database, and searches to another, or different target databases
......
......@@ -310,7 +310,7 @@ by a stored procedure.
.br
.B fetch_all_attrs { NO | yes }
.RS
The first statement allows to provide a list of attributes that
The first statement allows one to provide a list of attributes that
must always be fetched in addition to those requested by any specific
operation, because they are required for the proper usage of the
backend. For instance, all attributes used in ACLs should be listed
......
......@@ -557,7 +557,7 @@ forms as well as numeric OIDs to be used for the syntax OID.
description.)
The slapd parser also honors the
.B X\-SUBST
extension (an OpenLDAP-specific extension), which allows to use the
extension (an OpenLDAP-specific extension), which allows one to use the
.B ldapsyntax
statement to define a non-implemented syntax along with another syntax,
the extension value
......@@ -566,7 +566,7 @@ as its temporary replacement.
The
.I substitute-syntax
must be defined.
This allows to define attribute types that make use of non-implemented syntaxes
This allows one to define attribute types that make use of non-implemented syntaxes
using the correct syntax OID.
Unless
.B X\-SUBST
......@@ -1123,9 +1123,9 @@ token name first, followed by a colon:
.nf
TLSCertificateFile my hardware device:Server-Cert
.fi
Use certutil -L to list the certificates by name:
Use certutil \-L to list the certificates by name:
.nf
certutil -d /path/to/certdbdir -L
certutil \-d /path/to/certdbdir \-L
.fi
.TP
.B TLSCertificateKeyFile <filename>
......@@ -1143,7 +1143,7 @@ protection for the cert/key database. For example, if TLSCACertificatePath
specifes /etc/openldap/certdb as the location of the cert/key database, use
modutil to change the password to the empty string:
.nf
modutil -dbdir /etc/openldap/certdb -changepw 'NSS Certificate DB'
modutil \-dbdir /etc/openldap/certdb \-changepw 'NSS Certificate DB'
.fi
You must have the old password, if any. Ignore the WARNING about the running
browser. Press 'Enter' for the new password.
......@@ -1555,8 +1555,8 @@ The keyword
indicates that no limit is applied to the pagedResults control page size.
The syntax
.B size.prtotal={<integer>|unlimited|disabled}
allows to set a limit on the total number of entries that a pagedResults
control allows to return.
allows one to set a limit on the total number of entries that the pagedResults
control will return.
By default it is set to the
.B hard
limit.
......@@ -1648,7 +1648,7 @@ is equivalent to
(see above).
The
.B extended
keyword allows to indicate the OID of the specific operation
keyword allows one to indicate the OID of the specific operation
to be restricted.
.TP
.B rootdn <dn>
......
......@@ -56,7 +56,7 @@ to evaluate.
The parameter following the
.B set
type is a string that is interpreted according to the syntax in use
for ACL sets. This allows to construct constraints based on the contents
for ACL sets. This allows one to construct constraints based on the contents
of the entry.
The
......@@ -72,7 +72,7 @@ Extra parameters can occur in any order after those described above.
.RE
.RS
This extra parameter allows to restrict the application of the corresponding
This extra parameter allows one to restrict the application of the corresponding
constraint only to entries that match the
.IR base ,
.I scope
......
......@@ -16,7 +16,7 @@ The name
.B dds
stands for
Dynamic Directory Services.
It allows to define dynamic objects, characterized by the
It allows one to define dynamic objects, characterized by the
.B dynamicObject
objectClass.
......@@ -24,7 +24,7 @@ Dynamic objects have a limited lifetime, determined by a time-to-live
(TTL) that can be refreshed by means of a specific
.B refresh
extended operation.
This operation allows to set the Client Refresh Period (CRP),
This operation allows one to set the Client Refresh Period (CRP),
namely the period between refreshes that is required to preserve the
dynamic object from expiration.
The expiration time is computed by adding the requested TTL to the
......@@ -126,7 +126,7 @@ By default, tolerance is 0.
.B dds\-max\-dynamicObjects <num>
Specifies the maximum number of dynamic objects that can simultaneously exist
within a naming context.
This allows to limit the amount of resources (mostly in terms of
This allows one to limit the amount of resources (mostly in terms of
run-queue size) that are used by dynamic objects.
By default, no limit is set.
......@@ -256,7 +256,7 @@ operational attribute; however, it must not be configured in the shadow
database.
Currently, there is no means to remove the
.B dynamicObject
class from the entry; this may be seen as a feature, since it allows to see
class from the entry; this may be seen as a feature, since it allows one to see
the dynamic properties of the object.
.SH FILES
......
......@@ -58,7 +58,7 @@ If not defined, the suffix of the database is used.
.hy 0
.B retcode\-item <RDN> <errCode> [op=<oplist>] [text=<message>]
.B [ref=<referral>] [sleeptime=<sec>] [matched=<DN>]
.B [unsolicited=<OID>[:<data>]] [flags=[{pre|post}\-]disconnect[,...]]
.B [unsolicited=<OID>[:<data>]] [flags=[\{pre|post\}\-]disconnect[,...]]
.RS
A dynamically generated entry, located below \fBretcode\-parent\fP.
The \fBerrCode\fP is the number of the response code;
......
......@@ -115,7 +115,7 @@ and
.BR slapd\-meta (5),
or with the relay backend,
.BR slapd\-relay (5),
allows to create virtual views of databases.
allows one to create virtual views of databases.
A distinguishing feature of this overlay is that, when instantiated
before any database, it can modify the DN of requests
.I before
......@@ -176,7 +176,7 @@ a
and a set of actions, described by a set of
.IR "optional flags" .
In case of match, string rewriting is performed according to the
substitution pattern that allows to refer to substrings matched in the
substitution pattern that allows one to refer to substrings matched in the
incoming string.
The actions, if any, are finally performed.
Each rule is executed recursively, unless altered by specific action
......@@ -421,7 +421,7 @@ Examples are reported below.
.SH "Additional Configuration Syntax"
.TP
.B rwm\-rewriteMap "<map type>" "<map name>" "[ <map attrs> ]"
Allows to define a map that transforms substring rewriting into
Allows one to define a map that transforms substring rewriting into
something else.
The map is referenced inside the substitution pattern of a rule.
.TP
......
......@@ -81,7 +81,7 @@ The control can be sent from the command-line using the base64
encoding of the value:
.LP
.nf
ldapsearch -E 1.3.6.1.4.1.4203.666.5.14=::MAMBAf8=
ldapsearch \-E 1.3.6.1.4.1.4203.666.5.14=::MAMBAf8=
.fi
.SH FILES
......
......@@ -305,7 +305,7 @@ that must be an SLP attribute list definition according to the SLP standard.
For example, \fB"slp=(tree=production),(server-type=OpenLDAP),(server\-version=2.4.15)"\fP
registers at SLP DAs with the three SLP attributes tree, server-type and server-version
that have the values given above.
This allows to specifically query the SLP DAs for LDAP servers holding the
This allows one to specifically query the SLP DAs for LDAP servers holding the
.I production
tree in case multiple trees are available.
.RE
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment