diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index fdacb05..29cfc8c 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -363,7 +363,7 @@ index 0000000..fcfa81d + + diff --git a/policycoreutils/gui/polgengui.py b/policycoreutils/gui/polgengui.py -index 1c16f7b..b89bf1a 100644 +index 1c16f7b..8b6f902 100644 --- a/policycoreutils/gui/polgengui.py +++ b/policycoreutils/gui/polgengui.py @@ -4,7 +4,7 @@ @@ -389,6 +389,31 @@ index 1c16f7b..b89bf1a 100644 import sepolicy.interface import commands +@@ -320,14 +325,16 @@ class childWindow: + col = gtk.TreeViewColumn(_("Application"), gtk.CellRendererText(), text = 0) + self.admin_treeview.append_column(col) + +- +- for u in sepolicy.interface.get_user(): +- iter = self.transition_store.append() +- self.transition_store.set_value(iter, 0, u) +- +- for a in sepolicy.interface.get_admin(): +- iter = self.admin_store.append() +- self.admin_store.set_value(iter, 0, a) ++ try: ++ for u in sepolicy.interface.get_user(): ++ iter = self.transition_store.append() ++ self.transition_store.set_value(iter, 0, u) ++ ++ for a in sepolicy.interface.get_admin(): ++ iter = self.admin_store.append() ++ self.admin_store.set_value(iter, 0, a) ++ except ValueError,e: ++ self.error(e.message) + + def confine_application(self): + return self.get_type() in generate.APPLICATIONS diff --git a/policycoreutils/gui/selinux-polgengui.8 b/policycoreutils/gui/selinux-polgengui.8 new file mode 100644 index 0000000..52bf7dd @@ -891,14 +916,32 @@ index d1b435c..de3582f 100644 account include system-auth password include system-auth diff --git a/policycoreutils/po/Makefile b/policycoreutils/po/Makefile -index a377996..9c1486e 100644 +index a377996..a693823 100644 --- a/policycoreutils/po/Makefile +++ b/policycoreutils/po/Makefile -@@ -81,12 +81,16 @@ POTFILES = \ +@@ -60,6 +60,7 @@ POTFILES = \ + ../gui/system-config-selinux.py \ + ../gui/usersPage.py \ + ../secon/secon.c \ ++ booleans.py \ + ../sepolicy/info.c \ + ../sepolicy/search.c \ + ../sepolicy/sepolicy.py \ +@@ -67,6 +68,8 @@ POTFILES = \ + ../sepolicy/sepolicy/__init__.py \ + ../sepolicy/sepolicy/network.py \ + ../sepolicy/sepolicy/generate.py \ ++ ../sepolicy/sepolicy/sepolicy.glade \ ++ ../sepolicy/sepolicy/gui.py \ + ../sepolicy/sepolicy/manpage.py \ + ../sepolicy/sepolicy/transition.py \ + ../sepolicy/sepolicy/templates/executable.py \ +@@ -80,13 +83,16 @@ POTFILES = \ + ../sepolicy/sepolicy/templates/var_lib.py \ ../sepolicy/sepolicy/templates/var_log.py \ ../sepolicy/sepolicy/templates/var_run.py \ - ../sepolicy/sepolicy/templates/var_spool.py \ -+ booleans.py +- ../sepolicy/sepolicy/templates/var_spool.py \ ++ ../sepolicy/sepolicy/templates/var_spool.py #default:: clean @@ -912,7 +955,7 @@ index a377996..9c1486e 100644 $(XGETTEXT) --keyword=_ --keyword=N_ $(POTFILES) @if cmp -s $(NLSPACKAGE).po $(POTFILE); then \ rm -f $(NLSPACKAGE).po; \ -@@ -95,6 +99,7 @@ $(POTFILE): $(POTFILES) +@@ -95,6 +101,7 @@ $(POTFILE): $(POTFILES) fi; \ update-po: Makefile $(POTFILE) refresh-po @@ -920,8 +963,53 @@ index a377996..9c1486e 100644 refresh-po: Makefile for cat in $(POFILES); do \ +diff --git a/policycoreutils/po/POTFILES b/policycoreutils/po/POTFILES +index 667e394..bcb9e99 100644 +--- a/policycoreutils/po/POTFILES ++++ b/policycoreutils/po/POTFILES +@@ -47,4 +47,26 @@ + ../gui/templates/var_log.py + ../gui/templates/var_run.py + ../gui/templates/var_spool.py +- ../secon/secon.c ++ ../sepolicy/info.c ++ ../sepolicy/search.c ++ ../sepolicy/sepolicy.py ++ ../sepolicy/sepolicy/communicate.py ++ ../sepolicy/sepolicy/__init__.py ++ ../sepolicy/sepolicy/network.py ++ ../sepolicy/sepolicy/generate.py ++ ../sepolicy/sepolicy/sepolicy.glade ++ ../sepolicy/sepolicy/gui.py ++ ../sepolicy/sepolicy/manpage.py ++ ../sepolicy/sepolicy/transition.py ++ ../sepolicy/sepolicy/templates/executable.py ++ ../sepolicy/sepolicy/templates/__init__.py ++ ../sepolicy/sepolicy/templates/network.py ++ ../sepolicy/sepolicy/templates/rw.py ++ ../sepolicy/sepolicy/templates/script.py ++ ../sepolicy/sepolicy/templates/semodule.py ++ ../sepolicy/sepolicy/templates/tmp.py ++ ../sepolicy/sepolicy/templates/user.py ++ ../sepolicy/sepolicy/templates/var_lib.py ++ ../sepolicy/sepolicy/templates/var_log.py ++ ../sepolicy/sepolicy/templates/var_run.py ++ ../sepolicy/sepolicy/templates/var_spool.py +diff --git a/policycoreutils/po/POTFILES.in b/policycoreutils/po/POTFILES.in +index 75117f4..aca0474 100644 +--- a/policycoreutils/po/POTFILES.in ++++ b/policycoreutils/po/POTFILES.in +@@ -42,6 +42,8 @@ sepolicy/sepolicy/communicate.py + sepolicy/sepolicy/__init__.py + sepolicy/sepolicy/network.py + sepolicy/sepolicy/generate.py ++sepolicy/sepolicy/sepolicy.glade ++sepolicy/sepolicy/gui.py + sepolicy/sepolicy/manpage.py + sepolicy/sepolicy/transition.py + sepolicy/sepolicy/templates/executable.py diff --git a/policycoreutils/po/af.po b/policycoreutils/po/af.po -index 961d921..5ee0bdc 100644 +index 961d921..3bb642f 100644 --- a/policycoreutils/po/af.po +++ b/policycoreutils/po/af.po @@ -8,7 +8,7 @@ msgid "" @@ -929,7 +1017,7 @@ index 961d921..5ee0bdc 100644 "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2013-01-04 12:01-0500\n" -+"POT-Creation-Date: 2013-05-07 11:12-0400\n" ++"POT-Creation-Date: 2013-07-10 16:36-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -942,7 +1030,7 @@ index 961d921..5ee0bdc 100644 #, c-format msgid "failed to initialize PAM\n" msgstr "" -@@ -73,16 +73,16 @@ msgstr "" +@@ -73,7 +73,7 @@ msgstr "" msgid "authentication failed.\n" msgstr "" @@ -951,37 +1039,73 @@ index 961d921..5ee0bdc 100644 #, c-format msgid "Could not set exec context to %s.\n" msgstr "" - --#: ../audit2allow/audit2allow:232 -+#: ../audit2allow/audit2allow:231 - msgid "******************** IMPORTANT ***********************\n" +@@ -126,7 +126,7 @@ msgstr "" + msgid "Semanage transaction not in progress" msgstr "" --#: ../audit2allow/audit2allow:233 -+#: ../audit2allow/audit2allow:232 - msgid "To make this policy package active, execute:" +-#: ../semanage/seobject.py:265 ../semanage/seobject.py:345 ++#: ../semanage/seobject.py:265 ../semanage/seobject.py:347 + msgid "Could not list SELinux modules" msgstr "" -@@ -169,786 +169,799 @@ msgstr "" +@@ -142,814 +142,829 @@ msgstr "" + msgid "Disabled" + msgstr "" + +-#: ../semanage/seobject.py:296 ++#: ../semanage/seobject.py:288 ++#, python-format ++msgid "Module does not exists %s " ++msgstr "" ++ ++#: ../semanage/seobject.py:298 + #, python-format + msgid "Could not disable module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:307 ++#: ../semanage/seobject.py:309 + #, python-format + msgid "Could not enable module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:322 ++#: ../semanage/seobject.py:324 + #, python-format + msgid "Could not remove module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:332 ++#: ../semanage/seobject.py:334 + msgid "dontaudit requires either 'on' or 'off'" + msgstr "" + +-#: ../semanage/seobject.py:360 ++#: ../semanage/seobject.py:362 + msgid "Builtin Permissive Types" + msgstr "" + +-#: ../semanage/seobject.py:370 ++#: ../semanage/seobject.py:372 msgid "Customized Permissive Types" msgstr "" -#: ../semanage/seobject.py:412 -+#: ../semanage/seobject.py:379 ++#: ../semanage/seobject.py:381 +msgid "" +"The sepolgen python module is required to setup permissive domains.\n" -+"In some distributions it is included in the policycoreutils-devel package.\n" ++"In some distributions it is included in the policycoreutils-devel patckage.\n" +"# yum install policycoreutils-devel\n" +"Or similar for your distro." +msgstr "" + -+#: ../semanage/seobject.py:416 ++#: ../semanage/seobject.py:418 #, python-format msgid "Could not set permissive domain %s (module installation failed)" msgstr "" -#: ../semanage/seobject.py:418 -+#: ../semanage/seobject.py:422 ++#: ../semanage/seobject.py:424 #, python-format msgid "Could not remove permissive domain %s (remove failed)" msgstr "" @@ -993,119 +1117,119 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:1820 ../semanage/seobject.py:1883 -#: ../semanage/seobject.py:1902 ../semanage/seobject.py:2025 -#: ../semanage/seobject.py:2076 -+#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -+#: ../semanage/seobject.py:577 ../semanage/seobject.py:699 -+#: ../semanage/seobject.py:729 ../semanage/seobject.py:796 -+#: ../semanage/seobject.py:853 ../semanage/seobject.py:1111 -+#: ../semanage/seobject.py:1834 ../semanage/seobject.py:1897 -+#: ../semanage/seobject.py:1916 ../semanage/seobject.py:2042 -+#: ../semanage/seobject.py:2093 ++#: ../semanage/seobject.py:459 ../semanage/seobject.py:533 ++#: ../semanage/seobject.py:579 ../semanage/seobject.py:701 ++#: ../semanage/seobject.py:731 ../semanage/seobject.py:798 ++#: ../semanage/seobject.py:855 ../semanage/seobject.py:1113 ++#: ../semanage/seobject.py:1836 ../semanage/seobject.py:1899 ++#: ../semanage/seobject.py:1918 ../semanage/seobject.py:2041 ++#: ../semanage/seobject.py:2092 #, python-format msgid "Could not create a key for %s" msgstr "" -#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -#: ../semanage/seobject.py:577 ../semanage/seobject.py:583 -+#: ../semanage/seobject.py:461 ../semanage/seobject.py:535 -+#: ../semanage/seobject.py:581 ../semanage/seobject.py:587 ++#: ../semanage/seobject.py:463 ../semanage/seobject.py:537 ++#: ../semanage/seobject.py:583 ../semanage/seobject.py:589 #, python-format msgid "Could not check if login mapping for %s is defined" msgstr "" -#: ../semanage/seobject.py:466 -+#: ../semanage/seobject.py:470 ++#: ../semanage/seobject.py:472 #, python-format msgid "Linux Group %s does not exist" msgstr "" -#: ../semanage/seobject.py:471 -+#: ../semanage/seobject.py:475 ++#: ../semanage/seobject.py:477 #, python-format msgid "Linux User %s does not exist" msgstr "" -#: ../semanage/seobject.py:475 -+#: ../semanage/seobject.py:479 ++#: ../semanage/seobject.py:481 #, python-format msgid "Could not create login mapping for %s" msgstr "" -#: ../semanage/seobject.py:479 ../semanage/seobject.py:740 -+#: ../semanage/seobject.py:483 ../semanage/seobject.py:744 ++#: ../semanage/seobject.py:485 ../semanage/seobject.py:746 #, python-format msgid "Could not set name for %s" msgstr "" -#: ../semanage/seobject.py:484 ../semanage/seobject.py:750 -+#: ../semanage/seobject.py:488 ../semanage/seobject.py:754 ++#: ../semanage/seobject.py:490 ../semanage/seobject.py:756 #, python-format msgid "Could not set MLS range for %s" msgstr "" -#: ../semanage/seobject.py:488 -+#: ../semanage/seobject.py:492 ++#: ../semanage/seobject.py:494 #, python-format msgid "Could not set SELinux user for %s" msgstr "" -#: ../semanage/seobject.py:492 -+#: ../semanage/seobject.py:496 ++#: ../semanage/seobject.py:498 #, python-format msgid "Could not add login mapping for %s" msgstr "" -#: ../semanage/seobject.py:510 -+#: ../semanage/seobject.py:514 ++#: ../semanage/seobject.py:516 msgid "Requires seuser or serange" msgstr "" -#: ../semanage/seobject.py:533 ../semanage/seobject.py:579 -+#: ../semanage/seobject.py:537 ../semanage/seobject.py:583 ++#: ../semanage/seobject.py:539 ../semanage/seobject.py:585 #, python-format msgid "Login mapping for %s is not defined" msgstr "" -#: ../semanage/seobject.py:537 -+#: ../semanage/seobject.py:541 ++#: ../semanage/seobject.py:543 #, python-format msgid "Could not query seuser for %s" msgstr "" -#: ../semanage/seobject.py:551 -+#: ../semanage/seobject.py:555 ++#: ../semanage/seobject.py:557 #, python-format msgid "Could not modify login mapping for %s" msgstr "" -#: ../semanage/seobject.py:585 -+#: ../semanage/seobject.py:589 ++#: ../semanage/seobject.py:591 #, python-format msgid "Login mapping for %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:589 -+#: ../semanage/seobject.py:593 ++#: ../semanage/seobject.py:595 #, python-format msgid "Could not delete login mapping for %s" msgstr "" -#: ../semanage/seobject.py:611 ../semanage/seobject.py:644 -#: ../semanage/seobject.py:892 -+#: ../semanage/seobject.py:615 ../semanage/seobject.py:648 -+#: ../semanage/seobject.py:896 ++#: ../semanage/seobject.py:617 ../semanage/seobject.py:650 ++#: ../semanage/seobject.py:898 msgid "Could not list login mappings" msgstr "" -#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 ++#: ../semanage/seobject.py:678 ../semanage/seobject.py:690 #: ../gui/system-config-selinux.glade:100 msgid "Login Name" msgstr "" -#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 ++#: ../semanage/seobject.py:678 ../semanage/seobject.py:690 ++#: ../semanage/seobject.py:948 ../semanage/seobject.py:953 #: ../gui/system-config-selinux.glade:128 #: ../gui/system-config-selinux.glade:915 #: ../gui/system-config-selinux.glade:2285 ../gui/usersPage.py:44 @@ -1113,338 +1237,339 @@ index 961d921..5ee0bdc 100644 msgstr "" -#: ../semanage/seobject.py:672 ../gui/system-config-selinux.glade:156 -+#: ../semanage/seobject.py:676 ../gui/system-config-selinux.glade:156 ++#: ../semanage/seobject.py:678 ../gui/system-config-selinux.glade:156 #: ../gui/system-config-selinux.glade:943 msgid "MLS/MCS Range" msgstr "" -#: ../semanage/seobject.py:672 -+#: ../semanage/seobject.py:676 ++#: ../semanage/seobject.py:678 msgid "Service" msgstr "" -#: ../semanage/seobject.py:698 ../semanage/seobject.py:729 -#: ../semanage/seobject.py:796 ../semanage/seobject.py:853 -#: ../semanage/seobject.py:859 -+#: ../semanage/seobject.py:702 ../semanage/seobject.py:733 -+#: ../semanage/seobject.py:800 ../semanage/seobject.py:857 -+#: ../semanage/seobject.py:863 ++#: ../semanage/seobject.py:704 ../semanage/seobject.py:735 ++#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 ++#: ../semanage/seobject.py:865 #, python-format msgid "Could not check if SELinux user %s is defined" msgstr "" -#: ../semanage/seobject.py:701 ../semanage/seobject.py:802 -#: ../semanage/seobject.py:865 -+#: ../semanage/seobject.py:705 ../semanage/seobject.py:806 -+#: ../semanage/seobject.py:869 ++#: ../semanage/seobject.py:707 ../semanage/seobject.py:808 ++#: ../semanage/seobject.py:871 #, python-format msgid "Could not query user for %s" msgstr "" -#: ../semanage/seobject.py:721 -+#: ../semanage/seobject.py:725 ++#: ../semanage/seobject.py:727 #, python-format msgid "You must add at least one role for %s" msgstr "" -#: ../semanage/seobject.py:736 -+#: ../semanage/seobject.py:740 ++#: ../semanage/seobject.py:742 #, python-format msgid "Could not create SELinux user for %s" msgstr "" -#: ../semanage/seobject.py:745 -+#: ../semanage/seobject.py:749 ++#: ../semanage/seobject.py:751 #, python-format msgid "Could not add role %s for %s" msgstr "" -#: ../semanage/seobject.py:754 -+#: ../semanage/seobject.py:758 ++#: ../semanage/seobject.py:760 #, python-format msgid "Could not set MLS level for %s" msgstr "" -#: ../semanage/seobject.py:757 -+#: ../semanage/seobject.py:761 ++#: ../semanage/seobject.py:763 #, python-format msgid "Could not add prefix %s for %s" msgstr "" -#: ../semanage/seobject.py:760 -+#: ../semanage/seobject.py:764 ++#: ../semanage/seobject.py:766 #, python-format msgid "Could not extract key for %s" msgstr "" -#: ../semanage/seobject.py:764 -+#: ../semanage/seobject.py:768 ++#: ../semanage/seobject.py:770 #, python-format msgid "Could not add SELinux user %s" msgstr "" -#: ../semanage/seobject.py:786 -+#: ../semanage/seobject.py:790 ++#: ../semanage/seobject.py:792 msgid "Requires prefix, roles, level or range" msgstr "" -#: ../semanage/seobject.py:788 -+#: ../semanage/seobject.py:792 ++#: ../semanage/seobject.py:794 msgid "Requires prefix or roles" msgstr "" -#: ../semanage/seobject.py:798 ../semanage/seobject.py:855 -+#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 ++#: ../semanage/seobject.py:804 ../semanage/seobject.py:861 #, python-format msgid "SELinux user %s is not defined" msgstr "" -#: ../semanage/seobject.py:827 -+#: ../semanage/seobject.py:831 ++#: ../semanage/seobject.py:833 #, python-format msgid "Could not modify SELinux user %s" msgstr "" -#: ../semanage/seobject.py:861 -+#: ../semanage/seobject.py:865 ++#: ../semanage/seobject.py:867 #, python-format msgid "SELinux user %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:872 -+#: ../semanage/seobject.py:876 ++#: ../semanage/seobject.py:878 #, python-format msgid "Could not delete SELinux user %s" msgstr "" -#: ../semanage/seobject.py:910 -+#: ../semanage/seobject.py:914 ++#: ../semanage/seobject.py:916 msgid "Could not list SELinux users" msgstr "" -#: ../semanage/seobject.py:916 -+#: ../semanage/seobject.py:920 ++#: ../semanage/seobject.py:922 #, python-format msgid "Could not list roles for user %s" msgstr "" -#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 ++#: ../semanage/seobject.py:947 msgid "Labeling" msgstr "" -#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 ++#: ../semanage/seobject.py:947 msgid "MLS/" msgstr "" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "Prefix" msgstr "" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "MCS Level" msgstr "" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "MCS Range" msgstr "" -#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 ++#: ../semanage/seobject.py:948 ../semanage/seobject.py:953 #: ../gui/system-config-selinux.glade:992 ../gui/usersPage.py:59 msgid "SELinux Roles" msgstr "" -#: ../semanage/seobject.py:964 -+#: ../semanage/seobject.py:971 ++#: ../semanage/seobject.py:973 msgid "Protocol udp or tcp is required" msgstr "" -#: ../semanage/seobject.py:966 -+#: ../semanage/seobject.py:973 ++#: ../semanage/seobject.py:975 msgid "Port is required" msgstr "" -#: ../semanage/seobject.py:976 -+#: ../semanage/seobject.py:983 ++#: ../semanage/seobject.py:985 msgid "Invalid Port" msgstr "" -#: ../semanage/seobject.py:980 -+#: ../semanage/seobject.py:987 ++#: ../semanage/seobject.py:989 #, python-format msgid "Could not create a key for %s/%s" msgstr "" -#: ../semanage/seobject.py:991 -+#: ../semanage/seobject.py:998 ++#: ../semanage/seobject.py:1000 msgid "Type is required" msgstr "" -#: ../semanage/seobject.py:994 ../semanage/seobject.py:1056 -#: ../semanage/seobject.py:1814 -+#: ../semanage/seobject.py:1001 ../semanage/seobject.py:1063 -+#: ../semanage/seobject.py:1828 ++#: ../semanage/seobject.py:1003 ../semanage/seobject.py:1065 ++#: ../semanage/seobject.py:1830 #, python-format msgid "Type %s is invalid, must be a port type" msgstr "" -#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062 -#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123 -+#: ../semanage/seobject.py:1007 ../semanage/seobject.py:1069 -+#: ../semanage/seobject.py:1124 ../semanage/seobject.py:1130 ++#: ../semanage/seobject.py:1009 ../semanage/seobject.py:1071 ++#: ../semanage/seobject.py:1126 ../semanage/seobject.py:1132 #, python-format msgid "Could not check if port %s/%s is defined" msgstr "" -#: ../semanage/seobject.py:1002 -+#: ../semanage/seobject.py:1009 ++#: ../semanage/seobject.py:1011 #, python-format msgid "Port %s/%s already defined" msgstr "" -#: ../semanage/seobject.py:1006 -+#: ../semanage/seobject.py:1013 ++#: ../semanage/seobject.py:1015 #, python-format msgid "Could not create port for %s/%s" msgstr "" -#: ../semanage/seobject.py:1012 -+#: ../semanage/seobject.py:1019 ++#: ../semanage/seobject.py:1021 #, python-format msgid "Could not create context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1016 -+#: ../semanage/seobject.py:1023 ++#: ../semanage/seobject.py:1025 #, python-format msgid "Could not set user in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1020 -+#: ../semanage/seobject.py:1027 ++#: ../semanage/seobject.py:1029 #, python-format msgid "Could not set role in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1024 -+#: ../semanage/seobject.py:1031 ++#: ../semanage/seobject.py:1033 #, python-format msgid "Could not set type in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1029 -+#: ../semanage/seobject.py:1036 ++#: ../semanage/seobject.py:1038 #, python-format msgid "Could not set mls fields in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1033 -+#: ../semanage/seobject.py:1040 ++#: ../semanage/seobject.py:1042 #, python-format msgid "Could not set port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1037 -+#: ../semanage/seobject.py:1044 ++#: ../semanage/seobject.py:1046 #, python-format msgid "Could not add port %s/%s" msgstr "" -#: ../semanage/seobject.py:1051 ../semanage/seobject.py:1324 -#: ../semanage/seobject.py:1523 -+#: ../semanage/seobject.py:1058 ../semanage/seobject.py:1334 -+#: ../semanage/seobject.py:1533 ++#: ../semanage/seobject.py:1060 ../semanage/seobject.py:1336 ++#: ../semanage/seobject.py:1535 msgid "Requires setype or serange" msgstr "" -#: ../semanage/seobject.py:1053 -+#: ../semanage/seobject.py:1060 ++#: ../semanage/seobject.py:1062 msgid "Requires setype" msgstr "" -#: ../semanage/seobject.py:1064 ../semanage/seobject.py:1119 -+#: ../semanage/seobject.py:1071 ../semanage/seobject.py:1126 ++#: ../semanage/seobject.py:1073 ../semanage/seobject.py:1128 #, python-format msgid "Port %s/%s is not defined" msgstr "" -#: ../semanage/seobject.py:1068 -+#: ../semanage/seobject.py:1075 ++#: ../semanage/seobject.py:1077 #, python-format msgid "Could not query port %s/%s" msgstr "" -#: ../semanage/seobject.py:1079 -+#: ../semanage/seobject.py:1086 ++#: ../semanage/seobject.py:1088 #, python-format msgid "Could not modify port %s/%s" msgstr "" -#: ../semanage/seobject.py:1092 -+#: ../semanage/seobject.py:1099 ++#: ../semanage/seobject.py:1101 msgid "Could not list the ports" msgstr "" -#: ../semanage/seobject.py:1108 -+#: ../semanage/seobject.py:1115 ++#: ../semanage/seobject.py:1117 #, python-format msgid "Could not delete the port %s" msgstr "" -#: ../semanage/seobject.py:1125 -+#: ../semanage/seobject.py:1132 ++#: ../semanage/seobject.py:1134 #, python-format msgid "Port %s/%s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1129 -+#: ../semanage/seobject.py:1136 ++#: ../semanage/seobject.py:1138 #, python-format msgid "Could not delete port %s/%s" msgstr "" -#: ../semanage/seobject.py:1145 ../semanage/seobject.py:1167 -+#: ../semanage/seobject.py:1152 ../semanage/seobject.py:1174 ++#: ../semanage/seobject.py:1154 ../semanage/seobject.py:1176 msgid "Could not list ports" msgstr "" -#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 ++#: ../semanage/seobject.py:1215 ../sepolicy/sepolicy/sepolicy.glade:915 ++#: ../sepolicy/sepolicy/sepolicy.glade:1014 msgid "SELinux Port Type" msgstr "" -#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 ++#: ../semanage/seobject.py:1215 msgid "Proto" msgstr "" -#: ../semanage/seobject.py:1206 ../gui/system-config-selinux.glade:335 -+#: ../semanage/seobject.py:1213 ../gui/system-config-selinux.glade:335 ++#: ../semanage/seobject.py:1215 ../gui/system-config-selinux.glade:335 msgid "Port Number" msgstr "" -#: ../semanage/seobject.py:1227 -+#: ../semanage/seobject.py:1237 ++#: ../semanage/seobject.py:1239 msgid "Node Address is required" msgstr "" -#: ../semanage/seobject.py:1242 -+#: ../semanage/seobject.py:1252 ++#: ../semanage/seobject.py:1254 msgid "Unknown or missing protocol" msgstr "" -#: ../semanage/seobject.py:1256 -+#: ../semanage/seobject.py:1266 ++#: ../semanage/seobject.py:1268 msgid "SELinux node type is required" msgstr "" -#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327 -+#: ../semanage/seobject.py:1269 ../semanage/seobject.py:1337 ++#: ../semanage/seobject.py:1271 ../semanage/seobject.py:1339 #, python-format msgid "Type %s is invalid, must be a node type" msgstr "" @@ -1453,284 +1578,284 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465 -#: ../semanage/seobject.py:1527 ../semanage/seobject.py:1561 -#: ../semanage/seobject.py:1759 -+#: ../semanage/seobject.py:1273 ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1377 ../semanage/seobject.py:1475 -+#: ../semanage/seobject.py:1537 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1773 ++#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1343 ++#: ../semanage/seobject.py:1379 ../semanage/seobject.py:1477 ++#: ../semanage/seobject.py:1539 ../semanage/seobject.py:1573 ++#: ../semanage/seobject.py:1775 #, python-format msgid "Could not create key for %s" msgstr "" -#: ../semanage/seobject.py:1265 ../semanage/seobject.py:1335 -#: ../semanage/seobject.py:1371 ../semanage/seobject.py:1377 -+#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1345 -+#: ../semanage/seobject.py:1381 ../semanage/seobject.py:1387 ++#: ../semanage/seobject.py:1277 ../semanage/seobject.py:1347 ++#: ../semanage/seobject.py:1383 ../semanage/seobject.py:1389 #, python-format msgid "Could not check if addr %s is defined" msgstr "" -#: ../semanage/seobject.py:1274 -+#: ../semanage/seobject.py:1284 ++#: ../semanage/seobject.py:1286 #, python-format msgid "Could not create addr for %s" msgstr "" -#: ../semanage/seobject.py:1280 ../semanage/seobject.py:1481 -#: ../semanage/seobject.py:1714 -+#: ../semanage/seobject.py:1290 ../semanage/seobject.py:1491 -+#: ../semanage/seobject.py:1728 ++#: ../semanage/seobject.py:1292 ../semanage/seobject.py:1493 ++#: ../semanage/seobject.py:1730 #, python-format msgid "Could not create context for %s" msgstr "" -#: ../semanage/seobject.py:1284 -+#: ../semanage/seobject.py:1294 ++#: ../semanage/seobject.py:1296 #, python-format msgid "Could not set mask for %s" msgstr "" -#: ../semanage/seobject.py:1288 -+#: ../semanage/seobject.py:1298 ++#: ../semanage/seobject.py:1300 #, python-format msgid "Could not set user in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1292 -+#: ../semanage/seobject.py:1302 ++#: ../semanage/seobject.py:1304 #, python-format msgid "Could not set role in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1296 -+#: ../semanage/seobject.py:1306 ++#: ../semanage/seobject.py:1308 #, python-format msgid "Could not set type in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1301 -+#: ../semanage/seobject.py:1311 ++#: ../semanage/seobject.py:1313 #, python-format msgid "Could not set mls fields in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1305 -+#: ../semanage/seobject.py:1315 ++#: ../semanage/seobject.py:1317 #, python-format msgid "Could not set addr context for %s" msgstr "" -#: ../semanage/seobject.py:1309 -+#: ../semanage/seobject.py:1319 ++#: ../semanage/seobject.py:1321 #, python-format msgid "Could not add addr %s" msgstr "" -#: ../semanage/seobject.py:1337 ../semanage/seobject.py:1373 -+#: ../semanage/seobject.py:1347 ../semanage/seobject.py:1383 ++#: ../semanage/seobject.py:1349 ../semanage/seobject.py:1385 #, python-format msgid "Addr %s is not defined" msgstr "" -#: ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1351 ++#: ../semanage/seobject.py:1353 #, python-format msgid "Could not query addr %s" msgstr "" -#: ../semanage/seobject.py:1351 -+#: ../semanage/seobject.py:1361 ++#: ../semanage/seobject.py:1363 #, python-format msgid "Could not modify addr %s" msgstr "" -#: ../semanage/seobject.py:1379 -+#: ../semanage/seobject.py:1389 ++#: ../semanage/seobject.py:1391 #, python-format msgid "Addr %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1383 -+#: ../semanage/seobject.py:1393 ++#: ../semanage/seobject.py:1395 #, python-format msgid "Could not delete addr %s" msgstr "" -#: ../semanage/seobject.py:1395 -+#: ../semanage/seobject.py:1405 ++#: ../semanage/seobject.py:1407 msgid "Could not deleteall node mappings" msgstr "" -#: ../semanage/seobject.py:1409 -+#: ../semanage/seobject.py:1419 ++#: ../semanage/seobject.py:1421 msgid "Could not list addrs" msgstr "" -#: ../semanage/seobject.py:1461 ../semanage/seobject.py:1752 -+#: ../semanage/seobject.py:1471 ../semanage/seobject.py:1766 ++#: ../semanage/seobject.py:1473 ../semanage/seobject.py:1768 msgid "SELinux Type is required" msgstr "" -#: ../semanage/seobject.py:1469 ../semanage/seobject.py:1531 -#: ../semanage/seobject.py:1565 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1479 ../semanage/seobject.py:1541 -+#: ../semanage/seobject.py:1575 ../semanage/seobject.py:1581 ++#: ../semanage/seobject.py:1481 ../semanage/seobject.py:1543 ++#: ../semanage/seobject.py:1577 ../semanage/seobject.py:1583 #, python-format msgid "Could not check if interface %s is defined" msgstr "" -#: ../semanage/seobject.py:1476 -+#: ../semanage/seobject.py:1486 ++#: ../semanage/seobject.py:1488 #, python-format msgid "Could not create interface for %s" msgstr "" -#: ../semanage/seobject.py:1485 -+#: ../semanage/seobject.py:1495 ++#: ../semanage/seobject.py:1497 #, python-format msgid "Could not set user in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1489 -+#: ../semanage/seobject.py:1499 ++#: ../semanage/seobject.py:1501 #, python-format msgid "Could not set role in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1493 -+#: ../semanage/seobject.py:1503 ++#: ../semanage/seobject.py:1505 #, python-format msgid "Could not set type in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1498 -+#: ../semanage/seobject.py:1508 ++#: ../semanage/seobject.py:1510 #, python-format msgid "Could not set mls fields in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1502 -+#: ../semanage/seobject.py:1512 ++#: ../semanage/seobject.py:1514 #, python-format msgid "Could not set interface context for %s" msgstr "" -#: ../semanage/seobject.py:1506 -+#: ../semanage/seobject.py:1516 ++#: ../semanage/seobject.py:1518 #, python-format msgid "Could not set message context for %s" msgstr "" -#: ../semanage/seobject.py:1510 -+#: ../semanage/seobject.py:1520 ++#: ../semanage/seobject.py:1522 #, python-format msgid "Could not add interface %s" msgstr "" -#: ../semanage/seobject.py:1533 ../semanage/seobject.py:1567 -+#: ../semanage/seobject.py:1543 ../semanage/seobject.py:1577 ++#: ../semanage/seobject.py:1545 ../semanage/seobject.py:1579 #, python-format msgid "Interface %s is not defined" msgstr "" -#: ../semanage/seobject.py:1537 -+#: ../semanage/seobject.py:1547 ++#: ../semanage/seobject.py:1549 #, python-format msgid "Could not query interface %s" msgstr "" -#: ../semanage/seobject.py:1548 -+#: ../semanage/seobject.py:1558 ++#: ../semanage/seobject.py:1560 #, python-format msgid "Could not modify interface %s" msgstr "" -#: ../semanage/seobject.py:1573 -+#: ../semanage/seobject.py:1583 ++#: ../semanage/seobject.py:1585 #, python-format msgid "Interface %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1577 -+#: ../semanage/seobject.py:1587 ++#: ../semanage/seobject.py:1589 #, python-format msgid "Could not delete interface %s" msgstr "" -#: ../semanage/seobject.py:1589 -+#: ../semanage/seobject.py:1599 ++#: ../semanage/seobject.py:1601 msgid "Could not delete all interface mappings" msgstr "" -#: ../semanage/seobject.py:1603 -+#: ../semanage/seobject.py:1613 ++#: ../semanage/seobject.py:1615 msgid "Could not list interfaces" msgstr "" -#: ../semanage/seobject.py:1628 -+#: ../semanage/seobject.py:1638 ++#: ../semanage/seobject.py:1640 msgid "SELinux Interface" msgstr "" -#: ../semanage/seobject.py:1628 ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1638 ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1640 ../semanage/seobject.py:1990 msgid "Context" msgstr "" -#: ../semanage/seobject.py:1691 -+#: ../semanage/seobject.py:1705 ++#: ../semanage/seobject.py:1707 #, python-format msgid "Equivalence class for %s already exists" msgstr "" -#: ../semanage/seobject.py:1697 -+#: ../semanage/seobject.py:1711 ++#: ../semanage/seobject.py:1713 #, python-format msgid "File spec %s conflicts with equivalency rule '%s %s'" msgstr "" -#: ../semanage/seobject.py:1706 -+#: ../semanage/seobject.py:1720 ++#: ../semanage/seobject.py:1722 #, python-format msgid "Equivalence class for %s does not exists" msgstr "" -#: ../semanage/seobject.py:1720 -+#: ../semanage/seobject.py:1734 ++#: ../semanage/seobject.py:1736 #, python-format msgid "Could not set user in file context for %s" msgstr "" -#: ../semanage/seobject.py:1724 -+#: ../semanage/seobject.py:1738 ++#: ../semanage/seobject.py:1740 #, python-format msgid "Could not set role in file context for %s" msgstr "" -#: ../semanage/seobject.py:1729 ../semanage/seobject.py:1789 -+#: ../semanage/seobject.py:1743 ../semanage/seobject.py:1803 ++#: ../semanage/seobject.py:1745 ../semanage/seobject.py:1805 #, python-format msgid "Could not set mls fields in file context for %s" msgstr "" -#: ../semanage/seobject.py:1735 -+#: ../semanage/seobject.py:1749 ++#: ../semanage/seobject.py:1751 msgid "Invalid file specification" msgstr "" -#: ../semanage/seobject.py:1737 -+#: ../semanage/seobject.py:1751 ++#: ../semanage/seobject.py:1753 msgid "File specification can not include spaces" msgstr "" -#: ../semanage/seobject.py:1742 -+#: ../semanage/seobject.py:1756 ++#: ../semanage/seobject.py:1758 #, python-format msgid "" "File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' instead" msgstr "" -#: ../semanage/seobject.py:1755 -+#: ../semanage/seobject.py:1769 ++#: ../semanage/seobject.py:1771 #, python-format msgid "Type %s is invalid, must be a file or device type" msgstr "" @@ -1738,114 +1863,114 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768 -#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906 -#: ../semanage/seobject.py:1910 -+#: ../semanage/seobject.py:1777 ../semanage/seobject.py:1782 -+#: ../semanage/seobject.py:1838 ../semanage/seobject.py:1920 -+#: ../semanage/seobject.py:1924 ++#: ../semanage/seobject.py:1779 ../semanage/seobject.py:1784 ++#: ../semanage/seobject.py:1840 ../semanage/seobject.py:1922 ++#: ../semanage/seobject.py:1926 #, python-format msgid "Could not check if file context for %s is defined" msgstr "" -#: ../semanage/seobject.py:1776 -+#: ../semanage/seobject.py:1790 ++#: ../semanage/seobject.py:1792 #, python-format msgid "Could not create file context for %s" msgstr "" -#: ../semanage/seobject.py:1784 -+#: ../semanage/seobject.py:1798 ++#: ../semanage/seobject.py:1800 #, python-format msgid "Could not set type in file context for %s" msgstr "" -#: ../semanage/seobject.py:1792 ../semanage/seobject.py:1852 -#: ../semanage/seobject.py:1856 -+#: ../semanage/seobject.py:1806 ../semanage/seobject.py:1866 -+#: ../semanage/seobject.py:1870 ++#: ../semanage/seobject.py:1808 ../semanage/seobject.py:1868 ++#: ../semanage/seobject.py:1872 #, python-format msgid "Could not set file context for %s" msgstr "" -#: ../semanage/seobject.py:1798 -+#: ../semanage/seobject.py:1812 ++#: ../semanage/seobject.py:1814 #, python-format msgid "Could not add file context for %s" msgstr "" -#: ../semanage/seobject.py:1812 -+#: ../semanage/seobject.py:1826 ++#: ../semanage/seobject.py:1828 msgid "Requires setype, serange or seuser" msgstr "" -#: ../semanage/seobject.py:1828 ../semanage/seobject.py:1914 -+#: ../semanage/seobject.py:1842 ../semanage/seobject.py:1928 ++#: ../semanage/seobject.py:1844 ../semanage/seobject.py:1930 #, python-format msgid "File context for %s is not defined" msgstr "" -#: ../semanage/seobject.py:1834 -+#: ../semanage/seobject.py:1848 ++#: ../semanage/seobject.py:1850 #, python-format msgid "Could not query file context for %s" msgstr "" -#: ../semanage/seobject.py:1860 -+#: ../semanage/seobject.py:1874 ++#: ../semanage/seobject.py:1876 #, python-format msgid "Could not modify file context for %s" msgstr "" -#: ../semanage/seobject.py:1873 -+#: ../semanage/seobject.py:1887 ++#: ../semanage/seobject.py:1889 msgid "Could not list the file contexts" msgstr "" -#: ../semanage/seobject.py:1887 -+#: ../semanage/seobject.py:1901 ++#: ../semanage/seobject.py:1903 #, python-format msgid "Could not delete the file context %s" msgstr "" -#: ../semanage/seobject.py:1912 -+#: ../semanage/seobject.py:1926 ++#: ../semanage/seobject.py:1928 #, python-format msgid "File context for %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1918 -+#: ../semanage/seobject.py:1932 ++#: ../semanage/seobject.py:1934 #, python-format msgid "Could not delete file context for %s" msgstr "" -#: ../semanage/seobject.py:1933 -+#: ../semanage/seobject.py:1947 ++#: ../semanage/seobject.py:1949 msgid "Could not list file contexts" msgstr "" -#: ../semanage/seobject.py:1937 -+#: ../semanage/seobject.py:1951 ++#: ../semanage/seobject.py:1953 msgid "Could not list local file contexts" msgstr "" -#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1990 msgid "SELinux fcontext" msgstr "" -#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1990 msgid "type" msgstr "" -#: ../semanage/seobject.py:1987 -+#: ../semanage/seobject.py:2001 ++#: ../semanage/seobject.py:2003 msgid "" "\n" "SELinux Distribution fcontext Equivalence \n" msgstr "" -#: ../semanage/seobject.py:1992 -+#: ../semanage/seobject.py:2006 ++#: ../semanage/seobject.py:2008 msgid "" "\n" "SELinux Local fcontext Equivalence \n" @@ -1853,101 +1978,99 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:2028 ../semanage/seobject.py:2079 -#: ../semanage/seobject.py:2085 -+#: ../semanage/seobject.py:2036 -+#, python-format -+msgid "Value Required for %s" -+msgstr "" -+ -+#: ../semanage/seobject.py:2045 ../semanage/seobject.py:2096 -+#: ../semanage/seobject.py:2102 ++#: ../semanage/seobject.py:2044 ../semanage/seobject.py:2095 ++#: ../semanage/seobject.py:2101 #, python-format msgid "Could not check if boolean %s is defined" msgstr "" -#: ../semanage/seobject.py:2030 ../semanage/seobject.py:2081 -+#: ../semanage/seobject.py:2047 ../semanage/seobject.py:2098 ++#: ../semanage/seobject.py:2046 ../semanage/seobject.py:2097 #, python-format msgid "Boolean %s is not defined" msgstr "" -#: ../semanage/seobject.py:2034 -+#: ../semanage/seobject.py:2051 ++#: ../semanage/seobject.py:2050 #, python-format msgid "Could not query file context %s" msgstr "" -#: ../semanage/seobject.py:2039 -+#: ../semanage/seobject.py:2056 ++#: ../semanage/seobject.py:2055 #, python-format msgid "You must specify one of the following values: %s" msgstr "" -#: ../semanage/seobject.py:2044 -+#: ../semanage/seobject.py:2061 ++#: ../semanage/seobject.py:2060 #, python-format msgid "Could not set active value of boolean %s" msgstr "" -#: ../semanage/seobject.py:2047 -+#: ../semanage/seobject.py:2064 ++#: ../semanage/seobject.py:2063 #, python-format msgid "Could not modify boolean %s" msgstr "" -#: ../semanage/seobject.py:2063 -+#: ../semanage/seobject.py:2080 ++#: ../semanage/seobject.py:2079 #, python-format msgid "Bad format %s: Record %s" msgstr "" -#: ../semanage/seobject.py:2087 -+#: ../semanage/seobject.py:2104 ++#: ../semanage/seobject.py:2103 #, python-format msgid "Boolean %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:2091 -+#: ../semanage/seobject.py:2108 ++#: ../semanage/seobject.py:2107 #, python-format msgid "Could not delete boolean %s" msgstr "" -#: ../semanage/seobject.py:2103 ../semanage/seobject.py:2120 -+#: ../semanage/seobject.py:2120 ../semanage/seobject.py:2137 ++#: ../semanage/seobject.py:2119 ../semanage/seobject.py:2136 msgid "Could not list booleans" msgstr "" -#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 ++#: ../semanage/seobject.py:2171 msgid "off" msgstr "" -#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 ++#: ../semanage/seobject.py:2171 msgid "on" msgstr "" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "SELinux boolean" msgstr "" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "State" msgstr "" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "Default" msgstr "" -#: ../semanage/seobject.py:2169 ../gui/polgen.glade:113 -+#: ../semanage/seobject.py:2186 ../gui/polgen.glade:113 - #: ../gui/polgengui.py:269 +-#: ../gui/polgengui.py:269 ++#: ../semanage/seobject.py:2185 ../gui/polgen.glade:113 ++#: ../gui/polgengui.py:274 ../sepolicy/sepolicy/sepolicy.glade:242 ++#: ../sepolicy/sepolicy/sepolicy.glade:638 msgid "Description" msgstr "" -@@ -988,206 +1001,226 @@ msgstr "" + +@@ -988,206 +1003,226 @@ msgstr "" msgid "Unable to clear environment\n" msgstr "" @@ -2215,7 +2338,7 @@ index 961d921..5ee0bdc 100644 msgid "failed to exec shell\n" msgstr "" -@@ -1414,7 +1447,7 @@ msgstr "" +@@ -1414,7 +1449,7 @@ msgstr "" msgid "Applications" msgstr "" @@ -2224,7 +2347,7 @@ index 961d921..5ee0bdc 100644 msgid "Standard Init Daemon" msgstr "" -@@ -1424,7 +1457,7 @@ msgid "" +@@ -1424,7 +1459,7 @@ msgid "" "requires a script in /etc/rc.d/init.d" msgstr "" @@ -2233,7 +2356,7 @@ index 961d921..5ee0bdc 100644 msgid "DBUS System Daemon" msgstr "" -@@ -1436,7 +1469,7 @@ msgstr "" +@@ -1436,7 +1471,7 @@ msgstr "" msgid "Internet Services Daemon are daemons started by xinetd" msgstr "" @@ -2242,7 +2365,7 @@ index 961d921..5ee0bdc 100644 msgid "Web Application/Script (CGI)" msgstr "" -@@ -1445,7 +1478,7 @@ msgid "" +@@ -1445,7 +1480,7 @@ msgid "" "Web Applications/Script (CGI) CGI scripts started by the web server (apache)" msgstr "" @@ -2251,7 +2374,7 @@ index 961d921..5ee0bdc 100644 msgid "User Application" msgstr "" -@@ -1455,7 +1488,7 @@ msgid "" +@@ -1455,7 +1490,7 @@ msgid "" "started by a user" msgstr "" @@ -2260,193 +2383,340 @@ index 961d921..5ee0bdc 100644 msgid "Sandbox" msgstr "" -@@ -2159,261 +2192,322 @@ msgstr "" +@@ -1530,7 +1565,8 @@ msgstr "" + msgid "Enter name of application or user role:" + msgstr "" + +-#: ../gui/polgen.glade:728 ../gui/polgengui.py:267 ++#: ../gui/polgen.glade:728 ../gui/polgengui.py:272 ++#: ../sepolicy/sepolicy/sepolicy.glade:279 + msgid "Name" + msgstr "" + +@@ -1745,75 +1781,75 @@ msgstr "" + msgid "Policy Directory" + msgstr "" + +-#: ../gui/polgengui.py:277 ++#: ../gui/polgengui.py:282 + msgid "Role" + msgstr "" + +-#: ../gui/polgengui.py:284 ++#: ../gui/polgengui.py:289 + msgid "Existing_User" + msgstr "" + +-#: ../gui/polgengui.py:298 ../gui/polgengui.py:306 ../gui/polgengui.py:320 ++#: ../gui/polgengui.py:303 ../gui/polgengui.py:311 ../gui/polgengui.py:325 + msgid "Application" + msgstr "" + +-#: ../gui/polgengui.py:363 ++#: ../gui/polgengui.py:370 + #, python-format + msgid "%s must be a directory" + msgstr "" + +-#: ../gui/polgengui.py:423 ../gui/polgengui.py:704 ++#: ../gui/polgengui.py:430 ../gui/polgengui.py:711 + msgid "You must select a user" + msgstr "" + +-#: ../gui/polgengui.py:553 ++#: ../gui/polgengui.py:560 + msgid "Select executable file to be confined." + msgstr "" + +-#: ../gui/polgengui.py:564 ++#: ../gui/polgengui.py:571 + msgid "Select init script file to be confined." + msgstr "" + +-#: ../gui/polgengui.py:574 ++#: ../gui/polgengui.py:581 + msgid "Select file(s) that confined application creates or writes" + msgstr "" + +-#: ../gui/polgengui.py:581 ++#: ../gui/polgengui.py:588 + msgid "Select directory(s) that the confined application owns and writes into" + msgstr "" + +-#: ../gui/polgengui.py:643 ++#: ../gui/polgengui.py:650 + msgid "Select directory to generate policy files in" + msgstr "" + +-#: ../gui/polgengui.py:660 ++#: ../gui/polgengui.py:667 + #, python-format + msgid "" + "Type %s_t already defined in current policy.\n" + "Do you want to continue?" + msgstr "" + +-#: ../gui/polgengui.py:660 ../gui/polgengui.py:664 ++#: ../gui/polgengui.py:667 ../gui/polgengui.py:671 + msgid "Verify Name" + msgstr "" + +-#: ../gui/polgengui.py:664 ++#: ../gui/polgengui.py:671 + #, python-format + msgid "" + "Module %s.pp already loaded in current policy.\n" + "Do you want to continue?" + msgstr "" + +-#: ../gui/polgengui.py:710 ++#: ../gui/polgengui.py:717 + msgid "" + "You must add a name made up of letters and numbers and containing no spaces." + msgstr "" + +-#: ../gui/polgengui.py:724 ++#: ../gui/polgengui.py:731 + msgid "You must enter a executable" + msgstr "" + +-#: ../gui/polgengui.py:749 ../gui/system-config-selinux.py:180 ++#: ../gui/polgengui.py:756 ../gui/system-config-selinux.py:180 + msgid "Configue SELinux" + msgstr "" + +@@ -1828,6 +1864,8 @@ msgid "" + msgstr "" + + #: ../gui/portsPage.py:91 ../gui/system-config-selinux.glade:363 ++#: ../sepolicy/sepolicy/sepolicy.glade:881 ++#: ../sepolicy/sepolicy/sepolicy.glade:980 + msgid "Protocol" + msgstr "" + +@@ -1837,7 +1875,8 @@ msgid "" + "Level" + msgstr "" + +-#: ../gui/portsPage.py:101 ++#: ../gui/portsPage.py:101 ../sepolicy/sepolicy/sepolicy.glade:864 ++#: ../sepolicy/sepolicy/sepolicy.glade:963 + msgid "Port" + msgstr "" + +@@ -1967,6 +2006,9 @@ msgid "SELinux Administration" + msgstr "" + + #: ../gui/system-config-selinux.glade:1122 ++#: ../sepolicy/sepolicy/sepolicy.glade:405 ++#: ../sepolicy/sepolicy/sepolicy.glade:819 ++#: ../sepolicy/sepolicy/sepolicy.glade:1156 + msgid "Add" + msgstr "" + +@@ -2036,6 +2078,10 @@ msgstr "" + #: ../gui/system-config-selinux.glade:2467 + #: ../gui/system-config-selinux.glade:2692 + #: ../gui/system-config-selinux.glade:2867 ++#: ../sepolicy/sepolicy/sepolicy.glade:157 ++#: ../sepolicy/sepolicy/sepolicy.glade:326 ++#: ../sepolicy/sepolicy/sepolicy.glade:733 ++#: ../sepolicy/sepolicy/sepolicy.glade:1081 + msgid "Filter" + msgstr "" + +@@ -2159,1315 +2205,1864 @@ msgstr "" msgid "SELinux user '%s' is required" msgstr "" -#: ../sepolicy/sepolicy.py:202 -+#: ../sepolicy/sepolicy.py:183 -+#, python-format -+msgid "Interface %s does not exist." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:267 - msgid "Generate SELinux man pages" +-msgid "Generate SELinux man pages" ++#: booleans.py:1 ++msgid "" ++"Allow ABRT to modify public files used for public file transfer services." msgstr "" -#: ../sepolicy/sepolicy.py:205 -+#: ../sepolicy/sepolicy.py:270 - msgid "path in which the generated SELinux man pages will be stored" +-msgid "path in which the generated SELinux man pages will be stored" ++#: booleans.py:2 ++msgid "" ++"Allow ABRT to run in abrt_handle_event_t domain to handle ABRT event scripts" msgstr "" -#: ../sepolicy/sepolicy.py:207 -+#: ../sepolicy/sepolicy.py:272 - msgid "name of the OS for man pages" +-msgid "name of the OS for man pages" ++#: booleans.py:3 ++msgid "Allow antivirus programs to read non security files on a system" msgstr "" -#: ../sepolicy/sepolicy.py:209 -+#: ../sepolicy/sepolicy.py:274 - msgid "Generate HTML man pages structure for selected SELinux man page" +-msgid "Generate HTML man pages structure for selected SELinux man page" ++#: booleans.py:4 ++msgid "Determine whether can antivirus programs use JIT compiler." msgstr "" -#: ../sepolicy/sepolicy.py:213 -+#: ../sepolicy/sepolicy.py:276 -+msgid "Alternate root directory, defaults to /" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:280 - msgid "All domains" +-msgid "All domains" ++#: booleans.py:5 ++msgid "Allow auditadm to exec content" msgstr "" -#: ../sepolicy/sepolicy.py:216 -+#: ../sepolicy/sepolicy.py:283 - msgid "Domain name(s) of man pages to be created" +-msgid "Domain name(s) of man pages to be created" ++#: booleans.py:6 ++msgid "" ++"Allow users to resolve user passwd entries directly from ldap rather then " ++"using a sssd server" msgstr "" -#: ../sepolicy/sepolicy.py:221 -+#: ../sepolicy/sepolicy.py:288 - msgid "Query SELinux policy network information" +-msgid "Query SELinux policy network information" ++#: booleans.py:7 ++msgid "Allow users to login using a radius server" msgstr "" -#: ../sepolicy/sepolicy.py:226 -+#: ../sepolicy/sepolicy.py:293 - msgid "list all SELinux port types" +-msgid "list all SELinux port types" ++#: booleans.py:8 ++msgid "Allow users to login using a yubikey server" msgstr "" -#: ../sepolicy/sepolicy.py:229 -+#: ../sepolicy/sepolicy.py:296 - msgid "show SELinux type related to the port" +-msgid "show SELinux type related to the port" ++#: booleans.py:9 ++msgid "Determine whether awstats can purge httpd log files." msgstr "" -#: ../sepolicy/sepolicy.py:232 -+#: ../sepolicy/sepolicy.py:299 - msgid "Show ports defined for this SELinux type" +-msgid "Show ports defined for this SELinux type" ++#: booleans.py:10 ++msgid "" ++"Determine whether cdrecord can read various content. nfs, samba, removable " ++"devices, user temp and untrusted content files" msgstr "" -#: ../sepolicy/sepolicy.py:235 -+#: ../sepolicy/sepolicy.py:302 - msgid "show ports to which this domain can bind and/or connect" +-msgid "show ports to which this domain can bind and/or connect" ++#: booleans.py:11 ++msgid "" ++"Allow cluster administrative domains to connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:250 -+#: ../sepolicy/sepolicy.py:317 - msgid "query SELinux policy to see if domains can communicate with each other" +-msgid "query SELinux policy to see if domains can communicate with each other" ++#: booleans.py:12 ++msgid "Allow cluster administrative domains to manage all files on a system." msgstr "" -#: ../sepolicy/sepolicy.py:253 -+#: ../sepolicy/sepolicy.py:320 - msgid "Source Domain" +-msgid "Source Domain" ++#: booleans.py:13 ++msgid "" ++"Allow cluster administrative cluster domains memcheck-amd64- to use " ++"executable memory" msgstr "" -#: ../sepolicy/sepolicy.py:256 -+#: ../sepolicy/sepolicy.py:323 - msgid "Target Domain" +-msgid "Target Domain" ++#: booleans.py:14 ++msgid "" ++"Determine whether Cobbler can modify public files used for public file " ++"transfer services." msgstr "" -#: ../sepolicy/sepolicy.py:276 -+#: ../sepolicy/sepolicy.py:342 - msgid "query SELinux Policy to see description of booleans" +-msgid "query SELinux Policy to see description of booleans" ++#: booleans.py:15 ++msgid "Determine whether Cobbler can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:280 -+#: ../sepolicy/sepolicy.py:346 - msgid "get all booleans descriptions" +-msgid "get all booleans descriptions" ++#: booleans.py:16 ++msgid "Determine whether Cobbler can access cifs file systems." msgstr "" -#: ../sepolicy/sepolicy.py:282 -+#: ../sepolicy/sepolicy.py:349 - msgid "boolean to get description" +-msgid "boolean to get description" ++#: booleans.py:17 ++msgid "Determine whether Cobbler can access nfs file systems." msgstr "" -#: ../sepolicy/sepolicy.py:301 -+#: ../sepolicy/sepolicy.py:359 - msgid "" - "query SELinux Policy to see how a source process domain can transition to " - "the target process domain" +-msgid "" +-"query SELinux Policy to see how a source process domain can transition to " +-"the target process domain" ++#: booleans.py:18 ++msgid "Determine whether collectd can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:304 -+#: ../sepolicy/sepolicy.py:362 - msgid "source process domain" +-msgid "source process domain" ++#: booleans.py:19 ++msgid "Determine whether Condor can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:307 -+#: ../sepolicy/sepolicy.py:365 - msgid "target process domain" +-msgid "target process domain" ++#: booleans.py:20 ++msgid "" ++"Allow system cron jobs to relabel filesystem for restoring file contexts." msgstr "" -#: ../sepolicy/sepolicy.py:327 -+#: ../sepolicy/sepolicy.py:408 -+#, python-format -+msgid "sepolicy generate: error: one of the arguments %s is required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:413 - msgid "Command required for this type of policy" +-msgid "Command required for this type of policy" ++#: booleans.py:21 ++msgid "Determine whether cvs can read shadow password files." msgstr "" -#: ../sepolicy/sepolicy.py:347 -+#: ../sepolicy/sepolicy.py:424 -+msgid "" -+"-t option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:429 -+msgid "" -+"-d option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:433 -+msgid "" -+"-a option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:452 - msgid "List SELinux Policy interfaces" +-msgid "List SELinux Policy interfaces" ++#: booleans.py:22 ++msgid "Allow all daemons to write corefiles to /" msgstr "" -#: ../sepolicy/sepolicy.py:362 -+#: ../sepolicy/sepolicy.py:470 -+msgid "Enter interface names, you wish to query" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:479 - msgid "Generate SELinux Policy module template" +-msgid "Generate SELinux Policy module template" ++#: booleans.py:23 ++msgid "Allow all daemons to use tcp wrappers." msgstr "" -#: ../sepolicy/sepolicy.py:365 -+#: ../sepolicy/sepolicy.py:482 - msgid "Enter domain type which you will be extending" +-msgid "Enter domain type which you will be extending" ++#: booleans.py:24 ++msgid "Allow all daemons the ability to read/write terminals" msgstr "" -#: ../sepolicy/sepolicy.py:368 -+#: ../sepolicy/sepolicy.py:485 - msgid "Enter SELinux user(s) which will transition to this domain" +-msgid "Enter SELinux user(s) which will transition to this domain" ++#: booleans.py:25 ++msgid "Determine whether dbadm can manage generic user files." msgstr "" -#: ../sepolicy/sepolicy.py:371 -+#: ../sepolicy/sepolicy.py:488 - msgid "Enter domain(s) that this confined admin will administrate" +-msgid "Enter domain(s) that this confined admin will administrate" ++#: booleans.py:26 ++msgid "Determine whether dbadm can read generic user files." msgstr "" -#: ../sepolicy/sepolicy.py:374 -+#: ../sepolicy/sepolicy.py:491 - msgid "name of policy to generate" +-msgid "name of policy to generate" ++#: booleans.py:27 ++msgid "" ++"Deny user domains applications to map a memory region as both executable and " ++"writable, this is dangerous and the executable should be reported in bugzilla" msgstr "" -#: ../sepolicy/sepolicy.py:378 -+#: ../sepolicy/sepolicy.py:498 - msgid "path in which the generated policy files will be stored" +-msgid "path in which the generated policy files will be stored" ++#: booleans.py:28 ++msgid "Deny any process from ptracing or debugging any other processes." msgstr "" -#: ../sepolicy/sepolicy.py:380 -msgid "executable to confine" -+#: ../sepolicy/sepolicy.py:500 -+msgid "path to which the confined processes will need to write" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:501 -+msgid "Policy types which require a command" ++#: booleans.py:29 ++msgid "Allow dhcpc client applications to execute iptables commands" msgstr "" -#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387 @@ -2455,1567 +2725,2368 @@ index 961d921..5ee0bdc 100644 -#: ../sepolicy/sepolicy.py:402 ../sepolicy/sepolicy.py:405 -#: ../sepolicy/sepolicy.py:408 ../sepolicy/sepolicy.py:411 -#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 -+#: ../sepolicy/sepolicy.py:505 ../sepolicy/sepolicy.py:508 -+#: ../sepolicy/sepolicy.py:511 ../sepolicy/sepolicy.py:514 -+#: ../sepolicy/sepolicy.py:517 ../sepolicy/sepolicy.py:523 -+#: ../sepolicy/sepolicy.py:526 ../sepolicy/sepolicy.py:529 -+#: ../sepolicy/sepolicy.py:535 ../sepolicy/sepolicy.py:538 -+#: ../sepolicy/sepolicy.py:541 ../sepolicy/sepolicy.py:544 - #, python-format +-#, python-format -msgid "Generate Policy for %s" -+msgid "Generate '%s' policy" - msgstr "" - --#: ../sepolicy/sepolicy.py:422 -+#: ../sepolicy/sepolicy.py:532 -+#, python-format -+msgid "Generate '%s' policy " -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:546 -+msgid "executable to confine" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:551 - msgid "commands" - msgstr "" - --#: ../sepolicy/sepolicy.py:425 -+#: ../sepolicy/sepolicy.py:554 - msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:48 -+#: ../sepolicy/sepolicy/__init__.py:72 - msgid "No SELinux Policy installed" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:54 -+#: ../sepolicy/sepolicy/__init__.py:243 - #, python-format - msgid "Failed to read %s policy file" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:127 -+#: ../sepolicy/sepolicy/__init__.py:302 - msgid "unknown" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:173 -+#: ../sepolicy/sepolicy/generate.py:132 - msgid "Internet Services Daemon" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:177 -+#: ../sepolicy/sepolicy/generate.py:136 - msgid "Existing Domain Type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:178 -+#: ../sepolicy/sepolicy/generate.py:137 - msgid "Minimal Terminal Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:179 -+#: ../sepolicy/sepolicy/generate.py:138 - msgid "Minimal X Windows Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:180 -+#: ../sepolicy/sepolicy/generate.py:139 - msgid "Desktop Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:181 -+#: ../sepolicy/sepolicy/generate.py:140 - msgid "Administrator Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:182 -+#: ../sepolicy/sepolicy/generate.py:141 - msgid "Confined Root Administrator Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:187 -+#: ../sepolicy/sepolicy/generate.py:142 -+msgid "Module information for a new type" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:147 - msgid "Valid Types:\n" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:221 -+#: ../sepolicy/sepolicy/generate.py:181 - #, python-format - msgid "Ports must be numbers or ranges of numbers from 1 to %d " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:231 -+#: ../sepolicy/sepolicy/generate.py:192 - msgid "You must enter a valid policy type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:234 -+#: ../sepolicy/sepolicy/generate.py:195 - #, python-format - msgid "You must enter a name for your policy module for your %s." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:355 -+#: ../sepolicy/sepolicy/generate.py:327 - msgid "" - "Name must be alpha numberic with no spaces. Consider using option \"-n " - "MODULENAME\"" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:447 -+#: ../sepolicy/sepolicy/generate.py:419 - msgid "User Role types can not be assigned executables." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:453 -+#: ../sepolicy/sepolicy/generate.py:425 - msgid "Only Daemon apps can use an init script.." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:471 -+#: ../sepolicy/sepolicy/generate.py:443 - msgid "use_resolve must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:477 -+#: ../sepolicy/sepolicy/generate.py:449 - msgid "use_syslog must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:483 -+#: ../sepolicy/sepolicy/generate.py:455 - msgid "use_kerberos must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:489 -+#: ../sepolicy/sepolicy/generate.py:461 - msgid "manage_krb5_rcache must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:519 -+#: ../sepolicy/sepolicy/generate.py:491 - msgid "USER Types automatically get a tmp type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:857 -+#: ../sepolicy/sepolicy/generate.py:832 - #, python-format - msgid "%s policy modules require existing domains" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1059 -+#: ../sepolicy/sepolicy/generate.py:857 -+msgid "Type field required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:869 -+#, python-format -+msgid "" -+"You need to define a new type which ends with: \n" -+" %s" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:1088 - msgid "You must enter the executable path for your confined process" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1321 -+#: ../sepolicy/sepolicy/generate.py:1351 - msgid "Type Enforcement file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1322 -+#: ../sepolicy/sepolicy/generate.py:1352 - msgid "Interface file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1323 -+#: ../sepolicy/sepolicy/generate.py:1353 - msgid "File Contexts file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1324 -+#: ../sepolicy/sepolicy/generate.py:1354 - msgid "Spec file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1325 -+#: ../sepolicy/sepolicy/generate.py:1355 - msgid "Setup Script" - msgstr "" - -@@ -2428,11 +2522,11 @@ msgid "" - msgstr "" - - #: booleans.py:3 --msgid "Allow amavis to use JIT compiler" -+msgid "Allow antivirus programs to read non security files on a system" - msgstr "" - - #: booleans.py:4 --msgid "Allow antivirus programs to read non security files on a system" -+msgid "Determine whether can antivirus programs use JIT compiler." - msgstr "" - - #: booleans.py:5 -@@ -2454,50 +2548,54 @@ msgid "Allow users to login using a yubikey server" - msgstr "" - - #: booleans.py:9 --msgid "Allow awstats to purge Apache logs" -+msgid "Determine whether awstats can purge httpd log files." - msgstr "" - - #: booleans.py:10 - msgid "" --"Allow cdrecord to read various content. nfs, samba, removable devices, user " --"temp and untrusted content files" -+"Determine whether cdrecord can read various content. nfs, samba, removable " -+"devices, user temp and untrusted content files" - msgstr "" - - #: booleans.py:11 --msgid "Allow clamd to use JIT compiler" -+msgid "" -+"Allow cluster administrative domains to connect to the network using TCP." - msgstr "" - - #: booleans.py:12 --msgid "Allow clamscan to non security files on a system" -+msgid "Allow cluster administrative domains to manage all files on a system." - msgstr "" - - #: booleans.py:13 --msgid "Allow clamscan to read user content" -+msgid "" -+"Allow cluster administrative cluster domains memcheck-amd64- to use " -+"executable memory" - msgstr "" - - #: booleans.py:14 - msgid "" --"Allow Cobbler to modify public files used for public file transfer services." -+"Determine whether Cobbler can modify public files used for public file " -+"transfer services." - msgstr "" - - #: booleans.py:15 --msgid "Allow Cobbler to connect to the network using TCP." -+msgid "Determine whether Cobbler can connect to the network using TCP." - msgstr "" - - #: booleans.py:16 --msgid "Allow Cobbler to access cifs file systems." -+msgid "Determine whether Cobbler can access cifs file systems." - msgstr "" - - #: booleans.py:17 --msgid "Allow Cobbler to access nfs file systems." -+msgid "Determine whether Cobbler can access nfs file systems." - msgstr "" - - #: booleans.py:18 --msgid "Allow collectd to connect to the network using TCP." -+msgid "Determine whether collectd can connect to the network using TCP." - msgstr "" - - #: booleans.py:19 --msgid "Allow codnor domain to connect to the network using TCP." -+msgid "Determine whether Condor can connect to the network using TCP." - msgstr "" - - #: booleans.py:20 -@@ -2506,7 +2604,7 @@ msgid "" - msgstr "" - - #: booleans.py:21 --msgid "Allow cvs daemon to read shadow" -+msgid "Determine whether cvs can read shadow password files." - msgstr "" - - #: booleans.py:22 -@@ -2522,951 +2620,1000 @@ msgid "Allow all daemons the ability to read/write terminals" - msgstr "" - - #: booleans.py:25 --msgid "Allow dan to manage user files" -+msgid "Determine whether dbadm can manage generic user files." - msgstr "" - - #: booleans.py:26 --msgid "Allow dan to read user files" -+msgid "Determine whether dbadm can read generic user files." - msgstr "" - - #: booleans.py:27 --msgid "Allow dbadm to manage files in users home directories" -+msgid "" -+"Deny user domains applications to map a memory region as both executable and " -+"writable, this is dangerous and the executable should be reported in bugzilla" - msgstr "" - - #: booleans.py:28 --msgid "Allow dbadm to read files in users home directories" -+msgid "Deny any process from ptracing or debugging any other processes." - msgstr "" - - #: booleans.py:29 --msgid "" --"Deny user domains applications to map a memory region as both executable and " --"writable, this is dangerous and the executable should be reported in bugzilla" -+msgid "Allow dhcpc client applications to execute iptables commands" - msgstr "" - - #: booleans.py:30 --msgid "Allow sysadm to debug or ptrace all processes." ++#: booleans.py:30 +msgid "Determine whether DHCP daemon can use LDAP backends." msgstr "" - #: booleans.py:31 --msgid "Allow dhcpc client applications to execute iptables commands" +-#: ../sepolicy/sepolicy.py:422 +-msgid "commands" ++#: booleans.py:31 +msgid "Allow all domains to use other domains file descriptors" msgstr "" - #: booleans.py:32 --msgid "Allow DHCP daemon to use LDAP backends" +-#: ../sepolicy/sepolicy.py:425 +-msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" ++#: booleans.py:32 +msgid "Allow all domains to have the kernel load modules" msgstr "" - #: booleans.py:33 --msgid "Allow all domains to use other domains file descriptors" +-#: ../sepolicy/sepolicy/__init__.py:48 +-msgid "No SELinux Policy installed" ++#: booleans.py:33 +msgid "" +"Determine whether entropyd can use audio devices as the source for the " +"entropy feeds." msgstr "" - #: booleans.py:34 --msgid "Allow all domains to have the kernel load modules" +-#: ../sepolicy/sepolicy/__init__.py:54 +-#, python-format +-msgid "Failed to read %s policy file" ++#: booleans.py:34 +msgid "Determine whether exim can connect to databases." msgstr "" - #: booleans.py:35 --msgid "Allow the use of the audio devices as the source for the entropy feeds" +-#: ../sepolicy/sepolicy/__init__.py:127 +-msgid "unknown" ++#: booleans.py:35 +msgid "" +"Determine whether exim can create, read, write, and delete generic user " +"content files." msgstr "" - #: booleans.py:36 --msgid "Allow exim to connect to databases (postgres, mysql)" +-#: ../sepolicy/sepolicy/generate.py:173 +-msgid "Internet Services Daemon" ++#: booleans.py:36 +msgid "Determine whether exim can read generic user content files." msgstr "" - #: booleans.py:37 --msgid "Allow exim to create, read, write, and delete unprivileged user files." +-#: ../sepolicy/sepolicy/generate.py:177 +-msgid "Existing Domain Type" ++#: booleans.py:37 +msgid "Enable extra rules in the cron domain to support fcron." msgstr "" - #: booleans.py:38 --msgid "Allow exim to read unprivileged user files." +-#: ../sepolicy/sepolicy/generate.py:178 +-msgid "Minimal Terminal Login User Role" ++#: booleans.py:38 +msgid "Determine whether fenced can connect to the TCP network." msgstr "" - #: booleans.py:39 --msgid "Enable extra rules in the cron domain to support fcron." +-#: ../sepolicy/sepolicy/generate.py:179 +-msgid "Minimal X Windows Login User Role" ++#: booleans.py:39 +msgid "Determine whether fenced can use ssh." msgstr "" - #: booleans.py:40 --msgid "Allow fenced domain to connect to the network using TCP." +-#: ../sepolicy/sepolicy/generate.py:180 +-msgid "Desktop Login User Role" ++#: booleans.py:40 +msgid "Allow all domains to execute in fips_mode" msgstr "" - #: booleans.py:41 --msgid "Allow fenced domain to execute ssh." +-#: ../sepolicy/sepolicy/generate.py:181 +-msgid "Administrator Login User Role" ++#: booleans.py:41 +msgid "" +"Determine whether ftpd can read and write files in user home directories." msgstr "" - #: booleans.py:42 --msgid "Allow all domains to execute in fips_mode" +-#: ../sepolicy/sepolicy/generate.py:182 +-msgid "Confined Root Administrator Role" ++#: booleans.py:42 +msgid "" +"Determine whether ftpd can modify public files used for public file transfer " +"services. Directories/Files must be labeled public_content_rw_t." msgstr "" - #: booleans.py:43 --msgid "Allow ftp to read and write files in the user home directories" +-#: ../sepolicy/sepolicy/generate.py:187 +-msgid "Valid Types:\n" ++#: booleans.py:43 +msgid "Determine whether ftpd can connect to all unreserved ports." msgstr "" - #: booleans.py:44 --msgid "" --"Allow ftp servers to upload files, used for public file transfer services. " --"Directories must be labeled public_content_rw_t." +-#: ../sepolicy/sepolicy/generate.py:221 +-#, python-format +-msgid "Ports must be numbers or ranges of numbers from 1 to %d " ++#: booleans.py:44 +msgid "Determine whether ftpd can connect to databases over the TCP network." msgstr "" - #: booleans.py:45 --msgid "Allow ftp servers to connect to all ports > 1023" +-#: ../sepolicy/sepolicy/generate.py:231 +-msgid "You must enter a valid policy type" ++#: booleans.py:45 +msgid "" +"Determine whether ftpd can login to local users and can read and write all " +"files on the system, governed by DAC." msgstr "" - #: booleans.py:46 --msgid "Allow ftp servers to connect to mysql database ports" +-#: ../sepolicy/sepolicy/generate.py:234 +-#, python-format +-msgid "You must enter a name for your policy module for your %s." ++#: booleans.py:46 +msgid "" +"Determine whether ftpd can use CIFS used for public file transfer services." msgstr "" +-#: ../sepolicy/sepolicy/generate.py:355 +-msgid "" +-"Name must be alpha numberic with no spaces. Consider using option \"-n " +-"MODULENAME\"" ++#: booleans.py:47 booleans.py:170 ++msgid "Allow samba to export ntfs/fusefs volumes." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:447 +-msgid "User Role types can not be assigned executables." ++#: booleans.py:48 ++msgid "" ++"Determine whether ftpd can use NFS used for public file transfer services." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:453 +-msgid "Only Daemon apps can use an init script.." ++#: booleans.py:49 ++msgid "" ++"Determine whether ftpd can bind to all unreserved ports for passive mode." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:471 +-msgid "use_resolve must be a boolean value " ++#: booleans.py:50 ++msgid "Determine whether Git CGI can search home directories." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:477 +-msgid "use_syslog must be a boolean value " ++#: booleans.py:51 ++msgid "Determine whether Git CGI can access cifs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:483 +-msgid "use_kerberos must be a boolean value " ++#: booleans.py:52 ++msgid "Determine whether Git CGI can access nfs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:489 +-msgid "manage_krb5_rcache must be a boolean value " ++#: booleans.py:53 ++msgid "" ++"Determine whether Git session daemon can bind TCP sockets to all unreserved " ++"ports." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:519 +-msgid "USER Types automatically get a tmp type" ++#: booleans.py:54 ++msgid "" ++"Determine whether calling user domains can execute Git daemon in the " ++"git_session_t domain." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:857 +-#, python-format +-msgid "%s policy modules require existing domains" ++#: booleans.py:55 ++msgid "Determine whether Git system daemon can search home directories." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1059 +-msgid "You must enter the executable path for your confined process" ++#: booleans.py:56 ++msgid "Determine whether Git system daemon can access cifs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1321 +-msgid "Type Enforcement file" ++#: booleans.py:57 ++msgid "Determine whether Git system daemon can access nfs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1322 +-msgid "Interface file" ++#: booleans.py:58 ++msgid "Determine whether Gitosis can send mail." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1323 +-msgid "File Contexts file" ++#: booleans.py:59 ++msgid "Enable reading of urandom for all domains." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1324 +-msgid "Spec file" ++#: booleans.py:60 ++msgid "" ++"Allow glusterfsd to modify public files used for public file transfer " ++"services. Files/Directories must be labeled public_content_rw_t." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1325 +-msgid "Setup Script" ++#: booleans.py:61 ++msgid "Allow glusterfsd to share any file/directory read only." + msgstr "" + +-#: booleans.py:1 +-msgid "" +-"Allow ABRT to modify public files used for public file transfer services." ++#: booleans.py:62 ++msgid "Allow glusterfsd to share any file/directory read/write." + msgstr "" + +-#: booleans.py:2 ++#: booleans.py:63 + msgid "" +-"Allow ABRT to run in abrt_handle_event_t domain to handle ABRT event scripts" ++"Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" ++"agent to manage user files." + msgstr "" + +-#: booleans.py:3 +-msgid "Allow amavis to use JIT compiler" ++#: booleans.py:64 ++msgid "" ++"Allow gpg web domain to modify public files used for public file transfer " ++"services." + msgstr "" + +-#: booleans.py:4 +-msgid "Allow antivirus programs to read non security files on a system" ++#: booleans.py:65 ++msgid "Allow gssd to read temp directory. For access to kerberos tgt." + msgstr "" + +-#: booleans.py:5 +-msgid "Allow auditadm to exec content" ++#: booleans.py:66 ++msgid "Allow guest to exec content" + msgstr "" + +-#: booleans.py:6 ++#: booleans.py:67 ++msgid "" ++"Allow Apache to modify public files used for public file transfer services. " ++"Directories/Files must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:68 ++msgid "Allow httpd to use built in scripting (usually php)" ++msgstr "" ++ ++#: booleans.py:69 ++msgid "Allow http daemon to check spam" ++msgstr "" ++ ++#: booleans.py:70 ++msgid "" ++"Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " ++"ports" ++msgstr "" ++ ++#: booleans.py:71 ++msgid "Allow httpd to connect to the ldap port" ++msgstr "" ++ ++#: booleans.py:72 ++msgid "Allow http daemon to connect to mythtv" ++msgstr "" ++ ++#: booleans.py:73 ++msgid "Allow http daemon to connect to zabbix" ++msgstr "" ++ ++#: booleans.py:74 ++msgid "Allow HTTPD scripts and modules to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:75 ++msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." ++msgstr "" ++ ++#: booleans.py:76 ++msgid "" ++"Allow HTTPD scripts and modules to connect to databases over the network." ++msgstr "" ++ ++#: booleans.py:77 ++msgid "Allow httpd to connect to memcache server" ++msgstr "" ++ ++#: booleans.py:78 ++msgid "Allow httpd to act as a relay" ++msgstr "" ++ ++#: booleans.py:79 ++msgid "Allow http daemon to send mail" ++msgstr "" ++ ++#: booleans.py:80 ++msgid "Allow Apache to communicate with avahi service via dbus" ++msgstr "" ++ ++#: booleans.py:81 ++msgid "Allow httpd cgi support" ++msgstr "" ++ ++#: booleans.py:82 ++msgid "Allow httpd to act as a FTP server by listening on the ftp port." ++msgstr "" ++ ++#: booleans.py:83 ++msgid "Allow httpd to read home directories" ++msgstr "" ++ ++#: booleans.py:84 ++msgid "Allow httpd scripts and modules execmem/execstack" ++msgstr "" ++ ++#: booleans.py:85 ++msgid "Allow HTTPD to connect to port 80 for graceful shutdown" ++msgstr "" ++ ++#: booleans.py:86 ++msgid "Allow httpd processes to manage IPA content" ++msgstr "" ++ ++#: booleans.py:87 ++msgid "Allow Apache to use mod_auth_ntlm_winbind" ++msgstr "" ++ ++#: booleans.py:88 ++msgid "Allow Apache to use mod_auth_pam" ++msgstr "" ++ ++#: booleans.py:89 ++msgid "Allow httpd to read user content" ++msgstr "" ++ ++#: booleans.py:90 ++msgid "Allow Apache to run in stickshift mode, not transition to passenger" ++msgstr "" ++ ++#: booleans.py:91 ++msgid "Allow HTTPD scripts and modules to server cobbler files." ++msgstr "" ++ ++#: booleans.py:92 ++msgid "Allow httpd daemon to change its resource limits" ++msgstr "" ++ ++#: booleans.py:93 ++msgid "" ++"Allow HTTPD to run SSI executables in the same domain as system CGI scripts." ++msgstr "" ++ ++#: booleans.py:94 ++msgid "" ++"Allow apache scripts to write to public content, directories/files must be " ++"labeled public_rw_content_t." ++msgstr "" ++ ++#: booleans.py:95 ++msgid "Allow Apache to execute tmp content." ++msgstr "" ++ ++#: booleans.py:96 ++msgid "" ++"Unify HTTPD to communicate with the terminal. Needed for entering the " ++"passphrase for certificates at the terminal." ++msgstr "" ++ ++#: booleans.py:97 ++msgid "Unify HTTPD handling of all content files." ++msgstr "" ++ ++#: booleans.py:98 ++msgid "Allow httpd to access cifs file systems" ++msgstr "" ++ ++#: booleans.py:99 ++msgid "Allow httpd to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:100 ++msgid "Allow httpd to run gpg" ++msgstr "" ++ ++#: booleans.py:101 ++msgid "Allow httpd to access nfs file systems" ++msgstr "" ++ ++#: booleans.py:102 ++msgid "Allow httpd to access openstack ports" ++msgstr "" ++ ++#: booleans.py:103 ++msgid "Allow httpd to connect to sasl" ++msgstr "" ++ ++#: booleans.py:104 ++msgid "Allow Apache to query NS records" ++msgstr "" ++ ++#: booleans.py:105 ++msgid "Determine whether icecast can listen on and connect to any TCP port." ++msgstr "" ++ ++#: booleans.py:106 ++msgid "" ++"Determine whether irc clients can listen on and connect to any unreserved " ++"TCP ports." ++msgstr "" ++ ++#: booleans.py:107 ++msgid "" ++"Allow the Irssi IRC Client to connect to any port, and to bind to any " ++"unreserved port." ++msgstr "" ++ ++#: booleans.py:108 ++msgid "Allow confined applications to run with kerberos." ++msgstr "" ++ ++#: booleans.py:109 ++msgid "Allow ksmtuned to use cifs/Samba file systems" ++msgstr "" ++ ++#: booleans.py:110 ++msgid "Allow ksmtuned to use nfs file systems" ++msgstr "" ++ ++#: booleans.py:111 ++msgid "Allow syslogd daemon to send mail" ++msgstr "" ++ ++#: booleans.py:112 ++msgid "Allow syslogd the ability to read/write terminals" ++msgstr "" ++ ++#: booleans.py:113 ++msgid "Allow logging in and using the system from /dev/console." ++msgstr "" ++ ++#: booleans.py:114 ++msgid "Allow mailman to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:115 ++msgid "Determine whether mcelog supports client mode." ++msgstr "" ++ ++#: booleans.py:116 ++msgid "Determine whether mcelog can execute scripts." ++msgstr "" ++ ++#: booleans.py:117 ++msgid "Determine whether mcelog can use all the user ttys." ++msgstr "" ++ ++#: booleans.py:118 ++msgid "Determine whether mcelog supports server mode." ++msgstr "" ++ ++#: booleans.py:119 ++msgid "" ++"Control the ability to mmap a low area of the address space, as configured " ++"by /proc/sys/kernel/mmap_min_addr." ++msgstr "" ++ ++#: booleans.py:120 ++msgid "Allow mock to read files in home directories." ++msgstr "" ++ ++#: booleans.py:121 ++msgid "Allow the mount commands to mount any directory or file." ++msgstr "" ++ ++#: booleans.py:122 ++msgid "Allow mozilla plugin domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:123 ++msgid "Allow mozilla plugin to support GPS." ++msgstr "" ++ ++#: booleans.py:124 ++msgid "Allow mozilla plugin to support spice protocols." ++msgstr "" ++ ++#: booleans.py:125 ++msgid "Allow confined web browsers to read home directory content" ++msgstr "" ++ ++#: booleans.py:126 ++msgid "Determine whether mpd can traverse user home directories." ++msgstr "" ++ ++#: booleans.py:127 ++msgid "Determine whether mpd can use cifs file systems." ++msgstr "" ++ ++#: booleans.py:128 ++msgid "Determine whether mpd can use nfs file systems." ++msgstr "" ++ ++#: booleans.py:129 ++msgid "Determine whether mplayer can make its stack executable." ++msgstr "" ++ ++#: booleans.py:130 ++msgid "Allow mysqld to connect to all ports" ++msgstr "" ++ ++#: booleans.py:131 ++msgid "Determine whether Bind can bind tcp socket to http ports." ++msgstr "" ++ ++#: booleans.py:132 ++msgid "" ++"Determine whether Bind can write to master zone files. Generally this is " ++"used for dynamic DNS or zone transfers." ++msgstr "" ++ ++#: booleans.py:133 ++msgid "Allow any files/directories to be exported read/only via NFS." ++msgstr "" ++ ++#: booleans.py:134 ++msgid "Allow any files/directories to be exported read/write via NFS." ++msgstr "" ++ ++#: booleans.py:135 ++msgid "" ++"Allow nfs servers to modify public files used for public file transfer " ++"services. Files/Directories must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:136 ++msgid "Allow system to run with NIS" ++msgstr "" ++ ++#: booleans.py:137 ++msgid "Allow confined applications to use nscd shared memory." ++msgstr "" ++ ++#: booleans.py:138 ++msgid "Allow openshift to lockdown app" ++msgstr "" ++ ++#: booleans.py:139 ++msgid "Determine whether openvpn can read generic user home content files." ++msgstr "" ++ ++#: booleans.py:140 ++msgid "Allow piranha-lvs domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:141 ++msgid "Allow polipo to connect to all ports > 1023" ++msgstr "" ++ ++#: booleans.py:142 ++msgid "" ++"Determine whether Polipo session daemon can bind tcp sockets to all " ++"unreserved ports." ++msgstr "" ++ ++#: booleans.py:143 ++msgid "" ++"Determine whether calling user domains can execute Polipo daemon in the " ++"polipo_session_t domain." ++msgstr "" ++ ++#: booleans.py:144 ++msgid "Determine whether polipo can access cifs file systems." ++msgstr "" ++ ++#: booleans.py:145 ++msgid "Determine whether Polipo can access nfs file systems." ++msgstr "" ++ ++#: booleans.py:146 ++msgid "Enable polyinstantiated directory support." ++msgstr "" ++ ++#: booleans.py:147 ++msgid "Allow postfix_local domain full write access to mail_spool directories" ++msgstr "" ++ ++#: booleans.py:148 ++msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" ++msgstr "" ++ ++#: booleans.py:149 ++msgid "Allow transmit client label to foreign database" ++msgstr "" ++ ++#: booleans.py:150 ++msgid "Allow database admins to execute DML statement" ++msgstr "" ++ ++#: booleans.py:151 ++msgid "Allow unprivileged users to execute DDL statement" ++msgstr "" ++ ++#: booleans.py:152 ++msgid "Allow pppd to load kernel modules for certain modems" ++msgstr "" ++ ++#: booleans.py:153 ++msgid "Allow pppd to be run for a regular user" ++msgstr "" ++ ++#: booleans.py:154 ++msgid "Determine whether privoxy can connect to all tcp ports." ++msgstr "" ++ ++#: booleans.py:155 ++msgid "" ++"Permit to prosody to bind apache port. Need to be activated to use BOSH." ++msgstr "" ++ ++#: booleans.py:156 ++msgid "Allow Puppet client to manage all file types." ++msgstr "" ++ ++#: booleans.py:157 ++msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" ++msgstr "" ++ ++#: booleans.py:158 ++msgid "Allow racoon to read shadow" ++msgstr "" ++ ++#: booleans.py:159 ++msgid "" ++"Allow rsync to modify public files used for public file transfer services. " ++"Files/Directories must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:160 ++msgid "Allow rsync to run as a client" ++msgstr "" ++ ++#: booleans.py:161 ++msgid "Allow rsync to export any files/directories read only." ++msgstr "" ++ ++#: booleans.py:162 ++msgid "Allow rsync server to manage all files/directories on the system." ++msgstr "" ++ ++#: booleans.py:163 ++msgid "Allow samba to create new home directories (e.g. via PAM)" ++msgstr "" ++ ++#: booleans.py:164 ++msgid "" ++"Allow samba to act as the domain controller, add users, groups and change " ++"passwords." ++msgstr "" ++ ++#: booleans.py:165 ++msgid "Allow samba to share users home directories." ++msgstr "" ++ ++#: booleans.py:166 ++msgid "Allow samba to share any file/directory read only." ++msgstr "" ++ ++#: booleans.py:167 ++msgid "Allow samba to share any file/directory read/write." ++msgstr "" ++ ++#: booleans.py:168 ++msgid "Allow samba to act as a portmapper" ++msgstr "" ++ ++#: booleans.py:169 ++msgid "Allow samba to run unconfined scripts" ++msgstr "" ++ ++#: booleans.py:171 ++msgid "Allow samba to export NFS volumes." ++msgstr "" ++ ++#: booleans.py:172 ++msgid "Allow sanlock to read/write fuse files" ++msgstr "" ++ ++#: booleans.py:173 ++msgid "Allow sanlock to manage nfs files" ++msgstr "" ++ ++#: booleans.py:174 ++msgid "Allow sanlock to manage cifs files" ++msgstr "" ++ ++#: booleans.py:175 ++msgid "Allow sasl to read shadow" ++msgstr "" ++ ++#: booleans.py:176 ++msgid "Allow secadm to exec content" ++msgstr "" ++ ++#: booleans.py:177 + msgid "" +-"Allow users to resolve user passwd entries directly from ldap rather then " +-"using a sssd server" ++"disallow programs, such as newrole, from transitioning to administrative " ++"user domains." + msgstr "" + +-#: booleans.py:7 +-msgid "Allow users to login using a radius server" ++#: booleans.py:178 ++msgid "Disable kernel module loading." + msgstr "" + +-#: booleans.py:8 +-msgid "Allow users to login using a yubikey server" ++#: booleans.py:179 ++msgid "" ++"Boolean to determine whether the system permits loading policy, setting " ++"enforcing mode, and changing boolean values. Set this to true and you have " ++"to reboot to set it back." + msgstr "" + +-#: booleans.py:9 +-msgid "Allow awstats to purge Apache logs" ++#: booleans.py:180 ++msgid "Allow regular users direct dri device access" + msgstr "" + +-#: booleans.py:10 ++#: booleans.py:181 + msgid "" +-"Allow cdrecord to read various content. nfs, samba, removable devices, user " +-"temp and untrusted content files" ++"Allow unconfined executables to make their heap memory executable. Doing " ++"this is a really bad idea. Probably indicates a badly coded executable, but " ++"could indicate an attack. This executable should be reported in bugzilla" + msgstr "" + +-#: booleans.py:11 +-msgid "Allow clamd to use JIT compiler" ++#: booleans.py:182 ++msgid "" ++"Allow all unconfined executables to use libraries requiring text relocation " ++"that are not labeled textrel_shlib_t" + msgstr "" + +-#: booleans.py:12 +-msgid "Allow clamscan to non security files on a system" ++#: booleans.py:183 ++msgid "" ++"Allow unconfined executables to make their stack executable. This should " ++"never, ever be necessary. Probably indicates a badly coded executable, but " ++"could indicate an attack. This executable should be reported in bugzilla" + msgstr "" + +-#: booleans.py:13 +-msgid "Allow clamscan to read user content" ++#: booleans.py:184 ++msgid "Allow users to connect to the local mysql server" + msgstr "" + +-#: booleans.py:14 ++#: booleans.py:185 + msgid "" +-"Allow Cobbler to modify public files used for public file transfer services." ++"Allow confined users the ability to execute the ping and traceroute commands." + msgstr "" + +-#: booleans.py:15 +-msgid "Allow Cobbler to connect to the network using TCP." ++#: booleans.py:186 ++msgid "Allow users to connect to PostgreSQL" + msgstr "" + +-#: booleans.py:16 +-msgid "Allow Cobbler to access cifs file systems." ++#: booleans.py:187 ++msgid "" ++"Allow user to r/w files on filesystems that do not have extended attributes " ++"(FAT, CDROM, FLOPPY)" + msgstr "" + +-#: booleans.py:17 +-msgid "Allow Cobbler to access nfs file systems." ++#: booleans.py:188 ++msgid "Allow user music sharing" + msgstr "" + +-#: booleans.py:18 +-msgid "Allow collectd to connect to the network using TCP." ++#: booleans.py:189 ++msgid "" ++"Allow users to run TCP servers (bind to ports and accept connection from the " ++"same domain and outside users) disabling this forces FTP passive mode and " ++"may change other protocols." + msgstr "" + +-#: booleans.py:19 +-msgid "Allow codnor domain to connect to the network using TCP." ++#: booleans.py:190 ++msgid "Allow user to use ssh chroot environment." + msgstr "" + +-#: booleans.py:20 ++#: booleans.py:191 + msgid "" +-"Allow system cron jobs to relabel filesystem for restoring file contexts." ++"Determine whether sftpd can modify public files used for public file " ++"transfer services. Directories/Files must be labeled public_content_rw_t." + msgstr "" + +-#: booleans.py:21 +-msgid "Allow cvs daemon to read shadow" ++#: booleans.py:192 ++msgid "" ++"Determine whether sftpd-can read and write files in user home directories." + msgstr "" + +-#: booleans.py:22 +-msgid "Allow all daemons to write corefiles to /" ++#: booleans.py:193 ++msgid "" ++"Determine whether sftpd-can login to local users and read and write all " ++"files on the system, governed by DAC." + msgstr "" + +-#: booleans.py:23 +-msgid "Allow all daemons to use tcp wrappers." ++#: booleans.py:194 ++msgid "" ++"Determine whether sftpd can read and write files in user ssh home " ++"directories." + msgstr "" + +-#: booleans.py:24 +-msgid "Allow all daemons the ability to read/write terminals" ++#: booleans.py:195 ++msgid "Allow sge to connect to the network using any TCP port" + msgstr "" + +-#: booleans.py:25 +-msgid "Allow dan to manage user files" ++#: booleans.py:196 ++msgid "Allow sge to access nfs file systems." + msgstr "" + +-#: booleans.py:26 +-msgid "Allow dan to read user files" ++#: booleans.py:197 ++msgid "Determine whether smartmon can support devices on 3ware controllers." + msgstr "" + +-#: booleans.py:27 +-msgid "Allow dbadm to manage files in users home directories" ++#: booleans.py:198 ++msgid "" ++"Allow samba to modify public files used for public file transfer services. " ++"Files/Directories must be labeled public_content_rw_t." + msgstr "" + +-#: booleans.py:28 +-msgid "Allow dbadm to read files in users home directories" ++#: booleans.py:199 ++msgid "Allow user spamassassin clients to use the network." + msgstr "" + +-#: booleans.py:29 ++#: booleans.py:200 ++msgid "Allow spamd to read/write user home directories." ++msgstr "" ++ ++#: booleans.py:201 ++msgid "Determine whether squid can connect to all TCP ports." ++msgstr "" ++ ++#: booleans.py:202 ++msgid "Determine whether squid can run as a transparent proxy." ++msgstr "" ++ ++#: booleans.py:203 + msgid "" +-"Deny user domains applications to map a memory region as both executable and " +-"writable, this is dangerous and the executable should be reported in bugzilla" ++"Allow ssh with chroot env to read and write files in the user home " ++"directories" + msgstr "" + +-#: booleans.py:30 +-msgid "Allow sysadm to debug or ptrace all processes." ++#: booleans.py:204 ++msgid "allow host key based authentication" + msgstr "" + +-#: booleans.py:31 +-msgid "Allow dhcpc client applications to execute iptables commands" ++#: booleans.py:205 ++msgid "Allow ssh logins as sysadm_r:sysadm_t" + msgstr "" + +-#: booleans.py:32 +-msgid "Allow DHCP daemon to use LDAP backends" ++#: booleans.py:206 ++msgid "Allow staff to exec content" + msgstr "" + +-#: booleans.py:33 +-msgid "Allow all domains to use other domains file descriptors" ++#: booleans.py:207 ++msgid "allow staff user to create and transition to svirt domains." + msgstr "" + +-#: booleans.py:34 +-msgid "Allow all domains to have the kernel load modules" ++#: booleans.py:208 ++msgid "Allow sysadm to exec content" + msgstr "" + +-#: booleans.py:35 +-msgid "Allow the use of the audio devices as the source for the entropy feeds" ++#: booleans.py:209 ++msgid "Allow the Telepathy connection managers to connect to any network port." + msgstr "" + +-#: booleans.py:36 +-msgid "Allow exim to connect to databases (postgres, mysql)" ++#: booleans.py:210 ++msgid "" ++"Allow the Telepathy connection managers to connect to any generic TCP port." + msgstr "" + +-#: booleans.py:37 +-msgid "Allow exim to create, read, write, and delete unprivileged user files." ++#: booleans.py:211 ++msgid "Allow testpolicy to exec content" + msgstr "" + +-#: booleans.py:38 +-msgid "Allow exim to read unprivileged user files." ++#: booleans.py:212 ++msgid "" ++"Allow tftp to modify public files used for public file transfer services." + msgstr "" + +-#: booleans.py:39 +-msgid "Enable extra rules in the cron domain to support fcron." ++#: booleans.py:213 ++msgid "Allow tftp to read and write files in the user home directories" + msgstr "" + +-#: booleans.py:40 +-msgid "Allow fenced domain to connect to the network using TCP." ++#: booleans.py:214 ++msgid "Determine whether tor can bind tcp sockets to all unreserved ports." + msgstr "" + +-#: booleans.py:41 +-msgid "Allow fenced domain to execute ssh." ++#: booleans.py:215 ++msgid "Allow tor to act as a relay" + msgstr "" + +-#: booleans.py:42 +-msgid "Allow all domains to execute in fips_mode" ++#: booleans.py:216 ++msgid "" ++"allow unconfined users to transition to the chrome sandbox domains when " ++"running chrome-sandbox" + msgstr "" + +-#: booleans.py:43 +-msgid "Allow ftp to read and write files in the user home directories" ++#: booleans.py:217 ++msgid "Allow a user to login as an unconfined domain" + msgstr "" + +-#: booleans.py:44 ++#: booleans.py:218 + msgid "" +-"Allow ftp servers to upload files, used for public file transfer services. " +-"Directories must be labeled public_content_rw_t." ++"Allow unconfined users to transition to the Mozilla plugin domain when " ++"running xulrunner plugin-container." + msgstr "" + +-#: booleans.py:45 +-msgid "Allow ftp servers to connect to all ports > 1023" ++#: booleans.py:219 ++msgid "Allow unprivledged user to create and transition to svirt domains." + msgstr "" + +-#: booleans.py:46 +-msgid "Allow ftp servers to connect to mysql database ports" ++#: booleans.py:220 ++msgid "Support ecryptfs home directories" + msgstr "" + -#: booleans.py:47 -msgid "" -"Allow ftp servers to login to local users and read/write all files on the " -"system, governed by DAC." -+#: booleans.py:47 booleans.py:166 -+msgid "Allow samba to export ntfs/fusefs volumes." ++#: booleans.py:221 ++msgid "Support fusefs home directories" msgstr "" - #: booleans.py:48 +-#: booleans.py:48 -msgid "Allow ftp servers to use cifs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can use NFS used for public file transfer services." - msgstr "" - - #: booleans.py:49 --msgid "Allow ftp servers to use nfs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can bind to all unreserved ports for passive mode." - msgstr "" - - #: booleans.py:50 --msgid "Allow ftp servers to use bind to all unreserved ports for passive mode" --msgstr "" -- --#: booleans.py:51 - msgid "Determine whether Git CGI can search home directories." - msgstr "" - --#: booleans.py:52 -+#: booleans.py:51 - msgid "Determine whether Git CGI can access cifs file systems." - msgstr "" - --#: booleans.py:53 -+#: booleans.py:52 - msgid "Determine whether Git CGI can access nfs file systems." - msgstr "" - --#: booleans.py:54 -+#: booleans.py:53 - msgid "" - "Determine whether Git session daemon can bind TCP sockets to all unreserved " - "ports." - msgstr "" - --#: booleans.py:55 -+#: booleans.py:54 - msgid "" - "Determine whether calling user domains can execute Git daemon in the " - "git_session_t domain." - msgstr "" - --#: booleans.py:56 -+#: booleans.py:55 - msgid "Determine whether Git system daemon can search home directories." - msgstr "" - --#: booleans.py:57 -+#: booleans.py:56 - msgid "Determine whether Git system daemon can access cifs file systems." - msgstr "" - --#: booleans.py:58 -+#: booleans.py:57 - msgid "Determine whether Git system daemon can access nfs file systems." - msgstr "" - -+#: booleans.py:58 -+msgid "Determine whether Gitosis can send mail." -+msgstr "" -+ - #: booleans.py:59 --msgid "Allow gitisis daemon to send mail" -+msgid "Enable reading of urandom for all domains." - msgstr "" - - #: booleans.py:60 --msgid "Enable reading of urandom for all domains." -+msgid "" -+"Allow glusterfsd to modify public files used for public file transfer " -+"services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - - #: booleans.py:61 -+msgid "Allow glusterfsd to share any file/directory read only." -+msgstr "" -+ -+#: booleans.py:62 -+msgid "Allow glusterfsd to share any file/directory read/write." -+msgstr "" -+ -+#: booleans.py:63 - msgid "" - "Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" - "agent to manage user files." - msgstr "" - --#: booleans.py:62 -+#: booleans.py:64 - msgid "" - "Allow gpg web domain to modify public files used for public file transfer " - "services." - msgstr "" - --#: booleans.py:63 -+#: booleans.py:65 - msgid "Allow gssd to read temp directory. For access to kerberos tgt." - msgstr "" - --#: booleans.py:64 -+#: booleans.py:66 - msgid "Allow guest to exec content" - msgstr "" - --#: booleans.py:65 -+#: booleans.py:67 - msgid "" - "Allow Apache to modify public files used for public file transfer services. " - "Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:66 -+#: booleans.py:68 - msgid "Allow httpd to use built in scripting (usually php)" - msgstr "" - --#: booleans.py:67 -+#: booleans.py:69 - msgid "Allow http daemon to check spam" - msgstr "" - --#: booleans.py:68 -+#: booleans.py:70 - msgid "" - "Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " - "ports" - msgstr "" - --#: booleans.py:69 -+#: booleans.py:71 - msgid "Allow httpd to connect to the ldap port" - msgstr "" - --#: booleans.py:70 -+#: booleans.py:72 - msgid "Allow http daemon to connect to zabbix" - msgstr "" - --#: booleans.py:71 -+#: booleans.py:73 - msgid "Allow HTTPD scripts and modules to connect to the network using TCP." - msgstr "" - --#: booleans.py:72 -+#: booleans.py:74 - msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." - msgstr "" - --#: booleans.py:73 -+#: booleans.py:75 - msgid "" - "Allow HTTPD scripts and modules to connect to databases over the network." - msgstr "" - --#: booleans.py:74 -+#: booleans.py:76 - msgid "Allow httpd to connect to memcache server" - msgstr "" - --#: booleans.py:75 -+#: booleans.py:77 - msgid "Allow httpd to act as a relay" - msgstr "" - --#: booleans.py:76 -+#: booleans.py:78 - msgid "Allow http daemon to send mail" - msgstr "" - --#: booleans.py:77 -+#: booleans.py:79 - msgid "Allow Apache to communicate with avahi service via dbus" - msgstr "" - --#: booleans.py:78 -+#: booleans.py:80 - msgid "Allow httpd cgi support" - msgstr "" - --#: booleans.py:79 -+#: booleans.py:81 - msgid "Allow httpd to act as a FTP server by listening on the ftp port." - msgstr "" - --#: booleans.py:80 -+#: booleans.py:82 - msgid "Allow httpd to read home directories" - msgstr "" - --#: booleans.py:81 -+#: booleans.py:83 - msgid "Allow httpd scripts and modules execmem/execstack" - msgstr "" - --#: booleans.py:82 -+#: booleans.py:84 - msgid "Allow HTTPD to connect to port 80 for graceful shutdown" - msgstr "" - --#: booleans.py:83 -+#: booleans.py:85 - msgid "Allow httpd processes to manage IPA content" - msgstr "" - --#: booleans.py:84 -+#: booleans.py:86 - msgid "Allow Apache to use mod_auth_ntlm_winbind" - msgstr "" - --#: booleans.py:85 -+#: booleans.py:87 - msgid "Allow Apache to use mod_auth_pam" - msgstr "" - --#: booleans.py:86 -+#: booleans.py:88 - msgid "Allow httpd to read user content" - msgstr "" - --#: booleans.py:87 -+#: booleans.py:89 - msgid "Allow Apache to run in stickshift mode, not transition to passenger" - msgstr "" - --#: booleans.py:88 -+#: booleans.py:90 -+msgid "Allow HTTPD scripts and modules to server cobbler files." -+msgstr "" -+ -+#: booleans.py:91 - msgid "Allow httpd daemon to change its resource limits" - msgstr "" - --#: booleans.py:89 -+#: booleans.py:92 - msgid "" - "Allow HTTPD to run SSI executables in the same domain as system CGI scripts." - msgstr "" - --#: booleans.py:90 -+#: booleans.py:93 - msgid "" - "Allow apache scripts to write to public content, directories/files must be " - "labeled public_rw_content_t." - msgstr "" - --#: booleans.py:91 -+#: booleans.py:94 - msgid "Allow Apache to execute tmp content." - msgstr "" - --#: booleans.py:92 -+#: booleans.py:95 - msgid "" - "Unify HTTPD to communicate with the terminal. Needed for entering the " - "passphrase for certificates at the terminal." - msgstr "" - --#: booleans.py:93 -+#: booleans.py:96 - msgid "Unify HTTPD handling of all content files." - msgstr "" - --#: booleans.py:94 -+#: booleans.py:97 - msgid "Allow httpd to access cifs file systems" - msgstr "" - --#: booleans.py:95 -+#: booleans.py:98 - msgid "Allow httpd to access FUSE file systems" - msgstr "" - --#: booleans.py:96 -+#: booleans.py:99 - msgid "Allow httpd to run gpg" - msgstr "" - --#: booleans.py:97 -+#: booleans.py:100 - msgid "Allow httpd to access nfs file systems" - msgstr "" - --#: booleans.py:98 -+#: booleans.py:101 - msgid "Allow httpd to communicate with oddjob to start up a service" - msgstr "" - --#: booleans.py:99 -+#: booleans.py:102 - msgid "Allow httpd to access openstack ports" - msgstr "" - --#: booleans.py:100 -+#: booleans.py:103 - msgid "Allow Apache to query NS records" - msgstr "" - --#: booleans.py:101 --msgid "Allow icecast to connect to all ports, not just sound ports." -+#: booleans.py:104 -+msgid "Determine whether icecast can listen on and connect to any TCP port." - msgstr "" - --#: booleans.py:102 -+#: booleans.py:105 -+msgid "" -+"Determine whether irc clients can listen on and connect to any unreserved " -+"TCP ports." -+msgstr "" -+ -+#: booleans.py:106 - msgid "" - "Allow the Irssi IRC Client to connect to any port, and to bind to any " - "unreserved port." - msgstr "" - --#: booleans.py:103 -+#: booleans.py:107 - msgid "Allow confined applications to run with kerberos." - msgstr "" - --#: booleans.py:104 --msgid "Allow syslogd daemon to send mail" -+#: booleans.py:108 -+msgid "Allow ksmtuned to use cifs/Samba file systems" - msgstr "" - --#: booleans.py:105 --msgid "Allow syslogd the ability to read/write terminals" -+#: booleans.py:109 -+msgid "Allow ksmtuned to use nfs file systems" - msgstr "" - --#: booleans.py:106 -+#: booleans.py:110 -+msgid "Allow syslogd daemon to send mail" -+msgstr "" -+ -+#: booleans.py:111 -+msgid "Allow syslogd the ability to read/write terminals" -+msgstr "" -+ -+#: booleans.py:112 - msgid "Allow logging in and using the system from /dev/console." - msgstr "" - --#: booleans.py:107 -+#: booleans.py:113 -+msgid "Allow mailman to access FUSE file systems" -+msgstr "" -+ -+#: booleans.py:114 -+msgid "Determine whether mcelog supports client mode." -+msgstr "" -+ -+#: booleans.py:115 -+msgid "Determine whether mcelog can execute scripts." -+msgstr "" -+ -+#: booleans.py:116 -+msgid "Determine whether mcelog can use all the user ttys." -+msgstr "" -+ -+#: booleans.py:117 -+msgid "Determine whether mcelog supports server mode." -+msgstr "" -+ -+#: booleans.py:118 - msgid "" - "Control the ability to mmap a low area of the address space, as configured " - "by /proc/sys/kernel/mmap_min_addr." - msgstr "" - --#: booleans.py:108 -+#: booleans.py:119 - msgid "Allow mock to read files in home directories." - msgstr "" - --#: booleans.py:109 -+#: booleans.py:120 - msgid "Allow the mount command to mount any directory or file." - msgstr "" - --#: booleans.py:110 -+#: booleans.py:121 - msgid "Allow mozilla plugin domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:111 --msgid "" --"Allow mozilla_plugins to create random content in the users home directory" -+#: booleans.py:122 -+msgid "Allow confined web browsers to read home directory content" - msgstr "" - --#: booleans.py:112 --msgid "Allow confined web browsers to read home directory content" -+#: booleans.py:123 -+msgid "Determine whether mpd can traverse user home directories." - msgstr "" - --#: booleans.py:113 --msgid "Allow mplayer executable stack" -+#: booleans.py:124 -+msgid "Determine whether mpd can use cifs file systems." - msgstr "" - --#: booleans.py:114 -+#: booleans.py:125 -+msgid "Determine whether mpd can use nfs file systems." -+msgstr "" -+ -+#: booleans.py:126 -+msgid "Determine whether mplayer can make its stack executable." -+msgstr "" -+ -+#: booleans.py:127 - msgid "Allow mysqld to connect to all ports" - msgstr "" - --#: booleans.py:115 --msgid "Allow BIND to bind apache port." -+#: booleans.py:128 -+msgid "Determine whether Bind can bind tcp socket to http ports." - msgstr "" - --#: booleans.py:116 -+#: booleans.py:129 - msgid "" --"Allow BIND to write the master zone files. Generally this is used for " --"dynamic DNS or zone transfers." -+"Determine whether Bind can write to master zone files. Generally this is " -+"used for dynamic DNS or zone transfers." - msgstr "" - --#: booleans.py:117 -+#: booleans.py:130 - msgid "Allow any files/directories to be exported read/only via NFS." - msgstr "" - --#: booleans.py:118 -+#: booleans.py:131 - msgid "Allow any files/directories to be exported read/write via NFS." - msgstr "" - --#: booleans.py:119 -+#: booleans.py:132 - msgid "" - "Allow nfs servers to modify public files used for public file transfer " - "services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:120 -+#: booleans.py:133 - msgid "Allow system to run with NIS" - msgstr "" - --#: booleans.py:121 -+#: booleans.py:134 - msgid "Allow confined applications to use nscd shared memory." - msgstr "" - --#: booleans.py:122 -+#: booleans.py:135 - msgid "Allow openshift to lockdown app" - msgstr "" - --#: booleans.py:123 --msgid "Allow openvpn to read home directories" -+#: booleans.py:136 -+msgid "Determine whether openvpn can read generic user home content files." - msgstr "" - --#: booleans.py:124 -+#: booleans.py:137 - msgid "Allow piranha-lvs domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:125 -+#: booleans.py:138 - msgid "Allow polipo to connect to all ports > 1023" - msgstr "" - --#: booleans.py:126 -+#: booleans.py:139 - msgid "" - "Determine whether Polipo session daemon can bind tcp sockets to all " - "unreserved ports." - msgstr "" - --#: booleans.py:127 -+#: booleans.py:140 - msgid "" - "Determine whether calling user domains can execute Polipo daemon in the " - "polipo_session_t domain." - msgstr "" - --#: booleans.py:128 -+#: booleans.py:141 - msgid "Determine whether polipo can access cifs file systems." - msgstr "" - --#: booleans.py:129 -+#: booleans.py:142 - msgid "Determine whether Polipo can access nfs file systems." - msgstr "" - --#: booleans.py:130 -+#: booleans.py:143 - msgid "Enable polyinstantiated directory support." - msgstr "" - --#: booleans.py:131 -+#: booleans.py:144 - msgid "Allow postfix_local domain full write access to mail_spool directories" - msgstr "" - --#: booleans.py:132 -+#: booleans.py:145 - msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" - msgstr "" - --#: booleans.py:133 -+#: booleans.py:146 - msgid "Allow transmit client label to foreign database" - msgstr "" - --#: booleans.py:134 -+#: booleans.py:147 - msgid "Allow database admins to execute DML statement" - msgstr "" - --#: booleans.py:135 -+#: booleans.py:148 - msgid "Allow unprivileged users to execute DDL statement" - msgstr "" - --#: booleans.py:136 -+#: booleans.py:149 - msgid "Allow pppd to load kernel modules for certain modems" - msgstr "" - --#: booleans.py:137 -+#: booleans.py:150 - msgid "Allow pppd to be run for a regular user" - msgstr "" - --#: booleans.py:138 --msgid "" --"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:151 -+msgid "Determine whether privoxy can connect to all tcp ports." - msgstr "" - --#: booleans.py:139 -+#: booleans.py:152 - msgid "Allow Puppet client to manage all file types." - msgstr "" - --#: booleans.py:140 -+#: booleans.py:153 - msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" - msgstr "" - --#: booleans.py:141 -+#: booleans.py:154 - msgid "Allow racoon to read shadow" - msgstr "" - --#: booleans.py:142 --msgid "Allow rgmanager domain to connect to the network using TCP." --msgstr "" -- --#: booleans.py:143 -+#: booleans.py:155 - msgid "" - "Allow rsync to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:144 -+#: booleans.py:156 - msgid "Allow rsync to run as a client" - msgstr "" - --#: booleans.py:145 -+#: booleans.py:157 - msgid "Allow rsync to export any files/directories read only." - msgstr "" - --#: booleans.py:146 --msgid "Allow rsync servers to share cifs files systems" --msgstr "" -- --#: booleans.py:147 --msgid "Allow rsync servers to share nfs files systems" -+#: booleans.py:158 -+msgid "Allow rsync server to manage all files/directories on the system." - msgstr "" - --#: booleans.py:148 -+#: booleans.py:159 - msgid "Allow samba to create new home directories (e.g. via PAM)" - msgstr "" - --#: booleans.py:149 -+#: booleans.py:160 - msgid "" - "Allow samba to act as the domain controller, add users, groups and change " - "passwords." - msgstr "" - --#: booleans.py:150 -+#: booleans.py:161 - msgid "Allow samba to share users home directories." - msgstr "" - --#: booleans.py:151 -+#: booleans.py:162 - msgid "Allow samba to share any file/directory read only." - msgstr "" - --#: booleans.py:152 -+#: booleans.py:163 - msgid "Allow samba to share any file/directory read/write." - msgstr "" - --#: booleans.py:153 -+#: booleans.py:164 - msgid "Allow samba to act as a portmapper" - msgstr "" - --#: booleans.py:154 -+#: booleans.py:165 - msgid "Allow samba to run unconfined scripts" - msgstr "" - --#: booleans.py:155 --msgid "Allow samba to export ntfs/fusefs volumes." --msgstr "" -- --#: booleans.py:156 -+#: booleans.py:167 - msgid "Allow samba to export NFS volumes." - msgstr "" - --#: booleans.py:157 -+#: booleans.py:168 - msgid "Allow sanlock to read/write fuse files" - msgstr "" - --#: booleans.py:158 -+#: booleans.py:169 - msgid "Allow sanlock to manage nfs files" - msgstr "" - --#: booleans.py:159 -+#: booleans.py:170 - msgid "Allow sanlock to manage cifs files" - msgstr "" - --#: booleans.py:160 -+#: booleans.py:171 - msgid "Allow sasl to read shadow" - msgstr "" - --#: booleans.py:161 -+#: booleans.py:172 - msgid "Allow secadm to exec content" - msgstr "" - --#: booleans.py:162 -+#: booleans.py:173 - msgid "" - "disallow programs, such as newrole, from transitioning to administrative " - "user domains." - msgstr "" - --#: booleans.py:163 -+#: booleans.py:174 - msgid "Disable kernel module loading." - msgstr "" - --#: booleans.py:164 -+#: booleans.py:175 - msgid "" - "Boolean to determine whether the system permits loading policy, setting " - "enforcing mode, and changing boolean values. Set this to true and you have " - "to reboot to set it back." - msgstr "" - --#: booleans.py:165 -+#: booleans.py:176 - msgid "Allow regular users direct dri device access" - msgstr "" - --#: booleans.py:166 -+#: booleans.py:177 - msgid "" - "Allow unconfined executables to make their heap memory executable. Doing " - "this is a really bad idea. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:167 -+#: booleans.py:178 - msgid "" - "Allow all unconfined executables to use libraries requiring text relocation " - "that are not labeled textrel_shlib_t" - msgstr "" - --#: booleans.py:168 -+#: booleans.py:179 - msgid "" - "Allow unconfined executables to make their stack executable. This should " - "never, ever be necessary. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:169 -+#: booleans.py:180 - msgid "Allow users to connect to the local mysql server" - msgstr "" - --#: booleans.py:170 -+#: booleans.py:181 - msgid "" - "Allow confined users the ability to execute the ping and traceroute commands." - msgstr "" - --#: booleans.py:171 -+#: booleans.py:182 - msgid "Allow users to connect to PostgreSQL" - msgstr "" - --#: booleans.py:172 -+#: booleans.py:183 - msgid "" - "Allow user to r/w files on filesystems that do not have extended attributes " - "(FAT, CDROM, FLOPPY)" - msgstr "" - --#: booleans.py:173 -+#: booleans.py:184 -+msgid "Allow user music sharing" -+msgstr "" -+ -+#: booleans.py:185 - msgid "" - "Allow users to run TCP servers (bind to ports and accept connection from the " - "same domain and outside users) disabling this forces FTP passive mode and " - "may change other protocols." - msgstr "" - --#: booleans.py:174 -+#: booleans.py:186 - msgid "Allow user to use ssh chroot environment." - msgstr "" - --#: booleans.py:175 --msgid "Allow user music sharing" --msgstr "" -- --#: booleans.py:176 -+#: booleans.py:187 - msgid "" --"Allow anon internal-sftp to upload files, used for public file transfer " --"services. Directories must be labeled public_content_rw_t." -+"Determine whether sftpd can modify public files used for public file " -+"transfer services. Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:177 -+#: booleans.py:188 - msgid "" --"Allow sftp-internal to read and write files in the user home directories" -+"Determine whether sftpd-can read and write files in user home directories." - msgstr "" - --#: booleans.py:178 -+#: booleans.py:189 - msgid "" --"Allow sftp-internal to login to local users and read/write all files on the " --"system, governed by DAC." -+"Determine whether sftpd-can login to local users and read and write all " -+"files on the system, governed by DAC." - msgstr "" - --#: booleans.py:179 -+#: booleans.py:190 - msgid "" --"Allow internal-sftp to read and write files in the user ssh home directories." -+"Determine whether sftpd can read and write files in user ssh home " -+"directories." - msgstr "" - --#: booleans.py:180 -+#: booleans.py:191 - msgid "Allow sge to connect to the network using any TCP port" - msgstr "" - --#: booleans.py:181 -+#: booleans.py:192 - msgid "Allow sge to access nfs file systems." - msgstr "" - --#: booleans.py:182 --msgid "" --"Enable additional permissions needed to support devices on 3ware controllers." -+#: booleans.py:193 -+msgid "Determine whether smartmon can support devices on 3ware controllers." - msgstr "" - --#: booleans.py:183 -+#: booleans.py:194 - msgid "" - "Allow samba to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:184 -+#: booleans.py:195 - msgid "Allow user spamassassin clients to use the network." - msgstr "" - --#: booleans.py:185 -+#: booleans.py:196 - msgid "Allow spamd to read/write user home directories." - msgstr "" - --#: booleans.py:186 --msgid "" --"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:197 -+msgid "Determine whether squid can connect to all TCP ports." - msgstr "" - --#: booleans.py:187 --msgid "Allow squid to run as a transparent proxy (TPROXY)" -+#: booleans.py:198 -+msgid "Determine whether squid can run as a transparent proxy." - msgstr "" - --#: booleans.py:188 -+#: booleans.py:199 - msgid "" - "Allow ssh with chroot env to read and write files in the user home " - "directories" - msgstr "" - --#: booleans.py:189 -+#: booleans.py:200 - msgid "allow host key based authentication" - msgstr "" - --#: booleans.py:190 -+#: booleans.py:201 - msgid "Allow ssh logins as sysadm_r:sysadm_t" - msgstr "" - --#: booleans.py:191 -+#: booleans.py:202 - msgid "Allow staff to exec content" - msgstr "" - --#: booleans.py:192 -+#: booleans.py:203 - msgid "allow staff user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:193 -+#: booleans.py:204 - msgid "Allow sysadm to exec content" - msgstr "" - --#: booleans.py:194 -+#: booleans.py:205 - msgid "Allow the Telepathy connection managers to connect to any network port." - msgstr "" - --#: booleans.py:195 -+#: booleans.py:206 - msgid "" - "Allow the Telepathy connection managers to connect to any generic TCP port." - msgstr "" - --#: booleans.py:196 -+#: booleans.py:207 - msgid "" - "Allow tftp to modify public files used for public file transfer services." - msgstr "" - --#: booleans.py:197 -+#: booleans.py:208 - msgid "Allow tftp to read and write files in the user home directories" - msgstr "" - --#: booleans.py:198 --msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." -+#: booleans.py:209 -+msgid "Determine whether tor can bind tcp sockets to all unreserved ports." - msgstr "" - --#: booleans.py:199 -+#: booleans.py:210 - msgid "Allow tor to act as a relay" - msgstr "" - --#: booleans.py:200 -+#: booleans.py:211 - msgid "" - "allow unconfined users to transition to the chrome sandbox domains when " - "running chrome-sandbox" - msgstr "" - --#: booleans.py:201 -+#: booleans.py:212 - msgid "Allow a user to login as an unconfined domain" - msgstr "" - --#: booleans.py:202 -+#: booleans.py:213 - msgid "" - "Allow unconfined users to transition to the Mozilla plugin domain when " - "running xulrunner plugin-container." - msgstr "" - --#: booleans.py:203 -+#: booleans.py:214 - msgid "Allow video playing tools to run unconfined" - msgstr "" - --#: booleans.py:204 -+#: booleans.py:215 - msgid "Allow unprivledged user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:205 -+#: booleans.py:216 - msgid "Support ecryptfs home directories" - msgstr "" - --#: booleans.py:206 -+#: booleans.py:217 - msgid "Support fusefs home directories" - msgstr "" - --#: booleans.py:207 --msgid "Use lpd server instead of cups" -+#: booleans.py:218 ++#: booleans.py:222 +msgid "Determine whether to support lpd server." msgstr "" --#: booleans.py:208 -+#: booleans.py:219 - msgid "Support NFS home directories" +-#: booleans.py:49 +-msgid "Allow ftp servers to use nfs used for public file transfer services." ++#: booleans.py:223 ++msgid "Support NFS home directories" msgstr "" --#: booleans.py:209 -+#: booleans.py:220 - msgid "Support SAMBA home directories" +-#: booleans.py:50 +-msgid "Allow ftp servers to use bind to all unreserved ports for passive mode" ++#: booleans.py:224 ++msgid "Support SAMBA home directories" msgstr "" --#: booleans.py:210 -+#: booleans.py:221 - msgid "Allow user to exec content" +-#: booleans.py:51 +-msgid "Determine whether Git CGI can search home directories." ++#: booleans.py:225 ++msgid "Allow user to exec content" msgstr "" --#: booleans.py:211 --msgid "Allow varnishd to connect to all ports, not just HTTP." -+#: booleans.py:222 +-#: booleans.py:52 +-msgid "Determine whether Git CGI can access cifs file systems." ++#: booleans.py:226 +msgid "Determine whether varnishd can use the full TCP network." msgstr "" --#: booleans.py:212 --msgid "Ignore vbetool mmap_zero errors." -+#: booleans.py:223 +-#: booleans.py:53 +-msgid "Determine whether Git CGI can access nfs file systems." ++#: booleans.py:227 +msgid "" +"Determine whether attempts by vbetool to mmap low regions should be silently " +"blocked." msgstr "" --#: booleans.py:213 -+#: booleans.py:224 - msgid "" - "Allow confined virtual guests to use serial/parallel communication ports" - msgstr "" - --#: booleans.py:214 -+#: booleans.py:225 - msgid "" - "Allow confined virtual guests to use executable memory and executable stack" - msgstr "" - --#: booleans.py:215 -+#: booleans.py:226 - msgid "Allow confined virtual guests to read fuse files" - msgstr "" - --#: booleans.py:216 -+#: booleans.py:227 - msgid "Allow confined virtual guests to manage nfs files" - msgstr "" - --#: booleans.py:217 +-#: booleans.py:54 +#: booleans.py:228 - msgid "Allow confined virtual guests to interact with rawip sockets" + msgid "" +-"Determine whether Git session daemon can bind TCP sockets to all unreserved " +-"ports." ++"Allow confined virtual guests to use serial/parallel communication ports" msgstr "" --#: booleans.py:218 +-#: booleans.py:55 +#: booleans.py:229 - msgid "Allow confined virtual guests to manage cifs files" + msgid "" +-"Determine whether calling user domains can execute Git daemon in the " +-"git_session_t domain." ++"Allow confined virtual guests to use executable memory and executable stack" msgstr "" --#: booleans.py:219 +-#: booleans.py:56 +-msgid "Determine whether Git system daemon can search home directories." +#: booleans.py:230 - msgid "Allow confined virtual guests to interact with the sanlock" ++msgid "Allow confined virtual guests to read fuse files" msgstr "" --#: booleans.py:220 --msgid "Allow confined virtual guests to manage device configuration, (pci)" --msgstr "" -- --#: booleans.py:221 +-#: booleans.py:57 +-msgid "Determine whether Git system daemon can access cifs file systems." +#: booleans.py:231 - msgid "Allow confined virtual guests to use usb devices" ++msgid "Allow confined virtual guests to manage nfs files" msgstr "" --#: booleans.py:222 +-#: booleans.py:58 +-msgid "Determine whether Git system daemon can access nfs file systems." +#: booleans.py:232 - msgid "Allow confined virtual guests to interact with the xserver" ++msgid "Allow confined virtual guests to interact with rawip sockets" msgstr "" --#: booleans.py:223 --msgid "Allow webadm to manage files in users home directories" +-#: booleans.py:59 +-msgid "Allow gitisis daemon to send mail" +#: booleans.py:233 -+msgid "Determine whether webadm can manage generic user files." ++msgid "Allow confined virtual guests to manage cifs files" msgstr "" --#: booleans.py:224 --msgid "Allow webadm to read files in users home directories" +-#: booleans.py:60 +-msgid "Enable reading of urandom for all domains." +#: booleans.py:234 ++msgid "Allow confined virtual guests to interact with the sanlock" + msgstr "" + +-#: booleans.py:61 +-msgid "" +-"Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" +-"agent to manage user files." ++#: booleans.py:235 ++msgid "Allow confined virtual guests to use usb devices" + msgstr "" + +-#: booleans.py:62 +-msgid "" +-"Allow gpg web domain to modify public files used for public file transfer " +-"services." ++#: booleans.py:236 ++msgid "Allow confined virtual guests to interact with the xserver" ++msgstr "" ++ ++#: booleans.py:237 ++msgid "Determine whether webadm can manage generic user files." ++msgstr "" ++ ++#: booleans.py:238 +msgid "Determine whether webadm can read generic user files." msgstr "" --#: booleans.py:225 --msgid "Ignore wine mmap_zero errors." -+#: booleans.py:235 +-#: booleans.py:63 +-msgid "Allow gssd to read temp directory. For access to kerberos tgt." ++#: booleans.py:239 +msgid "" +"Determine whether attempts by wine to mmap low regions should be silently " +"blocked." msgstr "" +-#: booleans.py:64 +-msgid "Allow guest to exec content" ++#: booleans.py:240 ++msgid "Allow the graphical login program to execute bootloader" + msgstr "" + +-#: booleans.py:65 ++#: booleans.py:241 + msgid "" +-"Allow Apache to modify public files used for public file transfer services. " +-"Directories/Files must be labeled public_content_rw_t." ++"Allow the graphical login program to login directly as sysadm_r:sysadm_t" + msgstr "" + +-#: booleans.py:66 +-msgid "Allow httpd to use built in scripting (usually php)" ++#: booleans.py:242 ++msgid "" ++"Allow the graphical login program to create files in HOME dirs as xdm_home_t." + msgstr "" + +-#: booleans.py:67 +-msgid "Allow http daemon to check spam" ++#: booleans.py:243 ++msgid "Allow xen to manage nfs files" + msgstr "" + +-#: booleans.py:68 ++#: booleans.py:244 + msgid "" +-"Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " +-"ports" ++"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " ++"logical volumes for disk images." + msgstr "" + +-#: booleans.py:69 +-msgid "Allow httpd to connect to the ldap port" ++#: booleans.py:245 ++msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." + msgstr "" + +-#: booleans.py:70 +-msgid "Allow http daemon to connect to zabbix" ++#: booleans.py:246 ++msgid "" ++"Allow xguest users to configure Network Manager and connect to apache ports" + msgstr "" + +-#: booleans.py:71 +-msgid "Allow HTTPD scripts and modules to connect to the network using TCP." ++#: booleans.py:247 ++msgid "Allow xguest to exec content" + msgstr "" + +-#: booleans.py:72 +-msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." ++#: booleans.py:248 ++msgid "Allow xguest users to mount removable media" + msgstr "" + +-#: booleans.py:73 +-msgid "" +-"Allow HTTPD scripts and modules to connect to databases over the network." ++#: booleans.py:249 ++msgid "Allow xguest to use blue tooth devices" + msgstr "" + +-#: booleans.py:74 +-msgid "Allow httpd to connect to memcache server" ++#: booleans.py:250 ++msgid "Allows clients to write to the X server shared memory segments." + msgstr "" + +-#: booleans.py:75 +-msgid "Allow httpd to act as a relay" ++#: booleans.py:251 ++msgid "Allows XServer to execute writable memory" + msgstr "" + +-#: booleans.py:76 +-msgid "Allow http daemon to send mail" ++#: booleans.py:252 ++msgid "Support X userspace object manager" + msgstr "" + +-#: booleans.py:77 +-msgid "Allow Apache to communicate with avahi service via dbus" ++#: booleans.py:253 ++msgid "Determine whether zabbix can connect to all TCP ports" + msgstr "" + +-#: booleans.py:78 +-msgid "Allow httpd cgi support" ++#: booleans.py:254 ++msgid "Allow zebra daemon to write it configuration files" + msgstr "" + +-#: booleans.py:79 +-msgid "Allow httpd to act as a FTP server by listening on the ftp port." ++#: booleans.py:255 ++msgid "" ++"Allow ZoneMinder to modify public files used for public file transfer " ++"services." + msgstr "" + +-#: booleans.py:80 +-msgid "Allow httpd to read home directories" ++#: booleans.py:256 ++msgid "Allow ZoneMinder to run su/sudo." + msgstr "" + +-#: booleans.py:81 +-msgid "Allow httpd scripts and modules execmem/execstack" ++#: ../sepolicy/sepolicy.py:194 ++#, python-format ++msgid "Interface %s does not exist." + msgstr "" + +-#: booleans.py:82 +-msgid "Allow HTTPD to connect to port 80 for graceful shutdown" ++#: ../sepolicy/sepolicy.py:281 ++msgid "Graphical User Interface for SELinux Policy" + msgstr "" + +-#: booleans.py:83 +-msgid "Allow httpd processes to manage IPA content" ++#: ../sepolicy/sepolicy.py:305 ++msgid "Generate SELinux man pages" + msgstr "" + +-#: booleans.py:84 +-msgid "Allow Apache to use mod_auth_ntlm_winbind" ++#: ../sepolicy/sepolicy.py:308 ++msgid "path in which the generated SELinux man pages will be stored" + msgstr "" + +-#: booleans.py:85 +-msgid "Allow Apache to use mod_auth_pam" ++#: ../sepolicy/sepolicy.py:310 ++msgid "name of the OS for man pages" + msgstr "" + +-#: booleans.py:86 +-msgid "Allow httpd to read user content" ++#: ../sepolicy/sepolicy.py:312 ++msgid "Generate HTML man pages structure for selected SELinux man page" + msgstr "" + +-#: booleans.py:87 +-msgid "Allow Apache to run in stickshift mode, not transition to passenger" ++#: ../sepolicy/sepolicy.py:314 ++msgid "Alternate root directory, defaults to /" + msgstr "" + +-#: booleans.py:88 +-msgid "Allow httpd daemon to change its resource limits" ++#: ../sepolicy/sepolicy.py:318 ++msgid "All domains" + msgstr "" + +-#: booleans.py:89 +-msgid "" +-"Allow HTTPD to run SSI executables in the same domain as system CGI scripts." ++#: ../sepolicy/sepolicy.py:321 ++msgid "Domain name(s) of man pages to be created" + msgstr "" + +-#: booleans.py:90 +-msgid "" +-"Allow apache scripts to write to public content, directories/files must be " +-"labeled public_rw_content_t." ++#: ../sepolicy/sepolicy.py:326 ++msgid "Query SELinux policy network information" + msgstr "" + +-#: booleans.py:91 +-msgid "Allow Apache to execute tmp content." ++#: ../sepolicy/sepolicy.py:331 ++msgid "list all SELinux port types" + msgstr "" + +-#: booleans.py:92 +-msgid "" +-"Unify HTTPD to communicate with the terminal. Needed for entering the " +-"passphrase for certificates at the terminal." ++#: ../sepolicy/sepolicy.py:334 ++msgid "show SELinux type related to the port" + msgstr "" + +-#: booleans.py:93 +-msgid "Unify HTTPD handling of all content files." ++#: ../sepolicy/sepolicy.py:337 ++msgid "Show ports defined for this SELinux type" + msgstr "" + +-#: booleans.py:94 +-msgid "Allow httpd to access cifs file systems" ++#: ../sepolicy/sepolicy.py:340 ++msgid "show ports to which this domain can bind and/or connect" + msgstr "" + +-#: booleans.py:95 +-msgid "Allow httpd to access FUSE file systems" ++#: ../sepolicy/sepolicy.py:355 ++msgid "query SELinux policy to see if domains can communicate with each other" + msgstr "" + +-#: booleans.py:96 +-msgid "Allow httpd to run gpg" ++#: ../sepolicy/sepolicy.py:358 ++msgid "Source Domain" + msgstr "" + +-#: booleans.py:97 +-msgid "Allow httpd to access nfs file systems" ++#: ../sepolicy/sepolicy.py:361 ++msgid "Target Domain" + msgstr "" + +-#: booleans.py:98 +-msgid "Allow httpd to communicate with oddjob to start up a service" ++#: ../sepolicy/sepolicy.py:380 ++msgid "query SELinux Policy to see description of booleans" + msgstr "" + +-#: booleans.py:99 +-msgid "Allow httpd to access openstack ports" ++#: ../sepolicy/sepolicy.py:384 ++msgid "get all booleans descriptions" + msgstr "" + +-#: booleans.py:100 +-msgid "Allow Apache to query NS records" ++#: ../sepolicy/sepolicy.py:387 ++msgid "boolean to get description" + msgstr "" + +-#: booleans.py:101 +-msgid "Allow icecast to connect to all ports, not just sound ports." ++#: ../sepolicy/sepolicy.py:397 ++msgid "" ++"query SELinux Policy to see how a source process domain can transition to " ++"the target process domain" + msgstr "" + +-#: booleans.py:102 +-msgid "" +-"Allow the Irssi IRC Client to connect to any port, and to bind to any " +-"unreserved port." ++#: ../sepolicy/sepolicy.py:400 ++msgid "source process domain" + msgstr "" + +-#: booleans.py:103 +-msgid "Allow confined applications to run with kerberos." ++#: ../sepolicy/sepolicy.py:403 ++msgid "target process domain" + msgstr "" + +-#: booleans.py:104 +-msgid "Allow syslogd daemon to send mail" ++#: ../sepolicy/sepolicy.py:445 ++#, python-format ++msgid "sepolicy generate: error: one of the arguments %s is required" + msgstr "" + +-#: booleans.py:105 +-msgid "Allow syslogd the ability to read/write terminals" ++#: ../sepolicy/sepolicy.py:450 ++msgid "Command required for this type of policy" + msgstr "" + +-#: booleans.py:106 +-msgid "Allow logging in and using the system from /dev/console." ++#: ../sepolicy/sepolicy.py:461 ++msgid "" ++"-t option can not be used with this option. Read usage for more details." + msgstr "" + +-#: booleans.py:107 ++#: ../sepolicy/sepolicy.py:466 + msgid "" +-"Control the ability to mmap a low area of the address space, as configured " +-"by /proc/sys/kernel/mmap_min_addr." ++"-d option can not be used with this option. Read usage for more details." + msgstr "" + +-#: booleans.py:108 +-msgid "Allow mock to read files in home directories." ++#: ../sepolicy/sepolicy.py:470 ++msgid "" ++"-a option can not be used with this option. Read usage for more details." + msgstr "" + +-#: booleans.py:109 +-msgid "Allow the mount command to mount any directory or file." ++#: ../sepolicy/sepolicy.py:490 ++msgid "List SELinux Policy interfaces" + msgstr "" + +-#: booleans.py:110 +-msgid "Allow mozilla plugin domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy.py:510 ++msgid "Enter interface names, you wish to query" + msgstr "" + +-#: booleans.py:111 +-msgid "" +-"Allow mozilla_plugins to create random content in the users home directory" ++#: ../sepolicy/sepolicy.py:519 ++msgid "Generate SELinux Policy module template" + msgstr "" + +-#: booleans.py:112 +-msgid "Allow confined web browsers to read home directory content" ++#: ../sepolicy/sepolicy.py:522 ++msgid "Enter domain type which you will be extending" + msgstr "" + +-#: booleans.py:113 +-msgid "Allow mplayer executable stack" ++#: ../sepolicy/sepolicy.py:525 ++msgid "Enter SELinux user(s) which will transition to this domain" + msgstr "" + +-#: booleans.py:114 +-msgid "Allow mysqld to connect to all ports" ++#: ../sepolicy/sepolicy.py:528 ++msgid "Enter SELinux role(s) to which the administror domain will transition" + msgstr "" + +-#: booleans.py:115 +-msgid "Allow BIND to bind apache port." ++#: ../sepolicy/sepolicy.py:531 ++msgid "Enter domain(s) which this confined admin will administrate" + msgstr "" + +-#: booleans.py:116 +-msgid "" +-"Allow BIND to write the master zone files. Generally this is used for " +-"dynamic DNS or zone transfers." ++#: ../sepolicy/sepolicy.py:534 ++msgid "name of policy to generate" + msgstr "" + +-#: booleans.py:117 +-msgid "Allow any files/directories to be exported read/only via NFS." ++#: ../sepolicy/sepolicy.py:541 ++msgid "path in which the generated policy files will be stored" + msgstr "" + +-#: booleans.py:118 +-msgid "Allow any files/directories to be exported read/write via NFS." ++#: ../sepolicy/sepolicy.py:543 ++msgid "path to which the confined processes will need to write" + msgstr "" + +-#: booleans.py:119 +-msgid "" +-"Allow nfs servers to modify public files used for public file transfer " +-"services. Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy.py:544 ++msgid "Policy types which require a command" + msgstr "" + +-#: booleans.py:120 +-msgid "Allow system to run with NIS" ++#: ../sepolicy/sepolicy.py:548 ../sepolicy/sepolicy.py:551 ++#: ../sepolicy/sepolicy.py:554 ../sepolicy/sepolicy.py:557 ++#: ../sepolicy/sepolicy.py:560 ../sepolicy/sepolicy.py:566 ++#: ../sepolicy/sepolicy.py:569 ../sepolicy/sepolicy.py:572 ++#: ../sepolicy/sepolicy.py:578 ../sepolicy/sepolicy.py:581 ++#: ../sepolicy/sepolicy.py:584 ../sepolicy/sepolicy.py:587 ++#, python-format ++msgid "Generate '%s' policy" + msgstr "" + +-#: booleans.py:121 +-msgid "Allow confined applications to use nscd shared memory." ++#: ../sepolicy/sepolicy.py:575 ++#, python-format ++msgid "Generate '%s' policy " + msgstr "" + +-#: booleans.py:122 +-msgid "Allow openshift to lockdown app" ++#: ../sepolicy/sepolicy.py:589 ++msgid "executable to confine" + msgstr "" + +-#: booleans.py:123 +-msgid "Allow openvpn to read home directories" ++#: ../sepolicy/sepolicy.py:594 ++msgid "commands" + msgstr "" + +-#: booleans.py:124 +-msgid "Allow piranha-lvs domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy.py:597 ++msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" + msgstr "" + +-#: booleans.py:125 +-msgid "Allow polipo to connect to all ports > 1023" ++#: ../sepolicy/sepolicy/__init__.py:167 ../sepolicy/sepolicy/gui.py:479 ++msgid "all files" + msgstr "" + +-#: booleans.py:126 +-msgid "" +-"Determine whether Polipo session daemon can bind tcp sockets to all " +-"unreserved ports." ++#: ../sepolicy/sepolicy/__init__.py:168 ++msgid "regular file" + msgstr "" + +-#: booleans.py:127 +-msgid "" +-"Determine whether calling user domains can execute Polipo daemon in the " +-"polipo_session_t domain." ++#: ../sepolicy/sepolicy/__init__.py:169 ++msgid "directory" + msgstr "" + +-#: booleans.py:128 +-msgid "Determine whether polipo can access cifs file systems." ++#: ../sepolicy/sepolicy/__init__.py:170 ++msgid "character device" + msgstr "" + +-#: booleans.py:129 +-msgid "Determine whether Polipo can access nfs file systems." ++#: ../sepolicy/sepolicy/__init__.py:171 ++msgid "block device" + msgstr "" + +-#: booleans.py:130 +-msgid "Enable polyinstantiated directory support." ++#: ../sepolicy/sepolicy/__init__.py:172 ++msgid "socket file" + msgstr "" + +-#: booleans.py:131 +-msgid "Allow postfix_local domain full write access to mail_spool directories" ++#: ../sepolicy/sepolicy/__init__.py:173 ++msgid "symbolic link" + msgstr "" + +-#: booleans.py:132 +-msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" ++#: ../sepolicy/sepolicy/__init__.py:174 ++msgid "named pipe" + msgstr "" + +-#: booleans.py:133 +-msgid "Allow transmit client label to foreign database" ++#: ../sepolicy/sepolicy/__init__.py:306 ++msgid "No SELinux Policy installed" + msgstr "" + +-#: booleans.py:134 +-msgid "Allow database admins to execute DML statement" ++#: ../sepolicy/sepolicy/__init__.py:386 ++msgid "You must regenerate interface info by running /usr/bin/sepolgen-ifgen" + msgstr "" + +-#: booleans.py:135 +-msgid "Allow unprivileged users to execute DDL statement" ++#: ../sepolicy/sepolicy/__init__.py:591 ++#, python-format ++msgid "Failed to read %s policy file" + msgstr "" + +-#: booleans.py:136 +-msgid "Allow pppd to load kernel modules for certain modems" ++#: ../sepolicy/sepolicy/__init__.py:695 ++msgid "unknown" + msgstr "" + +-#: booleans.py:137 +-msgid "Allow pppd to be run for a regular user" ++#: ../sepolicy/sepolicy/generate.py:132 ++msgid "Internet Services Daemon" + msgstr "" + +-#: booleans.py:138 +-msgid "" +-"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." ++#: ../sepolicy/sepolicy/generate.py:136 ++msgid "Existing Domain Type" + msgstr "" + +-#: booleans.py:139 +-msgid "Allow Puppet client to manage all file types." ++#: ../sepolicy/sepolicy/generate.py:137 ++msgid "Minimal Terminal Login User Role" + msgstr "" + +-#: booleans.py:140 +-msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" ++#: ../sepolicy/sepolicy/generate.py:138 ++msgid "Minimal X Windows Login User Role" + msgstr "" + +-#: booleans.py:141 +-msgid "Allow racoon to read shadow" ++#: ../sepolicy/sepolicy/generate.py:139 ++msgid "Desktop Login User Role" + msgstr "" + +-#: booleans.py:142 +-msgid "Allow rgmanager domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy/generate.py:140 ++msgid "Administrator Login User Role" + msgstr "" + +-#: booleans.py:143 +-msgid "" +-"Allow rsync to modify public files used for public file transfer services. " +-"Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy/generate.py:141 ++msgid "Confined Root Administrator Role" + msgstr "" + +-#: booleans.py:144 +-msgid "Allow rsync to run as a client" ++#: ../sepolicy/sepolicy/generate.py:142 ++msgid "Module information for a new type" ++msgstr "" ++ ++#: ../sepolicy/sepolicy/generate.py:147 ++msgid "Valid Types:\n" ++msgstr "" ++ ++#: ../sepolicy/sepolicy/generate.py:181 ++#, python-format ++msgid "Ports must be numbers or ranges of numbers from 1 to %d " + msgstr "" + +-#: booleans.py:145 +-msgid "Allow rsync to export any files/directories read only." ++#: ../sepolicy/sepolicy/generate.py:192 ++msgid "You must enter a valid policy type" + msgstr "" + +-#: booleans.py:146 +-msgid "Allow rsync servers to share cifs files systems" ++#: ../sepolicy/sepolicy/generate.py:195 ++#, python-format ++msgid "You must enter a name for your policy module for your %s." + msgstr "" + +-#: booleans.py:147 +-msgid "Allow rsync servers to share nfs files systems" ++#: ../sepolicy/sepolicy/generate.py:327 ++msgid "" ++"Name must be alpha numberic with no spaces. Consider using option \"-n " ++"MODULENAME\"" + msgstr "" + +-#: booleans.py:148 +-msgid "Allow samba to create new home directories (e.g. via PAM)" ++#: ../sepolicy/sepolicy/generate.py:419 ++msgid "User Role types can not be assigned executables." + msgstr "" + +-#: booleans.py:149 +-msgid "" +-"Allow samba to act as the domain controller, add users, groups and change " +-"passwords." ++#: ../sepolicy/sepolicy/generate.py:425 ++msgid "Only Daemon apps can use an init script.." + msgstr "" + +-#: booleans.py:150 +-msgid "Allow samba to share users home directories." ++#: ../sepolicy/sepolicy/generate.py:443 ++msgid "use_resolve must be a boolean value " + msgstr "" + +-#: booleans.py:151 +-msgid "Allow samba to share any file/directory read only." ++#: ../sepolicy/sepolicy/generate.py:449 ++msgid "use_syslog must be a boolean value " + msgstr "" + +-#: booleans.py:152 +-msgid "Allow samba to share any file/directory read/write." ++#: ../sepolicy/sepolicy/generate.py:455 ++msgid "use_kerberos must be a boolean value " + msgstr "" + +-#: booleans.py:153 +-msgid "Allow samba to act as a portmapper" ++#: ../sepolicy/sepolicy/generate.py:461 ++msgid "manage_krb5_rcache must be a boolean value " + msgstr "" + +-#: booleans.py:154 +-msgid "Allow samba to run unconfined scripts" ++#: ../sepolicy/sepolicy/generate.py:491 ++msgid "USER Types automatically get a tmp type" + msgstr "" + +-#: booleans.py:155 +-msgid "Allow samba to export ntfs/fusefs volumes." ++#: ../sepolicy/sepolicy/generate.py:832 ++#, python-format ++msgid "%s policy modules require existing domains" + msgstr "" + +-#: booleans.py:156 +-msgid "Allow samba to export NFS volumes." ++#: ../sepolicy/sepolicy/generate.py:857 ++msgid "Type field required" + msgstr "" + +-#: booleans.py:157 +-msgid "Allow sanlock to read/write fuse files" ++#: ../sepolicy/sepolicy/generate.py:869 ++#, python-format ++msgid "" ++"You need to define a new type which ends with: \n" ++" %s" + msgstr "" + +-#: booleans.py:158 +-msgid "Allow sanlock to manage nfs files" ++#: ../sepolicy/sepolicy/generate.py:1088 ++msgid "You must enter the executable path for your confined process" + msgstr "" + +-#: booleans.py:159 +-msgid "Allow sanlock to manage cifs files" ++#: ../sepolicy/sepolicy/generate.py:1360 ++msgid "Type Enforcement file" + msgstr "" + +-#: booleans.py:160 +-msgid "Allow sasl to read shadow" ++#: ../sepolicy/sepolicy/generate.py:1361 ++msgid "Interface file" + msgstr "" + +-#: booleans.py:161 +-msgid "Allow secadm to exec content" ++#: ../sepolicy/sepolicy/generate.py:1362 ++msgid "File Contexts file" + msgstr "" + +-#: booleans.py:162 +-msgid "" +-"disallow programs, such as newrole, from transitioning to administrative " +-"user domains." ++#: ../sepolicy/sepolicy/generate.py:1363 ++msgid "Spec file" + msgstr "" + +-#: booleans.py:163 +-msgid "Disable kernel module loading." ++#: ../sepolicy/sepolicy/generate.py:1364 ++msgid "Setup Script" + msgstr "" + +-#: booleans.py:164 +-msgid "" +-"Boolean to determine whether the system permits loading policy, setting " +-"enforcing mode, and changing boolean values. Set this to true and you have " +-"to reboot to set it back." ++#: ../sepolicy/sepolicy/sepolicy.glade:7 ++msgid "SELinux Gui" + msgstr "" + +-#: booleans.py:165 +-msgid "Allow regular users direct dri device access" ++#: ../sepolicy/sepolicy/sepolicy.glade:33 ++msgid "Type to search for a process" + msgstr "" + +-#: booleans.py:166 +-msgid "" +-"Allow unconfined executables to make their heap memory executable. Doing " +-"this is a really bad idea. Probably indicates a badly coded executable, but " +-"could indicate an attack. This executable should be reported in bugzilla" ++#: ../sepolicy/sepolicy/sepolicy.glade:35 ++msgid "Select domain" + msgstr "" + +-#: booleans.py:167 +-msgid "" +-"Allow all unconfined executables to use libraries requiring text relocation " +-"that are not labeled textrel_shlib_t" ++#: ../sepolicy/sepolicy/sepolicy.glade:70 ++#: ../sepolicy/sepolicy/sepolicy.glade:308 ++msgid "Booleans" + msgstr "" + +-#: booleans.py:168 ++#: ../sepolicy/sepolicy/sepolicy.glade:74 + msgid "" +-"Allow unconfined executables to make their stack executable. This should " +-"never, ever be necessary. Probably indicates a badly coded executable, but " +-"could indicate an attack. This executable should be reported in bugzilla" ++"Display boolean information that can be used to modify the policy for the " ++"'selected domain'." + msgstr "" + +-#: booleans.py:169 +-msgid "Allow users to connect to the local mysql server" ++#: ../sepolicy/sepolicy/sepolicy.glade:85 ++#: ../sepolicy/sepolicy/sepolicy.glade:710 ++msgid "Files" + msgstr "" + +-#: booleans.py:170 ++#: ../sepolicy/sepolicy/sepolicy.glade:89 + msgid "" +-"Allow confined users the ability to execute the ping and traceroute commands." ++"Display file type information that can be used by the 'selected domain'." + msgstr "" + +-#: booleans.py:171 +-msgid "Allow users to connect to PostgreSQL" ++#: ../sepolicy/sepolicy/sepolicy.glade:100 ++#: ../sepolicy/sepolicy/sepolicy.glade:1062 ++msgid "Network" + msgstr "" + +-#: booleans.py:172 ++#: ../sepolicy/sepolicy/sepolicy.glade:104 + msgid "" +-"Allow user to r/w files on filesystems that do not have extended attributes " +-"(FAT, CDROM, FLOPPY)" ++"Display network ports to which the 'selected domain' can connect or listen " ++"to." + msgstr "" + +-#: booleans.py:173 +-msgid "" +-"Allow users to run TCP servers (bind to ports and accept connection from the " +-"same domain and outside users) disabling this forces FTP passive mode and " +-"may change other protocols." ++#: ../sepolicy/sepolicy/sepolicy.glade:115 ++#: ../sepolicy/sepolicy/sepolicy.glade:1361 ++msgid "Transitions" + msgstr "" + +-#: booleans.py:174 +-msgid "Allow user to use ssh chroot environment." ++#: ../sepolicy/sepolicy/sepolicy.glade:119 ++msgid "" ++"Display applications that can transition into or out of the 'selected " ++"domain'." + msgstr "" + +-#: booleans.py:175 +-msgid "Allow user music sharing" ++#: ../sepolicy/sepolicy/sepolicy.glade:188 ++#: ../sepolicy/sepolicy/sepolicy.glade:358 ++#: ../sepolicy/sepolicy/sepolicy.glade:765 ++#: ../sepolicy/sepolicy/sepolicy.glade:1113 ++msgid "Show Modified Only" + msgstr "" + +-#: booleans.py:176 ++#: ../sepolicy/sepolicy/sepolicy.glade:219 + msgid "" +-"Allow anon internal-sftp to upload files, used for public file transfer " +-"services. Directories must be labeled public_content_rw_t." ++"If-Then-Else rules written in policy that can \n" ++"allow alternative access control." + msgstr "" + +-#: booleans.py:177 +-msgid "" +-"Allow sftp-internal to read and write files in the user home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:373 ++#: ../sepolicy/sepolicy/sepolicy.glade:787 ++#: ../sepolicy/sepolicy/sepolicy.glade:1128 ++msgid "Modify" + msgstr "" + +-#: booleans.py:178 +-msgid "" +-"Allow sftp-internal to login to local users and read/write all files on the " +-"system, governed by DAC." ++#: ../sepolicy/sepolicy/sepolicy.glade:377 ++#: ../sepolicy/sepolicy/sepolicy.glade:791 ++msgid "Modify an existing item" + msgstr "" + +-#: booleans.py:179 +-msgid "" +-"Allow internal-sftp to read and write files in the user ssh home directories." ++#: ../sepolicy/sepolicy/sepolicy.glade:389 ++#: ../sepolicy/sepolicy/sepolicy.glade:803 ++#: ../sepolicy/sepolicy/sepolicy.glade:1142 ++msgid "Delete" + msgstr "" + +-#: booleans.py:180 +-msgid "Allow sge to connect to the network using any TCP port" ++#: ../sepolicy/sepolicy/sepolicy.glade:393 ++#: ../sepolicy/sepolicy/sepolicy.glade:807 ++msgid "Delete an existing item" + msgstr "" + +-#: booleans.py:181 +-msgid "Allow sge to access nfs file systems." ++#: ../sepolicy/sepolicy/sepolicy.glade:409 ++#: ../sepolicy/sepolicy/sepolicy.glade:823 ++msgid "Add a new item" + msgstr "" + +-#: booleans.py:182 +-msgid "" +-"Enable additional permissions needed to support devices on 3ware controllers." ++#: ../sepolicy/sepolicy/sepolicy.glade:442 ++msgid "File path used to enter the above selected process domain." + msgstr "" + +-#: booleans.py:183 +-msgid "" +-"Allow samba to modify public files used for public file transfer services. " +-"Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy/sepolicy.glade:450 ++#: ../sepolicy/sepolicy/sepolicy.glade:531 ++msgid "File Path" + msgstr "" + +-#: booleans.py:184 +-msgid "Allow user spamassassin clients to use the network." ++#: ../sepolicy/sepolicy/sepolicy.glade:468 ++#: ../sepolicy/sepolicy/sepolicy.glade:549 ++msgid "SELinux File Label" + msgstr "" + +-#: booleans.py:185 +-msgid "Allow spamd to read/write user home directories." ++#: ../sepolicy/sepolicy/sepolicy.glade:485 ++#: ../sepolicy/sepolicy/sepolicy.glade:567 ++#: ../sepolicy/sepolicy/sepolicy.glade:660 ++msgid "Class" + msgstr "" + +-#: booleans.py:186 +-msgid "" +-"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." ++#: ../sepolicy/sepolicy/sepolicy.glade:505 ++msgid "File path used to enter the 'selected domain'." + msgstr "" + +-#: booleans.py:187 +-msgid "Allow squid to run as a transparent proxy (TPROXY)" ++#: ../sepolicy/sepolicy/sepolicy.glade:506 ++msgid "Executable Files" + msgstr "" + +-#: booleans.py:188 +-msgid "" +-"Allow ssh with chroot env to read and write files in the user home " +-"directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:523 ++msgid "Files to which the above selected process domain can write." + msgstr "" + +-#: booleans.py:189 +-msgid "allow host key based authentication" ++#: ../sepolicy/sepolicy/sepolicy.glade:591 ++msgid "Files to which the 'selected domain' can write." + msgstr "" + +-#: booleans.py:190 +-msgid "Allow ssh logins as sysadm_r:sysadm_t" ++#: ../sepolicy/sepolicy/sepolicy.glade:592 ++msgid "Writable Files" + msgstr "" + +-#: booleans.py:191 +-msgid "Allow staff to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:610 ++msgid "File Types defined for the selected domain" + msgstr "" + +-#: booleans.py:192 +-msgid "allow staff user to create and transition to svirt domains." ++#: ../sepolicy/sepolicy/sepolicy.glade:618 ++msgid "File path" + msgstr "" + +-#: booleans.py:193 +-msgid "Allow sysadm to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:686 ++msgid "File Types defined for the 'selected domain'." + msgstr "" + +-#: booleans.py:194 +-msgid "Allow the Telepathy connection managers to connect to any network port." ++#: ../sepolicy/sepolicy/sepolicy.glade:687 ++msgid "Application File Types" + msgstr "" + +-#: booleans.py:195 +-msgid "" +-"Allow the Telepathy connection managers to connect to any generic TCP port." ++#: ../sepolicy/sepolicy/sepolicy.glade:856 ++msgid "Network Ports to which the selected domain is allowed to connect." + msgstr "" + +-#: booleans.py:196 +-msgid "" +-"Allow tftp to modify public files used for public file transfer services." ++#: ../sepolicy/sepolicy/sepolicy.glade:898 ++#: ../sepolicy/sepolicy/sepolicy.glade:997 ++msgid "Modified" + msgstr "" + +-#: booleans.py:197 +-msgid "Allow tftp to read and write files in the user home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:937 ++msgid "Network Ports to which the 'selected domain' is allowed to connect." + msgstr "" + +-#: booleans.py:198 +-msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." ++#: ../sepolicy/sepolicy/sepolicy.glade:938 ++msgid "Outbound" + msgstr "" + +-#: booleans.py:199 +-msgid "Allow tor to act as a relay" ++#: ../sepolicy/sepolicy/sepolicy.glade:955 ++msgid "Network Ports to which the selected domain is allowed to listen." + msgstr "" + +-#: booleans.py:200 +-msgid "" +-"allow unconfined users to transition to the chrome sandbox domains when " +-"running chrome-sandbox" ++#: ../sepolicy/sepolicy/sepolicy.glade:1038 ++msgid "Network Ports to which the 'selected domain' is allowed to listen." + msgstr "" + +-#: booleans.py:201 +-msgid "Allow a user to login as an unconfined domain" ++#: ../sepolicy/sepolicy/sepolicy.glade:1039 ++msgid "Inbound" + msgstr "" + +-#: booleans.py:202 ++#: ../sepolicy/sepolicy/sepolicy.glade:1189 ++#: ../sepolicy/sepolicy/sepolicy.glade:1260 + msgid "" +-"Allow unconfined users to transition to the Mozilla plugin domain when " +-"running xulrunner plugin-container." ++"Executables which will transition to a different domain, when the 'selected " ++"domain' executes them." + msgstr "" + +-#: booleans.py:203 +-msgid "Allow video playing tools to run unconfined" ++#: ../sepolicy/sepolicy/sepolicy.glade:1194 ++#: ../sepolicy/sepolicy/sepolicy.glade:1285 ++msgid "Enabled" + msgstr "" + +-#: booleans.py:204 +-msgid "Allow unprivledged user to create and transition to svirt domains." ++#: ../sepolicy/sepolicy/sepolicy.glade:1223 ++msgid "Executable File Type" + msgstr "" + +-#: booleans.py:205 +-msgid "Support ecryptfs home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1239 ++msgid "Transtype" + msgstr "" + +-#: booleans.py:206 +-msgid "Support fusefs home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1263 ++msgid "Transitions From 'select domain'" + msgstr "" + +-#: booleans.py:207 +-msgid "Use lpd server instead of cups" ++#: ../sepolicy/sepolicy/sepolicy.glade:1280 ++#: ../sepolicy/sepolicy/sepolicy.glade:1337 ++msgid "" ++"Executables which will transition to the 'selected domain', when executing a " ++"selected domains entrypoint." + msgstr "" + +-#: booleans.py:208 +-msgid "Support NFS home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1299 ++msgid "Calling Process Domain" + msgstr "" + +-#: booleans.py:209 +-msgid "Support SAMBA home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1313 ++msgid "Executable File" + msgstr "" + +-#: booleans.py:210 +-msgid "Allow user to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:1338 ++msgid "Transitions Into 'select domain'" + msgstr "" + +-#: booleans.py:211 +-msgid "Allow varnishd to connect to all ports, not just HTTP." ++#: ../sepolicy/sepolicy/sepolicy.glade:1388 ++msgid "Reset" + msgstr "" + +-#: booleans.py:212 +-msgid "Ignore vbetool mmap_zero errors." ++#: ../sepolicy/sepolicy/sepolicy.glade:1392 ++msgid "Reset to system default" + msgstr "" + +-#: booleans.py:213 +-msgid "" +-"Allow confined virtual guests to use serial/parallel communication ports" ++#: ../sepolicy/sepolicy/sepolicy.glade:1403 ++msgid "Update" + msgstr "" + +-#: booleans.py:214 +-msgid "" +-"Allow confined virtual guests to use executable memory and executable stack" ++#: ../sepolicy/sepolicy/sepolicy.glade:1407 ++msgid "Save your changes" + msgstr "" + +-#: booleans.py:215 +-msgid "Allow confined virtual guests to read fuse files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1454 ++#: ../sepolicy/sepolicy/sepolicy.glade:1541 ++#: ../sepolicy/sepolicy/sepolicy.glade:1629 ++msgid "Add a File" + msgstr "" + +-#: booleans.py:216 +-msgid "Allow confined virtual guests to manage nfs files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1504 ++#: ../sepolicy/sepolicy/sepolicy.glade:1592 ++#: ../sepolicy/sepolicy/sepolicy.glade:1680 ++msgid "Save changes" + msgstr "" + +-#: booleans.py:217 +-msgid "Allow confined virtual guests to interact with rawip sockets" ++#: ../sepolicy/sepolicy/sepolicy.glade:1518 ++#: ../sepolicy/sepolicy/sepolicy.glade:1606 ++#: ../sepolicy/sepolicy/sepolicy.glade:1694 ++msgid "Reset Changes" + msgstr "" + +-#: booleans.py:218 +-msgid "Allow confined virtual guests to manage cifs files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1780 ++msgid "Applicaiton more detailed view" + msgstr "" + +-#: booleans.py:219 +-msgid "Allow confined virtual guests to interact with the sanlock" ++#: ../sepolicy/sepolicy/sepolicy.glade:1874 ++msgid "Analyzing Policy..." + msgstr "" + +-#: booleans.py:220 +-msgid "Allow confined virtual guests to manage device configuration, (pci)" ++#: ../sepolicy/sepolicy/gui.py:49 ++msgid "No" + msgstr "" + +-#: booleans.py:221 +-msgid "Allow confined virtual guests to use usb devices" ++#: ../sepolicy/sepolicy/gui.py:49 ++msgid "Yes" + msgstr "" + +-#: booleans.py:222 +-msgid "Allow confined virtual guests to interact with the xserver" ++#: ../sepolicy/sepolicy/gui.py:61 ++msgid "GTK Not Available" + msgstr "" + +-#: booleans.py:223 +-msgid "Allow webadm to manage files in users home directories" ++#: ../sepolicy/sepolicy/gui.py:195 ++msgid "System Status: Enforcing" + msgstr "" + +-#: booleans.py:224 +-msgid "Allow webadm to read files in users home directories" ++#: ../sepolicy/sepolicy/gui.py:197 ++msgid "System Status: Permissive" + msgstr "" + +-#: booleans.py:225 +-msgid "Ignore wine mmap_zero errors." ++#: ../sepolicy/sepolicy/gui.py:199 ++msgid "System Status: Disabled" + msgstr "" + -#: booleans.py:226 -+#: booleans.py:236 - msgid "Allow the graphical login program to execute bootloader" +-msgid "Allow the graphical login program to execute bootloader" ++#: ../sepolicy/sepolicy/gui.py:413 ++#, python-format ++msgid "File path used to enter the '%s' domain." msgstr "" -#: booleans.py:227 -+#: booleans.py:237 - msgid "" - "Allow the graphical login program to login directly as sysadm_r:sysadm_t" +-msgid "" +-"Allow the graphical login program to login directly as sysadm_r:sysadm_t" ++#: ../sepolicy/sepolicy/gui.py:414 ++#, python-format ++msgid "Files to which the '%s' domain can write." msgstr "" -#: booleans.py:228 -+#: booleans.py:238 - msgid "Allow xen to manage nfs files" +-msgid "Allow xen to manage nfs files" ++#: ../sepolicy/sepolicy/gui.py:415 ++#, python-format ++msgid "Network Ports to which the '%s' is allowed to connect." msgstr "" -#: booleans.py:229 -+#: booleans.py:239 - msgid "" - "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " - "logical volumes for disk images." +-msgid "" +-"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " +-"logical volumes for disk images." ++#: ../sepolicy/sepolicy/gui.py:416 ++#, python-format ++msgid "Network Ports to which the '%s' is allowed to listen." msgstr "" -#: booleans.py:230 -+#: booleans.py:240 - msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." +-msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." ++#: ../sepolicy/sepolicy/gui.py:417 ++#, python-format ++msgid "File Types defined for the '%s'." msgstr "" -#: booleans.py:231 -+#: booleans.py:241 ++#: ../sepolicy/sepolicy/gui.py:418 ++#, python-format msgid "" - "Allow xguest users to configure Network Manager and connect to apache ports" - msgstr "" - +-"Allow xguest users to configure Network Manager and connect to apache ports" +-msgstr "" +- -#: booleans.py:232 -+#: booleans.py:242 - msgid "Allow xguest to exec content" +-msgid "Allow xguest to exec content" ++"Display boolean information that can be used to modify the policy for the " ++"'%s'." msgstr "" -#: booleans.py:233 -+#: booleans.py:243 - msgid "Allow xguest users to mount removable media" +-msgid "Allow xguest users to mount removable media" ++#: ../sepolicy/sepolicy/gui.py:419 ++#, python-format ++msgid "Display file type information that can be used by the '%s'." msgstr "" -#: booleans.py:234 -+#: booleans.py:244 - msgid "Allow xguest to use blue tooth devices" +-msgid "Allow xguest to use blue tooth devices" ++#: ../sepolicy/sepolicy/gui.py:420 ++#, python-format ++msgid "Display network ports to which the '%s' can connect or listen to." msgstr "" -#: booleans.py:235 -+#: booleans.py:245 - msgid "Allows clients to write to the X server shared memory segments." +-msgid "Allows clients to write to the X server shared memory segments." ++#: ../sepolicy/sepolicy/gui.py:421 ++#, python-format ++msgid "Transitions Into '%s'" msgstr "" -#: booleans.py:236 -+#: booleans.py:246 - msgid "Allows XServer to execute writable memory" +-msgid "Allows XServer to execute writable memory" ++#: ../sepolicy/sepolicy/gui.py:422 ++#, python-format ++msgid "Transitions From '%s'" msgstr "" -#: booleans.py:237 -+#: booleans.py:247 - msgid "Support X userspace object manager" +-msgid "Support X userspace object manager" ++#: ../sepolicy/sepolicy/gui.py:423 ++#, python-format ++msgid "" ++"Executables which will transition to the '%s', when executing a selected " ++"domains entrypoint." msgstr "" -#: booleans.py:238 -msgid "Allow zabbix to connect to unreserved ports" -+#: booleans.py:248 -+msgid "Determine whether zabbix can connect to all TCP ports" ++#: ../sepolicy/sepolicy/gui.py:424 ++#, python-format ++msgid "" ++"Executables which will transition to a different domain, when the '%s' " ++"executes them." msgstr "" -#: booleans.py:239 -+#: booleans.py:249 - msgid "Allow zebra daemon to write it configuration files" +-msgid "Allow zebra daemon to write it configuration files" ++#: ../sepolicy/sepolicy/gui.py:425 ++#, python-format ++msgid "Display applications that can transition into or out of the '%s'." msgstr "" -#: booleans.py:240 -+#: booleans.py:250 - msgid "" - "Allow ZoneMinder to modify public files used for public file transfer " - "services." +-msgid "" +-"Allow ZoneMinder to modify public files used for public file transfer " +-"services." ++#: ../sepolicy/sepolicy/gui.py:604 ++#, python-format ++msgid "Boolean %s Allow Rules" + msgstr "" diff --git a/policycoreutils/po/am.po b/policycoreutils/po/am.po -index 961d921..5ee0bdc 100644 +index 961d921..3bb642f 100644 --- a/policycoreutils/po/am.po +++ b/policycoreutils/po/am.po @@ -8,7 +8,7 @@ msgid "" @@ -4023,7 +5094,7 @@ index 961d921..5ee0bdc 100644 "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2013-01-04 12:01-0500\n" -+"POT-Creation-Date: 2013-05-07 11:12-0400\n" ++"POT-Creation-Date: 2013-07-10 16:36-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -4036,7 +5107,7 @@ index 961d921..5ee0bdc 100644 #, c-format msgid "failed to initialize PAM\n" msgstr "" -@@ -73,16 +73,16 @@ msgstr "" +@@ -73,7 +73,7 @@ msgstr "" msgid "authentication failed.\n" msgstr "" @@ -4045,37 +5116,73 @@ index 961d921..5ee0bdc 100644 #, c-format msgid "Could not set exec context to %s.\n" msgstr "" - --#: ../audit2allow/audit2allow:232 -+#: ../audit2allow/audit2allow:231 - msgid "******************** IMPORTANT ***********************\n" +@@ -126,7 +126,7 @@ msgstr "" + msgid "Semanage transaction not in progress" msgstr "" --#: ../audit2allow/audit2allow:233 -+#: ../audit2allow/audit2allow:232 - msgid "To make this policy package active, execute:" +-#: ../semanage/seobject.py:265 ../semanage/seobject.py:345 ++#: ../semanage/seobject.py:265 ../semanage/seobject.py:347 + msgid "Could not list SELinux modules" msgstr "" -@@ -169,786 +169,799 @@ msgstr "" +@@ -142,814 +142,829 @@ msgstr "" + msgid "Disabled" + msgstr "" + +-#: ../semanage/seobject.py:296 ++#: ../semanage/seobject.py:288 ++#, python-format ++msgid "Module does not exists %s " ++msgstr "" ++ ++#: ../semanage/seobject.py:298 + #, python-format + msgid "Could not disable module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:307 ++#: ../semanage/seobject.py:309 + #, python-format + msgid "Could not enable module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:322 ++#: ../semanage/seobject.py:324 + #, python-format + msgid "Could not remove module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:332 ++#: ../semanage/seobject.py:334 + msgid "dontaudit requires either 'on' or 'off'" + msgstr "" + +-#: ../semanage/seobject.py:360 ++#: ../semanage/seobject.py:362 + msgid "Builtin Permissive Types" + msgstr "" + +-#: ../semanage/seobject.py:370 ++#: ../semanage/seobject.py:372 msgid "Customized Permissive Types" msgstr "" -#: ../semanage/seobject.py:412 -+#: ../semanage/seobject.py:379 ++#: ../semanage/seobject.py:381 +msgid "" +"The sepolgen python module is required to setup permissive domains.\n" -+"In some distributions it is included in the policycoreutils-devel package.\n" ++"In some distributions it is included in the policycoreutils-devel patckage.\n" +"# yum install policycoreutils-devel\n" +"Or similar for your distro." +msgstr "" + -+#: ../semanage/seobject.py:416 ++#: ../semanage/seobject.py:418 #, python-format msgid "Could not set permissive domain %s (module installation failed)" msgstr "" -#: ../semanage/seobject.py:418 -+#: ../semanage/seobject.py:422 ++#: ../semanage/seobject.py:424 #, python-format msgid "Could not remove permissive domain %s (remove failed)" msgstr "" @@ -4087,119 +5194,119 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:1820 ../semanage/seobject.py:1883 -#: ../semanage/seobject.py:1902 ../semanage/seobject.py:2025 -#: ../semanage/seobject.py:2076 -+#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -+#: ../semanage/seobject.py:577 ../semanage/seobject.py:699 -+#: ../semanage/seobject.py:729 ../semanage/seobject.py:796 -+#: ../semanage/seobject.py:853 ../semanage/seobject.py:1111 -+#: ../semanage/seobject.py:1834 ../semanage/seobject.py:1897 -+#: ../semanage/seobject.py:1916 ../semanage/seobject.py:2042 -+#: ../semanage/seobject.py:2093 ++#: ../semanage/seobject.py:459 ../semanage/seobject.py:533 ++#: ../semanage/seobject.py:579 ../semanage/seobject.py:701 ++#: ../semanage/seobject.py:731 ../semanage/seobject.py:798 ++#: ../semanage/seobject.py:855 ../semanage/seobject.py:1113 ++#: ../semanage/seobject.py:1836 ../semanage/seobject.py:1899 ++#: ../semanage/seobject.py:1918 ../semanage/seobject.py:2041 ++#: ../semanage/seobject.py:2092 #, python-format msgid "Could not create a key for %s" msgstr "" -#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -#: ../semanage/seobject.py:577 ../semanage/seobject.py:583 -+#: ../semanage/seobject.py:461 ../semanage/seobject.py:535 -+#: ../semanage/seobject.py:581 ../semanage/seobject.py:587 ++#: ../semanage/seobject.py:463 ../semanage/seobject.py:537 ++#: ../semanage/seobject.py:583 ../semanage/seobject.py:589 #, python-format msgid "Could not check if login mapping for %s is defined" msgstr "" -#: ../semanage/seobject.py:466 -+#: ../semanage/seobject.py:470 ++#: ../semanage/seobject.py:472 #, python-format msgid "Linux Group %s does not exist" msgstr "" -#: ../semanage/seobject.py:471 -+#: ../semanage/seobject.py:475 ++#: ../semanage/seobject.py:477 #, python-format msgid "Linux User %s does not exist" msgstr "" -#: ../semanage/seobject.py:475 -+#: ../semanage/seobject.py:479 ++#: ../semanage/seobject.py:481 #, python-format msgid "Could not create login mapping for %s" msgstr "" -#: ../semanage/seobject.py:479 ../semanage/seobject.py:740 -+#: ../semanage/seobject.py:483 ../semanage/seobject.py:744 ++#: ../semanage/seobject.py:485 ../semanage/seobject.py:746 #, python-format msgid "Could not set name for %s" msgstr "" -#: ../semanage/seobject.py:484 ../semanage/seobject.py:750 -+#: ../semanage/seobject.py:488 ../semanage/seobject.py:754 ++#: ../semanage/seobject.py:490 ../semanage/seobject.py:756 #, python-format msgid "Could not set MLS range for %s" msgstr "" -#: ../semanage/seobject.py:488 -+#: ../semanage/seobject.py:492 ++#: ../semanage/seobject.py:494 #, python-format msgid "Could not set SELinux user for %s" msgstr "" -#: ../semanage/seobject.py:492 -+#: ../semanage/seobject.py:496 ++#: ../semanage/seobject.py:498 #, python-format msgid "Could not add login mapping for %s" msgstr "" -#: ../semanage/seobject.py:510 -+#: ../semanage/seobject.py:514 ++#: ../semanage/seobject.py:516 msgid "Requires seuser or serange" msgstr "" -#: ../semanage/seobject.py:533 ../semanage/seobject.py:579 -+#: ../semanage/seobject.py:537 ../semanage/seobject.py:583 ++#: ../semanage/seobject.py:539 ../semanage/seobject.py:585 #, python-format msgid "Login mapping for %s is not defined" msgstr "" -#: ../semanage/seobject.py:537 -+#: ../semanage/seobject.py:541 ++#: ../semanage/seobject.py:543 #, python-format msgid "Could not query seuser for %s" msgstr "" -#: ../semanage/seobject.py:551 -+#: ../semanage/seobject.py:555 ++#: ../semanage/seobject.py:557 #, python-format msgid "Could not modify login mapping for %s" msgstr "" -#: ../semanage/seobject.py:585 -+#: ../semanage/seobject.py:589 ++#: ../semanage/seobject.py:591 #, python-format msgid "Login mapping for %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:589 -+#: ../semanage/seobject.py:593 ++#: ../semanage/seobject.py:595 #, python-format msgid "Could not delete login mapping for %s" msgstr "" -#: ../semanage/seobject.py:611 ../semanage/seobject.py:644 -#: ../semanage/seobject.py:892 -+#: ../semanage/seobject.py:615 ../semanage/seobject.py:648 -+#: ../semanage/seobject.py:896 ++#: ../semanage/seobject.py:617 ../semanage/seobject.py:650 ++#: ../semanage/seobject.py:898 msgid "Could not list login mappings" msgstr "" -#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 ++#: ../semanage/seobject.py:678 ../semanage/seobject.py:690 #: ../gui/system-config-selinux.glade:100 msgid "Login Name" msgstr "" -#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 ++#: ../semanage/seobject.py:678 ../semanage/seobject.py:690 ++#: ../semanage/seobject.py:948 ../semanage/seobject.py:953 #: ../gui/system-config-selinux.glade:128 #: ../gui/system-config-selinux.glade:915 #: ../gui/system-config-selinux.glade:2285 ../gui/usersPage.py:44 @@ -4207,338 +5314,339 @@ index 961d921..5ee0bdc 100644 msgstr "" -#: ../semanage/seobject.py:672 ../gui/system-config-selinux.glade:156 -+#: ../semanage/seobject.py:676 ../gui/system-config-selinux.glade:156 ++#: ../semanage/seobject.py:678 ../gui/system-config-selinux.glade:156 #: ../gui/system-config-selinux.glade:943 msgid "MLS/MCS Range" msgstr "" -#: ../semanage/seobject.py:672 -+#: ../semanage/seobject.py:676 ++#: ../semanage/seobject.py:678 msgid "Service" msgstr "" -#: ../semanage/seobject.py:698 ../semanage/seobject.py:729 -#: ../semanage/seobject.py:796 ../semanage/seobject.py:853 -#: ../semanage/seobject.py:859 -+#: ../semanage/seobject.py:702 ../semanage/seobject.py:733 -+#: ../semanage/seobject.py:800 ../semanage/seobject.py:857 -+#: ../semanage/seobject.py:863 ++#: ../semanage/seobject.py:704 ../semanage/seobject.py:735 ++#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 ++#: ../semanage/seobject.py:865 #, python-format msgid "Could not check if SELinux user %s is defined" msgstr "" -#: ../semanage/seobject.py:701 ../semanage/seobject.py:802 -#: ../semanage/seobject.py:865 -+#: ../semanage/seobject.py:705 ../semanage/seobject.py:806 -+#: ../semanage/seobject.py:869 ++#: ../semanage/seobject.py:707 ../semanage/seobject.py:808 ++#: ../semanage/seobject.py:871 #, python-format msgid "Could not query user for %s" msgstr "" -#: ../semanage/seobject.py:721 -+#: ../semanage/seobject.py:725 ++#: ../semanage/seobject.py:727 #, python-format msgid "You must add at least one role for %s" msgstr "" -#: ../semanage/seobject.py:736 -+#: ../semanage/seobject.py:740 ++#: ../semanage/seobject.py:742 #, python-format msgid "Could not create SELinux user for %s" msgstr "" -#: ../semanage/seobject.py:745 -+#: ../semanage/seobject.py:749 ++#: ../semanage/seobject.py:751 #, python-format msgid "Could not add role %s for %s" msgstr "" -#: ../semanage/seobject.py:754 -+#: ../semanage/seobject.py:758 ++#: ../semanage/seobject.py:760 #, python-format msgid "Could not set MLS level for %s" msgstr "" -#: ../semanage/seobject.py:757 -+#: ../semanage/seobject.py:761 ++#: ../semanage/seobject.py:763 #, python-format msgid "Could not add prefix %s for %s" msgstr "" -#: ../semanage/seobject.py:760 -+#: ../semanage/seobject.py:764 ++#: ../semanage/seobject.py:766 #, python-format msgid "Could not extract key for %s" msgstr "" -#: ../semanage/seobject.py:764 -+#: ../semanage/seobject.py:768 ++#: ../semanage/seobject.py:770 #, python-format msgid "Could not add SELinux user %s" msgstr "" -#: ../semanage/seobject.py:786 -+#: ../semanage/seobject.py:790 ++#: ../semanage/seobject.py:792 msgid "Requires prefix, roles, level or range" msgstr "" -#: ../semanage/seobject.py:788 -+#: ../semanage/seobject.py:792 ++#: ../semanage/seobject.py:794 msgid "Requires prefix or roles" msgstr "" -#: ../semanage/seobject.py:798 ../semanage/seobject.py:855 -+#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 ++#: ../semanage/seobject.py:804 ../semanage/seobject.py:861 #, python-format msgid "SELinux user %s is not defined" msgstr "" -#: ../semanage/seobject.py:827 -+#: ../semanage/seobject.py:831 ++#: ../semanage/seobject.py:833 #, python-format msgid "Could not modify SELinux user %s" msgstr "" -#: ../semanage/seobject.py:861 -+#: ../semanage/seobject.py:865 ++#: ../semanage/seobject.py:867 #, python-format msgid "SELinux user %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:872 -+#: ../semanage/seobject.py:876 ++#: ../semanage/seobject.py:878 #, python-format msgid "Could not delete SELinux user %s" msgstr "" -#: ../semanage/seobject.py:910 -+#: ../semanage/seobject.py:914 ++#: ../semanage/seobject.py:916 msgid "Could not list SELinux users" msgstr "" -#: ../semanage/seobject.py:916 -+#: ../semanage/seobject.py:920 ++#: ../semanage/seobject.py:922 #, python-format msgid "Could not list roles for user %s" msgstr "" -#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 ++#: ../semanage/seobject.py:947 msgid "Labeling" msgstr "" -#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 ++#: ../semanage/seobject.py:947 msgid "MLS/" msgstr "" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "Prefix" msgstr "" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "MCS Level" msgstr "" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "MCS Range" msgstr "" -#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 ++#: ../semanage/seobject.py:948 ../semanage/seobject.py:953 #: ../gui/system-config-selinux.glade:992 ../gui/usersPage.py:59 msgid "SELinux Roles" msgstr "" -#: ../semanage/seobject.py:964 -+#: ../semanage/seobject.py:971 ++#: ../semanage/seobject.py:973 msgid "Protocol udp or tcp is required" msgstr "" -#: ../semanage/seobject.py:966 -+#: ../semanage/seobject.py:973 ++#: ../semanage/seobject.py:975 msgid "Port is required" msgstr "" -#: ../semanage/seobject.py:976 -+#: ../semanage/seobject.py:983 ++#: ../semanage/seobject.py:985 msgid "Invalid Port" msgstr "" -#: ../semanage/seobject.py:980 -+#: ../semanage/seobject.py:987 ++#: ../semanage/seobject.py:989 #, python-format msgid "Could not create a key for %s/%s" msgstr "" -#: ../semanage/seobject.py:991 -+#: ../semanage/seobject.py:998 ++#: ../semanage/seobject.py:1000 msgid "Type is required" msgstr "" -#: ../semanage/seobject.py:994 ../semanage/seobject.py:1056 -#: ../semanage/seobject.py:1814 -+#: ../semanage/seobject.py:1001 ../semanage/seobject.py:1063 -+#: ../semanage/seobject.py:1828 ++#: ../semanage/seobject.py:1003 ../semanage/seobject.py:1065 ++#: ../semanage/seobject.py:1830 #, python-format msgid "Type %s is invalid, must be a port type" msgstr "" -#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062 -#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123 -+#: ../semanage/seobject.py:1007 ../semanage/seobject.py:1069 -+#: ../semanage/seobject.py:1124 ../semanage/seobject.py:1130 ++#: ../semanage/seobject.py:1009 ../semanage/seobject.py:1071 ++#: ../semanage/seobject.py:1126 ../semanage/seobject.py:1132 #, python-format msgid "Could not check if port %s/%s is defined" msgstr "" -#: ../semanage/seobject.py:1002 -+#: ../semanage/seobject.py:1009 ++#: ../semanage/seobject.py:1011 #, python-format msgid "Port %s/%s already defined" msgstr "" -#: ../semanage/seobject.py:1006 -+#: ../semanage/seobject.py:1013 ++#: ../semanage/seobject.py:1015 #, python-format msgid "Could not create port for %s/%s" msgstr "" -#: ../semanage/seobject.py:1012 -+#: ../semanage/seobject.py:1019 ++#: ../semanage/seobject.py:1021 #, python-format msgid "Could not create context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1016 -+#: ../semanage/seobject.py:1023 ++#: ../semanage/seobject.py:1025 #, python-format msgid "Could not set user in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1020 -+#: ../semanage/seobject.py:1027 ++#: ../semanage/seobject.py:1029 #, python-format msgid "Could not set role in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1024 -+#: ../semanage/seobject.py:1031 ++#: ../semanage/seobject.py:1033 #, python-format msgid "Could not set type in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1029 -+#: ../semanage/seobject.py:1036 ++#: ../semanage/seobject.py:1038 #, python-format msgid "Could not set mls fields in port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1033 -+#: ../semanage/seobject.py:1040 ++#: ../semanage/seobject.py:1042 #, python-format msgid "Could not set port context for %s/%s" msgstr "" -#: ../semanage/seobject.py:1037 -+#: ../semanage/seobject.py:1044 ++#: ../semanage/seobject.py:1046 #, python-format msgid "Could not add port %s/%s" msgstr "" -#: ../semanage/seobject.py:1051 ../semanage/seobject.py:1324 -#: ../semanage/seobject.py:1523 -+#: ../semanage/seobject.py:1058 ../semanage/seobject.py:1334 -+#: ../semanage/seobject.py:1533 ++#: ../semanage/seobject.py:1060 ../semanage/seobject.py:1336 ++#: ../semanage/seobject.py:1535 msgid "Requires setype or serange" msgstr "" -#: ../semanage/seobject.py:1053 -+#: ../semanage/seobject.py:1060 ++#: ../semanage/seobject.py:1062 msgid "Requires setype" msgstr "" -#: ../semanage/seobject.py:1064 ../semanage/seobject.py:1119 -+#: ../semanage/seobject.py:1071 ../semanage/seobject.py:1126 ++#: ../semanage/seobject.py:1073 ../semanage/seobject.py:1128 #, python-format msgid "Port %s/%s is not defined" msgstr "" -#: ../semanage/seobject.py:1068 -+#: ../semanage/seobject.py:1075 ++#: ../semanage/seobject.py:1077 #, python-format msgid "Could not query port %s/%s" msgstr "" -#: ../semanage/seobject.py:1079 -+#: ../semanage/seobject.py:1086 ++#: ../semanage/seobject.py:1088 #, python-format msgid "Could not modify port %s/%s" msgstr "" -#: ../semanage/seobject.py:1092 -+#: ../semanage/seobject.py:1099 ++#: ../semanage/seobject.py:1101 msgid "Could not list the ports" msgstr "" -#: ../semanage/seobject.py:1108 -+#: ../semanage/seobject.py:1115 ++#: ../semanage/seobject.py:1117 #, python-format msgid "Could not delete the port %s" msgstr "" -#: ../semanage/seobject.py:1125 -+#: ../semanage/seobject.py:1132 ++#: ../semanage/seobject.py:1134 #, python-format msgid "Port %s/%s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1129 -+#: ../semanage/seobject.py:1136 ++#: ../semanage/seobject.py:1138 #, python-format msgid "Could not delete port %s/%s" msgstr "" -#: ../semanage/seobject.py:1145 ../semanage/seobject.py:1167 -+#: ../semanage/seobject.py:1152 ../semanage/seobject.py:1174 ++#: ../semanage/seobject.py:1154 ../semanage/seobject.py:1176 msgid "Could not list ports" msgstr "" -#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 ++#: ../semanage/seobject.py:1215 ../sepolicy/sepolicy/sepolicy.glade:915 ++#: ../sepolicy/sepolicy/sepolicy.glade:1014 msgid "SELinux Port Type" msgstr "" -#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 ++#: ../semanage/seobject.py:1215 msgid "Proto" msgstr "" -#: ../semanage/seobject.py:1206 ../gui/system-config-selinux.glade:335 -+#: ../semanage/seobject.py:1213 ../gui/system-config-selinux.glade:335 ++#: ../semanage/seobject.py:1215 ../gui/system-config-selinux.glade:335 msgid "Port Number" msgstr "" -#: ../semanage/seobject.py:1227 -+#: ../semanage/seobject.py:1237 ++#: ../semanage/seobject.py:1239 msgid "Node Address is required" msgstr "" -#: ../semanage/seobject.py:1242 -+#: ../semanage/seobject.py:1252 ++#: ../semanage/seobject.py:1254 msgid "Unknown or missing protocol" msgstr "" -#: ../semanage/seobject.py:1256 -+#: ../semanage/seobject.py:1266 ++#: ../semanage/seobject.py:1268 msgid "SELinux node type is required" msgstr "" -#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327 -+#: ../semanage/seobject.py:1269 ../semanage/seobject.py:1337 ++#: ../semanage/seobject.py:1271 ../semanage/seobject.py:1339 #, python-format msgid "Type %s is invalid, must be a node type" msgstr "" @@ -4547,284 +5655,284 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465 -#: ../semanage/seobject.py:1527 ../semanage/seobject.py:1561 -#: ../semanage/seobject.py:1759 -+#: ../semanage/seobject.py:1273 ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1377 ../semanage/seobject.py:1475 -+#: ../semanage/seobject.py:1537 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1773 ++#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1343 ++#: ../semanage/seobject.py:1379 ../semanage/seobject.py:1477 ++#: ../semanage/seobject.py:1539 ../semanage/seobject.py:1573 ++#: ../semanage/seobject.py:1775 #, python-format msgid "Could not create key for %s" msgstr "" -#: ../semanage/seobject.py:1265 ../semanage/seobject.py:1335 -#: ../semanage/seobject.py:1371 ../semanage/seobject.py:1377 -+#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1345 -+#: ../semanage/seobject.py:1381 ../semanage/seobject.py:1387 ++#: ../semanage/seobject.py:1277 ../semanage/seobject.py:1347 ++#: ../semanage/seobject.py:1383 ../semanage/seobject.py:1389 #, python-format msgid "Could not check if addr %s is defined" msgstr "" -#: ../semanage/seobject.py:1274 -+#: ../semanage/seobject.py:1284 ++#: ../semanage/seobject.py:1286 #, python-format msgid "Could not create addr for %s" msgstr "" -#: ../semanage/seobject.py:1280 ../semanage/seobject.py:1481 -#: ../semanage/seobject.py:1714 -+#: ../semanage/seobject.py:1290 ../semanage/seobject.py:1491 -+#: ../semanage/seobject.py:1728 ++#: ../semanage/seobject.py:1292 ../semanage/seobject.py:1493 ++#: ../semanage/seobject.py:1730 #, python-format msgid "Could not create context for %s" msgstr "" -#: ../semanage/seobject.py:1284 -+#: ../semanage/seobject.py:1294 ++#: ../semanage/seobject.py:1296 #, python-format msgid "Could not set mask for %s" msgstr "" -#: ../semanage/seobject.py:1288 -+#: ../semanage/seobject.py:1298 ++#: ../semanage/seobject.py:1300 #, python-format msgid "Could not set user in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1292 -+#: ../semanage/seobject.py:1302 ++#: ../semanage/seobject.py:1304 #, python-format msgid "Could not set role in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1296 -+#: ../semanage/seobject.py:1306 ++#: ../semanage/seobject.py:1308 #, python-format msgid "Could not set type in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1301 -+#: ../semanage/seobject.py:1311 ++#: ../semanage/seobject.py:1313 #, python-format msgid "Could not set mls fields in addr context for %s" msgstr "" -#: ../semanage/seobject.py:1305 -+#: ../semanage/seobject.py:1315 ++#: ../semanage/seobject.py:1317 #, python-format msgid "Could not set addr context for %s" msgstr "" -#: ../semanage/seobject.py:1309 -+#: ../semanage/seobject.py:1319 ++#: ../semanage/seobject.py:1321 #, python-format msgid "Could not add addr %s" msgstr "" -#: ../semanage/seobject.py:1337 ../semanage/seobject.py:1373 -+#: ../semanage/seobject.py:1347 ../semanage/seobject.py:1383 ++#: ../semanage/seobject.py:1349 ../semanage/seobject.py:1385 #, python-format msgid "Addr %s is not defined" msgstr "" -#: ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1351 ++#: ../semanage/seobject.py:1353 #, python-format msgid "Could not query addr %s" msgstr "" -#: ../semanage/seobject.py:1351 -+#: ../semanage/seobject.py:1361 ++#: ../semanage/seobject.py:1363 #, python-format msgid "Could not modify addr %s" msgstr "" -#: ../semanage/seobject.py:1379 -+#: ../semanage/seobject.py:1389 ++#: ../semanage/seobject.py:1391 #, python-format msgid "Addr %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1383 -+#: ../semanage/seobject.py:1393 ++#: ../semanage/seobject.py:1395 #, python-format msgid "Could not delete addr %s" msgstr "" -#: ../semanage/seobject.py:1395 -+#: ../semanage/seobject.py:1405 ++#: ../semanage/seobject.py:1407 msgid "Could not deleteall node mappings" msgstr "" -#: ../semanage/seobject.py:1409 -+#: ../semanage/seobject.py:1419 ++#: ../semanage/seobject.py:1421 msgid "Could not list addrs" msgstr "" -#: ../semanage/seobject.py:1461 ../semanage/seobject.py:1752 -+#: ../semanage/seobject.py:1471 ../semanage/seobject.py:1766 ++#: ../semanage/seobject.py:1473 ../semanage/seobject.py:1768 msgid "SELinux Type is required" msgstr "" -#: ../semanage/seobject.py:1469 ../semanage/seobject.py:1531 -#: ../semanage/seobject.py:1565 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1479 ../semanage/seobject.py:1541 -+#: ../semanage/seobject.py:1575 ../semanage/seobject.py:1581 ++#: ../semanage/seobject.py:1481 ../semanage/seobject.py:1543 ++#: ../semanage/seobject.py:1577 ../semanage/seobject.py:1583 #, python-format msgid "Could not check if interface %s is defined" msgstr "" -#: ../semanage/seobject.py:1476 -+#: ../semanage/seobject.py:1486 ++#: ../semanage/seobject.py:1488 #, python-format msgid "Could not create interface for %s" msgstr "" -#: ../semanage/seobject.py:1485 -+#: ../semanage/seobject.py:1495 ++#: ../semanage/seobject.py:1497 #, python-format msgid "Could not set user in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1489 -+#: ../semanage/seobject.py:1499 ++#: ../semanage/seobject.py:1501 #, python-format msgid "Could not set role in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1493 -+#: ../semanage/seobject.py:1503 ++#: ../semanage/seobject.py:1505 #, python-format msgid "Could not set type in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1498 -+#: ../semanage/seobject.py:1508 ++#: ../semanage/seobject.py:1510 #, python-format msgid "Could not set mls fields in interface context for %s" msgstr "" -#: ../semanage/seobject.py:1502 -+#: ../semanage/seobject.py:1512 ++#: ../semanage/seobject.py:1514 #, python-format msgid "Could not set interface context for %s" msgstr "" -#: ../semanage/seobject.py:1506 -+#: ../semanage/seobject.py:1516 ++#: ../semanage/seobject.py:1518 #, python-format msgid "Could not set message context for %s" msgstr "" -#: ../semanage/seobject.py:1510 -+#: ../semanage/seobject.py:1520 ++#: ../semanage/seobject.py:1522 #, python-format msgid "Could not add interface %s" msgstr "" -#: ../semanage/seobject.py:1533 ../semanage/seobject.py:1567 -+#: ../semanage/seobject.py:1543 ../semanage/seobject.py:1577 ++#: ../semanage/seobject.py:1545 ../semanage/seobject.py:1579 #, python-format msgid "Interface %s is not defined" msgstr "" -#: ../semanage/seobject.py:1537 -+#: ../semanage/seobject.py:1547 ++#: ../semanage/seobject.py:1549 #, python-format msgid "Could not query interface %s" msgstr "" -#: ../semanage/seobject.py:1548 -+#: ../semanage/seobject.py:1558 ++#: ../semanage/seobject.py:1560 #, python-format msgid "Could not modify interface %s" msgstr "" -#: ../semanage/seobject.py:1573 -+#: ../semanage/seobject.py:1583 ++#: ../semanage/seobject.py:1585 #, python-format msgid "Interface %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1577 -+#: ../semanage/seobject.py:1587 ++#: ../semanage/seobject.py:1589 #, python-format msgid "Could not delete interface %s" msgstr "" -#: ../semanage/seobject.py:1589 -+#: ../semanage/seobject.py:1599 ++#: ../semanage/seobject.py:1601 msgid "Could not delete all interface mappings" msgstr "" -#: ../semanage/seobject.py:1603 -+#: ../semanage/seobject.py:1613 ++#: ../semanage/seobject.py:1615 msgid "Could not list interfaces" msgstr "" -#: ../semanage/seobject.py:1628 -+#: ../semanage/seobject.py:1638 ++#: ../semanage/seobject.py:1640 msgid "SELinux Interface" msgstr "" -#: ../semanage/seobject.py:1628 ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1638 ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1640 ../semanage/seobject.py:1990 msgid "Context" msgstr "" -#: ../semanage/seobject.py:1691 -+#: ../semanage/seobject.py:1705 ++#: ../semanage/seobject.py:1707 #, python-format msgid "Equivalence class for %s already exists" msgstr "" -#: ../semanage/seobject.py:1697 -+#: ../semanage/seobject.py:1711 ++#: ../semanage/seobject.py:1713 #, python-format msgid "File spec %s conflicts with equivalency rule '%s %s'" msgstr "" -#: ../semanage/seobject.py:1706 -+#: ../semanage/seobject.py:1720 ++#: ../semanage/seobject.py:1722 #, python-format msgid "Equivalence class for %s does not exists" msgstr "" -#: ../semanage/seobject.py:1720 -+#: ../semanage/seobject.py:1734 ++#: ../semanage/seobject.py:1736 #, python-format msgid "Could not set user in file context for %s" msgstr "" -#: ../semanage/seobject.py:1724 -+#: ../semanage/seobject.py:1738 ++#: ../semanage/seobject.py:1740 #, python-format msgid "Could not set role in file context for %s" msgstr "" -#: ../semanage/seobject.py:1729 ../semanage/seobject.py:1789 -+#: ../semanage/seobject.py:1743 ../semanage/seobject.py:1803 ++#: ../semanage/seobject.py:1745 ../semanage/seobject.py:1805 #, python-format msgid "Could not set mls fields in file context for %s" msgstr "" -#: ../semanage/seobject.py:1735 -+#: ../semanage/seobject.py:1749 ++#: ../semanage/seobject.py:1751 msgid "Invalid file specification" msgstr "" -#: ../semanage/seobject.py:1737 -+#: ../semanage/seobject.py:1751 ++#: ../semanage/seobject.py:1753 msgid "File specification can not include spaces" msgstr "" -#: ../semanage/seobject.py:1742 -+#: ../semanage/seobject.py:1756 ++#: ../semanage/seobject.py:1758 #, python-format msgid "" "File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' instead" msgstr "" -#: ../semanage/seobject.py:1755 -+#: ../semanage/seobject.py:1769 ++#: ../semanage/seobject.py:1771 #, python-format msgid "Type %s is invalid, must be a file or device type" msgstr "" @@ -4832,114 +5940,114 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768 -#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906 -#: ../semanage/seobject.py:1910 -+#: ../semanage/seobject.py:1777 ../semanage/seobject.py:1782 -+#: ../semanage/seobject.py:1838 ../semanage/seobject.py:1920 -+#: ../semanage/seobject.py:1924 ++#: ../semanage/seobject.py:1779 ../semanage/seobject.py:1784 ++#: ../semanage/seobject.py:1840 ../semanage/seobject.py:1922 ++#: ../semanage/seobject.py:1926 #, python-format msgid "Could not check if file context for %s is defined" msgstr "" -#: ../semanage/seobject.py:1776 -+#: ../semanage/seobject.py:1790 ++#: ../semanage/seobject.py:1792 #, python-format msgid "Could not create file context for %s" msgstr "" -#: ../semanage/seobject.py:1784 -+#: ../semanage/seobject.py:1798 ++#: ../semanage/seobject.py:1800 #, python-format msgid "Could not set type in file context for %s" msgstr "" -#: ../semanage/seobject.py:1792 ../semanage/seobject.py:1852 -#: ../semanage/seobject.py:1856 -+#: ../semanage/seobject.py:1806 ../semanage/seobject.py:1866 -+#: ../semanage/seobject.py:1870 ++#: ../semanage/seobject.py:1808 ../semanage/seobject.py:1868 ++#: ../semanage/seobject.py:1872 #, python-format msgid "Could not set file context for %s" msgstr "" -#: ../semanage/seobject.py:1798 -+#: ../semanage/seobject.py:1812 ++#: ../semanage/seobject.py:1814 #, python-format msgid "Could not add file context for %s" msgstr "" -#: ../semanage/seobject.py:1812 -+#: ../semanage/seobject.py:1826 ++#: ../semanage/seobject.py:1828 msgid "Requires setype, serange or seuser" msgstr "" -#: ../semanage/seobject.py:1828 ../semanage/seobject.py:1914 -+#: ../semanage/seobject.py:1842 ../semanage/seobject.py:1928 ++#: ../semanage/seobject.py:1844 ../semanage/seobject.py:1930 #, python-format msgid "File context for %s is not defined" msgstr "" -#: ../semanage/seobject.py:1834 -+#: ../semanage/seobject.py:1848 ++#: ../semanage/seobject.py:1850 #, python-format msgid "Could not query file context for %s" msgstr "" -#: ../semanage/seobject.py:1860 -+#: ../semanage/seobject.py:1874 ++#: ../semanage/seobject.py:1876 #, python-format msgid "Could not modify file context for %s" msgstr "" -#: ../semanage/seobject.py:1873 -+#: ../semanage/seobject.py:1887 ++#: ../semanage/seobject.py:1889 msgid "Could not list the file contexts" msgstr "" -#: ../semanage/seobject.py:1887 -+#: ../semanage/seobject.py:1901 ++#: ../semanage/seobject.py:1903 #, python-format msgid "Could not delete the file context %s" msgstr "" -#: ../semanage/seobject.py:1912 -+#: ../semanage/seobject.py:1926 ++#: ../semanage/seobject.py:1928 #, python-format msgid "File context for %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:1918 -+#: ../semanage/seobject.py:1932 ++#: ../semanage/seobject.py:1934 #, python-format msgid "Could not delete file context for %s" msgstr "" -#: ../semanage/seobject.py:1933 -+#: ../semanage/seobject.py:1947 ++#: ../semanage/seobject.py:1949 msgid "Could not list file contexts" msgstr "" -#: ../semanage/seobject.py:1937 -+#: ../semanage/seobject.py:1951 ++#: ../semanage/seobject.py:1953 msgid "Could not list local file contexts" msgstr "" -#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1990 msgid "SELinux fcontext" msgstr "" -#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1990 msgid "type" msgstr "" -#: ../semanage/seobject.py:1987 -+#: ../semanage/seobject.py:2001 ++#: ../semanage/seobject.py:2003 msgid "" "\n" "SELinux Distribution fcontext Equivalence \n" msgstr "" -#: ../semanage/seobject.py:1992 -+#: ../semanage/seobject.py:2006 ++#: ../semanage/seobject.py:2008 msgid "" "\n" "SELinux Local fcontext Equivalence \n" @@ -4947,101 +6055,99 @@ index 961d921..5ee0bdc 100644 -#: ../semanage/seobject.py:2028 ../semanage/seobject.py:2079 -#: ../semanage/seobject.py:2085 -+#: ../semanage/seobject.py:2036 -+#, python-format -+msgid "Value Required for %s" -+msgstr "" -+ -+#: ../semanage/seobject.py:2045 ../semanage/seobject.py:2096 -+#: ../semanage/seobject.py:2102 ++#: ../semanage/seobject.py:2044 ../semanage/seobject.py:2095 ++#: ../semanage/seobject.py:2101 #, python-format msgid "Could not check if boolean %s is defined" msgstr "" -#: ../semanage/seobject.py:2030 ../semanage/seobject.py:2081 -+#: ../semanage/seobject.py:2047 ../semanage/seobject.py:2098 ++#: ../semanage/seobject.py:2046 ../semanage/seobject.py:2097 #, python-format msgid "Boolean %s is not defined" msgstr "" -#: ../semanage/seobject.py:2034 -+#: ../semanage/seobject.py:2051 ++#: ../semanage/seobject.py:2050 #, python-format msgid "Could not query file context %s" msgstr "" -#: ../semanage/seobject.py:2039 -+#: ../semanage/seobject.py:2056 ++#: ../semanage/seobject.py:2055 #, python-format msgid "You must specify one of the following values: %s" msgstr "" -#: ../semanage/seobject.py:2044 -+#: ../semanage/seobject.py:2061 ++#: ../semanage/seobject.py:2060 #, python-format msgid "Could not set active value of boolean %s" msgstr "" -#: ../semanage/seobject.py:2047 -+#: ../semanage/seobject.py:2064 ++#: ../semanage/seobject.py:2063 #, python-format msgid "Could not modify boolean %s" msgstr "" -#: ../semanage/seobject.py:2063 -+#: ../semanage/seobject.py:2080 ++#: ../semanage/seobject.py:2079 #, python-format msgid "Bad format %s: Record %s" msgstr "" -#: ../semanage/seobject.py:2087 -+#: ../semanage/seobject.py:2104 ++#: ../semanage/seobject.py:2103 #, python-format msgid "Boolean %s is defined in policy, cannot be deleted" msgstr "" -#: ../semanage/seobject.py:2091 -+#: ../semanage/seobject.py:2108 ++#: ../semanage/seobject.py:2107 #, python-format msgid "Could not delete boolean %s" msgstr "" -#: ../semanage/seobject.py:2103 ../semanage/seobject.py:2120 -+#: ../semanage/seobject.py:2120 ../semanage/seobject.py:2137 ++#: ../semanage/seobject.py:2119 ../semanage/seobject.py:2136 msgid "Could not list booleans" msgstr "" -#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 ++#: ../semanage/seobject.py:2171 msgid "off" msgstr "" -#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 ++#: ../semanage/seobject.py:2171 msgid "on" msgstr "" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "SELinux boolean" msgstr "" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "State" msgstr "" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "Default" msgstr "" -#: ../semanage/seobject.py:2169 ../gui/polgen.glade:113 -+#: ../semanage/seobject.py:2186 ../gui/polgen.glade:113 - #: ../gui/polgengui.py:269 +-#: ../gui/polgengui.py:269 ++#: ../semanage/seobject.py:2185 ../gui/polgen.glade:113 ++#: ../gui/polgengui.py:274 ../sepolicy/sepolicy/sepolicy.glade:242 ++#: ../sepolicy/sepolicy/sepolicy.glade:638 msgid "Description" msgstr "" -@@ -988,206 +1001,226 @@ msgstr "" + +@@ -988,206 +1003,226 @@ msgstr "" msgid "Unable to clear environment\n" msgstr "" @@ -5309,7 +6415,7 @@ index 961d921..5ee0bdc 100644 msgid "failed to exec shell\n" msgstr "" -@@ -1414,7 +1447,7 @@ msgstr "" +@@ -1414,7 +1449,7 @@ msgstr "" msgid "Applications" msgstr "" @@ -5318,7 +6424,7 @@ index 961d921..5ee0bdc 100644 msgid "Standard Init Daemon" msgstr "" -@@ -1424,7 +1457,7 @@ msgid "" +@@ -1424,7 +1459,7 @@ msgid "" "requires a script in /etc/rc.d/init.d" msgstr "" @@ -5327,7 +6433,7 @@ index 961d921..5ee0bdc 100644 msgid "DBUS System Daemon" msgstr "" -@@ -1436,7 +1469,7 @@ msgstr "" +@@ -1436,7 +1471,7 @@ msgstr "" msgid "Internet Services Daemon are daemons started by xinetd" msgstr "" @@ -5336,7 +6442,7 @@ index 961d921..5ee0bdc 100644 msgid "Web Application/Script (CGI)" msgstr "" -@@ -1445,7 +1478,7 @@ msgid "" +@@ -1445,7 +1480,7 @@ msgid "" "Web Applications/Script (CGI) CGI scripts started by the web server (apache)" msgstr "" @@ -5345,7 +6451,7 @@ index 961d921..5ee0bdc 100644 msgid "User Application" msgstr "" -@@ -1455,7 +1488,7 @@ msgid "" +@@ -1455,7 +1490,7 @@ msgid "" "started by a user" msgstr "" @@ -5354,193 +6460,340 @@ index 961d921..5ee0bdc 100644 msgid "Sandbox" msgstr "" -@@ -2159,261 +2192,322 @@ msgstr "" +@@ -1530,7 +1565,8 @@ msgstr "" + msgid "Enter name of application or user role:" + msgstr "" + +-#: ../gui/polgen.glade:728 ../gui/polgengui.py:267 ++#: ../gui/polgen.glade:728 ../gui/polgengui.py:272 ++#: ../sepolicy/sepolicy/sepolicy.glade:279 + msgid "Name" + msgstr "" + +@@ -1745,75 +1781,75 @@ msgstr "" + msgid "Policy Directory" + msgstr "" + +-#: ../gui/polgengui.py:277 ++#: ../gui/polgengui.py:282 + msgid "Role" + msgstr "" + +-#: ../gui/polgengui.py:284 ++#: ../gui/polgengui.py:289 + msgid "Existing_User" + msgstr "" + +-#: ../gui/polgengui.py:298 ../gui/polgengui.py:306 ../gui/polgengui.py:320 ++#: ../gui/polgengui.py:303 ../gui/polgengui.py:311 ../gui/polgengui.py:325 + msgid "Application" + msgstr "" + +-#: ../gui/polgengui.py:363 ++#: ../gui/polgengui.py:370 + #, python-format + msgid "%s must be a directory" + msgstr "" + +-#: ../gui/polgengui.py:423 ../gui/polgengui.py:704 ++#: ../gui/polgengui.py:430 ../gui/polgengui.py:711 + msgid "You must select a user" + msgstr "" + +-#: ../gui/polgengui.py:553 ++#: ../gui/polgengui.py:560 + msgid "Select executable file to be confined." + msgstr "" + +-#: ../gui/polgengui.py:564 ++#: ../gui/polgengui.py:571 + msgid "Select init script file to be confined." + msgstr "" + +-#: ../gui/polgengui.py:574 ++#: ../gui/polgengui.py:581 + msgid "Select file(s) that confined application creates or writes" + msgstr "" + +-#: ../gui/polgengui.py:581 ++#: ../gui/polgengui.py:588 + msgid "Select directory(s) that the confined application owns and writes into" + msgstr "" + +-#: ../gui/polgengui.py:643 ++#: ../gui/polgengui.py:650 + msgid "Select directory to generate policy files in" + msgstr "" + +-#: ../gui/polgengui.py:660 ++#: ../gui/polgengui.py:667 + #, python-format + msgid "" + "Type %s_t already defined in current policy.\n" + "Do you want to continue?" + msgstr "" + +-#: ../gui/polgengui.py:660 ../gui/polgengui.py:664 ++#: ../gui/polgengui.py:667 ../gui/polgengui.py:671 + msgid "Verify Name" + msgstr "" + +-#: ../gui/polgengui.py:664 ++#: ../gui/polgengui.py:671 + #, python-format + msgid "" + "Module %s.pp already loaded in current policy.\n" + "Do you want to continue?" + msgstr "" + +-#: ../gui/polgengui.py:710 ++#: ../gui/polgengui.py:717 + msgid "" + "You must add a name made up of letters and numbers and containing no spaces." + msgstr "" + +-#: ../gui/polgengui.py:724 ++#: ../gui/polgengui.py:731 + msgid "You must enter a executable" + msgstr "" + +-#: ../gui/polgengui.py:749 ../gui/system-config-selinux.py:180 ++#: ../gui/polgengui.py:756 ../gui/system-config-selinux.py:180 + msgid "Configue SELinux" + msgstr "" + +@@ -1828,6 +1864,8 @@ msgid "" + msgstr "" + + #: ../gui/portsPage.py:91 ../gui/system-config-selinux.glade:363 ++#: ../sepolicy/sepolicy/sepolicy.glade:881 ++#: ../sepolicy/sepolicy/sepolicy.glade:980 + msgid "Protocol" + msgstr "" + +@@ -1837,7 +1875,8 @@ msgid "" + "Level" + msgstr "" + +-#: ../gui/portsPage.py:101 ++#: ../gui/portsPage.py:101 ../sepolicy/sepolicy/sepolicy.glade:864 ++#: ../sepolicy/sepolicy/sepolicy.glade:963 + msgid "Port" + msgstr "" + +@@ -1967,6 +2006,9 @@ msgid "SELinux Administration" + msgstr "" + + #: ../gui/system-config-selinux.glade:1122 ++#: ../sepolicy/sepolicy/sepolicy.glade:405 ++#: ../sepolicy/sepolicy/sepolicy.glade:819 ++#: ../sepolicy/sepolicy/sepolicy.glade:1156 + msgid "Add" + msgstr "" + +@@ -2036,6 +2078,10 @@ msgstr "" + #: ../gui/system-config-selinux.glade:2467 + #: ../gui/system-config-selinux.glade:2692 + #: ../gui/system-config-selinux.glade:2867 ++#: ../sepolicy/sepolicy/sepolicy.glade:157 ++#: ../sepolicy/sepolicy/sepolicy.glade:326 ++#: ../sepolicy/sepolicy/sepolicy.glade:733 ++#: ../sepolicy/sepolicy/sepolicy.glade:1081 + msgid "Filter" + msgstr "" + +@@ -2159,1315 +2205,1864 @@ msgstr "" msgid "SELinux user '%s' is required" msgstr "" -#: ../sepolicy/sepolicy.py:202 -+#: ../sepolicy/sepolicy.py:183 -+#, python-format -+msgid "Interface %s does not exist." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:267 - msgid "Generate SELinux man pages" +-msgid "Generate SELinux man pages" ++#: booleans.py:1 ++msgid "" ++"Allow ABRT to modify public files used for public file transfer services." msgstr "" -#: ../sepolicy/sepolicy.py:205 -+#: ../sepolicy/sepolicy.py:270 - msgid "path in which the generated SELinux man pages will be stored" +-msgid "path in which the generated SELinux man pages will be stored" ++#: booleans.py:2 ++msgid "" ++"Allow ABRT to run in abrt_handle_event_t domain to handle ABRT event scripts" msgstr "" -#: ../sepolicy/sepolicy.py:207 -+#: ../sepolicy/sepolicy.py:272 - msgid "name of the OS for man pages" +-msgid "name of the OS for man pages" ++#: booleans.py:3 ++msgid "Allow antivirus programs to read non security files on a system" msgstr "" -#: ../sepolicy/sepolicy.py:209 -+#: ../sepolicy/sepolicy.py:274 - msgid "Generate HTML man pages structure for selected SELinux man page" +-msgid "Generate HTML man pages structure for selected SELinux man page" ++#: booleans.py:4 ++msgid "Determine whether can antivirus programs use JIT compiler." msgstr "" -#: ../sepolicy/sepolicy.py:213 -+#: ../sepolicy/sepolicy.py:276 -+msgid "Alternate root directory, defaults to /" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:280 - msgid "All domains" +-msgid "All domains" ++#: booleans.py:5 ++msgid "Allow auditadm to exec content" msgstr "" -#: ../sepolicy/sepolicy.py:216 -+#: ../sepolicy/sepolicy.py:283 - msgid "Domain name(s) of man pages to be created" +-msgid "Domain name(s) of man pages to be created" ++#: booleans.py:6 ++msgid "" ++"Allow users to resolve user passwd entries directly from ldap rather then " ++"using a sssd server" msgstr "" -#: ../sepolicy/sepolicy.py:221 -+#: ../sepolicy/sepolicy.py:288 - msgid "Query SELinux policy network information" +-msgid "Query SELinux policy network information" ++#: booleans.py:7 ++msgid "Allow users to login using a radius server" msgstr "" -#: ../sepolicy/sepolicy.py:226 -+#: ../sepolicy/sepolicy.py:293 - msgid "list all SELinux port types" +-msgid "list all SELinux port types" ++#: booleans.py:8 ++msgid "Allow users to login using a yubikey server" msgstr "" -#: ../sepolicy/sepolicy.py:229 -+#: ../sepolicy/sepolicy.py:296 - msgid "show SELinux type related to the port" +-msgid "show SELinux type related to the port" ++#: booleans.py:9 ++msgid "Determine whether awstats can purge httpd log files." msgstr "" -#: ../sepolicy/sepolicy.py:232 -+#: ../sepolicy/sepolicy.py:299 - msgid "Show ports defined for this SELinux type" +-msgid "Show ports defined for this SELinux type" ++#: booleans.py:10 ++msgid "" ++"Determine whether cdrecord can read various content. nfs, samba, removable " ++"devices, user temp and untrusted content files" msgstr "" -#: ../sepolicy/sepolicy.py:235 -+#: ../sepolicy/sepolicy.py:302 - msgid "show ports to which this domain can bind and/or connect" +-msgid "show ports to which this domain can bind and/or connect" ++#: booleans.py:11 ++msgid "" ++"Allow cluster administrative domains to connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:250 -+#: ../sepolicy/sepolicy.py:317 - msgid "query SELinux policy to see if domains can communicate with each other" +-msgid "query SELinux policy to see if domains can communicate with each other" ++#: booleans.py:12 ++msgid "Allow cluster administrative domains to manage all files on a system." msgstr "" -#: ../sepolicy/sepolicy.py:253 -+#: ../sepolicy/sepolicy.py:320 - msgid "Source Domain" +-msgid "Source Domain" ++#: booleans.py:13 ++msgid "" ++"Allow cluster administrative cluster domains memcheck-amd64- to use " ++"executable memory" msgstr "" -#: ../sepolicy/sepolicy.py:256 -+#: ../sepolicy/sepolicy.py:323 - msgid "Target Domain" +-msgid "Target Domain" ++#: booleans.py:14 ++msgid "" ++"Determine whether Cobbler can modify public files used for public file " ++"transfer services." msgstr "" -#: ../sepolicy/sepolicy.py:276 -+#: ../sepolicy/sepolicy.py:342 - msgid "query SELinux Policy to see description of booleans" +-msgid "query SELinux Policy to see description of booleans" ++#: booleans.py:15 ++msgid "Determine whether Cobbler can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:280 -+#: ../sepolicy/sepolicy.py:346 - msgid "get all booleans descriptions" +-msgid "get all booleans descriptions" ++#: booleans.py:16 ++msgid "Determine whether Cobbler can access cifs file systems." msgstr "" -#: ../sepolicy/sepolicy.py:282 -+#: ../sepolicy/sepolicy.py:349 - msgid "boolean to get description" +-msgid "boolean to get description" ++#: booleans.py:17 ++msgid "Determine whether Cobbler can access nfs file systems." msgstr "" -#: ../sepolicy/sepolicy.py:301 -+#: ../sepolicy/sepolicy.py:359 - msgid "" - "query SELinux Policy to see how a source process domain can transition to " - "the target process domain" +-msgid "" +-"query SELinux Policy to see how a source process domain can transition to " +-"the target process domain" ++#: booleans.py:18 ++msgid "Determine whether collectd can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:304 -+#: ../sepolicy/sepolicy.py:362 - msgid "source process domain" +-msgid "source process domain" ++#: booleans.py:19 ++msgid "Determine whether Condor can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:307 -+#: ../sepolicy/sepolicy.py:365 - msgid "target process domain" +-msgid "target process domain" ++#: booleans.py:20 ++msgid "" ++"Allow system cron jobs to relabel filesystem for restoring file contexts." msgstr "" -#: ../sepolicy/sepolicy.py:327 -+#: ../sepolicy/sepolicy.py:408 -+#, python-format -+msgid "sepolicy generate: error: one of the arguments %s is required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:413 - msgid "Command required for this type of policy" +-msgid "Command required for this type of policy" ++#: booleans.py:21 ++msgid "Determine whether cvs can read shadow password files." msgstr "" -#: ../sepolicy/sepolicy.py:347 -+#: ../sepolicy/sepolicy.py:424 -+msgid "" -+"-t option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:429 -+msgid "" -+"-d option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:433 -+msgid "" -+"-a option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:452 - msgid "List SELinux Policy interfaces" +-msgid "List SELinux Policy interfaces" ++#: booleans.py:22 ++msgid "Allow all daemons to write corefiles to /" msgstr "" -#: ../sepolicy/sepolicy.py:362 -+#: ../sepolicy/sepolicy.py:470 -+msgid "Enter interface names, you wish to query" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:479 - msgid "Generate SELinux Policy module template" +-msgid "Generate SELinux Policy module template" ++#: booleans.py:23 ++msgid "Allow all daemons to use tcp wrappers." msgstr "" -#: ../sepolicy/sepolicy.py:365 -+#: ../sepolicy/sepolicy.py:482 - msgid "Enter domain type which you will be extending" +-msgid "Enter domain type which you will be extending" ++#: booleans.py:24 ++msgid "Allow all daemons the ability to read/write terminals" msgstr "" -#: ../sepolicy/sepolicy.py:368 -+#: ../sepolicy/sepolicy.py:485 - msgid "Enter SELinux user(s) which will transition to this domain" +-msgid "Enter SELinux user(s) which will transition to this domain" ++#: booleans.py:25 ++msgid "Determine whether dbadm can manage generic user files." msgstr "" -#: ../sepolicy/sepolicy.py:371 -+#: ../sepolicy/sepolicy.py:488 - msgid "Enter domain(s) that this confined admin will administrate" +-msgid "Enter domain(s) that this confined admin will administrate" ++#: booleans.py:26 ++msgid "Determine whether dbadm can read generic user files." msgstr "" -#: ../sepolicy/sepolicy.py:374 -+#: ../sepolicy/sepolicy.py:491 - msgid "name of policy to generate" +-msgid "name of policy to generate" ++#: booleans.py:27 ++msgid "" ++"Deny user domains applications to map a memory region as both executable and " ++"writable, this is dangerous and the executable should be reported in bugzilla" msgstr "" -#: ../sepolicy/sepolicy.py:378 -+#: ../sepolicy/sepolicy.py:498 - msgid "path in which the generated policy files will be stored" +-msgid "path in which the generated policy files will be stored" ++#: booleans.py:28 ++msgid "Deny any process from ptracing or debugging any other processes." msgstr "" -#: ../sepolicy/sepolicy.py:380 -msgid "executable to confine" -+#: ../sepolicy/sepolicy.py:500 -+msgid "path to which the confined processes will need to write" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:501 -+msgid "Policy types which require a command" ++#: booleans.py:29 ++msgid "Allow dhcpc client applications to execute iptables commands" msgstr "" -#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387 @@ -5549,1567 +6802,2368 @@ index 961d921..5ee0bdc 100644 -#: ../sepolicy/sepolicy.py:402 ../sepolicy/sepolicy.py:405 -#: ../sepolicy/sepolicy.py:408 ../sepolicy/sepolicy.py:411 -#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 -+#: ../sepolicy/sepolicy.py:505 ../sepolicy/sepolicy.py:508 -+#: ../sepolicy/sepolicy.py:511 ../sepolicy/sepolicy.py:514 -+#: ../sepolicy/sepolicy.py:517 ../sepolicy/sepolicy.py:523 -+#: ../sepolicy/sepolicy.py:526 ../sepolicy/sepolicy.py:529 -+#: ../sepolicy/sepolicy.py:535 ../sepolicy/sepolicy.py:538 -+#: ../sepolicy/sepolicy.py:541 ../sepolicy/sepolicy.py:544 - #, python-format +-#, python-format -msgid "Generate Policy for %s" -+msgid "Generate '%s' policy" - msgstr "" - --#: ../sepolicy/sepolicy.py:422 -+#: ../sepolicy/sepolicy.py:532 -+#, python-format -+msgid "Generate '%s' policy " -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:546 -+msgid "executable to confine" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:551 - msgid "commands" - msgstr "" - --#: ../sepolicy/sepolicy.py:425 -+#: ../sepolicy/sepolicy.py:554 - msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:48 -+#: ../sepolicy/sepolicy/__init__.py:72 - msgid "No SELinux Policy installed" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:54 -+#: ../sepolicy/sepolicy/__init__.py:243 - #, python-format - msgid "Failed to read %s policy file" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:127 -+#: ../sepolicy/sepolicy/__init__.py:302 - msgid "unknown" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:173 -+#: ../sepolicy/sepolicy/generate.py:132 - msgid "Internet Services Daemon" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:177 -+#: ../sepolicy/sepolicy/generate.py:136 - msgid "Existing Domain Type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:178 -+#: ../sepolicy/sepolicy/generate.py:137 - msgid "Minimal Terminal Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:179 -+#: ../sepolicy/sepolicy/generate.py:138 - msgid "Minimal X Windows Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:180 -+#: ../sepolicy/sepolicy/generate.py:139 - msgid "Desktop Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:181 -+#: ../sepolicy/sepolicy/generate.py:140 - msgid "Administrator Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:182 -+#: ../sepolicy/sepolicy/generate.py:141 - msgid "Confined Root Administrator Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:187 -+#: ../sepolicy/sepolicy/generate.py:142 -+msgid "Module information for a new type" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:147 - msgid "Valid Types:\n" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:221 -+#: ../sepolicy/sepolicy/generate.py:181 - #, python-format - msgid "Ports must be numbers or ranges of numbers from 1 to %d " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:231 -+#: ../sepolicy/sepolicy/generate.py:192 - msgid "You must enter a valid policy type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:234 -+#: ../sepolicy/sepolicy/generate.py:195 - #, python-format - msgid "You must enter a name for your policy module for your %s." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:355 -+#: ../sepolicy/sepolicy/generate.py:327 - msgid "" - "Name must be alpha numberic with no spaces. Consider using option \"-n " - "MODULENAME\"" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:447 -+#: ../sepolicy/sepolicy/generate.py:419 - msgid "User Role types can not be assigned executables." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:453 -+#: ../sepolicy/sepolicy/generate.py:425 - msgid "Only Daemon apps can use an init script.." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:471 -+#: ../sepolicy/sepolicy/generate.py:443 - msgid "use_resolve must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:477 -+#: ../sepolicy/sepolicy/generate.py:449 - msgid "use_syslog must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:483 -+#: ../sepolicy/sepolicy/generate.py:455 - msgid "use_kerberos must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:489 -+#: ../sepolicy/sepolicy/generate.py:461 - msgid "manage_krb5_rcache must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:519 -+#: ../sepolicy/sepolicy/generate.py:491 - msgid "USER Types automatically get a tmp type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:857 -+#: ../sepolicy/sepolicy/generate.py:832 - #, python-format - msgid "%s policy modules require existing domains" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1059 -+#: ../sepolicy/sepolicy/generate.py:857 -+msgid "Type field required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:869 -+#, python-format -+msgid "" -+"You need to define a new type which ends with: \n" -+" %s" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:1088 - msgid "You must enter the executable path for your confined process" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1321 -+#: ../sepolicy/sepolicy/generate.py:1351 - msgid "Type Enforcement file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1322 -+#: ../sepolicy/sepolicy/generate.py:1352 - msgid "Interface file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1323 -+#: ../sepolicy/sepolicy/generate.py:1353 - msgid "File Contexts file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1324 -+#: ../sepolicy/sepolicy/generate.py:1354 - msgid "Spec file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1325 -+#: ../sepolicy/sepolicy/generate.py:1355 - msgid "Setup Script" - msgstr "" - -@@ -2428,11 +2522,11 @@ msgid "" - msgstr "" - - #: booleans.py:3 --msgid "Allow amavis to use JIT compiler" -+msgid "Allow antivirus programs to read non security files on a system" - msgstr "" - - #: booleans.py:4 --msgid "Allow antivirus programs to read non security files on a system" -+msgid "Determine whether can antivirus programs use JIT compiler." - msgstr "" - - #: booleans.py:5 -@@ -2454,50 +2548,54 @@ msgid "Allow users to login using a yubikey server" - msgstr "" - - #: booleans.py:9 --msgid "Allow awstats to purge Apache logs" -+msgid "Determine whether awstats can purge httpd log files." - msgstr "" - - #: booleans.py:10 - msgid "" --"Allow cdrecord to read various content. nfs, samba, removable devices, user " --"temp and untrusted content files" -+"Determine whether cdrecord can read various content. nfs, samba, removable " -+"devices, user temp and untrusted content files" - msgstr "" - - #: booleans.py:11 --msgid "Allow clamd to use JIT compiler" -+msgid "" -+"Allow cluster administrative domains to connect to the network using TCP." - msgstr "" - - #: booleans.py:12 --msgid "Allow clamscan to non security files on a system" -+msgid "Allow cluster administrative domains to manage all files on a system." - msgstr "" - - #: booleans.py:13 --msgid "Allow clamscan to read user content" -+msgid "" -+"Allow cluster administrative cluster domains memcheck-amd64- to use " -+"executable memory" - msgstr "" - - #: booleans.py:14 - msgid "" --"Allow Cobbler to modify public files used for public file transfer services." -+"Determine whether Cobbler can modify public files used for public file " -+"transfer services." - msgstr "" - - #: booleans.py:15 --msgid "Allow Cobbler to connect to the network using TCP." -+msgid "Determine whether Cobbler can connect to the network using TCP." - msgstr "" - - #: booleans.py:16 --msgid "Allow Cobbler to access cifs file systems." -+msgid "Determine whether Cobbler can access cifs file systems." - msgstr "" - - #: booleans.py:17 --msgid "Allow Cobbler to access nfs file systems." -+msgid "Determine whether Cobbler can access nfs file systems." - msgstr "" - - #: booleans.py:18 --msgid "Allow collectd to connect to the network using TCP." -+msgid "Determine whether collectd can connect to the network using TCP." - msgstr "" - - #: booleans.py:19 --msgid "Allow codnor domain to connect to the network using TCP." -+msgid "Determine whether Condor can connect to the network using TCP." - msgstr "" - - #: booleans.py:20 -@@ -2506,7 +2604,7 @@ msgid "" - msgstr "" - - #: booleans.py:21 --msgid "Allow cvs daemon to read shadow" -+msgid "Determine whether cvs can read shadow password files." - msgstr "" - - #: booleans.py:22 -@@ -2522,951 +2620,1000 @@ msgid "Allow all daemons the ability to read/write terminals" - msgstr "" - - #: booleans.py:25 --msgid "Allow dan to manage user files" -+msgid "Determine whether dbadm can manage generic user files." - msgstr "" - - #: booleans.py:26 --msgid "Allow dan to read user files" -+msgid "Determine whether dbadm can read generic user files." - msgstr "" - - #: booleans.py:27 --msgid "Allow dbadm to manage files in users home directories" -+msgid "" -+"Deny user domains applications to map a memory region as both executable and " -+"writable, this is dangerous and the executable should be reported in bugzilla" - msgstr "" - - #: booleans.py:28 --msgid "Allow dbadm to read files in users home directories" -+msgid "Deny any process from ptracing or debugging any other processes." - msgstr "" - - #: booleans.py:29 --msgid "" --"Deny user domains applications to map a memory region as both executable and " --"writable, this is dangerous and the executable should be reported in bugzilla" -+msgid "Allow dhcpc client applications to execute iptables commands" - msgstr "" - - #: booleans.py:30 --msgid "Allow sysadm to debug or ptrace all processes." ++#: booleans.py:30 +msgid "Determine whether DHCP daemon can use LDAP backends." msgstr "" - #: booleans.py:31 --msgid "Allow dhcpc client applications to execute iptables commands" +-#: ../sepolicy/sepolicy.py:422 +-msgid "commands" ++#: booleans.py:31 +msgid "Allow all domains to use other domains file descriptors" msgstr "" - #: booleans.py:32 --msgid "Allow DHCP daemon to use LDAP backends" +-#: ../sepolicy/sepolicy.py:425 +-msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" ++#: booleans.py:32 +msgid "Allow all domains to have the kernel load modules" msgstr "" - #: booleans.py:33 --msgid "Allow all domains to use other domains file descriptors" +-#: ../sepolicy/sepolicy/__init__.py:48 +-msgid "No SELinux Policy installed" ++#: booleans.py:33 +msgid "" +"Determine whether entropyd can use audio devices as the source for the " +"entropy feeds." msgstr "" - #: booleans.py:34 --msgid "Allow all domains to have the kernel load modules" +-#: ../sepolicy/sepolicy/__init__.py:54 +-#, python-format +-msgid "Failed to read %s policy file" ++#: booleans.py:34 +msgid "Determine whether exim can connect to databases." msgstr "" - #: booleans.py:35 --msgid "Allow the use of the audio devices as the source for the entropy feeds" +-#: ../sepolicy/sepolicy/__init__.py:127 +-msgid "unknown" ++#: booleans.py:35 +msgid "" +"Determine whether exim can create, read, write, and delete generic user " +"content files." msgstr "" - #: booleans.py:36 --msgid "Allow exim to connect to databases (postgres, mysql)" +-#: ../sepolicy/sepolicy/generate.py:173 +-msgid "Internet Services Daemon" ++#: booleans.py:36 +msgid "Determine whether exim can read generic user content files." msgstr "" - #: booleans.py:37 --msgid "Allow exim to create, read, write, and delete unprivileged user files." +-#: ../sepolicy/sepolicy/generate.py:177 +-msgid "Existing Domain Type" ++#: booleans.py:37 +msgid "Enable extra rules in the cron domain to support fcron." msgstr "" - #: booleans.py:38 --msgid "Allow exim to read unprivileged user files." +-#: ../sepolicy/sepolicy/generate.py:178 +-msgid "Minimal Terminal Login User Role" ++#: booleans.py:38 +msgid "Determine whether fenced can connect to the TCP network." msgstr "" - #: booleans.py:39 --msgid "Enable extra rules in the cron domain to support fcron." +-#: ../sepolicy/sepolicy/generate.py:179 +-msgid "Minimal X Windows Login User Role" ++#: booleans.py:39 +msgid "Determine whether fenced can use ssh." msgstr "" - #: booleans.py:40 --msgid "Allow fenced domain to connect to the network using TCP." +-#: ../sepolicy/sepolicy/generate.py:180 +-msgid "Desktop Login User Role" ++#: booleans.py:40 +msgid "Allow all domains to execute in fips_mode" msgstr "" - #: booleans.py:41 --msgid "Allow fenced domain to execute ssh." +-#: ../sepolicy/sepolicy/generate.py:181 +-msgid "Administrator Login User Role" ++#: booleans.py:41 +msgid "" +"Determine whether ftpd can read and write files in user home directories." msgstr "" - #: booleans.py:42 --msgid "Allow all domains to execute in fips_mode" +-#: ../sepolicy/sepolicy/generate.py:182 +-msgid "Confined Root Administrator Role" ++#: booleans.py:42 +msgid "" +"Determine whether ftpd can modify public files used for public file transfer " +"services. Directories/Files must be labeled public_content_rw_t." msgstr "" - #: booleans.py:43 --msgid "Allow ftp to read and write files in the user home directories" +-#: ../sepolicy/sepolicy/generate.py:187 +-msgid "Valid Types:\n" ++#: booleans.py:43 +msgid "Determine whether ftpd can connect to all unreserved ports." msgstr "" - #: booleans.py:44 --msgid "" --"Allow ftp servers to upload files, used for public file transfer services. " --"Directories must be labeled public_content_rw_t." +-#: ../sepolicy/sepolicy/generate.py:221 +-#, python-format +-msgid "Ports must be numbers or ranges of numbers from 1 to %d " ++#: booleans.py:44 +msgid "Determine whether ftpd can connect to databases over the TCP network." msgstr "" - #: booleans.py:45 --msgid "Allow ftp servers to connect to all ports > 1023" +-#: ../sepolicy/sepolicy/generate.py:231 +-msgid "You must enter a valid policy type" ++#: booleans.py:45 +msgid "" +"Determine whether ftpd can login to local users and can read and write all " +"files on the system, governed by DAC." msgstr "" - #: booleans.py:46 --msgid "Allow ftp servers to connect to mysql database ports" +-#: ../sepolicy/sepolicy/generate.py:234 +-#, python-format +-msgid "You must enter a name for your policy module for your %s." ++#: booleans.py:46 +msgid "" +"Determine whether ftpd can use CIFS used for public file transfer services." msgstr "" +-#: ../sepolicy/sepolicy/generate.py:355 +-msgid "" +-"Name must be alpha numberic with no spaces. Consider using option \"-n " +-"MODULENAME\"" ++#: booleans.py:47 booleans.py:170 ++msgid "Allow samba to export ntfs/fusefs volumes." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:447 +-msgid "User Role types can not be assigned executables." ++#: booleans.py:48 ++msgid "" ++"Determine whether ftpd can use NFS used for public file transfer services." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:453 +-msgid "Only Daemon apps can use an init script.." ++#: booleans.py:49 ++msgid "" ++"Determine whether ftpd can bind to all unreserved ports for passive mode." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:471 +-msgid "use_resolve must be a boolean value " ++#: booleans.py:50 ++msgid "Determine whether Git CGI can search home directories." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:477 +-msgid "use_syslog must be a boolean value " ++#: booleans.py:51 ++msgid "Determine whether Git CGI can access cifs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:483 +-msgid "use_kerberos must be a boolean value " ++#: booleans.py:52 ++msgid "Determine whether Git CGI can access nfs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:489 +-msgid "manage_krb5_rcache must be a boolean value " ++#: booleans.py:53 ++msgid "" ++"Determine whether Git session daemon can bind TCP sockets to all unreserved " ++"ports." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:519 +-msgid "USER Types automatically get a tmp type" ++#: booleans.py:54 ++msgid "" ++"Determine whether calling user domains can execute Git daemon in the " ++"git_session_t domain." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:857 +-#, python-format +-msgid "%s policy modules require existing domains" ++#: booleans.py:55 ++msgid "Determine whether Git system daemon can search home directories." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1059 +-msgid "You must enter the executable path for your confined process" ++#: booleans.py:56 ++msgid "Determine whether Git system daemon can access cifs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1321 +-msgid "Type Enforcement file" ++#: booleans.py:57 ++msgid "Determine whether Git system daemon can access nfs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1322 +-msgid "Interface file" ++#: booleans.py:58 ++msgid "Determine whether Gitosis can send mail." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1323 +-msgid "File Contexts file" ++#: booleans.py:59 ++msgid "Enable reading of urandom for all domains." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1324 +-msgid "Spec file" ++#: booleans.py:60 ++msgid "" ++"Allow glusterfsd to modify public files used for public file transfer " ++"services. Files/Directories must be labeled public_content_rw_t." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1325 +-msgid "Setup Script" ++#: booleans.py:61 ++msgid "Allow glusterfsd to share any file/directory read only." + msgstr "" + +-#: booleans.py:1 +-msgid "" +-"Allow ABRT to modify public files used for public file transfer services." ++#: booleans.py:62 ++msgid "Allow glusterfsd to share any file/directory read/write." + msgstr "" + +-#: booleans.py:2 ++#: booleans.py:63 + msgid "" +-"Allow ABRT to run in abrt_handle_event_t domain to handle ABRT event scripts" ++"Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" ++"agent to manage user files." + msgstr "" + +-#: booleans.py:3 +-msgid "Allow amavis to use JIT compiler" ++#: booleans.py:64 ++msgid "" ++"Allow gpg web domain to modify public files used for public file transfer " ++"services." + msgstr "" + +-#: booleans.py:4 +-msgid "Allow antivirus programs to read non security files on a system" ++#: booleans.py:65 ++msgid "Allow gssd to read temp directory. For access to kerberos tgt." + msgstr "" + +-#: booleans.py:5 +-msgid "Allow auditadm to exec content" ++#: booleans.py:66 ++msgid "Allow guest to exec content" + msgstr "" + +-#: booleans.py:6 ++#: booleans.py:67 ++msgid "" ++"Allow Apache to modify public files used for public file transfer services. " ++"Directories/Files must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:68 ++msgid "Allow httpd to use built in scripting (usually php)" ++msgstr "" ++ ++#: booleans.py:69 ++msgid "Allow http daemon to check spam" ++msgstr "" ++ ++#: booleans.py:70 ++msgid "" ++"Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " ++"ports" ++msgstr "" ++ ++#: booleans.py:71 ++msgid "Allow httpd to connect to the ldap port" ++msgstr "" ++ ++#: booleans.py:72 ++msgid "Allow http daemon to connect to mythtv" ++msgstr "" ++ ++#: booleans.py:73 ++msgid "Allow http daemon to connect to zabbix" ++msgstr "" ++ ++#: booleans.py:74 ++msgid "Allow HTTPD scripts and modules to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:75 ++msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." ++msgstr "" ++ ++#: booleans.py:76 ++msgid "" ++"Allow HTTPD scripts and modules to connect to databases over the network." ++msgstr "" ++ ++#: booleans.py:77 ++msgid "Allow httpd to connect to memcache server" ++msgstr "" ++ ++#: booleans.py:78 ++msgid "Allow httpd to act as a relay" ++msgstr "" ++ ++#: booleans.py:79 ++msgid "Allow http daemon to send mail" ++msgstr "" ++ ++#: booleans.py:80 ++msgid "Allow Apache to communicate with avahi service via dbus" ++msgstr "" ++ ++#: booleans.py:81 ++msgid "Allow httpd cgi support" ++msgstr "" ++ ++#: booleans.py:82 ++msgid "Allow httpd to act as a FTP server by listening on the ftp port." ++msgstr "" ++ ++#: booleans.py:83 ++msgid "Allow httpd to read home directories" ++msgstr "" ++ ++#: booleans.py:84 ++msgid "Allow httpd scripts and modules execmem/execstack" ++msgstr "" ++ ++#: booleans.py:85 ++msgid "Allow HTTPD to connect to port 80 for graceful shutdown" ++msgstr "" ++ ++#: booleans.py:86 ++msgid "Allow httpd processes to manage IPA content" ++msgstr "" ++ ++#: booleans.py:87 ++msgid "Allow Apache to use mod_auth_ntlm_winbind" ++msgstr "" ++ ++#: booleans.py:88 ++msgid "Allow Apache to use mod_auth_pam" ++msgstr "" ++ ++#: booleans.py:89 ++msgid "Allow httpd to read user content" ++msgstr "" ++ ++#: booleans.py:90 ++msgid "Allow Apache to run in stickshift mode, not transition to passenger" ++msgstr "" ++ ++#: booleans.py:91 ++msgid "Allow HTTPD scripts and modules to server cobbler files." ++msgstr "" ++ ++#: booleans.py:92 ++msgid "Allow httpd daemon to change its resource limits" ++msgstr "" ++ ++#: booleans.py:93 ++msgid "" ++"Allow HTTPD to run SSI executables in the same domain as system CGI scripts." ++msgstr "" ++ ++#: booleans.py:94 ++msgid "" ++"Allow apache scripts to write to public content, directories/files must be " ++"labeled public_rw_content_t." ++msgstr "" ++ ++#: booleans.py:95 ++msgid "Allow Apache to execute tmp content." ++msgstr "" ++ ++#: booleans.py:96 ++msgid "" ++"Unify HTTPD to communicate with the terminal. Needed for entering the " ++"passphrase for certificates at the terminal." ++msgstr "" ++ ++#: booleans.py:97 ++msgid "Unify HTTPD handling of all content files." ++msgstr "" ++ ++#: booleans.py:98 ++msgid "Allow httpd to access cifs file systems" ++msgstr "" ++ ++#: booleans.py:99 ++msgid "Allow httpd to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:100 ++msgid "Allow httpd to run gpg" ++msgstr "" ++ ++#: booleans.py:101 ++msgid "Allow httpd to access nfs file systems" ++msgstr "" ++ ++#: booleans.py:102 ++msgid "Allow httpd to access openstack ports" ++msgstr "" ++ ++#: booleans.py:103 ++msgid "Allow httpd to connect to sasl" ++msgstr "" ++ ++#: booleans.py:104 ++msgid "Allow Apache to query NS records" ++msgstr "" ++ ++#: booleans.py:105 ++msgid "Determine whether icecast can listen on and connect to any TCP port." ++msgstr "" ++ ++#: booleans.py:106 ++msgid "" ++"Determine whether irc clients can listen on and connect to any unreserved " ++"TCP ports." ++msgstr "" ++ ++#: booleans.py:107 ++msgid "" ++"Allow the Irssi IRC Client to connect to any port, and to bind to any " ++"unreserved port." ++msgstr "" ++ ++#: booleans.py:108 ++msgid "Allow confined applications to run with kerberos." ++msgstr "" ++ ++#: booleans.py:109 ++msgid "Allow ksmtuned to use cifs/Samba file systems" ++msgstr "" ++ ++#: booleans.py:110 ++msgid "Allow ksmtuned to use nfs file systems" ++msgstr "" ++ ++#: booleans.py:111 ++msgid "Allow syslogd daemon to send mail" ++msgstr "" ++ ++#: booleans.py:112 ++msgid "Allow syslogd the ability to read/write terminals" ++msgstr "" ++ ++#: booleans.py:113 ++msgid "Allow logging in and using the system from /dev/console." ++msgstr "" ++ ++#: booleans.py:114 ++msgid "Allow mailman to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:115 ++msgid "Determine whether mcelog supports client mode." ++msgstr "" ++ ++#: booleans.py:116 ++msgid "Determine whether mcelog can execute scripts." ++msgstr "" ++ ++#: booleans.py:117 ++msgid "Determine whether mcelog can use all the user ttys." ++msgstr "" ++ ++#: booleans.py:118 ++msgid "Determine whether mcelog supports server mode." ++msgstr "" ++ ++#: booleans.py:119 ++msgid "" ++"Control the ability to mmap a low area of the address space, as configured " ++"by /proc/sys/kernel/mmap_min_addr." ++msgstr "" ++ ++#: booleans.py:120 ++msgid "Allow mock to read files in home directories." ++msgstr "" ++ ++#: booleans.py:121 ++msgid "Allow the mount commands to mount any directory or file." ++msgstr "" ++ ++#: booleans.py:122 ++msgid "Allow mozilla plugin domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:123 ++msgid "Allow mozilla plugin to support GPS." ++msgstr "" ++ ++#: booleans.py:124 ++msgid "Allow mozilla plugin to support spice protocols." ++msgstr "" ++ ++#: booleans.py:125 ++msgid "Allow confined web browsers to read home directory content" ++msgstr "" ++ ++#: booleans.py:126 ++msgid "Determine whether mpd can traverse user home directories." ++msgstr "" ++ ++#: booleans.py:127 ++msgid "Determine whether mpd can use cifs file systems." ++msgstr "" ++ ++#: booleans.py:128 ++msgid "Determine whether mpd can use nfs file systems." ++msgstr "" ++ ++#: booleans.py:129 ++msgid "Determine whether mplayer can make its stack executable." ++msgstr "" ++ ++#: booleans.py:130 ++msgid "Allow mysqld to connect to all ports" ++msgstr "" ++ ++#: booleans.py:131 ++msgid "Determine whether Bind can bind tcp socket to http ports." ++msgstr "" ++ ++#: booleans.py:132 ++msgid "" ++"Determine whether Bind can write to master zone files. Generally this is " ++"used for dynamic DNS or zone transfers." ++msgstr "" ++ ++#: booleans.py:133 ++msgid "Allow any files/directories to be exported read/only via NFS." ++msgstr "" ++ ++#: booleans.py:134 ++msgid "Allow any files/directories to be exported read/write via NFS." ++msgstr "" ++ ++#: booleans.py:135 ++msgid "" ++"Allow nfs servers to modify public files used for public file transfer " ++"services. Files/Directories must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:136 ++msgid "Allow system to run with NIS" ++msgstr "" ++ ++#: booleans.py:137 ++msgid "Allow confined applications to use nscd shared memory." ++msgstr "" ++ ++#: booleans.py:138 ++msgid "Allow openshift to lockdown app" ++msgstr "" ++ ++#: booleans.py:139 ++msgid "Determine whether openvpn can read generic user home content files." ++msgstr "" ++ ++#: booleans.py:140 ++msgid "Allow piranha-lvs domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:141 ++msgid "Allow polipo to connect to all ports > 1023" ++msgstr "" ++ ++#: booleans.py:142 ++msgid "" ++"Determine whether Polipo session daemon can bind tcp sockets to all " ++"unreserved ports." ++msgstr "" ++ ++#: booleans.py:143 ++msgid "" ++"Determine whether calling user domains can execute Polipo daemon in the " ++"polipo_session_t domain." ++msgstr "" ++ ++#: booleans.py:144 ++msgid "Determine whether polipo can access cifs file systems." ++msgstr "" ++ ++#: booleans.py:145 ++msgid "Determine whether Polipo can access nfs file systems." ++msgstr "" ++ ++#: booleans.py:146 ++msgid "Enable polyinstantiated directory support." ++msgstr "" ++ ++#: booleans.py:147 ++msgid "Allow postfix_local domain full write access to mail_spool directories" ++msgstr "" ++ ++#: booleans.py:148 ++msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" ++msgstr "" ++ ++#: booleans.py:149 ++msgid "Allow transmit client label to foreign database" ++msgstr "" ++ ++#: booleans.py:150 ++msgid "Allow database admins to execute DML statement" ++msgstr "" ++ ++#: booleans.py:151 ++msgid "Allow unprivileged users to execute DDL statement" ++msgstr "" ++ ++#: booleans.py:152 ++msgid "Allow pppd to load kernel modules for certain modems" ++msgstr "" ++ ++#: booleans.py:153 ++msgid "Allow pppd to be run for a regular user" ++msgstr "" ++ ++#: booleans.py:154 ++msgid "Determine whether privoxy can connect to all tcp ports." ++msgstr "" ++ ++#: booleans.py:155 ++msgid "" ++"Permit to prosody to bind apache port. Need to be activated to use BOSH." ++msgstr "" ++ ++#: booleans.py:156 ++msgid "Allow Puppet client to manage all file types." ++msgstr "" ++ ++#: booleans.py:157 ++msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" ++msgstr "" ++ ++#: booleans.py:158 ++msgid "Allow racoon to read shadow" ++msgstr "" ++ ++#: booleans.py:159 ++msgid "" ++"Allow rsync to modify public files used for public file transfer services. " ++"Files/Directories must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:160 ++msgid "Allow rsync to run as a client" ++msgstr "" ++ ++#: booleans.py:161 ++msgid "Allow rsync to export any files/directories read only." ++msgstr "" ++ ++#: booleans.py:162 ++msgid "Allow rsync server to manage all files/directories on the system." ++msgstr "" ++ ++#: booleans.py:163 ++msgid "Allow samba to create new home directories (e.g. via PAM)" ++msgstr "" ++ ++#: booleans.py:164 ++msgid "" ++"Allow samba to act as the domain controller, add users, groups and change " ++"passwords." ++msgstr "" ++ ++#: booleans.py:165 ++msgid "Allow samba to share users home directories." ++msgstr "" ++ ++#: booleans.py:166 ++msgid "Allow samba to share any file/directory read only." ++msgstr "" ++ ++#: booleans.py:167 ++msgid "Allow samba to share any file/directory read/write." ++msgstr "" ++ ++#: booleans.py:168 ++msgid "Allow samba to act as a portmapper" ++msgstr "" ++ ++#: booleans.py:169 ++msgid "Allow samba to run unconfined scripts" ++msgstr "" ++ ++#: booleans.py:171 ++msgid "Allow samba to export NFS volumes." ++msgstr "" ++ ++#: booleans.py:172 ++msgid "Allow sanlock to read/write fuse files" ++msgstr "" ++ ++#: booleans.py:173 ++msgid "Allow sanlock to manage nfs files" ++msgstr "" ++ ++#: booleans.py:174 ++msgid "Allow sanlock to manage cifs files" ++msgstr "" ++ ++#: booleans.py:175 ++msgid "Allow sasl to read shadow" ++msgstr "" ++ ++#: booleans.py:176 ++msgid "Allow secadm to exec content" ++msgstr "" ++ ++#: booleans.py:177 + msgid "" +-"Allow users to resolve user passwd entries directly from ldap rather then " +-"using a sssd server" ++"disallow programs, such as newrole, from transitioning to administrative " ++"user domains." + msgstr "" + +-#: booleans.py:7 +-msgid "Allow users to login using a radius server" ++#: booleans.py:178 ++msgid "Disable kernel module loading." + msgstr "" + +-#: booleans.py:8 +-msgid "Allow users to login using a yubikey server" ++#: booleans.py:179 ++msgid "" ++"Boolean to determine whether the system permits loading policy, setting " ++"enforcing mode, and changing boolean values. Set this to true and you have " ++"to reboot to set it back." + msgstr "" + +-#: booleans.py:9 +-msgid "Allow awstats to purge Apache logs" ++#: booleans.py:180 ++msgid "Allow regular users direct dri device access" + msgstr "" + +-#: booleans.py:10 ++#: booleans.py:181 + msgid "" +-"Allow cdrecord to read various content. nfs, samba, removable devices, user " +-"temp and untrusted content files" ++"Allow unconfined executables to make their heap memory executable. Doing " ++"this is a really bad idea. Probably indicates a badly coded executable, but " ++"could indicate an attack. This executable should be reported in bugzilla" + msgstr "" + +-#: booleans.py:11 +-msgid "Allow clamd to use JIT compiler" ++#: booleans.py:182 ++msgid "" ++"Allow all unconfined executables to use libraries requiring text relocation " ++"that are not labeled textrel_shlib_t" + msgstr "" + +-#: booleans.py:12 +-msgid "Allow clamscan to non security files on a system" ++#: booleans.py:183 ++msgid "" ++"Allow unconfined executables to make their stack executable. This should " ++"never, ever be necessary. Probably indicates a badly coded executable, but " ++"could indicate an attack. This executable should be reported in bugzilla" + msgstr "" + +-#: booleans.py:13 +-msgid "Allow clamscan to read user content" ++#: booleans.py:184 ++msgid "Allow users to connect to the local mysql server" + msgstr "" + +-#: booleans.py:14 ++#: booleans.py:185 + msgid "" +-"Allow Cobbler to modify public files used for public file transfer services." ++"Allow confined users the ability to execute the ping and traceroute commands." + msgstr "" + +-#: booleans.py:15 +-msgid "Allow Cobbler to connect to the network using TCP." ++#: booleans.py:186 ++msgid "Allow users to connect to PostgreSQL" + msgstr "" + +-#: booleans.py:16 +-msgid "Allow Cobbler to access cifs file systems." ++#: booleans.py:187 ++msgid "" ++"Allow user to r/w files on filesystems that do not have extended attributes " ++"(FAT, CDROM, FLOPPY)" + msgstr "" + +-#: booleans.py:17 +-msgid "Allow Cobbler to access nfs file systems." ++#: booleans.py:188 ++msgid "Allow user music sharing" + msgstr "" + +-#: booleans.py:18 +-msgid "Allow collectd to connect to the network using TCP." ++#: booleans.py:189 ++msgid "" ++"Allow users to run TCP servers (bind to ports and accept connection from the " ++"same domain and outside users) disabling this forces FTP passive mode and " ++"may change other protocols." + msgstr "" + +-#: booleans.py:19 +-msgid "Allow codnor domain to connect to the network using TCP." ++#: booleans.py:190 ++msgid "Allow user to use ssh chroot environment." + msgstr "" + +-#: booleans.py:20 ++#: booleans.py:191 + msgid "" +-"Allow system cron jobs to relabel filesystem for restoring file contexts." ++"Determine whether sftpd can modify public files used for public file " ++"transfer services. Directories/Files must be labeled public_content_rw_t." + msgstr "" + +-#: booleans.py:21 +-msgid "Allow cvs daemon to read shadow" ++#: booleans.py:192 ++msgid "" ++"Determine whether sftpd-can read and write files in user home directories." + msgstr "" + +-#: booleans.py:22 +-msgid "Allow all daemons to write corefiles to /" ++#: booleans.py:193 ++msgid "" ++"Determine whether sftpd-can login to local users and read and write all " ++"files on the system, governed by DAC." + msgstr "" + +-#: booleans.py:23 +-msgid "Allow all daemons to use tcp wrappers." ++#: booleans.py:194 ++msgid "" ++"Determine whether sftpd can read and write files in user ssh home " ++"directories." + msgstr "" + +-#: booleans.py:24 +-msgid "Allow all daemons the ability to read/write terminals" ++#: booleans.py:195 ++msgid "Allow sge to connect to the network using any TCP port" + msgstr "" + +-#: booleans.py:25 +-msgid "Allow dan to manage user files" ++#: booleans.py:196 ++msgid "Allow sge to access nfs file systems." + msgstr "" + +-#: booleans.py:26 +-msgid "Allow dan to read user files" ++#: booleans.py:197 ++msgid "Determine whether smartmon can support devices on 3ware controllers." + msgstr "" + +-#: booleans.py:27 +-msgid "Allow dbadm to manage files in users home directories" ++#: booleans.py:198 ++msgid "" ++"Allow samba to modify public files used for public file transfer services. " ++"Files/Directories must be labeled public_content_rw_t." + msgstr "" + +-#: booleans.py:28 +-msgid "Allow dbadm to read files in users home directories" ++#: booleans.py:199 ++msgid "Allow user spamassassin clients to use the network." + msgstr "" + +-#: booleans.py:29 ++#: booleans.py:200 ++msgid "Allow spamd to read/write user home directories." ++msgstr "" ++ ++#: booleans.py:201 ++msgid "Determine whether squid can connect to all TCP ports." ++msgstr "" ++ ++#: booleans.py:202 ++msgid "Determine whether squid can run as a transparent proxy." ++msgstr "" ++ ++#: booleans.py:203 + msgid "" +-"Deny user domains applications to map a memory region as both executable and " +-"writable, this is dangerous and the executable should be reported in bugzilla" ++"Allow ssh with chroot env to read and write files in the user home " ++"directories" + msgstr "" + +-#: booleans.py:30 +-msgid "Allow sysadm to debug or ptrace all processes." ++#: booleans.py:204 ++msgid "allow host key based authentication" + msgstr "" + +-#: booleans.py:31 +-msgid "Allow dhcpc client applications to execute iptables commands" ++#: booleans.py:205 ++msgid "Allow ssh logins as sysadm_r:sysadm_t" + msgstr "" + +-#: booleans.py:32 +-msgid "Allow DHCP daemon to use LDAP backends" ++#: booleans.py:206 ++msgid "Allow staff to exec content" + msgstr "" + +-#: booleans.py:33 +-msgid "Allow all domains to use other domains file descriptors" ++#: booleans.py:207 ++msgid "allow staff user to create and transition to svirt domains." + msgstr "" + +-#: booleans.py:34 +-msgid "Allow all domains to have the kernel load modules" ++#: booleans.py:208 ++msgid "Allow sysadm to exec content" + msgstr "" + +-#: booleans.py:35 +-msgid "Allow the use of the audio devices as the source for the entropy feeds" ++#: booleans.py:209 ++msgid "Allow the Telepathy connection managers to connect to any network port." + msgstr "" + +-#: booleans.py:36 +-msgid "Allow exim to connect to databases (postgres, mysql)" ++#: booleans.py:210 ++msgid "" ++"Allow the Telepathy connection managers to connect to any generic TCP port." + msgstr "" + +-#: booleans.py:37 +-msgid "Allow exim to create, read, write, and delete unprivileged user files." ++#: booleans.py:211 ++msgid "Allow testpolicy to exec content" + msgstr "" + +-#: booleans.py:38 +-msgid "Allow exim to read unprivileged user files." ++#: booleans.py:212 ++msgid "" ++"Allow tftp to modify public files used for public file transfer services." + msgstr "" + +-#: booleans.py:39 +-msgid "Enable extra rules in the cron domain to support fcron." ++#: booleans.py:213 ++msgid "Allow tftp to read and write files in the user home directories" + msgstr "" + +-#: booleans.py:40 +-msgid "Allow fenced domain to connect to the network using TCP." ++#: booleans.py:214 ++msgid "Determine whether tor can bind tcp sockets to all unreserved ports." + msgstr "" + +-#: booleans.py:41 +-msgid "Allow fenced domain to execute ssh." ++#: booleans.py:215 ++msgid "Allow tor to act as a relay" + msgstr "" + +-#: booleans.py:42 +-msgid "Allow all domains to execute in fips_mode" ++#: booleans.py:216 ++msgid "" ++"allow unconfined users to transition to the chrome sandbox domains when " ++"running chrome-sandbox" + msgstr "" + +-#: booleans.py:43 +-msgid "Allow ftp to read and write files in the user home directories" ++#: booleans.py:217 ++msgid "Allow a user to login as an unconfined domain" + msgstr "" + +-#: booleans.py:44 ++#: booleans.py:218 + msgid "" +-"Allow ftp servers to upload files, used for public file transfer services. " +-"Directories must be labeled public_content_rw_t." ++"Allow unconfined users to transition to the Mozilla plugin domain when " ++"running xulrunner plugin-container." + msgstr "" + +-#: booleans.py:45 +-msgid "Allow ftp servers to connect to all ports > 1023" ++#: booleans.py:219 ++msgid "Allow unprivledged user to create and transition to svirt domains." + msgstr "" + +-#: booleans.py:46 +-msgid "Allow ftp servers to connect to mysql database ports" ++#: booleans.py:220 ++msgid "Support ecryptfs home directories" + msgstr "" + -#: booleans.py:47 -msgid "" -"Allow ftp servers to login to local users and read/write all files on the " -"system, governed by DAC." -+#: booleans.py:47 booleans.py:166 -+msgid "Allow samba to export ntfs/fusefs volumes." ++#: booleans.py:221 ++msgid "Support fusefs home directories" msgstr "" - #: booleans.py:48 +-#: booleans.py:48 -msgid "Allow ftp servers to use cifs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can use NFS used for public file transfer services." - msgstr "" - - #: booleans.py:49 --msgid "Allow ftp servers to use nfs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can bind to all unreserved ports for passive mode." - msgstr "" - - #: booleans.py:50 --msgid "Allow ftp servers to use bind to all unreserved ports for passive mode" --msgstr "" -- --#: booleans.py:51 - msgid "Determine whether Git CGI can search home directories." - msgstr "" - --#: booleans.py:52 -+#: booleans.py:51 - msgid "Determine whether Git CGI can access cifs file systems." - msgstr "" - --#: booleans.py:53 -+#: booleans.py:52 - msgid "Determine whether Git CGI can access nfs file systems." - msgstr "" - --#: booleans.py:54 -+#: booleans.py:53 - msgid "" - "Determine whether Git session daemon can bind TCP sockets to all unreserved " - "ports." - msgstr "" - --#: booleans.py:55 -+#: booleans.py:54 - msgid "" - "Determine whether calling user domains can execute Git daemon in the " - "git_session_t domain." - msgstr "" - --#: booleans.py:56 -+#: booleans.py:55 - msgid "Determine whether Git system daemon can search home directories." - msgstr "" - --#: booleans.py:57 -+#: booleans.py:56 - msgid "Determine whether Git system daemon can access cifs file systems." - msgstr "" - --#: booleans.py:58 -+#: booleans.py:57 - msgid "Determine whether Git system daemon can access nfs file systems." - msgstr "" - -+#: booleans.py:58 -+msgid "Determine whether Gitosis can send mail." -+msgstr "" -+ - #: booleans.py:59 --msgid "Allow gitisis daemon to send mail" -+msgid "Enable reading of urandom for all domains." - msgstr "" - - #: booleans.py:60 --msgid "Enable reading of urandom for all domains." -+msgid "" -+"Allow glusterfsd to modify public files used for public file transfer " -+"services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - - #: booleans.py:61 -+msgid "Allow glusterfsd to share any file/directory read only." -+msgstr "" -+ -+#: booleans.py:62 -+msgid "Allow glusterfsd to share any file/directory read/write." -+msgstr "" -+ -+#: booleans.py:63 - msgid "" - "Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" - "agent to manage user files." - msgstr "" - --#: booleans.py:62 -+#: booleans.py:64 - msgid "" - "Allow gpg web domain to modify public files used for public file transfer " - "services." - msgstr "" - --#: booleans.py:63 -+#: booleans.py:65 - msgid "Allow gssd to read temp directory. For access to kerberos tgt." - msgstr "" - --#: booleans.py:64 -+#: booleans.py:66 - msgid "Allow guest to exec content" - msgstr "" - --#: booleans.py:65 -+#: booleans.py:67 - msgid "" - "Allow Apache to modify public files used for public file transfer services. " - "Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:66 -+#: booleans.py:68 - msgid "Allow httpd to use built in scripting (usually php)" - msgstr "" - --#: booleans.py:67 -+#: booleans.py:69 - msgid "Allow http daemon to check spam" - msgstr "" - --#: booleans.py:68 -+#: booleans.py:70 - msgid "" - "Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " - "ports" - msgstr "" - --#: booleans.py:69 -+#: booleans.py:71 - msgid "Allow httpd to connect to the ldap port" - msgstr "" - --#: booleans.py:70 -+#: booleans.py:72 - msgid "Allow http daemon to connect to zabbix" - msgstr "" - --#: booleans.py:71 -+#: booleans.py:73 - msgid "Allow HTTPD scripts and modules to connect to the network using TCP." - msgstr "" - --#: booleans.py:72 -+#: booleans.py:74 - msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." - msgstr "" - --#: booleans.py:73 -+#: booleans.py:75 - msgid "" - "Allow HTTPD scripts and modules to connect to databases over the network." - msgstr "" - --#: booleans.py:74 -+#: booleans.py:76 - msgid "Allow httpd to connect to memcache server" - msgstr "" - --#: booleans.py:75 -+#: booleans.py:77 - msgid "Allow httpd to act as a relay" - msgstr "" - --#: booleans.py:76 -+#: booleans.py:78 - msgid "Allow http daemon to send mail" - msgstr "" - --#: booleans.py:77 -+#: booleans.py:79 - msgid "Allow Apache to communicate with avahi service via dbus" - msgstr "" - --#: booleans.py:78 -+#: booleans.py:80 - msgid "Allow httpd cgi support" - msgstr "" - --#: booleans.py:79 -+#: booleans.py:81 - msgid "Allow httpd to act as a FTP server by listening on the ftp port." - msgstr "" - --#: booleans.py:80 -+#: booleans.py:82 - msgid "Allow httpd to read home directories" - msgstr "" - --#: booleans.py:81 -+#: booleans.py:83 - msgid "Allow httpd scripts and modules execmem/execstack" - msgstr "" - --#: booleans.py:82 -+#: booleans.py:84 - msgid "Allow HTTPD to connect to port 80 for graceful shutdown" - msgstr "" - --#: booleans.py:83 -+#: booleans.py:85 - msgid "Allow httpd processes to manage IPA content" - msgstr "" - --#: booleans.py:84 -+#: booleans.py:86 - msgid "Allow Apache to use mod_auth_ntlm_winbind" - msgstr "" - --#: booleans.py:85 -+#: booleans.py:87 - msgid "Allow Apache to use mod_auth_pam" - msgstr "" - --#: booleans.py:86 -+#: booleans.py:88 - msgid "Allow httpd to read user content" - msgstr "" - --#: booleans.py:87 -+#: booleans.py:89 - msgid "Allow Apache to run in stickshift mode, not transition to passenger" - msgstr "" - --#: booleans.py:88 -+#: booleans.py:90 -+msgid "Allow HTTPD scripts and modules to server cobbler files." -+msgstr "" -+ -+#: booleans.py:91 - msgid "Allow httpd daemon to change its resource limits" - msgstr "" - --#: booleans.py:89 -+#: booleans.py:92 - msgid "" - "Allow HTTPD to run SSI executables in the same domain as system CGI scripts." - msgstr "" - --#: booleans.py:90 -+#: booleans.py:93 - msgid "" - "Allow apache scripts to write to public content, directories/files must be " - "labeled public_rw_content_t." - msgstr "" - --#: booleans.py:91 -+#: booleans.py:94 - msgid "Allow Apache to execute tmp content." - msgstr "" - --#: booleans.py:92 -+#: booleans.py:95 - msgid "" - "Unify HTTPD to communicate with the terminal. Needed for entering the " - "passphrase for certificates at the terminal." - msgstr "" - --#: booleans.py:93 -+#: booleans.py:96 - msgid "Unify HTTPD handling of all content files." - msgstr "" - --#: booleans.py:94 -+#: booleans.py:97 - msgid "Allow httpd to access cifs file systems" - msgstr "" - --#: booleans.py:95 -+#: booleans.py:98 - msgid "Allow httpd to access FUSE file systems" - msgstr "" - --#: booleans.py:96 -+#: booleans.py:99 - msgid "Allow httpd to run gpg" - msgstr "" - --#: booleans.py:97 -+#: booleans.py:100 - msgid "Allow httpd to access nfs file systems" - msgstr "" - --#: booleans.py:98 -+#: booleans.py:101 - msgid "Allow httpd to communicate with oddjob to start up a service" - msgstr "" - --#: booleans.py:99 -+#: booleans.py:102 - msgid "Allow httpd to access openstack ports" - msgstr "" - --#: booleans.py:100 -+#: booleans.py:103 - msgid "Allow Apache to query NS records" - msgstr "" - --#: booleans.py:101 --msgid "Allow icecast to connect to all ports, not just sound ports." -+#: booleans.py:104 -+msgid "Determine whether icecast can listen on and connect to any TCP port." - msgstr "" - --#: booleans.py:102 -+#: booleans.py:105 -+msgid "" -+"Determine whether irc clients can listen on and connect to any unreserved " -+"TCP ports." -+msgstr "" -+ -+#: booleans.py:106 - msgid "" - "Allow the Irssi IRC Client to connect to any port, and to bind to any " - "unreserved port." - msgstr "" - --#: booleans.py:103 -+#: booleans.py:107 - msgid "Allow confined applications to run with kerberos." - msgstr "" - --#: booleans.py:104 --msgid "Allow syslogd daemon to send mail" -+#: booleans.py:108 -+msgid "Allow ksmtuned to use cifs/Samba file systems" - msgstr "" - --#: booleans.py:105 --msgid "Allow syslogd the ability to read/write terminals" -+#: booleans.py:109 -+msgid "Allow ksmtuned to use nfs file systems" - msgstr "" - --#: booleans.py:106 -+#: booleans.py:110 -+msgid "Allow syslogd daemon to send mail" -+msgstr "" -+ -+#: booleans.py:111 -+msgid "Allow syslogd the ability to read/write terminals" -+msgstr "" -+ -+#: booleans.py:112 - msgid "Allow logging in and using the system from /dev/console." - msgstr "" - --#: booleans.py:107 -+#: booleans.py:113 -+msgid "Allow mailman to access FUSE file systems" -+msgstr "" -+ -+#: booleans.py:114 -+msgid "Determine whether mcelog supports client mode." -+msgstr "" -+ -+#: booleans.py:115 -+msgid "Determine whether mcelog can execute scripts." -+msgstr "" -+ -+#: booleans.py:116 -+msgid "Determine whether mcelog can use all the user ttys." -+msgstr "" -+ -+#: booleans.py:117 -+msgid "Determine whether mcelog supports server mode." -+msgstr "" -+ -+#: booleans.py:118 - msgid "" - "Control the ability to mmap a low area of the address space, as configured " - "by /proc/sys/kernel/mmap_min_addr." - msgstr "" - --#: booleans.py:108 -+#: booleans.py:119 - msgid "Allow mock to read files in home directories." - msgstr "" - --#: booleans.py:109 -+#: booleans.py:120 - msgid "Allow the mount command to mount any directory or file." - msgstr "" - --#: booleans.py:110 -+#: booleans.py:121 - msgid "Allow mozilla plugin domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:111 --msgid "" --"Allow mozilla_plugins to create random content in the users home directory" -+#: booleans.py:122 -+msgid "Allow confined web browsers to read home directory content" - msgstr "" - --#: booleans.py:112 --msgid "Allow confined web browsers to read home directory content" -+#: booleans.py:123 -+msgid "Determine whether mpd can traverse user home directories." - msgstr "" - --#: booleans.py:113 --msgid "Allow mplayer executable stack" -+#: booleans.py:124 -+msgid "Determine whether mpd can use cifs file systems." - msgstr "" - --#: booleans.py:114 -+#: booleans.py:125 -+msgid "Determine whether mpd can use nfs file systems." -+msgstr "" -+ -+#: booleans.py:126 -+msgid "Determine whether mplayer can make its stack executable." -+msgstr "" -+ -+#: booleans.py:127 - msgid "Allow mysqld to connect to all ports" - msgstr "" - --#: booleans.py:115 --msgid "Allow BIND to bind apache port." -+#: booleans.py:128 -+msgid "Determine whether Bind can bind tcp socket to http ports." - msgstr "" - --#: booleans.py:116 -+#: booleans.py:129 - msgid "" --"Allow BIND to write the master zone files. Generally this is used for " --"dynamic DNS or zone transfers." -+"Determine whether Bind can write to master zone files. Generally this is " -+"used for dynamic DNS or zone transfers." - msgstr "" - --#: booleans.py:117 -+#: booleans.py:130 - msgid "Allow any files/directories to be exported read/only via NFS." - msgstr "" - --#: booleans.py:118 -+#: booleans.py:131 - msgid "Allow any files/directories to be exported read/write via NFS." - msgstr "" - --#: booleans.py:119 -+#: booleans.py:132 - msgid "" - "Allow nfs servers to modify public files used for public file transfer " - "services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:120 -+#: booleans.py:133 - msgid "Allow system to run with NIS" - msgstr "" - --#: booleans.py:121 -+#: booleans.py:134 - msgid "Allow confined applications to use nscd shared memory." - msgstr "" - --#: booleans.py:122 -+#: booleans.py:135 - msgid "Allow openshift to lockdown app" - msgstr "" - --#: booleans.py:123 --msgid "Allow openvpn to read home directories" -+#: booleans.py:136 -+msgid "Determine whether openvpn can read generic user home content files." - msgstr "" - --#: booleans.py:124 -+#: booleans.py:137 - msgid "Allow piranha-lvs domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:125 -+#: booleans.py:138 - msgid "Allow polipo to connect to all ports > 1023" - msgstr "" - --#: booleans.py:126 -+#: booleans.py:139 - msgid "" - "Determine whether Polipo session daemon can bind tcp sockets to all " - "unreserved ports." - msgstr "" - --#: booleans.py:127 -+#: booleans.py:140 - msgid "" - "Determine whether calling user domains can execute Polipo daemon in the " - "polipo_session_t domain." - msgstr "" - --#: booleans.py:128 -+#: booleans.py:141 - msgid "Determine whether polipo can access cifs file systems." - msgstr "" - --#: booleans.py:129 -+#: booleans.py:142 - msgid "Determine whether Polipo can access nfs file systems." - msgstr "" - --#: booleans.py:130 -+#: booleans.py:143 - msgid "Enable polyinstantiated directory support." - msgstr "" - --#: booleans.py:131 -+#: booleans.py:144 - msgid "Allow postfix_local domain full write access to mail_spool directories" - msgstr "" - --#: booleans.py:132 -+#: booleans.py:145 - msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" - msgstr "" - --#: booleans.py:133 -+#: booleans.py:146 - msgid "Allow transmit client label to foreign database" - msgstr "" - --#: booleans.py:134 -+#: booleans.py:147 - msgid "Allow database admins to execute DML statement" - msgstr "" - --#: booleans.py:135 -+#: booleans.py:148 - msgid "Allow unprivileged users to execute DDL statement" - msgstr "" - --#: booleans.py:136 -+#: booleans.py:149 - msgid "Allow pppd to load kernel modules for certain modems" - msgstr "" - --#: booleans.py:137 -+#: booleans.py:150 - msgid "Allow pppd to be run for a regular user" - msgstr "" - --#: booleans.py:138 --msgid "" --"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:151 -+msgid "Determine whether privoxy can connect to all tcp ports." - msgstr "" - --#: booleans.py:139 -+#: booleans.py:152 - msgid "Allow Puppet client to manage all file types." - msgstr "" - --#: booleans.py:140 -+#: booleans.py:153 - msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" - msgstr "" - --#: booleans.py:141 -+#: booleans.py:154 - msgid "Allow racoon to read shadow" - msgstr "" - --#: booleans.py:142 --msgid "Allow rgmanager domain to connect to the network using TCP." --msgstr "" -- --#: booleans.py:143 -+#: booleans.py:155 - msgid "" - "Allow rsync to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:144 -+#: booleans.py:156 - msgid "Allow rsync to run as a client" - msgstr "" - --#: booleans.py:145 -+#: booleans.py:157 - msgid "Allow rsync to export any files/directories read only." - msgstr "" - --#: booleans.py:146 --msgid "Allow rsync servers to share cifs files systems" --msgstr "" -- --#: booleans.py:147 --msgid "Allow rsync servers to share nfs files systems" -+#: booleans.py:158 -+msgid "Allow rsync server to manage all files/directories on the system." - msgstr "" - --#: booleans.py:148 -+#: booleans.py:159 - msgid "Allow samba to create new home directories (e.g. via PAM)" - msgstr "" - --#: booleans.py:149 -+#: booleans.py:160 - msgid "" - "Allow samba to act as the domain controller, add users, groups and change " - "passwords." - msgstr "" - --#: booleans.py:150 -+#: booleans.py:161 - msgid "Allow samba to share users home directories." - msgstr "" - --#: booleans.py:151 -+#: booleans.py:162 - msgid "Allow samba to share any file/directory read only." - msgstr "" - --#: booleans.py:152 -+#: booleans.py:163 - msgid "Allow samba to share any file/directory read/write." - msgstr "" - --#: booleans.py:153 -+#: booleans.py:164 - msgid "Allow samba to act as a portmapper" - msgstr "" - --#: booleans.py:154 -+#: booleans.py:165 - msgid "Allow samba to run unconfined scripts" - msgstr "" - --#: booleans.py:155 --msgid "Allow samba to export ntfs/fusefs volumes." --msgstr "" -- --#: booleans.py:156 -+#: booleans.py:167 - msgid "Allow samba to export NFS volumes." - msgstr "" - --#: booleans.py:157 -+#: booleans.py:168 - msgid "Allow sanlock to read/write fuse files" - msgstr "" - --#: booleans.py:158 -+#: booleans.py:169 - msgid "Allow sanlock to manage nfs files" - msgstr "" - --#: booleans.py:159 -+#: booleans.py:170 - msgid "Allow sanlock to manage cifs files" - msgstr "" - --#: booleans.py:160 -+#: booleans.py:171 - msgid "Allow sasl to read shadow" - msgstr "" - --#: booleans.py:161 -+#: booleans.py:172 - msgid "Allow secadm to exec content" - msgstr "" - --#: booleans.py:162 -+#: booleans.py:173 - msgid "" - "disallow programs, such as newrole, from transitioning to administrative " - "user domains." - msgstr "" - --#: booleans.py:163 -+#: booleans.py:174 - msgid "Disable kernel module loading." - msgstr "" - --#: booleans.py:164 -+#: booleans.py:175 - msgid "" - "Boolean to determine whether the system permits loading policy, setting " - "enforcing mode, and changing boolean values. Set this to true and you have " - "to reboot to set it back." - msgstr "" - --#: booleans.py:165 -+#: booleans.py:176 - msgid "Allow regular users direct dri device access" - msgstr "" - --#: booleans.py:166 -+#: booleans.py:177 - msgid "" - "Allow unconfined executables to make their heap memory executable. Doing " - "this is a really bad idea. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:167 -+#: booleans.py:178 - msgid "" - "Allow all unconfined executables to use libraries requiring text relocation " - "that are not labeled textrel_shlib_t" - msgstr "" - --#: booleans.py:168 -+#: booleans.py:179 - msgid "" - "Allow unconfined executables to make their stack executable. This should " - "never, ever be necessary. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:169 -+#: booleans.py:180 - msgid "Allow users to connect to the local mysql server" - msgstr "" - --#: booleans.py:170 -+#: booleans.py:181 - msgid "" - "Allow confined users the ability to execute the ping and traceroute commands." - msgstr "" - --#: booleans.py:171 -+#: booleans.py:182 - msgid "Allow users to connect to PostgreSQL" - msgstr "" - --#: booleans.py:172 -+#: booleans.py:183 - msgid "" - "Allow user to r/w files on filesystems that do not have extended attributes " - "(FAT, CDROM, FLOPPY)" - msgstr "" - --#: booleans.py:173 -+#: booleans.py:184 -+msgid "Allow user music sharing" -+msgstr "" -+ -+#: booleans.py:185 - msgid "" - "Allow users to run TCP servers (bind to ports and accept connection from the " - "same domain and outside users) disabling this forces FTP passive mode and " - "may change other protocols." - msgstr "" - --#: booleans.py:174 -+#: booleans.py:186 - msgid "Allow user to use ssh chroot environment." - msgstr "" - --#: booleans.py:175 --msgid "Allow user music sharing" --msgstr "" -- --#: booleans.py:176 -+#: booleans.py:187 - msgid "" --"Allow anon internal-sftp to upload files, used for public file transfer " --"services. Directories must be labeled public_content_rw_t." -+"Determine whether sftpd can modify public files used for public file " -+"transfer services. Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:177 -+#: booleans.py:188 - msgid "" --"Allow sftp-internal to read and write files in the user home directories" -+"Determine whether sftpd-can read and write files in user home directories." - msgstr "" - --#: booleans.py:178 -+#: booleans.py:189 - msgid "" --"Allow sftp-internal to login to local users and read/write all files on the " --"system, governed by DAC." -+"Determine whether sftpd-can login to local users and read and write all " -+"files on the system, governed by DAC." - msgstr "" - --#: booleans.py:179 -+#: booleans.py:190 - msgid "" --"Allow internal-sftp to read and write files in the user ssh home directories." -+"Determine whether sftpd can read and write files in user ssh home " -+"directories." - msgstr "" - --#: booleans.py:180 -+#: booleans.py:191 - msgid "Allow sge to connect to the network using any TCP port" - msgstr "" - --#: booleans.py:181 -+#: booleans.py:192 - msgid "Allow sge to access nfs file systems." - msgstr "" - --#: booleans.py:182 --msgid "" --"Enable additional permissions needed to support devices on 3ware controllers." -+#: booleans.py:193 -+msgid "Determine whether smartmon can support devices on 3ware controllers." - msgstr "" - --#: booleans.py:183 -+#: booleans.py:194 - msgid "" - "Allow samba to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:184 -+#: booleans.py:195 - msgid "Allow user spamassassin clients to use the network." - msgstr "" - --#: booleans.py:185 -+#: booleans.py:196 - msgid "Allow spamd to read/write user home directories." - msgstr "" - --#: booleans.py:186 --msgid "" --"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:197 -+msgid "Determine whether squid can connect to all TCP ports." - msgstr "" - --#: booleans.py:187 --msgid "Allow squid to run as a transparent proxy (TPROXY)" -+#: booleans.py:198 -+msgid "Determine whether squid can run as a transparent proxy." - msgstr "" - --#: booleans.py:188 -+#: booleans.py:199 - msgid "" - "Allow ssh with chroot env to read and write files in the user home " - "directories" - msgstr "" - --#: booleans.py:189 -+#: booleans.py:200 - msgid "allow host key based authentication" - msgstr "" - --#: booleans.py:190 -+#: booleans.py:201 - msgid "Allow ssh logins as sysadm_r:sysadm_t" - msgstr "" - --#: booleans.py:191 -+#: booleans.py:202 - msgid "Allow staff to exec content" - msgstr "" - --#: booleans.py:192 -+#: booleans.py:203 - msgid "allow staff user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:193 -+#: booleans.py:204 - msgid "Allow sysadm to exec content" - msgstr "" - --#: booleans.py:194 -+#: booleans.py:205 - msgid "Allow the Telepathy connection managers to connect to any network port." - msgstr "" - --#: booleans.py:195 -+#: booleans.py:206 - msgid "" - "Allow the Telepathy connection managers to connect to any generic TCP port." - msgstr "" - --#: booleans.py:196 -+#: booleans.py:207 - msgid "" - "Allow tftp to modify public files used for public file transfer services." - msgstr "" - --#: booleans.py:197 -+#: booleans.py:208 - msgid "Allow tftp to read and write files in the user home directories" - msgstr "" - --#: booleans.py:198 --msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." -+#: booleans.py:209 -+msgid "Determine whether tor can bind tcp sockets to all unreserved ports." - msgstr "" - --#: booleans.py:199 -+#: booleans.py:210 - msgid "Allow tor to act as a relay" - msgstr "" - --#: booleans.py:200 -+#: booleans.py:211 - msgid "" - "allow unconfined users to transition to the chrome sandbox domains when " - "running chrome-sandbox" - msgstr "" - --#: booleans.py:201 -+#: booleans.py:212 - msgid "Allow a user to login as an unconfined domain" - msgstr "" - --#: booleans.py:202 -+#: booleans.py:213 - msgid "" - "Allow unconfined users to transition to the Mozilla plugin domain when " - "running xulrunner plugin-container." - msgstr "" - --#: booleans.py:203 -+#: booleans.py:214 - msgid "Allow video playing tools to run unconfined" - msgstr "" - --#: booleans.py:204 -+#: booleans.py:215 - msgid "Allow unprivledged user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:205 -+#: booleans.py:216 - msgid "Support ecryptfs home directories" - msgstr "" - --#: booleans.py:206 -+#: booleans.py:217 - msgid "Support fusefs home directories" - msgstr "" - --#: booleans.py:207 --msgid "Use lpd server instead of cups" -+#: booleans.py:218 ++#: booleans.py:222 +msgid "Determine whether to support lpd server." msgstr "" --#: booleans.py:208 -+#: booleans.py:219 - msgid "Support NFS home directories" +-#: booleans.py:49 +-msgid "Allow ftp servers to use nfs used for public file transfer services." ++#: booleans.py:223 ++msgid "Support NFS home directories" msgstr "" --#: booleans.py:209 -+#: booleans.py:220 - msgid "Support SAMBA home directories" +-#: booleans.py:50 +-msgid "Allow ftp servers to use bind to all unreserved ports for passive mode" ++#: booleans.py:224 ++msgid "Support SAMBA home directories" msgstr "" --#: booleans.py:210 -+#: booleans.py:221 - msgid "Allow user to exec content" +-#: booleans.py:51 +-msgid "Determine whether Git CGI can search home directories." ++#: booleans.py:225 ++msgid "Allow user to exec content" msgstr "" --#: booleans.py:211 --msgid "Allow varnishd to connect to all ports, not just HTTP." -+#: booleans.py:222 +-#: booleans.py:52 +-msgid "Determine whether Git CGI can access cifs file systems." ++#: booleans.py:226 +msgid "Determine whether varnishd can use the full TCP network." msgstr "" --#: booleans.py:212 --msgid "Ignore vbetool mmap_zero errors." -+#: booleans.py:223 +-#: booleans.py:53 +-msgid "Determine whether Git CGI can access nfs file systems." ++#: booleans.py:227 +msgid "" +"Determine whether attempts by vbetool to mmap low regions should be silently " +"blocked." msgstr "" --#: booleans.py:213 -+#: booleans.py:224 - msgid "" - "Allow confined virtual guests to use serial/parallel communication ports" - msgstr "" - --#: booleans.py:214 -+#: booleans.py:225 - msgid "" - "Allow confined virtual guests to use executable memory and executable stack" - msgstr "" - --#: booleans.py:215 -+#: booleans.py:226 - msgid "Allow confined virtual guests to read fuse files" - msgstr "" - --#: booleans.py:216 -+#: booleans.py:227 - msgid "Allow confined virtual guests to manage nfs files" - msgstr "" - --#: booleans.py:217 +-#: booleans.py:54 +#: booleans.py:228 - msgid "Allow confined virtual guests to interact with rawip sockets" + msgid "" +-"Determine whether Git session daemon can bind TCP sockets to all unreserved " +-"ports." ++"Allow confined virtual guests to use serial/parallel communication ports" msgstr "" --#: booleans.py:218 +-#: booleans.py:55 +#: booleans.py:229 - msgid "Allow confined virtual guests to manage cifs files" + msgid "" +-"Determine whether calling user domains can execute Git daemon in the " +-"git_session_t domain." ++"Allow confined virtual guests to use executable memory and executable stack" msgstr "" --#: booleans.py:219 +-#: booleans.py:56 +-msgid "Determine whether Git system daemon can search home directories." +#: booleans.py:230 - msgid "Allow confined virtual guests to interact with the sanlock" ++msgid "Allow confined virtual guests to read fuse files" msgstr "" --#: booleans.py:220 --msgid "Allow confined virtual guests to manage device configuration, (pci)" --msgstr "" -- --#: booleans.py:221 +-#: booleans.py:57 +-msgid "Determine whether Git system daemon can access cifs file systems." +#: booleans.py:231 - msgid "Allow confined virtual guests to use usb devices" ++msgid "Allow confined virtual guests to manage nfs files" msgstr "" --#: booleans.py:222 +-#: booleans.py:58 +-msgid "Determine whether Git system daemon can access nfs file systems." +#: booleans.py:232 - msgid "Allow confined virtual guests to interact with the xserver" ++msgid "Allow confined virtual guests to interact with rawip sockets" msgstr "" --#: booleans.py:223 --msgid "Allow webadm to manage files in users home directories" +-#: booleans.py:59 +-msgid "Allow gitisis daemon to send mail" +#: booleans.py:233 -+msgid "Determine whether webadm can manage generic user files." ++msgid "Allow confined virtual guests to manage cifs files" msgstr "" --#: booleans.py:224 --msgid "Allow webadm to read files in users home directories" +-#: booleans.py:60 +-msgid "Enable reading of urandom for all domains." +#: booleans.py:234 ++msgid "Allow confined virtual guests to interact with the sanlock" + msgstr "" + +-#: booleans.py:61 +-msgid "" +-"Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" +-"agent to manage user files." ++#: booleans.py:235 ++msgid "Allow confined virtual guests to use usb devices" + msgstr "" + +-#: booleans.py:62 +-msgid "" +-"Allow gpg web domain to modify public files used for public file transfer " +-"services." ++#: booleans.py:236 ++msgid "Allow confined virtual guests to interact with the xserver" ++msgstr "" ++ ++#: booleans.py:237 ++msgid "Determine whether webadm can manage generic user files." ++msgstr "" ++ ++#: booleans.py:238 +msgid "Determine whether webadm can read generic user files." msgstr "" --#: booleans.py:225 --msgid "Ignore wine mmap_zero errors." -+#: booleans.py:235 +-#: booleans.py:63 +-msgid "Allow gssd to read temp directory. For access to kerberos tgt." ++#: booleans.py:239 +msgid "" +"Determine whether attempts by wine to mmap low regions should be silently " +"blocked." msgstr "" +-#: booleans.py:64 +-msgid "Allow guest to exec content" ++#: booleans.py:240 ++msgid "Allow the graphical login program to execute bootloader" + msgstr "" + +-#: booleans.py:65 ++#: booleans.py:241 + msgid "" +-"Allow Apache to modify public files used for public file transfer services. " +-"Directories/Files must be labeled public_content_rw_t." ++"Allow the graphical login program to login directly as sysadm_r:sysadm_t" + msgstr "" + +-#: booleans.py:66 +-msgid "Allow httpd to use built in scripting (usually php)" ++#: booleans.py:242 ++msgid "" ++"Allow the graphical login program to create files in HOME dirs as xdm_home_t." + msgstr "" + +-#: booleans.py:67 +-msgid "Allow http daemon to check spam" ++#: booleans.py:243 ++msgid "Allow xen to manage nfs files" + msgstr "" + +-#: booleans.py:68 ++#: booleans.py:244 + msgid "" +-"Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " +-"ports" ++"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " ++"logical volumes for disk images." + msgstr "" + +-#: booleans.py:69 +-msgid "Allow httpd to connect to the ldap port" ++#: booleans.py:245 ++msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." + msgstr "" + +-#: booleans.py:70 +-msgid "Allow http daemon to connect to zabbix" ++#: booleans.py:246 ++msgid "" ++"Allow xguest users to configure Network Manager and connect to apache ports" + msgstr "" + +-#: booleans.py:71 +-msgid "Allow HTTPD scripts and modules to connect to the network using TCP." ++#: booleans.py:247 ++msgid "Allow xguest to exec content" + msgstr "" + +-#: booleans.py:72 +-msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." ++#: booleans.py:248 ++msgid "Allow xguest users to mount removable media" + msgstr "" + +-#: booleans.py:73 +-msgid "" +-"Allow HTTPD scripts and modules to connect to databases over the network." ++#: booleans.py:249 ++msgid "Allow xguest to use blue tooth devices" + msgstr "" + +-#: booleans.py:74 +-msgid "Allow httpd to connect to memcache server" ++#: booleans.py:250 ++msgid "Allows clients to write to the X server shared memory segments." + msgstr "" + +-#: booleans.py:75 +-msgid "Allow httpd to act as a relay" ++#: booleans.py:251 ++msgid "Allows XServer to execute writable memory" + msgstr "" + +-#: booleans.py:76 +-msgid "Allow http daemon to send mail" ++#: booleans.py:252 ++msgid "Support X userspace object manager" + msgstr "" + +-#: booleans.py:77 +-msgid "Allow Apache to communicate with avahi service via dbus" ++#: booleans.py:253 ++msgid "Determine whether zabbix can connect to all TCP ports" + msgstr "" + +-#: booleans.py:78 +-msgid "Allow httpd cgi support" ++#: booleans.py:254 ++msgid "Allow zebra daemon to write it configuration files" + msgstr "" + +-#: booleans.py:79 +-msgid "Allow httpd to act as a FTP server by listening on the ftp port." ++#: booleans.py:255 ++msgid "" ++"Allow ZoneMinder to modify public files used for public file transfer " ++"services." + msgstr "" + +-#: booleans.py:80 +-msgid "Allow httpd to read home directories" ++#: booleans.py:256 ++msgid "Allow ZoneMinder to run su/sudo." + msgstr "" + +-#: booleans.py:81 +-msgid "Allow httpd scripts and modules execmem/execstack" ++#: ../sepolicy/sepolicy.py:194 ++#, python-format ++msgid "Interface %s does not exist." + msgstr "" + +-#: booleans.py:82 +-msgid "Allow HTTPD to connect to port 80 for graceful shutdown" ++#: ../sepolicy/sepolicy.py:281 ++msgid "Graphical User Interface for SELinux Policy" + msgstr "" + +-#: booleans.py:83 +-msgid "Allow httpd processes to manage IPA content" ++#: ../sepolicy/sepolicy.py:305 ++msgid "Generate SELinux man pages" + msgstr "" + +-#: booleans.py:84 +-msgid "Allow Apache to use mod_auth_ntlm_winbind" ++#: ../sepolicy/sepolicy.py:308 ++msgid "path in which the generated SELinux man pages will be stored" + msgstr "" + +-#: booleans.py:85 +-msgid "Allow Apache to use mod_auth_pam" ++#: ../sepolicy/sepolicy.py:310 ++msgid "name of the OS for man pages" + msgstr "" + +-#: booleans.py:86 +-msgid "Allow httpd to read user content" ++#: ../sepolicy/sepolicy.py:312 ++msgid "Generate HTML man pages structure for selected SELinux man page" + msgstr "" + +-#: booleans.py:87 +-msgid "Allow Apache to run in stickshift mode, not transition to passenger" ++#: ../sepolicy/sepolicy.py:314 ++msgid "Alternate root directory, defaults to /" + msgstr "" + +-#: booleans.py:88 +-msgid "Allow httpd daemon to change its resource limits" ++#: ../sepolicy/sepolicy.py:318 ++msgid "All domains" + msgstr "" + +-#: booleans.py:89 +-msgid "" +-"Allow HTTPD to run SSI executables in the same domain as system CGI scripts." ++#: ../sepolicy/sepolicy.py:321 ++msgid "Domain name(s) of man pages to be created" + msgstr "" + +-#: booleans.py:90 +-msgid "" +-"Allow apache scripts to write to public content, directories/files must be " +-"labeled public_rw_content_t." ++#: ../sepolicy/sepolicy.py:326 ++msgid "Query SELinux policy network information" + msgstr "" + +-#: booleans.py:91 +-msgid "Allow Apache to execute tmp content." ++#: ../sepolicy/sepolicy.py:331 ++msgid "list all SELinux port types" + msgstr "" + +-#: booleans.py:92 +-msgid "" +-"Unify HTTPD to communicate with the terminal. Needed for entering the " +-"passphrase for certificates at the terminal." ++#: ../sepolicy/sepolicy.py:334 ++msgid "show SELinux type related to the port" + msgstr "" + +-#: booleans.py:93 +-msgid "Unify HTTPD handling of all content files." ++#: ../sepolicy/sepolicy.py:337 ++msgid "Show ports defined for this SELinux type" + msgstr "" + +-#: booleans.py:94 +-msgid "Allow httpd to access cifs file systems" ++#: ../sepolicy/sepolicy.py:340 ++msgid "show ports to which this domain can bind and/or connect" + msgstr "" + +-#: booleans.py:95 +-msgid "Allow httpd to access FUSE file systems" ++#: ../sepolicy/sepolicy.py:355 ++msgid "query SELinux policy to see if domains can communicate with each other" + msgstr "" + +-#: booleans.py:96 +-msgid "Allow httpd to run gpg" ++#: ../sepolicy/sepolicy.py:358 ++msgid "Source Domain" + msgstr "" + +-#: booleans.py:97 +-msgid "Allow httpd to access nfs file systems" ++#: ../sepolicy/sepolicy.py:361 ++msgid "Target Domain" + msgstr "" + +-#: booleans.py:98 +-msgid "Allow httpd to communicate with oddjob to start up a service" ++#: ../sepolicy/sepolicy.py:380 ++msgid "query SELinux Policy to see description of booleans" + msgstr "" + +-#: booleans.py:99 +-msgid "Allow httpd to access openstack ports" ++#: ../sepolicy/sepolicy.py:384 ++msgid "get all booleans descriptions" + msgstr "" + +-#: booleans.py:100 +-msgid "Allow Apache to query NS records" ++#: ../sepolicy/sepolicy.py:387 ++msgid "boolean to get description" + msgstr "" + +-#: booleans.py:101 +-msgid "Allow icecast to connect to all ports, not just sound ports." ++#: ../sepolicy/sepolicy.py:397 ++msgid "" ++"query SELinux Policy to see how a source process domain can transition to " ++"the target process domain" + msgstr "" + +-#: booleans.py:102 +-msgid "" +-"Allow the Irssi IRC Client to connect to any port, and to bind to any " +-"unreserved port." ++#: ../sepolicy/sepolicy.py:400 ++msgid "source process domain" + msgstr "" + +-#: booleans.py:103 +-msgid "Allow confined applications to run with kerberos." ++#: ../sepolicy/sepolicy.py:403 ++msgid "target process domain" + msgstr "" + +-#: booleans.py:104 +-msgid "Allow syslogd daemon to send mail" ++#: ../sepolicy/sepolicy.py:445 ++#, python-format ++msgid "sepolicy generate: error: one of the arguments %s is required" + msgstr "" + +-#: booleans.py:105 +-msgid "Allow syslogd the ability to read/write terminals" ++#: ../sepolicy/sepolicy.py:450 ++msgid "Command required for this type of policy" + msgstr "" + +-#: booleans.py:106 +-msgid "Allow logging in and using the system from /dev/console." ++#: ../sepolicy/sepolicy.py:461 ++msgid "" ++"-t option can not be used with this option. Read usage for more details." + msgstr "" + +-#: booleans.py:107 ++#: ../sepolicy/sepolicy.py:466 + msgid "" +-"Control the ability to mmap a low area of the address space, as configured " +-"by /proc/sys/kernel/mmap_min_addr." ++"-d option can not be used with this option. Read usage for more details." + msgstr "" + +-#: booleans.py:108 +-msgid "Allow mock to read files in home directories." ++#: ../sepolicy/sepolicy.py:470 ++msgid "" ++"-a option can not be used with this option. Read usage for more details." + msgstr "" + +-#: booleans.py:109 +-msgid "Allow the mount command to mount any directory or file." ++#: ../sepolicy/sepolicy.py:490 ++msgid "List SELinux Policy interfaces" + msgstr "" + +-#: booleans.py:110 +-msgid "Allow mozilla plugin domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy.py:510 ++msgid "Enter interface names, you wish to query" + msgstr "" + +-#: booleans.py:111 +-msgid "" +-"Allow mozilla_plugins to create random content in the users home directory" ++#: ../sepolicy/sepolicy.py:519 ++msgid "Generate SELinux Policy module template" + msgstr "" + +-#: booleans.py:112 +-msgid "Allow confined web browsers to read home directory content" ++#: ../sepolicy/sepolicy.py:522 ++msgid "Enter domain type which you will be extending" + msgstr "" + +-#: booleans.py:113 +-msgid "Allow mplayer executable stack" ++#: ../sepolicy/sepolicy.py:525 ++msgid "Enter SELinux user(s) which will transition to this domain" + msgstr "" + +-#: booleans.py:114 +-msgid "Allow mysqld to connect to all ports" ++#: ../sepolicy/sepolicy.py:528 ++msgid "Enter SELinux role(s) to which the administror domain will transition" + msgstr "" + +-#: booleans.py:115 +-msgid "Allow BIND to bind apache port." ++#: ../sepolicy/sepolicy.py:531 ++msgid "Enter domain(s) which this confined admin will administrate" + msgstr "" + +-#: booleans.py:116 +-msgid "" +-"Allow BIND to write the master zone files. Generally this is used for " +-"dynamic DNS or zone transfers." ++#: ../sepolicy/sepolicy.py:534 ++msgid "name of policy to generate" + msgstr "" + +-#: booleans.py:117 +-msgid "Allow any files/directories to be exported read/only via NFS." ++#: ../sepolicy/sepolicy.py:541 ++msgid "path in which the generated policy files will be stored" + msgstr "" + +-#: booleans.py:118 +-msgid "Allow any files/directories to be exported read/write via NFS." ++#: ../sepolicy/sepolicy.py:543 ++msgid "path to which the confined processes will need to write" + msgstr "" + +-#: booleans.py:119 +-msgid "" +-"Allow nfs servers to modify public files used for public file transfer " +-"services. Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy.py:544 ++msgid "Policy types which require a command" + msgstr "" + +-#: booleans.py:120 +-msgid "Allow system to run with NIS" ++#: ../sepolicy/sepolicy.py:548 ../sepolicy/sepolicy.py:551 ++#: ../sepolicy/sepolicy.py:554 ../sepolicy/sepolicy.py:557 ++#: ../sepolicy/sepolicy.py:560 ../sepolicy/sepolicy.py:566 ++#: ../sepolicy/sepolicy.py:569 ../sepolicy/sepolicy.py:572 ++#: ../sepolicy/sepolicy.py:578 ../sepolicy/sepolicy.py:581 ++#: ../sepolicy/sepolicy.py:584 ../sepolicy/sepolicy.py:587 ++#, python-format ++msgid "Generate '%s' policy" + msgstr "" + +-#: booleans.py:121 +-msgid "Allow confined applications to use nscd shared memory." ++#: ../sepolicy/sepolicy.py:575 ++#, python-format ++msgid "Generate '%s' policy " + msgstr "" + +-#: booleans.py:122 +-msgid "Allow openshift to lockdown app" ++#: ../sepolicy/sepolicy.py:589 ++msgid "executable to confine" + msgstr "" + +-#: booleans.py:123 +-msgid "Allow openvpn to read home directories" ++#: ../sepolicy/sepolicy.py:594 ++msgid "commands" + msgstr "" + +-#: booleans.py:124 +-msgid "Allow piranha-lvs domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy.py:597 ++msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" + msgstr "" + +-#: booleans.py:125 +-msgid "Allow polipo to connect to all ports > 1023" ++#: ../sepolicy/sepolicy/__init__.py:167 ../sepolicy/sepolicy/gui.py:479 ++msgid "all files" + msgstr "" + +-#: booleans.py:126 +-msgid "" +-"Determine whether Polipo session daemon can bind tcp sockets to all " +-"unreserved ports." ++#: ../sepolicy/sepolicy/__init__.py:168 ++msgid "regular file" + msgstr "" + +-#: booleans.py:127 +-msgid "" +-"Determine whether calling user domains can execute Polipo daemon in the " +-"polipo_session_t domain." ++#: ../sepolicy/sepolicy/__init__.py:169 ++msgid "directory" + msgstr "" + +-#: booleans.py:128 +-msgid "Determine whether polipo can access cifs file systems." ++#: ../sepolicy/sepolicy/__init__.py:170 ++msgid "character device" + msgstr "" + +-#: booleans.py:129 +-msgid "Determine whether Polipo can access nfs file systems." ++#: ../sepolicy/sepolicy/__init__.py:171 ++msgid "block device" + msgstr "" + +-#: booleans.py:130 +-msgid "Enable polyinstantiated directory support." ++#: ../sepolicy/sepolicy/__init__.py:172 ++msgid "socket file" + msgstr "" + +-#: booleans.py:131 +-msgid "Allow postfix_local domain full write access to mail_spool directories" ++#: ../sepolicy/sepolicy/__init__.py:173 ++msgid "symbolic link" + msgstr "" + +-#: booleans.py:132 +-msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" ++#: ../sepolicy/sepolicy/__init__.py:174 ++msgid "named pipe" + msgstr "" + +-#: booleans.py:133 +-msgid "Allow transmit client label to foreign database" ++#: ../sepolicy/sepolicy/__init__.py:306 ++msgid "No SELinux Policy installed" + msgstr "" + +-#: booleans.py:134 +-msgid "Allow database admins to execute DML statement" ++#: ../sepolicy/sepolicy/__init__.py:386 ++msgid "You must regenerate interface info by running /usr/bin/sepolgen-ifgen" + msgstr "" + +-#: booleans.py:135 +-msgid "Allow unprivileged users to execute DDL statement" ++#: ../sepolicy/sepolicy/__init__.py:591 ++#, python-format ++msgid "Failed to read %s policy file" + msgstr "" + +-#: booleans.py:136 +-msgid "Allow pppd to load kernel modules for certain modems" ++#: ../sepolicy/sepolicy/__init__.py:695 ++msgid "unknown" + msgstr "" + +-#: booleans.py:137 +-msgid "Allow pppd to be run for a regular user" ++#: ../sepolicy/sepolicy/generate.py:132 ++msgid "Internet Services Daemon" + msgstr "" + +-#: booleans.py:138 +-msgid "" +-"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." ++#: ../sepolicy/sepolicy/generate.py:136 ++msgid "Existing Domain Type" + msgstr "" + +-#: booleans.py:139 +-msgid "Allow Puppet client to manage all file types." ++#: ../sepolicy/sepolicy/generate.py:137 ++msgid "Minimal Terminal Login User Role" + msgstr "" + +-#: booleans.py:140 +-msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" ++#: ../sepolicy/sepolicy/generate.py:138 ++msgid "Minimal X Windows Login User Role" + msgstr "" + +-#: booleans.py:141 +-msgid "Allow racoon to read shadow" ++#: ../sepolicy/sepolicy/generate.py:139 ++msgid "Desktop Login User Role" + msgstr "" + +-#: booleans.py:142 +-msgid "Allow rgmanager domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy/generate.py:140 ++msgid "Administrator Login User Role" + msgstr "" + +-#: booleans.py:143 +-msgid "" +-"Allow rsync to modify public files used for public file transfer services. " +-"Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy/generate.py:141 ++msgid "Confined Root Administrator Role" + msgstr "" + +-#: booleans.py:144 +-msgid "Allow rsync to run as a client" ++#: ../sepolicy/sepolicy/generate.py:142 ++msgid "Module information for a new type" ++msgstr "" ++ ++#: ../sepolicy/sepolicy/generate.py:147 ++msgid "Valid Types:\n" ++msgstr "" ++ ++#: ../sepolicy/sepolicy/generate.py:181 ++#, python-format ++msgid "Ports must be numbers or ranges of numbers from 1 to %d " + msgstr "" + +-#: booleans.py:145 +-msgid "Allow rsync to export any files/directories read only." ++#: ../sepolicy/sepolicy/generate.py:192 ++msgid "You must enter a valid policy type" + msgstr "" + +-#: booleans.py:146 +-msgid "Allow rsync servers to share cifs files systems" ++#: ../sepolicy/sepolicy/generate.py:195 ++#, python-format ++msgid "You must enter a name for your policy module for your %s." + msgstr "" + +-#: booleans.py:147 +-msgid "Allow rsync servers to share nfs files systems" ++#: ../sepolicy/sepolicy/generate.py:327 ++msgid "" ++"Name must be alpha numberic with no spaces. Consider using option \"-n " ++"MODULENAME\"" + msgstr "" + +-#: booleans.py:148 +-msgid "Allow samba to create new home directories (e.g. via PAM)" ++#: ../sepolicy/sepolicy/generate.py:419 ++msgid "User Role types can not be assigned executables." + msgstr "" + +-#: booleans.py:149 +-msgid "" +-"Allow samba to act as the domain controller, add users, groups and change " +-"passwords." ++#: ../sepolicy/sepolicy/generate.py:425 ++msgid "Only Daemon apps can use an init script.." + msgstr "" + +-#: booleans.py:150 +-msgid "Allow samba to share users home directories." ++#: ../sepolicy/sepolicy/generate.py:443 ++msgid "use_resolve must be a boolean value " + msgstr "" + +-#: booleans.py:151 +-msgid "Allow samba to share any file/directory read only." ++#: ../sepolicy/sepolicy/generate.py:449 ++msgid "use_syslog must be a boolean value " + msgstr "" + +-#: booleans.py:152 +-msgid "Allow samba to share any file/directory read/write." ++#: ../sepolicy/sepolicy/generate.py:455 ++msgid "use_kerberos must be a boolean value " + msgstr "" + +-#: booleans.py:153 +-msgid "Allow samba to act as a portmapper" ++#: ../sepolicy/sepolicy/generate.py:461 ++msgid "manage_krb5_rcache must be a boolean value " + msgstr "" + +-#: booleans.py:154 +-msgid "Allow samba to run unconfined scripts" ++#: ../sepolicy/sepolicy/generate.py:491 ++msgid "USER Types automatically get a tmp type" + msgstr "" + +-#: booleans.py:155 +-msgid "Allow samba to export ntfs/fusefs volumes." ++#: ../sepolicy/sepolicy/generate.py:832 ++#, python-format ++msgid "%s policy modules require existing domains" + msgstr "" + +-#: booleans.py:156 +-msgid "Allow samba to export NFS volumes." ++#: ../sepolicy/sepolicy/generate.py:857 ++msgid "Type field required" + msgstr "" + +-#: booleans.py:157 +-msgid "Allow sanlock to read/write fuse files" ++#: ../sepolicy/sepolicy/generate.py:869 ++#, python-format ++msgid "" ++"You need to define a new type which ends with: \n" ++" %s" + msgstr "" + +-#: booleans.py:158 +-msgid "Allow sanlock to manage nfs files" ++#: ../sepolicy/sepolicy/generate.py:1088 ++msgid "You must enter the executable path for your confined process" + msgstr "" + +-#: booleans.py:159 +-msgid "Allow sanlock to manage cifs files" ++#: ../sepolicy/sepolicy/generate.py:1360 ++msgid "Type Enforcement file" + msgstr "" + +-#: booleans.py:160 +-msgid "Allow sasl to read shadow" ++#: ../sepolicy/sepolicy/generate.py:1361 ++msgid "Interface file" + msgstr "" + +-#: booleans.py:161 +-msgid "Allow secadm to exec content" ++#: ../sepolicy/sepolicy/generate.py:1362 ++msgid "File Contexts file" + msgstr "" + +-#: booleans.py:162 +-msgid "" +-"disallow programs, such as newrole, from transitioning to administrative " +-"user domains." ++#: ../sepolicy/sepolicy/generate.py:1363 ++msgid "Spec file" + msgstr "" + +-#: booleans.py:163 +-msgid "Disable kernel module loading." ++#: ../sepolicy/sepolicy/generate.py:1364 ++msgid "Setup Script" + msgstr "" + +-#: booleans.py:164 +-msgid "" +-"Boolean to determine whether the system permits loading policy, setting " +-"enforcing mode, and changing boolean values. Set this to true and you have " +-"to reboot to set it back." ++#: ../sepolicy/sepolicy/sepolicy.glade:7 ++msgid "SELinux Gui" + msgstr "" + +-#: booleans.py:165 +-msgid "Allow regular users direct dri device access" ++#: ../sepolicy/sepolicy/sepolicy.glade:33 ++msgid "Type to search for a process" + msgstr "" + +-#: booleans.py:166 +-msgid "" +-"Allow unconfined executables to make their heap memory executable. Doing " +-"this is a really bad idea. Probably indicates a badly coded executable, but " +-"could indicate an attack. This executable should be reported in bugzilla" ++#: ../sepolicy/sepolicy/sepolicy.glade:35 ++msgid "Select domain" + msgstr "" + +-#: booleans.py:167 +-msgid "" +-"Allow all unconfined executables to use libraries requiring text relocation " +-"that are not labeled textrel_shlib_t" ++#: ../sepolicy/sepolicy/sepolicy.glade:70 ++#: ../sepolicy/sepolicy/sepolicy.glade:308 ++msgid "Booleans" + msgstr "" + +-#: booleans.py:168 ++#: ../sepolicy/sepolicy/sepolicy.glade:74 + msgid "" +-"Allow unconfined executables to make their stack executable. This should " +-"never, ever be necessary. Probably indicates a badly coded executable, but " +-"could indicate an attack. This executable should be reported in bugzilla" ++"Display boolean information that can be used to modify the policy for the " ++"'selected domain'." + msgstr "" + +-#: booleans.py:169 +-msgid "Allow users to connect to the local mysql server" ++#: ../sepolicy/sepolicy/sepolicy.glade:85 ++#: ../sepolicy/sepolicy/sepolicy.glade:710 ++msgid "Files" + msgstr "" + +-#: booleans.py:170 ++#: ../sepolicy/sepolicy/sepolicy.glade:89 + msgid "" +-"Allow confined users the ability to execute the ping and traceroute commands." ++"Display file type information that can be used by the 'selected domain'." + msgstr "" + +-#: booleans.py:171 +-msgid "Allow users to connect to PostgreSQL" ++#: ../sepolicy/sepolicy/sepolicy.glade:100 ++#: ../sepolicy/sepolicy/sepolicy.glade:1062 ++msgid "Network" + msgstr "" + +-#: booleans.py:172 ++#: ../sepolicy/sepolicy/sepolicy.glade:104 + msgid "" +-"Allow user to r/w files on filesystems that do not have extended attributes " +-"(FAT, CDROM, FLOPPY)" ++"Display network ports to which the 'selected domain' can connect or listen " ++"to." + msgstr "" + +-#: booleans.py:173 +-msgid "" +-"Allow users to run TCP servers (bind to ports and accept connection from the " +-"same domain and outside users) disabling this forces FTP passive mode and " +-"may change other protocols." ++#: ../sepolicy/sepolicy/sepolicy.glade:115 ++#: ../sepolicy/sepolicy/sepolicy.glade:1361 ++msgid "Transitions" + msgstr "" + +-#: booleans.py:174 +-msgid "Allow user to use ssh chroot environment." ++#: ../sepolicy/sepolicy/sepolicy.glade:119 ++msgid "" ++"Display applications that can transition into or out of the 'selected " ++"domain'." + msgstr "" + +-#: booleans.py:175 +-msgid "Allow user music sharing" ++#: ../sepolicy/sepolicy/sepolicy.glade:188 ++#: ../sepolicy/sepolicy/sepolicy.glade:358 ++#: ../sepolicy/sepolicy/sepolicy.glade:765 ++#: ../sepolicy/sepolicy/sepolicy.glade:1113 ++msgid "Show Modified Only" + msgstr "" + +-#: booleans.py:176 ++#: ../sepolicy/sepolicy/sepolicy.glade:219 + msgid "" +-"Allow anon internal-sftp to upload files, used for public file transfer " +-"services. Directories must be labeled public_content_rw_t." ++"If-Then-Else rules written in policy that can \n" ++"allow alternative access control." + msgstr "" + +-#: booleans.py:177 +-msgid "" +-"Allow sftp-internal to read and write files in the user home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:373 ++#: ../sepolicy/sepolicy/sepolicy.glade:787 ++#: ../sepolicy/sepolicy/sepolicy.glade:1128 ++msgid "Modify" + msgstr "" + +-#: booleans.py:178 +-msgid "" +-"Allow sftp-internal to login to local users and read/write all files on the " +-"system, governed by DAC." ++#: ../sepolicy/sepolicy/sepolicy.glade:377 ++#: ../sepolicy/sepolicy/sepolicy.glade:791 ++msgid "Modify an existing item" + msgstr "" + +-#: booleans.py:179 +-msgid "" +-"Allow internal-sftp to read and write files in the user ssh home directories." ++#: ../sepolicy/sepolicy/sepolicy.glade:389 ++#: ../sepolicy/sepolicy/sepolicy.glade:803 ++#: ../sepolicy/sepolicy/sepolicy.glade:1142 ++msgid "Delete" + msgstr "" + +-#: booleans.py:180 +-msgid "Allow sge to connect to the network using any TCP port" ++#: ../sepolicy/sepolicy/sepolicy.glade:393 ++#: ../sepolicy/sepolicy/sepolicy.glade:807 ++msgid "Delete an existing item" + msgstr "" + +-#: booleans.py:181 +-msgid "Allow sge to access nfs file systems." ++#: ../sepolicy/sepolicy/sepolicy.glade:409 ++#: ../sepolicy/sepolicy/sepolicy.glade:823 ++msgid "Add a new item" + msgstr "" + +-#: booleans.py:182 +-msgid "" +-"Enable additional permissions needed to support devices on 3ware controllers." ++#: ../sepolicy/sepolicy/sepolicy.glade:442 ++msgid "File path used to enter the above selected process domain." + msgstr "" + +-#: booleans.py:183 +-msgid "" +-"Allow samba to modify public files used for public file transfer services. " +-"Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy/sepolicy.glade:450 ++#: ../sepolicy/sepolicy/sepolicy.glade:531 ++msgid "File Path" + msgstr "" + +-#: booleans.py:184 +-msgid "Allow user spamassassin clients to use the network." ++#: ../sepolicy/sepolicy/sepolicy.glade:468 ++#: ../sepolicy/sepolicy/sepolicy.glade:549 ++msgid "SELinux File Label" + msgstr "" + +-#: booleans.py:185 +-msgid "Allow spamd to read/write user home directories." ++#: ../sepolicy/sepolicy/sepolicy.glade:485 ++#: ../sepolicy/sepolicy/sepolicy.glade:567 ++#: ../sepolicy/sepolicy/sepolicy.glade:660 ++msgid "Class" + msgstr "" + +-#: booleans.py:186 +-msgid "" +-"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." ++#: ../sepolicy/sepolicy/sepolicy.glade:505 ++msgid "File path used to enter the 'selected domain'." + msgstr "" + +-#: booleans.py:187 +-msgid "Allow squid to run as a transparent proxy (TPROXY)" ++#: ../sepolicy/sepolicy/sepolicy.glade:506 ++msgid "Executable Files" + msgstr "" + +-#: booleans.py:188 +-msgid "" +-"Allow ssh with chroot env to read and write files in the user home " +-"directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:523 ++msgid "Files to which the above selected process domain can write." + msgstr "" + +-#: booleans.py:189 +-msgid "allow host key based authentication" ++#: ../sepolicy/sepolicy/sepolicy.glade:591 ++msgid "Files to which the 'selected domain' can write." + msgstr "" + +-#: booleans.py:190 +-msgid "Allow ssh logins as sysadm_r:sysadm_t" ++#: ../sepolicy/sepolicy/sepolicy.glade:592 ++msgid "Writable Files" + msgstr "" + +-#: booleans.py:191 +-msgid "Allow staff to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:610 ++msgid "File Types defined for the selected domain" + msgstr "" + +-#: booleans.py:192 +-msgid "allow staff user to create and transition to svirt domains." ++#: ../sepolicy/sepolicy/sepolicy.glade:618 ++msgid "File path" + msgstr "" + +-#: booleans.py:193 +-msgid "Allow sysadm to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:686 ++msgid "File Types defined for the 'selected domain'." + msgstr "" + +-#: booleans.py:194 +-msgid "Allow the Telepathy connection managers to connect to any network port." ++#: ../sepolicy/sepolicy/sepolicy.glade:687 ++msgid "Application File Types" + msgstr "" + +-#: booleans.py:195 +-msgid "" +-"Allow the Telepathy connection managers to connect to any generic TCP port." ++#: ../sepolicy/sepolicy/sepolicy.glade:856 ++msgid "Network Ports to which the selected domain is allowed to connect." + msgstr "" + +-#: booleans.py:196 +-msgid "" +-"Allow tftp to modify public files used for public file transfer services." ++#: ../sepolicy/sepolicy/sepolicy.glade:898 ++#: ../sepolicy/sepolicy/sepolicy.glade:997 ++msgid "Modified" + msgstr "" + +-#: booleans.py:197 +-msgid "Allow tftp to read and write files in the user home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:937 ++msgid "Network Ports to which the 'selected domain' is allowed to connect." + msgstr "" + +-#: booleans.py:198 +-msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." ++#: ../sepolicy/sepolicy/sepolicy.glade:938 ++msgid "Outbound" + msgstr "" + +-#: booleans.py:199 +-msgid "Allow tor to act as a relay" ++#: ../sepolicy/sepolicy/sepolicy.glade:955 ++msgid "Network Ports to which the selected domain is allowed to listen." + msgstr "" + +-#: booleans.py:200 +-msgid "" +-"allow unconfined users to transition to the chrome sandbox domains when " +-"running chrome-sandbox" ++#: ../sepolicy/sepolicy/sepolicy.glade:1038 ++msgid "Network Ports to which the 'selected domain' is allowed to listen." + msgstr "" + +-#: booleans.py:201 +-msgid "Allow a user to login as an unconfined domain" ++#: ../sepolicy/sepolicy/sepolicy.glade:1039 ++msgid "Inbound" + msgstr "" + +-#: booleans.py:202 ++#: ../sepolicy/sepolicy/sepolicy.glade:1189 ++#: ../sepolicy/sepolicy/sepolicy.glade:1260 + msgid "" +-"Allow unconfined users to transition to the Mozilla plugin domain when " +-"running xulrunner plugin-container." ++"Executables which will transition to a different domain, when the 'selected " ++"domain' executes them." + msgstr "" + +-#: booleans.py:203 +-msgid "Allow video playing tools to run unconfined" ++#: ../sepolicy/sepolicy/sepolicy.glade:1194 ++#: ../sepolicy/sepolicy/sepolicy.glade:1285 ++msgid "Enabled" + msgstr "" + +-#: booleans.py:204 +-msgid "Allow unprivledged user to create and transition to svirt domains." ++#: ../sepolicy/sepolicy/sepolicy.glade:1223 ++msgid "Executable File Type" + msgstr "" + +-#: booleans.py:205 +-msgid "Support ecryptfs home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1239 ++msgid "Transtype" + msgstr "" + +-#: booleans.py:206 +-msgid "Support fusefs home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1263 ++msgid "Transitions From 'select domain'" + msgstr "" + +-#: booleans.py:207 +-msgid "Use lpd server instead of cups" ++#: ../sepolicy/sepolicy/sepolicy.glade:1280 ++#: ../sepolicy/sepolicy/sepolicy.glade:1337 ++msgid "" ++"Executables which will transition to the 'selected domain', when executing a " ++"selected domains entrypoint." + msgstr "" + +-#: booleans.py:208 +-msgid "Support NFS home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1299 ++msgid "Calling Process Domain" + msgstr "" + +-#: booleans.py:209 +-msgid "Support SAMBA home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1313 ++msgid "Executable File" + msgstr "" + +-#: booleans.py:210 +-msgid "Allow user to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:1338 ++msgid "Transitions Into 'select domain'" + msgstr "" + +-#: booleans.py:211 +-msgid "Allow varnishd to connect to all ports, not just HTTP." ++#: ../sepolicy/sepolicy/sepolicy.glade:1388 ++msgid "Reset" + msgstr "" + +-#: booleans.py:212 +-msgid "Ignore vbetool mmap_zero errors." ++#: ../sepolicy/sepolicy/sepolicy.glade:1392 ++msgid "Reset to system default" + msgstr "" + +-#: booleans.py:213 +-msgid "" +-"Allow confined virtual guests to use serial/parallel communication ports" ++#: ../sepolicy/sepolicy/sepolicy.glade:1403 ++msgid "Update" + msgstr "" + +-#: booleans.py:214 +-msgid "" +-"Allow confined virtual guests to use executable memory and executable stack" ++#: ../sepolicy/sepolicy/sepolicy.glade:1407 ++msgid "Save your changes" + msgstr "" + +-#: booleans.py:215 +-msgid "Allow confined virtual guests to read fuse files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1454 ++#: ../sepolicy/sepolicy/sepolicy.glade:1541 ++#: ../sepolicy/sepolicy/sepolicy.glade:1629 ++msgid "Add a File" + msgstr "" + +-#: booleans.py:216 +-msgid "Allow confined virtual guests to manage nfs files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1504 ++#: ../sepolicy/sepolicy/sepolicy.glade:1592 ++#: ../sepolicy/sepolicy/sepolicy.glade:1680 ++msgid "Save changes" + msgstr "" + +-#: booleans.py:217 +-msgid "Allow confined virtual guests to interact with rawip sockets" ++#: ../sepolicy/sepolicy/sepolicy.glade:1518 ++#: ../sepolicy/sepolicy/sepolicy.glade:1606 ++#: ../sepolicy/sepolicy/sepolicy.glade:1694 ++msgid "Reset Changes" + msgstr "" + +-#: booleans.py:218 +-msgid "Allow confined virtual guests to manage cifs files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1780 ++msgid "Applicaiton more detailed view" + msgstr "" + +-#: booleans.py:219 +-msgid "Allow confined virtual guests to interact with the sanlock" ++#: ../sepolicy/sepolicy/sepolicy.glade:1874 ++msgid "Analyzing Policy..." + msgstr "" + +-#: booleans.py:220 +-msgid "Allow confined virtual guests to manage device configuration, (pci)" ++#: ../sepolicy/sepolicy/gui.py:49 ++msgid "No" + msgstr "" + +-#: booleans.py:221 +-msgid "Allow confined virtual guests to use usb devices" ++#: ../sepolicy/sepolicy/gui.py:49 ++msgid "Yes" + msgstr "" + +-#: booleans.py:222 +-msgid "Allow confined virtual guests to interact with the xserver" ++#: ../sepolicy/sepolicy/gui.py:61 ++msgid "GTK Not Available" + msgstr "" + +-#: booleans.py:223 +-msgid "Allow webadm to manage files in users home directories" ++#: ../sepolicy/sepolicy/gui.py:195 ++msgid "System Status: Enforcing" + msgstr "" + +-#: booleans.py:224 +-msgid "Allow webadm to read files in users home directories" ++#: ../sepolicy/sepolicy/gui.py:197 ++msgid "System Status: Permissive" + msgstr "" + +-#: booleans.py:225 +-msgid "Ignore wine mmap_zero errors." ++#: ../sepolicy/sepolicy/gui.py:199 ++msgid "System Status: Disabled" + msgstr "" + -#: booleans.py:226 -+#: booleans.py:236 - msgid "Allow the graphical login program to execute bootloader" +-msgid "Allow the graphical login program to execute bootloader" ++#: ../sepolicy/sepolicy/gui.py:413 ++#, python-format ++msgid "File path used to enter the '%s' domain." msgstr "" -#: booleans.py:227 -+#: booleans.py:237 - msgid "" - "Allow the graphical login program to login directly as sysadm_r:sysadm_t" +-msgid "" +-"Allow the graphical login program to login directly as sysadm_r:sysadm_t" ++#: ../sepolicy/sepolicy/gui.py:414 ++#, python-format ++msgid "Files to which the '%s' domain can write." msgstr "" -#: booleans.py:228 -+#: booleans.py:238 - msgid "Allow xen to manage nfs files" +-msgid "Allow xen to manage nfs files" ++#: ../sepolicy/sepolicy/gui.py:415 ++#, python-format ++msgid "Network Ports to which the '%s' is allowed to connect." msgstr "" -#: booleans.py:229 -+#: booleans.py:239 - msgid "" - "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " - "logical volumes for disk images." +-msgid "" +-"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " +-"logical volumes for disk images." ++#: ../sepolicy/sepolicy/gui.py:416 ++#, python-format ++msgid "Network Ports to which the '%s' is allowed to listen." msgstr "" -#: booleans.py:230 -+#: booleans.py:240 - msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." +-msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." ++#: ../sepolicy/sepolicy/gui.py:417 ++#, python-format ++msgid "File Types defined for the '%s'." msgstr "" -#: booleans.py:231 -+#: booleans.py:241 ++#: ../sepolicy/sepolicy/gui.py:418 ++#, python-format msgid "" - "Allow xguest users to configure Network Manager and connect to apache ports" - msgstr "" - +-"Allow xguest users to configure Network Manager and connect to apache ports" +-msgstr "" +- -#: booleans.py:232 -+#: booleans.py:242 - msgid "Allow xguest to exec content" +-msgid "Allow xguest to exec content" ++"Display boolean information that can be used to modify the policy for the " ++"'%s'." msgstr "" -#: booleans.py:233 -+#: booleans.py:243 - msgid "Allow xguest users to mount removable media" +-msgid "Allow xguest users to mount removable media" ++#: ../sepolicy/sepolicy/gui.py:419 ++#, python-format ++msgid "Display file type information that can be used by the '%s'." msgstr "" -#: booleans.py:234 -+#: booleans.py:244 - msgid "Allow xguest to use blue tooth devices" +-msgid "Allow xguest to use blue tooth devices" ++#: ../sepolicy/sepolicy/gui.py:420 ++#, python-format ++msgid "Display network ports to which the '%s' can connect or listen to." msgstr "" -#: booleans.py:235 -+#: booleans.py:245 - msgid "Allows clients to write to the X server shared memory segments." +-msgid "Allows clients to write to the X server shared memory segments." ++#: ../sepolicy/sepolicy/gui.py:421 ++#, python-format ++msgid "Transitions Into '%s'" msgstr "" -#: booleans.py:236 -+#: booleans.py:246 - msgid "Allows XServer to execute writable memory" +-msgid "Allows XServer to execute writable memory" ++#: ../sepolicy/sepolicy/gui.py:422 ++#, python-format ++msgid "Transitions From '%s'" msgstr "" -#: booleans.py:237 -+#: booleans.py:247 - msgid "Support X userspace object manager" +-msgid "Support X userspace object manager" ++#: ../sepolicy/sepolicy/gui.py:423 ++#, python-format ++msgid "" ++"Executables which will transition to the '%s', when executing a selected " ++"domains entrypoint." msgstr "" -#: booleans.py:238 -msgid "Allow zabbix to connect to unreserved ports" -+#: booleans.py:248 -+msgid "Determine whether zabbix can connect to all TCP ports" ++#: ../sepolicy/sepolicy/gui.py:424 ++#, python-format ++msgid "" ++"Executables which will transition to a different domain, when the '%s' " ++"executes them." msgstr "" -#: booleans.py:239 -+#: booleans.py:249 - msgid "Allow zebra daemon to write it configuration files" +-msgid "Allow zebra daemon to write it configuration files" ++#: ../sepolicy/sepolicy/gui.py:425 ++#, python-format ++msgid "Display applications that can transition into or out of the '%s'." msgstr "" -#: booleans.py:240 -+#: booleans.py:250 - msgid "" - "Allow ZoneMinder to modify public files used for public file transfer " - "services." +-msgid "" +-"Allow ZoneMinder to modify public files used for public file transfer " +-"services." ++#: ../sepolicy/sepolicy/gui.py:604 ++#, python-format ++msgid "Boolean %s Allow Rules" + msgstr "" diff --git a/policycoreutils/po/ar.po b/policycoreutils/po/ar.po -index 151ca6a..6010c78 100644 +index 151ca6a..5cdc32d 100644 --- a/policycoreutils/po/ar.po +++ b/policycoreutils/po/ar.po @@ -1,7 +1,7 @@ @@ -7127,7 +9181,7 @@ index 151ca6a..6010c78 100644 "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2013-01-04 12:01-0500\n" -"PO-Revision-Date: 2013-01-04 17:02+0000\n" -+"POT-Creation-Date: 2013-05-07 11:12-0400\n" ++"POT-Creation-Date: 2013-07-10 16:36-0400\n" +"PO-Revision-Date: 2013-04-08 19:09+0000\n" "Last-Translator: dwalsh \n" "Language-Team: Arabic \n" @@ -7156,7 +9210,7 @@ index 151ca6a..6010c78 100644 #, c-format msgid "failed to initialize PAM\n" msgstr "خطأ في تهيئة PAM\n" -@@ -78,16 +82,16 @@ msgstr "عفوا، لا يمكن استعمال run_init إلا على نواة +@@ -78,7 +82,7 @@ msgstr "عفوا، لا يمكن استعمال run_init إلا على نواة msgid "authentication failed.\n" msgstr "فشل في التوثيق.\n" @@ -7165,37 +9219,73 @@ index 151ca6a..6010c78 100644 #, c-format msgid "Could not set exec context to %s.\n" msgstr "لا يمكن ضبط سياق exec لـ %s.\n" +@@ -131,7 +135,7 @@ msgstr "لا يمكن تنفيذ عملية semanage" + msgid "Semanage transaction not in progress" + msgstr "عملية semanage ليست تحت التنفيذ" --#: ../audit2allow/audit2allow:232 -+#: ../audit2allow/audit2allow:231 - msgid "******************** IMPORTANT ***********************\n" - msgstr "******************** مهم ***********************\n" +-#: ../semanage/seobject.py:265 ../semanage/seobject.py:345 ++#: ../semanage/seobject.py:265 ../semanage/seobject.py:347 + msgid "Could not list SELinux modules" + msgstr "لا يمكن عرض قائمة وحدات SELinux" --#: ../audit2allow/audit2allow:233 -+#: ../audit2allow/audit2allow:232 - msgid "To make this policy package active, execute:" - msgstr "لتفعيل حزمة السياسات هذه، نفذ:" +@@ -147,815 +151,829 @@ msgstr "إصدار" + msgid "Disabled" + msgstr "معطّل" -@@ -174,787 +178,799 @@ msgstr "" +-#: ../semanage/seobject.py:296 ++#: ../semanage/seobject.py:288 ++#, fuzzy, python-format ++msgid "Module does not exists %s " ++msgstr "مستخدم لينكس %s غير موجود" ++ ++#: ../semanage/seobject.py:298 + #, python-format + msgid "Could not disable module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:307 ++#: ../semanage/seobject.py:309 + #, python-format + msgid "Could not enable module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:322 ++#: ../semanage/seobject.py:324 + #, python-format + msgid "Could not remove module %s (remove failed)" + msgstr "" + +-#: ../semanage/seobject.py:332 ++#: ../semanage/seobject.py:334 + msgid "dontaudit requires either 'on' or 'off'" + msgstr "" + +-#: ../semanage/seobject.py:360 ++#: ../semanage/seobject.py:362 + msgid "Builtin Permissive Types" + msgstr "" + +-#: ../semanage/seobject.py:370 ++#: ../semanage/seobject.py:372 msgid "Customized Permissive Types" msgstr "" -#: ../semanage/seobject.py:412 -+#: ../semanage/seobject.py:379 ++#: ../semanage/seobject.py:381 +msgid "" +"The sepolgen python module is required to setup permissive domains.\n" -+"In some distributions it is included in the policycoreutils-devel package.\n" ++"In some distributions it is included in the policycoreutils-devel patckage.\n" +"# yum install policycoreutils-devel\n" +"Or similar for your distro." +msgstr "" + -+#: ../semanage/seobject.py:416 ++#: ../semanage/seobject.py:418 #, python-format msgid "Could not set permissive domain %s (module installation failed)" msgstr "لا يمكن ضبط النطاق المتساهل %s (خطأ في تثبيت الوحدة)" -#: ../semanage/seobject.py:418 -+#: ../semanage/seobject.py:422 ++#: ../semanage/seobject.py:424 #, python-format msgid "Could not remove permissive domain %s (remove failed)" msgstr "لا يمكن إزالة النطاق المتساهل %s (فشل في الإزالة)" @@ -7207,119 +9297,119 @@ index 151ca6a..6010c78 100644 -#: ../semanage/seobject.py:1820 ../semanage/seobject.py:1883 -#: ../semanage/seobject.py:1902 ../semanage/seobject.py:2025 -#: ../semanage/seobject.py:2076 -+#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -+#: ../semanage/seobject.py:577 ../semanage/seobject.py:699 -+#: ../semanage/seobject.py:729 ../semanage/seobject.py:796 -+#: ../semanage/seobject.py:853 ../semanage/seobject.py:1111 -+#: ../semanage/seobject.py:1834 ../semanage/seobject.py:1897 -+#: ../semanage/seobject.py:1916 ../semanage/seobject.py:2042 -+#: ../semanage/seobject.py:2093 ++#: ../semanage/seobject.py:459 ../semanage/seobject.py:533 ++#: ../semanage/seobject.py:579 ../semanage/seobject.py:701 ++#: ../semanage/seobject.py:731 ../semanage/seobject.py:798 ++#: ../semanage/seobject.py:855 ../semanage/seobject.py:1113 ++#: ../semanage/seobject.py:1836 ../semanage/seobject.py:1899 ++#: ../semanage/seobject.py:1918 ../semanage/seobject.py:2041 ++#: ../semanage/seobject.py:2092 #, python-format msgid "Could not create a key for %s" msgstr "لا يمكن إنشاء مفتاح لـ %s" -#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -#: ../semanage/seobject.py:577 ../semanage/seobject.py:583 -+#: ../semanage/seobject.py:461 ../semanage/seobject.py:535 -+#: ../semanage/seobject.py:581 ../semanage/seobject.py:587 ++#: ../semanage/seobject.py:463 ../semanage/seobject.py:537 ++#: ../semanage/seobject.py:583 ../semanage/seobject.py:589 #, python-format msgid "Could not check if login mapping for %s is defined" msgstr "لا يمكن التحقق في إذا ما كان مخطط الدخول لـ %s معرفا" -#: ../semanage/seobject.py:466 -+#: ../semanage/seobject.py:470 ++#: ../semanage/seobject.py:472 #, python-format msgid "Linux Group %s does not exist" msgstr "مجموعة لينكس %s غير موجودة" -#: ../semanage/seobject.py:471 -+#: ../semanage/seobject.py:475 ++#: ../semanage/seobject.py:477 #, python-format msgid "Linux User %s does not exist" msgstr "مستخدم لينكس %s غير موجود" -#: ../semanage/seobject.py:475 -+#: ../semanage/seobject.py:479 ++#: ../semanage/seobject.py:481 #, python-format msgid "Could not create login mapping for %s" msgstr "لا يمكن إنشاء مخطط الدخول لـ %s" -#: ../semanage/seobject.py:479 ../semanage/seobject.py:740 -+#: ../semanage/seobject.py:483 ../semanage/seobject.py:744 ++#: ../semanage/seobject.py:485 ../semanage/seobject.py:746 #, python-format msgid "Could not set name for %s" msgstr "لا يمكن ضبط اسم لـ %s" -#: ../semanage/seobject.py:484 ../semanage/seobject.py:750 -+#: ../semanage/seobject.py:488 ../semanage/seobject.py:754 ++#: ../semanage/seobject.py:490 ../semanage/seobject.py:756 #, python-format msgid "Could not set MLS range for %s" msgstr "لا يمكن ضبط مدى MLS لـ %s" -#: ../semanage/seobject.py:488 -+#: ../semanage/seobject.py:492 ++#: ../semanage/seobject.py:494 #, python-format msgid "Could not set SELinux user for %s" msgstr "لا يمكن ضبط مستخدم SELinux لـ %s" -#: ../semanage/seobject.py:492 -+#: ../semanage/seobject.py:496 ++#: ../semanage/seobject.py:498 #, python-format msgid "Could not add login mapping for %s" msgstr "لا يمكن إضافة مخطط الدخول لـ %s" -#: ../semanage/seobject.py:510 -+#: ../semanage/seobject.py:514 ++#: ../semanage/seobject.py:516 msgid "Requires seuser or serange" msgstr "بحاجة إلى seuser أو serange" -#: ../semanage/seobject.py:533 ../semanage/seobject.py:579 -+#: ../semanage/seobject.py:537 ../semanage/seobject.py:583 ++#: ../semanage/seobject.py:539 ../semanage/seobject.py:585 #, python-format msgid "Login mapping for %s is not defined" msgstr "مخطط الدخول لـ %s غير معرّف" -#: ../semanage/seobject.py:537 -+#: ../semanage/seobject.py:541 ++#: ../semanage/seobject.py:543 #, python-format msgid "Could not query seuser for %s" msgstr "لا يمكن استعلام seuser لـ %s" -#: ../semanage/seobject.py:551 -+#: ../semanage/seobject.py:555 ++#: ../semanage/seobject.py:557 #, python-format msgid "Could not modify login mapping for %s" msgstr "لا يمكن تغيير مخطط الدخول لـ %s" -#: ../semanage/seobject.py:585 -+#: ../semanage/seobject.py:589 ++#: ../semanage/seobject.py:591 #, python-format msgid "Login mapping for %s is defined in policy, cannot be deleted" msgstr "تخطيط الدخول لـ %s معرف في السياسة، لا يمكن حذفه" -#: ../semanage/seobject.py:589 -+#: ../semanage/seobject.py:593 ++#: ../semanage/seobject.py:595 #, python-format msgid "Could not delete login mapping for %s" msgstr "لا يمكن حذف تخطيط الدخول لـ %s" -#: ../semanage/seobject.py:611 ../semanage/seobject.py:644 -#: ../semanage/seobject.py:892 -+#: ../semanage/seobject.py:615 ../semanage/seobject.py:648 -+#: ../semanage/seobject.py:896 ++#: ../semanage/seobject.py:617 ../semanage/seobject.py:650 ++#: ../semanage/seobject.py:898 msgid "Could not list login mappings" msgstr "لا يمكن عرض قائمة تخطيطات الدخول" -#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 ++#: ../semanage/seobject.py:678 ../semanage/seobject.py:690 #: ../gui/system-config-selinux.glade:100 msgid "Login Name" msgstr "اسم الدخول" -#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 ++#: ../semanage/seobject.py:678 ../semanage/seobject.py:690 ++#: ../semanage/seobject.py:948 ../semanage/seobject.py:953 #: ../gui/system-config-selinux.glade:128 #: ../gui/system-config-selinux.glade:915 #: ../gui/system-config-selinux.glade:2285 ../gui/usersPage.py:44 @@ -7327,338 +9417,339 @@ index 151ca6a..6010c78 100644 msgstr "مستخدم SELinux" -#: ../semanage/seobject.py:672 ../gui/system-config-selinux.glade:156 -+#: ../semanage/seobject.py:676 ../gui/system-config-selinux.glade:156 ++#: ../semanage/seobject.py:678 ../gui/system-config-selinux.glade:156 #: ../gui/system-config-selinux.glade:943 msgid "MLS/MCS Range" msgstr "مدى MLS/MCS" -#: ../semanage/seobject.py:672 -+#: ../semanage/seobject.py:676 ++#: ../semanage/seobject.py:678 msgid "Service" msgstr "" -#: ../semanage/seobject.py:698 ../semanage/seobject.py:729 -#: ../semanage/seobject.py:796 ../semanage/seobject.py:853 -#: ../semanage/seobject.py:859 -+#: ../semanage/seobject.py:702 ../semanage/seobject.py:733 -+#: ../semanage/seobject.py:800 ../semanage/seobject.py:857 -+#: ../semanage/seobject.py:863 ++#: ../semanage/seobject.py:704 ../semanage/seobject.py:735 ++#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 ++#: ../semanage/seobject.py:865 #, python-format msgid "Could not check if SELinux user %s is defined" msgstr "لا يمكن التحقق من إذا كان مستخدم SELinux %s معرفا" -#: ../semanage/seobject.py:701 ../semanage/seobject.py:802 -#: ../semanage/seobject.py:865 -+#: ../semanage/seobject.py:705 ../semanage/seobject.py:806 -+#: ../semanage/seobject.py:869 ++#: ../semanage/seobject.py:707 ../semanage/seobject.py:808 ++#: ../semanage/seobject.py:871 #, python-format msgid "Could not query user for %s" msgstr "لا يمكن استعلام المستخدم عن %s" -#: ../semanage/seobject.py:721 -+#: ../semanage/seobject.py:725 ++#: ../semanage/seobject.py:727 #, python-format msgid "You must add at least one role for %s" msgstr "يجب إضافة دور واحد على الأقل لـ %s" -#: ../semanage/seobject.py:736 -+#: ../semanage/seobject.py:740 ++#: ../semanage/seobject.py:742 #, python-format msgid "Could not create SELinux user for %s" msgstr "لا يمكن إنشاء مستخدم SELinux لـ %s" -#: ../semanage/seobject.py:745 -+#: ../semanage/seobject.py:749 ++#: ../semanage/seobject.py:751 #, python-format msgid "Could not add role %s for %s" msgstr "لا يمكن إضافة دور %s لـ %s" -#: ../semanage/seobject.py:754 -+#: ../semanage/seobject.py:758 ++#: ../semanage/seobject.py:760 #, python-format msgid "Could not set MLS level for %s" msgstr "لا يمكن ضبط مستوى MLS لـ %s" -#: ../semanage/seobject.py:757 -+#: ../semanage/seobject.py:761 ++#: ../semanage/seobject.py:763 #, python-format msgid "Could not add prefix %s for %s" msgstr "لا يمكن إضافة البادئة %s لـ %s" -#: ../semanage/seobject.py:760 -+#: ../semanage/seobject.py:764 ++#: ../semanage/seobject.py:766 #, python-format msgid "Could not extract key for %s" msgstr "لا يمكن استخراج مفتاح لـ %s" -#: ../semanage/seobject.py:764 -+#: ../semanage/seobject.py:768 ++#: ../semanage/seobject.py:770 #, python-format msgid "Could not add SELinux user %s" msgstr "لا يمكن إضافة مستخدم SELinux %s" -#: ../semanage/seobject.py:786 -+#: ../semanage/seobject.py:790 ++#: ../semanage/seobject.py:792 msgid "Requires prefix, roles, level or range" msgstr "يحتاج إلى بادئة، أدوار، مستويات أو مدى" -#: ../semanage/seobject.py:788 -+#: ../semanage/seobject.py:792 ++#: ../semanage/seobject.py:794 msgid "Requires prefix or roles" msgstr "يحتاج إلى بادئة أو أدوار" -#: ../semanage/seobject.py:798 ../semanage/seobject.py:855 -+#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 ++#: ../semanage/seobject.py:804 ../semanage/seobject.py:861 #, python-format msgid "SELinux user %s is not defined" msgstr "مستخدم SELinux %s غير معرف" -#: ../semanage/seobject.py:827 -+#: ../semanage/seobject.py:831 ++#: ../semanage/seobject.py:833 #, python-format msgid "Could not modify SELinux user %s" msgstr "لا يمكن تعديل مستخدم SELinux %s" -#: ../semanage/seobject.py:861 -+#: ../semanage/seobject.py:865 ++#: ../semanage/seobject.py:867 #, python-format msgid "SELinux user %s is defined in policy, cannot be deleted" msgstr "مستخدم SELinux لـ %s معرف في السياسة، لا يمكن حذفه" -#: ../semanage/seobject.py:872 -+#: ../semanage/seobject.py:876 ++#: ../semanage/seobject.py:878 #, python-format msgid "Could not delete SELinux user %s" msgstr "لا يمكن حذف مستخدم SELinux %s" -#: ../semanage/seobject.py:910 -+#: ../semanage/seobject.py:914 ++#: ../semanage/seobject.py:916 msgid "Could not list SELinux users" msgstr "لا يمكن عرض قائمة مستخدمي SELinux" -#: ../semanage/seobject.py:916 -+#: ../semanage/seobject.py:920 ++#: ../semanage/seobject.py:922 #, python-format msgid "Could not list roles for user %s" msgstr "لا يمكن عرض قائمة أدوار المستخدم %s" -#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 ++#: ../semanage/seobject.py:947 msgid "Labeling" msgstr "عنونة" -#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 ++#: ../semanage/seobject.py:947 msgid "MLS/" msgstr "MLS/" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "Prefix" msgstr "بادئة" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "MCS Level" msgstr "مستوى MSC" -#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 ++#: ../semanage/seobject.py:948 msgid "MCS Range" msgstr "مدى MSC" -#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 ++#: ../semanage/seobject.py:948 ../semanage/seobject.py:953 #: ../gui/system-config-selinux.glade:992 ../gui/usersPage.py:59 msgid "SELinux Roles" msgstr "أدوار SELinux" -#: ../semanage/seobject.py:964 -+#: ../semanage/seobject.py:971 ++#: ../semanage/seobject.py:973 msgid "Protocol udp or tcp is required" msgstr "بروتوكول udp أو tcp مطلوب" -#: ../semanage/seobject.py:966 -+#: ../semanage/seobject.py:973 ++#: ../semanage/seobject.py:975 msgid "Port is required" msgstr "المنفذ مطلوب" -#: ../semanage/seobject.py:976 -+#: ../semanage/seobject.py:983 ++#: ../semanage/seobject.py:985 msgid "Invalid Port" msgstr "" -#: ../semanage/seobject.py:980 -+#: ../semanage/seobject.py:987 ++#: ../semanage/seobject.py:989 #, python-format msgid "Could not create a key for %s/%s" msgstr "لا يمكن إنشاء مفتاح لـ %s/%s" -#: ../semanage/seobject.py:991 -+#: ../semanage/seobject.py:998 ++#: ../semanage/seobject.py:1000 msgid "Type is required" msgstr "النوع مطلوب" -#: ../semanage/seobject.py:994 ../semanage/seobject.py:1056 -#: ../semanage/seobject.py:1814 -+#: ../semanage/seobject.py:1001 ../semanage/seobject.py:1063 -+#: ../semanage/seobject.py:1828 ++#: ../semanage/seobject.py:1003 ../semanage/seobject.py:1065 ++#: ../semanage/seobject.py:1830 #, python-format msgid "Type %s is invalid, must be a port type" msgstr "" -#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062 -#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123 -+#: ../semanage/seobject.py:1007 ../semanage/seobject.py:1069 -+#: ../semanage/seobject.py:1124 ../semanage/seobject.py:1130 ++#: ../semanage/seobject.py:1009 ../semanage/seobject.py:1071 ++#: ../semanage/seobject.py:1126 ../semanage/seobject.py:1132 #, python-format msgid "Could not check if port %s/%s is defined" msgstr "لا يمكن التحقق من إذا كان المنفذ %s/%s معرفا" -#: ../semanage/seobject.py:1002 -+#: ../semanage/seobject.py:1009 ++#: ../semanage/seobject.py:1011 #, python-format msgid "Port %s/%s already defined" msgstr "المنفذ %s/%s معرف مسبقا" -#: ../semanage/seobject.py:1006 -+#: ../semanage/seobject.py:1013 ++#: ../semanage/seobject.py:1015 #, python-format msgid "Could not create port for %s/%s" msgstr "لا يمكن إنشاء منفذ لـ %s/%s" -#: ../semanage/seobject.py:1012 -+#: ../semanage/seobject.py:1019 ++#: ../semanage/seobject.py:1021 #, python-format msgid "Could not create context for %s/%s" msgstr "لا يمكن إنشاء سياق لـ %s/%s" -#: ../semanage/seobject.py:1016 -+#: ../semanage/seobject.py:1023 ++#: ../semanage/seobject.py:1025 #, python-format msgid "Could not set user in port context for %s/%s" msgstr "لا يمكن ضبط مستخدم في سياق المنفذ لـ %s/%s" -#: ../semanage/seobject.py:1020 -+#: ../semanage/seobject.py:1027 ++#: ../semanage/seobject.py:1029 #, python-format msgid "Could not set role in port context for %s/%s" msgstr "لا يمكن ضبط دور في سياق المنفذ لـ %s/%s" -#: ../semanage/seobject.py:1024 -+#: ../semanage/seobject.py:1031 ++#: ../semanage/seobject.py:1033 #, python-format msgid "Could not set type in port context for %s/%s" msgstr "لا يمكن ضبط نوع في سياق المنفذ لـ %s/%s" -#: ../semanage/seobject.py:1029 -+#: ../semanage/seobject.py:1036 ++#: ../semanage/seobject.py:1038 #, python-format msgid "Could not set mls fields in port context for %s/%s" msgstr "لا يمكن ضبط حقل mls في سياق المنفذ لـ %s/%s" -#: ../semanage/seobject.py:1033 -+#: ../semanage/seobject.py:1040 ++#: ../semanage/seobject.py:1042 #, python-format msgid "Could not set port context for %s/%s" msgstr "لا يمكن ضبط سياق المنفذ لـ %s/%s" -#: ../semanage/seobject.py:1037 -+#: ../semanage/seobject.py:1044 ++#: ../semanage/seobject.py:1046 #, python-format msgid "Could not add port %s/%s" msgstr "لا يمكن إضافة المنفذ %s/%s" -#: ../semanage/seobject.py:1051 ../semanage/seobject.py:1324 -#: ../semanage/seobject.py:1523 -+#: ../semanage/seobject.py:1058 ../semanage/seobject.py:1334 -+#: ../semanage/seobject.py:1533 ++#: ../semanage/seobject.py:1060 ../semanage/seobject.py:1336 ++#: ../semanage/seobject.py:1535 msgid "Requires setype or serange" msgstr "يتطلب setype أو serange" -#: ../semanage/seobject.py:1053 -+#: ../semanage/seobject.py:1060 ++#: ../semanage/seobject.py:1062 msgid "Requires setype" msgstr "يتطلب setype" -#: ../semanage/seobject.py:1064 ../semanage/seobject.py:1119 -+#: ../semanage/seobject.py:1071 ../semanage/seobject.py:1126 ++#: ../semanage/seobject.py:1073 ../semanage/seobject.py:1128 #, python-format msgid "Port %s/%s is not defined" msgstr "المنفذ %s/%s غير معرفة" -#: ../semanage/seobject.py:1068 -+#: ../semanage/seobject.py:1075 ++#: ../semanage/seobject.py:1077 #, python-format msgid "Could not query port %s/%s" msgstr "لا يمكن استعلام المنفذ %s/%s" -#: ../semanage/seobject.py:1079 -+#: ../semanage/seobject.py:1086 ++#: ../semanage/seobject.py:1088 #, python-format msgid "Could not modify port %s/%s" msgstr "لا يمكن تعديل المنفذ %s/%s" -#: ../semanage/seobject.py:1092 -+#: ../semanage/seobject.py:1099 ++#: ../semanage/seobject.py:1101 msgid "Could not list the ports" msgstr "لا يمكن عرض قائمة المنافذ" -#: ../semanage/seobject.py:1108 -+#: ../semanage/seobject.py:1115 ++#: ../semanage/seobject.py:1117 #, python-format msgid "Could not delete the port %s" msgstr "لا يمكن حذف المنفذ %s" -#: ../semanage/seobject.py:1125 -+#: ../semanage/seobject.py:1132 ++#: ../semanage/seobject.py:1134 #, python-format msgid "Port %s/%s is defined in policy, cannot be deleted" msgstr "المنفذ %s/%s معرف في السياسة، لا يمكن حذفه" -#: ../semanage/seobject.py:1129 -+#: ../semanage/seobject.py:1136 ++#: ../semanage/seobject.py:1138 #, python-format msgid "Could not delete port %s/%s" msgstr "لا يمكن حذف المنفذ %s/%s" -#: ../semanage/seobject.py:1145 ../semanage/seobject.py:1167 -+#: ../semanage/seobject.py:1152 ../semanage/seobject.py:1174 ++#: ../semanage/seobject.py:1154 ../semanage/seobject.py:1176 msgid "Could not list ports" msgstr "لا يمكن عرض قائمة المنافذ" -#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 ++#: ../semanage/seobject.py:1215 ../sepolicy/sepolicy/sepolicy.glade:915 ++#: ../sepolicy/sepolicy/sepolicy.glade:1014 msgid "SELinux Port Type" msgstr "نوع منفذ SELinux" -#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 ++#: ../semanage/seobject.py:1215 msgid "Proto" msgstr "الأول" -#: ../semanage/seobject.py:1206 ../gui/system-config-selinux.glade:335 -+#: ../semanage/seobject.py:1213 ../gui/system-config-selinux.glade:335 ++#: ../semanage/seobject.py:1215 ../gui/system-config-selinux.glade:335 msgid "Port Number" msgstr "رقم المنفذ" -#: ../semanage/seobject.py:1227 -+#: ../semanage/seobject.py:1237 ++#: ../semanage/seobject.py:1239 msgid "Node Address is required" msgstr "عنوان العقدة مطلوب" -#: ../semanage/seobject.py:1242 -+#: ../semanage/seobject.py:1252 ++#: ../semanage/seobject.py:1254 msgid "Unknown or missing protocol" msgstr "البروتوكول غير معروف أو مفقود" -#: ../semanage/seobject.py:1256 -+#: ../semanage/seobject.py:1266 ++#: ../semanage/seobject.py:1268 msgid "SELinux node type is required" msgstr "" -#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327 -+#: ../semanage/seobject.py:1269 ../semanage/seobject.py:1337 ++#: ../semanage/seobject.py:1271 ../semanage/seobject.py:1339 #, python-format msgid "Type %s is invalid, must be a node type" msgstr "" @@ -7667,277 +9758,277 @@ index 151ca6a..6010c78 100644 -#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465 -#: ../semanage/seobject.py:1527 ../semanage/seobject.py:1561 -#: ../semanage/seobject.py:1759 -+#: ../semanage/seobject.py:1273 ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1377 ../semanage/seobject.py:1475 -+#: ../semanage/seobject.py:1537 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1773 ++#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1343 ++#: ../semanage/seobject.py:1379 ../semanage/seobject.py:1477 ++#: ../semanage/seobject.py:1539 ../semanage/seobject.py:1573 ++#: ../semanage/seobject.py:1775 #, python-format msgid "Could not create key for %s" msgstr "لا يمكن إنشاء مفتاح لـ %s" -#: ../semanage/seobject.py:1265 ../semanage/seobject.py:1335 -#: ../semanage/seobject.py:1371 ../semanage/seobject.py:1377 -+#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1345 -+#: ../semanage/seobject.py:1381 ../semanage/seobject.py:1387 ++#: ../semanage/seobject.py:1277 ../semanage/seobject.py:1347 ++#: ../semanage/seobject.py:1383 ../semanage/seobject.py:1389 #, python-format msgid "Could not check if addr %s is defined" msgstr "لا يمكن التحقق من إذا كان العنوان %s معرفا" -#: ../semanage/seobject.py:1274 -+#: ../semanage/seobject.py:1284 ++#: ../semanage/seobject.py:1286 #, python-format msgid "Could not create addr for %s" msgstr "لا يمكن إنشاء العنوان لـ %s" -#: ../semanage/seobject.py:1280 ../semanage/seobject.py:1481 -#: ../semanage/seobject.py:1714 -+#: ../semanage/seobject.py:1290 ../semanage/seobject.py:1491 -+#: ../semanage/seobject.py:1728 ++#: ../semanage/seobject.py:1292 ../semanage/seobject.py:1493 ++#: ../semanage/seobject.py:1730 #, python-format msgid "Could not create context for %s" msgstr "لا يمكن إنشاء سياق لـ %s" -#: ../semanage/seobject.py:1284 -+#: ../semanage/seobject.py:1294 ++#: ../semanage/seobject.py:1296 #, python-format msgid "Could not set mask for %s" msgstr "لا يمكن ضبط قناع لـ %s" -#: ../semanage/seobject.py:1288 -+#: ../semanage/seobject.py:1298 ++#: ../semanage/seobject.py:1300 #, python-format msgid "Could not set user in addr context for %s" msgstr "لا يمكن ضبط مستخدم في سياق العنوان لـ %s" -#: ../semanage/seobject.py:1292 -+#: ../semanage/seobject.py:1302 ++#: ../semanage/seobject.py:1304 #, python-format msgid "Could not set role in addr context for %s" msgstr "لا يمكن ضبط دور في سياق العنوان لـ %s" -#: ../semanage/seobject.py:1296 -+#: ../semanage/seobject.py:1306 ++#: ../semanage/seobject.py:1308 #, python-format msgid "Could not set type in addr context for %s" msgstr "لا يمكن ضبط نوع في سياق العنوان لـ %s" -#: ../semanage/seobject.py:1301 -+#: ../semanage/seobject.py:1311 ++#: ../semanage/seobject.py:1313 #, python-format msgid "Could not set mls fields in addr context for %s" msgstr "لا يمكن ضبط حقل mls في سياق العنوان لـ %s" -#: ../semanage/seobject.py:1305 -+#: ../semanage/seobject.py:1315 ++#: ../semanage/seobject.py:1317 #, python-format msgid "Could not set addr context for %s" msgstr "لا يمكن ضبط سياق العنوان لـ %s" -#: ../semanage/seobject.py:1309 -+#: ../semanage/seobject.py:1319 ++#: ../semanage/seobject.py:1321 #, python-format msgid "Could not add addr %s" msgstr "لا يمكن إضافة العنوان %s" -#: ../semanage/seobject.py:1337 ../semanage/seobject.py:1373 -+#: ../semanage/seobject.py:1347 ../semanage/seobject.py:1383 ++#: ../semanage/seobject.py:1349 ../semanage/seobject.py:1385 #, python-format msgid "Addr %s is not defined" msgstr "العنوان %s غير معرف" -#: ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1351 ++#: ../semanage/seobject.py:1353 #, python-format msgid "Could not query addr %s" msgstr "لا يمكن استعلام العنوان %s" -#: ../semanage/seobject.py:1351 -+#: ../semanage/seobject.py:1361 ++#: ../semanage/seobject.py:1363 #, python-format msgid "Could not modify addr %s" msgstr "لا يمكن تعديل العنوان %s" -#: ../semanage/seobject.py:1379 -+#: ../semanage/seobject.py:1389 ++#: ../semanage/seobject.py:1391 #, python-format msgid "Addr %s is defined in policy, cannot be deleted" msgstr "العنوان %s معرف في السياسة، لا يمكن حذفه" -#: ../semanage/seobject.py:1383 -+#: ../semanage/seobject.py:1393 ++#: ../semanage/seobject.py:1395 #, python-format msgid "Could not delete addr %s" msgstr "لا يمكن حذف العنوان %s" -#: ../semanage/seobject.py:1395 -+#: ../semanage/seobject.py:1405 ++#: ../semanage/seobject.py:1407 msgid "Could not deleteall node mappings" msgstr "" -#: ../semanage/seobject.py:1409 -+#: ../semanage/seobject.py:1419 ++#: ../semanage/seobject.py:1421 msgid "Could not list addrs" msgstr "لا يمكن عرض قائمة العناوين" -#: ../semanage/seobject.py:1461 ../semanage/seobject.py:1752 -+#: ../semanage/seobject.py:1471 ../semanage/seobject.py:1766 ++#: ../semanage/seobject.py:1473 ../semanage/seobject.py:1768 msgid "SELinux Type is required" msgstr "نوع SELinux مطلوب" -#: ../semanage/seobject.py:1469 ../semanage/seobject.py:1531 -#: ../semanage/seobject.py:1565 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1479 ../semanage/seobject.py:1541 -+#: ../semanage/seobject.py:1575 ../semanage/seobject.py:1581 ++#: ../semanage/seobject.py:1481 ../semanage/seobject.py:1543 ++#: ../semanage/seobject.py:1577 ../semanage/seobject.py:1583 #, python-format msgid "Could not check if interface %s is defined" msgstr "لا يمكن التحقق من إذا كانت الواجهة %s معرفة" -#: ../semanage/seobject.py:1476 -+#: ../semanage/seobject.py:1486 ++#: ../semanage/seobject.py:1488 #, python-format msgid "Could not create interface for %s" msgstr "لا يمكن إنشاء واجهة لـ %s" -#: ../semanage/seobject.py:1485 -+#: ../semanage/seobject.py:1495 ++#: ../semanage/seobject.py:1497 #, python-format msgid "Could not set user in interface context for %s" msgstr "لا يمكن ضبط مستخدم في سياق الواجهة لـ %s" -#: ../semanage/seobject.py:1489 -+#: ../semanage/seobject.py:1499 ++#: ../semanage/seobject.py:1501 #, python-format msgid "Could not set role in interface context for %s" msgstr "لا يمكن ضبط دور في سياق الواجهة لـ %s" -#: ../semanage/seobject.py:1493 -+#: ../semanage/seobject.py:1503 ++#: ../semanage/seobject.py:1505 #, python-format msgid "Could not set type in interface context for %s" msgstr "لا يمكن ضبط نوع في سياق الواجهة لـ %s" -#: ../semanage/seobject.py:1498 -+#: ../semanage/seobject.py:1508 ++#: ../semanage/seobject.py:1510 #, python-format msgid "Could not set mls fields in interface context for %s" msgstr "لا يمكن ضبط حقل mls في سياق الواجهة لـ %s" -#: ../semanage/seobject.py:1502 -+#: ../semanage/seobject.py:1512 ++#: ../semanage/seobject.py:1514 #, python-format msgid "Could not set interface context for %s" msgstr "لا يمكن ضبط سياق المنفذ لـ %s" -#: ../semanage/seobject.py:1506 -+#: ../semanage/seobject.py:1516 ++#: ../semanage/seobject.py:1518 #, python-format msgid "Could not set message context for %s" msgstr "لا يمكن ضبط سياق الرسالة ل%s" -#: ../semanage/seobject.py:1510 -+#: ../semanage/seobject.py:1520 ++#: ../semanage/seobject.py:1522 #, python-format msgid "Could not add interface %s" msgstr "لا يمكن إضافة الواجهة %s" -#: ../semanage/seobject.py:1533 ../semanage/seobject.py:1567 -+#: ../semanage/seobject.py:1543 ../semanage/seobject.py:1577 ++#: ../semanage/seobject.py:1545 ../semanage/seobject.py:1579 #, python-format msgid "Interface %s is not defined" msgstr "الواجهة %s غير معرفة" -#: ../semanage/seobject.py:1537 -+#: ../semanage/seobject.py:1547 ++#: ../semanage/seobject.py:1549 #, python-format msgid "Could not query interface %s" msgstr "لا يمكن استعلام الواجهة %s" -#: ../semanage/seobject.py:1548 -+#: ../semanage/seobject.py:1558 ++#: ../semanage/seobject.py:1560 #, python-format msgid "Could not modify interface %s" msgstr "لا يمكن تعديل الواجهة %s" -#: ../semanage/seobject.py:1573 -+#: ../semanage/seobject.py:1583 ++#: ../semanage/seobject.py:1585 #, python-format msgid "Interface %s is defined in policy, cannot be deleted" msgstr "الواجهة %s معرفة في السياسة، لا يمكن حذفها" -#: ../semanage/seobject.py:1577 -+#: ../semanage/seobject.py:1587 ++#: ../semanage/seobject.py:1589 #, python-format msgid "Could not delete interface %s" msgstr "لا يمكن حذف الواجهة %s" -#: ../semanage/seobject.py:1589 -+#: ../semanage/seobject.py:1599 ++#: ../semanage/seobject.py:1601 msgid "Could not delete all interface mappings" msgstr "" -#: ../semanage/seobject.py:1603 -+#: ../semanage/seobject.py:1613 ++#: ../semanage/seobject.py:1615 msgid "Could not list interfaces" msgstr "لا يمكن عرض قائمة الواجهات" -#: ../semanage/seobject.py:1628 -+#: ../semanage/seobject.py:1638 ++#: ../semanage/seobject.py:1640 msgid "SELinux Interface" msgstr "واجهة SELinux" -#: ../semanage/seobject.py:1628 ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1638 ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1640 ../semanage/seobject.py:1990 msgid "Context" msgstr "سياق" -#: ../semanage/seobject.py:1691 -+#: ../semanage/seobject.py:1705 ++#: ../semanage/seobject.py:1707 #, python-format msgid "Equivalence class for %s already exists" msgstr "" -#: ../semanage/seobject.py:1697 -+#: ../semanage/seobject.py:1711 ++#: ../semanage/seobject.py:1713 #, python-format msgid "File spec %s conflicts with equivalency rule '%s %s'" msgstr "" -#: ../semanage/seobject.py:1706 -+#: ../semanage/seobject.py:1720 ++#: ../semanage/seobject.py:1722 #, python-format msgid "Equivalence class for %s does not exists" msgstr "" -#: ../semanage/seobject.py:1720 -+#: ../semanage/seobject.py:1734 ++#: ../semanage/seobject.py:1736 #, python-format msgid "Could not set user in file context for %s" msgstr "لا يمكن ضبط مستخدم في سياق الملف لـ %s" -#: ../semanage/seobject.py:1724 -+#: ../semanage/seobject.py:1738 ++#: ../semanage/seobject.py:1740 #, python-format msgid "Could not set role in file context for %s" msgstr "لا يمكن ضبط دور في سياق الملف لـ %s" -#: ../semanage/seobject.py:1729 ../semanage/seobject.py:1789 -+#: ../semanage/seobject.py:1743 ../semanage/seobject.py:1803 ++#: ../semanage/seobject.py:1745 ../semanage/seobject.py:1805 #, python-format msgid "Could not set mls fields in file context for %s" msgstr "لا يمكن ضبط حقل mls في سياق الملف لـ %s" -#: ../semanage/seobject.py:1735 -+#: ../semanage/seobject.py:1749 ++#: ../semanage/seobject.py:1751 msgid "Invalid file specification" msgstr "مواصفات ملف خاطئة" -#: ../semanage/seobject.py:1737 -+#: ../semanage/seobject.py:1751 ++#: ../semanage/seobject.py:1753 msgid "File specification can not include spaces" msgstr "" -#: ../semanage/seobject.py:1742 -+#: ../semanage/seobject.py:1756 ++#: ../semanage/seobject.py:1758 #, python-format msgid "" -"File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' " @@ -7946,7 +10037,7 @@ index 151ca6a..6010c78 100644 msgstr "" -#: ../semanage/seobject.py:1755 -+#: ../semanage/seobject.py:1769 ++#: ../semanage/seobject.py:1771 #, python-format msgid "Type %s is invalid, must be a file or device type" msgstr "" @@ -7954,114 +10045,114 @@ index 151ca6a..6010c78 100644 -#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768 -#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906 -#: ../semanage/seobject.py:1910 -+#: ../semanage/seobject.py:1777 ../semanage/seobject.py:1782 -+#: ../semanage/seobject.py:1838 ../semanage/seobject.py:1920 -+#: ../semanage/seobject.py:1924 ++#: ../semanage/seobject.py:1779 ../semanage/seobject.py:1784 ++#: ../semanage/seobject.py:1840 ../semanage/seobject.py:1922 ++#: ../semanage/seobject.py:1926 #, python-format msgid "Could not check if file context for %s is defined" msgstr "لا يمكن التحقق من إذا كان سياق الملف لـ %s معرفا" -#: ../semanage/seobject.py:1776 -+#: ../semanage/seobject.py:1790 ++#: ../semanage/seobject.py:1792 #, python-format msgid "Could not create file context for %s" msgstr "لا يمكن إنشاء سياق الملف لـ %s" -#: ../semanage/seobject.py:1784 -+#: ../semanage/seobject.py:1798 ++#: ../semanage/seobject.py:1800 #, python-format msgid "Could not set type in file context for %s" msgstr "لا يمكن ضبط نوع في سياق الملف لـ %s" -#: ../semanage/seobject.py:1792 ../semanage/seobject.py:1852 -#: ../semanage/seobject.py:1856 -+#: ../semanage/seobject.py:1806 ../semanage/seobject.py:1866 -+#: ../semanage/seobject.py:1870 ++#: ../semanage/seobject.py:1808 ../semanage/seobject.py:1868 ++#: ../semanage/seobject.py:1872 #, python-format msgid "Could not set file context for %s" msgstr "لا يمكن ضبط سياق ملف لـ %s" -#: ../semanage/seobject.py:1798 -+#: ../semanage/seobject.py:1812 ++#: ../semanage/seobject.py:1814 #, python-format msgid "Could not add file context for %s" msgstr "لا يمكن إضافة سياق ملف لـ %s" -#: ../semanage/seobject.py:1812 -+#: ../semanage/seobject.py:1826 ++#: ../semanage/seobject.py:1828 msgid "Requires setype, serange or seuser" msgstr "يتطلب setype، serange أو seuser" -#: ../semanage/seobject.py:1828 ../semanage/seobject.py:1914 -+#: ../semanage/seobject.py:1842 ../semanage/seobject.py:1928 ++#: ../semanage/seobject.py:1844 ../semanage/seobject.py:1930 #, python-format msgid "File context for %s is not defined" msgstr "سياق الملف لـ %s غير معرف" -#: ../semanage/seobject.py:1834 -+#: ../semanage/seobject.py:1848 ++#: ../semanage/seobject.py:1850 #, python-format msgid "Could not query file context for %s" msgstr "لا يمكن استعلام سياق الملف لـ %s" -#: ../semanage/seobject.py:1860 -+#: ../semanage/seobject.py:1874 ++#: ../semanage/seobject.py:1876 #, python-format msgid "Could not modify file context for %s" msgstr "لا يمكن تعديل سياق الملف لـ %s" -#: ../semanage/seobject.py:1873 -+#: ../semanage/seobject.py:1887 ++#: ../semanage/seobject.py:1889 msgid "Could not list the file contexts" msgstr "لا يمكن عرض قائمة سياقات الملفات" -#: ../semanage/seobject.py:1887 -+#: ../semanage/seobject.py:1901 ++#: ../semanage/seobject.py:1903 #, python-format msgid "Could not delete the file context %s" msgstr "لا يمكن حذف سياق الملف %s" -#: ../semanage/seobject.py:1912 -+#: ../semanage/seobject.py:1926 ++#: ../semanage/seobject.py:1928 #, python-format msgid "File context for %s is defined in policy, cannot be deleted" msgstr "سياق الملف لـ %s معرف في السياسة، لا يمكن حذفه" -#: ../semanage/seobject.py:1918 -+#: ../semanage/seobject.py:1932 ++#: ../semanage/seobject.py:1934 #, python-format msgid "Could not delete file context for %s" msgstr "لا يمكن حذف سياق الملف لـ %s" -#: ../semanage/seobject.py:1933 -+#: ../semanage/seobject.py:1947 ++#: ../semanage/seobject.py:1949 msgid "Could not list file contexts" msgstr "لا يمكن عرض قائمة سياقات الملفات" -#: ../semanage/seobject.py:1937 -+#: ../semanage/seobject.py:1951 ++#: ../semanage/seobject.py:1953 msgid "Could not list local file contexts" msgstr "لا يمكن عرض قائمة سياقات الملفات المحلية" -#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1990 msgid "SELinux fcontext" msgstr "SELinux fcontext" -#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 ++#: ../semanage/seobject.py:1990 msgid "type" msgstr "نوع" -#: ../semanage/seobject.py:1987 -+#: ../semanage/seobject.py:2001 ++#: ../semanage/seobject.py:2003 msgid "" "\n" "SELinux Distribution fcontext Equivalence \n" msgstr "" -#: ../semanage/seobject.py:1992 -+#: ../semanage/seobject.py:2006 ++#: ../semanage/seobject.py:2008 msgid "" "\n" "SELinux Local fcontext Equivalence \n" @@ -8069,101 +10160,99 @@ index 151ca6a..6010c78 100644 -#: ../semanage/seobject.py:2028 ../semanage/seobject.py:2079 -#: ../semanage/seobject.py:2085 -+#: ../semanage/seobject.py:2036 -+#, python-format -+msgid "Value Required for %s" -+msgstr "" -+ -+#: ../semanage/seobject.py:2045 ../semanage/seobject.py:2096 -+#: ../semanage/seobject.py:2102 ++#: ../semanage/seobject.py:2044 ../semanage/seobject.py:2095 ++#: ../semanage/seobject.py:2101 #, python-format msgid "Could not check if boolean %s is defined" msgstr "لا يمكن التحقق من إذا كانت القيمة المنطقية %s معرفة" -#: ../semanage/seobject.py:2030 ../semanage/seobject.py:2081 -+#: ../semanage/seobject.py:2047 ../semanage/seobject.py:2098 ++#: ../semanage/seobject.py:2046 ../semanage/seobject.py:2097 #, python-format msgid "Boolean %s is not defined" msgstr "القيمة المنطقية %s غير معرفة" -#: ../semanage/seobject.py:2034 -+#: ../semanage/seobject.py:2051 ++#: ../semanage/seobject.py:2050 #, python-format msgid "Could not query file context %s" msgstr "لا يمكن استعلام سياق الملف %s" -#: ../semanage/seobject.py:2039 -+#: ../semanage/seobject.py:2056 ++#: ../semanage/seobject.py:2055 #, python-format msgid "You must specify one of the following values: %s" msgstr "يجب أن تحدد أحد القيم التالية: %s" -#: ../semanage/seobject.py:2044 -+#: ../semanage/seobject.py:2061 ++#: ../semanage/seobject.py:2060 #, python-format msgid "Could not set active value of boolean %s" msgstr "لا يمكن ضبط القيمة المنطقية النشطة %s" -#: ../semanage/seobject.py:2047 -+#: ../semanage/seobject.py:2064 ++#: ../semanage/seobject.py:2063 #, python-format msgid "Could not modify boolean %s" msgstr "لا يمكن تعديل القيمة المنطقية %s" -#: ../semanage/seobject.py:2063 -+#: ../semanage/seobject.py:2080 ++#: ../semanage/seobject.py:2079 #, python-format msgid "Bad format %s: Record %s" msgstr "بنية خاطئة %s: سجّل %s" -#: ../semanage/seobject.py:2087 -+#: ../semanage/seobject.py:2104 ++#: ../semanage/seobject.py:2103 #, python-format msgid "Boolean %s is defined in policy, cannot be deleted" msgstr "القيمة المنطقية %s معرفة في السياسة، لا يمكن حذفها" -#: ../semanage/seobject.py:2091 -+#: ../semanage/seobject.py:2108 ++#: ../semanage/seobject.py:2107 #, python-format msgid "Could not delete boolean %s" msgstr "لا يمكن حذف القيمة المنطقية %s" -#: ../semanage/seobject.py:2103 ../semanage/seobject.py:2120 -+#: ../semanage/seobject.py:2120 ../semanage/seobject.py:2137 ++#: ../semanage/seobject.py:2119 ../semanage/seobject.py:2136 msgid "Could not list booleans" msgstr "لا يمكن عرض قائمة القيم المنطقية" -#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 ++#: ../semanage/seobject.py:2171 msgid "off" msgstr "إلغاء التشغيل" -#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 ++#: ../semanage/seobject.py:2171 msgid "on" msgstr "تشغيل" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "SELinux boolean" msgstr "قيمة منطقية لـSELinux" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "State" msgstr "" -#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 ++#: ../semanage/seobject.py:2185 msgid "Default" msgstr "" -#: ../semanage/seobject.py:2169 ../gui/polgen.glade:113 -+#: ../semanage/seobject.py:2186 ../gui/polgen.glade:113 - #: ../gui/polgengui.py:269 +-#: ../gui/polgengui.py:269 ++#: ../semanage/seobject.py:2185 ../gui/polgen.glade:113 ++#: ../gui/polgengui.py:274 ../sepolicy/sepolicy/sepolicy.glade:242 ++#: ../sepolicy/sepolicy/sepolicy.glade:638 msgid "Description" msgstr "وصف" -@@ -994,206 +1010,226 @@ msgstr "خطأ! القشرة (Shell) غير صالحة.\n" + +@@ -994,206 +1012,226 @@ msgstr "خطأ! القشرة (Shell) غير صالحة.\n" msgid "Unable to clear environment\n" msgstr "لا يمكن في إخلاء البيئة\n" @@ -8431,7 +10520,7 @@ index 151ca6a..6010c78 100644 msgid "failed to exec shell\n" msgstr "فشل في تنفيذ القشرة (shell)\n" -@@ -1420,7 +1456,7 @@ msgstr "" +@@ -1420,7 +1458,7 @@ msgstr "" msgid "Applications" msgstr "" @@ -8440,7 +10529,7 @@ index 151ca6a..6010c78 100644 msgid "Standard Init Daemon" msgstr "" -@@ -1430,7 +1466,7 @@ msgid "" +@@ -1430,7 +1468,7 @@ msgid "" "requires a script in /etc/rc.d/init.d" msgstr "" @@ -8449,7 +10538,7 @@ index 151ca6a..6010c78 100644 msgid "DBUS System Daemon" msgstr "" -@@ -1442,7 +1478,7 @@ msgstr "" +@@ -1442,7 +1480,7 @@ msgstr "" msgid "Internet Services Daemon are daemons started by xinetd" msgstr "" @@ -8458,7 +10547,7 @@ index 151ca6a..6010c78 100644 msgid "Web Application/Script (CGI)" msgstr "" -@@ -1451,7 +1487,7 @@ msgid "" +@@ -1451,7 +1489,7 @@ msgid "" "Web Applications/Script (CGI) CGI scripts started by the web server (apache)" msgstr "" @@ -8467,7 +10556,7 @@ index 151ca6a..6010c78 100644 msgid "User Application" msgstr "" -@@ -1461,7 +1497,7 @@ msgid "" +@@ -1461,7 +1499,7 @@ msgid "" "started by a user" msgstr "" @@ -8476,7 +10565,7 @@ index 151ca6a..6010c78 100644 msgid "Sandbox" msgstr "" -@@ -1513,8 +1549,8 @@ msgstr "" +@@ -1513,8 +1551,8 @@ msgstr "" #: ../gui/polgen.glade:550 msgid "" @@ -8487,7 +10576,7 @@ index 151ca6a..6010c78 100644 msgstr "" #: ../gui/polgen.glade:592 -@@ -1527,8 +1563,8 @@ msgstr "" +@@ -1527,8 +1565,8 @@ msgstr "" #: ../gui/polgen.glade:627 msgid "" @@ -8498,7 +10587,17 @@ index 151ca6a..6010c78 100644 "the system directly." msgstr "" -@@ -1596,8 +1632,7 @@ msgid "Select the user_roles that will transition to %s:" +@@ -1536,7 +1574,8 @@ msgstr "" + msgid "Enter name of application or user role:" + msgstr "" + +-#: ../gui/polgen.glade:728 ../gui/polgengui.py:267 ++#: ../gui/polgen.glade:728 ../gui/polgengui.py:272 ++#: ../sepolicy/sepolicy/sepolicy.glade:279 + msgid "Name" + msgstr "" + +@@ -1596,8 +1635,7 @@ msgid "Select the user_roles that will transition to %s:" msgstr "" #: ../gui/polgen.glade:1019 @@ -8508,7 +10607,118 @@ index 151ca6a..6010c78 100644 msgstr "" #: ../gui/polgen.glade:1056 -@@ -1906,8 +1941,8 @@ msgid "" +@@ -1752,75 +1790,75 @@ msgstr "" + msgid "Policy Directory" + msgstr "" + +-#: ../gui/polgengui.py:277 ++#: ../gui/polgengui.py:282 + msgid "Role" + msgstr "" + +-#: ../gui/polgengui.py:284 ++#: ../gui/polgengui.py:289 + msgid "Existing_User" + msgstr "" + +-#: ../gui/polgengui.py:298 ../gui/polgengui.py:306 ../gui/polgengui.py:320 ++#: ../gui/polgengui.py:303 ../gui/polgengui.py:311 ../gui/polgengui.py:325 + msgid "Application" + msgstr "" + +-#: ../gui/polgengui.py:363 ++#: ../gui/polgengui.py:370 + #, python-format + msgid "%s must be a directory" + msgstr "" + +-#: ../gui/polgengui.py:423 ../gui/polgengui.py:704 ++#: ../gui/polgengui.py:430 ../gui/polgengui.py:711 + msgid "You must select a user" + msgstr "" + +-#: ../gui/polgengui.py:553 ++#: ../gui/polgengui.py:560 + msgid "Select executable file to be confined." + msgstr "" + +-#: ../gui/polgengui.py:564 ++#: ../gui/polgengui.py:571 + msgid "Select init script file to be confined." + msgstr "" + +-#: ../gui/polgengui.py:574 ++#: ../gui/polgengui.py:581 + msgid "Select file(s) that confined application creates or writes" + msgstr "" + +-#: ../gui/polgengui.py:581 ++#: ../gui/polgengui.py:588 + msgid "Select directory(s) that the confined application owns and writes into" + msgstr "" + +-#: ../gui/polgengui.py:643 ++#: ../gui/polgengui.py:650 + msgid "Select directory to generate policy files in" + msgstr "" + +-#: ../gui/polgengui.py:660 ++#: ../gui/polgengui.py:667 + #, python-format + msgid "" + "Type %s_t already defined in current policy.\n" + "Do you want to continue?" + msgstr "" + +-#: ../gui/polgengui.py:660 ../gui/polgengui.py:664 ++#: ../gui/polgengui.py:667 ../gui/polgengui.py:671 + msgid "Verify Name" + msgstr "" + +-#: ../gui/polgengui.py:664 ++#: ../gui/polgengui.py:671 + #, python-format + msgid "" + "Module %s.pp already loaded in current policy.\n" + "Do you want to continue?" + msgstr "" + +-#: ../gui/polgengui.py:710 ++#: ../gui/polgengui.py:717 + msgid "" + "You must add a name made up of letters and numbers and containing no spaces." + msgstr "" + +-#: ../gui/polgengui.py:724 ++#: ../gui/polgengui.py:731 + msgid "You must enter a executable" + msgstr "" + +-#: ../gui/polgengui.py:749 ../gui/system-config-selinux.py:180 ++#: ../gui/polgengui.py:756 ../gui/system-config-selinux.py:180 + msgid "Configue SELinux" + msgstr "" + +@@ -1835,6 +1873,8 @@ msgid "" + msgstr "" + + #: ../gui/portsPage.py:91 ../gui/system-config-selinux.glade:363 ++#: ../sepolicy/sepolicy/sepolicy.glade:881 ++#: ../sepolicy/sepolicy/sepolicy.glade:980 + msgid "Protocol" + msgstr "" + +@@ -1844,7 +1884,8 @@ msgid "" + "Level" + msgstr "" + +-#: ../gui/portsPage.py:101 ++#: ../gui/portsPage.py:101 ../sepolicy/sepolicy/sepolicy.glade:864 ++#: ../sepolicy/sepolicy/sepolicy.glade:963 + msgid "Port" + msgstr "" + +@@ -1906,8 +1947,8 @@ msgid "" "you later decide to turn SELinux back on, the system will be required to " "relabel. If you just want to see if SELinux is causing a problem on your " "system, you can go to permissive mode which will only log errors and not " @@ -8519,7 +10729,28 @@ index 151ca6a..6010c78 100644 msgstr "" #: ../gui/statusPage.py:152 -@@ -2137,8 +2172,8 @@ msgstr "" +@@ -1974,6 +2015,9 @@ msgid "SELinux Administration" + msgstr "" + + #: ../gui/system-config-selinux.glade:1122 ++#: ../sepolicy/sepolicy/sepolicy.glade:405 ++#: ../sepolicy/sepolicy/sepolicy.glade:819 ++#: ../sepolicy/sepolicy/sepolicy.glade:1156 + msgid "Add" + msgstr "" + +@@ -2043,6 +2087,10 @@ msgstr "" + #: ../gui/system-config-selinux.glade:2467 + #: ../gui/system-config-selinux.glade:2692 + #: ../gui/system-config-selinux.glade:2867 ++#: ../sepolicy/sepolicy/sepolicy.glade:157 ++#: ../sepolicy/sepolicy/sepolicy.glade:326 ++#: ../sepolicy/sepolicy/sepolicy.glade:733 ++#: ../sepolicy/sepolicy/sepolicy.glade:1081 + msgid "Filter" + msgstr "" + +@@ -2137,8 +2185,8 @@ msgstr "" #: ../gui/system-config-selinux.glade:2661 msgid "" @@ -8530,203 +10761,198 @@ index 151ca6a..6010c78 100644 msgstr "" #: ../gui/system-config-selinux.glade:2781 -@@ -2166,261 +2201,322 @@ msgstr "" +@@ -2166,1321 +2214,1868 @@ msgstr "" msgid "SELinux user '%s' is required" msgstr "" -#: ../sepolicy/sepolicy.py:202 -+#: ../sepolicy/sepolicy.py:183 -+#, fuzzy, python-format -+msgid "Interface %s does not exist." -+msgstr "الواجهة %s غير معرفة" -+ -+#: ../sepolicy/sepolicy.py:267 - msgid "Generate SELinux man pages" +-msgid "Generate SELinux man pages" ++#: booleans.py:1 ++msgid "" ++"Allow ABRT to modify public files used for public file transfer services." msgstr "" -#: ../sepolicy/sepolicy.py:205 -+#: ../sepolicy/sepolicy.py:270 - msgid "path in which the generated SELinux man pages will be stored" +-msgid "path in which the generated SELinux man pages will be stored" ++#: booleans.py:2 ++msgid "" ++"Allow ABRT to run in abrt_handle_event_t domain to handle ABRT event scripts" msgstr "" -#: ../sepolicy/sepolicy.py:207 -+#: ../sepolicy/sepolicy.py:272 - msgid "name of the OS for man pages" +-msgid "name of the OS for man pages" ++#: booleans.py:3 ++msgid "Allow antivirus programs to read non security files on a system" msgstr "" -#: ../sepolicy/sepolicy.py:209 -+#: ../sepolicy/sepolicy.py:274 - msgid "Generate HTML man pages structure for selected SELinux man page" +-msgid "Generate HTML man pages structure for selected SELinux man page" ++#: booleans.py:4 ++msgid "Determine whether can antivirus programs use JIT compiler." msgstr "" -#: ../sepolicy/sepolicy.py:213 -+#: ../sepolicy/sepolicy.py:276 -+msgid "Alternate root directory, defaults to /" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:280 - msgid "All domains" +-msgid "All domains" ++#: booleans.py:5 ++msgid "Allow auditadm to exec content" msgstr "" -#: ../sepolicy/sepolicy.py:216 -+#: ../sepolicy/sepolicy.py:283 - msgid "Domain name(s) of man pages to be created" +-msgid "Domain name(s) of man pages to be created" ++#: booleans.py:6 ++msgid "" ++"Allow users to resolve user passwd entries directly from ldap rather then " ++"using a sssd server" msgstr "" -#: ../sepolicy/sepolicy.py:221 -+#: ../sepolicy/sepolicy.py:288 - msgid "Query SELinux policy network information" +-msgid "Query SELinux policy network information" ++#: booleans.py:7 ++msgid "Allow users to login using a radius server" msgstr "" -#: ../sepolicy/sepolicy.py:226 -+#: ../sepolicy/sepolicy.py:293 - msgid "list all SELinux port types" +-msgid "list all SELinux port types" ++#: booleans.py:8 ++msgid "Allow users to login using a yubikey server" msgstr "" -#: ../sepolicy/sepolicy.py:229 -+#: ../sepolicy/sepolicy.py:296 - msgid "show SELinux type related to the port" +-msgid "show SELinux type related to the port" ++#: booleans.py:9 ++msgid "Determine whether awstats can purge httpd log files." msgstr "" -#: ../sepolicy/sepolicy.py:232 -+#: ../sepolicy/sepolicy.py:299 - msgid "Show ports defined for this SELinux type" +-msgid "Show ports defined for this SELinux type" ++#: booleans.py:10 ++msgid "" ++"Determine whether cdrecord can read various content. nfs, samba, removable " ++"devices, user temp and untrusted content files" msgstr "" -#: ../sepolicy/sepolicy.py:235 -+#: ../sepolicy/sepolicy.py:302 - msgid "show ports to which this domain can bind and/or connect" +-msgid "show ports to which this domain can bind and/or connect" ++#: booleans.py:11 ++msgid "" ++"Allow cluster administrative domains to connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:250 -+#: ../sepolicy/sepolicy.py:317 - msgid "query SELinux policy to see if domains can communicate with each other" +-msgid "query SELinux policy to see if domains can communicate with each other" ++#: booleans.py:12 ++msgid "Allow cluster administrative domains to manage all files on a system." msgstr "" -#: ../sepolicy/sepolicy.py:253 -+#: ../sepolicy/sepolicy.py:320 - msgid "Source Domain" +-msgid "Source Domain" ++#: booleans.py:13 ++msgid "" ++"Allow cluster administrative cluster domains memcheck-amd64- to use " ++"executable memory" msgstr "" -#: ../sepolicy/sepolicy.py:256 -+#: ../sepolicy/sepolicy.py:323 - msgid "Target Domain" +-msgid "Target Domain" ++#: booleans.py:14 ++msgid "" ++"Determine whether Cobbler can modify public files used for public file " ++"transfer services." msgstr "" -#: ../sepolicy/sepolicy.py:276 -+#: ../sepolicy/sepolicy.py:342 - msgid "query SELinux Policy to see description of booleans" +-msgid "query SELinux Policy to see description of booleans" ++#: booleans.py:15 ++msgid "Determine whether Cobbler can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:280 -+#: ../sepolicy/sepolicy.py:346 - msgid "get all booleans descriptions" +-msgid "get all booleans descriptions" ++#: booleans.py:16 ++msgid "Determine whether Cobbler can access cifs file systems." msgstr "" -#: ../sepolicy/sepolicy.py:282 -+#: ../sepolicy/sepolicy.py:349 - msgid "boolean to get description" +-msgid "boolean to get description" ++#: booleans.py:17 ++msgid "Determine whether Cobbler can access nfs file systems." msgstr "" -#: ../sepolicy/sepolicy.py:301 -+#: ../sepolicy/sepolicy.py:359 - msgid "" - "query SELinux Policy to see how a source process domain can transition to " - "the target process domain" +-msgid "" +-"query SELinux Policy to see how a source process domain can transition to " +-"the target process domain" ++#: booleans.py:18 ++msgid "Determine whether collectd can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:304 -+#: ../sepolicy/sepolicy.py:362 - msgid "source process domain" +-msgid "source process domain" ++#: booleans.py:19 ++msgid "Determine whether Condor can connect to the network using TCP." msgstr "" -#: ../sepolicy/sepolicy.py:307 -+#: ../sepolicy/sepolicy.py:365 - msgid "target process domain" +-msgid "target process domain" ++#: booleans.py:20 ++msgid "" ++"Allow system cron jobs to relabel filesystem for restoring file contexts." msgstr "" -#: ../sepolicy/sepolicy.py:327 -+#: ../sepolicy/sepolicy.py:408 -+#, python-format -+msgid "sepolicy generate: error: one of the arguments %s is required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:413 - msgid "Command required for this type of policy" +-msgid "Command required for this type of policy" ++#: booleans.py:21 ++msgid "Determine whether cvs can read shadow password files." msgstr "" -#: ../sepolicy/sepolicy.py:347 -+#: ../sepolicy/sepolicy.py:424 -+msgid "" -+"-t option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:429 -+msgid "" -+"-d option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:433 -+msgid "" -+"-a option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:452 - msgid "List SELinux Policy interfaces" +-msgid "List SELinux Policy interfaces" ++#: booleans.py:22 ++msgid "Allow all daemons to write corefiles to /" msgstr "" -#: ../sepolicy/sepolicy.py:362 -+#: ../sepolicy/sepolicy.py:470 -+msgid "Enter interface names, you wish to query" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:479 - msgid "Generate SELinux Policy module template" +-msgid "Generate SELinux Policy module template" ++#: booleans.py:23 ++msgid "Allow all daemons to use tcp wrappers." msgstr "" -#: ../sepolicy/sepolicy.py:365 -+#: ../sepolicy/sepolicy.py:482 - msgid "Enter domain type which you will be extending" +-msgid "Enter domain type which you will be extending" ++#: booleans.py:24 ++msgid "Allow all daemons the ability to read/write terminals" msgstr "" -#: ../sepolicy/sepolicy.py:368 -+#: ../sepolicy/sepolicy.py:485 - msgid "Enter SELinux user(s) which will transition to this domain" +-msgid "Enter SELinux user(s) which will transition to this domain" ++#: booleans.py:25 ++msgid "Determine whether dbadm can manage generic user files." msgstr "" -#: ../sepolicy/sepolicy.py:371 -+#: ../sepolicy/sepolicy.py:488 - msgid "Enter domain(s) that this confined admin will administrate" +-msgid "Enter domain(s) that this confined admin will administrate" ++#: booleans.py:26 ++msgid "Determine whether dbadm can read generic user files." msgstr "" -#: ../sepolicy/sepolicy.py:374 -+#: ../sepolicy/sepolicy.py:491 - msgid "name of policy to generate" +-msgid "name of policy to generate" ++#: booleans.py:27 ++msgid "" ++"Deny user domains applications to map a memory region as both executable and " ++"writable, this is dangerous and the executable should be reported in bugzilla" msgstr "" -#: ../sepolicy/sepolicy.py:378 -+#: ../sepolicy/sepolicy.py:498 - msgid "path in which the generated policy files will be stored" +-msgid "path in which the generated policy files will be stored" ++#: booleans.py:28 ++msgid "Deny any process from ptracing or debugging any other processes." msgstr "" -#: ../sepolicy/sepolicy.py:380 -msgid "executable to confine" -+#: ../sepolicy/sepolicy.py:500 -+msgid "path to which the confined processes will need to write" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:501 -+msgid "Policy types which require a command" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:505 ../sepolicy/sepolicy.py:508 -+#: ../sepolicy/sepolicy.py:511 ../sepolicy/sepolicy.py:514 -+#: ../sepolicy/sepolicy.py:517 ../sepolicy/sepolicy.py:523 -+#: ../sepolicy/sepolicy.py:526 ../sepolicy/sepolicy.py:529 -+#: ../sepolicy/sepolicy.py:535 ../sepolicy/sepolicy.py:538 -+#: ../sepolicy/sepolicy.py:541 ../sepolicy/sepolicy.py:544 -+#, python-format -+msgid "Generate '%s' policy" ++#: booleans.py:29 ++msgid "Allow dhcpc client applications to execute iptables commands" msgstr "" -#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387 @@ -8735,1572 +10961,2385 @@ index 151ca6a..6010c78 100644 -#: ../sepolicy/sepolicy.py:402 ../sepolicy/sepolicy.py:405 -#: ../sepolicy/sepolicy.py:408 ../sepolicy/sepolicy.py:411 -#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 -+#: ../sepolicy/sepolicy.py:532 - #, python-format +-#, python-format -msgid "Generate Policy for %s" -+msgid "Generate '%s' policy " -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:546 -+msgid "executable to confine" - msgstr "" - --#: ../sepolicy/sepolicy.py:422 -+#: ../sepolicy/sepolicy.py:551 - msgid "commands" - msgstr "" - --#: ../sepolicy/sepolicy.py:425 -+#: ../sepolicy/sepolicy.py:554 - msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:48 -+#: ../sepolicy/sepolicy/__init__.py:72 - msgid "No SELinux Policy installed" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:54 -+#: ../sepolicy/sepolicy/__init__.py:243 - #, python-format - msgid "Failed to read %s policy file" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:127 -+#: ../sepolicy/sepolicy/__init__.py:302 - msgid "unknown" - msgstr "غير معروف" - --#: ../sepolicy/sepolicy/generate.py:173 -+#: ../sepolicy/sepolicy/generate.py:132 - msgid "Internet Services Daemon" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:177 -+#: ../sepolicy/sepolicy/generate.py:136 - msgid "Existing Domain Type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:178 -+#: ../sepolicy/sepolicy/generate.py:137 - msgid "Minimal Terminal Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:179 -+#: ../sepolicy/sepolicy/generate.py:138 - msgid "Minimal X Windows Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:180 -+#: ../sepolicy/sepolicy/generate.py:139 - msgid "Desktop Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:181 -+#: ../sepolicy/sepolicy/generate.py:140 - msgid "Administrator Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:182 -+#: ../sepolicy/sepolicy/generate.py:141 - msgid "Confined Root Administrator Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:187 -+#: ../sepolicy/sepolicy/generate.py:142 -+msgid "Module information for a new type" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:147 - msgid "Valid Types:\n" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:221 -+#: ../sepolicy/sepolicy/generate.py:181 - #, python-format - msgid "Ports must be numbers or ranges of numbers from 1 to %d " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:231 -+#: ../sepolicy/sepolicy/generate.py:192 - msgid "You must enter a valid policy type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:234 -+#: ../sepolicy/sepolicy/generate.py:195 - #, python-format - msgid "You must enter a name for your policy module for your %s." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:355 -+#: ../sepolicy/sepolicy/generate.py:327 - msgid "" - "Name must be alpha numberic with no spaces. Consider using option \"-n " - "MODULENAME\"" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:447 -+#: ../sepolicy/sepolicy/generate.py:419 - msgid "User Role types can not be assigned executables." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:453 -+#: ../sepolicy/sepolicy/generate.py:425 - msgid "Only Daemon apps can use an init script.." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:471 -+#: ../sepolicy/sepolicy/generate.py:443 - msgid "use_resolve must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:477 -+#: ../sepolicy/sepolicy/generate.py:449 - msgid "use_syslog must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:483 -+#: ../sepolicy/sepolicy/generate.py:455 - msgid "use_kerberos must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:489 -+#: ../sepolicy/sepolicy/generate.py:461 - msgid "manage_krb5_rcache must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:519 -+#: ../sepolicy/sepolicy/generate.py:491 - msgid "USER Types automatically get a tmp type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:857 -+#: ../sepolicy/sepolicy/generate.py:832 - #, python-format - msgid "%s policy modules require existing domains" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1059 -+#: ../sepolicy/sepolicy/generate.py:857 -+msgid "Type field required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:869 -+#, python-format -+msgid "" -+"You need to define a new type which ends with: \n" -+" %s" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:1088 - msgid "You must enter the executable path for your confined process" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1321 -+#: ../sepolicy/sepolicy/generate.py:1351 - msgid "Type Enforcement file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1322 -+#: ../sepolicy/sepolicy/generate.py:1352 - msgid "Interface file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1323 -+#: ../sepolicy/sepolicy/generate.py:1353 - msgid "File Contexts file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1324 -+#: ../sepolicy/sepolicy/generate.py:1354 - msgid "Spec file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1325 -+#: ../sepolicy/sepolicy/generate.py:1355 - msgid "Setup Script" - msgstr "" - -@@ -2435,11 +2531,11 @@ msgid "" - msgstr "" - - #: booleans.py:3 --msgid "Allow amavis to use JIT compiler" -+msgid "Allow antivirus programs to read non security files on a system" - msgstr "" - - #: booleans.py:4 --msgid "Allow antivirus programs to read non security files on a system" -+msgid "Determine whether can antivirus programs use JIT compiler." - msgstr "" - - #: booleans.py:5 -@@ -2461,50 +2557,54 @@ msgid "Allow users to login using a yubikey server" - msgstr "" - - #: booleans.py:9 --msgid "Allow awstats to purge Apache logs" -+msgid "Determine whether awstats can purge httpd log files." - msgstr "" - - #: booleans.py:10 - msgid "" --"Allow cdrecord to read various content. nfs, samba, removable devices, user " --"temp and untrusted content files" -+"Determine whether cdrecord can read various content. nfs, samba, removable " -+"devices, user temp and untrusted content files" - msgstr "" - - #: booleans.py:11 --msgid "Allow clamd to use JIT compiler" -+msgid "" -+"Allow cluster administrative domains to connect to the network using TCP." - msgstr "" - - #: booleans.py:12 --msgid "Allow clamscan to non security files on a system" -+msgid "Allow cluster administrative domains to manage all files on a system." - msgstr "" - - #: booleans.py:13 --msgid "Allow clamscan to read user content" -+msgid "" -+"Allow cluster administrative cluster domains memcheck-amd64- to use " -+"executable memory" - msgstr "" - - #: booleans.py:14 - msgid "" --"Allow Cobbler to modify public files used for public file transfer services." -+"Determine whether Cobbler can modify public files used for public file " -+"transfer services." - msgstr "" - - #: booleans.py:15 --msgid "Allow Cobbler to connect to the network using TCP." -+msgid "Determine whether Cobbler can connect to the network using TCP." - msgstr "" - - #: booleans.py:16 --msgid "Allow Cobbler to access cifs file systems." -+msgid "Determine whether Cobbler can access cifs file systems." - msgstr "" - - #: booleans.py:17 --msgid "Allow Cobbler to access nfs file systems." -+msgid "Determine whether Cobbler can access nfs file systems." - msgstr "" - - #: booleans.py:18 --msgid "Allow collectd to connect to the network using TCP." -+msgid "Determine whether collectd can connect to the network using TCP." - msgstr "" - - #: booleans.py:19 --msgid "Allow codnor domain to connect to the network using TCP." -+msgid "Determine whether Condor can connect to the network using TCP." - msgstr "" - - #: booleans.py:20 -@@ -2513,7 +2613,7 @@ msgid "" - msgstr "" - - #: booleans.py:21 --msgid "Allow cvs daemon to read shadow" -+msgid "Determine whether cvs can read shadow password files." - msgstr "" - - #: booleans.py:22 -@@ -2529,957 +2629,1000 @@ msgid "Allow all daemons the ability to read/write terminals" - msgstr "" - - #: booleans.py:25 --msgid "Allow dan to manage user files" -+msgid "Determine whether dbadm can manage generic user files." - msgstr "" - - #: booleans.py:26 --msgid "Allow dan to read user files" -+msgid "Determine whether dbadm can read generic user files." - msgstr "" - - #: booleans.py:27 --msgid "Allow dbadm to manage files in users home directories" -+msgid "" -+"Deny user domains applications to map a memory region as both executable and " -+"writable, this is dangerous and the executable should be reported in bugzilla" - msgstr "" - - #: booleans.py:28 --msgid "Allow dbadm to read files in users home directories" -+msgid "Deny any process from ptracing or debugging any other processes." - msgstr "" - - #: booleans.py:29 --msgid "" --"Deny user domains applications to map a memory region as both executable and" --" writable, this is dangerous and the executable should be reported in " --"bugzilla" -+msgid "Allow dhcpc client applications to execute iptables commands" - msgstr "" - - #: booleans.py:30 --msgid "Allow sysadm to debug or ptrace all processes." ++#: booleans.py:30 +msgid "Determine whether DHCP daemon can use LDAP backends." msgstr "" - #: booleans.py:31 --msgid "Allow dhcpc client applications to execute iptables commands" +-#: ../sepolicy/sepolicy.py:422 +-msgid "commands" ++#: booleans.py:31 +msgid "Allow all domains to use other domains file descriptors" msgstr "" - #: booleans.py:32 --msgid "Allow DHCP daemon to use LDAP backends" +-#: ../sepolicy/sepolicy.py:425 +-msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" ++#: booleans.py:32 +msgid "Allow all domains to have the kernel load modules" msgstr "" - #: booleans.py:33 --msgid "Allow all domains to use other domains file descriptors" +-#: ../sepolicy/sepolicy/__init__.py:48 +-msgid "No SELinux Policy installed" ++#: booleans.py:33 +msgid "" +"Determine whether entropyd can use audio devices as the source for the " +"entropy feeds." msgstr "" - #: booleans.py:34 --msgid "Allow all domains to have the kernel load modules" +-#: ../sepolicy/sepolicy/__init__.py:54 +-#, python-format +-msgid "Failed to read %s policy file" ++#: booleans.py:34 +msgid "Determine whether exim can connect to databases." msgstr "" - #: booleans.py:35 --msgid "Allow the use of the audio devices as the source for the entropy feeds" +-#: ../sepolicy/sepolicy/__init__.py:127 +-msgid "unknown" +-msgstr "غير معروف" ++#: booleans.py:35 +msgid "" +"Determine whether exim can create, read, write, and delete generic user " +"content files." - msgstr "" ++msgstr "" - #: booleans.py:36 --msgid "Allow exim to connect to databases (postgres, mysql)" +-#: ../sepolicy/sepolicy/generate.py:173 +-msgid "Internet Services Daemon" ++#: booleans.py:36 +msgid "Determine whether exim can read generic user content files." msgstr "" - #: booleans.py:37 --msgid "Allow exim to create, read, write, and delete unprivileged user files." +-#: ../sepolicy/sepolicy/generate.py:177 +-msgid "Existing Domain Type" ++#: booleans.py:37 +msgid "Enable extra rules in the cron domain to support fcron." msgstr "" - #: booleans.py:38 --msgid "Allow exim to read unprivileged user files." +-#: ../sepolicy/sepolicy/generate.py:178 +-msgid "Minimal Terminal Login User Role" ++#: booleans.py:38 +msgid "Determine whether fenced can connect to the TCP network." msgstr "" - #: booleans.py:39 --msgid "Enable extra rules in the cron domain to support fcron." +-#: ../sepolicy/sepolicy/generate.py:179 +-msgid "Minimal X Windows Login User Role" ++#: booleans.py:39 +msgid "Determine whether fenced can use ssh." msgstr "" - #: booleans.py:40 --msgid "Allow fenced domain to connect to the network using TCP." +-#: ../sepolicy/sepolicy/generate.py:180 +-msgid "Desktop Login User Role" ++#: booleans.py:40 +msgid "Allow all domains to execute in fips_mode" msgstr "" - #: booleans.py:41 --msgid "Allow fenced domain to execute ssh." +-#: ../sepolicy/sepolicy/generate.py:181 +-msgid "Administrator Login User Role" ++#: booleans.py:41 +msgid "" +"Determine whether ftpd can read and write files in user home directories." msgstr "" - #: booleans.py:42 --msgid "Allow all domains to execute in fips_mode" +-#: ../sepolicy/sepolicy/generate.py:182 +-msgid "Confined Root Administrator Role" ++#: booleans.py:42 +msgid "" +"Determine whether ftpd can modify public files used for public file transfer " +"services. Directories/Files must be labeled public_content_rw_t." msgstr "" - #: booleans.py:43 --msgid "Allow ftp to read and write files in the user home directories" +-#: ../sepolicy/sepolicy/generate.py:187 +-msgid "Valid Types:\n" ++#: booleans.py:43 +msgid "Determine whether ftpd can connect to all unreserved ports." msgstr "" - #: booleans.py:44 --msgid "" --"Allow ftp servers to upload files, used for public file transfer services. " --"Directories must be labeled public_content_rw_t." +-#: ../sepolicy/sepolicy/generate.py:221 +-#, python-format +-msgid "Ports must be numbers or ranges of numbers from 1 to %d " ++#: booleans.py:44 +msgid "Determine whether ftpd can connect to databases over the TCP network." msgstr "" - #: booleans.py:45 --msgid "Allow ftp servers to connect to all ports > 1023" +-#: ../sepolicy/sepolicy/generate.py:231 +-msgid "You must enter a valid policy type" ++#: booleans.py:45 +msgid "" +"Determine whether ftpd can login to local users and can read and write all " +"files on the system, governed by DAC." msgstr "" - #: booleans.py:46 --msgid "Allow ftp servers to connect to mysql database ports" +-#: ../sepolicy/sepolicy/generate.py:234 +-#, python-format +-msgid "You must enter a name for your policy module for your %s." ++#: booleans.py:46 +msgid "" +"Determine whether ftpd can use CIFS used for public file transfer services." ++msgstr "" ++ ++#: booleans.py:47 booleans.py:170 ++msgid "Allow samba to export ntfs/fusefs volumes." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:355 ++#: booleans.py:48 + msgid "" +-"Name must be alpha numberic with no spaces. Consider using option \"-n " +-"MODULENAME\"" ++"Determine whether ftpd can use NFS used for public file transfer services." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:447 +-msgid "User Role types can not be assigned executables." ++#: booleans.py:49 ++msgid "" ++"Determine whether ftpd can bind to all unreserved ports for passive mode." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:453 +-msgid "Only Daemon apps can use an init script.." ++#: booleans.py:50 ++msgid "Determine whether Git CGI can search home directories." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:471 +-msgid "use_resolve must be a boolean value " ++#: booleans.py:51 ++msgid "Determine whether Git CGI can access cifs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:477 +-msgid "use_syslog must be a boolean value " ++#: booleans.py:52 ++msgid "Determine whether Git CGI can access nfs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:483 +-msgid "use_kerberos must be a boolean value " ++#: booleans.py:53 ++msgid "" ++"Determine whether Git session daemon can bind TCP sockets to all unreserved " ++"ports." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:489 +-msgid "manage_krb5_rcache must be a boolean value " ++#: booleans.py:54 ++msgid "" ++"Determine whether calling user domains can execute Git daemon in the " ++"git_session_t domain." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:519 +-msgid "USER Types automatically get a tmp type" ++#: booleans.py:55 ++msgid "Determine whether Git system daemon can search home directories." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:857 +-#, python-format +-msgid "%s policy modules require existing domains" ++#: booleans.py:56 ++msgid "Determine whether Git system daemon can access cifs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1059 +-msgid "You must enter the executable path for your confined process" ++#: booleans.py:57 ++msgid "Determine whether Git system daemon can access nfs file systems." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1321 +-msgid "Type Enforcement file" ++#: booleans.py:58 ++msgid "Determine whether Gitosis can send mail." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1322 +-msgid "Interface file" ++#: booleans.py:59 ++msgid "Enable reading of urandom for all domains." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1323 +-msgid "File Contexts file" ++#: booleans.py:60 ++msgid "" ++"Allow glusterfsd to modify public files used for public file transfer " ++"services. Files/Directories must be labeled public_content_rw_t." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1324 +-msgid "Spec file" ++#: booleans.py:61 ++msgid "Allow glusterfsd to share any file/directory read only." + msgstr "" + +-#: ../sepolicy/sepolicy/generate.py:1325 +-msgid "Setup Script" ++#: booleans.py:62 ++msgid "Allow glusterfsd to share any file/directory read/write." + msgstr "" + +-#: booleans.py:1 ++#: booleans.py:63 + msgid "" +-"Allow ABRT to modify public files used for public file transfer services." ++"Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" ++"agent to manage user files." + msgstr "" + +-#: booleans.py:2 ++#: booleans.py:64 + msgid "" +-"Allow ABRT to run in abrt_handle_event_t domain to handle ABRT event scripts" ++"Allow gpg web domain to modify public files used for public file transfer " ++"services." + msgstr "" + +-#: booleans.py:3 +-msgid "Allow amavis to use JIT compiler" ++#: booleans.py:65 ++msgid "Allow gssd to read temp directory. For access to kerberos tgt." + msgstr "" + +-#: booleans.py:4 +-msgid "Allow antivirus programs to read non security files on a system" ++#: booleans.py:66 ++msgid "Allow guest to exec content" + msgstr "" + +-#: booleans.py:5 +-msgid "Allow auditadm to exec content" ++#: booleans.py:67 ++msgid "" ++"Allow Apache to modify public files used for public file transfer services. " ++"Directories/Files must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:68 ++msgid "Allow httpd to use built in scripting (usually php)" ++msgstr "" ++ ++#: booleans.py:69 ++msgid "Allow http daemon to check spam" ++msgstr "" ++ ++#: booleans.py:70 ++msgid "" ++"Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " ++"ports" ++msgstr "" ++ ++#: booleans.py:71 ++msgid "Allow httpd to connect to the ldap port" ++msgstr "" ++ ++#: booleans.py:72 ++msgid "Allow http daemon to connect to mythtv" ++msgstr "" ++ ++#: booleans.py:73 ++msgid "Allow http daemon to connect to zabbix" ++msgstr "" ++ ++#: booleans.py:74 ++msgid "Allow HTTPD scripts and modules to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:75 ++msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." ++msgstr "" ++ ++#: booleans.py:76 ++msgid "" ++"Allow HTTPD scripts and modules to connect to databases over the network." ++msgstr "" ++ ++#: booleans.py:77 ++msgid "Allow httpd to connect to memcache server" ++msgstr "" ++ ++#: booleans.py:78 ++msgid "Allow httpd to act as a relay" ++msgstr "" ++ ++#: booleans.py:79 ++msgid "Allow http daemon to send mail" ++msgstr "" ++ ++#: booleans.py:80 ++msgid "Allow Apache to communicate with avahi service via dbus" ++msgstr "" ++ ++#: booleans.py:81 ++msgid "Allow httpd cgi support" ++msgstr "" ++ ++#: booleans.py:82 ++msgid "Allow httpd to act as a FTP server by listening on the ftp port." ++msgstr "" ++ ++#: booleans.py:83 ++msgid "Allow httpd to read home directories" ++msgstr "" ++ ++#: booleans.py:84 ++msgid "Allow httpd scripts and modules execmem/execstack" ++msgstr "" ++ ++#: booleans.py:85 ++msgid "Allow HTTPD to connect to port 80 for graceful shutdown" ++msgstr "" ++ ++#: booleans.py:86 ++msgid "Allow httpd processes to manage IPA content" ++msgstr "" ++ ++#: booleans.py:87 ++msgid "Allow Apache to use mod_auth_ntlm_winbind" ++msgstr "" ++ ++#: booleans.py:88 ++msgid "Allow Apache to use mod_auth_pam" ++msgstr "" ++ ++#: booleans.py:89 ++msgid "Allow httpd to read user content" ++msgstr "" ++ ++#: booleans.py:90 ++msgid "Allow Apache to run in stickshift mode, not transition to passenger" ++msgstr "" ++ ++#: booleans.py:91 ++msgid "Allow HTTPD scripts and modules to server cobbler files." ++msgstr "" ++ ++#: booleans.py:92 ++msgid "Allow httpd daemon to change its resource limits" ++msgstr "" ++ ++#: booleans.py:93 ++msgid "" ++"Allow HTTPD to run SSI executables in the same domain as system CGI scripts." ++msgstr "" ++ ++#: booleans.py:94 ++msgid "" ++"Allow apache scripts to write to public content, directories/files must be " ++"labeled public_rw_content_t." ++msgstr "" ++ ++#: booleans.py:95 ++msgid "Allow Apache to execute tmp content." ++msgstr "" ++ ++#: booleans.py:96 ++msgid "" ++"Unify HTTPD to communicate with the terminal. Needed for entering the " ++"passphrase for certificates at the terminal." ++msgstr "" ++ ++#: booleans.py:97 ++msgid "Unify HTTPD handling of all content files." ++msgstr "" ++ ++#: booleans.py:98 ++msgid "Allow httpd to access cifs file systems" ++msgstr "" ++ ++#: booleans.py:99 ++msgid "Allow httpd to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:100 ++msgid "Allow httpd to run gpg" ++msgstr "" ++ ++#: booleans.py:101 ++msgid "Allow httpd to access nfs file systems" ++msgstr "" ++ ++#: booleans.py:102 ++msgid "Allow httpd to access openstack ports" ++msgstr "" ++ ++#: booleans.py:103 ++msgid "Allow httpd to connect to sasl" ++msgstr "" ++ ++#: booleans.py:104 ++msgid "Allow Apache to query NS records" ++msgstr "" ++ ++#: booleans.py:105 ++msgid "Determine whether icecast can listen on and connect to any TCP port." ++msgstr "" ++ ++#: booleans.py:106 ++msgid "" ++"Determine whether irc clients can listen on and connect to any unreserved " ++"TCP ports." ++msgstr "" ++ ++#: booleans.py:107 ++msgid "" ++"Allow the Irssi IRC Client to connect to any port, and to bind to any " ++"unreserved port." ++msgstr "" ++ ++#: booleans.py:108 ++msgid "Allow confined applications to run with kerberos." ++msgstr "" ++ ++#: booleans.py:109 ++msgid "Allow ksmtuned to use cifs/Samba file systems" ++msgstr "" ++ ++#: booleans.py:110 ++msgid "Allow ksmtuned to use nfs file systems" ++msgstr "" ++ ++#: booleans.py:111 ++msgid "Allow syslogd daemon to send mail" ++msgstr "" ++ ++#: booleans.py:112 ++msgid "Allow syslogd the ability to read/write terminals" ++msgstr "" ++ ++#: booleans.py:113 ++msgid "Allow logging in and using the system from /dev/console." ++msgstr "" ++ ++#: booleans.py:114 ++msgid "Allow mailman to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:115 ++msgid "Determine whether mcelog supports client mode." ++msgstr "" ++ ++#: booleans.py:116 ++msgid "Determine whether mcelog can execute scripts." ++msgstr "" ++ ++#: booleans.py:117 ++msgid "Determine whether mcelog can use all the user ttys." ++msgstr "" ++ ++#: booleans.py:118 ++msgid "Determine whether mcelog supports server mode." ++msgstr "" ++ ++#: booleans.py:119 ++msgid "" ++"Control the ability to mmap a low area of the address space, as configured " ++"by /proc/sys/kernel/mmap_min_addr." ++msgstr "" ++ ++#: booleans.py:120 ++msgid "Allow mock to read files in home directories." ++msgstr "" ++ ++#: booleans.py:121 ++msgid "Allow the mount commands to mount any directory or file." ++msgstr "" ++ ++#: booleans.py:122 ++msgid "Allow mozilla plugin domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:123 ++msgid "Allow mozilla plugin to support GPS." ++msgstr "" ++ ++#: booleans.py:124 ++msgid "Allow mozilla plugin to support spice protocols." ++msgstr "" ++ ++#: booleans.py:125 ++msgid "Allow confined web browsers to read home directory content" ++msgstr "" ++ ++#: booleans.py:126 ++msgid "Determine whether mpd can traverse user home directories." ++msgstr "" ++ ++#: booleans.py:127 ++msgid "Determine whether mpd can use cifs file systems." ++msgstr "" ++ ++#: booleans.py:128 ++msgid "Determine whether mpd can use nfs file systems." ++msgstr "" ++ ++#: booleans.py:129 ++msgid "Determine whether mplayer can make its stack executable." ++msgstr "" ++ ++#: booleans.py:130 ++msgid "Allow mysqld to connect to all ports" ++msgstr "" ++ ++#: booleans.py:131 ++msgid "Determine whether Bind can bind tcp socket to http ports." ++msgstr "" ++ ++#: booleans.py:132 ++msgid "" ++"Determine whether Bind can write to master zone files. Generally this is " ++"used for dynamic DNS or zone transfers." ++msgstr "" ++ ++#: booleans.py:133 ++msgid "Allow any files/directories to be exported read/only via NFS." ++msgstr "" ++ ++#: booleans.py:134 ++msgid "Allow any files/directories to be exported read/write via NFS." ++msgstr "" ++ ++#: booleans.py:135 ++msgid "" ++"Allow nfs servers to modify public files used for public file transfer " ++"services. Files/Directories must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:136 ++msgid "Allow system to run with NIS" ++msgstr "" ++ ++#: booleans.py:137 ++msgid "Allow confined applications to use nscd shared memory." ++msgstr "" ++ ++#: booleans.py:138 ++msgid "Allow openshift to lockdown app" ++msgstr "" ++ ++#: booleans.py:139 ++msgid "Determine whether openvpn can read generic user home content files." ++msgstr "" ++ ++#: booleans.py:140 ++msgid "Allow piranha-lvs domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:141 ++msgid "Allow polipo to connect to all ports > 1023" ++msgstr "" ++ ++#: booleans.py:142 ++msgid "" ++"Determine whether Polipo session daemon can bind tcp sockets to all " ++"unreserved ports." ++msgstr "" ++ ++#: booleans.py:143 ++msgid "" ++"Determine whether calling user domains can execute Polipo daemon in the " ++"polipo_session_t domain." ++msgstr "" ++ ++#: booleans.py:144 ++msgid "Determine whether polipo can access cifs file systems." ++msgstr "" ++ ++#: booleans.py:145 ++msgid "Determine whether Polipo can access nfs file systems." ++msgstr "" ++ ++#: booleans.py:146 ++msgid "Enable polyinstantiated directory support." ++msgstr "" ++ ++#: booleans.py:147 ++msgid "Allow postfix_local domain full write access to mail_spool directories" ++msgstr "" ++ ++#: booleans.py:148 ++msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" ++msgstr "" ++ ++#: booleans.py:149 ++msgid "Allow transmit client label to foreign database" ++msgstr "" ++ ++#: booleans.py:150 ++msgid "Allow database admins to execute DML statement" ++msgstr "" ++ ++#: booleans.py:151 ++msgid "Allow unprivileged users to execute DDL statement" ++msgstr "" ++ ++#: booleans.py:152 ++msgid "Allow pppd to load kernel modules for certain modems" ++msgstr "" ++ ++#: booleans.py:153 ++msgid "Allow pppd to be run for a regular user" ++msgstr "" ++ ++#: booleans.py:154 ++msgid "Determine whether privoxy can connect to all tcp ports." ++msgstr "" ++ ++#: booleans.py:155 ++msgid "" ++"Permit to prosody to bind apache port. Need to be activated to use BOSH." ++msgstr "" ++ ++#: booleans.py:156 ++msgid "Allow Puppet client to manage all file types." ++msgstr "" ++ ++#: booleans.py:157 ++msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" ++msgstr "" ++ ++#: booleans.py:158 ++msgid "Allow racoon to read shadow" ++msgstr "" ++ ++#: booleans.py:159 ++msgid "" ++"Allow rsync to modify public files used for public file transfer services. " ++"Files/Directories must be labeled public_content_rw_t." ++msgstr "" ++ ++#: booleans.py:160 ++msgid "Allow rsync to run as a client" ++msgstr "" ++ ++#: booleans.py:161 ++msgid "Allow rsync to export any files/directories read only." ++msgstr "" ++ ++#: booleans.py:162 ++msgid "Allow rsync server to manage all files/directories on the system." ++msgstr "" ++ ++#: booleans.py:163 ++msgid "Allow samba to create new home directories (e.g. via PAM)" ++msgstr "" ++ ++#: booleans.py:164 ++msgid "" ++"Allow samba to act as the domain controller, add users, groups and change " ++"passwords." ++msgstr "" ++ ++#: booleans.py:165 ++msgid "Allow samba to share users home directories." ++msgstr "" ++ ++#: booleans.py:166 ++msgid "Allow samba to share any file/directory read only." ++msgstr "" ++ ++#: booleans.py:167 ++msgid "Allow samba to share any file/directory read/write." ++msgstr "" ++ ++#: booleans.py:168 ++msgid "Allow samba to act as a portmapper" + msgstr "" + +-#: booleans.py:6 ++#: booleans.py:169 ++msgid "Allow samba to run unconfined scripts" ++msgstr "" ++ ++#: booleans.py:171 ++msgid "Allow samba to export NFS volumes." ++msgstr "" ++ ++#: booleans.py:172 ++msgid "Allow sanlock to read/write fuse files" ++msgstr "" ++ ++#: booleans.py:173 ++msgid "Allow sanlock to manage nfs files" ++msgstr "" ++ ++#: booleans.py:174 ++msgid "Allow sanlock to manage cifs files" ++msgstr "" ++ ++#: booleans.py:175 ++msgid "Allow sasl to read shadow" ++msgstr "" ++ ++#: booleans.py:176 ++msgid "Allow secadm to exec content" ++msgstr "" ++ ++#: booleans.py:177 + msgid "" +-"Allow users to resolve user passwd entries directly from ldap rather then " +-"using a sssd server" ++"disallow programs, such as newrole, from transitioning to administrative " ++"user domains." + msgstr "" + +-#: booleans.py:7 +-msgid "Allow users to login using a radius server" ++#: booleans.py:178 ++msgid "Disable kernel module loading." + msgstr "" + +-#: booleans.py:8 +-msgid "Allow users to login using a yubikey server" ++#: booleans.py:179 ++msgid "" ++"Boolean to determine whether the system permits loading policy, setting " ++"enforcing mode, and changing boolean values. Set this to true and you have " ++"to reboot to set it back." + msgstr "" + +-#: booleans.py:9 +-msgid "Allow awstats to purge Apache logs" ++#: booleans.py:180 ++msgid "Allow regular users direct dri device access" + msgstr "" + +-#: booleans.py:10 ++#: booleans.py:181 + msgid "" +-"Allow cdrecord to read various content. nfs, samba, removable devices, user " +-"temp and untrusted content files" ++"Allow unconfined executables to make their heap memory executable. Doing " ++"this is a really bad idea. Probably indicates a badly coded executable, but " ++"could indicate an attack. This executable should be reported in bugzilla" + msgstr "" + +-#: booleans.py:11 +-msgid "Allow clamd to use JIT compiler" ++#: booleans.py:182 ++msgid "" ++"Allow all unconfined executables to use libraries requiring text relocation " ++"that are not labeled textrel_shlib_t" + msgstr "" + +-#: booleans.py:12 +-msgid "Allow clamscan to non security files on a system" ++#: booleans.py:183 ++msgid "" ++"Allow unconfined executables to make their stack executable. This should " ++"never, ever be necessary. Probably indicates a badly coded executable, but " ++"could indicate an attack. This executable should be reported in bugzilla" + msgstr "" + +-#: booleans.py:13 +-msgid "Allow clamscan to read user content" ++#: booleans.py:184 ++msgid "Allow users to connect to the local mysql server" + msgstr "" + +-#: booleans.py:14 ++#: booleans.py:185 + msgid "" +-"Allow Cobbler to modify public files used for public file transfer services." ++"Allow confined users the ability to execute the ping and traceroute commands." + msgstr "" + +-#: booleans.py:15 +-msgid "Allow Cobbler to connect to the network using TCP." ++#: booleans.py:186 ++msgid "Allow users to connect to PostgreSQL" + msgstr "" + +-#: booleans.py:16 +-msgid "Allow Cobbler to access cifs file systems." ++#: booleans.py:187 ++msgid "" ++"Allow user to r/w files on filesystems that do not have extended attributes " ++"(FAT, CDROM, FLOPPY)" + msgstr "" + +-#: booleans.py:17 +-msgid "Allow Cobbler to access nfs file systems." ++#: booleans.py:188 ++msgid "Allow user music sharing" + msgstr "" + +-#: booleans.py:18 +-msgid "Allow collectd to connect to the network using TCP." ++#: booleans.py:189 ++msgid "" ++"Allow users to run TCP servers (bind to ports and accept connection from the " ++"same domain and outside users) disabling this forces FTP passive mode and " ++"may change other protocols." + msgstr "" + +-#: booleans.py:19 +-msgid "Allow codnor domain to connect to the network using TCP." ++#: booleans.py:190 ++msgid "Allow user to use ssh chroot environment." + msgstr "" + +-#: booleans.py:20 ++#: booleans.py:191 + msgid "" +-"Allow system cron jobs to relabel filesystem for restoring file contexts." ++"Determine whether sftpd can modify public files used for public file " ++"transfer services. Directories/Files must be labeled public_content_rw_t." + msgstr "" + +-#: booleans.py:21 +-msgid "Allow cvs daemon to read shadow" ++#: booleans.py:192 ++msgid "" ++"Determine whether sftpd-can read and write files in user home directories." + msgstr "" + +-#: booleans.py:22 +-msgid "Allow all daemons to write corefiles to /" ++#: booleans.py:193 ++msgid "" ++"Determine whether sftpd-can login to local users and read and write all " ++"files on the system, governed by DAC." + msgstr "" + +-#: booleans.py:23 +-msgid "Allow all daemons to use tcp wrappers." ++#: booleans.py:194 ++msgid "" ++"Determine whether sftpd can read and write files in user ssh home " ++"directories." + msgstr "" + +-#: booleans.py:24 +-msgid "Allow all daemons the ability to read/write terminals" ++#: booleans.py:195 ++msgid "Allow sge to connect to the network using any TCP port" + msgstr "" + +-#: booleans.py:25 +-msgid "Allow dan to manage user files" ++#: booleans.py:196 ++msgid "Allow sge to access nfs file systems." + msgstr "" + +-#: booleans.py:26 +-msgid "Allow dan to read user files" ++#: booleans.py:197 ++msgid "Determine whether smartmon can support devices on 3ware controllers." + msgstr "" + +-#: booleans.py:27 +-msgid "Allow dbadm to manage files in users home directories" ++#: booleans.py:198 ++msgid "" ++"Allow samba to modify public files used for public file transfer services. " ++"Files/Directories must be labeled public_content_rw_t." + msgstr "" + +-#: booleans.py:28 +-msgid "Allow dbadm to read files in users home directories" ++#: booleans.py:199 ++msgid "Allow user spamassassin clients to use the network." + msgstr "" + +-#: booleans.py:29 ++#: booleans.py:200 ++msgid "Allow spamd to read/write user home directories." ++msgstr "" ++ ++#: booleans.py:201 ++msgid "Determine whether squid can connect to all TCP ports." ++msgstr "" ++ ++#: booleans.py:202 ++msgid "Determine whether squid can run as a transparent proxy." ++msgstr "" ++ ++#: booleans.py:203 + msgid "" +-"Deny user domains applications to map a memory region as both executable and" +-" writable, this is dangerous and the executable should be reported in " +-"bugzilla" ++"Allow ssh with chroot env to read and write files in the user home " ++"directories" + msgstr "" + +-#: booleans.py:30 +-msgid "Allow sysadm to debug or ptrace all processes." ++#: booleans.py:204 ++msgid "allow host key based authentication" + msgstr "" + +-#: booleans.py:31 +-msgid "Allow dhcpc client applications to execute iptables commands" ++#: booleans.py:205 ++msgid "Allow ssh logins as sysadm_r:sysadm_t" + msgstr "" + +-#: booleans.py:32 +-msgid "Allow DHCP daemon to use LDAP backends" ++#: booleans.py:206 ++msgid "Allow staff to exec content" + msgstr "" + +-#: booleans.py:33 +-msgid "Allow all domains to use other domains file descriptors" ++#: booleans.py:207 ++msgid "allow staff user to create and transition to svirt domains." + msgstr "" + +-#: booleans.py:34 +-msgid "Allow all domains to have the kernel load modules" ++#: booleans.py:208 ++msgid "Allow sysadm to exec content" + msgstr "" + +-#: booleans.py:35 +-msgid "Allow the use of the audio devices as the source for the entropy feeds" ++#: booleans.py:209 ++msgid "Allow the Telepathy connection managers to connect to any network port." + msgstr "" + +-#: booleans.py:36 +-msgid "Allow exim to connect to databases (postgres, mysql)" ++#: booleans.py:210 ++msgid "" ++"Allow the Telepathy connection managers to connect to any generic TCP port." + msgstr "" + +-#: booleans.py:37 +-msgid "Allow exim to create, read, write, and delete unprivileged user files." ++#: booleans.py:211 ++msgid "Allow testpolicy to exec content" + msgstr "" + +-#: booleans.py:38 +-msgid "Allow exim to read unprivileged user files." ++#: booleans.py:212 ++msgid "" ++"Allow tftp to modify public files used for public file transfer services." + msgstr "" + +-#: booleans.py:39 +-msgid "Enable extra rules in the cron domain to support fcron." ++#: booleans.py:213 ++msgid "Allow tftp to read and write files in the user home directories" + msgstr "" + +-#: booleans.py:40 +-msgid "Allow fenced domain to connect to the network using TCP." ++#: booleans.py:214 ++msgid "Determine whether tor can bind tcp sockets to all unreserved ports." + msgstr "" + +-#: booleans.py:41 +-msgid "Allow fenced domain to execute ssh." ++#: booleans.py:215 ++msgid "Allow tor to act as a relay" + msgstr "" + +-#: booleans.py:42 +-msgid "Allow all domains to execute in fips_mode" ++#: booleans.py:216 ++msgid "" ++"allow unconfined users to transition to the chrome sandbox domains when " ++"running chrome-sandbox" + msgstr "" + +-#: booleans.py:43 +-msgid "Allow ftp to read and write files in the user home directories" ++#: booleans.py:217 ++msgid "Allow a user to login as an unconfined domain" + msgstr "" + +-#: booleans.py:44 ++#: booleans.py:218 + msgid "" +-"Allow ftp servers to upload files, used for public file transfer services. " +-"Directories must be labeled public_content_rw_t." ++"Allow unconfined users to transition to the Mozilla plugin domain when " ++"running xulrunner plugin-container." + msgstr "" + +-#: booleans.py:45 +-msgid "Allow ftp servers to connect to all ports > 1023" ++#: booleans.py:219 ++msgid "Allow unprivledged user to create and transition to svirt domains." + msgstr "" + +-#: booleans.py:46 +-msgid "Allow ftp servers to connect to mysql database ports" ++#: booleans.py:220 ++msgid "Support ecryptfs home directories" msgstr "" -#: booleans.py:47 -msgid "" -"Allow ftp servers to login to local users and read/write all files on the " -"system, governed by DAC." -+#: booleans.py:47 booleans.py:166 -+msgid "Allow samba to export ntfs/fusefs volumes." ++#: booleans.py:221 ++msgid "Support fusefs home directories" msgstr "" - #: booleans.py:48 +-#: booleans.py:48 -msgid "Allow ftp servers to use cifs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can use NFS used for public file transfer services." ++#: booleans.py:222 ++msgid "Determine whether to support lpd server." msgstr "" - #: booleans.py:49 +-#: booleans.py:49 -msgid "Allow ftp servers to use nfs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can bind to all unreserved ports for passive mode." ++#: booleans.py:223 ++msgid "Support NFS home directories" msgstr "" - #: booleans.py:50 +-#: booleans.py:50 -msgid "Allow ftp servers to use bind to all unreserved ports for passive mode" --msgstr "" -- ++#: booleans.py:224 ++msgid "Support SAMBA home directories" + msgstr "" + -#: booleans.py:51 - msgid "Determine whether Git CGI can search home directories." +-msgid "Determine whether Git CGI can search home directories." ++#: booleans.py:225 ++msgid "Allow user to exec content" msgstr "" -#: booleans.py:52 -+#: booleans.py:51 - msgid "Determine whether Git CGI can access cifs file systems." +-msgid "Determine whether Git CGI can access cifs file systems." ++#: booleans.py:226 ++msgid "Determine whether varnishd can use the full TCP network." msgstr "" -#: booleans.py:53 -+#: booleans.py:52 - msgid "Determine whether Git CGI can access nfs file systems." +-msgid "Determine whether Git CGI can access nfs file systems." ++#: booleans.py:227 ++msgid "" ++"Determine whether attempts by vbetool to mmap low regions should be silently " ++"blocked." msgstr "" -#: booleans.py:54 -+#: booleans.py:53 ++#: booleans.py:228 msgid "" - "Determine whether Git session daemon can bind TCP sockets to all unreserved " - "ports." +-"Determine whether Git session daemon can bind TCP sockets to all unreserved " +-"ports." ++"Allow confined virtual guests to use serial/parallel communication ports" msgstr "" -#: booleans.py:55 -+#: booleans.py:54 ++#: booleans.py:229 msgid "" - "Determine whether calling user domains can execute Git daemon in the " - "git_session_t domain." +-"Determine whether calling user domains can execute Git daemon in the " +-"git_session_t domain." ++"Allow confined virtual guests to use executable memory and executable stack" msgstr "" -#: booleans.py:56 -+#: booleans.py:55 - msgid "Determine whether Git system daemon can search home directories." +-msgid "Determine whether Git system daemon can search home directories." ++#: booleans.py:230 ++msgid "Allow confined virtual guests to read fuse files" msgstr "" -#: booleans.py:57 -+#: booleans.py:56 - msgid "Determine whether Git system daemon can access cifs file systems." +-msgid "Determine whether Git system daemon can access cifs file systems." ++#: booleans.py:231 ++msgid "Allow confined virtual guests to manage nfs files" msgstr "" -#: booleans.py:58 -+#: booleans.py:57 - msgid "Determine whether Git system daemon can access nfs file systems." +-msgid "Determine whether Git system daemon can access nfs file systems." ++#: booleans.py:232 ++msgid "Allow confined virtual guests to interact with rawip sockets" msgstr "" -+#: booleans.py:58 -+msgid "Determine whether Gitosis can send mail." -+msgstr "" -+ - #: booleans.py:59 +-#: booleans.py:59 -msgid "Allow gitisis daemon to send mail" -+msgid "Enable reading of urandom for all domains." ++#: booleans.py:233 ++msgid "Allow confined virtual guests to manage cifs files" msgstr "" - #: booleans.py:60 +-#: booleans.py:60 -msgid "Enable reading of urandom for all domains." -+msgid "" -+"Allow glusterfsd to modify public files used for public file transfer " -+"services. Files/Directories must be labeled public_content_rw_t." ++#: booleans.py:234 ++msgid "Allow confined virtual guests to interact with the sanlock" msgstr "" - #: booleans.py:61 -+msgid "Allow glusterfsd to share any file/directory read only." -+msgstr "" -+ -+#: booleans.py:62 -+msgid "Allow glusterfsd to share any file/directory read/write." -+msgstr "" -+ -+#: booleans.py:63 - msgid "" - "Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" - "agent to manage user files." +-#: booleans.py:61 +-msgid "" +-"Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" +-"agent to manage user files." ++#: booleans.py:235 ++msgid "Allow confined virtual guests to use usb devices" msgstr "" -#: booleans.py:62 -+#: booleans.py:64 - msgid "" - "Allow gpg web domain to modify public files used for public file transfer " - "services." +-msgid "" +-"Allow gpg web domain to modify public files used for public file transfer " +-"services." ++#: booleans.py:236 ++msgid "Allow confined virtual guests to interact with the xserver" msgstr "" -#: booleans.py:63 -+#: booleans.py:65 - msgid "Allow gssd to read temp directory. For access to kerberos tgt." +-msgid "Allow gssd to read temp directory. For access to kerberos tgt." ++#: booleans.py:237 ++msgid "Determine whether webadm can manage generic user files." msgstr "" -#: booleans.py:64 -+#: booleans.py:66 - msgid "Allow guest to exec content" +-msgid "Allow guest to exec content" ++#: booleans.py:238 ++msgid "Determine whether webadm can read generic user files." msgstr "" -#: booleans.py:65 -+#: booleans.py:67 ++#: booleans.py:239 msgid "" - "Allow Apache to modify public files used for public file transfer services. " - "Directories/Files must be labeled public_content_rw_t." +-"Allow Apache to modify public files used for public file transfer services. " +-"Directories/Files must be labeled public_content_rw_t." ++"Determine whether attempts by wine to mmap low regions should be silently " ++"blocked." msgstr "" -#: booleans.py:66 -+#: booleans.py:68 - msgid "Allow httpd to use built in scripting (usually php)" +-msgid "Allow httpd to use built in scripting (usually php)" ++#: booleans.py:240 ++msgid "Allow the graphical login program to execute bootloader" msgstr "" -#: booleans.py:67 -+#: booleans.py:69 - msgid "Allow http daemon to check spam" +-msgid "Allow http daemon to check spam" ++#: booleans.py:241 ++msgid "" ++"Allow the graphical login program to login directly as sysadm_r:sysadm_t" msgstr "" -#: booleans.py:68 -+#: booleans.py:70 ++#: booleans.py:242 msgid "" - "Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " - "ports" +-"Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " +-"ports" ++"Allow the graphical login program to create files in HOME dirs as xdm_home_t." msgstr "" -#: booleans.py:69 -+#: booleans.py:71 - msgid "Allow httpd to connect to the ldap port" +-msgid "Allow httpd to connect to the ldap port" ++#: booleans.py:243 ++msgid "Allow xen to manage nfs files" msgstr "" -#: booleans.py:70 -+#: booleans.py:72 - msgid "Allow http daemon to connect to zabbix" +-msgid "Allow http daemon to connect to zabbix" ++#: booleans.py:244 ++msgid "" ++"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " ++"logical volumes for disk images." msgstr "" -#: booleans.py:71 -+#: booleans.py:73 - msgid "Allow HTTPD scripts and modules to connect to the network using TCP." +-msgid "Allow HTTPD scripts and modules to connect to the network using TCP." ++#: booleans.py:245 ++msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." msgstr "" -#: booleans.py:72 --msgid "" ++#: booleans.py:246 + msgid "" -"Allow HTTPD scripts and modules to connect to cobbler over the network." -+#: booleans.py:74 -+msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." ++"Allow xguest users to configure Network Manager and connect to apache ports" msgstr "" -#: booleans.py:73 -+#: booleans.py:75 - msgid "" - "Allow HTTPD scripts and modules to connect to databases over the network." +-msgid "" +-"Allow HTTPD scripts and modules to connect to databases over the network." ++#: booleans.py:247 ++msgid "Allow xguest to exec content" msgstr "" -#: booleans.py:74 -+#: booleans.py:76 - msgid "Allow httpd to connect to memcache server" +-msgid "Allow httpd to connect to memcache server" ++#: booleans.py:248 ++msgid "Allow xguest users to mount removable media" msgstr "" -#: booleans.py:75 -+#: booleans.py:77 - msgid "Allow httpd to act as a relay" +-msgid "Allow httpd to act as a relay" ++#: booleans.py:249 ++msgid "Allow xguest to use blue tooth devices" msgstr "" -#: booleans.py:76 -+#: booleans.py:78 - msgid "Allow http daemon to send mail" +-msgid "Allow http daemon to send mail" ++#: booleans.py:250 ++msgid "Allows clients to write to the X server shared memory segments." msgstr "" -#: booleans.py:77 -+#: booleans.py:79 - msgid "Allow Apache to communicate with avahi service via dbus" +-msgid "Allow Apache to communicate with avahi service via dbus" ++#: booleans.py:251 ++msgid "Allows XServer to execute writable memory" msgstr "" -#: booleans.py:78 -+#: booleans.py:80 - msgid "Allow httpd cgi support" +-msgid "Allow httpd cgi support" ++#: booleans.py:252 ++msgid "Support X userspace object manager" msgstr "" -#: booleans.py:79 -+#: booleans.py:81 - msgid "Allow httpd to act as a FTP server by listening on the ftp port." +-msgid "Allow httpd to act as a FTP server by listening on the ftp port." ++#: booleans.py:253 ++msgid "Determine whether zabbix can connect to all TCP ports" msgstr "" -#: booleans.py:80 -+#: booleans.py:82 - msgid "Allow httpd to read home directories" +-msgid "Allow httpd to read home directories" ++#: booleans.py:254 ++msgid "Allow zebra daemon to write it configuration files" msgstr "" -#: booleans.py:81 -+#: booleans.py:83 - msgid "Allow httpd scripts and modules execmem/execstack" +-msgid "Allow httpd scripts and modules execmem/execstack" ++#: booleans.py:255 ++msgid "" ++"Allow ZoneMinder to modify public files used for public file transfer " ++"services." msgstr "" -#: booleans.py:82 -+#: booleans.py:84 - msgid "Allow HTTPD to connect to port 80 for graceful shutdown" +-msgid "Allow HTTPD to connect to port 80 for graceful shutdown" ++#: booleans.py:256 ++msgid "Allow ZoneMinder to run su/sudo." msgstr "" -#: booleans.py:83 -+#: booleans.py:85 - msgid "Allow httpd processes to manage IPA content" +-msgid "Allow httpd processes to manage IPA content" ++#: ../sepolicy/sepolicy.py:194 ++#, fuzzy, python-format ++msgid "Interface %s does not exist." ++msgstr "الواجهة %s غير معرفة" ++ ++#: ../sepolicy/sepolicy.py:281 ++msgid "Graphical User Interface for SELinux Policy" msgstr "" -#: booleans.py:84 -+#: booleans.py:86 - msgid "Allow Apache to use mod_auth_ntlm_winbind" +-msgid "Allow Apache to use mod_auth_ntlm_winbind" ++#: ../sepolicy/sepolicy.py:305 ++msgid "Generate SELinux man pages" msgstr "" -#: booleans.py:85 -+#: booleans.py:87 - msgid "Allow Apache to use mod_auth_pam" +-msgid "Allow Apache to use mod_auth_pam" ++#: ../sepolicy/sepolicy.py:308 ++msgid "path in which the generated SELinux man pages will be stored" msgstr "" -#: booleans.py:86 -+#: booleans.py:88 - msgid "Allow httpd to read user content" +-msgid "Allow httpd to read user content" ++#: ../sepolicy/sepolicy.py:310 ++msgid "name of the OS for man pages" msgstr "" -#: booleans.py:87 -+#: booleans.py:89 - msgid "Allow Apache to run in stickshift mode, not transition to passenger" +-msgid "Allow Apache to run in stickshift mode, not transition to passenger" ++#: ../sepolicy/sepolicy.py:312 ++msgid "Generate HTML man pages structure for selected SELinux man page" msgstr "" -#: booleans.py:88 -+#: booleans.py:90 -+msgid "Allow HTTPD scripts and modules to server cobbler files." -+msgstr "" -+ -+#: booleans.py:91 - msgid "Allow httpd daemon to change its resource limits" +-msgid "Allow httpd daemon to change its resource limits" ++#: ../sepolicy/sepolicy.py:314 ++msgid "Alternate root directory, defaults to /" msgstr "" -#: booleans.py:89 -+#: booleans.py:92 - msgid "" - "Allow HTTPD to run SSI executables in the same domain as system CGI scripts." +-msgid "" +-"Allow HTTPD to run SSI executables in the same domain as system CGI scripts." ++#: ../sepolicy/sepolicy.py:318 ++msgid "All domains" msgstr "" -#: booleans.py:90 -+#: booleans.py:93 - msgid "" - "Allow apache scripts to write to public content, directories/files must be " - "labeled public_rw_content_t." +-msgid "" +-"Allow apache scripts to write to public content, directories/files must be " +-"labeled public_rw_content_t." ++#: ../sepolicy/sepolicy.py:321 ++msgid "Domain name(s) of man pages to be created" msgstr "" -#: booleans.py:91 -+#: booleans.py:94 - msgid "Allow Apache to execute tmp content." +-msgid "Allow Apache to execute tmp content." ++#: ../sepolicy/sepolicy.py:326 ++msgid "Query SELinux policy network information" msgstr "" -#: booleans.py:92 -+#: booleans.py:95 - msgid "" - "Unify HTTPD to communicate with the terminal. Needed for entering the " - "passphrase for certificates at the terminal." +-msgid "" +-"Unify HTTPD to communicate with the terminal. Needed for entering the " +-"passphrase for certificates at the terminal." ++#: ../sepolicy/sepolicy.py:331 ++msgid "list all SELinux port types" msgstr "" -#: booleans.py:93 -+#: booleans.py:96 - msgid "Unify HTTPD handling of all content files." +-msgid "Unify HTTPD handling of all content files." ++#: ../sepolicy/sepolicy.py:334 ++msgid "show SELinux type related to the port" msgstr "" -#: booleans.py:94 -+#: booleans.py:97 - msgid "Allow httpd to access cifs file systems" +-msgid "Allow httpd to access cifs file systems" ++#: ../sepolicy/sepolicy.py:337 ++msgid "Show ports defined for this SELinux type" msgstr "" -#: booleans.py:95 -+#: booleans.py:98 - msgid "Allow httpd to access FUSE file systems" +-msgid "Allow httpd to access FUSE file systems" ++#: ../sepolicy/sepolicy.py:340 ++msgid "show ports to which this domain can bind and/or connect" msgstr "" -#: booleans.py:96 -+#: booleans.py:99 - msgid "Allow httpd to run gpg" +-msgid "Allow httpd to run gpg" ++#: ../sepolicy/sepolicy.py:355 ++msgid "query SELinux policy to see if domains can communicate with each other" msgstr "" -#: booleans.py:97 -+#: booleans.py:100 - msgid "Allow httpd to access nfs file systems" +-msgid "Allow httpd to access nfs file systems" ++#: ../sepolicy/sepolicy.py:358 ++msgid "Source Domain" msgstr "" -#: booleans.py:98 -+#: booleans.py:101 - msgid "Allow httpd to communicate with oddjob to start up a service" +-msgid "Allow httpd to communicate with oddjob to start up a service" ++#: ../sepolicy/sepolicy.py:361 ++msgid "Target Domain" msgstr "" -#: booleans.py:99 -+#: booleans.py:102 - msgid "Allow httpd to access openstack ports" +-msgid "Allow httpd to access openstack ports" ++#: ../sepolicy/sepolicy.py:380 ++msgid "query SELinux Policy to see description of booleans" msgstr "" -#: booleans.py:100 -+#: booleans.py:103 - msgid "Allow Apache to query NS records" +-msgid "Allow Apache to query NS records" ++#: ../sepolicy/sepolicy.py:384 ++msgid "get all booleans descriptions" msgstr "" -#: booleans.py:101 -msgid "Allow icecast to connect to all ports, not just sound ports." -+#: booleans.py:104 -+msgid "Determine whether icecast can listen on and connect to any TCP port." ++#: ../sepolicy/sepolicy.py:387 ++msgid "boolean to get description" msgstr "" -#: booleans.py:102 -+#: booleans.py:105 -+msgid "" -+"Determine whether irc clients can listen on and connect to any unreserved " -+"TCP ports." -+msgstr "" -+ -+#: booleans.py:106 ++#: ../sepolicy/sepolicy.py:397 msgid "" - "Allow the Irssi IRC Client to connect to any port, and to bind to any " - "unreserved port." +-"Allow the Irssi IRC Client to connect to any port, and to bind to any " +-"unreserved port." ++"query SELinux Policy to see how a source process domain can transition to " ++"the target process domain" msgstr "" -#: booleans.py:103 -+#: booleans.py:107 - msgid "Allow confined applications to run with kerberos." +-msgid "Allow confined applications to run with kerberos." ++#: ../sepolicy/sepolicy.py:400 ++msgid "source process domain" msgstr "" -#: booleans.py:104 -msgid "Allow syslogd daemon to send mail" -+#: booleans.py:108 -+msgid "Allow ksmtuned to use cifs/Samba file systems" ++#: ../sepolicy/sepolicy.py:403 ++msgid "target process domain" msgstr "" -#: booleans.py:105 -msgid "Allow syslogd the ability to read/write terminals" -+#: booleans.py:109 -+msgid "Allow ksmtuned to use nfs file systems" ++#: ../sepolicy/sepolicy.py:445 ++#, python-format ++msgid "sepolicy generate: error: one of the arguments %s is required" msgstr "" -#: booleans.py:106 -+#: booleans.py:110 -+msgid "Allow syslogd daemon to send mail" -+msgstr "" -+ -+#: booleans.py:111 -+msgid "Allow syslogd the ability to read/write terminals" -+msgstr "" -+ -+#: booleans.py:112 - msgid "Allow logging in and using the system from /dev/console." +-msgid "Allow logging in and using the system from /dev/console." ++#: ../sepolicy/sepolicy.py:450 ++msgid "Command required for this type of policy" msgstr "" -#: booleans.py:107 -+#: booleans.py:113 -+msgid "Allow mailman to access FUSE file systems" -+msgstr "" -+ -+#: booleans.py:114 -+msgid "Determine whether mcelog supports client mode." -+msgstr "" -+ -+#: booleans.py:115 -+msgid "Determine whether mcelog can execute scripts." -+msgstr "" -+ -+#: booleans.py:116 -+msgid "Determine whether mcelog can use all the user ttys." -+msgstr "" -+ -+#: booleans.py:117 -+msgid "Determine whether mcelog supports server mode." -+msgstr "" -+ -+#: booleans.py:118 ++#: ../sepolicy/sepolicy.py:461 msgid "" - "Control the ability to mmap a low area of the address space, as configured " - "by /proc/sys/kernel/mmap_min_addr." +-"Control the ability to mmap a low area of the address space, as configured " +-"by /proc/sys/kernel/mmap_min_addr." ++"-t option can not be used with this option. Read usage for more details." msgstr "" -#: booleans.py:108 -+#: booleans.py:119 - msgid "Allow mock to read files in home directories." +-msgid "Allow mock to read files in home directories." ++#: ../sepolicy/sepolicy.py:466 ++msgid "" ++"-d option can not be used with this option. Read usage for more details." msgstr "" -#: booleans.py:109 -+#: booleans.py:120 - msgid "Allow the mount command to mount any directory or file." +-msgid "Allow the mount command to mount any directory or file." ++#: ../sepolicy/sepolicy.py:470 ++msgid "" ++"-a option can not be used with this option. Read usage for more details." msgstr "" -#: booleans.py:110 -+#: booleans.py:121 - msgid "Allow mozilla plugin domain to connect to the network using TCP." +-msgid "Allow mozilla plugin domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy.py:490 ++msgid "List SELinux Policy interfaces" msgstr "" -#: booleans.py:111 -msgid "" -"Allow mozilla_plugins to create random content in the users home directory" -+#: booleans.py:122 -+msgid "Allow confined web browsers to read home directory content" ++#: ../sepolicy/sepolicy.py:510 ++msgid "Enter interface names, you wish to query" msgstr "" -#: booleans.py:112 -msgid "Allow confined web browsers to read home directory content" -+#: booleans.py:123 -+msgid "Determine whether mpd can traverse user home directories." ++#: ../sepolicy/sepolicy.py:519 ++msgid "Generate SELinux Policy module template" msgstr "" -#: booleans.py:113 -msgid "Allow mplayer executable stack" -+#: booleans.py:124 -+msgid "Determine whether mpd can use cifs file systems." ++#: ../sepolicy/sepolicy.py:522 ++msgid "Enter domain type which you will be extending" msgstr "" -#: booleans.py:114 -+#: booleans.py:125 -+msgid "Determine whether mpd can use nfs file systems." -+msgstr "" -+ -+#: booleans.py:126 -+msgid "Determine whether mplayer can make its stack executable." -+msgstr "" -+ -+#: booleans.py:127 - msgid "Allow mysqld to connect to all ports" +-msgid "Allow mysqld to connect to all ports" ++#: ../sepolicy/sepolicy.py:525 ++msgid "Enter SELinux user(s) which will transition to this domain" msgstr "" -#: booleans.py:115 -msgid "Allow BIND to bind apache port." -+#: booleans.py:128 -+msgid "Determine whether Bind can bind tcp socket to http ports." ++#: ../sepolicy/sepolicy.py:528 ++msgid "Enter SELinux role(s) to which the administror domain will transition" msgstr "" -#: booleans.py:116 -+#: booleans.py:129 - msgid "" +-msgid "" -"Allow BIND to write the master zone files. Generally this is used for " -"dynamic DNS or zone transfers." -+"Determine whether Bind can write to master zone files. Generally this is " -+"used for dynamic DNS or zone transfers." ++#: ../sepolicy/sepolicy.py:531 ++msgid "Enter domain(s) which this confined admin will administrate" msgstr "" -#: booleans.py:117 -+#: booleans.py:130 - msgid "Allow any files/directories to be exported read/only via NFS." +-msgid "Allow any files/directories to be exported read/only via NFS." ++#: ../sepolicy/sepolicy.py:534 ++msgid "name of policy to generate" msgstr "" -#: booleans.py:118 -+#: booleans.py:131 - msgid "Allow any files/directories to be exported read/write via NFS." +-msgid "Allow any files/directories to be exported read/write via NFS." ++#: ../sepolicy/sepolicy.py:541 ++msgid "path in which the generated policy files will be stored" msgstr "" -#: booleans.py:119 -+#: booleans.py:132 - msgid "" - "Allow nfs servers to modify public files used for public file transfer " - "services. Files/Directories must be labeled public_content_rw_t." +-msgid "" +-"Allow nfs servers to modify public files used for public file transfer " +-"services. Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy.py:543 ++msgid "path to which the confined processes will need to write" msgstr "" -#: booleans.py:120 -+#: booleans.py:133 - msgid "Allow system to run with NIS" +-msgid "Allow system to run with NIS" ++#: ../sepolicy/sepolicy.py:544 ++msgid "Policy types which require a command" msgstr "" -#: booleans.py:121 -+#: booleans.py:134 - msgid "Allow confined applications to use nscd shared memory." +-msgid "Allow confined applications to use nscd shared memory." ++#: ../sepolicy/sepolicy.py:548 ../sepolicy/sepolicy.py:551 ++#: ../sepolicy/sepolicy.py:554 ../sepolicy/sepolicy.py:557 ++#: ../sepolicy/sepolicy.py:560 ../sepolicy/sepolicy.py:566 ++#: ../sepolicy/sepolicy.py:569 ../sepolicy/sepolicy.py:572 ++#: ../sepolicy/sepolicy.py:578 ../sepolicy/sepolicy.py:581 ++#: ../sepolicy/sepolicy.py:584 ../sepolicy/sepolicy.py:587 ++#, python-format ++msgid "Generate '%s' policy" msgstr "" -#: booleans.py:122 -+#: booleans.py:135 - msgid "Allow openshift to lockdown app" +-msgid "Allow openshift to lockdown app" ++#: ../sepolicy/sepolicy.py:575 ++#, python-format ++msgid "Generate '%s' policy " msgstr "" -#: booleans.py:123 -msgid "Allow openvpn to read home directories" -+#: booleans.py:136 -+msgid "Determine whether openvpn can read generic user home content files." ++#: ../sepolicy/sepolicy.py:589 ++msgid "executable to confine" msgstr "" -#: booleans.py:124 -+#: booleans.py:137 - msgid "Allow piranha-lvs domain to connect to the network using TCP." +-msgid "Allow piranha-lvs domain to connect to the network using TCP." ++#: ../sepolicy/sepolicy.py:594 ++msgid "commands" msgstr "" -#: booleans.py:125 -+#: booleans.py:138 - msgid "Allow polipo to connect to all ports > 1023" +-msgid "Allow polipo to connect to all ports > 1023" ++#: ../sepolicy/sepolicy.py:597 ++msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" msgstr "" -#: booleans.py:126 -+#: booleans.py:139 - msgid "" - "Determine whether Polipo session daemon can bind tcp sockets to all " - "unreserved ports." +-msgid "" +-"Determine whether Polipo session daemon can bind tcp sockets to all " +-"unreserved ports." ++#: ../sepolicy/sepolicy/__init__.py:167 ../sepolicy/sepolicy/gui.py:479 ++msgid "all files" msgstr "" -#: booleans.py:127 -+#: booleans.py:140 - msgid "" - "Determine whether calling user domains can execute Polipo daemon in the " - "polipo_session_t domain." +-msgid "" +-"Determine whether calling user domains can execute Polipo daemon in the " +-"polipo_session_t domain." ++#: ../sepolicy/sepolicy/__init__.py:168 ++msgid "regular file" msgstr "" -#: booleans.py:128 -+#: booleans.py:141 - msgid "Determine whether polipo can access cifs file systems." +-msgid "Determine whether polipo can access cifs file systems." ++#: ../sepolicy/sepolicy/__init__.py:169 ++msgid "directory" msgstr "" -#: booleans.py:129 -+#: booleans.py:142 - msgid "Determine whether Polipo can access nfs file systems." +-msgid "Determine whether Polipo can access nfs file systems." ++#: ../sepolicy/sepolicy/__init__.py:170 ++msgid "character device" msgstr "" -#: booleans.py:130 -+#: booleans.py:143 - msgid "Enable polyinstantiated directory support." +-msgid "Enable polyinstantiated directory support." ++#: ../sepolicy/sepolicy/__init__.py:171 ++msgid "block device" msgstr "" -#: booleans.py:131 -+#: booleans.py:144 - msgid "Allow postfix_local domain full write access to mail_spool directories" +-msgid "Allow postfix_local domain full write access to mail_spool directories" ++#: ../sepolicy/sepolicy/__init__.py:172 ++msgid "socket file" msgstr "" -#: booleans.py:132 -+#: booleans.py:145 - msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" +-msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" ++#: ../sepolicy/sepolicy/__init__.py:173 ++msgid "symbolic link" msgstr "" -#: booleans.py:133 -+#: booleans.py:146 - msgid "Allow transmit client label to foreign database" +-msgid "Allow transmit client label to foreign database" ++#: ../sepolicy/sepolicy/__init__.py:174 ++msgid "named pipe" msgstr "" -#: booleans.py:134 -+#: booleans.py:147 - msgid "Allow database admins to execute DML statement" +-msgid "Allow database admins to execute DML statement" ++#: ../sepolicy/sepolicy/__init__.py:306 ++msgid "No SELinux Policy installed" msgstr "" -#: booleans.py:135 -+#: booleans.py:148 - msgid "Allow unprivileged users to execute DDL statement" +-msgid "Allow unprivileged users to execute DDL statement" ++#: ../sepolicy/sepolicy/__init__.py:386 ++msgid "You must regenerate interface info by running /usr/bin/sepolgen-ifgen" msgstr "" -#: booleans.py:136 -+#: booleans.py:149 - msgid "Allow pppd to load kernel modules for certain modems" +-msgid "Allow pppd to load kernel modules for certain modems" ++#: ../sepolicy/sepolicy/__init__.py:591 ++#, python-format ++msgid "Failed to read %s policy file" msgstr "" -#: booleans.py:137 -+#: booleans.py:150 - msgid "Allow pppd to be run for a regular user" +-msgid "Allow pppd to be run for a regular user" ++#: ../sepolicy/sepolicy/__init__.py:695 ++msgid "unknown" ++msgstr "غير معروف" ++ ++#: ../sepolicy/sepolicy/generate.py:132 ++msgid "Internet Services Daemon" msgstr "" -#: booleans.py:138 -msgid "" -"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:151 -+msgid "Determine whether privoxy can connect to all tcp ports." ++#: ../sepolicy/sepolicy/generate.py:136 ++msgid "Existing Domain Type" msgstr "" -#: booleans.py:139 -+#: booleans.py:152 - msgid "Allow Puppet client to manage all file types." +-msgid "Allow Puppet client to manage all file types." ++#: ../sepolicy/sepolicy/generate.py:137 ++msgid "Minimal Terminal Login User Role" msgstr "" -#: booleans.py:140 -+#: booleans.py:153 - msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" +-msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" ++#: ../sepolicy/sepolicy/generate.py:138 ++msgid "Minimal X Windows Login User Role" msgstr "" -#: booleans.py:141 -+#: booleans.py:154 - msgid "Allow racoon to read shadow" +-msgid "Allow racoon to read shadow" ++#: ../sepolicy/sepolicy/generate.py:139 ++msgid "Desktop Login User Role" msgstr "" -#: booleans.py:142 -msgid "Allow rgmanager domain to connect to the network using TCP." --msgstr "" -- ++#: ../sepolicy/sepolicy/generate.py:140 ++msgid "Administrator Login User Role" + msgstr "" + -#: booleans.py:143 -+#: booleans.py:155 - msgid "" - "Allow rsync to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." +-msgid "" +-"Allow rsync to modify public files used for public file transfer services. " +-"Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy/generate.py:141 ++msgid "Confined Root Administrator Role" msgstr "" -#: booleans.py:144 -+#: booleans.py:156 - msgid "Allow rsync to run as a client" +-msgid "Allow rsync to run as a client" ++#: ../sepolicy/sepolicy/generate.py:142 ++msgid "Module information for a new type" msgstr "" -#: booleans.py:145 -+#: booleans.py:157 - msgid "Allow rsync to export any files/directories read only." +-msgid "Allow rsync to export any files/directories read only." ++#: ../sepolicy/sepolicy/generate.py:147 ++msgid "Valid Types:\n" msgstr "" -#: booleans.py:146 -msgid "Allow rsync servers to share cifs files systems" --msgstr "" -- ++#: ../sepolicy/sepolicy/generate.py:181 ++#, python-format ++msgid "Ports must be numbers or ranges of numbers from 1 to %d " + msgstr "" + -#: booleans.py:147 -msgid "Allow rsync servers to share nfs files systems" -+#: booleans.py:158 -+msgid "Allow rsync server to manage all files/directories on the system." ++#: ../sepolicy/sepolicy/generate.py:192 ++msgid "You must enter a valid policy type" msgstr "" -#: booleans.py:148 -+#: booleans.py:159 - msgid "Allow samba to create new home directories (e.g. via PAM)" +-msgid "Allow samba to create new home directories (e.g. via PAM)" ++#: ../sepolicy/sepolicy/generate.py:195 ++#, python-format ++msgid "You must enter a name for your policy module for your %s." msgstr "" -#: booleans.py:149 -+#: booleans.py:160 ++#: ../sepolicy/sepolicy/generate.py:327 msgid "" - "Allow samba to act as the domain controller, add users, groups and change " - "passwords." +-"Allow samba to act as the domain controller, add users, groups and change " +-"passwords." ++"Name must be alpha numberic with no spaces. Consider using option \"-n " ++"MODULENAME\"" msgstr "" -#: booleans.py:150 -+#: booleans.py:161 - msgid "Allow samba to share users home directories." +-msgid "Allow samba to share users home directories." ++#: ../sepolicy/sepolicy/generate.py:419 ++msgid "User Role types can not be assigned executables." msgstr "" -#: booleans.py:151 -+#: booleans.py:162 - msgid "Allow samba to share any file/directory read only." +-msgid "Allow samba to share any file/directory read only." ++#: ../sepolicy/sepolicy/generate.py:425 ++msgid "Only Daemon apps can use an init script.." msgstr "" -#: booleans.py:152 -+#: booleans.py:163 - msgid "Allow samba to share any file/directory read/write." +-msgid "Allow samba to share any file/directory read/write." ++#: ../sepolicy/sepolicy/generate.py:443 ++msgid "use_resolve must be a boolean value " msgstr "" -#: booleans.py:153 -+#: booleans.py:164 - msgid "Allow samba to act as a portmapper" +-msgid "Allow samba to act as a portmapper" ++#: ../sepolicy/sepolicy/generate.py:449 ++msgid "use_syslog must be a boolean value " msgstr "" -#: booleans.py:154 -+#: booleans.py:165 - msgid "Allow samba to run unconfined scripts" +-msgid "Allow samba to run unconfined scripts" ++#: ../sepolicy/sepolicy/generate.py:455 ++msgid "use_kerberos must be a boolean value " msgstr "" -#: booleans.py:155 -msgid "Allow samba to export ntfs/fusefs volumes." --msgstr "" -- ++#: ../sepolicy/sepolicy/generate.py:461 ++msgid "manage_krb5_rcache must be a boolean value " + msgstr "" + -#: booleans.py:156 -+#: booleans.py:167 - msgid "Allow samba to export NFS volumes." +-msgid "Allow samba to export NFS volumes." ++#: ../sepolicy/sepolicy/generate.py:491 ++msgid "USER Types automatically get a tmp type" msgstr "" -#: booleans.py:157 -+#: booleans.py:168 - msgid "Allow sanlock to read/write fuse files" +-msgid "Allow sanlock to read/write fuse files" ++#: ../sepolicy/sepolicy/generate.py:832 ++#, python-format ++msgid "%s policy modules require existing domains" msgstr "" -#: booleans.py:158 -+#: booleans.py:169 - msgid "Allow sanlock to manage nfs files" +-msgid "Allow sanlock to manage nfs files" ++#: ../sepolicy/sepolicy/generate.py:857 ++msgid "Type field required" msgstr "" -#: booleans.py:159 -+#: booleans.py:170 - msgid "Allow sanlock to manage cifs files" +-msgid "Allow sanlock to manage cifs files" ++#: ../sepolicy/sepolicy/generate.py:869 ++#, python-format ++msgid "" ++"You need to define a new type which ends with: \n" ++" %s" msgstr "" -#: booleans.py:160 -+#: booleans.py:171 - msgid "Allow sasl to read shadow" +-msgid "Allow sasl to read shadow" ++#: ../sepolicy/sepolicy/generate.py:1088 ++msgid "You must enter the executable path for your confined process" msgstr "" -#: booleans.py:161 -+#: booleans.py:172 - msgid "Allow secadm to exec content" +-msgid "Allow secadm to exec content" ++#: ../sepolicy/sepolicy/generate.py:1360 ++msgid "Type Enforcement file" msgstr "" -#: booleans.py:162 -+#: booleans.py:173 - msgid "" - "disallow programs, such as newrole, from transitioning to administrative " - "user domains." +-msgid "" +-"disallow programs, such as newrole, from transitioning to administrative " +-"user domains." ++#: ../sepolicy/sepolicy/generate.py:1361 ++msgid "Interface file" msgstr "" -#: booleans.py:163 -+#: booleans.py:174 - msgid "Disable kernel module loading." +-msgid "Disable kernel module loading." ++#: ../sepolicy/sepolicy/generate.py:1362 ++msgid "File Contexts file" msgstr "" -#: booleans.py:164 -+#: booleans.py:175 - msgid "" - "Boolean to determine whether the system permits loading policy, setting " - "enforcing mode, and changing boolean values. Set this to true and you have " - "to reboot to set it back." +-msgid "" +-"Boolean to determine whether the system permits loading policy, setting " +-"enforcing mode, and changing boolean values. Set this to true and you have " +-"to reboot to set it back." ++#: ../sepolicy/sepolicy/generate.py:1363 ++msgid "Spec file" msgstr "" -#: booleans.py:165 -+#: booleans.py:176 - msgid "Allow regular users direct dri device access" +-msgid "Allow regular users direct dri device access" ++#: ../sepolicy/sepolicy/generate.py:1364 ++msgid "Setup Script" msgstr "" -#: booleans.py:166 -+#: booleans.py:177 - msgid "" - "Allow unconfined executables to make their heap memory executable. Doing " - "this is a really bad idea. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" +-msgid "" +-"Allow unconfined executables to make their heap memory executable. Doing " +-"this is a really bad idea. Probably indicates a badly coded executable, but " +-"could indicate an attack. This executable should be reported in bugzilla" +-msgstr "" ++#: ../sepolicy/sepolicy/sepolicy.glade:7 ++#, fuzzy ++msgid "SELinux Gui" ++msgstr "مستخدم SELinux" -#: booleans.py:167 -+#: booleans.py:178 - msgid "" - "Allow all unconfined executables to use libraries requiring text relocation " - "that are not labeled textrel_shlib_t" +-msgid "" +-"Allow all unconfined executables to use libraries requiring text relocation " +-"that are not labeled textrel_shlib_t" ++#: ../sepolicy/sepolicy/sepolicy.glade:33 ++msgid "Type to search for a process" msgstr "" -#: booleans.py:168 -+#: booleans.py:179 - msgid "" - "Allow unconfined executables to make their stack executable. This should " - "never, ever be necessary. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" +-msgid "" +-"Allow unconfined executables to make their stack executable. This should " +-"never, ever be necessary. Probably indicates a badly coded executable, but " +-"could indicate an attack. This executable should be reported in bugzilla" ++#: ../sepolicy/sepolicy/sepolicy.glade:35 ++msgid "Select domain" msgstr "" -#: booleans.py:169 -+#: booleans.py:180 - msgid "Allow users to connect to the local mysql server" +-msgid "Allow users to connect to the local mysql server" ++#: ../sepolicy/sepolicy/sepolicy.glade:70 ++#: ../sepolicy/sepolicy/sepolicy.glade:308 ++msgid "Booleans" msgstr "" -#: booleans.py:170 -+#: booleans.py:181 ++#: ../sepolicy/sepolicy/sepolicy.glade:74 msgid "" -"Allow confined users the ability to execute the ping and traceroute " -"commands." -+"Allow confined users the ability to execute the ping and traceroute commands." ++"Display boolean information that can be used to modify the policy for the " ++"'selected domain'." msgstr "" -#: booleans.py:171 -+#: booleans.py:182 - msgid "Allow users to connect to PostgreSQL" +-msgid "Allow users to connect to PostgreSQL" ++#: ../sepolicy/sepolicy/sepolicy.glade:85 ++#: ../sepolicy/sepolicy/sepolicy.glade:710 ++msgid "Files" msgstr "" -#: booleans.py:172 -+#: booleans.py:183 ++#: ../sepolicy/sepolicy/sepolicy.glade:89 msgid "" - "Allow user to r/w files on filesystems that do not have extended attributes " - "(FAT, CDROM, FLOPPY)" +-"Allow user to r/w files on filesystems that do not have extended attributes " +-"(FAT, CDROM, FLOPPY)" ++"Display file type information that can be used by the 'selected domain'." msgstr "" -#: booleans.py:173 -+#: booleans.py:184 -+msgid "Allow user music sharing" -+msgstr "" -+ -+#: booleans.py:185 - msgid "" +-msgid "" -"Allow users to run TCP servers (bind to ports and accept connection from the" -" same domain and outside users) disabling this forces FTP passive mode and " -+"Allow users to run TCP servers (bind to ports and accept connection from the " -+"same domain and outside users) disabling this forces FTP passive mode and " - "may change other protocols." +-"may change other protocols." ++#: ../sepolicy/sepolicy/sepolicy.glade:100 ++#: ../sepolicy/sepolicy/sepolicy.glade:1062 ++msgid "Network" msgstr "" -#: booleans.py:174 -+#: booleans.py:186 - msgid "Allow user to use ssh chroot environment." +-msgid "Allow user to use ssh chroot environment." ++#: ../sepolicy/sepolicy/sepolicy.glade:104 ++msgid "" ++"Display network ports to which the 'selected domain' can connect or listen " ++"to." msgstr "" -#: booleans.py:175 -msgid "Allow user music sharing" --msgstr "" -- ++#: ../sepolicy/sepolicy/sepolicy.glade:115 ++#: ../sepolicy/sepolicy/sepolicy.glade:1361 ++msgid "Transitions" + msgstr "" + -#: booleans.py:176 -+#: booleans.py:187 ++#: ../sepolicy/sepolicy/sepolicy.glade:119 msgid "" -"Allow anon internal-sftp to upload files, used for public file transfer " -"services. Directories must be labeled public_content_rw_t." -+"Determine whether sftpd can modify public files used for public file " -+"transfer services. Directories/Files must be labeled public_content_rw_t." ++"Display applications that can transition into or out of the 'selected " ++"domain'." msgstr "" -#: booleans.py:177 -+#: booleans.py:188 - msgid "" +-msgid "" -"Allow sftp-internal to read and write files in the user home directories" -+"Determine whether sftpd-can read and write files in user home directories." ++#: ../sepolicy/sepolicy/sepolicy.glade:188 ++#: ../sepolicy/sepolicy/sepolicy.glade:358 ++#: ../sepolicy/sepolicy/sepolicy.glade:765 ++#: ../sepolicy/sepolicy/sepolicy.glade:1113 ++msgid "Show Modified Only" msgstr "" -#: booleans.py:178 -+#: booleans.py:189 ++#: ../sepolicy/sepolicy/sepolicy.glade:219 msgid "" -"Allow sftp-internal to login to local users and read/write all files on the " -"system, governed by DAC." -+"Determine whether sftpd-can login to local users and read and write all " -+"files on the system, governed by DAC." ++"If-Then-Else rules written in policy that can \n" ++"allow alternative access control." msgstr "" -#: booleans.py:179 -+#: booleans.py:190 - msgid "" +-msgid "" -"Allow internal-sftp to read and write files in the user ssh home " -+"Determine whether sftpd can read and write files in user ssh home " - "directories." +-"directories." ++#: ../sepolicy/sepolicy/sepolicy.glade:373 ++#: ../sepolicy/sepolicy/sepolicy.glade:787 ++#: ../sepolicy/sepolicy/sepolicy.glade:1128 ++msgid "Modify" msgstr "" -#: booleans.py:180 -+#: booleans.py:191 - msgid "Allow sge to connect to the network using any TCP port" +-msgid "Allow sge to connect to the network using any TCP port" ++#: ../sepolicy/sepolicy/sepolicy.glade:377 ++#: ../sepolicy/sepolicy/sepolicy.glade:791 ++msgid "Modify an existing item" msgstr "" -#: booleans.py:181 -+#: booleans.py:192 - msgid "Allow sge to access nfs file systems." +-msgid "Allow sge to access nfs file systems." ++#: ../sepolicy/sepolicy/sepolicy.glade:389 ++#: ../sepolicy/sepolicy/sepolicy.glade:803 ++#: ../sepolicy/sepolicy/sepolicy.glade:1142 ++msgid "Delete" msgstr "" -#: booleans.py:182 -msgid "" -"Enable additional permissions needed to support devices on 3ware " -"controllers." -+#: booleans.py:193 -+msgid "Determine whether smartmon can support devices on 3ware controllers." ++#: ../sepolicy/sepolicy/sepolicy.glade:393 ++#: ../sepolicy/sepolicy/sepolicy.glade:807 ++msgid "Delete an existing item" msgstr "" -#: booleans.py:183 -+#: booleans.py:194 - msgid "" - "Allow samba to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." +-msgid "" +-"Allow samba to modify public files used for public file transfer services. " +-"Files/Directories must be labeled public_content_rw_t." ++#: ../sepolicy/sepolicy/sepolicy.glade:409 ++#: ../sepolicy/sepolicy/sepolicy.glade:823 ++msgid "Add a new item" msgstr "" -#: booleans.py:184 -+#: booleans.py:195 - msgid "Allow user spamassassin clients to use the network." +-msgid "Allow user spamassassin clients to use the network." ++#: ../sepolicy/sepolicy/sepolicy.glade:442 ++msgid "File path used to enter the above selected process domain." msgstr "" -#: booleans.py:185 -+#: booleans.py:196 - msgid "Allow spamd to read/write user home directories." +-msgid "Allow spamd to read/write user home directories." ++#: ../sepolicy/sepolicy/sepolicy.glade:450 ++#: ../sepolicy/sepolicy/sepolicy.glade:531 ++msgid "File Path" msgstr "" -#: booleans.py:186 -msgid "" -"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:197 -+msgid "Determine whether squid can connect to all TCP ports." - msgstr "" +-msgstr "" ++#: ../sepolicy/sepolicy/sepolicy.glade:468 ++#: ../sepolicy/sepolicy/sepolicy.glade:549 ++#, fuzzy ++msgid "SELinux File Label" ++msgstr "قيمة منطقية لـSELinux" -#: booleans.py:187 -msgid "Allow squid to run as a transparent proxy (TPROXY)" -+#: booleans.py:198 -+msgid "Determine whether squid can run as a transparent proxy." ++#: ../sepolicy/sepolicy/sepolicy.glade:485 ++#: ../sepolicy/sepolicy/sepolicy.glade:567 ++#: ../sepolicy/sepolicy/sepolicy.glade:660 ++msgid "Class" msgstr "" -#: booleans.py:188 -+#: booleans.py:199 - msgid "" - "Allow ssh with chroot env to read and write files in the user home " - "directories" +-msgid "" +-"Allow ssh with chroot env to read and write files in the user home " +-"directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:505 ++msgid "File path used to enter the 'selected domain'." msgstr "" -#: booleans.py:189 -+#: booleans.py:200 - msgid "allow host key based authentication" +-msgid "allow host key based authentication" ++#: ../sepolicy/sepolicy/sepolicy.glade:506 ++msgid "Executable Files" msgstr "" -#: booleans.py:190 -+#: booleans.py:201 - msgid "Allow ssh logins as sysadm_r:sysadm_t" +-msgid "Allow ssh logins as sysadm_r:sysadm_t" ++#: ../sepolicy/sepolicy/sepolicy.glade:523 ++msgid "Files to which the above selected process domain can write." msgstr "" -#: booleans.py:191 -+#: booleans.py:202 - msgid "Allow staff to exec content" +-msgid "Allow staff to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:591 ++msgid "Files to which the 'selected domain' can write." msgstr "" -#: booleans.py:192 -+#: booleans.py:203 - msgid "allow staff user to create and transition to svirt domains." +-msgid "allow staff user to create and transition to svirt domains." ++#: ../sepolicy/sepolicy/sepolicy.glade:592 ++msgid "Writable Files" msgstr "" -#: booleans.py:193 -+#: booleans.py:204 - msgid "Allow sysadm to exec content" +-msgid "Allow sysadm to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:610 ++msgid "File Types defined for the selected domain" msgstr "" -#: booleans.py:194 -msgid "" -"Allow the Telepathy connection managers to connect to any network port." -+#: booleans.py:205 -+msgid "Allow the Telepathy connection managers to connect to any network port." ++#: ../sepolicy/sepolicy/sepolicy.glade:618 ++msgid "File path" msgstr "" -#: booleans.py:195 -+#: booleans.py:206 - msgid "" - "Allow the Telepathy connection managers to connect to any generic TCP port." +-msgid "" +-"Allow the Telepathy connection managers to connect to any generic TCP port." ++#: ../sepolicy/sepolicy/sepolicy.glade:686 ++msgid "File Types defined for the 'selected domain'." msgstr "" -#: booleans.py:196 -+#: booleans.py:207 - msgid "" - "Allow tftp to modify public files used for public file transfer services." +-msgid "" +-"Allow tftp to modify public files used for public file transfer services." ++#: ../sepolicy/sepolicy/sepolicy.glade:687 ++msgid "Application File Types" msgstr "" -#: booleans.py:197 -+#: booleans.py:208 - msgid "Allow tftp to read and write files in the user home directories" +-msgid "Allow tftp to read and write files in the user home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:856 ++msgid "Network Ports to which the selected domain is allowed to connect." msgstr "" -#: booleans.py:198 -msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." -+#: booleans.py:209 -+msgid "Determine whether tor can bind tcp sockets to all unreserved ports." ++#: ../sepolicy/sepolicy/sepolicy.glade:898 ++#: ../sepolicy/sepolicy/sepolicy.glade:997 ++msgid "Modified" msgstr "" -#: booleans.py:199 -+#: booleans.py:210 - msgid "Allow tor to act as a relay" +-msgid "Allow tor to act as a relay" ++#: ../sepolicy/sepolicy/sepolicy.glade:937 ++msgid "Network Ports to which the 'selected domain' is allowed to connect." msgstr "" -#: booleans.py:200 -+#: booleans.py:211 - msgid "" - "allow unconfined users to transition to the chrome sandbox domains when " - "running chrome-sandbox" +-msgid "" +-"allow unconfined users to transition to the chrome sandbox domains when " +-"running chrome-sandbox" ++#: ../sepolicy/sepolicy/sepolicy.glade:938 ++msgid "Outbound" msgstr "" -#: booleans.py:201 -+#: booleans.py:212 - msgid "Allow a user to login as an unconfined domain" +-msgid "Allow a user to login as an unconfined domain" ++#: ../sepolicy/sepolicy/sepolicy.glade:955 ++msgid "Network Ports to which the selected domain is allowed to listen." msgstr "" -#: booleans.py:202 -+#: booleans.py:213 - msgid "" - "Allow unconfined users to transition to the Mozilla plugin domain when " - "running xulrunner plugin-container." +-msgid "" +-"Allow unconfined users to transition to the Mozilla plugin domain when " +-"running xulrunner plugin-container." ++#: ../sepolicy/sepolicy/sepolicy.glade:1038 ++msgid "Network Ports to which the 'selected domain' is allowed to listen." msgstr "" -#: booleans.py:203 -+#: booleans.py:214 - msgid "Allow video playing tools to run unconfined" +-msgid "Allow video playing tools to run unconfined" ++#: ../sepolicy/sepolicy/sepolicy.glade:1039 ++msgid "Inbound" msgstr "" -#: booleans.py:204 -+#: booleans.py:215 - msgid "Allow unprivledged user to create and transition to svirt domains." +-msgid "Allow unprivledged user to create and transition to svirt domains." ++#: ../sepolicy/sepolicy/sepolicy.glade:1189 ++#: ../sepolicy/sepolicy/sepolicy.glade:1260 ++msgid "" ++"Executables which will transition to a different domain, when the 'selected " ++"domain' executes them." msgstr "" -#: booleans.py:205 -+#: booleans.py:216 - msgid "Support ecryptfs home directories" - msgstr "" +-msgid "Support ecryptfs home directories" +-msgstr "" ++#: ../sepolicy/sepolicy/sepolicy.glade:1194 ++#: ../sepolicy/sepolicy/sepolicy.glade:1285 ++#, fuzzy ++msgid "Enabled" ++msgstr "معطّل" -#: booleans.py:206 -+#: booleans.py:217 - msgid "Support fusefs home directories" +-msgid "Support fusefs home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1223 ++msgid "Executable File Type" msgstr "" -#: booleans.py:207 -msgid "Use lpd server instead of cups" -+#: booleans.py:218 -+msgid "Determine whether to support lpd server." ++#: ../sepolicy/sepolicy/sepolicy.glade:1239 ++#, fuzzy ++msgid "Transtype" ++msgstr "نوع" ++ ++#: ../sepolicy/sepolicy/sepolicy.glade:1263 ++msgid "Transitions From 'select domain'" msgstr "" -#: booleans.py:208 -+#: booleans.py:219 - msgid "Support NFS home directories" +-msgid "Support NFS home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1280 ++#: ../sepolicy/sepolicy/sepolicy.glade:1337 ++msgid "" ++"Executables which will transition to the 'selected domain', when executing a " ++"selected domains entrypoint." msgstr "" -#: booleans.py:209 -+#: booleans.py:220 - msgid "Support SAMBA home directories" +-msgid "Support SAMBA home directories" ++#: ../sepolicy/sepolicy/sepolicy.glade:1299 ++msgid "Calling Process Domain" msgstr "" -#: booleans.py:210 -+#: booleans.py:221 - msgid "Allow user to exec content" +-msgid "Allow user to exec content" ++#: ../sepolicy/sepolicy/sepolicy.glade:1313 ++msgid "Executable File" msgstr "" -#: booleans.py:211 -msgid "Allow varnishd to connect to all ports, not just HTTP." -+#: booleans.py:222 -+msgid "Determine whether varnishd can use the full TCP network." ++#: ../sepolicy/sepolicy/sepolicy.glade:1338 ++msgid "Transitions Into 'select domain'" msgstr "" -#: booleans.py:212 -msgid "Ignore vbetool mmap_zero errors." -+#: booleans.py:223 -+msgid "" -+"Determine whether attempts by vbetool to mmap low regions should be silently " -+"blocked." ++#: ../sepolicy/sepolicy/sepolicy.glade:1388 ++msgid "Reset" msgstr "" -#: booleans.py:213 -+#: booleans.py:224 - msgid "" - "Allow confined virtual guests to use serial/parallel communication ports" +-msgid "" +-"Allow confined virtual guests to use serial/parallel communication ports" ++#: ../sepolicy/sepolicy/sepolicy.glade:1392 ++msgid "Reset to system default" msgstr "" -#: booleans.py:214 -+#: booleans.py:225 - msgid "" - "Allow confined virtual guests to use executable memory and executable stack" +-msgid "" +-"Allow confined virtual guests to use executable memory and executable stack" ++#: ../sepolicy/sepolicy/sepolicy.glade:1403 ++msgid "Update" msgstr "" -#: booleans.py:215 -+#: booleans.py:226 - msgid "Allow confined virtual guests to read fuse files" +-msgid "Allow confined virtual guests to read fuse files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1407 ++msgid "Save your changes" msgstr "" -#: booleans.py:216 -+#: booleans.py:227 - msgid "Allow confined virtual guests to manage nfs files" +-msgid "Allow confined virtual guests to manage nfs files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1454 ++#: ../sepolicy/sepolicy/sepolicy.glade:1541 ++#: ../sepolicy/sepolicy/sepolicy.glade:1629 ++msgid "Add a File" msgstr "" -#: booleans.py:217 -+#: booleans.py:228 - msgid "Allow confined virtual guests to interact with rawip sockets" +-msgid "Allow confined virtual guests to interact with rawip sockets" ++#: ../sepolicy/sepolicy/sepolicy.glade:1504 ++#: ../sepolicy/sepolicy/sepolicy.glade:1592 ++#: ../sepolicy/sepolicy/sepolicy.glade:1680 ++msgid "Save changes" msgstr "" -#: booleans.py:218 -+#: booleans.py:229 - msgid "Allow confined virtual guests to manage cifs files" +-msgid "Allow confined virtual guests to manage cifs files" ++#: ../sepolicy/sepolicy/sepolicy.glade:1518 ++#: ../sepolicy/sepolicy/sepolicy.glade:1606 ++#: ../sepolicy/sepolicy/sepolicy.glade:1694 ++msgid "Reset Changes" msgstr "" -#: booleans.py:219 -+#: booleans.py:230 - msgid "Allow confined virtual guests to interact with the sanlock" +-msgid "Allow confined virtual guests to interact with the sanlock" ++#: ../sepolicy/sepolicy/sepolicy.glade:1780 ++msgid "Applicaiton more detailed view" msgstr "" -#: booleans.py:220 -msgid "Allow confined virtual guests to manage device configuration, (pci)" --msgstr "" -- ++#: ../sepolicy/sepolicy/sepolicy.glade:1874 ++msgid "Analyzing Policy..." + msgstr "" + -#: booleans.py:221 -+#: booleans.py:231 - msgid "Allow confined virtual guests to use usb devices" +-msgid "Allow confined virtual guests to use usb devices" ++#: ../sepolicy/sepolicy/gui.py:49 ++msgid "No" msgstr "" -#: booleans.py:222 -+#: booleans.py:232 - msgid "Allow confined virtual guests to interact with the xserver" +-msgid "Allow confined virtual guests to interact with the xserver" ++#: ../sepolicy/sepolicy/gui.py:49 ++msgid "Yes" msgstr "" -#: booleans.py:223 -msgid "Allow webadm to manage files in users home directories" -+#: booleans.py:233 -+msgid "Determine whether webadm can manage generic user files." ++#: ../sepolicy/sepolicy/gui.py:61 ++msgid "GTK Not Available" msgstr "" -#: booleans.py:224 -msgid "Allow webadm to read files in users home directories" -+#: booleans.py:234 -+msgid "Determine whether webadm can read generic user files." ++#: ../sepolicy/sepolicy/gui.py:195 ++msgid "System Status: Enforcing" msgstr "" -#: booleans.py:225 -msgid "Ignore wine mmap_zero errors." -+#: booleans.py:235 -+msgid "" -+"Determine whether attempts by wine to mmap low regions should be silently " -+"blocked." ++#: ../sepolicy/sepolicy/gui.py:197 ++msgid "System Status: Permissive" msgstr "" -#: booleans.py:226 -+#: booleans.py:236 - msgid "Allow the graphical login program to execute bootloader" +-msgid "Allow the graphical login program to execute bootloader" ++#: ../sepolicy/sepolicy/gui.py:199 ++msgid "System Status: Disabled" msgstr "" -#: booleans.py:227 -+#: booleans.py:237 - msgid "" - "Allow the graphical login program to login directly as sysadm_r:sysadm_t" +-msgid "" +-"Allow the graphical login program to login directly as sysadm_r:sysadm_t" ++#: ../sepolicy/sepolicy/gui.py:413 ++#, python-format ++msgid "File path used to enter the '%s' domain." msgstr "" -#: booleans.py:228 -+#: booleans.py:238 - msgid "Allow xen to manage nfs files" +-msgid "Allow xen to manage nfs files" ++#: ../sepolicy/sepolicy/gui.py:414 ++#, python-format ++msgid "Files to which the '%s' domain can write." msgstr "" -#: booleans.py:229 -+#: booleans.py:239 - msgid "" - "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " - "logical volumes for disk images." +-msgid "" +-"Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " +-"logical volumes for disk images." ++#: ../sepolicy/sepolicy/gui.py:415 ++#, python-format ++msgid "Network Ports to which the '%s' is allowed to connect." msgstr "" -#: booleans.py:230 -+#: booleans.py:240 - msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." +-msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." ++#: ../sepolicy/sepolicy/gui.py:416 ++#, python-format ++msgid "Network Ports to which the '%s' is allowed to listen." msgstr "" -#: booleans.py:231 -+#: booleans.py:241 - msgid "" - "Allow xguest users to configure Network Manager and connect to apache ports" +-msgid "" +-"Allow xguest users to configure Network Manager and connect to apache ports" ++#: ../sepolicy/sepolicy/gui.py:417 ++#, python-format ++msgid "File Types defined for the '%s'." msgstr "" -#: booleans.py:232 -+#: booleans.py:242 - msgid "Allow xguest to exec content" +-msgid "Allow xguest to exec content" ++#: ../sepolicy/sepolicy/gui.py:418 ++#, python-format ++msgid "" ++"Display boolean information that can be used to modify the policy for the " ++"'%s'." msgstr "" -#: booleans.py:233 -+#: booleans.py:243 - msgid "Allow xguest users to mount removable media" +-msgid "Allow xguest users to mount removable media" ++#: ../sepolicy/sepolicy/gui.py:419 ++#, python-format ++msgid "Display file type information that can be used by the '%s'." msgstr "" -#: booleans.py:234 -+#: booleans.py:244 - msgid "Allow xguest to use blue tooth devices" +-msgid "Allow xguest to use blue tooth devices" ++#: ../sepolicy/sepolicy/gui.py:420 ++#, python-format ++msgid "Display network ports to which the '%s' can connect or listen to." msgstr "" -#: booleans.py:235 -+#: booleans.py:245 - msgid "Allows clients to write to the X server shared memory segments." +-msgid "Allows clients to write to the X server shared memory segments." ++#: ../sepolicy/sepolicy/gui.py:421 ++#, python-format ++msgid "Transitions Into '%s'" msgstr "" -#: booleans.py:236 -+#: booleans.py:246 - msgid "Allows XServer to execute writable memory" +-msgid "Allows XServer to execute writable memory" ++#: ../sepolicy/sepolicy/gui.py:422 ++#, python-format ++msgid "Transitions From '%s'" msgstr "" -#: booleans.py:237 -+#: booleans.py:247 - msgid "Support X userspace object manager" +-msgid "Support X userspace object manager" ++#: ../sepolicy/sepolicy/gui.py:423 ++#, python-format ++msgid "" ++"Executables which will transition to the '%s', when executing a selected " ++"domains entrypoint." msgstr "" -#: booleans.py:238 -msgid "Allow zabbix to connect to unreserved ports" -+#: booleans.py:248 -+msgid "Determine whether zabbix can connect to all TCP ports" ++#: ../sepolicy/sepolicy/gui.py:424 ++#, python-format ++msgid "" ++"Executables which will transition to a different domain, when the '%s' " ++"executes them." msgstr "" -#: booleans.py:239 -+#: booleans.py:249 - msgid "Allow zebra daemon to write it configuration files" +-msgid "Allow zebra daemon to write it configuration files" ++#: ../sepolicy/sepolicy/gui.py:425 ++#, python-format ++msgid "Display applications that can transition into or out of the '%s'." msgstr "" -#: booleans.py:240 -+#: booleans.py:250 - msgid "" - "Allow ZoneMinder to modify public files used for public file transfer " - "services." +-msgid "" +-"Allow ZoneMinder to modify public files used for public file transfer " +-"services." ++#: ../sepolicy/sepolicy/gui.py:604 ++#, python-format ++msgid "Boolean %s Allow Rules" + msgstr "" diff --git a/policycoreutils/po/as.po b/policycoreutils/po/as.po -index f5448a3..1be665d 100644 +index f5448a3..7b0de53 100644 --- a/policycoreutils/po/as.po +++ b/policycoreutils/po/as.po -@@ -3,17 +3,17 @@ +@@ -1,25 +1,26 @@ + # SOME DESCRIPTIVE TITLE. + # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. - # +-# ++# # Translators: -# Amitakhya Phukan , 2006. -# Amitakhya Phukan , 2008-2010. @@ -10318,21 +13357,36 @@ index f5448a3..1be665d 100644 "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2013-01-04 12:01-0500\n" -"PO-Revision-Date: 2013-01-07 14:17+0000\n" -+"POT-Creation-Date: 2013-05-07 11:12-0400\n" ++"POT-Creation-Date: 2013-07-10 16:36-0400\n" +"PO-Revision-Date: 2013-05-08 07:05+0000\n" "Last-Translator: ngoswami \n" - "Language-Team: Assamese (http://www.transifex.com/projects/p/fedora/language/as/)\n" +-"Language-Team: Assamese (http://www.transifex.com/projects/p/fedora/language/as/)\n" ++"Language-Team: Assamese (http://www.transifex.com/projects/p/fedora/language/" ++"as/)\n" ++"Language: as\n" "MIME-Version: 1.0\n" -@@ -29,7 +29,7 @@ msgid "" + "Content-Type: text/plain; charset=UTF-8\n" + "Content-Transfer-Encoding: 8bit\n" +-"Language: as\n" + "Plural-Forms: nplurals=2; plural=(n != 1);\n" + + #: ../run_init/run_init.c:67 +@@ -27,9 +28,12 @@ msgid "" + "USAGE: run_init