policycoreutils/policycoreutils-rhat.patch

8342 lines
309 KiB
Diff
Raw Normal View History

diff --git a/policycoreutils/Makefile b/policycoreutils/Makefile
2013-02-08 14:44:20 +00:00
index 3980799..6624804 100644
--- a/policycoreutils/Makefile
+++ b/policycoreutils/Makefile
@@ -1,4 +1,4 @@
2013-02-08 14:44:20 +00:00
-SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow audit2why sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui
+SUBDIRS = sepolicy setfiles semanage semanage/default_encoding load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui
INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/audit2allow/Makefile b/policycoreutils/audit2allow/Makefile
index 88635d4..fc290ea 100644
2013-02-08 14:44:20 +00:00
--- a/policycoreutils/audit2allow/Makefile
+++ b/policycoreutils/audit2allow/Makefile
@@ -5,14 +5,19 @@ LIBDIR ?= $(PREFIX)/lib
MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale
-all: ;
+all: audit2why
+
+audit2why:
+ ln -sf audit2allow audit2why
2013-02-08 14:44:20 +00:00
install: all
-mkdir -p $(BINDIR)
install -m 755 audit2allow $(BINDIR)
+ (cd $(BINDIR); ln -sf audit2allow audit2why)
2013-02-08 14:44:20 +00:00
install -m 755 sepolgen-ifgen $(BINDIR)
-mkdir -p $(MANDIR)/man1
install -m 644 audit2allow.1 $(MANDIR)/man1/
+ install -m 644 audit2why.1 $(MANDIR)/man1/
clean:
rm -f *~
diff --git a/policycoreutils/audit2allow/audit2allow b/policycoreutils/audit2allow/audit2allow
index 8e0c396..d282eee 100644
--- a/policycoreutils/audit2allow/audit2allow
+++ b/policycoreutils/audit2allow/audit2allow
2013-02-08 14:44:20 +00:00
@@ -18,7 +18,7 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
+import sys, os
import sepolgen.audit as audit
import sepolgen.policygen as policygen
@@ -29,6 +29,8 @@ import sepolgen.defaults as defaults
import sepolgen.module as module
from sepolgen.sepolgeni18n import _
import selinux.audit2why as audit2why
+import locale
+locale.setlocale(locale.LC_ALL, '')
class AuditToPolicy:
VERSION = "%prog .1"
2013-02-08 14:44:20 +00:00
@@ -80,8 +82,7 @@ class AuditToPolicy:
parser.add_option("--interface-info", dest="interface_info", help="file name of interface information")
parser.add_option("--debug", dest="debug", action="store_true", default=False,
help="leave generated modules for -M")
-
- parser.add_option("-w", "--why", dest="audit2why", action="store_true", default=False,
+ parser.add_option("-w", "--why", dest="audit2why", action="store_true", default=(os.path.basename(sys.argv[0])=="audit2why"),
help="Translates SELinux audit messages into a description of why the access was denied")
options, args = parser.parse_args()
@@ -267,12 +268,10 @@ class AuditToPolicy:
continue
if rc == audit2why.CONSTRAINT:
- print "\t\tPolicy constraint violation.\n"
- print "\t\tMay require adding a type attribute to the domain or type to satisfy the constraint.\n"
- print "\t\tConstraints are defined in the policy sources in policy/constraints (general), policy/mcs (MCS), and policy/mls (MLS).\n"
- for reason in data:
- print "\t\tNote: Possible cause is the source and target %s differ\n" % reason
- continue
+ print #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n"
+ print "#Constraint rule: \n\t" + data[0]
+ for reason in data[1:]:
+ print "#\tPossible cause is the source %s and target %s are different.\n\b" % reason
if rc == audit2why.RBAC:
print "\t\tMissing role allow rule.\n"
diff --git a/policycoreutils/audit2allow/audit2allow.1 b/policycoreutils/audit2allow/audit2allow.1
index a854a45..bc70938 100644
--- a/policycoreutils/audit2allow/audit2allow.1
+++ b/policycoreutils/audit2allow/audit2allow.1
@@ -171,7 +171,7 @@ $ semodule -i local.pp
.B Using audit2allow to generate and build module policy
$ cat /var/log/audit/audit.log | audit2allow -M local
-Generating type enforcment file: local.te
+Generating type enforcement file: local.te
Compiling policy: checkmodule -M -m -o local.mod local.te
Building package: semodule_package -o local.pp -m local.mod
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/audit2allow/audit2why.1 b/policycoreutils/audit2allow/audit2why.1
new file mode 100644
index 0000000..a9e8893
--- /dev/null
+++ b/policycoreutils/audit2allow/audit2why.1
@@ -0,0 +1 @@
+.so man1/audit2allow.1
diff --git a/policycoreutils/audit2allow/sepolgen-ifgen b/policycoreutils/audit2allow/sepolgen-ifgen
index ef4bec3..3967ba5 100644
--- a/policycoreutils/audit2allow/sepolgen-ifgen
+++ b/policycoreutils/audit2allow/sepolgen-ifgen
@@ -62,6 +62,9 @@ def parse_options():
return options
def get_policy():
+ p = selinux.selinux_current_policy_path()
+ if os.path.exists(p):
+ return p
i = selinux.security_policyvers()
p = selinux.selinux_binary_policy_path() + "." + str(i)
while i > 0 and not os.path.exists(p):
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/audit2why/Makefile b/policycoreutils/audit2why/Makefile
deleted file mode 100644
index 63eb8b3..0000000
--- a/policycoreutils/audit2why/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
-MANDIR ?= $(PREFIX)/share/man
-
-TARGETS=audit2why
-
-all: $(TARGETS)
-
-install: all
- -mkdir -p $(BINDIR)
- install -m 755 $(TARGETS) $(BINDIR)
- -mkdir -p $(MANDIR)/man1
- install -m 644 audit2why.1 $(MANDIR)/man1/
-
-clean:
-
-relabel:
diff --git a/policycoreutils/audit2why/audit2why b/policycoreutils/audit2why/audit2why
deleted file mode 100644
index 21a72aa..0000000
--- a/policycoreutils/audit2why/audit2why
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-/usr/bin/audit2allow -w $*
diff --git a/policycoreutils/audit2why/audit2why.1 b/policycoreutils/audit2why/audit2why.1
deleted file mode 100644
index a9e8893..0000000
--- a/policycoreutils/audit2why/audit2why.1
+++ /dev/null
@@ -1 +0,0 @@
-.so man1/audit2allow.1
diff --git a/policycoreutils/gui/Makefile b/policycoreutils/gui/Makefile
index b5abbb9..a8cf71f 100644
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
--- a/policycoreutils/gui/Makefile
+++ b/policycoreutils/gui/Makefile
@@ -1,7 +1,10 @@
2013-02-08 14:44:20 +00:00
# Installation directories.
PREFIX ?= ${DESTDIR}/usr
+SYSCONFDIR ?= ${DESTDIR}/etc
BINDIR ?= $(PREFIX)/bin
SHAREDIR ?= $(PREFIX)/share/system-config-selinux
+DATADIR ?= $(PREFIX)/share
+MANDIR = $(PREFIX)/share/man
2013-02-08 14:44:20 +00:00
TARGETS= \
booleansPage.py \
@@ -16,18 +19,30 @@ portsPage.py \
2013-02-08 14:44:20 +00:00
semanagePage.py \
statusPage.py \
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
system-config-selinux.glade \
2013-02-08 14:44:20 +00:00
+system-config-selinux.png \
usersPage.py
2013-02-08 14:44:20 +00:00
all: $(TARGETS) system-config-selinux.py polgengui.py
install: all
+ -mkdir -p $(MANDIR)/man8
2013-02-08 14:44:20 +00:00
-mkdir -p $(SHAREDIR)
-mkdir -p $(BINDIR)
2013-02-08 14:44:20 +00:00
+ -mkdir -p $(DATADIR)/pixmaps
+ -mkdir -p $(DATADIR)/icons/hicolor/24x24/apps
+ -mkdir -p $(SYSCONFDIR)
+ -mkdir -p $(DATADIR)/polkit-1/actions/
install -m 755 system-config-selinux.py $(SHAREDIR)
+ install -m 755 system-config-selinux $(BINDIR)
install -m 755 polgengui.py $(SHAREDIR)
- install -m 755 sepolgen $(BINDIR)
install -m 644 $(TARGETS) $(SHAREDIR)
-
+ install -m 644 system-config-selinux.8 $(MANDIR)/man8
+ install -m 644 selinux-polgengui.8 $(MANDIR)/man8
2013-02-08 14:44:20 +00:00
+ install -m 644 system-config-selinux.png $(DATADIR)/pixmaps
+ install -m 644 system-config-selinux.png $(DATADIR)/icons/hicolor/24x24/apps
+ install -m 644 system-config-selinux.png $(DATADIR)/system-config-selinux
+ install -m 644 *.desktop $(DATADIR)/system-config-selinux
+ install -m 644 org.fedoraproject.config.selinux.policy $(DATADIR)/polkit-1/actions/
clean:
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
indent:
diff --git a/policycoreutils/gui/org.fedoraproject.config.selinux.policy b/policycoreutils/gui/org.fedoraproject.config.selinux.policy
new file mode 100644
index 0000000..fcfa81d
--- /dev/null
+++ b/policycoreutils/gui/org.fedoraproject.config.selinux.policy
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+ <vendor>System Config SELinux</vendor>
+ <vendor_url>http://fedorahosted.org/system-config-selinux</vendor_url>
+
+ <action id="org.fedoraproject.config.selinux.pkexec.run">
+ <description>Run System Config SELinux</description>
+ <message>Authentication is required to run system-config-selinux</message>
+ <icon_name>system-selinux</icon_name>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">/usr/share/system-config-selinux/system-config-selinux.py</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+</policyconfig>
diff --git a/policycoreutils/gui/selinux-polgengui.8 b/policycoreutils/gui/selinux-polgengui.8
new file mode 100644
index 0000000..52bf7dd
--- /dev/null
+++ b/policycoreutils/gui/selinux-polgengui.8
@@ -0,0 +1,35 @@
+.TH "selinux-polgengui" "8" "8 April 2013" "System Config Tools Manual" "System Config Tools Manual"
+
+.SH NAME
+selinux\-polgengui \- SELinux Policy Generation Tool
+
+.SH SYNOPSIS
+.B selinux-polgengui
+
+.SH DESCRIPTION
+\fBselinux-polgengui\fP is a graphical tool, which can be used to create a framework for building SELinux Policy.
+.SH OPTIONS
+None
+
+.SH FILES
+\fi/usr/bin/selinux-polgengui\fP
+
+.SH Examples
+To run the program type:
+
+selinux-polgengui
+
+.PP
+.SH "SEE ALSO"
+.TP
+selinux(1), sepolicy(8), sepolicy-generate(8)
+.PP
+
+.SH REPORTING BUGS
+Report bugs to <http://bugzilla.redhat.com>.
+
+.SH LICENSE AND AUTHORS
+\fBselinux-polgengui\fP is licensed under the GNU Public License and
+is copyrighted by Red Hat, Inc.
+.br
+This man page was written by Daniel Walsh <dwalsh@redhat.com>
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/gui/selinux-polgengui.desktop b/policycoreutils/gui/selinux-polgengui.desktop
new file mode 100644
index 0000000..0c2f399
--- /dev/null
+++ b/policycoreutils/gui/selinux-polgengui.desktop
@@ -0,0 +1,67 @@
+[Desktop Entry]
+Name=SELinux Policy Generation Tool
+Name[bn_IN]=SELinux Policy নির্মাণের সামগ্রী
+Name[ca]=Eina de generació de polítiques del SELinux
+Name[da]=Regelsætgenereringsværktøj til SELinux
+Name[de]=Tool zur Erstellung von SELinux-Richtlinien
+Name[es]=Generador de Políticas de SELinux
+Name[fi]=SELinux-käytäntöjen generointityökalu
+Name[fr]=Outil de génération de stratégies SELinux
+Name[gu]=SELinux પોલિસી બનાવટ સાધન
+Name[hi]=SELinux पॉलिसी जनन औजार
+Name[it]=Tool di generazione della policy di SELinux
+Name[ja]=SELinux ポリシー生成ツール
+Name[kn]=SELinux ಪಾಲಿಸಿ ಉತ್ಪಾದನಾ ಉಪಕರಣ
+Name[ko]=SELinux 정책 생성 도구
+Name[ml]=SELinux പോളിസി ഉത്പാദന പ്രയോഗം
+Name[mr]=SELinux करार निर्माण साधन
+Name[nl]=SELinux tactiek generatie gereedschap
+Name[or]=SELinux ନୀତି ସୃଷ୍ଟି ଉପକରଣ
+Name[pa]=SELinux ਪਾਲਿਸੀ ਨਿਰਮਾਣ ਜੰਤਰ
+Name[pl]=Narzędzie tworzenia polityki SELinuksa
+Name[pt]=Ferramenta de Geração de Políticas SELinux
+Name[pt_BR]=Ferramenta de criação de políticas do SELinux
+Name[ru]=Средство создания политики SELinux
+Name[sv]=Genereringsverktyg för SELinuxpolicy
+Name[ta]=SELinux பாலிசி உற்பத்தி கருவி
+Name[te]=SELinux నిర్వహణ
+Name[uk]=Утиліта генерації правил SELinux
+Name[zh_CN]=SELinux 策略生成工具
+Name[zh_TW]=SELinux 政策產生工具SELinux Policy Generation Tool
+Comment=Generate SELinux policy modules
+Comment[bn_IN]=SELinux নিয়মনীতির মডিউল নির্মাণ করুন
+Comment[ca]=Genera els mòduls de les polítiques de SELinux
+Comment[da]=Generér SELinux-regelsætmodul
+Comment[de]=Tool zur Erstellung von SELinux-Richtlinien
+Comment[es]=Generar módulos de política de SELinux
+Comment[fi]=Generoi SELinuxin käytäntömoduuleja
+Comment[fr]=Génére des modules de stratégie SELinux
+Comment[gu]=SELinux પોલિસી મોડ્યુલોને ઉત્પન્ન કરો
+Comment[hi]=नया पॉलिसी मॉड्यूल उत्पन्न करें
+Comment[it]=Genera moduli della politica di SELinux
+Comment[ja]=新しいポリシーモジュールの作成
+Comment[kn]=SELinux ಪಾಲಿಸಿ ಘಟಕಗಳನ್ನು ಉತ್ಪಾದಿಸು
+Comment[ko]=SELinux 정책 모듈 생성
+Comment[ml]=SELinux യ പോളിസി ഘങ്ങള്‍ തയ്യാറാക്കുക
+Comment[mr]=SELinux करार घटके निर्माण करा
+Comment[nl]=Maak een SELinux tactiek module aan
+Comment[or]=SELinux ନୀତି ଏକକାଂଶ ସୃଷ୍ଟିକରନ୍ତୁ
+Comment[pa]=SELinux ਪਾਲਿਸੀ ਮੈਡਿਊਲ ਬਣਾਓ
+Comment[pl]=Tworzenie nowych modułów polityki SELinuksa
+Comment[pt]=Gerar módulos de políticas SELinux
+Comment[pt_BR]=Gerar módulos de política do SELinux
+Comment[ru]=Генерация модулей политики SELinux
+Comment[sv]=Generera SELinux-policymoduler
+Comment[ta]=SELinux கொள்கை தொகுதியை உருவாக்கவும்
+Comment[te]=SELinux పాలసీ మాడ్యూళ్ళను వుద్భవింపచేయుము
+Comment[uk]=Створення модулів контролю доступу SELinux
+Comment[zh_CN]=生成 SELinux 策略模块
+Comment[zh_TW]=產生 SELinux 政策模組
+StartupNotify=true
+Icon=system-config-selinux
+Exec=/usr/bin/selinux-polgengui
+Type=Application
+Terminal=false
+Categories=System;Security;
+X-Desktop-File-Install-Version=0.2
+Keywords=policy;security;selinux;avc;permission;mac;
diff --git a/policycoreutils/gui/system-config-selinux b/policycoreutils/gui/system-config-selinux
new file mode 100755
index 0000000..5be5ccd
2013-02-08 14:44:20 +00:00
--- /dev/null
+++ b/policycoreutils/gui/system-config-selinux
2013-02-08 14:44:20 +00:00
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec /usr/bin/pkexec /usr/share/system-config-selinux/system-config-selinux.py
diff --git a/policycoreutils/gui/system-config-selinux.8 b/policycoreutils/gui/system-config-selinux.8
new file mode 100644
index 0000000..eca2024
--- /dev/null
+++ b/policycoreutils/gui/system-config-selinux.8
@@ -0,0 +1,37 @@
+.TH "system-config-selinux" "8" "8 April 2013" "System Config Tools Manual" "System Config Tools Manual"
+
+.SH NAME
+system\-config\-selinux \- SELinux Management tool
+
+.SH SYNOPSIS
+.B system-config-selinux
+
+.SH DESCRIPTION
+\fBsystem-config-selinux\fP provides a graphical interface for managing the
+SELinux configuration.
+
+.SH OPTIONS
+None
+
+.SH FILES
+\fi/usr/bin/system-config-selinux\fP
+
+.SH Examples
+To run the program type:
+
+system-config-selinux
+
+.PP
+.SH "SEE ALSO"
+.TP
+selinux(1), semanage(8)
+.PP
+
+.SH REPORTING BUGS
+Report bugs to <http://bugzilla.redhat.com>.
+
+.SH LICENSE AND AUTHORS
+\fBsystem-config-selinux\fP is licensed under the GNU Public License and
+is copyrighted by Red Hat, Inc.
+.br
+This man page was written by Daniel Walsh <dwalsh@redhat.com>
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/gui/system-config-selinux.desktop b/policycoreutils/gui/system-config-selinux.desktop
new file mode 100644
index 0000000..8822ce2
--- /dev/null
+++ b/policycoreutils/gui/system-config-selinux.desktop
@@ -0,0 +1,67 @@
+[Desktop Entry]
+Name=SELinux Management
+Name[bn_IN]=SELinux পরিচালনা
+Name[da]=Håndtering af SELinux
+Name[de]=SELinux-Management
+Name[ca]=Gestió de SELinux
+Name[es]=Administración de SELinux
+Name[fi]=SELinuxin ylläpito
+Name[fr]=Gestion de SELinux
+Name[gu]=SELinux સંચાલન
+Name[hi]=SELinux प्रबंधन
+Name[jp]=SELinux 管理
+Name[it]=Gestione di SELinux
+Name[kn]=SELinux ವ್ಯವಸ್ಥಾಪನೆ
+Name[ko]=SELinux 관리
+Name[ml]=SELinux മാനേജ്മെന്റ്
+Name[mr]=SELinux मॅनेजमेंट
+Name[nl]=SELinux beheer
+Name[or]=SELinux ପରିଚାଳନା
+Name[pa]=SELinux ਮੈਨੇਜਮੈਂਟ
+Name[pl]=Zarządzanie SELinuksem
+Name[pt_BR]=Gerenciamento do SELinux
+Name[pt]=Gestão de SELinux
+Name[ru]=Управление SELinux
+Name[sv]=SELinux-hantering
+Name[ta]=SELinux மேலாண்மை
+Name[te]=SELinux నిర్వహణ
+Name[uk]=Керування SELinux
+Name[zh_CN]=SELinux 管理
+Name[zh_TW]=SELinux 管理
+Comment=Configure SELinux in a graphical setting
+Comment[bn_IN]=গ্রাফিক্যাল পরিবেশে SELinux কনফিগার করুন
+Comment[ca]=Configura SELinuc an mode de preferències gràfiques
+Comment[da]=Konfigurér SELinux i et grafisk miljø
+Comment[de]=SELinux in einer grafischen Einstellung konfigurieren
+Comment[es]=Defina SELinux en una configuración de interfaz gráfica
+Comment[fi]=Tee SELinuxin asetukset graafisesti
+Comment[fr]=Configure SELinux dans un environnement graphique
+Comment[gu]=ગ્રાફિકલ સુયોજનમાં SELinux ને રૂપરેખાંકિત કરો
+Comment[hi]=SELinux को आलेखी सेटिंग में विन्यस्त करें
+Comment[it]=Configura SELinux in una impostazione grafica
+Comment[jp]=グラフィカルな設定画面で SELinux を設定する
+Comment[ko]=SELinux를 그래픽 사용자 인터페이스로 설정
+Comment[kn]=SELinux ಅನ್ನು ಒಂದು ಚಿತ್ರಾತ್ಮಕ ಸಿದ್ದತೆಯಲ್ಲಿ ಸಂರಚಿಸಿ
+Comment[ml]=ഒരു ഗ്രാഫിക്കല്‍ സജ്ജീകരണത്തില്‍ SELinux ക്രമീകരിയ്ക്കുക
+Comment[mr]=ग्राफिकल सेटिंगमध्ये SELinux संरचीत करा
+Comment[nl]=Configureer SELinux in een grafische omgeving
+Comment[or]=SELinux କୁ ଆଲେଖିକ ସଂରଚନାରେ ବିନ୍ୟାସ କରନ୍ତୁ
+Comment[pa]=SELinux ਨੂੰ ਗਰਾਫੀਕਲ ਸੈਟਿੰਗ ਵਿੱਚ ਸੰਰਚਿਤ ਕਰੋ
+Comment[pl]=Konfiguracja SELinuksa w trybie graficznym
+Comment[pt]=Configurar o SELinux num ambiente gráfico
+Comment[pt_BR]=Configure o SELinux em uma configuração gráfica
+Comment[ru]=Настройка SELinux в графическом режиме
+Comment[sv]=Konfigurera SELinux i en grafisk miljö
+Comment[ta]=SELinuxஐ ஒரு வரைகலை அமைவில் கட்டமைக்கவும்
+Comment[te]=SELinuxను గ్రాఫికల్ అమర్పునందు ఆకృతీకరించుము
+Comment[uk]=Засіб для налаштування SELinux з графічним інтерфейсом
+Comment[zh_CN]=在图形设置中配置 SELinux
+Comment[zh_TW]=在圖形話設定中配置 SELinux
+StartupNotify=true
+Icon=system-config-selinux
+Exec=/usr/bin/system-config-selinux
+Type=Application
+Terminal=false
+Categories=System;Security;
+X-Desktop-File-Install-Version=0.2
+Keywords=policy;security;selinux;avc;permission;mac;
diff --git a/policycoreutils/gui/system-config-selinux.png b/policycoreutils/gui/system-config-selinux.png
new file mode 100644
index 0000000..68ffcb7
Binary files /dev/null and b/policycoreutils/gui/system-config-selinux.png differ
diff --git a/policycoreutils/load_policy/load_policy.8 b/policycoreutils/load_policy/load_policy.8
index f9ca36e..a86073f 100644
--- a/policycoreutils/load_policy/load_policy.8
+++ b/policycoreutils/load_policy/load_policy.8
@@ -19,7 +19,7 @@ values in the policy file.
suppress warning messages.
.TP
.B \-i
-inital policy load. Only use this if this is the first time policy is being loaded since boot (usually called from initramfs).
+initial policy load. Only use this if this is the first time policy is being loaded since boot (usually called from initramfs).
.SH "EXIT STATUS"
.TP
diff --git a/policycoreutils/man/man5/selinux_config.5 b/policycoreutils/man/man5/selinux_config.5
index 4963cdc..a55dbed 100644
--- a/policycoreutils/man/man5/selinux_config.5
+++ b/policycoreutils/man/man5/selinux_config.5
@@ -92,7 +92,7 @@ The binary policy name has by convention the SELinux policy version that it supp
.RS
This entry is deprecated and should be removed or set to \fI0\fR.
.sp
-If set to \fI1\fR, then \fBselinux_mkload_policy\fR(3) will read the local customisation for booleans (see \fBbooleans\fR(5)) and users (see \fBlocal.users\fR(5)).
+If set to \fI1\fR, then \fBselinux_mkload_policy\fR(3) will read the local customization for booleans (see \fBbooleans\fR(5)) and users (see \fBlocal.users\fR(5)).
.RE
.sp
.B REQUIRESEUSERS
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index 8fbf2d0..4e59a06 100644
2013-02-08 14:44:20 +00:00
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -547,9 +547,7 @@ static int drop_capabilities(int full)
if (!uid) return 0;
capng_setpid(getpid());
- capng_clear(CAPNG_SELECT_BOTH);
- if (capng_lock() < 0)
- return -1;
+ capng_clear(CAPNG_SELECT_CAPS);
/* Change uid */
if (setresuid(uid, uid, uid)) {
@@ -558,7 +556,7 @@ static int drop_capabilities(int full)
}
if (! full)
capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_AUDIT_WRITE);
- return capng_apply(CAPNG_SELECT_BOTH);
+ return capng_apply(CAPNG_SELECT_CAPS);
}
#elif defined(NAMESPACE_PRIV)
/**
@@ -576,20 +574,21 @@ static int drop_capabilities(int full)
*/
static int drop_capabilities(int full)
{
+ uid_t uid = getuid();
+ if (!uid) return 0;
+
capng_setpid(getpid());
- capng_clear(CAPNG_SELECT_BOTH);
- if (capng_lock() < 0)
- return -1;
+ capng_clear(CAPNG_SELECT_CAPS);
- uid_t uid = getuid();
/* Change uid */
if (setresuid(uid, uid, uid)) {
fprintf(stderr, _("Error changing uid, aborting.\n"));
return -1;
}
if (! full)
- capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_SETPCAP, -1);
- return capng_apply(CAPNG_SELECT_BOTH);
+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_AUDIT_WRITE, -1);
+
+ return capng_apply(CAPNG_SELECT_CAPS);
}
#else
@@ -680,7 +679,7 @@ static int relabel_tty(const char *ttyn, security_context_t new_context,
2013-02-08 14:44:20 +00:00
security_context_t * tty_context,
security_context_t * new_tty_context)
{
- int fd;
+ int fd, rc;
int enforcing = security_getenforce();
security_context_t tty_con = NULL;
security_context_t new_tty_con = NULL;
@@ -699,7 +698,13 @@ static int relabel_tty(const char *ttyn, security_context_t new_context,
2013-02-08 14:44:20 +00:00
fprintf(stderr, _("Error! Could not open %s.\n"), ttyn);
return fd;
}
- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ /* this craziness is to make sure we cann't block on open and deadlock */
+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ if (rc) {
+ fprintf(stderr, _("Error! Could not clear O_NONBLOCK on %s\n"), ttyn);
+ close(fd);
+ return rc;
+ }
if (fgetfilecon(fd, &tty_con) < 0) {
fprintf(stderr, _("%s! Could not get current context "
@@ -1010,9 +1015,9 @@ int main(int argc, char *argv[])
2013-02-08 14:44:20 +00:00
int fd;
pid_t childPid = 0;
char *shell_argv0 = NULL;
+ int rc;
#ifdef USE_PAM
- int rc;
int pam_status; /* pam return code */
pam_handle_t *pam_handle; /* opaque handle used by all PAM functions */
@@ -1226,15 +1231,23 @@ int main(int argc, char *argv[])
2013-02-08 14:44:20 +00:00
fd = open(ttyn, O_RDONLY | O_NONBLOCK);
if (fd != 0)
goto err_close_pam;
- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ if (rc)
+ goto err_close_pam;
+
fd = open(ttyn, O_RDWR | O_NONBLOCK);
if (fd != 1)
goto err_close_pam;
- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ if (rc)
+ goto err_close_pam;
+
fd = open(ttyn, O_RDWR | O_NONBLOCK);
if (fd != 2)
goto err_close_pam;
- fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ rc = fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
+ if (rc)
+ goto err_close_pam;
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
2013-02-08 14:44:20 +00:00
}
/*
@@ -1268,19 +1281,24 @@ int main(int argc, char *argv[])
}
#endif
- if (send_audit_message(1, old_context, new_context, ttyn))
+ if (send_audit_message(1, old_context, new_context, ttyn)) {
+ fprintf(stderr, _("Failed to send audit message"));
goto err_close_pam_session;
+ }
freecon(old_context); old_context=NULL;
freecon(new_context); new_context=NULL;
#ifdef NAMESPACE_PRIV
- if (transition_to_caller_uid())
+ if (transition_to_caller_uid()) {
+ fprintf(stderr, _("Failed to transition to namespace\n"));
goto err_close_pam_session;
+ }
#endif
- if (drop_capabilities(TRUE))
+ if (drop_capabilities(TRUE)) {
+ fprintf(stderr, _("Failed to drop capabilities %m\n"));
goto err_close_pam_session;
-
+ }
/* Handle environment changes */
if (restore_environment(preserve_environment, old_environ, &pw)) {
fprintf(stderr, _("Unable to restore the environment, "
diff --git a/policycoreutils/newrole/newrole.pamd b/policycoreutils/newrole/newrole.pamd
index d1b435c..de3582f 100644
--- a/policycoreutils/newrole/newrole.pamd
+++ b/policycoreutils/newrole/newrole.pamd
@@ -1,4 +1,6 @@
#%PAM-1.0
+# Uncomment the next line if you do not want to enter your passwd everytime
+# auth sufficient pam_rootok.so
auth include system-auth
account include system-auth
password include system-auth
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/po/Makefile b/policycoreutils/po/Makefile
index a377996..9c1486e 100644
--- a/policycoreutils/po/Makefile
+++ b/policycoreutils/po/Makefile
@@ -81,12 +81,16 @@ POTFILES = \
../sepolicy/sepolicy/templates/var_log.py \
../sepolicy/sepolicy/templates/var_run.py \
../sepolicy/sepolicy/templates/var_spool.py \
+ booleans.py
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
2013-02-08 14:44:20 +00:00
#default:: clean
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
2013-02-08 14:44:20 +00:00
all:: $(MOFILES)
2013-02-08 14:44:20 +00:00
-$(POTFILE): $(POTFILES)
+booleans.py:
+ sepolicy booleans -a > booleans.py
+
+$(POTFILE): $(POTFILES) booleans.py
$(XGETTEXT) --keyword=_ --keyword=N_ $(POTFILES)
@if cmp -s $(NLSPACKAGE).po $(POTFILE); then \
rm -f $(NLSPACKAGE).po; \
@@ -95,6 +99,7 @@ $(POTFILE): $(POTFILES)
fi; \
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
2013-02-08 14:44:20 +00:00
update-po: Makefile $(POTFILE) refresh-po
+ @rm -f booleans.py
2013-02-08 14:44:20 +00:00
refresh-po: Makefile
for cat in $(POFILES); do \
diff --git a/policycoreutils/po/es.po b/policycoreutils/po/es.po
index e84995e..a60b20e 100644
--- a/policycoreutils/po/es.po
+++ b/policycoreutils/po/es.po
@@ -3,7 +3,9 @@
# This file is distributed under the same license as the PACKAGE package.
#
# Translators:
+# Adolfo Jayme Barrientos <fitoschido@gmail.com>, 2013.
# Domingo Becker <domingobecker@gmail.com>, 2006, 2008.
+# <ehespinosa@ya.com>, 2013.
# Gladys Guerrero <gguerrer@redhat.com>, 2010,2012.
# Héctor Daniel Cabrera <logan@fedoraproject.org>, 2010.
msgid ""
@@ -11,8 +13,8 @@ msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-02-23 11:46+0000\n"
+"Last-Translator: vareli <ehespinosa@ya.com>\n"
"Language-Team: Spanish <trans-es@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -288,7 +290,7 @@ msgstr "Rango MLS/MCS"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "Servicio"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -425,7 +427,7 @@ msgstr "Se requiere tipo"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "Tipo %s es no válido, debe ser un tipo de puerto"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -547,12 +549,12 @@ msgstr "Falta el protocolo o es desconocido"
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "Se requiere tipo de nodo SELinux"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "Tipo %s es no válido, debe ser un tipo nodo"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -786,7 +788,7 @@ msgstr "La especificación de archivo %s choca con la regla de equivalencia '%s
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "Tipo %s es no válido, debe ser un tipo fichero o dispositivo"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2174,11 +2176,11 @@ msgstr "La ruta en la cual se almacenarán las páginas de manual generadas "
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "nombre del SO para las páginas de manual"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "General páginas de manual de estructura HTML para la página de manual SELinux seleccionada"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2226,7 +2228,7 @@ msgstr "Solicita la política de SELinux para ver la descripción de booleanos"
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "obtiene todas las descripciones booleanas"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2248,11 +2250,11 @@ msgstr "Dominio de proceso de destino"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "Comando requerido para este tipo de política"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "Lista las interfaces de la Política SELinux"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2260,15 +2262,15 @@ msgstr "Generar plantilla para módulo de política SELinux"
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "Introduzca el tipo de dominio que usted estaría extendiendo"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "Introduzca el usuario(s) SELinux que transicionará a este dominio"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "Introduzca el dominio(s) que este administrador confinado administrará"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2276,7 +2278,7 @@ msgstr "Nombre de política a generar"
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "ruta en la que los ficheros de política generados serán almacenados"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2290,7 +2292,7 @@ msgstr "Ejecutable a confinar"
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "Generar Política para %s"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2298,16 +2300,16 @@ msgstr "Comandos"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "Política SELinux suplente, por defecto a /sys/fs/selinux/policy"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "No hay Política SELinux instalada"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "Fallo al leer el fichero de política %s"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2319,27 +2321,27 @@ msgstr "Demonio de los servicios de Internet"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "Tipo de Dominio Existente"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "Rol de Acceso de Usuario de Terminal Mínimo"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "Rol de Acceso de Usuario de X Windows Mínima"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "Rol de Acceso de Usuario a Escritorio"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "Rol de Acceso de Usuario Administrador"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "Rol de Administrador Confinado Root"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2352,12 +2354,12 @@ msgstr "Los puertos deben ser números o rangos de números entre 1 y %d"
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "Debe introducir un tipo válido de política"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "Debe introducir un nombre para su módulo de política para su %s."
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2396,7 +2398,7 @@ msgstr "USER Types automáticamente obtiene un tipo tmp"
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "%s módulo de política requieren dominios existentes"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2416,7 +2418,7 @@ msgstr "Archivo de contextos de archivo"
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "Fichero spec"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2438,11 +2440,11 @@ msgstr "Permite a amavis usar un compilador de JIT"
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "Permitir a programas antivirus leer ficheros no asegurados sobre un sistema"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "Permitir al administrador de auditoria ejecutar contenido"
#: booleans.py:6
msgid ""
@@ -2456,11 +2458,11 @@ msgstr "Permite a usuarios iniciar sesión mediante un servidor Radius"
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "Permite a los usuario acceder usando una servidor yubikey"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "Permitir a awstats purgar los registros de Apache"
#: booleans.py:10
msgid ""
@@ -2528,11 +2530,11 @@ msgstr "Permite a todos los demonios la lectura y escritura de terminales"
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "Permitir a dan gestionar los archivos del usuario"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "Permitir a dan leer los archivos del usuario"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2599,7 +2601,7 @@ msgstr "Permite al dominio en valla ejecutar ssh."
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "Permite ejecutar todos los dominios en modo fips"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2699,7 +2701,7 @@ msgstr "Permite a GSSD leer el directorio temp. Para acceder a kerberos tgt."
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "Permite al invitado ejecutar contenido"
#: booleans.py:65
msgid ""
@@ -2854,7 +2856,7 @@ msgstr "Permite a HTTPD acceder a puertos Openstack"
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "Permite a Apache consultar registros NS"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2951,7 +2953,7 @@ msgstr "Permite a las aplicaciones confinadas usar memoria compartida NSCD "
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "Permite openshift para lockdown app"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3116,7 +3118,7 @@ msgstr "Permite a SASL leer sombra"
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "Permita a secadm ejecutar contenido"
#: booleans.py:162
msgid ""
@@ -3188,7 +3190,7 @@ msgstr "Permite a scripts y módulos HTTPD la conexión al puerto LDAP"
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "Permite al usuario usar el entorno ssh chroot"
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3270,7 +3272,7 @@ msgstr "Permitir ingresos ssh como sysadm_r:sysadm_t"
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "Permite a staff ejecutar contenido"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3278,7 +3280,7 @@ msgstr "Permite a scripts y módulos HTTPD la conexión al puerto LDAP"
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "Permite a sysadm ejecutar contenido"
#: booleans.py:194
msgid ""
@@ -3297,7 +3299,7 @@ msgstr "Permite a tftp modificar los archivos públicos utilizados para servicio
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "Permite a tftp leer y escribir archivos en los directorios home de usuario"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3305,7 +3307,7 @@ msgstr "Permite a scripts y módulos HTTPD la conexión al puerto LDAP"
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "Permite a tor actuar como relé"
#: booleans.py:200
msgid ""
@@ -3353,7 +3355,7 @@ msgstr "Soporta directorios principales de Samba"
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "Permite al usuario ejecutar contenido"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3383,7 +3385,7 @@ msgstr "Permite a los huéspedes virtuales confinados administrar archivos NFS"
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "Permite a los invitados virtuales confinados interactuar con sockets rawip"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3447,7 +3449,7 @@ msgstr "Permite a los usuario xguest configurar el Network Manager y conectar
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "Permite a xguest ejecutar contenido"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/gu.po b/policycoreutils/po/gu.po
index 165b892..148719d 100644
--- a/policycoreutils/po/gu.po
+++ b/policycoreutils/po/gu.po
@@ -5,13 +5,14 @@
# Translators:
# Ankit Patel <ankit@redhat.com>, 2006-2008.
# Sweta Kothari <swkothar@redhat.com>, 2008-2010,2012.
+# <swkothar@redhat.com>, 2013.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-04-01 09:26+0000\n"
+"Last-Translator: sweta <swkothar@redhat.com>\n"
"Language-Team: Gujarati <trans-gu@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -287,7 +288,7 @@ msgstr "MLS/MCS વિસ્તાર"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "સેવા"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -424,7 +425,7 @@ msgstr "પ્રકાર જરૂરી છે"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "પ્રકાર %s અયોગ્ય છે, પોર્ટ પ્રકાર હોવુ જ જોઇએ"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -546,12 +547,12 @@ msgstr "અજ્ઞાત અથવા ગેરહાજર પ્રોટો
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "SELinux નોડ પ્રકારની જરૂરિયાત છે"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "પ્રકાર %s અયોગ્ય છે, નોડ પ્રકાર હોવુ જ જોઇએ"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -785,7 +786,7 @@ msgstr "ફાઇલ સ્પષ્ટીકરણ %s સરખા નિયમ
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "પ્રકાર %s અયોગ્ય છે, ફાઇલ અથવા ઉપકરણ પ્રકાર હોવુ જ જોઇએ"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2173,11 +2174,11 @@ msgstr "પેચ કે જેમાં ઉત્પન્ન થયેલ SELi
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "મુખ્ય પાનાં માટે OS નું નામ"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "પસંદ થયેલ SELinux મુખ્ય પાનાં માટે HTML મુખ્ય પાનાં બંધારણને પેદા કરો"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2225,7 +2226,7 @@ msgstr "બુલિયનની જાણકારીને જોવા મા
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "બધા બુલિયન વર્ણનોને મેળવો"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2247,11 +2248,11 @@ msgstr "લક્ષ્ય પ્રક્રિયા ડોમેઇન"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "પોલિસીનાં આ પ્રકાર માટે આદેશ જરૂરી"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "SELinux પોલિસી ઇન્ટરફેસની યાદી કરો"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2259,15 +2260,15 @@ msgstr "SELinux પોલિસી મોડ્યુલ ટૅમ્પલે
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "ડોમેઇન પ્રકારને દાખલ કરો કે તમે વિસ્તારી હશો"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "SELinux વપરાશકર્તા(ઓ) ને દાખલ કરો કે જે આ ડોમેઇનનું પરિવર્તન કરશે"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "ડોમેઇન (ઓ) ને દાખલ કરો કે દે આ શુદ્દ સંચાલકને સંચાલિત કરશે"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2275,7 +2276,7 @@ msgstr "ઉત્પન્ન કરવા માટે પોલિસીનુ
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "પાથ કે જેમાં પેદા થયેલ પોલિસી ફાઇલો સંગ્રહેલ હશે"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2289,7 +2290,7 @@ msgstr "પુરાવા માટેના એક્ઝેક્યુટે
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "%s માટે પોલિસી ઉત્પન્ન કરો"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2297,16 +2298,16 @@ msgstr "આદેશો"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "વૈકલ્પિક SELinux પોલિસી, /sys/fs/selinux/policy મૂળભૂત છે"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "SELinux પોલિસી સ્થાપિત થયેલ નથી"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "%s પોલિસી ફાઇલને વાંચવામાં નિષ્ફળતા"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2318,27 +2319,27 @@ msgstr "ઇન્ટરનેટ સેવા ડિમન"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "હાલનો ડોમેઇન પ્રકાર"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "ન્યૂનત્તમ ટર્મિનલ પ્રવેશ વપરાશકર્તા ભૂમિકા"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "ન્યૂનત્તમ X વિન્ડો પ્રવેશ વપરાશકર્તા ભૂમિકા"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "ડેસ્કટોપ લૉગિન વપરાશકર્તા ભૂમિકા"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "સંચાલક લૉગિન વપરાશકર્તા ભૂમિકા"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "શુદ્દ રુટ સંચાલક ભૂમિકા"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2351,12 +2352,12 @@ msgstr "પોર્ટો નંબરો કે 1 થી %d સુધીના
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "તમારે યોગ્ય પોલિસી પ્રકારને દાખલ કરવુ જ જોઇએ"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "તમે તમારી %s માટે તમારી પોલિસી મોડ્યુલ માટે તમારા નામને દાખલ કરવુ જ જોઇએ."
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2395,7 +2396,7 @@ msgstr "USER પ્રકારો આપોઆપ tmp પ્રકાર મે
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "%s પોલિસી મોડ્યુલને હાલનાં ડોમેઇનની જરૂર છે"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2415,7 +2416,7 @@ msgstr "ફાઈલ સંદર્ભો ફાઈલ"
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "Spec ફાઇલ"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2437,11 +2438,11 @@ msgstr "JIT કમ્પાઇલરને વાપરવા માટે amavi
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "સિસ્ટમ પર બિન સુરક્ષિત ફાઇલોને વાંચવા માટે એન્ટીવાઇરસ કાર્યક્રમોને પરવાનગી આપો"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "સમાવિષ્ટને ચલાવવા માટે auditadm ની પરવાનગી આપો"
#: booleans.py:6
msgid ""
@@ -2455,11 +2456,11 @@ msgstr "radius સર્વરની મદદથી પ્રવેશવા
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "yubikey સર્વરની મદદથી પ્રવેશવા વપરાશકર્તાઓને પરવાનગી આપો"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "Apache લૉગને શુદ્દ કરવા માટે awstats ને પરવાનગી આપો"
#: booleans.py:10
msgid ""
@@ -2527,11 +2528,11 @@ msgstr "ટર્મિનલોને વાંચવા/લખવાની ક
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "વપરાશકર્તા ફાઇલોને સંચાલિત કરવા માટે dan ને પરવાનગી આપો"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "વપરાશકર્તા ફાઇલોને વાંચવા માટે dan ને પરવાનગી આપો"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2598,7 +2599,7 @@ msgstr "ssh ને ચલાવવા માટે fenced ડોમેઇનન
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "fips સ્થિતિમાં ચલાવવા માટે બધા ડોમેઇનને પરવાનગી આપો (_m)"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2698,7 +2699,7 @@ msgstr "temp ડિરેક્ટરીને વાંચવા માટે g
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "સમાવિષ્ટને ચલાવવા માટે મહેમાનને પરવાનગી આપો"
#: booleans.py:65
msgid ""
@@ -2853,7 +2854,7 @@ msgstr "openstack પોર્ટોને વાપરવા માટે httpd
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "NS રેકોર્ડને ક્વેરી કરવા માટે Apache ને પરવાનગી આપો"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2950,7 +2951,7 @@ msgstr "nscd વહેંચાયેલ મેમરીને વાપરવ
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "કાર્યક્રમને તાળુ મારવા માટે openshift ને પરવાનગી આપો"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3115,7 +3116,7 @@ msgstr "શૅજોને વાંચવા sasl ને પરવાનગી
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "સમાવિષ્ટને ચલાવવા માટે secadm ને પરવાનગી આપો"
#: booleans.py:162
msgid ""
@@ -3187,7 +3188,7 @@ msgstr "વપરાશકર્તાઓને TCP સર્વરો ચલા
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "ssh chroot પર્યાવરણને વાપરવા માટે વપરાશકર્તાને પરવાનગી આપો."
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3269,7 +3270,7 @@ msgstr "ssh પ્રવેશોને sysadm_r:sysadm_t તરીકે પર
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "સમાવિષ્ટને ચલાવવા માટે staff ને પરવાનગી આપો"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3277,7 +3278,7 @@ msgstr "svirt ડોમેઇનને બનાવવા અને પરિવ
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "સમાવિષ્ટને ચલાવવા માટે sysadm ને પરવાનગી આપો"
#: booleans.py:194
msgid ""
@@ -3296,7 +3297,7 @@ msgstr "સાર્વજનિક ફાઇલ પરિવહન સેવા
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "વપરાશકર્તા ઘર ડિરેક્ટરીમાં ફાઇલોને વાંચવા અને લખવા માટે tftp ને પરવાનગી આપો"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3304,7 +3305,7 @@ msgstr "બધા અનારક્ષિત પોર્ટો માટે tc
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "relay તરીકે કાર્ય કરવા માટે tor ને પરવાનગી આપો"
#: booleans.py:200
msgid ""
@@ -3352,7 +3353,7 @@ msgstr "SAMBA ઘર ડિરેક્ટરીઓને આધાર આપો
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "સમાવિષ્ટને ચલાવવા માટે વપરાશકર્તાને પરવાનગી આપો"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3382,7 +3383,7 @@ msgstr "nfs ફાઇલોને સંચાલિત કરવા માટ
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "rawip સોકેટ સાથે સંપર્ક કરવા માટે શુધ્ધ વર્ચ્યુઅલ મહેમાનોને પરવાનગી આપો"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3446,7 +3447,7 @@ msgstr "જો તમે Network Manager ને રૂપરેખાંકિ
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "સમાવિષ્ટને ચલાવવા માટે xguest ને પરવાનગી આપો"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/ja.po b/policycoreutils/po/ja.po
index 72ae12d..649d288 100644
--- a/policycoreutils/po/ja.po
+++ b/policycoreutils/po/ja.po
@@ -9,14 +9,14 @@
# <noriko@fedoraproject.org>, 2012.
# Noriko Mizumoto <noriko@redhat.com>, 2006, 2008, 2009.
# Takuro Nagamoto <tnagamot@redhat.com>, 2006.
-# Tomoyuki KATO <tomo@dream.daynight.jp>, 2012.
+# Tomoyuki KATO <tomo@dream.daynight.jp>, 2012-2013.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-02-14 03:32+0000\n"
+"Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n"
"Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -292,7 +292,7 @@ msgstr "MLS/MCS 範囲"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "サービス"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -429,7 +429,7 @@ msgstr "タイプが必要です"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "形式 %s が無効です、ポート形式である必要があります"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -551,12 +551,12 @@ msgstr "不明又は欠如したプロトコル"
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "SELinux ノード形式が必要です"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "形式 %s が無効です、ノード形式である必要があります"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -790,7 +790,7 @@ msgstr "ファイル仕様 %s は、等価規則 '%s %s' と競合します; 代
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "形式 %s が無効です、ファイルまたはデバイス形式である必要があります"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2178,11 +2178,11 @@ msgstr "生成された SELinux の man ページの格納先となるパス"
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "マニュアルページ向け OS 名称"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "選択された SELinux マニュアルページ向けの HTML マニュアルページの構成を生成する"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2230,7 +2230,7 @@ msgstr "SELinux に問い合わせて boolean の詳細を表示する"
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "すべてのブーリアンの説明を取得する"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2252,11 +2252,11 @@ msgstr "ターゲットプロセスドメイン"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "この種類のポリシーに対して要求されるコマンド"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "SELinux ポリシー・インターフェースの一覧表示"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2294,7 +2294,7 @@ msgstr "制限を課す実行ファイル"
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "%s 向けのポリシーの生成"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2306,12 +2306,12 @@ msgstr ""
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "インストールされている SELinux ポリシーがありません"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "%s ポリシーファイルの読み込みに失敗しました"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2335,15 +2335,15 @@ msgstr ""
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "デスクトップログインユーザーロール"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "管理者のログインユーザーロール"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "制限された root 管理者ロール"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2356,7 +2356,7 @@ msgstr "ポートは数字、又は 1 から %d までの数字の範囲でな
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "有効なポリシー種別を入力する必要があります"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
@@ -2460,11 +2460,11 @@ msgstr "ユーザーが RADIUS サーバーを使用してログインするこ
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "ユーザーが yubikey サーバーを使用してログインすることを許可する"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "awstats が Apache のログを消去することを許可する"
#: booleans.py:10
msgid ""
@@ -2532,11 +2532,11 @@ msgstr "すべてのデーモンが端末を読み書きすることを許可し
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "dan がユーザーファイルを管理することを許可する"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "dan がユーザーファイルを読み取ることを許可する"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2603,7 +2603,7 @@ msgstr "隔離ドメインによる ssh の実行を許可します。"
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "すべてのドメインが fips_mode で実行することを許可する"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2872,7 +2872,7 @@ msgstr "あらゆるポートへの接続および予約されていないポー
#: booleans.py:103
msgid "Allow confined applications to run with kerberos."
-msgstr ""
+msgstr "制限されたアプリケーションが Kerberos とともに動作することを許可する"
#: booleans.py:104
msgid "Allow syslogd daemon to send mail"
@@ -2880,11 +2880,11 @@ msgstr "syslogd デーモンがメールを送信することを許可します
#: booleans.py:105
msgid "Allow syslogd the ability to read/write terminals"
-msgstr ""
+msgstr "syslogd が端末を読み書きすることを許可する"
#: booleans.py:106
msgid "Allow logging in and using the system from /dev/console."
-msgstr ""
+msgstr "/dev/console からログインしてシステムを使用することを許可する"
#: booleans.py:107
msgid ""
@@ -2947,7 +2947,7 @@ msgstr ""
#: booleans.py:120
msgid "Allow system to run with NIS"
-msgstr ""
+msgstr "システムが NIS を使用することを許可する"
#: booleans.py:121
msgid "Allow confined applications to use nscd shared memory."
@@ -3361,7 +3361,7 @@ msgstr ""
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
-msgstr ""
+msgstr "varnishd が HTTP 以外のすべてのポートに接続することを許可する"
#: booleans.py:212
msgid "Ignore vbetool mmap_zero errors."
@@ -3370,20 +3370,20 @@ msgstr "vbetool mmap_zero エラーを無視します。"
#: booleans.py:213
msgid ""
"Allow confined virtual guests to use serial/parallel communication ports"
-msgstr ""
+msgstr "制限された仮想マシンがシリアル/パラレル通信ポートを使用することを許可する"
#: booleans.py:214
msgid ""
"Allow confined virtual guests to use executable memory and executable stack"
-msgstr ""
+msgstr "制限された仮想マシンが実行可能なメモリおよび実行可能なスタックを使用することを許可する"
#: booleans.py:215
msgid "Allow confined virtual guests to read fuse files"
-msgstr ""
+msgstr "制限された仮想マシンが FUSE ファイルを読み込むことを許可する"
#: booleans.py:216
msgid "Allow confined virtual guests to manage nfs files"
-msgstr ""
+msgstr "制限された仮想マシンが NFS ファイルを管理することを許可する"
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
@@ -3391,15 +3391,15 @@ msgstr ""
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
-msgstr ""
+msgstr "制限された仮想マシンが CIFS ファイルを管理することを許可する"
#: booleans.py:219
msgid "Allow confined virtual guests to interact with the sanlock"
-msgstr ""
+msgstr "制限された仮想マシンが sanlock と通信することを許可する"
#: booleans.py:220
msgid "Allow confined virtual guests to manage device configuration, (pci)"
-msgstr ""
+msgstr "制限された仮想マシンがデバイス設定 (pci) を管理することを許可する"
#: booleans.py:221
msgid "Allow confined virtual guests to use usb devices"
@@ -3438,11 +3438,11 @@ msgstr "Xen が NFS ファイルを管理することを許可する"
msgid ""
"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated "
"logical volumes for disk images."
-msgstr ""
+msgstr "xend が blktapctrl/tapdisk を実行することを許可する。ディスクイメージ用の専用論理ボリュームを使用していなければ、必要ありません。"
#: booleans.py:230
msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb."
-msgstr ""
+msgstr "xend が qemu-dm を実行することを許可する。準仮想化を使用していて、vfb がなければ、必要ありません。"
#: booleans.py:231
msgid ""
@@ -3455,11 +3455,11 @@ msgstr ""
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
-msgstr ""
+msgstr "xguest ユーザーがリムーバブルメディアをマウントすることを許可する"
#: booleans.py:234
msgid "Allow xguest to use blue tooth devices"
-msgstr ""
+msgstr "xguest が Bluetooth デバイスを使用することを許可する"
#: booleans.py:235
msgid "Allows clients to write to the X server shared memory segments."
diff --git a/policycoreutils/po/ml.po b/policycoreutils/po/ml.po
index e7b146f..d2d30e4 100644
--- a/policycoreutils/po/ml.po
+++ b/policycoreutils/po/ml.po
@@ -4,13 +4,14 @@
#
# Translators:
# Ani Peter <apeter@redhat.com>, 2006-2007,2012.
+# Ani Peter <apeter@redhat.com>, 2006-2007,2012, 2013.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-04-04 16:49+0000\n"
+"Last-Translator: Ani Peter <apeter@redhat.com>\n"
"Language-Team: Malayalam <discuss@lists.smc.org.in>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -286,7 +287,7 @@ msgstr "MLS/MCS പരിധി"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "സര്‍വീസ്"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -423,7 +424,7 @@ msgstr "ടൈപ്പ് ആവശ്യമുണ്ട്ല്ല "
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "തരം %s അസാധുവാണു്, ഒരു പോര്‍ട്ട് തരമായിരിയ്ക്കണം"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -545,12 +546,12 @@ msgstr "അപരിചിതം അല്ലെങ്കില്‍ ലഭ്
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "SELinux നോഡ് തരം ആവശ്യമുണ്ടു്"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "%s തരം അസാധുവാണു്, ഒരു നോഡ് രീതിയിലായിരിയ്ക്കണം"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -784,7 +785,7 @@ msgstr "ഫയല്‍ വിശേഷത %s '%s %s'-മായി പൊരു
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "%s തരം അസാധുവാണു്, ഒരു ഫയല്‍ അല്ലെങ്കില്‍ ഡിവൈസ് രീതിയിലായിരിയ്ക്കണം"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2172,11 +2173,11 @@ msgstr "ലഭ്യമാക്കിയ SELinux മാന്‍ താളു
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "മാന്‍ താളുകള്‍ക്കുള്ള ഒഎസിന്റെ പേരു്"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "തെരഞ്ഞെടുത്ത SELinux മാന്‍ താളിനുള്ള എച്‌ടിഎംഎല്‍ മാന്‍ താള്‍ ശൈലി ലഭ്യമാക്കുക"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2224,7 +2225,7 @@ msgstr "ബൂളിയനുകളുടെ വിവരണം കാണുന
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "എല്ലാ ബൂളിയന്‍ വിവരണങ്ങളും ലഭ്യമാക്കുക"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2246,11 +2247,11 @@ msgstr "ടാര്‍ഗറ്റ് പ്രൊസസ്സ് ഡൊമെ
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "ഈ തരത്തിലുള്ള പോളിസിയ്ക്കു് കമാന്‍ഡ് ആവശ്യമുണ്ടു്"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "SELinux പോളിസി ഇന്റര്‍ഫെയിസുകള്‍ ലഭ്യമാക്കുക"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2258,15 +2259,15 @@ msgstr "SELinux പോളിസി ഘടക മാതൃക ലഭ്യമാ
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "നിങ്ങള്‍ വികസിപ്പിയ്ക്കുവാന്‍ ഉദ്ദേശിയ്ക്കുന്ന ഡൊമെയിന്‍ തരം നല്‍കുക"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "ഈ ഡൊമെയിനിലേക്കു് വേര്‍തിരിയ്ക്കപ്പെടുന്ന SELinux ഉപയോക്താക്കളെ നല്‍കുക"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "ഈ അഡ്മിന്‍ അഡ്മിനിസ്ട്രേറ്റ് ചെയ്യുന്ന ഡൊമെയിന്‍ നല്‍കുക"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2274,7 +2275,7 @@ msgstr "ലഭ്യമാക്കേണ്ട പോളിസിയുടെ
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "തയ്യാറാക്കിയ പോളിസി ഫയലുകള്‍ സൂക്ഷിയ്ക്കുന്ന പാഥ്"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2288,7 +2289,7 @@ msgstr "പ്രവര്‍ത്തിപ്പിയ്ക്കുവാന
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "%s-നുള്ള പോളിസി തയ്യാറാക്കുക"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2296,16 +2297,16 @@ msgstr "കമാന്‍ഡുകള്‍"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "മറ്റൊരു SELinux പോളിസി, സ്വതവേയുള്ളതു് /sys/fs/selinux/policy"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "SELinux പോളിസി ഇന്‍സ്റ്റോള്‍ ചെയ്തിട്ടില്ല"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "%s പോളിസി ഫയല്‍ ലഭ്യമാക്കുന്നതില്‍ പരാജയപ്പെട്ടു"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2317,27 +2318,27 @@ msgstr "ഇന്റര്‍നെറ്റ് സര്‍വീസസ് ഡ
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "നിലവിലുള്ള ഡൊമെയിന്‍ തരം"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "ഏറ്റവും കുറഞ്ഞ ടെര്‍മിനല്‍ പ്രവേശന ഉപയോക്താവു്"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "ഏറ്റവും കുറഞ്ഞ എക്സ് വിന്‍ഡോ പ്രവേശനത്തിനുള്ള ഉപയോക്താവു്"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "പണിയിട പ്രവേശന ഉപയോക്താവു്"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "അഡ്മിനിസ്ട്രേറ്റര്‍ പ്രവേശന ഉപയോക്താവു്"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "കണ്‍ഫൈന്‍ഡ് റൂട്ട് അഡ്മിനിസ്ട്രേറ്റര്‍ നിയമനം"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2350,12 +2351,12 @@ msgstr "പോര്‍ട്ടുകളുടെ നമ്പര്‍ 1 മ
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "ശരിയായൊരു പോളിസി തരം നല്‍കണം"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "നിങ്ങളുടെ %s-നുള്ള പോളിസി ഘടകത്തിനുള്ളൊരു നാമം നല്‍കണം."
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2394,7 +2395,7 @@ msgstr "USER തരത്തിലുള്ളവയ്ക്ക് സ്വയ
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "%s പോളിസി ഘടകങ്ങള്‍ക്കു് നിലവിലുള്ള ഡൊമെയിനുകള്‍ ആവശ്യമുണ്ടു്"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2414,7 +2415,7 @@ msgstr "ഫൈല്‍ കോണ്‍ടെക്സ്റ്റ് ഫയല
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "സ്പെക്ക് ഫയല്‍"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2436,11 +2437,11 @@ msgstr "ജെഐറ്റി കംപൈലര്‍ ഉപയോഗിയ്
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "ഒരു സിസ്റ്റത്തില്‍ സുരക്ഷിതമല്ലാത്ത ഫയലുകള്‍ ലഭ്യമാക്കുന്നതിനുള്ള ആന്റിവൈറസ് പ്രോഗ്രാമുകള്‍ അനുവദിയ്ക്കുക"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "ഉള്ളടക്കം ലഭ്യമാക്കുന്നതിനു് auditadm അനുവദിയ്ക്കുക"
#: booleans.py:6
msgid ""
@@ -2454,11 +2455,11 @@ msgstr "ഒരു റേഡിയസ് സര്‍വര്‍ ഉപയോഗ
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "ഒരു yubikey സര്‍വര്‍ ഉപയോഗിച്ചു് പ്രവേശിയ്ക്കുന്നതിനു് ഉപയോക്താക്കളെ അനുവദിയ്ക്കുക"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "അപ്പാച്ചെ ലോഗുകള്‍ പേര്‍ജ് ചെയ്യുന്നതിനു് awstats അനുവദിയ്ക്കുക"
#: booleans.py:10
msgid ""
@@ -2526,11 +2527,11 @@ msgstr "ടെര്‍മിനലുകള്‍ ലഭ്യമാക്ക
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "ഉപയോക്താക്കള്‍ക്കുള്ള ഫയലുകള്‍ കൈകാര്യം ചെയ്യുന്നതിനു് dan അനുവദിയ്ക്കുക"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "ഉപയോക്താക്കള്‍ക്കുള്ള ഫയലുകള്‍ കൈകാര്യം ചെയ്യുന്നതിനു് dan അനുവദിയ്ക്കുക"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2597,7 +2598,7 @@ msgstr "ssh നടപ്പിലാക്കുന്നതിനായി fenc
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "fips_mode-ല്‍ എല്ലാ ഡൊമെയിനുകളും നടപ്പിലാക്കുന്നതിനു് അനുവദിയ്ക്കുക"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2697,7 +2698,7 @@ msgstr "താല്‍ക്കാലിക ഡയറക്ടറി ലഭ്
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "ഉള്ളടക്കം നടപ്പിലാക്കുന്നതിനു് ഗസ്റ്റിനെ അനുവദിയ്ക്കുക"
#: booleans.py:65
msgid ""
@@ -2852,7 +2853,7 @@ msgstr "ഓപ്പണ്‍സ്റ്റാക്ക് പോര്‍ട
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "എന്‍എസ് റിക്കോര്‍ഡുകള്‍ ചോദ്യം ചെയ്യുന്നതിനായി അപ്പാച്ചയെ അനുവദിയ്ക്കുക"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2949,7 +2950,7 @@ msgstr "nscd പങ്കിടുന്ന മെമ്മറി ഉപയോ
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "പ്രയോഗം പൂട്ടുന്നതിനായി openshift അനുവദിയ്ക്കുക"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3114,7 +3115,7 @@ msgstr "ഷാഡോ ലഭ്യമാക്കുന്നതിനായി s
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "ഉള്ളടക്കം നടപ്പിലാക്കുന്നതിനായി secadm അനുവദിയ്ക്കുക"
#: booleans.py:162
msgid ""
@@ -3186,7 +3187,7 @@ msgstr "ടിസിപി സര്‍വറുകള്‍ പ്രവര്
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "ssh chroot എന്‍വയണ്മെന്റ് ഉപയോഗിയ്ക്കുന്നതിനായി ഉപയോക്താവിനെ അനുവദിയ്ക്കുക."
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3268,7 +3269,7 @@ msgstr "ssh ലോഗിനുകളെ sysadm_r:sysadm_t ആയി അനുവ
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "ഉള്ളടക്കം നടപ്പിലാക്കുന്നതിനായി staff-നെ അനുവദിയ്ക്കുക"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3276,7 +3277,7 @@ msgstr "svirt ഡൊമെയിനുകളിലേക്കുള്ള മ
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "ഉള്ളടക്കം നടപ്പിലാക്കുന്നതിനായി sysadm-നെ അനുവദിയ്ക്കുക"
#: booleans.py:194
msgid ""
@@ -3295,7 +3296,7 @@ msgstr "പൊതു ഫയല്‍ ഇടപാടുകള്‍ക്കു
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "ഉപയോക്താവിനുള്ള ആസ്ഥാന ഡയറക്ടറികളില്‍ ഫയലുകള്‍ സൂക്ഷിയ്ക്കുന്നതിനും ലഭ്യമാക്കുന്നതിനും tftp അനുവദിയ്ക്കുന്നു"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3303,7 +3304,7 @@ msgstr "കരുതിവച്ചിട്ടില്ലാത്ത എല
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "റിലേയായി നടപ്പിലാക്കുവാന്‍ tor-നെ അനുവദിയ്ക്കുക"
#: booleans.py:200
msgid ""
@@ -3351,7 +3352,7 @@ msgstr "സാംബാ ആസ്ഥാന ഡയറക്ടറികള്‍
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "ഉള്ളടക്കം നടപ്പിലാക്കുന്നതിനു് ഉപയോക്താവിനെ അനുവദിയ്ക്കുക"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3381,7 +3382,7 @@ msgstr "nfs ഫയലുകളെ കൈകാര്യം ചെയ്യുവ
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "rawip സോക്കറ്റുകളുമായി ഇടപെടുന്നതിനു് വിര്‍ച്ച്വല്‍ ഗസ്റ്റുകളെ അനുവദിയ്ക്കുക"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3445,7 +3446,7 @@ msgstr "നെറ്റ്‌വര്‍ക്ക് മാനേജര്‍
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "ഉള്ളടക്കം നടപ്പിലാക്കുവാന്‍ xguest-നെ അനുവദിയ്ക്കുക"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/or.po b/policycoreutils/po/or.po
index c95cd67..7a89213 100644
--- a/policycoreutils/po/or.po
+++ b/policycoreutils/po/or.po
@@ -5,14 +5,15 @@
# Translators:
# Manoj Kumar Giri <giri.manojkr@gmail.com>, 2008.
# Manoj Kumar Giri <mgiri@redhat.com>, 2008-2010,2012.
+# Manoj Kumar Giri <mgiri@redhat.com>, 2008-2010,2012, 2013.
# Subhransu Behera <sbehera@redhat.com>, 2006.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-04-02 11:30+0000\n"
+"Last-Translator: Manoj Kumar Giri <mgiri@redhat.com>\n"
"Language-Team: Oriya (http://www.transifex.com/projects/p/fedora/language/or/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -25,7 +26,7 @@ msgid ""
"USAGE: run_init <script> <args ...>\n"
" where: <script> is the name of the init script to run,\n"
" <args ...> are the arguments to that script."
-msgstr "ବ୍ଯବହାର ବିଧି: run_init <script> <args ...>\n ଯେଉଁଠାରେ: <script> ଚଲାଯିବା କୁ ଥିବା ସ୍କ୍ରିପ୍ଟ ର ନାମ,\n <args ...> ସେହି ସ୍କ୍ରିପ୍ଟ ର ସ୍ବତନ୍ତ୍ରଚର"
+msgstr "ବ୍ଯବହାର ବିଧି: run_init <script> <args ...>\n ଯେଉଁଠାରେ: <script> ଚଲାଯିବା କୁ ଥିବା ସ୍କ୍ରିପ୍ଟ ର ନାମ,\n <args ...> ସେହି ସ୍କ୍ରିପ୍ଟ ର ସ୍ବତନ୍ତ୍ରଚର।"
#: ../run_init/run_init.c:126 ../newrole/newrole.c:1123
#, c-format
@@ -288,7 +289,7 @@ msgstr "MLS/MCS ପରିସର"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "ସର୍ଭିସ"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -425,7 +426,7 @@ msgstr "ପ୍ରକାର ଆବଶ୍ଯକ"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "ପ୍ରକାର %s ଟି ଅବୈଧ ଅଟେ, ନିଶ୍ଚିତ ଭାବରେ ଏକ ପୋର୍ଟ ପ୍ରକାର ଅଟେ"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -547,12 +548,12 @@ msgstr "ଅଜଣା କିମ୍ବା ଅନୁପସ୍ଥିତ ପ୍ରୋ
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "SELinux ନୋଡ ଆବଶ୍ୟକ"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "ପ୍ରକାର %s ଟି ଅବୈଧ ଅଟେ, ନିଶ୍ଚିତ ଭାବରେ ଏକ ନୋଡ ପ୍ରକାର ଅଟେ"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -786,7 +787,7 @@ msgstr "ଫାଇଲ ଲକ୍ଷଣ %s ସମାନତା ନିୟମ '%s %s'
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "ପ୍ରକାର %s ଟି ଅବୈଧ ଅଟେ, ନିଶ୍ଚିତ ଭାବରେ ଏକ ଫାଇଲ କିମ୍ବା ଉପକରଣ ପ୍ରକାର ଅଟେ"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2174,11 +2175,11 @@ msgstr "ପ୍ରସ୍ତୁତ SELinux man ପୃଷ୍ଠାଗୁଡ଼ି
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "man ପୃଷ୍ଠାଗୁଡ଼ିକ ପାଇଁ OS ର ନାମ"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "ବଚ୍ଛିତ SELinux man ପୃଷ୍ଠା ପାଇଁ HTML man ପୃଷ୍ଠାଗୁଡ଼ିକ ନିର୍ମାଣ କରନ୍ତୁ"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2226,7 +2227,7 @@ msgstr "ବୁଲିଆନଗୁଡ଼ିକର ବର୍ଣ୍ଣନାକୁ
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "ସମସ୍ତ ବୁଲିଆନ ବର୍ଣ୍ଣନାକୁ ଗ୍ରହଣ କରନ୍ତୁ"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2248,11 +2249,11 @@ msgstr "ଲକ୍ଷ୍ଯସ୍ଥଳ ପଦ୍ଧତି ଡମେନ"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "ଏହି ପ୍ରକାରର ନିତୀ ପାଇଁ ନିର୍ଦ୍ଦେଶ ଆବଶ୍ୟକ"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "SELinux ନିତୀ ଅନ୍ତରାପୃଷ୍ଠଗୁଡ଼ିକୁ ତାଲିକାଭୁକ୍ତ କରନ୍ତୁ"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2260,15 +2261,15 @@ msgstr "SELinux ନିତୀ ମଡ୍ୟୁଲ ନମୁନା ପ୍ରସ୍
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "ଆପଣ ବିସ୍ତାର କରୁଥିବା ଡମେନ ପ୍ରକାର ଭରଣ କରନ୍ତୁ"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "SELinux ବ୍ୟବହାରକାରୀ(ମାନଙ୍କୁ) ଭରଣ କରନ୍ତୁ ଯାହାକି ଏହି ଡମେନକୁ ପରିବର୍ତ୍ତନ ହେବ"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "ସିମୀତ ପ୍ରଶାସକ ଦ୍ୱାର ଶାସିତ ଡମେନ(ଗୁଡ଼ିକୁ)ଭରଣ କରନ୍ତୁ"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2276,7 +2277,7 @@ msgstr "ପ୍ରସ୍ତୁତ କରିବାକୁ ଥିବା ନିତୀ
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "ଯେଉଁ ପଥରେ ସୃଷ୍ଟି ହୋଇଥିବା ନିତୀ ଫାଇଲଗୁଡ଼ିକୁ ସଂରକ୍ଷଣ କରାଯିବ"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2290,7 +2291,7 @@ msgstr "ସୀମିତ ରଖିବା ପାଇଁ ନିଷ୍ପାଦନଯ
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "%s ପାଇଁ ନିର୍ମିତ ନିତୀ"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2298,16 +2299,16 @@ msgstr "ନିର୍ଦ୍ଦେଶଗୁଡ଼ିକ"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "ବୈକଳ୍ପିକ SELinux ନିତୀ, /sys/fs/selinux/policy ରେ ପୂର୍ବନିର୍ଦ୍ଧାରିତ"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "କୌଣସି SELinux ନିତୀ ସ୍ଥାପିତ ହୋଇନାହିଁ"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "%s ନିତୀ ଫାଇଲକୁ ପଢ଼ିବାରେ ବିଫଳ"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2319,27 +2320,27 @@ msgstr "ଇଣ୍ଟରନେଟ ସର୍ଭିସ ଡେମନ"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "ସ୍ଥିତବାନ ଡମେନ ପ୍ରକାର"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "ସର୍ବନିମ୍ନ ଟର୍ମିନାଲ ଲଗଇନ ବ୍ୟବହାରକାରୀ ଭୂମିକା"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "ସର୍ବନିମ୍ନ X ୱିଣ୍ଡୋ ଲଗଇନ ବ୍ୟବହାରକାରୀ ଭୂମିକା"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "ଡେସ୍କଟପ ଲଗଇନ୍‌ ବ୍ୟବହାରକାରୀ ଭୂମିକା"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "ପ୍ରଶାସକ ଲଗଇନ୍‌ ବ୍ୟବହାରକାରୀ ଭୂମିକା"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "ସୀମିତ ରୁଟ ପ୍ରଶାସକ ଭୂମିକା"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2352,12 +2353,12 @@ msgstr "ସଂଯୋଗିକୀଗୁଡିକ ନିଶ୍ଚିତ ରୂପ
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "ଆପଣଙ୍କୁ ଏକ ବୈଧ ନିତୀ ପ୍ରକାର ଭରଣ କରିବାକୁ ହେବ"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "ଆପଣଙ୍କର %s ପାଇଁ ଆପଣଙ୍କୁ ନିତୀ ମଡ୍ୟୁଲ ପାଇଁ ନିଶ୍ଚିତ ଭାବରେ ଏକ ନାମ ଭରଣ କରିବାକୁ ହେବ"
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2396,7 +2397,7 @@ msgstr "USER ପ୍ରକାରଗୁଡିକ ସ୍ୱୟଂଚାଳିତଭ
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "%s ନିତୀ ମଡ୍ୟୁଲଗୁଡ଼ିକ ସ୍ଥିତବାନ ଡମେନ ଆବଶ୍ୟକ କରିଥାଏ"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2416,7 +2417,7 @@ msgstr "ଫାଇଲ ପ୍ରସଙ୍ଗ ଫାଇଲ"
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "ସ୍ପେକ୍‌ ଫାଇଲ"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2438,11 +2439,11 @@ msgstr "JIT ସଙ୍କଳକକୁ ବ୍ୟବହାର କରିବା ପ
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "ଏକ ତନ୍ତ୍ରରେ ସୁରକ୍ଷା ହୀନ ଫାଇଲଗୁଡ଼ିକୁ ପଢ଼ିବା ପାଇଁ ଏଣ୍ଟିଭାଇରସ୍‌ ପ୍ରଗ୍ରାମଗୁଡ଼ିକୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "ବିଷୟବସ୍ତୁ ନିଷ୍ପାଦନ କରିବାକୁ auditadm କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:6
msgid ""
@@ -2456,11 +2457,11 @@ msgstr "ଆପଣ ଚାଳକକୁ radius ସର୍ଭର ବ୍ୟବହା
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "ଗୋଟିଏ yubikey ସର୍ଭର ବ୍ୟବହାର କରି ବ୍ୟବହାରକାରୀମାନଙ୍କୁ ଲଗଇନ୍‌ ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "awstats କୁ Apache ଲଗଗୁଡ଼ିକୁ ବାହାର କରିବା ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:10
msgid ""
@@ -2528,11 +2529,11 @@ msgstr "ଆପଣ ସମସ୍ତ ଡେମନମାନଙ୍କୁ ଟର୍ମ
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "dan କୁ ବ୍ୟବହାରକାରୀ ଫାଇଲଗୁଡ଼ିକୁ ପରିଚାଳନା କରିବା ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "dan କୁ ବ୍ୟବହାରକାରୀ ଫାଇଲଗୁଡ଼ିକୁ ପଢ଼ିବା ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2599,7 +2600,7 @@ msgstr "ଆପଣ fenced ଡମେନକୁ ssh ନିଷ୍ପାଦନ କର
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "ସମସ୍ତ ଡମେନଗୁଡ଼ିକୁ fips_mode ରେ ନିଷ୍ପାଦନ କରିବା ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2699,7 +2700,7 @@ msgstr "gssd କୁ ଅସ୍ଥାୟୀ ଡିରେକ୍ଟୋରୀକୁ
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "ବିଷୟବସ୍ତୁ ନିଷ୍ପାଦନ କରିବା ପାଇଁ ଅତିଥିମାନଙ୍କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:65
msgid ""
@@ -2854,7 +2855,7 @@ msgstr "httpd କୁ openstack ପୋର୍ଟଗୁଡ଼ିକରେ ଅଭି
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "Apache କୁ NS ବିବରଣୀଗୁଡ଼ିକୁ ଅନୁସନ୍ଧାନ କରିବା ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2951,7 +2952,7 @@ msgstr "ବନ୍ଧିତ ପ୍ରୟୋଗମାନଙ୍କୁ usb ଉପକ
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "ପ୍ରୟୋଗଗୁଡ଼ିକୁ ବନ୍ଦ କରିବା ପାଇଁ openshift କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3116,7 +3117,7 @@ msgstr "sasl କୁ shadow ପଢ଼ିବା ପାଇଁ ଅନୁମତି
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "ବିଷୟବସ୍ତୁକୁ ନିଷ୍ପାଦନ କରିବା ପାଇଁ secadm କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:162
msgid ""
@@ -3188,7 +3189,7 @@ msgstr "ଚାଳକମାନଙ୍କୁ TCP ସର୍ଭରଗୁଡ଼ିକ
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "ssh chroot ପରିବେଶକୁ ବ୍ୟବହାର କରିବା ପାଇଁ ବ୍ୟବହାରକାରୀମାନଙ୍କୁ ଅନୁମତି ଦିଅନ୍ତୁ।"
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3270,7 +3271,7 @@ msgstr "ssh ଲଗଇନକୁ sysadm_r:sysadm_t ପରି ଅନୁମତି
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "ବିଷୟବସ୍ତୁ ନିଷ୍ପାଦନ କରିବା ପାଇଁ କାର୍ଯ୍ୟକର୍ତ୍ତାମାନଙ୍କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3278,7 +3279,7 @@ msgstr "svirt ଡମେନଗୁଡ଼ିକରେ କର୍ମଚାରୀ ବ
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "ବିଷୟବସ୍ତୁକୁ ନିଷ୍ପାଦନ କରିବା ପାଇଁ sysadm କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:194
msgid ""
@@ -3297,7 +3298,7 @@ msgstr "tftp କୁ ସର୍ବସାଧାରଣ ଫାଇଲ ପରିବହ
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "ଚାଳକ ମୂଖ୍ୟ ଡିରେକ୍ଟୋରୀଗୁଡ଼ିକରେ ଫାଇଲଗୁଡ଼ିକୁ ପଢ଼ିବା ଏବଂ ଲେଖିବା ପାଇଁ tftp କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3305,7 +3306,7 @@ msgstr "tor ଡେମନକୁ tcp ସକେଟଗୁଡ଼ିକରେ ସମ
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "tor କୁ ଏକ ରିଲେ ଭାବରେ କାର୍ଯ୍ୟକରିବାକୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:200
msgid ""
@@ -3353,7 +3354,7 @@ msgstr "SAMBA ମୂଳ ସ୍ଥାନ ଡିରେକ୍ଟୋରୀଗୁଡ
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "ବିଷୟବସ୍ତୁ ନିଷ୍ପାଦନ କରିବା ପାଇଁ ବ୍ୟବହାରକାରୀଙ୍କୁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3383,7 +3384,7 @@ msgstr "ବନ୍ଧିତ ଆଭାସୀ ଅତିଥିମାନଙ୍କୁ
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "ସୀମିତ ଆଭାସୀ ଅତିଥିମାନଙ୍କୁ rawip ସକେଟଗୁଡ଼ିକ ସହିତ କାର୍ଯ୍ୟ କରିବା ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3447,7 +3448,7 @@ msgstr "xguest ଚାଳକମାନଙ୍କୁ ନେଟୱର୍କ ପରି
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "xguest କୁ ବିଷୟବସ୍ତୁ ନିଷ୍ପାଦନ ପାଇଁ ଅନୁମତି ଦିଅନ୍ତୁ"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/pt_BR.po b/policycoreutils/po/pt_BR.po
index 92b06d6..b56bcf6 100644
--- a/policycoreutils/po/pt_BR.po
+++ b/policycoreutils/po/pt_BR.po
@@ -6,7 +6,7 @@
# Diego Búrigo Zacarão <diegobz@gmail.com>, 2006.
# Frederico Madeira <fred@madeira.eng.br>, 2008.
# Glaucia Cintra <gcintra@redhat.com>, 2010.
-# Glaucia Freitas <gcintra@redhat.com>, 2012.
+# Glaucia Freitas <gcintra@redhat.com>, 2012-2013.
# Igor Pires Soares <igor@projetofedora.org>, 2006, 2007, 2008, 2009.
# Og Maciel <ogmaciel@gnome.org>, 2008.
# Oliver Silva <oliverpsilva@gmail.com>, 2008.
@@ -17,8 +17,8 @@ msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-04-08 00:09+0000\n"
+"Last-Translator: Glaucia Freitas <gcintra@redhat.com>\n"
"Language-Team: Portuguese (Brazil) <trans-pt_br@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -294,7 +294,7 @@ msgstr "Intervalo MLS/MCS"
2013-02-08 14:44:20 +00:00
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "Serviço"
2013-02-08 14:44:20 +00:00
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -431,7 +431,7 @@ msgstr "O tipo é requerido"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "Tipo %s é inválido, deve ser um tipo de porta"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -553,12 +553,12 @@ msgstr "O protocolo está faltando ou é desconhecido"
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "O tipo de nó do SELinux é requerido."
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "Tipo %s é inválido, deve ser um tipo de nó"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -792,7 +792,7 @@ msgstr "A espec do arquivo %s conflita com a regra de equivalência '%s %s'; Ten
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "Tipo %s é inválido, deve ser um arquivo ou tipo de dispositivo"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2180,11 +2180,11 @@ msgstr "O caminho pelo qual as páginas man SELinux geradas serão armazenadas"
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "nome do SO para páginas man"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "Gerar estrutura de páginas man HTML para página man do SELinux selecionada."
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2232,7 +2232,7 @@ msgstr "consultar a Política SELinux para verificar a descrição dos booleanos
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "Obter todos os detalhes dos booleanos"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2254,11 +2254,11 @@ msgstr "domínio do processo do destino"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "É necessário um Comando para este tipo de política"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "Listar as interfaces da Política do SELinux"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2266,15 +2266,15 @@ msgstr "Gerar o modelo do módulo da Política SELinux"
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "Inserir o tipo de domínio que você está extendendo"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "Insira o(s) usuário(s) SELinux que farão a transição para este domínio"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "Insira domínio(s) que este admin confinado irá administrar"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2282,7 +2282,7 @@ msgstr "o nome da política a ser gerada"
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "caminho onde os arquivos de políticas gerados serão armazenados"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2296,7 +2296,7 @@ msgstr "executável para configuração"
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "Gerar política para %s"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2304,16 +2304,16 @@ msgstr "comandos"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "Alternar a política SELinux, padrão para "
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "Não foi instalada nenhuma política SELinux"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "Falha ao ler sobre o arquivo de política %s"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2325,27 +2325,27 @@ msgstr "Serviços da Internet Daemon"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "Tipo de Domínio Existente"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "Função de Usuário do Login de Terminal Mínimo"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "Função do Usuário do Login X Windows Mínimo"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "Função de Usuário de Login de Desktop"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "Função de Usuário de Login de Administrador"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "Função de Administrador do Usuário Root Confinado"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2358,12 +2358,12 @@ msgstr "As portas devem ser números ou intervalos de números de 1 à %d"
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "Você precisa inserir um tipo de política válido"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "Você precisa inserir um nome para seu módulo de política para seu %s."
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2402,7 +2402,7 @@ msgstr "Os tipos de USUÁRIOS obtém automaticamente um tipo de tmp"
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "módulos de política %s requerem domínios existentes"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2422,7 +2422,7 @@ msgstr "Arquivo de Contextos de arquivo"
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "Arquivos Spec"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2444,11 +2444,11 @@ msgstr "Permitir que o amavis use o compilador JIT"
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "Permitir que programas antivirus leiam os arquivos sem segurança em um sistema."
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "Permitir que o auditadm execute o conteúdo"
#: booleans.py:6
msgid ""
@@ -2462,11 +2462,11 @@ msgstr "Permitir que os usuários efetuem o login usando o servidor radius"
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "Permitir que usuários se autentiquem utilizando um servidor yubikey"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "Permitir que o awstats puxe os logs do Apache"
#: booleans.py:10
msgid ""
@@ -2534,11 +2534,11 @@ msgstr "Permitir todos os daemons a habilidade de ler/gravar terminais"
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "Permitir que o dan gerencie arquivos de usuários"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "Permitir que o dan leia arquivos de usuários"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2605,7 +2605,7 @@ msgstr "Permitir domínio com cerca para executar ssh."
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "Permitir que todos os domínios executem no flps_mode"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2705,7 +2705,7 @@ msgstr "Permitir gssd ler o diretório temp. Para acesso ao kerberos tgt."
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "Permitir que convidados executem o conteúdo"
#: booleans.py:65
msgid ""
@@ -2860,7 +2860,7 @@ msgstr "Permitir httpd acessar portas openstack"
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "Permitir que o Apache pesquise recordes NS"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2957,7 +2957,7 @@ msgstr "Permitir aplicativos confinados usarem memória compartilhada nsdc."
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "Permitir que o openshift bloqueie o aplicativo"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3122,7 +3122,7 @@ msgstr "Permitir sasl ler shadow"
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "Permitir que o secadm execute o conteúdo"
#: booleans.py:162
msgid ""
@@ -3194,7 +3194,7 @@ msgstr "Permitir usuários rodarem servidores TCP (bind às portas e aceitar con
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "Permitir que o usuário utilize o ambiente do ssh chroot."
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3276,7 +3276,7 @@ msgstr "Permitir ssh efetue o login como sysadm_r:sysadm_t"
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "Permitir que o staff execute o conteúdo"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3284,7 +3284,7 @@ msgstr "permitir usuário funcionário criar e transitar aos domínios svirt."
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "Permitir que o sysadm execute o conteúdo"
#: booleans.py:194
msgid ""
@@ -3303,7 +3303,7 @@ msgstr "Permitir tfto modificar arquivos públicos para serviços de transferên
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "Permitir que o tftp leia e grave arquivos nos diretórios home do usuário"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3311,7 +3311,7 @@ msgstr "Permitir tor daemon a efetuar o bind nos soquetes TCP em todas as portas
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "Permitir que tor aja como um substituto"
#: booleans.py:200
msgid ""
@@ -3359,7 +3359,7 @@ msgstr "Suporta diretórios principais SAMBA"
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "Permitir que usuário execute um conteúdo"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3389,7 +3389,7 @@ msgstr "Permitir convidados virtuais confinados gerenciarem arquivos nfs"
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "Permitir que convidados virtuais confinados interajam com os soquetes rawip"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3453,7 +3453,7 @@ msgstr "Permitir usuários xguest configurarem Gerenciador da Rede e conectar à
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "Permitir que xguest execute o conteúdo"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/ru.po b/policycoreutils/po/ru.po
index 60da8e5..9efc137 100644
--- a/policycoreutils/po/ru.po
+++ b/policycoreutils/po/ru.po
@@ -7,14 +7,15 @@
# Andrew Martynov <andrewm@inventa.ru>, 2006, 2007.
# <iya777@yandex.ru>, 2012.
# Yulia <ypoyarko@redhat.com>, 2006, 2010.
+# Yulia <yulia.poyarkova@redhat.com>, 2013.
# Yulia <yulia.poyarkova@redhat.com>, 2012.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-04-08 04:12+0000\n"
+"Last-Translator: Yulia <yulia.poyarkova@redhat.com>\n"
"Language-Team: Russian <trans-ru@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -71,7 +72,7 @@ msgstr "Нет контекста в файле %s\n"
#: ../run_init/run_init.c:361
#, c-format
msgid "Sorry, run_init may be used only on a SELinux kernel.\n"
-msgstr "Извините, run_init может быть использовано только для ядра с SELinux.\n"
+msgstr "run_init может использоваться только для ядра с SELinux.\n"
#: ../run_init/run_init.c:380
#, c-format
@@ -290,7 +291,7 @@ msgstr "Диапазон MLS/MCS"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "Служба"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -421,13 +422,13 @@ msgstr "Невозможно создать ключ для %s/%s"
#: ../semanage/seobject.py:991
msgid "Type is required"
-msgstr "Требуется задание типа"
+msgstr "Необходимо указать тип."
#: ../semanage/seobject.py:994 ../semanage/seobject.py:1056
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "Недопустимый тип: %s. Необходимо указать тип порта."
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -549,12 +550,12 @@ msgstr "Протокол отсутствует или неизвестен"
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "Требуется тип узла SELinux."
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "Недопустимый тип: %s. Необходимо указать тип узла."
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -788,7 +789,7 @@ msgstr "Спецификация файла %s противоречит прав
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "Недопустимый тип: %s. Необходимо указать тип файла или устройства."
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2176,11 +2177,11 @@ msgstr "путь к создаваемым справочным страница
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "имя ОС для справочных страниц"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "Сформировать HTML-структуру справочных страниц для выбранной страницы SELinux"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2228,7 +2229,7 @@ msgstr "Запрос описания логических значений в
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "получить описание всех логических переменных"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2250,11 +2251,11 @@ msgstr "целевой домен обработки"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "Необходимо определить команду для этого типа политики"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "Показать интерфейсы для SELinux"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2262,15 +2263,15 @@ msgstr "Создать шаблон модуля политики SELinux"
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "Введите тип наращиваемого домена"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "Введите пользователей SELinux для переноса в этот домен"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "Введите домены, которыми будет управлять этот администратор"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2278,7 +2279,7 @@ msgstr "имя генерируемой политики"
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "путь к каталогу с файлами политики."
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2292,7 +2293,7 @@ msgstr "ограничиваемая программа"
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "Создать политику для %s"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2300,16 +2301,16 @@ msgstr "команды"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "Альтернативная политика SELinux. По умолчанию /sys/fs/selinux/policy"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "Политика SELinux не установлена."
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "Ошибка чтения файла %s"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2321,27 +2322,27 @@ msgstr "Inetd"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "Тип существующего домена"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "Минимальная роль авторизации в терминале"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "Минимальная роль авторизации X Windows"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "Роль авторизации на рабочем столе"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "Роль авторизации администратора"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "Ограниченная роль администратора root"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2354,12 +2355,12 @@ msgstr "Номер порта должен лежать в диапазоне о
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "Необходимо ввести действительный тип политики"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "Необходимо ввести имя модуля политики для %s."
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2398,7 +2399,7 @@ msgstr "Типам USER автоматически назначается тип
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "Модули %s требуют наличия существующих доменов."
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2418,7 +2419,7 @@ msgstr "Файл контекстов"
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "Файл спецификаций"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2440,11 +2441,11 @@ msgstr "Разрешить amavis использовать компилятор
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "Разрешить антивирусам осуществлять чтение файлов, не имеющих отношения к безопасности"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "Разрешить auditadm выполнять содержимое"
#: booleans.py:6
msgid ""
@@ -2458,11 +2459,11 @@ msgstr "Разрешить авторизацию пользователей п
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "Разрешить авторизацию пользователей через сервер yubikey"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "Разрешить awstats очищать журналы Apache"
#: booleans.py:10
msgid ""
@@ -2476,7 +2477,7 @@ msgstr "Разрешить clamd использовать компилятор J
#: booleans.py:12
msgid "Allow clamscan to non security files on a system"
-msgstr "Разрешить доступ clamscan к незащищенным файлам в системе"
+msgstr "Разрешить clamscan обращаться к файлам, не имеющим отношения к безопасности"
#: booleans.py:13
msgid "Allow clamscan to read user content"
@@ -2530,11 +2531,11 @@ msgstr "Разрешить службам осуществлять запись
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "Разрешить dan управлять файлами пользователей"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "Разрешить dan осуществлять чтение файлов пользователей"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2601,7 +2602,7 @@ msgstr "Разрешить изолированному домену осуще
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "Разрешить выполнение доменов в режиме fips_mode"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2701,7 +2702,7 @@ msgstr "Разрешить gssd осуществлять чтение време
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "Разрешить гостю выполнять содержимое"
#: booleans.py:65
msgid ""
@@ -2856,7 +2857,7 @@ msgstr "Разрешить доступ httpd к портам openstack"
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "Разрешить Apache запрашивать записи NS"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2953,7 +2954,7 @@ msgstr "Разрешить ограничиваемым приложениям
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "Разрешить openshift блокировать приложение"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3118,7 +3119,7 @@ msgstr "Разрешить sasl осуществлять чтение shadow"
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "Разрешить secadm выполнять содержимое"
#: booleans.py:162
msgid ""
@@ -3190,7 +3191,7 @@ msgstr "Разрешить пользователям запускать сер
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "Разрешить пользователю использовать окружение chroot."
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3272,7 +3273,7 @@ msgstr "Разрешить SSH-авторизацию как sysadm_r:sysadm_t"
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "Разрешить staff выполнять содержимое"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3280,7 +3281,7 @@ msgstr "Разрешить пользователю staff создавать и
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "Разрешить sysadm выполнять содержимое"
#: booleans.py:194
msgid ""
@@ -3299,7 +3300,7 @@ msgstr "Разрешить tftp изменять файлы, используе
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "Разрешить ftp читать и записывать файлы в домашних каталогах"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3307,7 +3308,7 @@ msgstr "Разрешить службе tor осуществлять привя
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "Разрешить tor выступать в роли ретранслятора"
#: booleans.py:200
msgid ""
@@ -3355,7 +3356,7 @@ msgstr "Поддержка домашних каталогов SAMBA"
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "Разрешить пользователю выполнять содержимое"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3385,7 +3386,7 @@ msgstr "Разрешить ограничиваемым виртуальным
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "Разрешить взаимодействие ограничиваемых виртуальных гостей с сокетами rawip"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3449,7 +3450,7 @@ msgstr "Разрешить пользователям xguest изменять н
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "Разрешить xguest выполнять содержимое"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/ta.po b/policycoreutils/po/ta.po
index a8593c5..d39d8c1 100644
--- a/policycoreutils/po/ta.po
+++ b/policycoreutils/po/ta.po
@@ -7,14 +7,14 @@
# I felix <ifelix@redhat.com>, 2007.
# I Felix <ifelix@redhat.com>, 2010.
# I. Felix <ifelix@redhat.com>, 2009-2010.
-# Shantha kumar <shkumar@redhat.com>, 2012.
+# Shantha kumar <shkumar@redhat.com>, 2012-2013.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-03-29 09:17+0000\n"
+"Last-Translator: shkumar <shkumar@redhat.com>\n"
"Language-Team: Tamil <tamil-users@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -290,7 +290,7 @@ msgstr "MLS/MCS வரையறை"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "சேவை"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -427,7 +427,7 @@ msgstr "வகை தேவைப்படுகிறது"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "வகை %s செல்லாதது, அது ஒரு முனைய வகையாக இருக்க வேண்டும்"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -549,12 +549,12 @@ msgstr "தெரியாத அல்லது விடுபட்ட பி
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "SELinux கனு வகை தேவைப்படுகிறது"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "வகை %s செல்லாதது, அது ஒரு கனு வகையாக இருக்க வேண்டும்"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -788,7 +788,7 @@ msgstr "கோப்பு spec %s ஆனது சமான விதி '%s %s
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "வகை %s செல்லாதது, அது ஒரு கோப்பு அல்லது சாதன வகையாக இருக்க வேண்டும்"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2176,11 +2176,11 @@ msgstr "உருவாக்கப்படும் SELinux உதவிப்
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "கையேட்டுப் பக்கங்களுக்கான OS இன் பெயர்"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "தேர்ந்தெடுத்த SELinux கையேட்டுப் பக்கத்திற்கு HTML கையேட்டுப் பக்கங்கள் கட்டமைப்பை உருவாக்கவும்"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2228,7 +2228,7 @@ msgstr "பூலியன்களின் விளக்கத்தை அ
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "அனைத்து பூலியன் விளக்கங்களையும் பெறுக"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2250,11 +2250,11 @@ msgstr "இலக்கு செயலாக்க டொமைன்"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "இந்த வகை கொள்கைக்குத் தேவையான கட்டளை"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "SELinux கொள்கை இடைமுகங்களை பட்டியலிடு"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2262,15 +2262,15 @@ msgstr "SELinux கொள்கை தொகுதிக்கூறூ வா
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "நீங்கள் நீட்டிக்க உள்ள களத்தின் வகையை உள்ளிடவும்"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "இந்த களத்தில் செயல்படும் SELinux பயனர்களை உள்ளிடவும்"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "இந்த கட்டுப்படுத்தப்பட்ட நிர்வாகி நிர்வகிக்கும் களங்களை உள்ளிடவும்"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2278,7 +2278,7 @@ msgstr "உருவாக்க வேண்டிய கொள்கையி
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "உருவாக்கப்படும் கொள்கைக் கோப்புகள் சேமிக்கப்படும் பாதை"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2292,7 +2292,7 @@ msgstr "கட்டுப்படுத்த வேண்டிய இயக
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "%s க்கு கொள்கையை உருவாக்கவும்"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2300,16 +2300,16 @@ msgstr "கட்டளைகள்"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "மாற்று SELinux கொள்கை, முன்னிருப்பு மதிப்பு /sys/fs/selinux/policy ஆகும்"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "SELinux கொள்கை நிறுவப்படவில்லை"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "கொள்கை கோப்பு %s ஐ வாசிக்க முடியவில்லை"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2321,27 +2321,27 @@ msgstr "இணைய சேவைகள் டெமான்"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "முன்பே உள்ள டொமைன் வகை"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "குறைந்த முனைய புகுபதிவு பயனர் பங்கு"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "குறைந்தபட்ச X சாளரங்கள் புகுபதிவு பயனர் பங்கு"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "டெஸ்க்டாப் புகுபதிவு பயனர் பங்கு"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "நிர்வாகி புகுபதிவு பயனர் பங்கு"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "கட்டுப்படுத்தப்பட்ட ரூட் நிர்வாகி பங்கு"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2354,12 +2354,12 @@ msgstr "முனையங்கள் எண்ணாக இருக்க வ
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "செல்லுபடியான ஒரு கொள்கை வகையை உள்ளிட வேண்டும்"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "உங்கள் %s க்கான உங்கள் கொள்கை தொகுதிக்கூறுக்கு ஒரு பெயரை உள்ளிட வேண்டும்."
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2398,7 +2398,7 @@ msgstr "USER வகைகள் தானாகவே ஒரு tmp வகைய
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "%s கொள்கை தொகுதிக்கூறுகளுக்கு முன்பே உள்ள களங்கள் தேவை"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2418,7 +2418,7 @@ msgstr "கோப்பு சூழல்கள் கோப்பு"
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "விவரக்குறிப்புக் கோப்பு"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2440,11 +2440,11 @@ msgstr "JIT கம்பைலரைப் பயன்படுத்த amavis
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "வைரஸ் எதிர்ப்பு நிரல்கள் ஒரு கணினியில் உள்ள பாதுகாப்பல்லாத கோப்புகளை வாசிக்க அனுமதிக்கவும்"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "பொருளடக்கத்தை exec செய்ய auditadm ஐ அனுமதிக்கவும்"
#: booleans.py:6
msgid ""
@@ -2458,11 +2458,11 @@ msgstr "ஒரு ஆர சேவையகத்தை பயன்படுத
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "பயனர்கள் yubikey சேவையகத்தைப் பயன்படுத்தி புகுபதிவு செய்ய அனுமதிக்கவும்"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "Apache பதிவுகளை அழிக்க awstats ஐ அனுமதிக்கவும்"
#: booleans.py:10
msgid ""
@@ -2530,11 +2530,11 @@ msgstr "அனைத்து டெமான்களுக்கும் ட
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "பயனர் கோப்புகளை நிர்வகிக்க dan ஐ அனுமதிக்கவும்"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "பயனர் கோப்புகளை வாசிக்க dan ஐ அனுமதிக்கவும்"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2601,7 +2601,7 @@ msgstr "ssh-ஐ பயன்படுத்தி பிணையத்திற
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "fips_mode இல் இயங்க அனைத்து களங்களையும் அனுமதிக்கவும்"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2701,7 +2701,7 @@ msgstr "gssd-ஐ தற்காலிக அடைவை வாசிப்ப
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "பொருளடக்கத்தை exec செய்ய விருந்தினர்களை அனுமதிக்கவும்"
#: booleans.py:65
msgid ""
@@ -2856,7 +2856,7 @@ msgstr "httpd ஆனது openstack முனையங்களை அணுக
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "NS பதிவுகளை வினவ Apache ஐ அனுமதிக்கவும்"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2953,7 +2953,7 @@ msgstr "வரையறுக்கப்பட்ட பயன்பாடு
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "பயன்பாட்டை லாக்டவுன் செய்ய openshift ஐ அனுமதிக்கவும்"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3118,7 +3118,7 @@ msgstr "sasl-ஐ நிழலை வாசிக்க அனுமதிக்
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "பொருளடக்கத்தை exec செய்ய secadm ஐ அனுமதிக்கவும்"
#: booleans.py:162
msgid ""
@@ -3190,7 +3190,7 @@ msgstr "பயனர்களை TCP சேவையகங்களை இயக
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "ssh chroot சூழலைப் பயன்படுத்த பயனரை அனுமதிக்கவும்."
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3272,7 +3272,7 @@ msgstr "ssh ஆக sysadm_r:sysadm_t உட்புக அனுமதிக்
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "பொருளடக்கத்தை exec செய்ய staff ஐ அனுமதிக்கவும்"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3280,7 +3280,7 @@ msgstr "பணியாளர் பயனர் svirt டொமைன்கள
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "பொருளடக்கத்தை exec செய்ய sysadm ஐ அனுமதிக்கவும்"
#: booleans.py:194
msgid ""
@@ -3299,7 +3299,7 @@ msgstr "பொது கோப்பு பரிமாற்ற சேவைக
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "பயனர்களின் முகப்பு அடைவுகளிலுள்ள கோப்புகளை எழுத tftp ஐ அனுமதிக்கவும்"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3307,7 +3307,7 @@ msgstr "tor டொமைன் tcp சாக்கெட்டுகளை ம
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "ஒரு ரிலேவாக செயல்பட tor ஐ அனுமதிக்கவும்"
#: booleans.py:200
msgid ""
@@ -3355,7 +3355,7 @@ msgstr "SAMBA முகப்பு அடைவுகளுக்கு ஆத
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "பொருளடக்கத்தை exec செய்ய பயனரை அனுமதிக்கவும்"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3385,7 +3385,7 @@ msgstr "வரையறுக்கப்பட்ட மெய்நிகர
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "கட்டுப்படுத்தப்பட்ட விருந்தினர்கள் rawip சாக்கெட்டுகளுடன் செயல்படுவதை அனுமதிக்கவும்"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3449,7 +3449,7 @@ msgstr "xguest பயனர்களை பிணைய நிர்வாகி
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "பொருளடக்கத்தை exec செய்ய xguest ஐ அனுமதிக்கவும்"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/te.po b/policycoreutils/po/te.po
index 044ce97..e20a5e2 100644
--- a/policycoreutils/po/te.po
+++ b/policycoreutils/po/te.po
@@ -4,13 +4,14 @@
#
# Translators:
# Krishna Babu K <kkrothap@redhat.com>, 2008-2010,2012.
+# Krishna Babu K <kkrothap@redhat.com>, 2008-2010,2012, 2013.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-03-29 12:11+0000\n"
+"Last-Translator: Krishnababu Krothapalli <krisnababu@gmail.com>\n"
"Language-Team: Telugu (http://www.transifex.com/projects/p/fedora/language/te/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -286,7 +287,7 @@ msgstr "MLS/MCS వ్యాప్తి"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "సేవ"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -423,7 +424,7 @@ msgstr "రకము అవసరము"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "రకం %s చెల్లనిది, తప్పక పోర్టు రకం కావాలి"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -545,12 +546,12 @@ msgstr "తెలియని లేదా తప్పిపోయిన ని
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "SELinux నోడ్ రకం అవసరమైంది"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "రకం %s చెల్లనిది, తప్పక నోడ్ రకం కావాలి"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -784,7 +785,7 @@ msgstr "ఫైల్ స్పెక్ %s అనునది సరితూగ
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "రకం %s చెల్లనిది, తప్పక ఫైలు లేదా పరికరం రకం కావాలి"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2172,11 +2173,11 @@ msgstr "పుట్టించిన SELinux man పేజీలు నిల
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "man పేజీల కొరకు OS యొక్క పేరు"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "ఎంపికచేసిన SELinux man పేజీ కొరకు HTML man పేజీల ఆకృతిని జనియింపచేయును"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2224,7 +2225,7 @@ msgstr "బూలియన్స్ వివరణను చూడుటకు
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "అన్ని బూలియన్ల వివరణలను పొందును"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
@@ -2246,11 +2247,11 @@ msgstr "లక్ష్యపు ప్రోసెస్ డొమైన్"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "ఈ రకమైన విధానం కొరకు ఆదేశం అవసరం"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "SELinux విధానం యింటర్ఫేసులను జాబితాచేయును"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
@@ -2258,15 +2259,15 @@ msgstr "SELinux విధానం మాడ్యూల్ మాదిరి
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "మీరు విస్తరించు డొమైన్ రకములను ప్రవేశపెట్టండి"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "ఈ డొమైన్‌కు బదిలీ అగు SELinux వాడుకరు(ల)ను ప్రవేశపెట్టుము"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "ఈ లోబడిన నిర్వహణాధికారి నిర్వహించు డొమైన్(ల)ను ప్రవేశపెట్టుము"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
@@ -2274,7 +2275,7 @@ msgstr "పుట్టించుటకు విధానం పేరు"
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "జనియింపచేసిన విధానపు ఫైళ్ళు నిల్వవుండు పాత్"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
@@ -2288,7 +2289,7 @@ msgstr "ఎల్లకు నిర్వర్తనం"
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "%s కొరకు విధానం జనియింపచేయి"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
@@ -2296,16 +2297,16 @@ msgstr "ఆదేశాలు"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "ప్రత్యామ్నాయ SELinux విధానం, /sys/fs/selinux/policy కు అప్రమేయమగును"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "SELinux విధానం సంస్థాపించలేదు"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "%s విధానం ఫైలు చదువుటకు విఫలమైను"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2317,27 +2318,27 @@ msgstr "ఇంటర్నెట్ సేవల డెమోన్"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "ఉన్న డొమైన్ రకం"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "కనీసపు టెర్మినల్ లాగిన్ వాడుకరి పాత్ర"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "గరిష్టపు X విండోస్ లాగిన్ వాడుకరి పాత్ర"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "డెస్కుటాప్ లాగిన్ వాడుకరి పాత్ర"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "నిర్వహణాధికారి లాగిన్ వాడుకరి పాత్ర"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "లోబడిన Root నిర్వహణాధికారి పాత్ర"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
@@ -2350,12 +2351,12 @@ msgstr "పోర్ట్స్‍ తప్పక సంఖ్యలు లే
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "మీరు తప్పక చెల్లునటువంటి విధాన రకం ప్రవేశపెట్టాలి"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "మీ విధాన మాడ్యూల్ కొరకు మీ %s కొరకు మీరు తప్పక వొక పేరు ప్రవేశపెట్టాలి."
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2394,7 +2395,7 @@ msgstr "USER రకములు స్వయంచాలకంగా tmp రక
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "%s విధాన మాడ్యూళ్ళకు యిప్పటికే వున్న డొమైన్లు కావాలి"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2414,7 +2415,7 @@ msgstr "ఫైల్ కాంటెక్స్ట్‍ దస్త్రమ
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "Spec ఫైలు"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2436,11 +2437,11 @@ msgstr "amavis ను JIT కంపైలర్ వుపయోగించు
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "వ్యవస్థపైని సురక్షితం కాని ఫైళ్ళను చదువుటకు ఎంటీవైరస్ ప్రోగ్రాములను అనుమతించు"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "auditadm ను exec విషయానికి అనుమతించుము"
#: booleans.py:6
msgid ""
@@ -2454,11 +2455,11 @@ msgstr "రేడియస్ సేవిక వుపయోగించు వ
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "yubikey సేవిక వుపయోగించి లాగిన్ అవుటకు వాడుకరులను అనుమతించు"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "అపాచీ లాగ్స్ కొట్టివేయుటకు awstats ను అనుమతించు"
#: booleans.py:10
msgid ""
@@ -2526,11 +2527,11 @@ msgstr "టెర్మినల్సు చదువ/వ్రాయ గల
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "వాడుకరి ఫైళ్ళను నిర్వహించుటకు dan ను అనుమతించు"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "వాడుకరి ఫైళ్ళను చదువుటకు dan అనుమతించు"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
@@ -2597,7 +2598,7 @@ msgstr "ssh నిర్వర్తించుటకు ఫెన్సుడ
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "fips_mode నందు నిర్వర్తించుటకు అన్ని డొమైన్లను అనుమతించు"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
@@ -2697,7 +2698,7 @@ msgstr "gssd ను temp డైరెక్టరీను చదువుటక
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "విషయాన్ని నిర్వర్తించుటకు అతిథిని అనుమతించు"
#: booleans.py:65
msgid ""
@@ -2852,7 +2853,7 @@ msgstr "httpdను ఓపెన్‌స్టాక్ పోర్టుల
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "NS రికార్డులను క్వరీ చేయుటకు అపాచీను అనుమతించు"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
@@ -2949,7 +2950,7 @@ msgstr "nscd భాగస్వామ్య మెమొరీ వుపయో
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "అనువర్తనం లాక్‌డౌన్‌కు వోపెన్‌షిఫ్టును అనుమతించు"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
@@ -3114,7 +3115,7 @@ msgstr "shadow చదువుటకు sasl ను అనుమతించు"
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "విషయాన్ని నిర్వర్తించుటకు secadm అనుమతించు"
#: booleans.py:162
msgid ""
@@ -3186,7 +3187,7 @@ msgstr "వాడుకరులను TCP సేవికలు (పోర్
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "ssh chroot యెన్విరాన్మెంటును వుపయోగించుటకు వాడుకరిని అనుమతించు."
#: booleans.py:175
msgid "Allow user music sharing"
@@ -3268,7 +3269,7 @@ msgstr "ssh లాగిన్స్‍‌ను sysadm_r:sysadm_t లా అన
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "విషయాన్ని నిర్వర్తించుటకు స్టాఫ్‌ను అనుమతించు"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
@@ -3276,7 +3277,7 @@ msgstr "స్టాఫ్ వాడుకరిని svirt డొమైన్
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "విషయాన్ని నిర్వర్తించుటకు వ్యవస్థనిర్వహణాధికారిని అనుమతించు"
#: booleans.py:194
msgid ""
@@ -3295,7 +3296,7 @@ msgstr "పబ్లిక్ ఫైల్ బదలీకరణ సేవలక
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "tftp ను వాడుకరి నివాస సంచయాల నందలి ఫైళ్ళను వ్రాయగల్గుటకు చదువగల్గుటకు అనుమతించు."
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
@@ -3303,7 +3304,7 @@ msgstr "tcp సాకెట్లను అన్ని రిజర్వుక
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "tor ను రిలే వలే వ్యవహరించుటకు అనుమతించు"
#: booleans.py:200
msgid ""
@@ -3351,7 +3352,7 @@ msgstr "SAMBA నివాస సంచయాలకు తోడ్పాటు
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "విషయాన్ని నిర్వర్తించుటకు వాడుకరిని అనుమతించు"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
@@ -3381,7 +3382,7 @@ msgstr "nfs ఫైళ్ళను నిర్వహించుటకు ని
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "లోబడిన వర్చ్యువల్ అతిధేయిలు rawip సాకెట్లతో యింటరాక్ట్ అగుటకు అనుమతించు"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
@@ -3445,7 +3446,7 @@ msgstr "నెట్వర్కు నిర్వాహిక ఆకృతీ
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "విషయాన్ని నిర్వర్తించుటకు xguest అనుమతించు"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
diff --git a/policycoreutils/po/zh_TW.po b/policycoreutils/po/zh_TW.po
index 6673f00..71477ef 100644
--- a/policycoreutils/po/zh_TW.po
+++ b/policycoreutils/po/zh_TW.po
@@ -4,16 +4,16 @@
#
# Translators:
# Chester Cheng <ccheng@brisbane.redhat.com>, 2006.
-# Chester Cheng <ccheng@redhat.com>, 2006,2012.
+# Chester Cheng <ccheng@redhat.com>, 2006,2012-2013.
# Terry Chuang <tchuang at redhat>, 2010.
-# Terry Chuang <tchuang@redhat.com>, 2008-2010,2012.
+# Terry Chuang <tchuang@redhat.com>, 2008-2010,2012-2013.
msgid ""
msgstr ""
"Project-Id-Version: Policycoreutils\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-01-04 12:01-0500\n"
-"PO-Revision-Date: 2013-01-04 17:02+0000\n"
-"Last-Translator: dwalsh <dwalsh@redhat.com>\n"
+"PO-Revision-Date: 2013-04-08 05:22+0000\n"
+"Last-Translator: Terry Chuang <tchuang@redhat.com>\n"
"Language-Team: Chinese (Taiwan) <trans-zh_TW@lists.fedoraproject.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -289,7 +289,7 @@ msgstr "MLS/MCS 範圍"
#: ../semanage/seobject.py:672
msgid "Service"
-msgstr ""
+msgstr "服務"
#: ../semanage/seobject.py:698 ../semanage/seobject.py:729
#: ../semanage/seobject.py:796 ../semanage/seobject.py:853
@@ -426,7 +426,7 @@ msgstr "需要類型"
#: ../semanage/seobject.py:1814
#, python-format
msgid "Type %s is invalid, must be a port type"
-msgstr ""
+msgstr "類型 %s 無效,此類型必須是連接埠"
#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062
#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123
@@ -548,12 +548,12 @@ msgstr "通訊協定不明或遺失"
#: ../semanage/seobject.py:1256
msgid "SELinux node type is required"
-msgstr ""
+msgstr "需要 SELinux 的節點類型"
#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327
#, python-format
msgid "Type %s is invalid, must be a node type"
-msgstr ""
+msgstr "類型 %s 無效,類型必須是個節點"
#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331
#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465
@@ -787,7 +787,7 @@ msgstr "檔案規格 %s 與相等規則 '%s %s' 發生衝突;請嘗試新增 '
#: ../semanage/seobject.py:1755
#, python-format
msgid "Type %s is invalid, must be a file or device type"
-msgstr ""
+msgstr "類型 %s 無效,類型必須是個檔案或是裝置"
#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768
#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906
@@ -2175,11 +2175,11 @@ msgstr "產生 SELinux man page 的路徑會被儲存"
#: ../sepolicy/sepolicy.py:207
msgid "name of the OS for man pages"
-msgstr ""
+msgstr "man page 的 OS名稱"
#: ../sepolicy/sepolicy.py:209
msgid "Generate HTML man pages structure for selected SELinux man page"
-msgstr ""
+msgstr "所選擇之 SELinux man page 的一般 HTML man page 結構"
#: ../sepolicy/sepolicy.py:213
msgid "All domains"
@@ -2191,97 +2191,97 @@ msgstr "要建立的 man page 之網域名稱"
#: ../sepolicy/sepolicy.py:221
msgid "Query SELinux policy network information"
-msgstr ""
+msgstr "查詢 SELinux 政策網路資訊"
#: ../sepolicy/sepolicy.py:226
msgid "list all SELinux port types"
-msgstr ""
+msgstr "列出所有 SELinux 連接埠類型"
#: ../sepolicy/sepolicy.py:229
msgid "show SELinux type related to the port"
-msgstr ""
+msgstr "顯示與此連接埠相關的 SELinux 類型"
#: ../sepolicy/sepolicy.py:232
msgid "Show ports defined for this SELinux type"
-msgstr ""
+msgstr "顯示為此 SELinux 類型定義的連接埠"
#: ../sepolicy/sepolicy.py:235
msgid "show ports to which this domain can bind and/or connect"
-msgstr ""
+msgstr "顯示此網域可以綁定且/或可以連接的連接埠"
#: ../sepolicy/sepolicy.py:250
msgid "query SELinux policy to see if domains can communicate with each other"
-msgstr ""
+msgstr "查詢 SELinux 政策,看看區域是否可以互相通訊"
#: ../sepolicy/sepolicy.py:253
msgid "Source Domain"
-msgstr ""
+msgstr "來源區域"
#: ../sepolicy/sepolicy.py:256
msgid "Target Domain"
-msgstr ""
+msgstr "目標區域"
#: ../sepolicy/sepolicy.py:276
msgid "query SELinux Policy to see description of booleans"
-msgstr ""
+msgstr "查詢 SELinux 政策,以檢視布林值的描述"
#: ../sepolicy/sepolicy.py:280
msgid "get all booleans descriptions"
-msgstr ""
+msgstr "取得所有布林值的詳述"
#: ../sepolicy/sepolicy.py:282
msgid "boolean to get description"
-msgstr ""
+msgstr "取得描述的布林值"
#: ../sepolicy/sepolicy.py:301
msgid ""
"query SELinux Policy to see how a source process domain can transition to "
"the target process domain"
-msgstr ""
+msgstr "查詢 SELinux 政策,看看來源程序區域如何翻譯至目標程序區域"
#: ../sepolicy/sepolicy.py:304
msgid "source process domain"
-msgstr ""
+msgstr "來源程序區域"
#: ../sepolicy/sepolicy.py:307
msgid "target process domain"
-msgstr ""
+msgstr "目標程序區域"
#: ../sepolicy/sepolicy.py:327
msgid "Command required for this type of policy"
-msgstr ""
+msgstr "此類型政策所需要的指令"
#: ../sepolicy/sepolicy.py:347
msgid "List SELinux Policy interfaces"
-msgstr ""
+msgstr "列出 SELinux Policy 介面"
#: ../sepolicy/sepolicy.py:362
msgid "Generate SELinux Policy module template"
-msgstr ""
+msgstr "產生 SELinux 政策的模組範本"
#: ../sepolicy/sepolicy.py:365
msgid "Enter domain type which you will be extending"
-msgstr ""
+msgstr "輸入您將會延伸的區域類型"
#: ../sepolicy/sepolicy.py:368
msgid "Enter SELinux user(s) which will transition to this domain"
-msgstr ""
+msgstr "輸入將會切換至此區域的 SELinux 使用者"
#: ../sepolicy/sepolicy.py:371
msgid "Enter domain(s) that this confined admin will administrate"
-msgstr ""
+msgstr "輸入此受限之管理員將會管理的區域"
#: ../sepolicy/sepolicy.py:374
msgid "name of policy to generate"
-msgstr ""
+msgstr "要產生的政策名稱"
#: ../sepolicy/sepolicy.py:378
msgid "path in which the generated policy files will be stored"
-msgstr ""
+msgstr "所產生的政策檔案將會被存放在的路徑"
#: ../sepolicy/sepolicy.py:380
msgid "executable to confine"
-msgstr ""
+msgstr "欲限制的可執行檔"
#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387
#: ../sepolicy/sepolicy.py:390 ../sepolicy/sepolicy.py:393
@@ -2291,24 +2291,24 @@ msgstr ""
#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417
#, python-format
msgid "Generate Policy for %s"
-msgstr ""
+msgstr "為 %s 產生政策"
#: ../sepolicy/sepolicy.py:422
msgid "commands"
-msgstr ""
+msgstr "指令"
#: ../sepolicy/sepolicy.py:425
msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy"
-msgstr ""
+msgstr "替代用的 SELinux 政策,預設值為 /sys/fs/selinux/policy"
#: ../sepolicy/sepolicy/__init__.py:48
msgid "No SELinux Policy installed"
-msgstr ""
+msgstr "尚未安裝 SELinux Policy"
#: ../sepolicy/sepolicy/__init__.py:54
#, python-format
msgid "Failed to read %s policy file"
-msgstr ""
+msgstr "無法讀取 %s 政策檔案"
#: ../sepolicy/sepolicy/__init__.py:127
msgid "unknown"
@@ -2320,31 +2320,31 @@ msgstr "網際網路服務 Daemon"
#: ../sepolicy/sepolicy/generate.py:177
msgid "Existing Domain Type"
-msgstr ""
+msgstr "既有的區域類型"
#: ../sepolicy/sepolicy/generate.py:178
msgid "Minimal Terminal Login User Role"
-msgstr ""
+msgstr "最低階的終端機登入使用者角色"
#: ../sepolicy/sepolicy/generate.py:179
msgid "Minimal X Windows Login User Role"
-msgstr ""
+msgstr "最低階的 X Windows 登入使用者角色"
#: ../sepolicy/sepolicy/generate.py:180
msgid "Desktop Login User Role"
-msgstr ""
+msgstr "桌面登入使用者角色"
#: ../sepolicy/sepolicy/generate.py:181
msgid "Administrator Login User Role"
-msgstr ""
+msgstr "管理員登入使用者角色"
#: ../sepolicy/sepolicy/generate.py:182
msgid "Confined Root Administrator Role"
-msgstr ""
+msgstr "受限的 Root 管理員角色"
#: ../sepolicy/sepolicy/generate.py:187
msgid "Valid Types:\n"
-msgstr ""
+msgstr "合於規定的類型:\\n"
#: ../sepolicy/sepolicy/generate.py:221
#, python-format
@@ -2353,12 +2353,12 @@ msgstr "連接埠必須是數字或是由 1 至 %d 這個範圍內的數字"
#: ../sepolicy/sepolicy/generate.py:231
msgid "You must enter a valid policy type"
-msgstr ""
+msgstr "您必須輸入有效的政策類型"
#: ../sepolicy/sepolicy/generate.py:234
#, python-format
msgid "You must enter a name for your policy module for your %s."
-msgstr ""
+msgstr "您必須為您的 %s 之政策模組輸入一組名稱。"
#: ../sepolicy/sepolicy/generate.py:355
msgid ""
@@ -2397,7 +2397,7 @@ msgstr "USER 類型會自動地取得一項 tmp 類型"
#: ../sepolicy/sepolicy/generate.py:857
#, python-format
msgid "%s policy modules require existing domains"
-msgstr ""
+msgstr "%s 政策模組需要既有的區域"
#: ../sepolicy/sepolicy/generate.py:1059
msgid "You must enter the executable path for your confined process"
@@ -2417,7 +2417,7 @@ msgstr "檔案文本檔"
#: ../sepolicy/sepolicy/generate.py:1324
msgid "Spec file"
-msgstr ""
+msgstr "規格檔案"
#: ../sepolicy/sepolicy/generate.py:1325
msgid "Setup Script"
@@ -2426,42 +2426,42 @@ msgstr "設定 script"
#: booleans.py:1
msgid ""
"Allow ABRT to modify public files used for public file transfer services."
-msgstr ""
+msgstr "允許 ABRT 修改用於公開傳輸服務的公開檔案。"
#: booleans.py:2
msgid ""
"Allow ABRT to run in abrt_handle_event_t domain to handle ABRT event scripts"
-msgstr ""
+msgstr "允許 ABRT 在 abrt_handle_event_t 網域,已處理 ABRT 事件程序檔"
#: booleans.py:3
msgid "Allow amavis to use JIT compiler"
-msgstr ""
+msgstr "允許 amavis 使用 JIT 編譯器"
#: booleans.py:4
msgid "Allow antivirus programs to read non security files on a system"
-msgstr ""
+msgstr "允許防毒程式讀取系統上,非安全性相關的檔案"
#: booleans.py:5
msgid "Allow auditadm to exec content"
-msgstr ""
+msgstr "允許 auditadm 執行內容"
#: booleans.py:6
msgid ""
"Allow users to resolve user passwd entries directly from ldap rather then "
"using a sssd server"
-msgstr ""
+msgstr "允許使用者直接從 ldap而非 sssd 伺服器,解析使用者的 passwd 條目"
#: booleans.py:7
msgid "Allow users to login using a radius server"
-msgstr ""
+msgstr "允許使用者透過 radius 伺服器登入"
#: booleans.py:8
msgid "Allow users to login using a yubikey server"
-msgstr ""
+msgstr "允許使用者使用 yubikey 伺服器登入"
#: booleans.py:9
msgid "Allow awstats to purge Apache logs"
-msgstr ""
+msgstr "允許 awstats 清除 Apache 的紀錄"
#: booleans.py:10
msgid ""
@@ -2471,49 +2471,49 @@ msgstr "允許 cdrecord 讀取各種內容。nfs、samba、卸除式裝置、使
#: booleans.py:11
msgid "Allow clamd to use JIT compiler"
-msgstr ""
+msgstr "允許 clamd 使用 JIT 編譯器"
#: booleans.py:12
msgid "Allow clamscan to non security files on a system"
-msgstr ""
+msgstr "允許 clamscan 掃描系統上的非安全性檔案"
#: booleans.py:13
msgid "Allow clamscan to read user content"
-msgstr ""
+msgstr "允許 clamscan 讀取使用者的內容"
#: booleans.py:14
msgid ""
"Allow Cobbler to modify public files used for public file transfer services."
-msgstr ""
+msgstr "允許 Cobbler 修改用於公開傳輸服務的公開檔案。"
#: booleans.py:15
msgid "Allow Cobbler to connect to the network using TCP."
-msgstr ""
+msgstr "允許 Cobbler 使用 TCP 連接網路。"
#: booleans.py:16
msgid "Allow Cobbler to access cifs file systems."
-msgstr ""
+msgstr "允許 Cobbler 存取 cifs 檔案系統。"
#: booleans.py:17
msgid "Allow Cobbler to access nfs file systems."
-msgstr ""
+msgstr "允許 Cobbler 存取 nfs 檔案系統。"
#: booleans.py:18
msgid "Allow collectd to connect to the network using TCP."
-msgstr ""
+msgstr "允許 collectd 使用 TCP 連接網路。"
#: booleans.py:19
msgid "Allow codnor domain to connect to the network using TCP."
-msgstr ""
+msgstr "允許 condor 區域使用 TCP 連接網路。"
#: booleans.py:20
msgid ""
"Allow system cron jobs to relabel filesystem for restoring file contexts."
-msgstr ""
+msgstr "允許系統的 cron job 重新標記檔案系統,以回復檔案的 context。"
#: booleans.py:21
msgid "Allow cvs daemon to read shadow"
-msgstr ""
+msgstr "允許 cvs daemon 讀取 shadow"
#: booleans.py:22
msgid "Allow all daemons to write corefiles to /"
@@ -2521,34 +2521,34 @@ msgstr "允許所有 daemon 將 corefiles 寫至 /"
#: booleans.py:23
msgid "Allow all daemons to use tcp wrappers."
-msgstr ""
+msgstr "允許所有 daemon 使用 tcp wrapper。"
#: booleans.py:24
msgid "Allow all daemons the ability to read/write terminals"
-msgstr ""
+msgstr "允許所有 darmon 擁有讀寫終端機的能力"
#: booleans.py:25
msgid "Allow dan to manage user files"
-msgstr ""
+msgstr "允許 dan 管理使用者檔案"
#: booleans.py:26
msgid "Allow dan to read user files"
-msgstr ""
+msgstr "允許 dan 讀取使用者檔案"
#: booleans.py:27
msgid "Allow dbadm to manage files in users home directories"
-msgstr ""
+msgstr "允許 dbadm 管理使用者家目錄中的檔案"
#: booleans.py:28
msgid "Allow dbadm to read files in users home directories"
-msgstr ""
+msgstr "允許 dbadm 讀取使用者家目錄中的檔案"
#: booleans.py:29
msgid ""
"Deny user domains applications to map a memory region as both executable and"
" writable, this is dangerous and the executable should be reported in "
"bugzilla"
-msgstr ""
+msgstr "拒絕使用者區域應用程式對應記憶體區域成為可執行、可寫入,這很危險,同時可執行必須回報至 bugzilla"
#: booleans.py:30
msgid "Allow sysadm to debug or ptrace all processes."
@@ -2556,359 +2556,359 @@ msgstr "允許 sysadm 進行除錯或是 ptrace 所有程序。"
#: booleans.py:31
msgid "Allow dhcpc client applications to execute iptables commands"
-msgstr ""
+msgstr "允許 dhcpc 用戶端應用程式執行 iptables 指令"
#: booleans.py:32
msgid "Allow DHCP daemon to use LDAP backends"
-msgstr ""
+msgstr "允許 DHCP daemon 使用 LDAP 後端"
#: booleans.py:33
msgid "Allow all domains to use other domains file descriptors"
-msgstr ""
+msgstr "允許所有區域使用其他區域的檔案描述子"
#: booleans.py:34
msgid "Allow all domains to have the kernel load modules"
-msgstr ""
+msgstr "允許所有區域擁有 kernel 的載入模組"
#: booleans.py:35
msgid "Allow the use of the audio devices as the source for the entropy feeds"
-msgstr ""
+msgstr "允許使用音訊裝置作為 entropy feed 的來源"
#: booleans.py:36
msgid "Allow exim to connect to databases (postgres, mysql)"
-msgstr ""
+msgstr "允許 exim 連接資料庫 (postgres, mysql)"
#: booleans.py:37
msgid "Allow exim to create, read, write, and delete unprivileged user files."
-msgstr ""
+msgstr "允許 exim 建立、讀取、寫入、刪除沒有特權的使用者的檔案。"
#: booleans.py:38
msgid "Allow exim to read unprivileged user files."
-msgstr ""
+msgstr "允許 exim 讀取沒有特權的使用者的檔案。"
#: booleans.py:39
msgid "Enable extra rules in the cron domain to support fcron."
-msgstr ""
+msgstr "在 cron 區域中啟用額外規則,以支援 fcron。"
#: booleans.py:40
msgid "Allow fenced domain to connect to the network using TCP."
-msgstr ""
+msgstr "允許 fenced 區域使用 TCP 連接網路。"
#: booleans.py:41
msgid "Allow fenced domain to execute ssh."
-msgstr ""
+msgstr "允許 fenced 區域執行 ssh。"
#: booleans.py:42
msgid "Allow all domains to execute in fips_mode"
-msgstr ""
+msgstr "允許所有區域在 fips_mode 下執行"
#: booleans.py:43
msgid "Allow ftp to read and write files in the user home directories"
-msgstr ""
+msgstr "允許 ftp 讀寫使用者家目錄中的檔案"
#: booleans.py:44
msgid ""
"Allow ftp servers to upload files, used for public file transfer services. "
"Directories must be labeled public_content_rw_t."
-msgstr ""
+msgstr "允許 ftp 伺服器上傳檔案,用於公開檔案傳輸服務。目錄必須標示為 public_content_rw_t。"
#: booleans.py:45
msgid "Allow ftp servers to connect to all ports > 1023"
-msgstr ""
+msgstr "允許 ftp 伺服器連接所有大於 1023 的連接埠"
#: booleans.py:46
msgid "Allow ftp servers to connect to mysql database ports"
-msgstr ""
+msgstr "允許 ftp 伺服器連接 mysql 資料庫連接埠"
#: booleans.py:47
msgid ""
"Allow ftp servers to login to local users and read/write all files on the "
"system, governed by DAC."
-msgstr ""
+msgstr "允許 ftp 伺服器登入為本機使用者,並讀寫系統上的所有由 DAC 所管理的檔案。"
#: booleans.py:48
msgid "Allow ftp servers to use cifs used for public file transfer services."
-msgstr ""
+msgstr "允許 ftp 伺服器使用用於公開檔案傳輸服務的 cifs。"
#: booleans.py:49
msgid "Allow ftp servers to use nfs used for public file transfer services."
-msgstr ""
+msgstr "允許 ftp 伺服器使用用於公開檔案傳輸服務的 nfs。"
#: booleans.py:50
msgid "Allow ftp servers to use bind to all unreserved ports for passive mode"
-msgstr ""
+msgstr "允許 ftp 伺服器使用 bind 至所有未保留的連接埠,以進行被動模式"
#: booleans.py:51
msgid "Determine whether Git CGI can search home directories."
-msgstr ""
+msgstr "是否讓 Git CGI 搜尋家目錄。"
#: booleans.py:52
msgid "Determine whether Git CGI can access cifs file systems."
-msgstr ""
+msgstr "是否讓 Git CGI 存取 cifs 檔案系統。"
#: booleans.py:53
msgid "Determine whether Git CGI can access nfs file systems."
-msgstr ""
+msgstr "是否讓 Git CGI 存取 nfs 檔案系統。"
#: booleans.py:54
msgid ""
"Determine whether Git session daemon can bind TCP sockets to all unreserved "
"ports."
-msgstr ""
+msgstr "是否讓 Git session daemon 綁定 TCP socket 至所有未保留的連接埠。"
#: booleans.py:55
msgid ""
"Determine whether calling user domains can execute Git daemon in the "
"git_session_t domain."
-msgstr ""
+msgstr "呼叫使用者區域時是否可以在 git_session_t 區域中執行 Git daemon。"
#: booleans.py:56
msgid "Determine whether Git system daemon can search home directories."
-msgstr ""
+msgstr "Git 系統 daemon 是否可以搜尋家目錄。"
#: booleans.py:57
msgid "Determine whether Git system daemon can access cifs file systems."
-msgstr ""
+msgstr "Git 系統 daemon 是否可以存取 cifs 檔案系統。"
#: booleans.py:58
msgid "Determine whether Git system daemon can access nfs file systems."
-msgstr ""
+msgstr "Git 系統 daemon 是否能存取 nfs 檔案系統。"
#: booleans.py:59
msgid "Allow gitisis daemon to send mail"
-msgstr ""
+msgstr "允許 gitisis daemon 發送郵件"
#: booleans.py:60
msgid "Enable reading of urandom for all domains."
-msgstr ""
+msgstr "為所有區域啟用讀取 urandom 功能。"
#: booleans.py:61
msgid ""
"Allow usage of the gpg-agent --write-env-file option. This also allows gpg-"
"agent to manage user files."
-msgstr ""
+msgstr "允許使用 gpg-agent --write-env-file 選項。這也會允許 gpg-agent 管理使用者檔案。"
#: booleans.py:62
msgid ""
"Allow gpg web domain to modify public files used for public file transfer "
"services."
-msgstr ""
+msgstr "允許 gpg web 區域修改用於公開檔案傳輸服務的公開檔案。"
#: booleans.py:63
msgid "Allow gssd to read temp directory. For access to kerberos tgt."
-msgstr ""
+msgstr "允許 gssd 讀取 temp 目錄。用以存取 kerberos tgt。"
#: booleans.py:64
msgid "Allow guest to exec content"
-msgstr ""
+msgstr "允許客座端執行內容"
#: booleans.py:65
msgid ""
"Allow Apache to modify public files used for public file transfer services. "
"Directories/Files must be labeled public_content_rw_t."
-msgstr ""
+msgstr "允許 Apache 修改用於公開檔案傳輸服務的公開檔案。目錄 / 檔案必須標記為 public_content_rw_t。"
#: booleans.py:66
msgid "Allow httpd to use built in scripting (usually php)"
-msgstr ""
+msgstr "允許 httpd 使用內建的描述式程式 (通常是 php)"
#: booleans.py:67
msgid "Allow http daemon to check spam"
-msgstr ""
+msgstr "允許 http daemon 檢查 spam"
#: booleans.py:68
msgid ""
"Allow httpd to act as a FTP client connecting to the ftp port and ephemeral "
"ports"
-msgstr ""
+msgstr "允許 httpd 如 FTP 用戶端運作連接 ftp 連接埠與 ephemeral 連接埠"
#: booleans.py:69
msgid "Allow httpd to connect to the ldap port"
-msgstr ""
+msgstr "允許 httpd 連接 ldap 連接埠"
#: booleans.py:70
msgid "Allow http daemon to connect to zabbix"
-msgstr ""
+msgstr "允許 http daemon 連接 zabbix"
#: booleans.py:71
msgid "Allow HTTPD scripts and modules to connect to the network using TCP."
-msgstr ""
+msgstr "允許 HTTPD script 與模組透過 TCP 連接網路。"
#: booleans.py:72
msgid ""
"Allow HTTPD scripts and modules to connect to cobbler over the network."
-msgstr ""
+msgstr "允許 HTTPD script 與模組透過網路連接 cobbler。"
#: booleans.py:73
msgid ""
"Allow HTTPD scripts and modules to connect to databases over the network."
-msgstr ""
+msgstr "允許 HTTPD script 與模組透過網路連接資料庫。"
#: booleans.py:74
msgid "Allow httpd to connect to memcache server"
-msgstr ""
+msgstr "允許 httpd 連接 memcache 伺服器"
#: booleans.py:75
msgid "Allow httpd to act as a relay"
-msgstr ""
+msgstr "允許 httpd 作為中轉站"
#: booleans.py:76
msgid "Allow http daemon to send mail"
-msgstr ""
+msgstr "允許 http daemon 發送郵件"
#: booleans.py:77
msgid "Allow Apache to communicate with avahi service via dbus"
-msgstr ""
+msgstr "允許 Apache 透過 dbus 與 avahi 服務通訊"
#: booleans.py:78
msgid "Allow httpd cgi support"
-msgstr ""
+msgstr "允許支援 httpd cgi"
#: booleans.py:79
msgid "Allow httpd to act as a FTP server by listening on the ftp port."
-msgstr ""
+msgstr "允許 httpd 監聽 ftp 連接埠,成為 FTP 伺服器。"
#: booleans.py:80
msgid "Allow httpd to read home directories"
-msgstr ""
+msgstr "允許 httpd 讀取家目錄"
#: booleans.py:81
msgid "Allow httpd scripts and modules execmem/execstack"
-msgstr ""
+msgstr "允許 httpd script 與模組 execmem/execstack"
#: booleans.py:82
msgid "Allow HTTPD to connect to port 80 for graceful shutdown"
-msgstr ""
+msgstr "允許 HTTPD 連接至連接埠 80以順利關機"
#: booleans.py:83
msgid "Allow httpd processes to manage IPA content"
-msgstr ""
+msgstr "允許 httpd 程序管理 IPA 內容"
#: booleans.py:84
msgid "Allow Apache to use mod_auth_ntlm_winbind"
-msgstr ""
+msgstr "允許 Apache 使用 mod_auth_ntlm_winbind"
#: booleans.py:85
msgid "Allow Apache to use mod_auth_pam"
-msgstr ""
+msgstr "允許 Apache 使用 mod_auth_pam"
#: booleans.py:86
msgid "Allow httpd to read user content"
-msgstr ""
+msgstr "允許 httpd 讀取使用者內容"
#: booleans.py:87
msgid "Allow Apache to run in stickshift mode, not transition to passenger"
-msgstr ""
+msgstr "允許 Apache 在 stickshift 模式中執行,而非轉移至 passenger"
#: booleans.py:88
msgid "Allow httpd daemon to change its resource limits"
-msgstr ""
+msgstr "允許 httpd daemon 變更其資源限制"
#: booleans.py:89
msgid ""
"Allow HTTPD to run SSI executables in the same domain as system CGI scripts."
-msgstr ""
+msgstr "允許 HTTPD 執行與系統 CGI script 位於同樣位置的 SSI 可執行檔。"
#: booleans.py:90
msgid ""
"Allow apache scripts to write to public content, directories/files must be "
"labeled public_rw_content_t."
-msgstr ""
+msgstr "允許 apache script 寫入公開內容,目錄 / 檔案必須標記為 public_rw_content_t。"
#: booleans.py:91
msgid "Allow Apache to execute tmp content."
-msgstr ""
+msgstr "允許 Apache 執行 tmp 內容。"
#: booleans.py:92
msgid ""
"Unify HTTPD to communicate with the terminal. Needed for entering the "
"passphrase for certificates at the terminal."
-msgstr ""
+msgstr "統一 HTTPD 以與終端機進行通訊。欲在終端機中輸入憑證的密語,您將需要這麼作。"
#: booleans.py:93
msgid "Unify HTTPD handling of all content files."
-msgstr ""
+msgstr "統一所有內容檔案的 HTTPD 處理。"
#: booleans.py:94
msgid "Allow httpd to access cifs file systems"
-msgstr ""
+msgstr "允許 httpd 存取 cifs 檔案系統"
#: booleans.py:95
msgid "Allow httpd to access FUSE file systems"
-msgstr ""
+msgstr "允許 httpd 存取 FUSE 檔案系統"
#: booleans.py:96
msgid "Allow httpd to run gpg"
-msgstr ""
+msgstr "允許 httpd 執行 gpg"
#: booleans.py:97
msgid "Allow httpd to access nfs file systems"
-msgstr ""
+msgstr "允許 httpd 存取 nfs 檔案系統"
#: booleans.py:98
msgid "Allow httpd to communicate with oddjob to start up a service"
-msgstr ""
+msgstr "允許 httpd 與 oddjob 進行通訊,以啟用一項服務"
#: booleans.py:99
msgid "Allow httpd to access openstack ports"
-msgstr ""
+msgstr "允許 httpd 存取 openstack 連接埠"
#: booleans.py:100
msgid "Allow Apache to query NS records"
-msgstr ""
+msgstr "允許 Apache 查詢 NS 紀錄"
#: booleans.py:101
msgid "Allow icecast to connect to all ports, not just sound ports."
-msgstr ""
+msgstr "允許 icecast 連至所有連接埠,而不是只有音效連接埠。"
#: booleans.py:102
msgid ""
"Allow the Irssi IRC Client to connect to any port, and to bind to any "
"unreserved port."
-msgstr ""
+msgstr "允許 Irssi IRC Client 連至任何連接埠,並綁定至任何未預留的連接埠。"
#: booleans.py:103
msgid "Allow confined applications to run with kerberos."
-msgstr ""
+msgstr "允許受限的應用程式透過 kerberos 執行。"
#: booleans.py:104
msgid "Allow syslogd daemon to send mail"
-msgstr ""
+msgstr "允許 syslogd daemon 傳送郵件"
#: booleans.py:105
msgid "Allow syslogd the ability to read/write terminals"
-msgstr ""
+msgstr "允許 syslogd 讀取/寫入終端機"
#: booleans.py:106
msgid "Allow logging in and using the system from /dev/console."
-msgstr ""
+msgstr "允許登入並使用來自於 /dev/console 的系統。"
#: booleans.py:107
msgid ""
"Control the ability to mmap a low area of the address space, as configured "
"by /proc/sys/kernel/mmap_min_addr."
-msgstr ""
+msgstr "控制 mmap 一個位址空間的低區域的能力,如 /proc/sys/kernel/mmap_min_addr 所配置。"
#: booleans.py:108
msgid "Allow mock to read files in home directories."
-msgstr ""
+msgstr "允許 mock 讀取家目錄中的檔案。"
#: booleans.py:109
msgid "Allow the mount command to mount any directory or file."
-msgstr ""
+msgstr "允許 mount 指令掛載任何目錄或檔案。"
#: booleans.py:110
msgid "Allow mozilla plugin domain to connect to the network using TCP."
-msgstr ""
+msgstr "允許 mozilla 外掛區域透過 TCP 連至網路。"
#: booleans.py:111
msgid ""
"Allow mozilla_plugins to create random content in the users home directory"
-msgstr ""
+msgstr "允許 mozilla_plugins 在使用者家目錄中建立隨機內容"
#: booleans.py:112
msgid "Allow confined web browsers to read home directory content"
-msgstr ""
+msgstr "允許受限的網站瀏覽器讀取家目錄內容"
#: booleans.py:113
msgid "Allow mplayer executable stack"
@@ -2916,103 +2916,103 @@ msgstr "允許 mplayer 可執行堆疊"
#: booleans.py:114
msgid "Allow mysqld to connect to all ports"
-msgstr ""
+msgstr "允許 mysqld 連至所有連接埠"
#: booleans.py:115
msgid "Allow BIND to bind apache port."
-msgstr ""
+msgstr "允許 BIND 綁定 apache 連接埠。"
#: booleans.py:116
msgid ""
"Allow BIND to write the master zone files. Generally this is used for "
"dynamic DNS or zone transfers."
-msgstr ""
+msgstr "允許 BIND 咧入 master zone 檔案。這一般用於動態式的 DNS 或 zone 傳輸。"
#: booleans.py:117
msgid "Allow any files/directories to be exported read/only via NFS."
-msgstr ""
+msgstr "允許任何檔案/目錄透過 NFS 匯出為唯讀。"
#: booleans.py:118
msgid "Allow any files/directories to be exported read/write via NFS."
-msgstr ""
+msgstr "允許任何檔案/目錄透過 NFS 匯出為可讀寫。"
#: booleans.py:119
msgid ""
"Allow nfs servers to modify public files used for public file transfer "
"services. Files/Directories must be labeled public_content_rw_t."
-msgstr ""
+msgstr "允許 nfs 伺服器修改使用於公共檔案傳輸服務的公用檔案。檔案/目錄皆必須標記為 public_content_rw_t。"
#: booleans.py:120
msgid "Allow system to run with NIS"
-msgstr ""
+msgstr "允許系統搭配 NIS 執行"
#: booleans.py:121
msgid "Allow confined applications to use nscd shared memory."
-msgstr ""
+msgstr "允許受限的應用程式使用 nscd 共享的記憶體。"
#: booleans.py:122
msgid "Allow openshift to lockdown app"
-msgstr ""
+msgstr "允許 openshift 鎖住 app"
#: booleans.py:123
msgid "Allow openvpn to read home directories"
-msgstr ""
+msgstr "允許 openvpn 讀取家目錄"
#: booleans.py:124
msgid "Allow piranha-lvs domain to connect to the network using TCP."
-msgstr ""
+msgstr "允許 piranha-lvs 區域透過 TCP 連至網路。"
#: booleans.py:125
msgid "Allow polipo to connect to all ports > 1023"
-msgstr ""
+msgstr "允許 polipo 連至所有連接埠 > 1023"
#: booleans.py:126
msgid ""
"Determine whether Polipo session daemon can bind tcp sockets to all "
"unreserved ports."
-msgstr ""
+msgstr "決定 Polipo session daemon 是否能將 tcp socket 綁定至所有未預留的連接埠。"
#: booleans.py:127
msgid ""
"Determine whether calling user domains can execute Polipo daemon in the "
"polipo_session_t domain."
-msgstr ""
+msgstr "決定調用使用者區域是否能夠在 polipo_session_t 中執行 Polipo daemon。"
#: booleans.py:128
msgid "Determine whether polipo can access cifs file systems."
-msgstr ""
+msgstr "決定 polipo 是否能夠存取 cifs 檔案系統。"
#: booleans.py:129
msgid "Determine whether Polipo can access nfs file systems."
-msgstr ""
+msgstr "決定 Polipo 是否能存取 nfs 檔案系統。"
#: booleans.py:130
msgid "Enable polyinstantiated directory support."
-msgstr ""
+msgstr "啟用 polyinstantiated 目錄支援。"
#: booleans.py:131
msgid "Allow postfix_local domain full write access to mail_spool directories"
-msgstr ""
+msgstr "允許 postfix_local 區域擁有 mail_spool 目錄的完整寫入權限"
#: booleans.py:132
msgid "Allow postgresql to use ssh and rsync for point-in-time recovery"
-msgstr ""
+msgstr "允許 postgresql 使用 ssh 和 rsync 來進行 point-in-time 復原"
#: booleans.py:133
msgid "Allow transmit client label to foreign database"
-msgstr ""
+msgstr "允許將客戶端標籤傳輸至外部資料庫"
#: booleans.py:134
msgid "Allow database admins to execute DML statement"
-msgstr ""
+msgstr "允許資料庫管理員執行 DML 陳述式"
#: booleans.py:135
msgid "Allow unprivileged users to execute DDL statement"
-msgstr ""
+msgstr "允許無特權的使用者執行 DDL 陳述式"
#: booleans.py:136
msgid "Allow pppd to load kernel modules for certain modems"
-msgstr ""
+msgstr "允許 pppd 載入特定數據機的 kernel 模組"
#: booleans.py:137
msgid "Allow pppd to be run for a regular user"
@@ -3021,249 +3021,249 @@ msgstr "允許 pppd 以一般使用者身份運行"
#: booleans.py:138
msgid ""
"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports."
-msgstr ""
+msgstr "允許 privoxy 連至所有連接埠,而不是只有 HTTP、FTP 以及 Gopher 連接埠。"
#: booleans.py:139
msgid "Allow Puppet client to manage all file types."
-msgstr ""
+msgstr "允許 Puppet 客戶端管理所有檔案類型。"
#: booleans.py:140
msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database"
-msgstr ""
+msgstr "允許 Puppet master 連至 MySQL 和 PostgreSQL 資料庫"
#: booleans.py:141
msgid "Allow racoon to read shadow"
-msgstr ""
+msgstr "允許 racoon 讀取 shadow"
#: booleans.py:142
msgid "Allow rgmanager domain to connect to the network using TCP."
-msgstr ""
+msgstr "允許 rgmanager 區域透過 TCP 連至網路。"
#: booleans.py:143
msgid ""
"Allow rsync to modify public files used for public file transfer services. "
"Files/Directories must be labeled public_content_rw_t."
-msgstr ""
+msgstr "允許 rsync 修改使用於公共檔案傳輸服務的公用檔案。檔案/目錄皆必須標記為 public_content_rw_t。"
#: booleans.py:144
msgid "Allow rsync to run as a client"
-msgstr ""
+msgstr "允許 rsync 作為客戶端執行"
#: booleans.py:145
msgid "Allow rsync to export any files/directories read only."
-msgstr ""
+msgstr "允許 rsync 將任何檔案/目錄匯出為唯讀。"
#: booleans.py:146
msgid "Allow rsync servers to share cifs files systems"
-msgstr ""
+msgstr "允許 rsync 伺服器共享 cifs 檔案系統"
#: booleans.py:147
msgid "Allow rsync servers to share nfs files systems"
-msgstr ""
+msgstr "允許 rsync 伺服器共享 nfs 檔案系統"
#: booleans.py:148
msgid "Allow samba to create new home directories (e.g. via PAM)"
-msgstr ""
+msgstr "允許 samba 建立新的家目錄(例如透過 PAM"
#: booleans.py:149
msgid ""
"Allow samba to act as the domain controller, add users, groups and change "
"passwords."
-msgstr ""
+msgstr "允許 samba 作為區域控制器、新增使用者、群組和改變密碼。"
#: booleans.py:150
msgid "Allow samba to share users home directories."
-msgstr ""
+msgstr "允許 samba 共享使用者家目錄。"
#: booleans.py:151
msgid "Allow samba to share any file/directory read only."
-msgstr ""
+msgstr "允許 samba 將任何檔案/目錄共享為唯讀。"
#: booleans.py:152
msgid "Allow samba to share any file/directory read/write."
-msgstr ""
+msgstr "允許 samba 將任何檔案/目錄共享為可讀寫。"
#: booleans.py:153
msgid "Allow samba to act as a portmapper"
-msgstr ""
+msgstr "允許 samba 作為 portmapper 運作"
#: booleans.py:154
msgid "Allow samba to run unconfined scripts"
-msgstr ""
+msgstr "允許 samba 執行未受限的 script"
#: booleans.py:155
msgid "Allow samba to export ntfs/fusefs volumes."
-msgstr ""
+msgstr "允許 samba 匯出 ntfs/fusefs 卷冊。"
#: booleans.py:156
msgid "Allow samba to export NFS volumes."
-msgstr ""
+msgstr "允許 samba 匯出 NFS 卷冊。"
#: booleans.py:157
msgid "Allow sanlock to read/write fuse files"
-msgstr ""
+msgstr "允許 sanlock 讀/寫 fuse 檔案"
#: booleans.py:158
msgid "Allow sanlock to manage nfs files"
-msgstr ""
+msgstr "允許 sanlock 管理 nfs 檔案"
#: booleans.py:159
msgid "Allow sanlock to manage cifs files"
-msgstr ""
+msgstr "允許 sanlock 管理 cifs 檔案"
#: booleans.py:160
msgid "Allow sasl to read shadow"
-msgstr ""
+msgstr "允許 sasl 讀取 shadow"
#: booleans.py:161
msgid "Allow secadm to exec content"
-msgstr ""
+msgstr "允許 secadm 執行內容"
#: booleans.py:162
msgid ""
"disallow programs, such as newrole, from transitioning to administrative "
"user domains."
-msgstr ""
+msgstr "不讓程式(例如 newrole切換至管理使用者區域。"
#: booleans.py:163
msgid "Disable kernel module loading."
-msgstr ""
+msgstr "停用 kernel 模組載入。"
#: booleans.py:164
msgid ""
"Boolean to determine whether the system permits loading policy, setting "
"enforcing mode, and changing boolean values. Set this to true and you have "
"to reboot to set it back."
-msgstr ""
+msgstr "決定系統是否要允許載入政策、設定強制模式和更改布林值的 Boolean。請將此設為「true」您必須要重新開機才能將它設回。"
#: booleans.py:165
msgid "Allow regular users direct dri device access"
-msgstr ""
+msgstr "讓一般使用者能直接存取 dri 裝置"
#: booleans.py:166
msgid ""
"Allow unconfined executables to make their heap memory executable. Doing "
"this is a really bad idea. Probably indicates a badly coded executable, but "
"could indicate an attack. This executable should be reported in bugzilla"
-msgstr ""
+msgstr "允許未受限的可執行檔讓其雜湊記憶體能被執行。不建議您這麼作,這可能代表了程式碼錯誤的可執行檔,並且也可能代表攻擊意圖。建議您透過 bugzilla 回報此執行檔"
#: booleans.py:167
msgid ""
"Allow all unconfined executables to use libraries requiring text relocation "
"that are not labeled textrel_shlib_t"
-msgstr ""
+msgstr "允許所有未受限的可執行檔,使用需要文字重定位而未標記為 textrel_shlib_t 的函式庫"
#: booleans.py:168
msgid ""
"Allow unconfined executables to make their stack executable. This should "
"never, ever be necessary. Probably indicates a badly coded executable, but "
"could indicate an attack. This executable should be reported in bugzilla"
-msgstr ""
+msgstr "允許未受限的可執行檔讓其堆疊可執行。這不應在任何情況下發生。這可能代表執行檔的程式碼錯誤,或是攻擊意圖。您應在 bugzilla 中回報此執行檔"
#: booleans.py:169
msgid "Allow users to connect to the local mysql server"
-msgstr ""
+msgstr "允許使用者連至本機的 mysql 伺服器"
#: booleans.py:170
msgid ""
"Allow confined users the ability to execute the ping and traceroute "
"commands."
-msgstr ""
+msgstr "允許受限的使用者執行 ping 與 traceroute 指令。"
#: booleans.py:171
msgid "Allow users to connect to PostgreSQL"
-msgstr ""
+msgstr "允許使用者連至 PostgreSQL"
#: booleans.py:172
msgid ""
"Allow user to r/w files on filesystems that do not have extended attributes "
"(FAT, CDROM, FLOPPY)"
-msgstr ""
+msgstr "允許使用者擁有檔案系統上無延伸屬性FAT、CDROM、FLOPPY的檔案之讀寫權限"
#: booleans.py:173
msgid ""
"Allow users to run TCP servers (bind to ports and accept connection from the"
" same domain and outside users) disabling this forces FTP passive mode and "
"may change other protocols."
-msgstr ""
+msgstr "允許使用者執行 TCP 伺服器(綁定至連接埠,並存取來自於相同區域和外部使用者的連線),停用此項目將會強制 FTP 被動模式,並且也可能會改變其它協定。"
#: booleans.py:174
msgid "Allow user to use ssh chroot environment."
-msgstr ""
+msgstr "允許 user 使用 ssh chroot 環境。"
#: booleans.py:175
msgid "Allow user music sharing"
-msgstr ""
+msgstr "允許共享使用者的音樂"
#: booleans.py:176
msgid ""
"Allow anon internal-sftp to upload files, used for public file transfer "
"services. Directories must be labeled public_content_rw_t."
-msgstr ""
+msgstr "允許 anon internal-sftp 上載使用於公共檔案傳輸服務的檔案。目錄必須被標記為 public_content_rw_t。"
#: booleans.py:177
msgid ""
"Allow sftp-internal to read and write files in the user home directories"
-msgstr ""
+msgstr "允許 sftp-internal 讀取和寫入使用者家目錄中的檔案"
#: booleans.py:178
msgid ""
"Allow sftp-internal to login to local users and read/write all files on the "
"system, governed by DAC."
-msgstr ""
+msgstr "允許 sftp-internal 登入本機使用者並讀/寫系統上(由 DAC 所管理)的所有檔案。"
#: booleans.py:179
msgid ""
"Allow internal-sftp to read and write files in the user ssh home "
"directories."
-msgstr ""
+msgstr "允許 internal-sftp 讀/寫使用者 ssh 家目錄中的檔案。"
#: booleans.py:180
msgid "Allow sge to connect to the network using any TCP port"
-msgstr ""
+msgstr "允許 sge 透過任何 TCP 連接埠連至網路"
#: booleans.py:181
msgid "Allow sge to access nfs file systems."
-msgstr ""
+msgstr "允許 sge 存取 nfs 檔案系統。"
#: booleans.py:182
msgid ""
"Enable additional permissions needed to support devices on 3ware "
"controllers."
-msgstr ""
+msgstr "啟用支援 3ware 控制器上的裝置所需的額外權限。"
#: booleans.py:183
msgid ""
"Allow samba to modify public files used for public file transfer services. "
"Files/Directories must be labeled public_content_rw_t."
-msgstr ""
+msgstr "允許 samba 修改使用於公共檔案傳輸服務的公用檔案。檔案/目錄皆必須標記為 public_content_rw_t。"
#: booleans.py:184
msgid "Allow user spamassassin clients to use the network."
-msgstr ""
+msgstr "允許使用者的 spamassassin 客戶端使用網路。"
#: booleans.py:185
msgid "Allow spamd to read/write user home directories."
-msgstr ""
+msgstr "允許 spamd 讀/寫使用者家目錄。"
#: booleans.py:186
msgid ""
"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports."
-msgstr ""
+msgstr "允許 squid 連至所有連接埠,而非僅是 HTTP、FTP 以及 Gopher 連接埠。"
#: booleans.py:187
msgid "Allow squid to run as a transparent proxy (TPROXY)"
-msgstr ""
+msgstr "允許 squid 作為 transparent proxyTPROXY執行"
#: booleans.py:188
msgid ""
"Allow ssh with chroot env to read and write files in the user home "
"directories"
-msgstr ""
+msgstr "允許搭配 chroot env 的 ssh 讀/寫使用者家目錄中的檔案"
#: booleans.py:189
msgid "allow host key based authentication"
-msgstr ""
+msgstr "允許基於主機金鑰的認證"
#: booleans.py:190
msgid "Allow ssh logins as sysadm_r:sysadm_t"
@@ -3271,215 +3271,215 @@ msgstr "允許 ssh 登入成為 "
#: booleans.py:191
msgid "Allow staff to exec content"
-msgstr ""
+msgstr "允許 staff 執行內容"
#: booleans.py:192
msgid "allow staff user to create and transition to svirt domains."
-msgstr ""
+msgstr "允許 staff 使用者建立和切換至 svirt 區域。"
#: booleans.py:193
msgid "Allow sysadm to exec content"
-msgstr ""
+msgstr "允許 sysadm 執行內容"
#: booleans.py:194
msgid ""
"Allow the Telepathy connection managers to connect to any network port."
-msgstr ""
+msgstr "允許 Telepathy 連線管理員連至任何網路連接埠。"
#: booleans.py:195
msgid ""
"Allow the Telepathy connection managers to connect to any generic TCP port."
-msgstr ""
+msgstr "允許 Telepathy 連線管理員連至任何的一般 TCP 連接埠。"
#: booleans.py:196
msgid ""
"Allow tftp to modify public files used for public file transfer services."
-msgstr ""
+msgstr "允許 tftp 修改用於公共檔案傳輸服務的公用檔案。"
#: booleans.py:197
msgid "Allow tftp to read and write files in the user home directories"
-msgstr ""
+msgstr "允許 tftp 讀取和寫入使用者家目錄中的檔案"
#: booleans.py:198
msgid "Allow tor daemon to bind tcp sockets to all unreserved ports."
-msgstr ""
+msgstr "允許 tor daemon 將 tcp socket 綁定至所有未預留的連接埠。"
#: booleans.py:199
msgid "Allow tor to act as a relay"
-msgstr ""
+msgstr "允許 tor 作為中繼站"
#: booleans.py:200
msgid ""
"allow unconfined users to transition to the chrome sandbox domains when "
"running chrome-sandbox"
-msgstr ""
+msgstr "允許未受限的使用者在執行 chrome-sandbox 時切換至 chrome sandbox 區域"
#: booleans.py:201
msgid "Allow a user to login as an unconfined domain"
-msgstr ""
+msgstr "允許使用者以未受限的區域登入"
#: booleans.py:202
msgid ""
"Allow unconfined users to transition to the Mozilla plugin domain when "
"running xulrunner plugin-container."
-msgstr ""
+msgstr "允許未受限的使用者在執行 xulrunner plugin-container 時,切換至 Mozilla 外掛程式區域。"
#: booleans.py:203
msgid "Allow video playing tools to run unconfined"
-msgstr ""
+msgstr "允許視訊播放工具在不受限的情況下執行"
#: booleans.py:204
msgid "Allow unprivledged user to create and transition to svirt domains."
-msgstr ""
+msgstr "允許無特權的使用者建立和切換至 svirt 區域。"
#: booleans.py:205
msgid "Support ecryptfs home directories"
-msgstr ""
+msgstr "支援 ecryptfs 家目錄"
#: booleans.py:206
msgid "Support fusefs home directories"
-msgstr ""
+msgstr "支援 fusefs 家目錄"
#: booleans.py:207
msgid "Use lpd server instead of cups"
-msgstr ""
+msgstr "使用 lpd 伺服器來代替 cups"
#: booleans.py:208
msgid "Support NFS home directories"
-msgstr ""
+msgstr "支援 NFS 家目錄"
#: booleans.py:209
msgid "Support SAMBA home directories"
-msgstr ""
+msgstr "支援 SAMBA 家目錄"
#: booleans.py:210
msgid "Allow user to exec content"
-msgstr ""
+msgstr "允許 user 執行內容"
#: booleans.py:211
msgid "Allow varnishd to connect to all ports, not just HTTP."
-msgstr ""
+msgstr "允許 varnishd 連至所有連接埠,而不僅是 HTTP。"
#: booleans.py:212
msgid "Ignore vbetool mmap_zero errors."
-msgstr ""
+msgstr "忽略 vbetool mmap_zero 的錯誤。"
#: booleans.py:213
msgid ""
"Allow confined virtual guests to use serial/parallel communication ports"
-msgstr ""
+msgstr "允許受限的虛擬客座端使用序列/平行通訊埠"
#: booleans.py:214
msgid ""
"Allow confined virtual guests to use executable memory and executable stack"
-msgstr ""
+msgstr "允許受限的虛擬客座端使用可執行的記憶體以及可執行的堆疊"
#: booleans.py:215
msgid "Allow confined virtual guests to read fuse files"
-msgstr ""
+msgstr "允許受限的虛擬客座端讀取 fuse 檔案"
#: booleans.py:216
msgid "Allow confined virtual guests to manage nfs files"
-msgstr ""
+msgstr "允許受限的虛擬客座端管理 nfs 檔案"
#: booleans.py:217
msgid "Allow confined virtual guests to interact with rawip sockets"
-msgstr ""
+msgstr "允許受限的虛擬客座端與 rawip socket 進行互動"
#: booleans.py:218
msgid "Allow confined virtual guests to manage cifs files"
-msgstr ""
+msgstr "允許受限的虛擬客座端管理 cifs 檔案"
#: booleans.py:219
msgid "Allow confined virtual guests to interact with the sanlock"
-msgstr ""
+msgstr "允許受限的虛擬客座端與 sanlock 進行互動"
#: booleans.py:220
msgid "Allow confined virtual guests to manage device configuration, (pci)"
-msgstr ""
+msgstr "允許受限的虛擬客座端管理裝置配置pci"
#: booleans.py:221
msgid "Allow confined virtual guests to use usb devices"
-msgstr ""
+msgstr "允許受限的虛擬客座端使用 usb 裝置"
#: booleans.py:222
msgid "Allow confined virtual guests to interact with the xserver"
-msgstr ""
+msgstr "允許受限的虛擬客座端與 xserver 進行互動"
#: booleans.py:223
msgid "Allow webadm to manage files in users home directories"
-msgstr ""
+msgstr "允許 webadm 管理使用者家目錄中的檔案"
#: booleans.py:224
msgid "Allow webadm to read files in users home directories"
-msgstr ""
+msgstr "允許 webadm 讀取使用者家目錄中的檔案"
#: booleans.py:225
msgid "Ignore wine mmap_zero errors."
-msgstr ""
+msgstr "忽略 wine mmap_zero 的錯誤。"
#: booleans.py:226
msgid "Allow the graphical login program to execute bootloader"
-msgstr ""
+msgstr "允許圖性化登入程式執行開機載入程式"
#: booleans.py:227
msgid ""
"Allow the graphical login program to login directly as sysadm_r:sysadm_t"
-msgstr ""
+msgstr "允許圖形化登入程式直接以 sysadm_r:sysadm_t 登入"
#: booleans.py:228
msgid "Allow xen to manage nfs files"
-msgstr ""
+msgstr "允許 xen 管理 nfs 檔案"
#: booleans.py:229
msgid ""
"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated "
"logical volumes for disk images."
-msgstr ""
+msgstr "允許 xend 執行 blktapctrl/tapdisk。若使用專門的邏輯卷冊來作為磁碟映像的話則不需要。"
#: booleans.py:230
msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb."
-msgstr ""
+msgstr "允許 xend 執行 qemu-dm。若使用 paravirt 並且無 vfb 的話則不需要。"
#: booleans.py:231
msgid ""
"Allow xguest users to configure Network Manager and connect to apache ports"
-msgstr ""
+msgstr "允許 xguest 使用者配置 Network Manager 並連至 apache 連接埠"
#: booleans.py:232
msgid "Allow xguest to exec content"
-msgstr ""
+msgstr "允許 xguest 執行內容"
#: booleans.py:233
msgid "Allow xguest users to mount removable media"
-msgstr ""
+msgstr "允許 xguest 使用者掛載卸除式媒介"
#: booleans.py:234
msgid "Allow xguest to use blue tooth devices"
-msgstr ""
+msgstr "允許 xguest 使用藍牙裝置"
#: booleans.py:235
msgid "Allows clients to write to the X server shared memory segments."
-msgstr ""
+msgstr "允許客戶端寫入 X server 的共享記憶體區段。"
#: booleans.py:236
msgid "Allows XServer to execute writable memory"
-msgstr ""
+msgstr "允許 XServer 執行可寫入的記憶體"
#: booleans.py:237
msgid "Support X userspace object manager"
-msgstr ""
+msgstr "支援 X userspace 物件管理程式"
#: booleans.py:238
msgid "Allow zabbix to connect to unreserved ports"
-msgstr ""
+msgstr "允許 zabbix 連至未預留的連接埠"
#: booleans.py:239
msgid "Allow zebra daemon to write it configuration files"
-msgstr ""
+msgstr "允許 zebra daemon 寫入配置檔案"
#: booleans.py:240
msgid ""
"Allow ZoneMinder to modify public files used for public file transfer "
"services."
-msgstr ""
+msgstr "允許 ZoneMinder 修改使用於公共檔案傳輸服務的公用檔案。"
diff --git a/policycoreutils/restorecond/Makefile b/policycoreutils/restorecond/Makefile
index 3074542..3b704d8 100644
--- a/policycoreutils/restorecond/Makefile
+++ b/policycoreutils/restorecond/Makefile
@@ -5,6 +5,7 @@ LIBDIR ?= $(PREFIX)/lib
MANDIR = $(PREFIX)/share/man
AUTOSTARTDIR = $(DESTDIR)/etc/xdg/autostart
DBUSSERVICEDIR = $(DESTDIR)/usr/share/dbus-1/services
+SYSTEMDDIR ?= $(DESTDIR)/usr/lib/systemd
autostart_DATA = sealertauto.desktop
INITDIR = $(DESTDIR)/etc/rc.d/init.d
@@ -39,7 +40,8 @@ install: all
install -m 644 restorecond.desktop $(AUTOSTARTDIR)/restorecond.desktop
-mkdir -p $(DBUSSERVICEDIR)
install -m 600 org.selinux.Restorecond.service $(DBUSSERVICEDIR)/org.selinux.Restorecond.service
-
+ -mkdir -p $(SYSTEMDDIR)/system
+ install -m 644 restorecond.service $(SYSTEMDDIR)/system/
relabel: install
/sbin/restorecon $(SBINDIR)/restorecond
diff --git a/policycoreutils/restorecond/restorecond.service b/policycoreutils/restorecond/restorecond.service
new file mode 100644
index 0000000..11f4ffd
--- /dev/null
+++ b/policycoreutils/restorecond/restorecond.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Restorecon maintaining path file context
+After=syslog.target
+ConditionPathExists=/etc/selinux/restorecond.conf
+
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/restorecond
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/restorecond/user.c b/policycoreutils/restorecond/user.c
index 00a646f..2c28676 100644
--- a/policycoreutils/restorecond/user.c
+++ b/policycoreutils/restorecond/user.c
@@ -54,6 +54,7 @@ static const char *PATH="/org/selinux/Restorecond";
static const char *INTERFACE="org.selinux.RestorecondIface";
static const char *RULE="type='signal',interface='org.selinux.RestorecondIface'";
+static int local_lock_fd = -1;
static DBusHandlerResult
signal_filter (DBusConnection *connection __attribute__ ((__unused__)), DBusMessage *message, void *user_data)
@@ -201,17 +202,18 @@ static int local_server() {
perror("asprintf");
return -1;
}
- int fd = open(ptr, O_CREAT | O_WRONLY | O_NOFOLLOW | O_CLOEXEC, S_IRUSR | S_IWUSR);
+ local_lock_fd = open(ptr, O_CREAT | O_WRONLY | O_NOFOLLOW | O_CLOEXEC, S_IRUSR | S_IWUSR);
if (debug_mode)
g_warning ("Lock file: %s", ptr);
free(ptr);
- if (fd < 0) {
+ if (local_lock_fd < 0) {
if (debug_mode)
perror("open");
return -1;
}
- if (flock(fd, LOCK_EX | LOCK_NB) < 0) {
+ if (flock(local_lock_fd, LOCK_EX | LOCK_NB) < 0) {
+ close(local_lock_fd);
if (debug_mode)
perror("flock");
return -1;
@@ -226,6 +228,12 @@ static int local_server() {
return 0;
}
+static void end_local_server(void) {
+ if (local_lock_fd >= 0)
+ close(local_lock_fd);
+ local_lock_fd = -1;
+}
+
int server(int master_fd, const char *watch_file) {
GMainLoop *loop;
@@ -253,6 +261,7 @@ int server(int master_fd, const char *watch_file) {
g_main_loop_run (loop);
end:
+ end_local_server();
g_main_loop_unref (loop);
return 0;
}
diff --git a/policycoreutils/run_init/run_init.pamd b/policycoreutils/run_init/run_init.pamd
index d1b435c..1c323d2 100644
--- a/policycoreutils/run_init/run_init.pamd
+++ b/policycoreutils/run_init/run_init.pamd
@@ -1,4 +1,6 @@
#%PAM-1.0
+# Uncomment the next line if you do not want to enter your passwd everytime
+#auth sufficient pam_rootok.so
auth include system-auth
account include system-auth
password include system-auth
diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
index b629006..6631c2d 100644
--- a/policycoreutils/sandbox/sandbox
+++ b/policycoreutils/sandbox/sandbox
@@ -243,7 +243,7 @@ class Sandbox:
copyfile(f, "/tmp", self.__tmpdir)
copyfile(f, "/var/tmp", self.__tmpdir)
- def __setup_sandboxrc(self, wm = "/usr/bin/matchbox-window-manager -use_titlebar no"):
+ def __setup_sandboxrc(self, wm = "/usr/bin/openbox"):
execfile =self.__homedir + "/.sandboxrc"
fd = open(execfile, "w+")
if self.__options.session:
@@ -333,7 +333,7 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
parser.add_option("-W", "--windowmanager", dest="wm",
type="string",
- default="/usr/bin/matchbox-window-manager -use_titlebar no",
+ default="/usr/bin/openbox",
help=_("alternate window manager"))
parser.add_option("-l", "--level", dest="level",
diff --git a/policycoreutils/sandbox/sandbox.8 b/policycoreutils/sandbox/sandbox.8
index 521afcd..8e64965 100644
--- a/policycoreutils/sandbox/sandbox.8
+++ b/policycoreutils/sandbox/sandbox.8
@@ -24,25 +24,29 @@ allows you to run X applications within a sandbox. These applications will star
If directories are specified with -H or -T the directory will have its context modified with chcon(1) unless a level is specified with -l. If the MLS/MCS security level is specified, the user is responsible to set the correct labels.
.PP
.TP
-\fB\-H\ homedir
+\fB\-h\ \fB\--help\fR
+display usage message
+.TP
+\fB\-H\ \fB\--homedir\fR
Use alternate homedir to mount over your home directory. Defaults to temporary. Requires -X or -M.
.TP
-\fB\-i file\fR
+\fB\-i\fR \fB\--include\fR
Copy this file into the appropriate temporary sandbox directory. Command can be repeated.
.TP
-\fB\-I inputfile\fR Copy all files listed in inputfile into the
+\fB\-I\fR \fB\--includefile\fR
+Copy all files listed in inputfile into the
appropriate temporary sandbox directories.
.TP
-\fB\-l\fR
+\fB\-l\fR \fB\--level\fR
Specify the MLS/MCS Security Level to run the sandbox with. Defaults to random.
.TP
-\fB\-M\fR
+\fB\-M\fR \fB\--mount\fR
Create a Sandbox with temporary files for $HOME and /tmp.
.TP
-\fB\-s\fR \fB\--shred\fR
+\fB\-s\fR \fB\--shred\fR
Shred temporary files created in $HOME and /tmp, before deleting.
.TP
-\fB\-t type\fR
+\fB\-t\fR \fB\--type\fR
Use alternate sandbox type, defaults to sandbox_t or sandbox_x_t for -X.
\fBExamples:\fR
@@ -58,32 +62,35 @@ sandbox_web_t - Ports required for web browsing
sandbox_net_t - All network ports
.TP
-\fB\-T\ tmpdir
-Use alternate tempory directory to mount on /tmp. Defaults to tmpfs. Requires -X or -M.
+\fB\-T\fR \fB\--tmpdir\fR
+Use alternate temporary directory to mount on /tmp. Defaults to tmpfs. Requires -X or -M.
.TP
-\fB\-S
+\fB\-S\fR \fB\--session\fR
Run a full desktop session, Requires level, and home and tmpdir.
.TP
-\fB\-w windowsize\fR
+\fB\-w\fR \fB\--windowsize\fR
+
Specifies the windowsize when creating an X based Sandbox. The default windowsize is 1000x700.
.TP
-\fB\-W windowmanager\fR
+\fB\-W\fR \fB\--windowmanager\fR
Select alternative window manager to run within
.B sandbox -X.
-Default to /usr/bin/matchbox-window-manager.
+Default to /usr/bin/openbox.
.TP
\fB\-X\fR
Create an X based Sandbox for gui apps, temporary files for
$HOME and /tmp, secondary Xserver, defaults to sandbox_x_t
.TP
-\fB\-d\fR
-Set the DPI value for the sanbox X Server. Defaults to the current X Sever DPI.
+\fB\-d\fR \fB\--dpi\fR
+Set the DPI value for the sandbox X Server. Defaults to the current X Sever DPI.
.TP
-\fB\-c\fR
-Use control groups to control this copy of sandbox. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
+\fB\-c\fR \fB\--cgroups\fR
+Use control groups to control this copy of sandbox. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
.TP
-\fB\-C\fR
-Use capabilities within the sandbox. By default applications executed within the sandbox will not be allowed to use capabilities (setuid apps), with the -C flag, you can use programs requiring capabilities.
+\fB\-C\fR \fB\--capabilities\fR Use capabilities within the
+sandbox. By default applications executed within the sandbox will not
+be allowed to use capabilities (setuid apps), with the -C flag, you
+can use programs requiring capabilities.
.PP
.SH "SEE ALSO"
.TP
diff --git a/policycoreutils/sandbox/sandboxX.sh b/policycoreutils/sandbox/sandboxX.sh
index 23de6f6..171bb05 100644
--- a/policycoreutils/sandbox/sandboxX.sh
+++ b/policycoreutils/sandbox/sandboxX.sh
@@ -6,6 +6,20 @@ export TITLE="Sandbox $context -- `grep ^#TITLE: ~/.sandboxrc | /usr/bin/cut -b8
[ -z $2 ] && export DPI="96" || export DPI="$2"
trap "exit 0" HUP
+mkdir -p ~/.config/openbox
+cat > ~/.config/openbox/rc.xml << EOF
+<openbox_config xmlns="http://openbox.org/3.4/rc"
+ xmlns:xi="http://www.w3.org/2001/XInclude">
+<applications>
+ <application class="*">
+ <decor>no</decor>
+ <desktop>all</desktop>
+ <maximized>yes</maximized>
+ </application>
+</applications>
+</openbox_config>
+EOF
+
(/usr/bin/Xephyr -title "$TITLE" -terminate -screen $SCREENSIZE -dpi $DPI -nolisten tcp -displayfd 5 5>&1 2>/dev/null) | while read D; do
export DISPLAY=:$D
cat > ~/seremote << __EOF
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
index dbd5977..b3f1275 100644
2013-02-08 14:44:20 +00:00
--- a/policycoreutils/sandbox/seunshare.c
+++ b/policycoreutils/sandbox/seunshare.c
@@ -617,8 +617,8 @@ static int cleanup_tmpdir(const char *tmpdir, const char *src,
free(cmdbuf); cmdbuf = NULL;
/* remove runtime temporary directory */
- if ((uid_t)setfsuid(0) != pwd->pw_uid) {
- fprintf(stderr, _("Unable to switch to root to clear tmp dir\n"));
+ if ((uid_t)setfsuid(0) != 0) {
+ /* setfsuid does not return errror, but this check makes code checkers happy */
rc++;
}
@@ -961,6 +961,7 @@ int main(int argc, char **argv) {
char *display = NULL;
2013-02-08 14:44:20 +00:00
char *LANG = NULL;
int rc = -1;
+ char *resolved_path = NULL;
2013-02-08 14:44:20 +00:00
if (unshare(CLONE_NEWNS) < 0) {
2013-02-08 14:44:20 +00:00
perror(_("Failed to unshare"));
@@ -977,8 +978,10 @@ int main(int argc, char **argv) {
/* assume fsuid==ruid after this point */
if ((uid_t)setfsuid(uid) != 0) goto childerr;
+ resolved_path = realpath(pwd->pw_dir,NULL);
+ if (! resolved_path) goto childerr;
/* mount homedir and tmpdir, in this order */
- if (homedir_s && seunshare_mount(homedir_s, pwd->pw_dir,
+ if (homedir_s && seunshare_mount(homedir_s, resolved_path,
&st_homedir) != 0) goto childerr;
if (tmpdir_s && seunshare_mount(tmpdir_r, "/tmp",
&st_tmpdir_r) != 0) goto childerr;
@@ -1033,6 +1036,7 @@ int main(int argc, char **argv) {
execv(argv[optind], argv + optind);
fprintf(stderr, _("Failed to execute command %s: %s\n"), argv[optind], strerror(errno));
childerr:
+ free(resolved_path);
free(display);
free(LANG);
exit(-1);
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/scripts/Makefile b/policycoreutils/scripts/Makefile
index 201a988..f5d6e9d 100644
--- a/policycoreutils/scripts/Makefile
+++ b/policycoreutils/scripts/Makefile
@@ -9,23 +9,12 @@ LOCALEDIR ?= $(PREFIX)/share/locale
.PHONY: all genhomedircon
all: fixfiles genhomedircon chcat
-genhomedircon:
- @echo "#!/bin/sh" > genhomedircon
- @echo >> genhomedircon
- @if [ -z "${SEMODULE_PATH}" ]; then \
- echo "${USRSBINDIR}/semodule -Bn" >> genhomedircon; \
- else \
- echo "${SEMODULE_PATH}/semodule -Bn" >> genhomedircon; \
- fi
-
2013-02-08 14:44:20 +00:00
install: all
-mkdir -p $(BINDIR)
install -m 755 chcat $(BINDIR)
install -m 755 fixfiles $(SBINDIR)
- install -m 755 genhomedircon $(USRSBINDIR)
-mkdir -p $(MANDIR)/man8
install -m 644 fixfiles.8 $(MANDIR)/man8/
- install -m 644 genhomedircon.8 $(MANDIR)/man8/
install -m 644 chcat.8 $(MANDIR)/man8/
clean:
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
2013-03-01 19:18:15 +00:00
index 6901e4d..5acb111 100755
--- a/policycoreutils/scripts/fixfiles
+++ b/policycoreutils/scripts/fixfiles
2013-03-01 19:18:15 +00:00
@@ -3,7 +3,7 @@
#
# Script to restore labels on a SELinux box
#
-# Copyright (C) 2004-2011 Red Hat, Inc.
+# Copyright (C) 2004-2013 Red Hat, Inc.
# Authors: Dan Walsh <dwalsh@redhat.com>
#
# This program is free software; you can redistribute it and/or modify
@@ -26,11 +26,11 @@
# number if the current is less than 2.6.30 and 0 if they are the same.
#
function useseclabel {
- VER=`uname -r`
- SUP=2.6.30
- expr '(' "$VER" : '\([^.]*\)' ')' '-' '(' "$SUP" : '\([^.]*\)' ')' '|' \
- '(' "$VER.0" : '[^.]*[.]\([^.]*\)' ')' '-' '(' "$SUP.0" : '[^.]*[.]\([^.]*\)' ')' '|' \
- '(' "$VER.0.0" : '[^.]*[.][^.]*[.]\([^.]*\)' ')' '-' '(' "$SUP.0.0" : '[^.]*[.][^.]*[.]\([^.]*\)' ')'
+ VER=`uname -r`
+ SUP=2.6.30
+ expr '(' "$VER" : '\([^.]*\)' ')' '-' '(' "$SUP" : '\([^.]*\)' ')' '|' \
+ '(' "$VER.0" : '[^.]*[.]\([^.]*\)' ')' '-' '(' "$SUP.0" : '[^.]*[.]\([^.]*\)' ')' '|' \
+ '(' "$VER.0.0" : '[^.]*[.][^.]*[.]\([^.]*\)' ')' '-' '(' "$SUP.0.0" : '[^.]*[.][^.]*[.]\([^.]*\)' ')'
}
#
@@ -65,7 +65,7 @@ done
}
#
-# Get the default label returned from the kernel for a file with a lable the
+# Get the default label returned from the kernel for a file with a lable the
# kernel does not understand
#
get_undefined_type() {
@@ -78,25 +78,25 @@ get_undefined_type() {
#
get_unlabeled_type() {
SELINUXMNT=`grep selinuxfs /proc/self/mountinfo | head -1 | awk '{ print $5 }'`
- cat $SELINUXMNT/initial_contexts/file | secon -t
+ cat $SELINUXMNT/initial_contexts/file | secon -t
}
exclude_dirs_from_relabelling() {
exclude_from_relabelling=
if [ -e /etc/selinux/fixfiles_exclude_dirs ]
then
- while read i
- do
- # skip blank line and comment
- # skip not absolute path
- # skip not directory
- [ -z "${i}" ] && continue
- [[ "${i}" =~ "^[[:blank:]]*#" ]] && continue
- [[ ! "${i}" =~ ^/.* ]] && continue
- [[ ! -d "${i}" ]] && continue
- exclude_from_relabelling="$exclude_from_relabelling -e $i"
- logit "skipping the directory $i from relabelling"
- done < /etc/selinux/fixfiles_exclude_dirs
+ while read i
+ do
+ # skip blank line and comment
+ # skip not absolute path
+ # skip not directory
+ [ -z "${i}" ] && continue
+ [[ "${i}" =~ "^[[:blank:]]*#" ]] && continue
+ [[ ! "${i}" =~ ^/.* ]] && continue
+ [[ ! -d "${i}" ]] && continue
+ exclude_from_relabelling="$exclude_from_relabelling -e $i"
+ logit "skipping the directory $i from relabelling"
+ done < /etc/selinux/fixfiles_exclude_dirs
fi
echo "$exclude_from_relabelling"
}
@@ -104,7 +104,7 @@ exclude_dirs_from_relabelling() {
exclude_dirs() {
exclude=
for i in /sys /proc /dev /run /mnt /var/tmp /var/lib/BackupPC /home /tmp /dev; do
- [ -e $i ] && exclude="$exclude -e $i";
+ [ -e $i ] && exclude="$exclude -e $i";
done
exclude="$exclude `exclude_dirs_from_relabelling`"
echo "$exclude"
@@ -133,7 +133,7 @@ FILESYSTEMS="$FILESYSTEMSRW $FILESYSTEMSRO"
SELINUXTYPE="targeted"
if [ -e /etc/selinux/config ]; then
. /etc/selinux/config
- FC=/etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts
+ FC=/etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts
else
FC=/etc/security/selinux/file_contexts
fi
@@ -158,7 +158,7 @@ newer() {
}
#
-# Compare PREVious File Context to currently installed File Context and
+# Compare PREVious File Context to currently installed File Context and
# run restorecon on all files affected by the differences.
#
diff_filecontext() {
@@ -172,30 +172,31 @@ if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
grep '^[<>]'|cut -c3-| grep ^/ | \
egrep -v '(^/home|^/root|^/tmp|^/dev)' |\
sed -r -e 's,[[:blank:]].*,,g' \
- -e 's|\(([/[:alnum:]]+)\)\?|{\1,}|g' \
+ -e 's|\(([/[:alnum:]]+)\)\?|{\1,}|g' \
-e 's|([/[:alnum:]])\?|{\1,}|g' \
- -e 's|\?.*|*|g' \
+ -e 's|\?.*|*|g' \
+ -e 's|\{.*|*|g' \
-e 's|\(.*|*|g' \
-e 's|\[.*|*|g' \
- -e 's|\.\*.*|*|g' \
- -e 's|\.\+.*|*|g' | \
+ -e 's|\.\*.*|*|g' \
+ -e 's|\.\+.*|*|g' | \
# These two sorts need to be separate commands \
sort -u | \
sort -d | \
- while read pattern ; \
+ while read pattern ; \
do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null; then \
- echo "$pattern"; \
- case "$pattern" in *"*") \
- echo "$pattern" | sed -e 's,^,^,' -e 's,\*$,,g' >> ${TEMPFILE};;
- esac; \
- fi; \
- done | \
+ echo "$pattern"; \
+ case "$pattern" in *"*") \
+ echo "$pattern" | sed -e 's,^,^,' -e 's,\*$,,g' >> ${TEMPFILE};;
+ esac; \
+ fi; \
+ done | \
${RESTORECON} ${VERBOSE} -i -f - -R `exclude_dirs`; \
rm -f ${TEMPFILE} ${PREFCTEMPFILE}
fi
}
#
-# Log all Read Only file systems
+# Log all Read Only file systems
#
LogReadOnly() {
if [ ! -z "$FILESYSTEMSRO" ]; then
@@ -209,7 +210,7 @@ rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' '
[ ${PIPESTATUS[0]} != 0 ] && echo "$1 not found" >/dev/stderr
}
-#
+#
# restore
# if called with -n will only check file context
#
@@ -241,8 +242,8 @@ then
TEMPFCFILE=`mktemp ${FC}.XXXXXXXXXX`
test -z "$TEMPFCFILE" && exit
/bin/cp -p ${FC} ${TEMPFCFILE} &>/dev/null || exit
- exclude_dirs=${exclude_dirs//-e/}
- for p in ${exclude_dirs}
+ tmpdirs=${tempdirs//-e/}
+ for p in ${tmpdirs}
do
p="${p%/}"
p1="${p}(/.*)? -- <<none>>"
2013-03-01 19:18:15 +00:00
@@ -253,7 +254,7 @@ FC=$TEMPFCFILE
fi
if [ -n "${FILESYSTEMSRW}" ]; then
echo "Relabeling `echo ${FILESYSTEMSRW}`"
- ${SETFILES} ${VERBOSE} -q ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 | cat >> $LOGFILE
+ ${SETFILES} ${VERBOSE} $exclude_dirs -q ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 | cat >> $LOGFILE
else
echo >&2 "fixfiles: No suitable file systems found"
fi
2013-03-01 19:18:15 +00:00
@@ -278,7 +279,7 @@ fullrelabel() {
relabel() {
if [ ! -z "$RPMFILES" ]; then
- restore
+ restore
fi
if [ $fullFlag == 1 ]; then
@@ -286,13 +287,13 @@ relabel() {
fi
echo -n "
- Files in the /tmp directory may be labeled incorrectly, this command
- can remove all files in /tmp. If you choose to remove files from /tmp,
+ Files in the /tmp directory may be labeled incorrectly, this command
+ can remove all files in /tmp. If you choose to remove files from /tmp,
a reboot will be required after completion.
-
+
Do you wish to clean out the /tmp directory [N]? "
read answer
- if [ "$answer" = y -o "$answer" = Y ]; then
+ if [ "$answer" = y -o "$answer" = Y ]; then
fullrelabel
else
restore
@@ -322,8 +323,8 @@ case "$1" in
esac
}
usage() {
- echo $"""
-Usage: $0 [-F] [-l logfile ] { check | restore| [-f] relabel | verify } [[dir/file] ... ]
+ echo $"""
+Usage: $0 [-F] [-l logfile ] { check | restore| [-f] relabel | verify } [[dir/file] ... ]
or
Usage: $0 [-F] -R rpmpackage[,rpmpackage...] [-l logfile ] { check | restore | verify }
or
@@ -351,13 +352,13 @@ while getopts "N:BC:FfR:l:v" i; do
v)
VERBOSE="-v"
;;
- R)
+ R)
RPMFILES=$OPTARG
;;
- l)
+ l)
LOGFILE=$OPTARG
;;
- C)
+ C)
PREFC=$OPTARG
;;
F)
@@ -397,11 +398,11 @@ else
if [ -z "$1" ]; then
process $command
else
- while [ -n "$1" ]; do
+ while [ -n "$1" ]; do
FILEPATH=$1
- process $command
+ process $command
shift
- done
+ done
fi
fi
exit $?
diff --git a/policycoreutils/scripts/fixfiles.8 b/policycoreutils/scripts/fixfiles.8
index 9ab7334..f263805 100644
--- a/policycoreutils/scripts/fixfiles.8
+++ b/policycoreutils/scripts/fixfiles.8
@@ -30,7 +30,7 @@ as you expect. By default it will relabel all mounted ext2, ext3, xfs and
jfs file systems as long as they do not have a security context mount
option. You can use the -R flag to use rpmpackages as an alternative.
The file /etc/selinux/fixfiles_exclude_dirs can contain a list of directories
-excluded from relabelling.
+excluded from relabeling.
.P
.B fixfiles onboot
will setup the machine to relabel on the next reboot.
@@ -56,7 +56,7 @@ Run a diff on the PREVIOUS_FILECONTEXT file to the currently installed one, and
.TP
.B -v
-Modify verbosity from progess to verbose. (Run restorecon with -v instead of -p)
+Modify verbosity from progress to verbose. (Run restorecon with -v instead of -p)
.SH "ARGUMENTS"
One of:
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/scripts/genhomedircon.8 b/policycoreutils/scripts/genhomedircon.8
deleted file mode 100644
index 8ec509c..0000000
--- a/policycoreutils/scripts/genhomedircon.8
+++ /dev/null
@@ -1,24 +0,0 @@
-.TH GENHOMEDIRCON "12" "Sep 2011" "Security Enhanced Linux" "SELinux"
-.SH NAME
-genhomedircon \- generate SELinux file context configuration entries for user home directories
-.SH SYNOPSIS
-.B genhomedircon
-is a script that executes
-.B semodule
-to rebuild the currently active SELinux policy (without reloading it) and to create the
-labels for each user home directory based on directory paths returned by calls to getpwent().
-
-The latter functionality depends on the "usepasswd" parameter being set to "true" (default)
-in /etc/selinux/semanage.conf.
-
-This script is usually executed by
-.B semanage
-although this default behavior can be optionally modified by setting to "true" the
-"disable-genhomedircon" in /etc/selinux/semanage.conf.
-
-.SH AUTHOR
-This manual page was written by
-.I Dan Walsh <dwalsh@redhat.com>
-
-.SH "SEE ALSO"
-semanage.conf(5), semodule(8), semanage(8), getpwent(3), getpwent_r(3)
diff --git a/policycoreutils/secon/secon.1 b/policycoreutils/secon/secon.1
index 6c30734..f6b4b9a 100644
--- a/policycoreutils/secon/secon.1
+++ b/policycoreutils/secon/secon.1
@@ -91,12 +91,12 @@ Additional argument
.I CONTEXT
may be provided and will be used if no options have been specified to make
.B secon
-get it's context from another source.
+get its context from another source.
If that argument is
.I -
then the context will be read from stdin.
.br
-If there is no arugment,
+If there is no argument,
.B secon
will try reading a context from stdin, if that is not a tty, otherwise
.B secon
diff --git a/policycoreutils/semanage/Makefile b/policycoreutils/semanage/Makefile
index 24d6a21..b797d83 100644
--- a/policycoreutils/semanage/Makefile
+++ b/policycoreutils/semanage/Makefile
@@ -5,7 +5,7 @@ SBINDIR ?= $(PREFIX)/sbin
MANDIR = $(PREFIX)/share/man
PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
-BASHCOMPLETIONDIR ?= $(DESTDIR)/etc/bash_completion.d/
+BASHCOMPLETIONDIR ?= $(DESTDIR)/usr/share/bash-completion/completions
TARGETS=semanage
@@ -21,7 +21,7 @@ install: all
test -d $(PYTHONLIBDIR)/site-packages || install -m 755 -d $(PYTHONLIBDIR)/site-packages
install -m 755 seobject.py $(PYTHONLIBDIR)/site-packages
-mkdir -p $(BASHCOMPLETIONDIR)
- install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)
+ install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)/semanage
clean:
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/semanage/default_encoding/Makefile b/policycoreutils/semanage/default_encoding/Makefile
new file mode 100644
2013-02-08 14:44:20 +00:00
index 0000000..e15a877
--- /dev/null
2013-02-08 14:44:20 +00:00
+++ b/policycoreutils/semanage/default_encoding/Makefile
@@ -0,0 +1,8 @@
+all:
+ LDFLAGS="" python setup.py build
+
2013-02-08 14:44:20 +00:00
+install: all
+ LDFLAGS="" python setup.py install --root=$(DESTDIR)/
+
2013-02-08 14:44:20 +00:00
+clean:
+ rm -rf build *~
diff --git a/policycoreutils/semanage/default_encoding/default_encoding.c b/policycoreutils/semanage/default_encoding/default_encoding.c
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
new file mode 100644
2013-02-08 14:44:20 +00:00
index 0000000..023b8f4
Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line
2012-09-15 12:34:36 +00:00
--- /dev/null
2013-02-08 14:44:20 +00:00
+++ b/policycoreutils/semanage/default_encoding/default_encoding.c
@@ -0,0 +1,57 @@
+/*
+ * Authors:
+ * John Dennis <jdennis@redhat.com>
+ *
+ * Copyright (C) 2009 Red Hat
+ * see file 'COPYING' for use and warranty information
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
2013-02-08 14:44:20 +00:00
+#include <Python.h>
+
2013-02-08 14:44:20 +00:00
+PyDoc_STRVAR(setdefaultencoding_doc,
+"setdefaultencoding(encoding='utf-8')\n\
+\n\
+Set the current default string encoding used by the Unicode implementation.\n\
+Defaults to utf-8."
+);
+
2013-02-08 14:44:20 +00:00
+static PyObject *
+setdefaultencoding(PyObject *self, PyObject *args, PyObject *kwds)
+{
+ static char *kwlist[] = {"utf-8", NULL};
+ char *encoding;
+
2013-02-08 14:44:20 +00:00
+ if (!PyArg_ParseTupleAndKeywords(args, kwds, "s:setdefaultencoding", kwlist, &encoding))
+ return NULL;
+
2013-02-08 14:44:20 +00:00
+ if (PyUnicode_SetDefaultEncoding(encoding))
+ return NULL;
+
2013-02-08 14:44:20 +00:00
+ Py_RETURN_NONE;
+}
+
2013-02-08 14:44:20 +00:00
+static PyMethodDef methods[] = {
+ {"setdefaultencoding", (PyCFunction)setdefaultencoding, METH_VARARGS|METH_KEYWORDS, setdefaultencoding_doc},
+ {NULL, NULL} /* sentinel */
+};
+
+
2013-02-08 14:44:20 +00:00
+PyMODINIT_FUNC
+initdefault_encoding_utf8(void)
+{
+ PyUnicode_SetDefaultEncoding("utf-8");
+ Py_InitModule3("default_encoding_utf8", methods, "Forces the default encoding to utf-8");
+}
diff --git a/policycoreutils/semanage/default_encoding/policycoreutils/__init__.py b/policycoreutils/semanage/default_encoding/policycoreutils/__init__.py
2011-01-21 20:11:31 +00:00
new file mode 100644
2013-02-08 14:44:20 +00:00
index 0000000..ccb6b8b
2011-01-21 20:11:31 +00:00
--- /dev/null
2013-02-08 14:44:20 +00:00
+++ b/policycoreutils/semanage/default_encoding/policycoreutils/__init__.py
@@ -0,0 +1,17 @@
+#
2013-02-08 14:44:20 +00:00
+# Copyright (C) 2006,2007,2008, 2009 Red Hat, Inc.
+#
2013-02-08 14:44:20 +00:00
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
2013-02-08 14:44:20 +00:00
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
2013-02-08 14:44:20 +00:00
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/semanage/default_encoding/setup.py b/policycoreutils/semanage/default_encoding/setup.py
new file mode 100644
2013-02-08 14:44:20 +00:00
index 0000000..e2befdb
--- /dev/null
2013-02-08 14:44:20 +00:00
+++ b/policycoreutils/semanage/default_encoding/setup.py
@@ -0,0 +1,38 @@
+# Authors:
+# John Dennis <jdennis@redhat.com>
+#
2013-02-08 14:44:20 +00:00
+# Copyright (C) 2009 Red Hat
+# see file 'COPYING' for use and warranty information
2011-01-21 20:11:31 +00:00
+#
2013-02-08 14:44:20 +00:00
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
2011-01-21 20:11:31 +00:00
+#
2013-02-08 14:44:20 +00:00
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
2011-01-21 20:11:31 +00:00
+#
2013-02-08 14:44:20 +00:00
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
2013-02-08 14:44:20 +00:00
+from distutils.core import setup, Extension
+
2013-02-08 14:44:20 +00:00
+default_encoding_utf8 = Extension('policycoreutils.default_encoding_utf8', ['default_encoding.c'])
2011-01-21 20:11:31 +00:00
+
2013-02-08 14:44:20 +00:00
+setup(name = 'policycoreutils-default-encoding',
+ version = '0.1',
+ description = 'Forces the default encoding in Python to be utf-8',
+ long_description = 'Forces the default encoding in Python to be utf-8',
+ author = 'John Dennis',
+ author_email = 'jdennis@redhat.com',
+ maintainer = 'John Dennis',
+ maintainer_email = 'jdennis@redhat.com',
+ license = 'GPLv3+',
+ platforms = 'posix',
+ url = '',
+ download_url = '',
+ ext_modules = [default_encoding_utf8],
+ packages=["policycoreutils"],
2011-01-21 20:11:31 +00:00
+)
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/semanage/semanage b/policycoreutils/semanage/semanage
index 6e33c85..7989aac 100644
2013-02-08 14:44:20 +00:00
--- a/policycoreutils/semanage/semanage
+++ b/policycoreutils/semanage/semanage
@@ -20,6 +20,7 @@
# 02111-1307 USA
#
#
+import policycoreutils.default_encoding_utf8
import sys, getopt, re
import seobject
import selinux
@@ -32,7 +33,7 @@ gettext.textdomain(PROGNAME)
try:
gettext.install(PROGNAME,
localedir="/usr/share/locale",
- unicode=False,
+ unicode=True,
codeset = 'utf-8')
except IOError:
import __builtin__
@@ -60,7 +61,7 @@ semanage interface -{a|d|m|l|D|E} [-Nntr] interface_spec
semanage module -{a|d|m} [--enable|--disable] [-N] module
semanage node -{a|d|m|l|D|E} [-Nntr] [ -p protocol ] [-M netmask] addr
semanage fcontext -{a|d|m|l|D|E} [-Nefnrst] file_spec
-semanage boolean -{d|m} [--on|--off|-1|-0] [-N] -F boolean | boolean_file
+semanage boolean -{d|m} {--on|--off|-1|-0} [-N] -F boolean | boolean_file
semanage permissive -{d|a|l} [-Nn] type
semanage dontaudit [ on | off ] [-N]
@@ -72,7 +73,7 @@ Primary Options:
-i, --input Input multiple semange commands in a transaction
-o, --output Output current customizations as semange commands
-l, --list List the OBJECTS
- -E, --extract extract customizable commands
+ -E, --extract Extract customizable commands, for use within a transaction
-C, --locallist List OBJECTS local customizations
-D, --deleteall Remove all OBJECTS local customizations
@@ -444,6 +445,8 @@ Object-specific Options (see above):
if modify:
if object == "boolean":
+ if not value:
+ raise ValueError(_("Value Required [ --on | --off ]"))
OBJECT.modify(target, value, use_file)
return
diff --git a/policycoreutils/semanage/semanage.8 b/policycoreutils/semanage/semanage.8
index 28a9022..01b3420 100644
--- a/policycoreutils/semanage/semanage.8
+++ b/policycoreutils/semanage/semanage.8
@@ -14,15 +14,15 @@ Input local customizations
Manage booleans. Booleans allow the administrator to modify the confinement of
processes based on his configuration.
.br
-.B semanage boolean [\-S store] \-{d|m|l|D} [\-nN] [\-\-on|\-\-off|\-\1|\-0] -F boolean | boolean_file
+.B semanage boolean [\-S store] \-{d|m|l|D|E} [\-nN] [\-\-on|\-\-off|\-\1|\-0] -F boolean | boolean_file
Manage SELinux confined users (Roles and levels for an SELinux user)
.br
-.B semanage user [\-S store] \-{a|d|m|l|D} [\-LnNPrR] selinux_name
+.B semanage user [\-S store] \-{a|d|m|l|D|E} [\-LnNPrR] selinux_name
Manage login mappings between linux users and SELinux confined users.
.br
-.B semanage login [\-S store] \-{a|d|m|l|D} [\-nNrs] login_name | %groupname
+.B semanage login [\-S store] \-{a|d|m|l|D|E} [\-nNrs] login_name | %groupname
Manage policy modules.
.br
@@ -30,16 +30,16 @@ Manage policy modules.
Manage network port type definitions
.br
-.B semanage port [\-S store] \-{a|d|m|l|D} [\-nNrt] [\-p proto] port | port_range
+.B semanage port [\-S store] \-{a|d|m|l|D|E} [\-nNrt] [\-p proto] port | port_range
.br
Manage network interface type definitions
.br
-.B semanage interface [\-S store] \-{a|d|m|l|D} [\-nNrt] interface_spec
+.B semanage interface [\-S store] \-{a|d|m|l|D|E} [\-nNrt] interface_spec
Manage network node type definitions
.br
-.B semanage node [\-S store] -{a|d|m|l|D} [-nNrt] [ -p protocol ] [-M netmask] address
+.B semanage node [\-S store] -{a|d|m|l|D|E} [-nNrt] [ -p protocol ] [-M netmask] address
.br
Manage file context mapping definitions
@@ -123,11 +123,15 @@ Currently booleans only.
.TP
.I \-h, \-\-help
-display this message
+display usage message
.TP
.I \-l, \-\-list
List the OBJECTS
.TP
+.I \-E, \-\-extract
+Extract custommizable commands, which could then be used on another machine.
+Command output is suitable for a transaction. See also --output
+.TP
.I \-C, \-\-locallist
List only locally defined settings, not base policy settings.
.TP
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py
index 85bc37f..0f9bc6e 100644
2013-02-08 14:44:20 +00:00
--- a/policycoreutils/semanage/seobject.py
+++ b/policycoreutils/semanage/seobject.py
@@ -32,11 +32,10 @@ from IPy import IP
import gettext
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
-try:
- gettext.install(PROGNAME, localedir = "/usr/share/locale", unicode = 1)
-except IOError:
- import __builtin__
- __builtin__.__dict__['_'] = unicode
+
2013-02-08 14:44:20 +00:00
+import gettext
+translation=gettext.translation(PROGNAME, localedir = "/usr/share/locale", fallback=True)
+_=translation.ugettext
2013-02-08 14:44:20 +00:00
import syslog
2013-02-08 14:44:20 +00:00
@@ -461,7 +460,9 @@ class loginRecords(semanageRecords):
if rc < 0:
raise ValueError(_("Could not check if login mapping for %s is defined") % name)
if exists:
- raise ValueError(_("Login mapping for %s is already defined") % name)
+ semanage_seuser_key_free(k)
+ return self.__modify(name, sename, serange)
+
2013-02-08 14:44:20 +00:00
if name[0] == '%':
try:
grp.getgrnam(name[1:])
@@ -731,7 +732,8 @@ class seluserRecords(semanageRecords):
if rc < 0:
raise ValueError(_("Could not check if SELinux user %s is defined") % name)
if exists:
- raise ValueError(_("SELinux user %s is already defined") % name)
+ semanage_user_key_free(k)
+ return self.__modify(name, roles, selevel, serange, prefix)
2013-02-08 14:44:20 +00:00
(rc, u) = semanage_user_create(self.sh)
if rc < 0:
@@ -1274,7 +1276,8 @@ class nodeRecords(semanageRecords):
2013-02-08 14:44:20 +00:00
(rc, exists) = semanage_node_exists(self.sh, k)
if exists:
- raise ValueError(_("Addr %s already defined") % addr)
+ semanage_node_key_free(k)
+ return self.__modify(addr, mask, self.protocol[proto], serange, ctype)
2013-02-08 14:44:20 +00:00
(rc, node) = semanage_node_create(self.sh)
if rc < 0:
@@ -1475,7 +1478,8 @@ class interfaceRecords(semanageRecords):
if rc < 0:
raise ValueError(_("Could not check if interface %s is defined") % interface)
if exists:
- raise ValueError(_("Interface %s already defined") % interface)
+ semanage_iface_key_free(k)
+ return self.__modify(interface, serange, ctype)
2013-02-08 14:44:20 +00:00
(rc, iface) = semanage_iface_create(self.sh)
if rc < 0:
@@ -1640,11 +1644,12 @@ class interfaceRecords(semanageRecords):
print "%-30s %s:%s:%s " % (k,ddict[k][0], ddict[k][1],ddict[k][2])
class fcontextRecords(semanageRecords):
+ valid_types = ["<<none>>"]
try:
- valid_types = sepolicy.info(sepolicy.ATTRIBUTE,"file_type")[0]["types"]
+ valid_types += sepolicy.info(sepolicy.ATTRIBUTE,"file_type")[0]["types"]
valid_types += sepolicy.info(sepolicy.ATTRIBUTE,"device_node")[0]["types"]
except RuntimeError:
- valid_types = []
+ pass
def __init__(self, store = ""):
semanageRecords.__init__(self, store)
@@ -1777,7 +1782,8 @@ class fcontextRecords(semanageRecords):
2013-02-08 14:44:20 +00:00
raise ValueError(_("Could not check if file context for %s is defined") % target)
2013-02-08 14:44:20 +00:00
if exists:
- raise ValueError(_("File context for %s already defined") % target)
+ semanage_fcontext_key_free(k)
+ return self.__modify(target, type, ftype, serange, seuser)
2013-02-08 14:44:20 +00:00
(rc, fcontext) = semanage_fcontext_create(self.sh)
if rc < 0:
@@ -2026,6 +2032,9 @@ class booleanRecords(semanageRecords):
self.modify_local = False
def __mod(self, name, value):
+ if not value:
+ raise ValueError(_("Value Required for %s") % name)
+
name = selinux.selinux_boolean_sub(name)
(rc, k) = semanage_bool_key_create(self.sh, name)
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/semodule/Makefile b/policycoreutils/semodule/Makefile
index 4c5243a..036c418 100644
2013-02-08 14:44:20 +00:00
--- a/policycoreutils/semodule/Makefile
+++ b/policycoreutils/semodule/Makefile
@@ -11,7 +11,7 @@ LDLIBS = -lsepol -lselinux -lsemanage -L$(LIBDIR)
SEMODULE_OBJS = semodule.o
.PHONY: all semodule_path
-all: semodule semodule_path
+all: semodule semodule_path genhomedircon
semodule_path:
@echo -n $(SBINDIR) > ../scripts/semodule_path
@@ -19,11 +19,16 @@ semodule_path:
semodule: $(SEMODULE_OBJS)
$(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)
+genhomedircon:
+ ln -sf semodule genhomedircon
+
2013-02-08 14:44:20 +00:00
install: all
-mkdir -p $(SBINDIR)
install -m 755 semodule $(SBINDIR)
+ (cd $(SBINDIR); ln -sf semodule genhomedircon)
2013-02-08 14:44:20 +00:00
test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
install -m 644 semodule.8 $(MANDIR)/man8/
+ install -m 644 genhomedircon.8 $(MANDIR)/man8/
2013-02-08 14:44:20 +00:00
relabel:
2013-02-08 14:44:20 +00:00
diff --git a/policycoreutils/semodule/genhomedircon.8 b/policycoreutils/semodule/genhomedircon.8
new file mode 100644
index 0000000..8ec509c
--- /dev/null
+++ b/policycoreutils/semodule/genhomedircon.8
@@ -0,0 +1,24 @@
+.TH GENHOMEDIRCON "12" "Sep 2011" "Security Enhanced Linux" "SELinux"
+.SH NAME
+genhomedircon \- generate SELinux file context configuration entries for user home directories
+.SH SYNOPSIS
+.B genhomedircon
+is a script that executes
+.B semodule
+to rebuild the currently active SELinux policy (without reloading it) and to create the
+labels for each user home directory based on directory paths returned by calls to getpwent().
+
2013-02-08 14:44:20 +00:00
+The latter functionality depends on the "usepasswd" parameter being set to "true" (default)
+in /etc/selinux/semanage.conf.
+
+This script is usually executed by
+.B semanage
+although this default behavior can be optionally modified by setting to "true" the
+"disable-genhomedircon" in /etc/selinux/semanage.conf.
+
+.SH AUTHOR
+This manual page was written by
+.I Dan Walsh <dwalsh@redhat.com>
+
+.SH "SEE ALSO"
+semanage.conf(5), semodule(8), semanage(8), getpwent(3), getpwent_r(3)
diff --git a/policycoreutils/semodule/semodule.c b/policycoreutils/semodule/semodule.c
index 17b4fa5..6947b37 100644
--- a/policycoreutils/semodule/semodule.c
+++ b/policycoreutils/semodule/semodule.c
@@ -19,6 +19,7 @@
#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <libgen.h>
#include <semanage/modules.h>
@@ -284,8 +285,12 @@ int main(int argc, char *argv[])
int i, commit = 0;
int result;
int status = EXIT_FAILURE;
-
+ char *genhomedirconargv[] = { "genhomedircon", "-B", "-n" };
create_signal_handlers();
+ if (strcmp(basename(argv[0]), "genhomedircon") == 0) {
+ argc = 3;
+ argv=genhomedirconargv;
+ }
parse_command_line(argc, argv);
if (build)
diff --git a/policycoreutils/semodule_package/semodule_unpackage.8 b/policycoreutils/semodule_package/semodule_unpackage.8
index 62dd53e..d6e1be0 100644
--- a/policycoreutils/semodule_package/semodule_unpackage.8
+++ b/policycoreutils/semodule_package/semodule_unpackage.8
@@ -1,6 +1,6 @@
.TH SEMODULE_PACKAGE "8" "Nov 2005" "Security Enhanced Linux" NSA
.SH NAME
-semodule_unpackage \- Extract polciy module and file context file from an SELinux policy module unpackage.
+semodule_unpackage \- Extract policy module and file context file from an SELinux policy module unpackage.
.SH SYNOPSIS
.B semodule_unpackage <module> [<file contexts>]
diff --git a/policycoreutils/sepolicy/Makefile b/policycoreutils/sepolicy/Makefile
index 11b534f..ae064c4 100644
--- a/policycoreutils/sepolicy/Makefile
+++ b/policycoreutils/sepolicy/Makefile
@@ -7,7 +7,7 @@ SBINDIR ?= $(PREFIX)/sbin
MANDIR ?= $(PREFIX)/share/man
LOCALEDIR ?= /usr/share/locale
PYTHON ?= /usr/bin/python
-BASHCOMPLETIONDIR ?= $(DESTDIR)/etc/bash_completion.d/
+BASHCOMPLETIONDIR ?= $(DESTDIR)/usr/share/bash-completion/completions
SHAREDIR ?= $(PREFIX)/share/sandbox
override CFLAGS = $(LDFLAGS) -I$(PREFIX)/include -DPACKAGE="policycoreutils" -Wall -Werror -Wextra -W -DSHARED -shared
@@ -22,11 +22,15 @@ clean:
$(PYTHON) setup.py clean
-rm -rf build *~ \#* *pyc .#*
+sepolgen:
+ ln -sf sepolicy sepolgen
+
install:
$(PYTHON) setup.py install `test -n "$(DESTDIR)" && echo --root $(DESTDIR)`
[ -d $(BINDIR) ] || mkdir -p $(BINDIR)
install -m 755 sepolicy.py $(BINDIR)/sepolicy
+ (cd $(BINDIR); ln -sf sepolicy sepolgen)
-mkdir -p $(MANDIR)/man8
install -m 644 *.8 $(MANDIR)/man8
-mkdir -p $(BASHCOMPLETIONDIR)
- install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)
+ install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)/sepolicy
diff --git a/policycoreutils/sepolicy/info.c b/policycoreutils/sepolicy/info.c
index 65458e6..b6244be 100644
--- a/policycoreutils/sepolicy/info.c
+++ b/policycoreutils/sepolicy/info.c
@@ -78,6 +78,58 @@ static int py_insert_bool(PyObject *dict, const char *name, int value)
}
/**
+ * Get the alias of a type.
+ *
+ * @param fp Reference to a file to which to get type information
+ * @param type_datum Reference to sepol type_datum
+ * @param policydb Reference to a policy
+ * attributes
+ */
+static PyObject* get_type_aliases(const qpol_type_t * type_datum, const apol_policy_t * policydb)
+{
+ qpol_iterator_t *iter = NULL;
+ size_t alias_size;
+ unsigned char isattr, isalias;
+ const char *type_name = NULL;
+ const char *alias_name;
+ int error = 0;
+ qpol_policy_t *q = apol_policy_get_qpol(policydb);
+ PyObject *list = PyList_New(0);
+ if (!list) goto err;
+
+ if (qpol_type_get_name(q, type_datum, &type_name))
+ goto cleanup;
+ if (qpol_type_get_isattr(q, type_datum, &isattr))
+ goto cleanup;
+ if (qpol_type_get_isalias(q, type_datum, &isalias))
+ goto cleanup;
+
+ if (qpol_type_get_alias_iter(q, type_datum, &iter))
+ goto cleanup;
+ if (qpol_iterator_get_size(iter, &alias_size))
+ goto cleanup;
+ if (alias_size > 0) {
+ for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
+ if (qpol_iterator_get_item(iter, (void **)&alias_name))
+ goto err;
+ if (py_append_string(list, alias_name))
+ goto err;
+ }
+ }
+ goto cleanup;
+
+err:
+ error = errno;
+ PyErr_SetString(PyExc_RuntimeError,strerror(errno));
+ py_decref(list); list = NULL;
+
+cleanup:
+ qpol_iterator_destroy(&iter);
+ errno = error;
+ return list;
+}
+
+/**
* Gets a textual representation of an attribute, and
* all of that attribute's types.
*
@@ -295,6 +347,11 @@ static PyObject* get_type( const qpol_type_t * type_datum, const apol_policy_t *
Py_DECREF(obj);
if (rt) goto err;
}
+
+ obj = get_type_aliases(type_datum, policydb);
+ rt = py_insert_obj(dict, "aliases", obj);
+ Py_DECREF(obj);
+ if (rt) goto err;
goto cleanup;
err:
diff --git a/policycoreutils/sepolicy/policy.c b/policycoreutils/sepolicy/policy.c
index 4eca22d..eeee0ab 100644
--- a/policycoreutils/sepolicy/policy.c
+++ b/policycoreutils/sepolicy/policy.c
@@ -66,7 +66,6 @@ PyObject *wrap_policy(PyObject *UNUSED(self), PyObject *args){
}
apol_vector_destroy(&mod_paths);
- policy_load_options |= QPOL_POLICY_OPTION_MATCH_SYSTEM;
policy = apol_policy_create_from_policy_path(pol_path, policy_load_options, NULL, NULL);
apol_policy_path_destroy(&pol_path);
if (!policy) {
diff --git a/policycoreutils/sepolicy/sepolgen.8 b/policycoreutils/sepolicy/sepolgen.8
new file mode 100644
index 0000000..3ecf3eb
--- /dev/null
+++ b/policycoreutils/sepolicy/sepolgen.8
@@ -0,0 +1 @@
+.so man8/sepolicy-generate.8
diff --git a/policycoreutils/sepolicy/sepolicy-bash-completion.sh b/policycoreutils/sepolicy/sepolicy-bash-completion.sh
index 82fea52..c969e0d 100644
--- a/policycoreutils/sepolicy/sepolicy-bash-completion.sh
+++ b/policycoreutils/sepolicy/sepolicy-bash-completion.sh
@@ -81,7 +81,7 @@ _sepolicy () {
[communicate]='-h --help -s --source -t --target -c --class -S --sourceaccess -T --targetaccess'
[generate]='-a --admin --admin_user --application --cgi --confined_admin --customize -d --domain --dbus --desktop_user -h --help --inetd --init -n --name --newtype -p --path --sandbox -T --test --term_user -u --user -w --writepath --x_user'
[interface]='-h --help -a --list_admin" -u --list_user -l --list'
- [manpage]='-h --help -p --path -a -all -o --os -d --domain -w --web'
+ [manpage]='-h --help -p --path -a -all -o --os -d --domain -w --web -r --root'
[network]='-h --help -d --domain -l --list -p --port -t --type '
[transition]='-h --help -s --source -t --target'
)
@@ -130,9 +130,6 @@ _sepolicy () {
COMPREPLY=( $( compgen -d -- "$cur") )
compopt -o filenames
return 0
- elif [ "$prev" = "--type" -o "$prev" = "-t" ]; then
- COMPREPLY=( $(compgen -W '0 1 2 3 4 5 6 7 8 9 10 11' -- "$cur") )
- return 0
elif [ "$prev" = "--domain" -o "$prev" = "-d" ]; then
COMPREPLY=( $(compgen -W "$( __get_all_domain_types ) " -- "$cur") )
return 0
@@ -140,7 +137,7 @@ _sepolicy () {
COMPREPLY=( $(compgen -W "$( __get_all_admin_interaces ) " -- "$cur") )
return 0
elif [ "$prev" = "--user" -o "$prev" = "-u" ]; then
- COMPREPLY=( $(compgen -W "$( __get_all_users ) " -- "$cur") )
+ COMPREPLY=( $(compgen -W "$( __get_all_users )" -- "$cur") )
return 0
elif [[ "$cur" == "$verb" || "$cur" == "" || "$cur" == -* ]]; then
COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") )
@@ -156,6 +153,10 @@ _sepolicy () {
if [ "$prev" = "-d" -o "$prev" = "--domain" ]; then
COMPREPLY=( $(compgen -W "$( __get_all_domains ) " -- "$cur") )
return 0
+ elif test "$prev" = "-r" || test "$prev" = "--root" ; then
+ COMPREPLY=( $( compgen -d -- "$cur") )
+ compopt -o filenames
+ return 0
elif [ "$prev" = "-o" -o "$prev" = "--os" ]; then
return 0
elif test "$prev" = "-p" || test "$prev" = "--path" ; then
@@ -167,11 +168,11 @@ _sepolicy () {
return 0
elif [ "$verb" = "network" ]; then
if [ "$prev" = "-t" -o "$prev" = "--type" ]; then
- COMPREPLY=( $(compgen -W "$( __get_all_port_types ) " -- "$cur") )
+ COMPREPLY=( $(compgen -W "$( __get_all_port_types )" -- "$cur") )
return 0
fi
if [ "$prev" = "-d" -o "$prev" = "--domain" ]; then
- COMPREPLY=( $(compgen -W "$( __get_all_domain_types ) " -- "$cur") )
+ COMPREPLY=( $(compgen -W "$( __get_all_domain_types )" -- "$cur") )
return 0
fi
COMPREPLY=( $(compgen -W '${OPTS[$verb]}' -- "$cur") )
diff --git a/policycoreutils/sepolicy/sepolicy-generate.8 b/policycoreutils/sepolicy/sepolicy-generate.8
index fb84af6..c2fa601 100644
--- a/policycoreutils/sepolicy/sepolicy-generate.8
+++ b/policycoreutils/sepolicy/sepolicy-generate.8
@@ -8,12 +8,18 @@ sepolicy-generate \- Generate an initial SELinux policy module template.
.B sepolicy generate [\-h] [\-d DOMAIN] [\-u USER] [\-w WRITE_PATH ] [\-a ADMIN_DOMAIN] [\-n NAME] [\-p PATH] [\-\-admin_user | \-\-application | \-\-cgi | \-\-confined_admin | \-\-customize | \-\-dbus | \-\-desktop_user | \-\-inetd | \-\-newtype | \-\-init | \-\-sandbox | \-\-term_user | \-\-x_user]
.SH "DESCRIPTION"
-Use sepolicy generate to generate an SELinux policy Module. sepolicy generate will generate 4 files.
+Use \fBsepolicy generate\fP to generate an SELinux policy Module. \fBsepolicy generate\fP will create 5 files.
+
+If you specify a binary path, \fBsepolicy generate\fP will use the rpm payload of the binary along with \fBnm -D BINARY\fP to discover types and policy rules to generate these template files.
+
.B Type Enforcing File NAME.te
.br
This file can be used to define all the types rules for a particular domain.
+.I Note:
+Policy generated by \fBsepolicy generate\fP will automatically add a permissive DOMAIN to your te file. When you are satisfied that your policy works, you need to remove the permissive line from the te file to run your domain in enforcing mode.
+
.B Interface File NAME.if
.br
This file defines the interfaces for the types generated in the te file, which can be used by other policy domains.
@@ -25,7 +31,7 @@ file paths to the types. Tools like restorecon and RPM will use these paths to
.B RPM Spec File NAME_selinux.spec
.br
-This file is an RPM SPEC file that can be used to install the SELinux policy on to machines and setup the labeling. The spec file also installs the interface file and a man page describing the policy. You can use sepolicy manpage -d NAME to generate the man page.
+This file is an RPM SPEC file that can be used to install the SELinux policy on to machines and setup the labeling. The spec file also installs the interface file and a man page describing the policy. You can use \fBsepolicy manpage -d NAME\fP to generate the man page.
.B Shell File NAME.sh
.br
diff --git a/policycoreutils/sepolicy/sepolicy-manpage.8 b/policycoreutils/sepolicy/sepolicy-manpage.8
index b6abdf5..c05c943 100644
--- a/policycoreutils/sepolicy/sepolicy-manpage.8
+++ b/policycoreutils/sepolicy/sepolicy-manpage.8
@@ -5,7 +5,7 @@ sepolicy-manpage \- Generate a man page based on the installed SELinux Policy
.SH "SYNOPSIS"
.br
-.B sepolicy manpage [\-w] [\-h] [\-p PATH ] [\-a | \-d ]
+.B sepolicy manpage [\-w] [\-h] [\-p PATH ] [\-r ROOTDIR ] [\-a | \-d ]
.SH "DESCRIPTION"
Use sepolicy manpage to generate manpages based on SELinux Policy.
@@ -24,6 +24,9 @@ Display help message
.I \-p, \-\-path
Specify the directory to store the created man pages. (Default to /tmp)
.TP
+.I \-r, \-\-root
+Specify alternate root directory to generate man pages from. (Default to /)
+.TP
.I \-w, \-\-web
Generate an additional HTML man pages for the specified domain(s).
diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
index b25d3b2..7443ae0 100755
--- a/policycoreutils/sepolicy/sepolicy.py
+++ b/policycoreutils/sepolicy/sepolicy.py
@@ -22,6 +22,8 @@
#
#
import os, sys
+import selinux
+import sepolicy
from sepolicy import get_os_version
import argparse
import gettext
@@ -37,6 +39,9 @@ except IOError:
import __builtin__
__builtin__.__dict__['_'] = unicode
+usage = "sepolicy generate [-h] [-n NAME] [-p PATH] [-w [WRITEPATHS [WRITEPATHS ...]]] ["
+usage_dict = {' --newtype':('-t [TYPES [TYPES ...]]',),' --customize':('-d DOMAIN','-a ADMIN_DOMAIN',), ' --admin_user':('-a ADMIN_DOMAIN',), ' --application':('COMMAND',), ' --cgi':('COMMAND',), ' --confined_admin':('-a ADMIN_DOMAIN',), ' --dbus':('COMMAND',), ' --desktop_user':('',),' --inetd':('COMMAND',),' --init':('COMMAND',), ' --sandbox':('',), ' --term_user':('',), ' --x_user':('',)}
+
class CheckPath(argparse.Action):
def __call__(self, parser, namespace, values, option_string=None):
if not os.path.exists(values):
@@ -45,7 +50,7 @@ class CheckPath(argparse.Action):
class CheckType(argparse.Action):
def __call__(self, parser, namespace, values, option_string=None):
- from sepolicy.network import domains
+ domains = sepolicy.get_all_domains()
if isinstance(values,str):
setattr(namespace, self.dest, values)
@@ -58,9 +63,30 @@ class CheckType(argparse.Action):
newval.append(v)
setattr(namespace, self.dest, newval)
+class CheckBoolean(argparse.Action):
+ def __call__(self, parser, namespace, values, option_string=None):
+ booleans = sepolicy.get_all_booleans()
+ newval = getattr(namespace, self.dest)
+ if not newval:
+ newval = []
+
+ if isinstance(values,str):
+ v = selinux.selinux_boolean_sub(values)
+ if v not in booleans:
+ raise ValueError("%s must be an SELinux process domain:\nValid domains: %s" % (v, ", ".join(booleans)))
+ newval.append(v)
+ setattr(namespace, self.dest, newval)
+ else:
+ for value in values:
+ v = selinux.selinux_boolean_sub(value)
+ if v not in booleans:
+ raise ValueError("%s must be an SELinux boolean:\nValid boolean: %s" % (v, ", ".join(booleans)))
+ newval.append(v)
+ setattr(namespace, self.dest, newval)
+
class CheckDomain(argparse.Action):
def __call__(self, parser, namespace, values, option_string=None):
- from sepolicy.network import domains
+ domains = sepolicy.get_all_domains()
if isinstance(values,str):
if values not in domains:
@@ -80,7 +106,6 @@ class CheckDomain(argparse.Action):
all_classes = None
class CheckClass(argparse.Action):
def __call__(self, parser, namespace, values, option_string=None):
- import sepolicy
global all_classes
if not all_classes:
all_classes = map(lambda x: x['name'], sepolicy.info(sepolicy.TCLASS))
@@ -114,7 +139,7 @@ class CheckPort(argparse.Action):
class CheckPortType(argparse.Action):
def __call__(self, parser, namespace, values, option_string=None):
- from sepolicy.network import port_types
+ port_types = sepolicy.get_all_port_types()
newval = getattr(namespace, self.dest)
if not newval:
newval = []
@@ -140,19 +165,30 @@ class CheckPolicyType(argparse.Action):
class CheckUser(argparse.Action):
def __call__(self, parser, namespace, value, option_string=None):
- from sepolicy import get_all_users
newval = getattr(namespace, self.dest)
if not newval:
newval = []
- users = get_all_users()
+ users = sepolicy.get_all_users()
if value not in users:
raise ValueError("%s must be an SELinux user:\nValid users: %s" % (value, ", ".join(users)))
newval.append(value)
setattr(namespace, self.dest, newval)
+def generate_custom_usage(usage_text,usage_dict):
+ sorted_keys = []
+ for i in usage_dict.keys():
+ sorted_keys.append(i)
+ sorted_keys.sort()
+ for k in sorted_keys:
+ usage_text += "%s %s |" % (k,(" ".join(usage_dict[k])))
+ usage_text = usage_text[:-1] + "]"
+ usage_text = _(usage_text)
+
+ return usage_text
+
def _print_net(src, protocol, perm):
- from sepolicy.network import get_network_connect
- portdict = get_network_connect(src, protocol, perm)
+ import sepolicy.network
+ portdict = sepolicy.network.get_network_connect(src, protocol, perm)
if len(portdict) > 0:
print "%s: %s %s" % (src, protocol, perm)
for p in portdict:
@@ -160,7 +196,7 @@ def _print_net(src, protocol, perm):
print "\t" + recs
def network(args):
- from sepolicy.network import portrecsbynum, portrecs, get_network_connect
+ portrecs, portrecsbynum = sepolicy.gen_port_dict()
if args.list_ports:
all_ports = []
for i in portrecs:
@@ -201,41 +237,41 @@ def manpage(args):
from sepolicy.manpage import ManPage, HTMLManPages, manpage_domains, manpage_roles, gen_domains
path = args.path
- if args.policy:
- for f in ( "policy.xml", "file_context", "file_context.homedirs"):
- if not os.path.exists(path + f):
- raise ValueError("manpage creation with alternate policy requires the %s file exist" % (path + f))
-
+ if not args.policy and args.root != "/":
+ sepolicy.policy(sepolicy.get_installed_policy(args.root))
+
if args.all:
test_domains = gen_domains()
else:
test_domains = args.domain
for domain in test_domains:
- m = ManPage(domain, path, args.web)
+ m = ManPage(domain, path, args.root, args.web)
print m.get_man_page_path()
if args.web:
HTMLManPages(manpage_roles, manpage_domains, path, args.os)
def gen_manpage_args(parser):
- man = parser.add_parser("manpage",
- help=_('Generate SELinux man pages'))
-
- man.add_argument("-p", "--path", dest="path", default="/tmp",
- help=_("path in which the generated SELinux man pages will be stored"))
- man.add_argument("-o", "--os", dest="os", default=get_os_version(),
- help=_("name of the OS for man pages"))
- man.add_argument("-w", "--web", dest="web", default=False, action="store_true",
- help=_("Generate HTML man pages structure for selected SELinux man page"))
- group = man.add_mutually_exclusive_group(required=True)
- group.add_argument("-a", "--all", dest="all", default=False,
- action="store_true",
- help=_("All domains"))
- group.add_argument("-d", "--domain", nargs="+",
- action=CheckDomain,
- help=_("Domain name(s) of man pages to be created"))
- man.set_defaults(func=manpage)
+ man = parser.add_parser("manpage",
+ help=_('Generate SELinux man pages'))
+
+ man.add_argument("-p", "--path", dest="path", default="/tmp",
+ help=_("path in which the generated SELinux man pages will be stored"))
+ man.add_argument("-o", "--os", dest="os", default=get_os_version(),
+ help=_("name of the OS for man pages"))
+ man.add_argument("-w", "--web", dest="web", default=False, action="store_true",
+ help=_("Generate HTML man pages structure for selected SELinux man page"))
+ man.add_argument("-r", "--root", dest="root", default="/",
+ help=_("Alternate root directory, defaults to /"))
+ group = man.add_mutually_exclusive_group(required=True)
+ group.add_argument("-a", "--all", dest="all", default=False,
+ action="store_true",
+ help=_("All domains"))
+ group.add_argument("-d", "--domain", nargs="+",
+ action=CheckDomain,
+ help=_("Domain name(s) of man pages to be created"))
+ man.set_defaults(func=manpage)
def gen_network_args(parser):
net = parser.add_parser("network",
@@ -283,7 +319,6 @@ def gen_communicate_args(parser):
comm.set_defaults(func=communicate)
def booleans(args):
- import selinux
from sepolicy import boolean_desc
if args.all:
rc, args.booleans = selinux.security_get_boolean_names()
@@ -300,6 +335,7 @@ def gen_booleans_args(parser):
action="store_true",
help=_("get all booleans descriptions"))
group.add_argument("-b", "--boolean", dest="booleans", nargs="+",
+ action=CheckBoolean, required=False,
help=_("boolean to get description"))
bools.set_defaults(func=booleans)
@@ -320,7 +356,7 @@ def gen_transition_args(parser):
2013-03-01 19:18:15 +00:00
trans.set_defaults(func=transition)
def interface(args):
- from sepolicy.interface import get_admin, get, get_user
+ from sepolicy.interface import get_admin, get_user
if args.list_admin:
for a in get_admin():
print a
@@ -328,13 +364,25 @@ def interface(args):
2013-03-01 19:18:15 +00:00
for a in get_user():
print a
if args.list:
- for m in get():
+ for m in sepolicy.get_methods():
print m
def generate(args):
- from sepolicy.generate import policy, USERS, SANDBOX, APPLICATIONS, NEWTYPE
+ from sepolicy.generate import policy, AUSER, RUSER, EUSER, USERS, SANDBOX, APPLICATIONS, NEWTYPE
cmd = None
- if args.policytype not in USERS + [ SANDBOX, NEWTYPE]:
+# numbers present POLTYPE defined in sepolicy.generate
+ conflict_args = {'TYPES':(NEWTYPE,), 'DOMAIN':(EUSER,), 'ADMIN_DOMAIN':(AUSER, RUSER, EUSER,)}
+ error_text = ""
+
+ if args.policytype is None:
+ generate_usage = generate_custom_usage(usage, usage_dict)
+ for k in usage_dict:
+ error_text += "%s" % (k)
+ print(generate_usage)
+ print(_("sepolicy generate: error: one of the arguments %s is required") % error_text)
+ sys.exit(1)
+
+ if args.policytype in APPLICATIONS:
if not args.command:
raise ValueError(_("Command required for this type of policy"))
cmd = os.path.realpath(args.command)
@@ -346,8 +394,18 @@ def generate(args):
mypolicy.set_program(cmd)
if args.types:
+ if args.policytype not in conflict_args['TYPES']:
+ raise ValueError(_("-t option can not be used with this option. Read usage for more details."))
mypolicy.set_types(args.types)
+ if args.domain:
+ if args.policytype not in conflict_args['DOMAIN']:
+ raise ValueError(_("-d option can not be used with this option. Read usage for more details."))
+
+ if args.admin_domain:
+ if args.policytype not in conflict_args['ADMIN_DOMAIN']:
+ raise ValueError(_("-a option can not be used with this option. Read usage for more details."))
+
for p in args.writepaths:
if os.path.isdir(p):
mypolicy.add_dir(p)
@@ -368,10 +426,10 @@ def gen_interface_args(parser):
2013-03-01 19:18:15 +00:00
help=_('List SELinux Policy interfaces'))
group = itf.add_mutually_exclusive_group(required=True)
group.add_argument("-a", "--list_admin", dest="list_admin",action="store_true", default=False,
- help="List all domains with admin interface")
+ help="List all domains with admin interface - DOMAIN_admin()")
group.add_argument("-u", "--list_user", dest="list_user",action="store_true",
default=False,
- help="List all domains with SELinux user role interface")
+ help="List all domains with SELinux user role interface - DOMAIN_role()")
group.add_argument("-l", "--list", dest="list",action="store_true",
default=False,
help="List all interfaces")
@@ -379,7 +437,10 @@ def gen_interface_args(parser):
def gen_generate_args(parser):
from sepolicy.generate import DAEMON, get_poltype_desc, poltype, DAEMON, DBUS, INETD, CGI, SANDBOX, USER, EUSER, TUSER, XUSER, LUSER, AUSER, RUSER, NEWTYPE
- pol = parser.add_parser("generate",
+
+ generate_usage = generate_custom_usage(usage, usage_dict)
+
+ pol = parser.add_parser("generate", usage = generate_usage,
help=_('Generate SELinux Policy module template'))
pol.add_argument("-d", "--domain", dest="domain", default=[],
action=CheckDomain, nargs="*",
@@ -397,53 +458,57 @@ def gen_generate_args(parser):
help=argparse.SUPPRESS)
pol.add_argument("-t", "--type", dest="types", default=[], nargs="*",
action=CheckType,
- help=argparse.SUPPRESS)
+ help="Enter type(s) for which you will generate new definition and rule(s)")
pol.add_argument("-p", "--path", dest="path", default=os.getcwd(),
help=_("path in which the generated policy files will be stored"))
pol.add_argument("-w", "--writepath", dest="writepaths", nargs="*", default = [],
help=_("path to which the confined processes will need to write"))
- pol.add_argument("command",nargs="?", default=None,
- help=_("executable to confine"))
- group = pol.add_mutually_exclusive_group(required=False)
- group.add_argument("--newtype", dest="policytype", const=NEWTYPE,
+ cmdtype = pol.add_argument_group(_("Policy types which require a command"))
+ cmdgroup = cmdtype.add_mutually_exclusive_group(required=False)
+ cmdgroup.add_argument("--application", dest="policytype", const=USER,
action="store_const",
- help=_("Generate Policy for %s") % poltype[NEWTYPE])
- group.add_argument("--admin_user", dest="policytype", const=AUSER,
+ help=_("Generate '%s' policy") % poltype[USER])
+ cmdgroup.add_argument("--cgi", dest="policytype", const=CGI,
action="store_const",
- help=_("Generate Policy for %s") % poltype[AUSER])
- group.add_argument("--application", dest="policytype", const=USER,
+ help=_("Generate '%s' policy") % poltype[CGI])
+ cmdgroup.add_argument("--dbus", dest="policytype", const=DBUS,
action="store_const",
- help=_("Generate Policy for %s") % poltype[USER])
- group.add_argument("--cgi", dest="policytype", const=CGI,
+ help=_("Generate '%s' policy") % poltype[DBUS])
+ cmdgroup.add_argument("--inetd", dest="policytype", const=INETD,
action="store_const",
- help=_("Generate Policy for %s") % poltype[CGI])
+ help=_("Generate '%s' policy") % poltype[INETD])
+ cmdgroup.add_argument("--init", dest="policytype", const=DAEMON,
+ action="store_const", default=DAEMON,
+ help=_("Generate '%s' policy") % poltype[DAEMON])
+
+ type = pol.add_argument_group("Policy types which do not require a command")
+ group = type.add_mutually_exclusive_group(required=False)
+ group.add_argument("--admin_user", dest="policytype", const=AUSER,
+ action="store_const",
+ help=_("Generate '%s' policy") % poltype[AUSER])
group.add_argument("--confined_admin", dest="policytype", const=RUSER,
action="store_const",
- help=_("Generate Policy for %s") % poltype[RUSER])
+ help=_("Generate '%s' policy") % poltype[RUSER])
group.add_argument("--customize", dest="policytype", const=EUSER,
action="store_const",
- help=_("Generate Policy for %s") % poltype[EUSER])
- group.add_argument("--dbus", dest="policytype", const=DBUS,
- action="store_const",
- help=_("Generate Policy for %s") % poltype[DBUS])
+ help=_("Generate '%s' policy") % poltype[EUSER])
group.add_argument("--desktop_user", dest="policytype", const=LUSER,
action="store_const",
- help=_("Generate Policy for %s") % poltype[LUSER])
- group.add_argument("--inetd", dest="policytype", const=INETD,
+ help=_("Generate '%s' policy ") % poltype[LUSER])
+ group.add_argument("--newtype", dest="policytype", const=NEWTYPE,
action="store_const",
- help=_("Generate Policy for %s") % poltype[INETD])
- group.add_argument("--init", dest="policytype", const=DAEMON,
- action="store_const", default=DAEMON,
- help=_("Generate Policy for %s") % poltype[DAEMON])
+ help=_("Generate '%s' policy") % poltype[NEWTYPE])
group.add_argument("--sandbox", dest="policytype", const=SANDBOX,
action="store_const",
- help=_("Generate Policy for %s") % poltype[SANDBOX])
+ help=_("Generate '%s' policy") % poltype[SANDBOX])
group.add_argument("--term_user", dest="policytype", const=TUSER,
action="store_const",
- help=_("Generate Policy for %s") % poltype[TUSER])
+ help=_("Generate '%s' policy") % poltype[TUSER])
group.add_argument("--x_user", dest="policytype", const=XUSER,
action="store_const",
- help=_("Generate Policy for %s") % poltype[XUSER])
+ help=_("Generate '%s' policy") % poltype[XUSER])
+ pol.add_argument("command",nargs="?", default=None,
+ help=_("executable to confine"))
pol.set_defaults(func=generate)
if __name__ == '__main__':
@@ -461,7 +526,10 @@ if __name__ == '__main__':
gen_transition_args(subparsers)
try:
- args = parser.parse_args()
+ if os.path.basename(sys.argv[0]) == "sepolgen":
+ args = parser.parse_args([ "generate" ] + sys.argv[1:])
+ else:
+ args = parser.parse_args()
args.func(args)
sys.exit(0)
except ValueError,e:
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
index 5e7415c..5267ed9 100644
--- a/policycoreutils/sepolicy/sepolicy/__init__.py
+++ b/policycoreutils/sepolicy/sepolicy/__init__.py
2013-03-01 19:18:15 +00:00
@@ -7,6 +7,9 @@ import _policy
import selinux, glob
PROGNAME="policycoreutils"
import gettext
+import sepolgen.defaults as defaults
+import sepolgen.interfaces as interfaces
+import sys
gettext.bindtextdomain(PROGNAME, "/usr/share/locale")
gettext.textdomain(PROGNAME)
try:
@@ -37,9 +40,30 @@ CLASS = 'class'
TRANSITION = 'transition'
ROLE_ALLOW = 'role_allow'
-def __get_installed_policy():
+def info(setype, name=None):
+ dict_list = _policy.info(setype, name)
+ return dict_list
+
+def search(types, info = {} ):
+ valid_types = [ALLOW, AUDITALLOW, NEVERALLOW, DONTAUDIT, TRANSITION, ROLE_ALLOW]
+ for type in types:
+ if type not in valid_types:
+ raise ValueError("Type has to be in %s" % valid_types)
+ info[type] = True
+
+ perms = []
+ if PERMS in info:
+ perms = info[PERMS]
+ info[PERMS] = ",".join(info[PERMS])
+
+ dict_list = _policy.search(info)
+ if dict_list and len(perms) != 0:
+ dict_list = filter(lambda x: _dict_has_perms(x, perms), dict_list)
+ return dict_list
+
+def get_installed_policy(root = "/"):
try:
- path = selinux.selinux_binary_policy_path()
+ path = root + selinux.selinux_binary_policy_path()
policies = glob.glob ("%s.*" % path )
policies.sort()
return policies[-1]
2013-03-01 19:18:15 +00:00
@@ -47,6 +71,26 @@ def __get_installed_policy():
pass
raise ValueError(_("No SELinux Policy installed"))
+methods = []
+def get_methods():
+ global methods
+ if len(methods) > 0:
+ return methods
+ fn = defaults.interface_info()
+ try:
+ fd = open(fn)
+ # List of per_role_template interfaces
+ ifs = interfaces.InterfaceSet()
+ ifs.from_file(fd)
+ methods = ifs.interfaces.keys()
+ fd.close()
+ except:
+ sys.stderr.write("could not open interface info [%s]\n" % fn)
+ sys.exit(1)
2013-03-01 19:18:15 +00:00
+
+ methods.sort()
+ return methods
+
all_types = None
def get_all_types():
global all_types
2013-03-01 19:18:15 +00:00
@@ -54,6 +98,13 @@ def get_all_types():
all_types = map(lambda x: x['name'], info(TYPE))
return all_types
+user_types = None
+def get_user_types():
+ global user_types
+ if user_types == None:
+ user_types = info(ATTRIBUTE,"userdomain")[0]["types"]
+ return user_types
+
role_allows = None
def get_all_role_allows():
global role_allows
2013-03-01 19:18:15 +00:00
@@ -71,6 +122,7 @@ def get_all_role_allows():
return role_allows
def get_all_entrypoint_domains():
+ import re
all_domains = []
types=get_all_types()
types.sort()
2013-03-01 19:18:15 +00:00
@@ -81,11 +133,35 @@ def get_all_entrypoint_domains():
all_domains.append(m[0])
return all_domains
+portrecs = None
+portrecsbynum = None
+
+def gen_port_dict():
+ global portrecs
+ global portrecsbynum
+ if portrecs:
+ return ( portrecs, portrecsbynum )
+ portrecsbynum = {}
+ portrecs = {}
+ for i in info(PORT):
+ if i['low'] == i['high']:
+ port = str(i['low'])
+ else:
+ port = "%s-%s" % (str(i['low']), str(i['high']))
+
+ if (i['type'], i['protocol']) in portrecs:
+ portrecs [(i['type'], i['protocol'])].append(port)
+ else:
+ portrecs [(i['type'], i['protocol'])] = [port]
+
+ portrecsbynum[(i['low'], i['high'],i['protocol'])] = (i['type'], i['range'])
+ return ( portrecs, portrecsbynum )
+
all_domains = None
def get_all_domains():
global all_domains
if not all_domains:
- all_domains = info(ATTRIBUTE,"domain")[0]["types"]
+ all_domains = info(ATTRIBUTE,"domain")[0]["types"]
return all_domains
roles = None
@@ -139,48 +215,48 @@ def get_all_attributes():
return all_attributes
def policy(policy_file):
+ global all_domains
+ global all_attributes
+ global bools
+ global all_types
+ global role_allows
+ global users
+ global roles
+ global file_types
+ global port_types
+ all_domains = None
+ all_attributes = None
+ bools = None
+ all_types = None
+ role_allows = None
+ users = None
+ roles = None
+ file_types = None
+ port_types = None
try:
_policy.policy(policy_file)
except:
raise ValueError(_("Failed to read %s policy file") % policy_file)
-
-policy_file = selinux.selinux_current_policy_path()
-if not policy_file:
- policy_file = __get_installed_policy()
-
try:
+ policy_file = get_installed_policy()
policy(policy_file)
except ValueError, e:
if selinux.is_selinux_enabled() == 1:
raise e
-def search(types, info = {} ):
- valid_types = [ALLOW, AUDITALLOW, NEVERALLOW, DONTAUDIT, TRANSITION, ROLE_ALLOW]
- for type in types:
- if type not in valid_types:
- raise ValueError("Type has to be in %s" % valid_types)
- info[type] = True
-
- perms = []
- if PERMS in info:
- perms = info[PERMS]
- info[PERMS] = ",".join(info[PERMS])
-
- dict_list = _policy.search(info)
- if dict_list and len(perms) != 0:
- dict_list = filter(lambda x: _dict_has_perms(x, perms), dict_list)
- return dict_list
-
def _dict_has_perms(dict, perms):
for perm in perms:
if perm not in dict[PERMS]:
return False
return True
-def info(setype, name=None):
- dict_list = _policy.info(setype, name)
- return dict_list
+booleans = None
+def get_all_booleans():
+ global booleans
+ if not booleans:
+ booleans = selinux.security_get_boolean_names()[1]
+ return booleans
booleans_dict = None
def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
index 26f8390..4739025 100644
--- a/policycoreutils/sepolicy/sepolicy/generate.py
+++ b/policycoreutils/sepolicy/sepolicy/generate.py
@@ -63,20 +63,6 @@ except IOError:
import __builtin__
__builtin__.__dict__['_'] = unicode
-user_types = sepolicy.info(sepolicy.ATTRIBUTE,"userdomain")[0]["types"]
-methods = []
-fn = defaults.interface_info()
-try:
- fd = open(fn)
- # List of per_role_template interfaces
- ifs = interfaces.InterfaceSet()
- ifs.from_file(fd)
- methods = ifs.interfaces.keys()
- fd.close()
-except:
- sys.stderr.write("could not open interface info [%s]\n" % fn)
- sys.exit(1)
-
def get_rpm_nvr_from_header(hdr):
'Given an RPM header return the package NVR as a string'
name = hdr['name']
@@ -164,7 +150,7 @@ def get_poltype_desc():
return msg
APPLICATIONS = [ DAEMON, DBUS, INETD, USER, CGI ]
-USERS = [ XUSER, TUSER, LUSER, AUSER, EUSER, RUSER]
+USERS = [ XUSER, TUSER, LUSER, AUSER, RUSER]
def verify_ports(ports):
if ports == "":
@@ -587,7 +573,7 @@ class policy:
def generate_network_action(self, protocol, action, port_name):
line = ""
method = "corenet_%s_%s_%s" % (protocol, action, port_name)
- if method in methods:
+ if method in sepolicy.get_methods():
line = "%s(%s_t)\n" % (method, self.name)
else:
line = """
@@ -765,7 +751,7 @@ allow %s_t %s_t:%s_socket name_%s;
return newte
- if self.type == RUSER:
+ if self.type == RUSER or self.type == AUSER:
newte += re.sub("TEMPLATETYPE", self.name, user.te_admin_rules)
for app in self.admin_domains:
@@ -875,6 +861,13 @@ allow %s_t %s_t:%s_socket name_%s;
if t.endswith(i):
newte += re.sub("TEMPLATETYPE", t[:-len(i)], self.DEFAULT_EXT[i].te_types)
break
+
+ if NEWTYPE and newte == "":
+ default_ext = []
+ for i in self.DEFAULT_EXT:
+ default_ext.append(i)
+ raise ValueError(_("You need to define a new type which ends with: \n %s") % "\n ".join(default_ext))
+
return newte
def generate_new_rules(self):
@@ -1014,7 +1007,7 @@ allow %s_t %s_t:%s_socket name_%s;
def generate_roles_rules(self):
newte = ""
- if self.type in ( TUSER, XUSER, AUSER, LUSER, EUSER):
+ if self.type in ( TUSER, XUSER, AUSER, LUSER ):
roles = ""
if len(self.roles) > 0:
newte += re.sub("TEMPLATETYPE", self.name, user.te_sudo_rules)
@@ -1030,14 +1023,15 @@ allow %s_t %s_t:%s_socket name_%s;
if len(self.DEFAULT_DIRS[d][1]) > 0:
# CGI scripts already have a rw_t
if self.type != CGI or d != "rw":
- newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_types)
if self.type != EUSER:
newte +="""
########################################
#
# %s local policy
-#""" % self.name
+#
+""" % self.name
newte += self.generate_capabilities()
newte += self.generate_process()
newte += self.generate_network_types()
@@ -1048,11 +1042,22 @@ allow %s_t %s_t:%s_socket name_%s;
for d in self.DEFAULT_KEYS:
if len(self.DEFAULT_DIRS[d][1]) > 0:
- newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_rules)
- for i in self.DEFAULT_DIRS[d][1]:
- if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
- newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_stream_rules)
- break
+ if self.type == EUSER:
+ newte_tmp = ""
+ for domain in self.existing_domains:
+ newte_tmp += re.sub("TEMPLATETYPE_t", domain[:-2]+"_t", self.DEFAULT_DIRS[d][2].te_rules)
+ newte += re.sub("TEMPLATETYPE_rw_t", self.name+"_rw_t", newte_tmp)
+ else:
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_rules)
+ for i in self.DEFAULT_DIRS[d][1]:
+ if os.path.exists(i) and stat.S_ISSOCK(os.stat(i)[stat.ST_MODE]):
+ if self.type == EUSER:
+ for domain in self.existing_domains:
+ newte += re.sub("TEMPLATETYPE", domain[:-2], self.DEFAULT_DIRS[d][2].te_stream_rules)
+
+ else:
+ newte += re.sub("TEMPLATETYPE", self.name, self.DEFAULT_DIRS[d][2].te_stream_rules)
+ break
newte += self.generate_tmp_rules()
newte += self.generate_network_rules()
@@ -1079,7 +1084,7 @@ allow %s_t %s_t:%s_socket name_%s;
fclist = []
if self.type in USERS + [ SANDBOX ]:
return executable.fc_user
- if self.type != NEWTYPE and not self.program:
+ if self.type not in [ EUSER, NEWTYPE ] and not self.program:
raise ValueError(_("You must enter the executable path for your confined process"))
if self.program:
@@ -1109,7 +1114,7 @@ allow %s_t %s_t:%s_socket name_%s;
def generate_user_sh(self):
newsh = ""
- if self.type not in ( TUSER, XUSER, AUSER, LUSER, EUSER):
+ if self.type not in ( TUSER, XUSER, AUSER, LUSER, RUSER):
return newsh
roles = ""
@@ -1117,13 +1122,10 @@ allow %s_t %s_t:%s_socket name_%s;
roles += " %s_r" % role
if roles != "":
roles += " system_r"
- if self.type == EUSER:
- tmp = re.sub("TEMPLATETYPE", self.name, script.eusers)
- else:
- tmp = re.sub("TEMPLATETYPE", self.name, script.users)
+ tmp = re.sub("TEMPLATETYPE", self.name, script.users)
newsh += re.sub("ROLES", roles, tmp)
- if self.type == RUSER:
+ if self.type == RUSER or self.type == AUSER:
for u in self.transition_users:
tmp = re.sub("TEMPLATETYPE", self.name, script.admin_trans)
newsh += re.sub("USER", u, tmp)
diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py
2013-03-01 19:18:15 +00:00
index 8b063ca..c9036c3 100644
--- a/policycoreutils/sepolicy/sepolicy/interface.py
+++ b/policycoreutils/sepolicy/sepolicy/interface.py
2013-03-01 19:18:15 +00:00
@@ -22,14 +22,12 @@
#
#
import re
-
-import sepolgen.interfaces as interfaces
-import sepolgen.defaults as defaults
+import sepolicy
ADMIN_TRANSITION_INTERFACE = "_admin$"
USER_TRANSITION_INTERFACE = "_role$"
-from sepolicy.generate import get_all_types
+import selinux
2013-03-01 19:18:15 +00:00
-__all__ = [ 'get', 'get_admin', 'get_user' ]
+__all__ = [ 'get_admin', 'get_user' ]
2013-03-01 19:18:15 +00:00
##
## I18N
@@ -48,24 +46,10 @@ except IOError:
import __builtin__
__builtin__.__dict__['_'] = unicode
-def get():
- """ Get all Methods """
- fn = defaults.interface_info()
- try:
- fd = open(fn)
- ifs = interfaces.InterfaceSet()
- ifs.from_file(fd)
- methods = ifs.interfaces.keys()
- fd.close()
- except:
- raise ValueError(_("could not open interface info [%s]\n") % fn)
-
- return methods
-
def get_admin():
""" Get all domains with an admin interface"""
admin_list = []
- for i in get():
+ for i in sepolicy.get_methods():
if i.endswith("_admin"):
admin_list.append(i.split("_admin")[0])
return admin_list
2013-03-01 19:18:15 +00:00
@@ -73,9 +57,9 @@ def get_admin():
def get_user():
""" Get all domains with SELinux user role interface"""
trans_list = []
- for i in get():
+ for i in sepolicy.get_methods():
m = re.findall("(.*)%s" % USER_TRANSITION_INTERFACE, i)
if len(m) > 0:
- if "%s_exec_t" % m[0] in get_all_types():
+ if "%s_exec_t" % m[0] in sepolicy.get_all_types():
trans_list.append(m[0])
return trans_list
diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
index 25062da..2747e4f 100755
--- a/policycoreutils/sepolicy/sepolicy/manpage.py
+++ b/policycoreutils/sepolicy/sepolicy/manpage.py
@@ -28,12 +28,12 @@ import string
import argparse
import selinux
import sepolicy
-from sepolicy import network, gen_bool_dict, get_all_file_types, get_all_domains, get_all_roles, get_all_users, get_all_port_types, get_all_bools, get_all_attributes, get_all_role_allows
+from sepolicy import *
import commands
import sys, os, re, time
-equiv_dict={ "smbd" : [ "samba" ], "httpd" : [ "apache" ], "virtd" : [ "virt", "libvirt" ], "named" : [ "bind" ], "fsdaemon" : [ "smartmon" ], "mdadm" : [ "raid" ] }
+equiv_dict={ "smbd" : [ "samba" ], "httpd" : [ "apache" ], "virtd" : [ "virt", "libvirt", "svirt", "svirt_tcg", "svirt_lxc_t", "svirt_lxc_net_t" ], "named" : [ "bind" ], "fsdaemon" : [ "smartmon" ], "mdadm" : [ "raid" ] }
equiv_dirs=[ "/var" ]
modules_dict = None
@@ -184,14 +184,12 @@ def get_alphabet_manpages(manpage_list):
return alphabet_manpages
def convert_manpage_to_html(html_manpage,manpage):
- fd = open(html_manpage,'w')
- rc, output = commands.getstatusoutput("man2html -r %s" % manpage)
+ rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
if rc == 0:
+ print html_manpage, " has been created"
+ fd = open(html_manpage,'w')
fd.write(output)
- else:
- fd.write("Man page does not exist")
-
- fd.close()
+ fd.close()
class HTMLManPages:
"""
@@ -416,40 +414,33 @@ class ManPage:
"""
Generate a Manpage on an SELinux domain in the specified path
"""
- all_attributes = get_all_attributes()
- all_domains = get_all_domains()
- all_bools = get_all_bools()
- all_port_types = get_all_port_types()
- all_roles = get_all_roles()
- all_users = get_all_users_info()[0]
- all_users_range = get_all_users_info()[1]
- all_file_types = get_all_file_types()
- types = _gen_types()
modules_dict = None
- domains = gen_domains()
- role_allows = get_all_role_allows()
enabled_str = ["Disabled", "Enabled"]
- def __init__(self, domainname, path = "/tmp", html = False):
+ def __init__(self, domainname, path = "/tmp", root="/", html = False):
self.html = html
- self.portrecs = network.portrecs
-
- fcpath = path + "/file_contexts"
- if os.path.exists(fcpath):
- self.fcpath = fcpath
- else:
- self.fcpath = selinux.selinux_file_context_path()
+ self.root = root
+ self.portrecs = gen_port_dict()[0]
+ self.domains = gen_domains()
+ self.all_domains = get_all_domains()
+ self.all_attributes = get_all_attributes()
+ self.all_bools = get_all_bools()
+ self.all_port_types = get_all_port_types()
+ self.all_roles = get_all_roles()
+ self.all_users = get_all_users_info()[0]
+ self.all_users_range = get_all_users_info()[1]
+ self.all_file_types = get_all_file_types()
+ self.role_allows = get_all_role_allows()
+ self.types = _gen_types()
+
+ self.fcpath = self.root + selinux.selinux_file_context_path()
self.fcdict = _gen_fcdict(self.fcpath)
if not os.path.exists(path):
os.makedirs(path)
- self.path = path
- xmlpath = path + "/policy.xml"
- if os.path.exists(xmlpath):
- self.xmlpath = xmlpath
- else:
- self.xmlpath = "/usr/share/selinux/devel/policy.xml"
+ self.path = path
+ self.xmlpath = self.root + "/usr/share/selinux/devel/policy.xml"
self.booleans_dict = gen_bool_dict(self.xmlpath)
if domainname.endswith("_t"):
@@ -459,13 +450,16 @@ class ManPage:
if self.domainname + "_t" not in self.all_domains:
raise ValueError("domain %s_t does not exist" % self.domainname)
- self.short_name = self.domainname
+ if self.domainname[-1]=='d':
+ self.short_name = self.domainname[:-1] + "_"
+ else:
+ self.short_name = self.domainname + "_"
self.type = self.domainname + "_t"
self._gen_bools()
self.man_page_path = "%s/%s_selinux.8" % (path, self.domainname)
self.fd = open(self.man_page_path, 'w')
- if domainname + "_r" in self.all_roles:
+ if self.domainname + "_r" in self.all_roles:
self.__gen_user_man_page()
if self.html:
manpage_roles.append(self.man_page_path)
@@ -483,16 +477,23 @@ class ManPage:
def _gen_bools(self):
self.bools=[]
self.domainbools=[]
- for i in map(lambda x: x['boolean'], filter(lambda x: 'boolean' in x, sepolicy.search([sepolicy.ALLOW],{'source' : self.type }))):
- for b in i:
- if not isinstance(b,tuple):
- continue
- if b[0].startswith(self.short_name):
- if b not in self.domainbools and (b[0], not b[1]) not in self.domainbools:
- self.domainbools.append(b)
- else:
- if b not in self.bools and (b[0], not b[1]) not in self.bools:
- self.bools.append(b)
+ types = [self.type]
+ if self.domainname in equiv_dict:
+ for t in equiv_dict[self.domainname]:
+ if t + "_t" in self.all_domains:
+ types.append(t+"_t")
+
+ for t in types:
+ for i in map(lambda x: x['boolean'], filter(lambda x: 'boolean' in x, sepolicy.search([sepolicy.ALLOW],{'source' : t }))):
+ for b in i:
+ if not isinstance(b,tuple):
+ continue
+ if b[0].startswith(self.short_name) or b[0].startswith(self.domainname):
+ if b not in self.domainbools and (b[0], not b[1]) not in self.domainbools:
+ self.domainbools.append(b)
+ else:
+ if b not in self.bools and (b[0], not b[1]) not in self.bools:
+ self.bools.append(b)
self.bools.sort()
self.domainbools.sort()
@@ -538,9 +539,6 @@ class ManPage:
print path
def __gen_man_page(self):
- if self.domainname[-1]=='d':
- self.short_name = self.domainname[:-1]
-
self.anon_list = []
self.attributes = {}
@@ -563,19 +561,8 @@ class ManPage:
def _get_ptypes(self):
for f in self.all_domains:
- if f.startswith(self.short_name):
- self.ptypes.append(f)
-
- def __whoami(self):
- import pwd
- fd = open("/proc/self/loginuid", "r")
- uid = int(fd.read())
- fd.close()
- pw = pwd.getpwuid(uid)
- if len(pw.pw_gecos) > 0:
- return pw.pw_gecos
- else:
- return pw.pw_name
+ if f.startswith(self.short_name) or f.startswith(self.domainname):
+ self.ptypes.append(f)
def _header(self):
self.fd.write('.TH "%(domainname)s_selinux" "8" "%(date)s" "%(domainname)s" "SELinux Policy documentation for %(domainname)s"'
@@ -774,7 +761,7 @@ can be used to make the process type %(domainname)s_t permissive. SELinux does n
def _port_types(self):
self.ports = []
for f in self.all_port_types:
- if f.startswith(self.short_name):
+ if f.startswith(self.short_name) or f.startswith(self.domainname):
self.ports.append(f)
if len(self.ports) == 0:
@@ -923,13 +910,12 @@ to apply the labels.
def _see_also(self):
ret = ""
- prefix = self.short_name.split("_")[0]
for d in self.domains:
if d == self.domainname:
continue
- if d.startswith(prefix):
+ if d.startswith(self.short_name):
ret += ", %s_selinux(8)" % d
- if self.domainname.startswith(d):
+ if d.startswith(self.domainname + "_"):
ret += ", %s_selinux(8)" % d
self.fd.write(ret)
@@ -947,13 +933,14 @@ semanage fcontext -a -t public_content_t "/var/%(domainname)s(/.*)?"
.B restorecon -F -R -v /var/%(domainname)s
.pp
.TP
-Allow %(domainname)s servers to read and write /var/tmp/incoming by adding the public_content_rw_t type to the directory and by restoring the file type. This also requires the allow_%(domainname)sd_anon_write boolean to be set.
+Allow %(domainname)s servers to read and write /var/%(domainname)s/incoming by adding the public_content_rw_t type to the directory and by restoring the file type. You also need to turn on the %(domainname)s_anon_write boolean.
.PP
.B
semanage fcontext -a -t public_content_rw_t "/var/%(domainname)s/incoming(/.*)?"
.br
.B restorecon -F -R -v /var/%(domainname)s/incoming
-
+.br
+.B setsebool -P %(domainname)s_anon_write 1
""" % {'domainname':self.domainname})
for b in self.anon_list:
desc = self.booleans_dict[b][2][0].lower() + self.booleans_dict[b][2][1:]
@@ -998,12 +985,11 @@ is a GUI tool available to customize SELinux policy settings.
.SH AUTHOR
This manual page was auto-generated using
-.B "sepolicy manpage"
-by %s.
+.B "sepolicy manpage".
.SH "SEE ALSO"
selinux(8), %s(8), semanage(8), restorecon(8), chcon(1), sepolicy(8)
-""" % (self.__whoami(), self.domainname))
+""" % (self.domainname))
if self.booltext != "":
self.fd.write(", setsebool(8)")
@@ -1230,6 +1216,7 @@ The SELinux user %s_u is not able to terminal login.
""" % self.domainname)
def _network(self):
+ from sepolicy import network
self.fd.write("""
.SH NETWORK
""")
diff --git a/policycoreutils/sepolicy/sepolicy/network.py b/policycoreutils/sepolicy/sepolicy/network.py
index 66efe26..a446d68 100755
--- a/policycoreutils/sepolicy/sepolicy/network.py
+++ b/policycoreutils/sepolicy/sepolicy/network.py
@@ -25,27 +25,6 @@ import sepolicy
search=sepolicy.search
info=sepolicy.info
-def _gen_port_dict():
- portrecsbynum = {}
- portrecs = {}
- for i in info(sepolicy.PORT):
- if i['low'] == i['high']:
- port = str(i['low'])
- else:
- port = "%s-%s" % (str(i['low']), str(i['high']))
-
- if (i['type'], i['protocol']) in portrecs:
- portrecs [(i['type'], i['protocol'])].append(port)
- else:
- portrecs [(i['type'], i['protocol'])] = [port]
-
- portrecsbynum[(i['low'], i['high'],i['protocol'])] = (i['type'], i['range'])
- return ( portrecs, portrecsbynum )
-portrecs, portrecsbynum = _gen_port_dict()
-
-port_types = sepolicy.info(sepolicy.ATTRIBUTE,"port_type")[0]["types"]
-domains = sepolicy.info(sepolicy.ATTRIBUTE,"domain")[0]["types"]
-
def get_types(src, tclass, perm):
allows=search([sepolicy.ALLOW],{sepolicy.SOURCE:src,sepolicy.CLASS:tclass, sepolicy.PERMS:perm})
nlist=[]
@@ -57,6 +36,7 @@ def get_types(src, tclass, perm):
def get_network_connect(src, protocol, perm):
+ portrecs, portrecsbynum = sepolicy.gen_port_dict()
d={}
tlist = get_types(src, "%s_socket" % protocol, [perm])
if len(tlist) > 0:
2013-02-12 21:16:02 +00:00
diff --git a/policycoreutils/setfiles/restorecon.8 b/policycoreutils/setfiles/restorecon.8
index 80b6d6e..07c5ee2 100644
--- a/policycoreutils/setfiles/restorecon.8
+++ b/policycoreutils/setfiles/restorecon.8
@@ -4,10 +4,10 @@ restorecon \- restore file(s) default SELinux security contexts.
.SH "SYNOPSIS"
.B restorecon
-.I [\-o outfilename] [\-R] [\-n] [\-p] [\-v] [\-e directory] pathname...
+.I [\-R] [\-n] [\-p] [\-v] [\-e directory] pathname...
.P
.B restorecon
-.I \-f infilename [\-o outfilename] [\-e directory] [\-R] [\-n] [\-p] [\-v] [\-F]
+.I \-f infilename [\-e directory] [\-R] [\-n] [\-p] [\-v] [\-F]
.SH "DESCRIPTION"
This manual page describes the
@@ -49,7 +49,7 @@ ignore files that do not exist.
don't change any file labels (passive check).
.TP
.B \-o outfilename
-save list of files with incorrect context in outfilename.
+Deprecated, SELinux policy will probably block this access. Use shell redirection to save list of files with incorrect context in filename.
.TP
.B \-p
show progress by printing * every STAR_COUNT files. (If you relabel the entire OS, this will show you the percentage complete.)
diff --git a/policycoreutils/setfiles/setfiles.8 b/policycoreutils/setfiles/setfiles.8
index 89d2a49..12bca43 100644
--- a/policycoreutils/setfiles/setfiles.8
+++ b/policycoreutils/setfiles/setfiles.8
@@ -4,7 +4,7 @@ setfiles \- set SELinux file security contexts.
.SH "SYNOPSIS"
.B setfiles
-.I [\-c policy] [\-d] [\-l] [\-n] [\-e directory] [\-o filename] [\-q] [\-s] [\-v] [\-W] [\-F] spec_file pathname...
+.I [\-c policy] [\-d] [\-l] [\-n] [\-e directory] [\-q] [\-s] [\-v] [\-W] [\-F] spec_file pathname...
.SH "DESCRIPTION"
This manual page describes the
.BR setfiles
@@ -57,7 +57,7 @@ log changes in file labels to syslog.
don't change any file labels (passive check).
.TP
.B \-o filename
-save list of files with incorrect context in filename.
+Deprecated, SELinux policy will probably block this access. Use shell redirection to save list of files with incorrect context in filename.
.TP
.B \-p
show progress by printing * every STAR_COUNT files. (If you relabel the entire OS, this will show you the percentage complete.)
diff --git a/policycoreutils/setfiles/setfiles.c b/policycoreutils/setfiles/setfiles.c
index b11e49f..ac1c39a 100644
2013-02-12 21:16:02 +00:00
--- a/policycoreutils/setfiles/setfiles.c
+++ b/policycoreutils/setfiles/setfiles.c
@@ -45,18 +45,18 @@ void usage(const char *const name)
2013-02-12 21:16:02 +00:00
{
if (iamrestorecon) {
fprintf(stderr,
- "usage: %s [-iFnprRv0] [-e excludedir] [-o filename] pathname...\n"
- "usage: %s [-iFnprRv0] [-e excludedir] [-o filename] -f filename\n",
+ "usage: %s [-iFnprRv0] [-e excludedir] pathname...\n"
+ "usage: %s [-iFnprRv0] [-e excludedir] -f filename\n",
name, name);
} else {
fprintf(stderr,
- "usage: %s [-dilnpqvFW] [-e excludedir] [-o filename] [-r alt_root_path] spec_file pathname...\n"
- "usage: %s [-dilnpqvFW] [-e excludedir] [-o filename] [-r alt_root_path] spec_file -f filename\n"
- "usage: %s -s [-dilnpqvFW] [-o filename] spec_file\n"
+ "usage: %s [-dilnpqvFW] [-e excludedir] [-r alt_root_path] spec_file pathname...\n"
+ "usage: %s [-dilnpqvFW] [-e excludedir] [-r alt_root_path] spec_file -f filename\n"
+ "usage: %s -s [-dilnpqvFW] spec_file\n"
"usage: %s -c policyfile spec_file\n",
name, name, name, name);
}
- exit(1);
+ exit(-1);
}
static int nerr = 0;
@@ -66,7 +66,7 @@ void inc_err()
nerr++;
if (nerr > ABORT_ON_ERRORS - 1 && !r_opts.debug) {
fprintf(stderr, "Exiting after %d errors.\n", ABORT_ON_ERRORS);
- exit(1);
+ exit(-1);
}
}
@@ -80,7 +80,7 @@ void set_rootpath(const char *arg)
if (NULL == r_opts.rootpath) {
fprintf(stderr, "%s: insufficient memory for r_opts.rootpath\n",
r_opts.progname);
- exit(1);
+ exit(-1);
}
/* trim trailing /, if present */
@@ -98,7 +98,7 @@ int canoncon(char **contextp)
if (policyfile) {
if (sepol_check_context(context) < 0) {
fprintf(stderr, "invalid context %s\n", context);
- exit(1);
+ exit(-1);
}
} else if (security_canonicalize_context_raw(context, &tmpcon) == 0) {
free(context);
@@ -175,7 +175,7 @@ int main(int argc, char **argv)
r_opts.progname = strdup(argv[0]);
if (!r_opts.progname) {
fprintf(stderr, "%s: Out of memory!\n", argv[0]);
- exit(1);
+ exit(-1);
}
base = basename(r_opts.progname);
@@ -242,7 +242,7 @@ int main(int argc, char **argv)
fprintf(stderr,
"Error opening %s: %s\n",
policyfile, strerror(errno));
- exit(1);
+ exit(-1);
}
__fsetlocking(policystream,
FSETLOCKING_BYCALLER);
@@ -252,7 +252,7 @@ int main(int argc, char **argv)
fprintf(stderr,
"Error reading policy %s: %s\n",
policyfile, strerror(errno));
- exit(1);
+ exit(-1);
}
fclose(policystream);
@@ -268,7 +268,7 @@ int main(int argc, char **argv)
break;
}
if (add_exclude(optarg))
- exit(1);
+ exit(-1);
break;
case 'f':
use_input_file = 1;
@@ -318,13 +318,13 @@ int main(int argc, char **argv)
if (optind + 1 >= argc) {
fprintf(stderr, "usage: %s -r rootpath\n",
argv[0]);
- exit(1);
+ exit(-1);
}
if (NULL != r_opts.rootpath) {
fprintf(stderr,
"%s: only one -r can be specified\n",
argv[0]);
- exit(1);
+ exit(-1);
}
set_rootpath(argv[optind++]);
break;
@@ -337,7 +337,7 @@ int main(int argc, char **argv)
if (r_opts.progress) {
fprintf(stderr,
"Progress and Verbose mutually exclusive\n");
- exit(1);
+ exit(-1);
}
r_opts.verbose++;
break;
@@ -391,12 +391,12 @@ int main(int argc, char **argv)
if (stat(argv[optind], &sb) < 0) {
perror(argv[optind]);
- exit(1);
+ exit(-1);
}
if (!S_ISREG(sb.st_mode)) {
fprintf(stderr, "%s: spec file %s is not a regular file.\n",
argv[0], argv[optind]);
- exit(1);
+ exit(-1);
}
altpath = argv[optind];
@@ -409,7 +409,7 @@ int main(int argc, char **argv)
r_opts.selabel_opt_path = altpath;
if (nerr)
- exit(1);
+ exit(-1);
restore_init(&r_opts);
if (use_input_file) {
@@ -452,5 +452,5 @@ int main(int argc, char **argv)
if (r_opts.progress && r_opts.count >= STAR_COUNT)
printf("\n");
- exit(errors);
+ exit(errors ? -1: 0);
}
diff --git a/policycoreutils/setsebool/Makefile b/policycoreutils/setsebool/Makefile
index a6addc5..45d6538 100644
--- a/policycoreutils/setsebool/Makefile
+++ b/policycoreutils/setsebool/Makefile
@@ -4,7 +4,7 @@ INCLUDEDIR ?= $(PREFIX)/include
SBINDIR ?= $(PREFIX)/sbin
MANDIR = $(PREFIX)/share/man
LIBDIR ?= $(PREFIX)/lib
-BASHCOMPLETIONDIR ?= $(DESTDIR)/etc/bash_completion.d/
+BASHCOMPLETIONDIR ?= $(DESTDIR)/usr/share/bash-completion/completions
CFLAGS ?= -Werror -Wall -W
override CFLAGS += -I$(INCLUDEDIR)
@@ -23,7 +23,7 @@ install: all
-mkdir -p $(MANDIR)/man8
install -m 644 setsebool.8 $(MANDIR)/man8/
-mkdir -p $(BASHCOMPLETIONDIR)
- install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)
+ install -m 644 $(BASHCOMPLETIONS) $(BASHCOMPLETIONDIR)/setsebool
relabel: