From f5d4f8f0dd1268a1b4f4741ef058d9309f286a3a Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Tue, 21 May 2013 09:41:29 -0400 Subject: [PATCH] Fix sandbox to always use sandbox_file_t, so generated policy will work. - Update Translations --- policycoreutils-rhat.patch | 249931 +--------------------------------- policycoreutils.spec | 19 +- 2 files changed, 375 insertions(+), 249575 deletions(-) diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 2770354..f4dde1e 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -34,7 +34,7 @@ index 88635d4..fc290ea 100644 clean: rm -f *~ diff --git a/policycoreutils/audit2allow/audit2allow b/policycoreutils/audit2allow/audit2allow -index 8e0c396..1059bea 100644 +index 8e0c396..9bd66f5 100644 --- a/policycoreutils/audit2allow/audit2allow +++ b/policycoreutils/audit2allow/audit2allow @@ -18,7 +18,7 @@ @@ -65,137 +65,19 @@ index 8e0c396..1059bea 100644 help="Translates SELinux audit messages into a description of why the access was denied") options, args = parser.parse_args() -@@ -267,12 +268,10 @@ class AuditToPolicy: - continue - - if rc == audit2why.CONSTRAINT: -- print "\t\tPolicy constraint violation.\n" -- print "\t\tMay require adding a type attribute to the domain or type to satisfy the constraint.\n" -- print "\t\tConstraints are defined in the policy sources in policy/constraints (general), policy/mcs (MCS), and policy/mls (MLS).\n" -- for reason in data: -- print "\t\tNote: Possible cause is the source and target %s differ\n" % reason -- continue -+ print #!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access.\n" -+ print "#Constraint rule: \n\t" + data[0] -+ for reason in data[1:]: -+ print "#\tPossible cause is the source %s and target %s are different.\n\b" % reason - - if rc == audit2why.RBAC: - print "\t\tMissing role allow rule.\n" -@@ -350,6 +349,9 @@ class AuditToPolicy: - except ValueError, e: - print e - sys.exit(1) -+ except IOError, e: -+ print e -+ sys.exit(1) - - if __name__ == "__main__": - app = AuditToPolicy() diff --git a/policycoreutils/audit2allow/audit2allow.1 b/policycoreutils/audit2allow/audit2allow.1 -index a854a45..0155f98 100644 +index a854a45..bc70938 100644 --- a/policycoreutils/audit2allow/audit2allow.1 +++ b/policycoreutils/audit2allow/audit2allow.1 -@@ -29,7 +29,7 @@ - \- generate SELinux policy allow/dontaudit rules from logs of denied operations - - .BR audit2why --\- translates SELinux audit messages into a description of why the access was denied (audit2allow -w) -+\- translates SELinux audit messages into a description of why the access was denied (audit2allow \-w) - - .SH SYNOPSIS - .B audit2allow -@@ -37,16 +37,16 @@ - .SH OPTIONS - .TP - .B "\-a" | "\-\-all" --Read input from audit and message log, conflicts with -i -+Read input from audit and message log, conflicts with \-i - .TP - .B "\-b" | "\-\-boot" --Read input from audit messages since last boot conflicts with -i -+Read input from audit messages since last boot conflicts with \-i - .TP - .B "\-d" | "\-\-dmesg" - Read input from output of - .I /bin/dmesg. - Note that all audit messages are not available via dmesg when --auditd is running; use "ausearch -m avc | audit2allow" or "-a" instead. -+auditd is running; use "ausearch \-m avc | audit2allow" or "\-a" instead. - .TP - .B "\-D" | "\-\-dontaudit" - Generate dontaudit rules (Default: allow) -@@ -65,7 +65,7 @@ read input only after last policy reload - Generate module/require output - .TP - .B "\-M " --Generate loadable module package, conflicts with -o -+Generate loadable module package, conflicts with \-o - .TP - .B "\-p " | "\-\-policy " - Policy file to use for analysis -@@ -123,7 +123,7 @@ an 'allow' rule. - .PP - .B Using audit2allow to generate module policy - --$ cat /var/log/audit/audit.log | audit2allow -m local > local.te -+$ cat /var/log/audit/audit.log | audit2allow \-m local > local.te - $ cat local.te - module local 1.0; - -@@ -141,7 +141,7 @@ allow myapp_t etc_t:file { getattr open read }; - - .B Using audit2allow to generate module policy using reference policy - --$ cat /var/log/audit/audit.log | audit2allow -R -m local > local.te -+$ cat /var/log/audit/audit.log | audit2allow \-R \-m local > local.te - $ cat local.te - policy_module(local, 1.0) - -@@ -157,32 +157,32 @@ files_read_etc_files(myapp_t) - - # SELinux provides a policy devel environment under /usr/share/selinux/devel - # You can create a te file and compile it by executing --$ make -f /usr/share/selinux/devel/Makefile --$ semodule -i local.pp -+$ make -f /usr/share/selinux/devel/Makefile local.pp -+$ semodule \-i local.pp - - .B Building module policy manually - - # Compile the module --$ checkmodule -M -m -o local.mod local.te -+$ checkmodule \-M \-m \-o local.mod local.te - # Create the package --$ semodule_package -o local.pp -m local.mod -+$ semodule_package \-o local.pp \-m local.mod - # Load the module into the kernel --$ semodule -i local.pp -+$ semodule \-i local.pp +@@ -171,7 +171,7 @@ $ semodule -i local.pp .B Using audit2allow to generate and build module policy --$ cat /var/log/audit/audit.log | audit2allow -M local + $ cat /var/log/audit/audit.log | audit2allow -M local -Generating type enforcment file: local.te --Compiling policy: checkmodule -M -m -o local.mod local.te --Building package: semodule_package -o local.pp -m local.mod -+$ cat /var/log/audit/audit.log | audit2allow \-M local +Generating type enforcement file: local.te -+Compiling policy: checkmodule \-M \-m \-o local.mod local.te -+Building package: semodule_package \-o local.pp \-m local.mod + Compiling policy: checkmodule -M -m -o local.mod local.te + Building package: semodule_package -o local.pp -m local.mod - ******************** IMPORTANT *********************** - - In order to load this newly created policy package into the kernel, - you are required to execute - --semodule -i local.pp -+semodule \-i local.pp - --.B Using audit2allow to generate monolithic (non-module) policy -+.B Using audit2allow to generate monolithic (non\-module) policy - $ cd /etc/selinux/$SELINUXTYPE/src/policy - $ cat /var/log/audit/audit.log | audit2allow >> domains/misc/local.te - $ cat domains/misc/local.te diff --git a/policycoreutils/audit2allow/audit2why.1 b/policycoreutils/audit2allow/audit2why.1 new file mode 100644 index 0000000..a9e8893 @@ -257,21 +139,20 @@ index a9e8893..0000000 @@ -1 +0,0 @@ -.so man1/audit2allow.1 diff --git a/policycoreutils/gui/Makefile b/policycoreutils/gui/Makefile -index b5abbb9..a8cf71f 100644 +index b5abbb9..513f2c4 100644 --- a/policycoreutils/gui/Makefile +++ b/policycoreutils/gui/Makefile -@@ -1,7 +1,10 @@ +@@ -1,7 +1,9 @@ # Installation directories. PREFIX ?= ${DESTDIR}/usr +SYSCONFDIR ?= ${DESTDIR}/etc BINDIR ?= $(PREFIX)/bin SHAREDIR ?= $(PREFIX)/share/system-config-selinux +DATADIR ?= $(PREFIX)/share -+MANDIR = $(PREFIX)/share/man TARGETS= \ booleansPage.py \ -@@ -16,18 +19,30 @@ portsPage.py \ +@@ -16,6 +18,7 @@ portsPage.py \ semanagePage.py \ statusPage.py \ system-config-selinux.glade \ @@ -279,9 +160,8 @@ index b5abbb9..a8cf71f 100644 usersPage.py all: $(TARGETS) system-config-selinux.py polgengui.py - +@@ -23,11 +26,19 @@ all: $(TARGETS) system-config-selinux.py polgengui.py install: all -+ -mkdir -p $(MANDIR)/man8 -mkdir -p $(SHAREDIR) -mkdir -p $(BINDIR) + -mkdir -p $(DATADIR)/pixmaps @@ -294,8 +174,6 @@ index b5abbb9..a8cf71f 100644 - install -m 755 sepolgen $(BINDIR) install -m 644 $(TARGETS) $(SHAREDIR) - -+ install -m 644 system-config-selinux.8 $(MANDIR)/man8 -+ install -m 644 selinux-polgengui.8 $(MANDIR)/man8 + install -m 644 system-config-selinux.png $(DATADIR)/pixmaps + install -m 644 system-config-selinux.png $(DATADIR)/icons/hicolor/24x24/apps + install -m 644 system-config-selinux.png $(DATADIR)/system-config-selinux @@ -332,47 +210,6 @@ index 0000000..fcfa81d + true + + -diff --git a/policycoreutils/gui/selinux-polgengui.8 b/policycoreutils/gui/selinux-polgengui.8 -new file mode 100644 -index 0000000..52bf7dd ---- /dev/null -+++ b/policycoreutils/gui/selinux-polgengui.8 -@@ -0,0 +1,35 @@ -+.TH "selinux-polgengui" "8" "8 April 2013" "System Config Tools Manual" "System Config Tools Manual" -+ -+.SH NAME -+selinux\-polgengui \- SELinux Policy Generation Tool -+ -+.SH SYNOPSIS -+.B selinux-polgengui -+ -+.SH DESCRIPTION -+\fBselinux-polgengui\fP is a graphical tool, which can be used to create a framework for building SELinux Policy. -+.SH OPTIONS -+None -+ -+.SH FILES -+\fi/usr/bin/selinux-polgengui\fP -+ -+.SH Examples -+To run the program type: -+ -+selinux-polgengui -+ -+.PP -+.SH "SEE ALSO" -+.TP -+selinux(1), sepolicy(8), sepolicy-generate(8) -+.PP -+ -+.SH REPORTING BUGS -+Report bugs to . -+ -+.SH LICENSE AND AUTHORS -+\fBselinux-polgengui\fP is licensed under the GNU Public License and -+is copyrighted by Red Hat, Inc. -+.br -+This man page was written by Daniel Walsh diff --git a/policycoreutils/gui/selinux-polgengui.desktop b/policycoreutils/gui/selinux-polgengui.desktop new file mode 100644 index 0000000..0c2f399 @@ -455,49 +292,6 @@ index 0000000..5be5ccd +#!/bin/sh + +exec /usr/bin/pkexec /usr/share/system-config-selinux/system-config-selinux.py -diff --git a/policycoreutils/gui/system-config-selinux.8 b/policycoreutils/gui/system-config-selinux.8 -new file mode 100644 -index 0000000..eca2024 ---- /dev/null -+++ b/policycoreutils/gui/system-config-selinux.8 -@@ -0,0 +1,37 @@ -+.TH "system-config-selinux" "8" "8 April 2013" "System Config Tools Manual" "System Config Tools Manual" -+ -+.SH NAME -+system\-config\-selinux \- SELinux Management tool -+ -+.SH SYNOPSIS -+.B system-config-selinux -+ -+.SH DESCRIPTION -+\fBsystem-config-selinux\fP provides a graphical interface for managing the -+SELinux configuration. -+ -+.SH OPTIONS -+None -+ -+.SH FILES -+\fi/usr/bin/system-config-selinux\fP -+ -+.SH Examples -+To run the program type: -+ -+system-config-selinux -+ -+.PP -+.SH "SEE ALSO" -+.TP -+selinux(1), semanage(8) -+.PP -+ -+.SH REPORTING BUGS -+Report bugs to . -+ -+.SH LICENSE AND AUTHORS -+\fBsystem-config-selinux\fP is licensed under the GNU Public License and -+is copyrighted by Red Hat, Inc. -+.br -+This man page was written by Daniel Walsh diff --git a/policycoreutils/gui/system-config-selinux.desktop b/policycoreutils/gui/system-config-selinux.desktop new file mode 100644 index 0000000..8822ce2 @@ -589,7 +383,7 @@ index f9ca36e..a86073f 100644 .SH "EXIT STATUS" .TP diff --git a/policycoreutils/man/man5/selinux_config.5 b/policycoreutils/man/man5/selinux_config.5 -index 4963cdc..dbfec55 100644 +index 4963cdc..a55dbed 100644 --- a/policycoreutils/man/man5/selinux_config.5 +++ b/policycoreutils/man/man5/selinux_config.5 @@ -92,7 +92,7 @@ The binary policy name has by convention the SELinux policy version that it supp @@ -601,109 +395,11 @@ index 4963cdc..dbfec55 100644 .RE .sp .B REQUIRESEUSERS -@@ -122,7 +122,7 @@ This is an optional entry that allows the file system to be relabeled. - .sp - If set to \fI0\fR and there is a file called \fI.autorelabel\fR in the root directory, then on a reboot, the loader will drop to a shell where a root login is required. An administrator can then manually relabel the file system. - .sp --If set to \fI1\fR or no entry present (the default) and there is a \fI.autorelabel\fR file in the root directory, then the file system will be automatically relabeled using \fBfixfiles -F restore\fR -+If set to \fI1\fR or no entry present (the default) and there is a \fI.autorelabel\fR file in the root directory, then the file system will be automatically relabeled using \fBfixfiles \-F restore\fR - .sp - In both cases the \fI/.autorelabel\fR file will be removed so that relabeling is not done again. - .RE -diff --git a/policycoreutils/mcstrans/man/man8/mcs.8 b/policycoreutils/mcstrans/man/man8/mcs.8 -index 44126bf..aeaf22e 100644 ---- a/policycoreutils/mcstrans/man/man8/mcs.8 -+++ b/policycoreutils/mcstrans/man/man8/mcs.8 -@@ -20,7 +20,7 @@ readable form. Administrators can define any labels they want in this file. - Certain applications like printing and auditing will use these labels to - identify the files. By setting a category on a file you will prevent - other applications/services from having access to the files. --.p -+.P - Examples of file labels would be PatientRecord, CompanyConfidential etc. - - .SH "SEE ALSO" -diff --git a/policycoreutils/newrole/newrole.1 b/policycoreutils/newrole/newrole.1 -index 376c458..c47bc52 100644 ---- a/policycoreutils/newrole/newrole.1 -+++ b/policycoreutils/newrole/newrole.1 -@@ -44,7 +44,7 @@ Additional arguments - .I ARGS - may be provided after a -- option, - in which case they are supplied to the new shell. --In particular, an argument of -- -c will cause the next argument to be -+In particular, an argument of \-\- \-c will cause the next argument to be - treated as a command by most command interpreters. - .PP - If a command argument is specified to newrole and the command name is found -@@ -66,31 +66,31 @@ shows the current version of newrole - .SH EXAMPLE - .br - Changing role: -- # id -Z -+ # id \-Z - staff_u:staff_r:staff_t:SystemLow-SystemHigh -- # newrole -r sysadm_r -- # id -Z -+ # newrole \-r sysadm_r -+ # id \-Z - staff_u:sysadm_r:sysadm_t:SystemLow-SystemHigh - - Changing sensitivity only: -- # id -Z -+ # id \-Z - staff_u:sysadm_r:sysadm_t:Unclassified-SystemHigh -- # newrole -l Secret -- # id -Z -+ # newrole \-l Secret -+ # id \-Z - staff_u:sysadm_r:sysadm_t:Secret-SystemHigh - - .PP - Changing sensitivity and clearance: -- # id -Z -+ # id \-Z - staff_u:sysadm_r:sysadm_t:Unclassified-SystemHigh -- # newrole -l Secret-Secret -- # id -Z -+ # newrole \-l Secret-Secret -+ # id \-Z - staff_u:sysadm_r:sysadm_t:Secret - - .PP - Running a program in a given role or level: -- # newrole -r sysadm_r -- -c "/path/to/app arg1 arg2..." -- # newrole -l Secret -- -c "/path/to/app arg1 arg2..." -+ # newrole \-r sysadm_r \-\- \-c "/path/to/app arg1 arg2..." -+ # newrole \-l Secret \-\- \-c "/path/to/app arg1 arg2..." - - .SH FILES - /etc/passwd - user account information diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c -index 8fbf2d0..4e59a06 100644 +index 8fbf2d0..3510f12 100644 --- a/policycoreutils/newrole/newrole.c +++ b/policycoreutils/newrole/newrole.c -@@ -547,9 +547,7 @@ static int drop_capabilities(int full) - if (!uid) return 0; - - capng_setpid(getpid()); -- capng_clear(CAPNG_SELECT_BOTH); -- if (capng_lock() < 0) -- return -1; -+ capng_clear(CAPNG_SELECT_CAPS); - - /* Change uid */ - if (setresuid(uid, uid, uid)) { -@@ -558,7 +556,7 @@ static int drop_capabilities(int full) - } - if (! full) - capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_AUDIT_WRITE); -- return capng_apply(CAPNG_SELECT_BOTH); -+ return capng_apply(CAPNG_SELECT_CAPS); - } - #elif defined(NAMESPACE_PRIV) - /** -@@ -576,20 +574,21 @@ static int drop_capabilities(int full) +@@ -576,19 +576,22 @@ static int drop_capabilities(int full) */ static int drop_capabilities(int full) { @@ -711,10 +407,9 @@ index 8fbf2d0..4e59a06 100644 + if (!uid) return 0; + capng_setpid(getpid()); -- capng_clear(CAPNG_SELECT_BOTH); -- if (capng_lock() < 0) -- return -1; -+ capng_clear(CAPNG_SELECT_CAPS); + capng_clear(CAPNG_SELECT_BOTH); + if (capng_lock() < 0) + return -1; - uid_t uid = getuid(); /* Change uid */ @@ -724,14 +419,12 @@ index 8fbf2d0..4e59a06 100644 } if (! full) - capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_SETPCAP, -1); -- return capng_apply(CAPNG_SELECT_BOTH); -+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_AUDIT_WRITE, -1); ++ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SYS_ADMIN , CAP_FOWNER , CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_SETPCAP, CAP_AUDIT_WRITE, -1); + -+ return capng_apply(CAPNG_SELECT_CAPS); + return capng_apply(CAPNG_SELECT_BOTH); } - #else -@@ -680,7 +679,7 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, +@@ -680,7 +683,7 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, security_context_t * tty_context, security_context_t * new_tty_context) { @@ -740,7 +433,7 @@ index 8fbf2d0..4e59a06 100644 int enforcing = security_getenforce(); security_context_t tty_con = NULL; security_context_t new_tty_con = NULL; -@@ -699,7 +698,13 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, +@@ -699,7 +702,13 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, fprintf(stderr, _("Error! Could not open %s.\n"), ttyn); return fd; } @@ -755,7 +448,7 @@ index 8fbf2d0..4e59a06 100644 if (fgetfilecon(fd, &tty_con) < 0) { fprintf(stderr, _("%s! Could not get current context " -@@ -1010,9 +1015,9 @@ int main(int argc, char *argv[]) +@@ -1010,9 +1019,9 @@ int main(int argc, char *argv[]) int fd; pid_t childPid = 0; char *shell_argv0 = NULL; @@ -766,7 +459,7 @@ index 8fbf2d0..4e59a06 100644 int pam_status; /* pam return code */ pam_handle_t *pam_handle; /* opaque handle used by all PAM functions */ -@@ -1226,15 +1231,23 @@ int main(int argc, char *argv[]) +@@ -1226,15 +1235,23 @@ int main(int argc, char *argv[]) fd = open(ttyn, O_RDONLY | O_NONBLOCK); if (fd != 0) goto err_close_pam; @@ -793,35 +486,6 @@ index 8fbf2d0..4e59a06 100644 } /* -@@ -1268,19 +1281,24 @@ int main(int argc, char *argv[]) - } - #endif - -- if (send_audit_message(1, old_context, new_context, ttyn)) -+ if (send_audit_message(1, old_context, new_context, ttyn)) { -+ fprintf(stderr, _("Failed to send audit message")); - goto err_close_pam_session; -+ } - freecon(old_context); old_context=NULL; - freecon(new_context); new_context=NULL; - - #ifdef NAMESPACE_PRIV -- if (transition_to_caller_uid()) -+ if (transition_to_caller_uid()) { -+ fprintf(stderr, _("Failed to transition to namespace\n")); - goto err_close_pam_session; -+ } - #endif - -- if (drop_capabilities(TRUE)) -+ if (drop_capabilities(TRUE)) { -+ fprintf(stderr, _("Failed to drop capabilities %m\n")); - goto err_close_pam_session; -- -+ } - /* Handle environment changes */ - if (restore_environment(preserve_environment, old_environ, &pw)) { - fprintf(stderr, _("Unable to restore the environment, " diff --git a/policycoreutils/newrole/newrole.pamd b/policycoreutils/newrole/newrole.pamd index d1b435c..de3582f 100644 --- a/policycoreutils/newrole/newrole.pamd @@ -863,59589 +527,240 @@ index a377996..9c1486e 100644 refresh-po: Makefile for cat in $(POFILES); do \ -diff --git a/policycoreutils/po/af.po b/policycoreutils/po/af.po -index 961d921..5ee0bdc 100644 ---- a/policycoreutils/po/af.po -+++ b/policycoreutils/po/af.po -@@ -8,7 +8,7 @@ msgid "" - msgstr "" - "Project-Id-Version: PACKAGE VERSION\n" - "Report-Msgid-Bugs-To: \n" --"POT-Creation-Date: 2013-01-04 12:01-0500\n" -+"POT-Creation-Date: 2013-05-07 11:12-0400\n" - "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" - "Last-Translator: FULL NAME \n" - "Language-Team: LANGUAGE \n" -@@ -24,7 +24,7 @@ msgid "" - " are the arguments to that script." - msgstr "" - --#: ../run_init/run_init.c:126 ../newrole/newrole.c:1123 -+#: ../run_init/run_init.c:126 ../newrole/newrole.c:1128 - #, c-format - msgid "failed to initialize PAM\n" - msgstr "" -@@ -73,16 +73,16 @@ msgstr "" - msgid "authentication failed.\n" - msgstr "" - --#: ../run_init/run_init.c:405 ../newrole/newrole.c:1257 -+#: ../run_init/run_init.c:405 ../newrole/newrole.c:1270 - #, c-format - msgid "Could not set exec context to %s.\n" - msgstr "" - --#: ../audit2allow/audit2allow:232 -+#: ../audit2allow/audit2allow:231 - msgid "******************** IMPORTANT ***********************\n" - msgstr "" - --#: ../audit2allow/audit2allow:233 -+#: ../audit2allow/audit2allow:232 - msgid "To make this policy package active, execute:" - msgstr "" - -@@ -169,786 +169,799 @@ msgstr "" - msgid "Customized Permissive Types" - msgstr "" - --#: ../semanage/seobject.py:412 -+#: ../semanage/seobject.py:379 -+msgid "" -+"The sepolgen python module is required to setup permissive domains.\n" -+"In some distributions it is included in the policycoreutils-devel package.\n" -+"# yum install policycoreutils-devel\n" -+"Or similar for your distro." -+msgstr "" -+ -+#: ../semanage/seobject.py:416 - #, python-format - msgid "Could not set permissive domain %s (module installation failed)" - msgstr "" - --#: ../semanage/seobject.py:418 -+#: ../semanage/seobject.py:422 - #, python-format - msgid "Could not remove permissive domain %s (remove failed)" - msgstr "" - --#: ../semanage/seobject.py:453 ../semanage/seobject.py:527 --#: ../semanage/seobject.py:573 ../semanage/seobject.py:695 --#: ../semanage/seobject.py:725 ../semanage/seobject.py:792 --#: ../semanage/seobject.py:849 ../semanage/seobject.py:1104 --#: ../semanage/seobject.py:1820 ../semanage/seobject.py:1883 --#: ../semanage/seobject.py:1902 ../semanage/seobject.py:2025 --#: ../semanage/seobject.py:2076 -+#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -+#: ../semanage/seobject.py:577 ../semanage/seobject.py:699 -+#: ../semanage/seobject.py:729 ../semanage/seobject.py:796 -+#: ../semanage/seobject.py:853 ../semanage/seobject.py:1111 -+#: ../semanage/seobject.py:1834 ../semanage/seobject.py:1897 -+#: ../semanage/seobject.py:1916 ../semanage/seobject.py:2042 -+#: ../semanage/seobject.py:2093 - #, python-format - msgid "Could not create a key for %s" - msgstr "" - --#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 --#: ../semanage/seobject.py:577 ../semanage/seobject.py:583 -+#: ../semanage/seobject.py:461 ../semanage/seobject.py:535 -+#: ../semanage/seobject.py:581 ../semanage/seobject.py:587 - #, python-format - msgid "Could not check if login mapping for %s is defined" - msgstr "" - --#: ../semanage/seobject.py:466 -+#: ../semanage/seobject.py:470 - #, python-format - msgid "Linux Group %s does not exist" - msgstr "" - --#: ../semanage/seobject.py:471 -+#: ../semanage/seobject.py:475 - #, python-format - msgid "Linux User %s does not exist" - msgstr "" - --#: ../semanage/seobject.py:475 -+#: ../semanage/seobject.py:479 - #, python-format - msgid "Could not create login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:479 ../semanage/seobject.py:740 -+#: ../semanage/seobject.py:483 ../semanage/seobject.py:744 - #, python-format - msgid "Could not set name for %s" - msgstr "" - --#: ../semanage/seobject.py:484 ../semanage/seobject.py:750 -+#: ../semanage/seobject.py:488 ../semanage/seobject.py:754 - #, python-format - msgid "Could not set MLS range for %s" - msgstr "" - --#: ../semanage/seobject.py:488 -+#: ../semanage/seobject.py:492 - #, python-format - msgid "Could not set SELinux user for %s" - msgstr "" - --#: ../semanage/seobject.py:492 -+#: ../semanage/seobject.py:496 - #, python-format - msgid "Could not add login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:510 -+#: ../semanage/seobject.py:514 - msgid "Requires seuser or serange" - msgstr "" - --#: ../semanage/seobject.py:533 ../semanage/seobject.py:579 -+#: ../semanage/seobject.py:537 ../semanage/seobject.py:583 - #, python-format - msgid "Login mapping for %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:537 -+#: ../semanage/seobject.py:541 - #, python-format - msgid "Could not query seuser for %s" - msgstr "" - --#: ../semanage/seobject.py:551 -+#: ../semanage/seobject.py:555 - #, python-format - msgid "Could not modify login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:585 -+#: ../semanage/seobject.py:589 - #, python-format - msgid "Login mapping for %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:589 -+#: ../semanage/seobject.py:593 - #, python-format - msgid "Could not delete login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:611 ../semanage/seobject.py:644 --#: ../semanage/seobject.py:892 -+#: ../semanage/seobject.py:615 ../semanage/seobject.py:648 -+#: ../semanage/seobject.py:896 - msgid "Could not list login mappings" - msgstr "" - --#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 - #: ../gui/system-config-selinux.glade:100 - msgid "Login Name" - msgstr "" - --#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 --#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 - #: ../gui/system-config-selinux.glade:128 - #: ../gui/system-config-selinux.glade:915 - #: ../gui/system-config-selinux.glade:2285 ../gui/usersPage.py:44 - msgid "SELinux User" - msgstr "" - --#: ../semanage/seobject.py:672 ../gui/system-config-selinux.glade:156 -+#: ../semanage/seobject.py:676 ../gui/system-config-selinux.glade:156 - #: ../gui/system-config-selinux.glade:943 - msgid "MLS/MCS Range" - msgstr "" - --#: ../semanage/seobject.py:672 -+#: ../semanage/seobject.py:676 - msgid "Service" - msgstr "" - --#: ../semanage/seobject.py:698 ../semanage/seobject.py:729 --#: ../semanage/seobject.py:796 ../semanage/seobject.py:853 --#: ../semanage/seobject.py:859 -+#: ../semanage/seobject.py:702 ../semanage/seobject.py:733 -+#: ../semanage/seobject.py:800 ../semanage/seobject.py:857 -+#: ../semanage/seobject.py:863 - #, python-format - msgid "Could not check if SELinux user %s is defined" - msgstr "" - --#: ../semanage/seobject.py:701 ../semanage/seobject.py:802 --#: ../semanage/seobject.py:865 -+#: ../semanage/seobject.py:705 ../semanage/seobject.py:806 -+#: ../semanage/seobject.py:869 - #, python-format - msgid "Could not query user for %s" - msgstr "" - --#: ../semanage/seobject.py:721 -+#: ../semanage/seobject.py:725 - #, python-format - msgid "You must add at least one role for %s" - msgstr "" - --#: ../semanage/seobject.py:736 -+#: ../semanage/seobject.py:740 - #, python-format - msgid "Could not create SELinux user for %s" - msgstr "" - --#: ../semanage/seobject.py:745 -+#: ../semanage/seobject.py:749 - #, python-format - msgid "Could not add role %s for %s" - msgstr "" - --#: ../semanage/seobject.py:754 -+#: ../semanage/seobject.py:758 - #, python-format - msgid "Could not set MLS level for %s" - msgstr "" - --#: ../semanage/seobject.py:757 -+#: ../semanage/seobject.py:761 - #, python-format - msgid "Could not add prefix %s for %s" - msgstr "" - --#: ../semanage/seobject.py:760 -+#: ../semanage/seobject.py:764 - #, python-format - msgid "Could not extract key for %s" - msgstr "" - --#: ../semanage/seobject.py:764 -+#: ../semanage/seobject.py:768 - #, python-format - msgid "Could not add SELinux user %s" - msgstr "" - --#: ../semanage/seobject.py:786 -+#: ../semanage/seobject.py:790 - msgid "Requires prefix, roles, level or range" - msgstr "" - --#: ../semanage/seobject.py:788 -+#: ../semanage/seobject.py:792 - msgid "Requires prefix or roles" - msgstr "" - --#: ../semanage/seobject.py:798 ../semanage/seobject.py:855 -+#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 - #, python-format - msgid "SELinux user %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:827 -+#: ../semanage/seobject.py:831 - #, python-format - msgid "Could not modify SELinux user %s" - msgstr "" - --#: ../semanage/seobject.py:861 -+#: ../semanage/seobject.py:865 - #, python-format - msgid "SELinux user %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:872 -+#: ../semanage/seobject.py:876 - #, python-format - msgid "Could not delete SELinux user %s" - msgstr "" - --#: ../semanage/seobject.py:910 -+#: ../semanage/seobject.py:914 - msgid "Could not list SELinux users" - msgstr "" - --#: ../semanage/seobject.py:916 -+#: ../semanage/seobject.py:920 - #, python-format - msgid "Could not list roles for user %s" - msgstr "" - --#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 - msgid "Labeling" - msgstr "" - --#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 - msgid "MLS/" - msgstr "" - --#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 - msgid "Prefix" - msgstr "" - --#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 - msgid "MCS Level" - msgstr "" - --#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 - msgid "MCS Range" - msgstr "" - --#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 - #: ../gui/system-config-selinux.glade:992 ../gui/usersPage.py:59 - msgid "SELinux Roles" - msgstr "" - --#: ../semanage/seobject.py:964 -+#: ../semanage/seobject.py:971 - msgid "Protocol udp or tcp is required" - msgstr "" - --#: ../semanage/seobject.py:966 -+#: ../semanage/seobject.py:973 - msgid "Port is required" - msgstr "" - --#: ../semanage/seobject.py:976 -+#: ../semanage/seobject.py:983 - msgid "Invalid Port" - msgstr "" - --#: ../semanage/seobject.py:980 -+#: ../semanage/seobject.py:987 - #, python-format - msgid "Could not create a key for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:991 -+#: ../semanage/seobject.py:998 - msgid "Type is required" - msgstr "" - --#: ../semanage/seobject.py:994 ../semanage/seobject.py:1056 --#: ../semanage/seobject.py:1814 -+#: ../semanage/seobject.py:1001 ../semanage/seobject.py:1063 -+#: ../semanage/seobject.py:1828 - #, python-format - msgid "Type %s is invalid, must be a port type" - msgstr "" - --#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062 --#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123 -+#: ../semanage/seobject.py:1007 ../semanage/seobject.py:1069 -+#: ../semanage/seobject.py:1124 ../semanage/seobject.py:1130 - #, python-format - msgid "Could not check if port %s/%s is defined" - msgstr "" - --#: ../semanage/seobject.py:1002 -+#: ../semanage/seobject.py:1009 - #, python-format - msgid "Port %s/%s already defined" - msgstr "" - --#: ../semanage/seobject.py:1006 -+#: ../semanage/seobject.py:1013 - #, python-format - msgid "Could not create port for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1012 -+#: ../semanage/seobject.py:1019 - #, python-format - msgid "Could not create context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1016 -+#: ../semanage/seobject.py:1023 - #, python-format - msgid "Could not set user in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1020 -+#: ../semanage/seobject.py:1027 - #, python-format - msgid "Could not set role in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1024 -+#: ../semanage/seobject.py:1031 - #, python-format - msgid "Could not set type in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1029 -+#: ../semanage/seobject.py:1036 - #, python-format - msgid "Could not set mls fields in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1033 -+#: ../semanage/seobject.py:1040 - #, python-format - msgid "Could not set port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1037 -+#: ../semanage/seobject.py:1044 - #, python-format - msgid "Could not add port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1051 ../semanage/seobject.py:1324 --#: ../semanage/seobject.py:1523 -+#: ../semanage/seobject.py:1058 ../semanage/seobject.py:1334 -+#: ../semanage/seobject.py:1533 - msgid "Requires setype or serange" - msgstr "" - --#: ../semanage/seobject.py:1053 -+#: ../semanage/seobject.py:1060 - msgid "Requires setype" - msgstr "" - --#: ../semanage/seobject.py:1064 ../semanage/seobject.py:1119 -+#: ../semanage/seobject.py:1071 ../semanage/seobject.py:1126 - #, python-format - msgid "Port %s/%s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1068 -+#: ../semanage/seobject.py:1075 - #, python-format - msgid "Could not query port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1079 -+#: ../semanage/seobject.py:1086 - #, python-format - msgid "Could not modify port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1092 -+#: ../semanage/seobject.py:1099 - msgid "Could not list the ports" - msgstr "" - --#: ../semanage/seobject.py:1108 -+#: ../semanage/seobject.py:1115 - #, python-format - msgid "Could not delete the port %s" - msgstr "" - --#: ../semanage/seobject.py:1125 -+#: ../semanage/seobject.py:1132 - #, python-format - msgid "Port %s/%s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1129 -+#: ../semanage/seobject.py:1136 - #, python-format - msgid "Could not delete port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1145 ../semanage/seobject.py:1167 -+#: ../semanage/seobject.py:1152 ../semanage/seobject.py:1174 - msgid "Could not list ports" - msgstr "" - --#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 - msgid "SELinux Port Type" - msgstr "" - --#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 - msgid "Proto" - msgstr "" - --#: ../semanage/seobject.py:1206 ../gui/system-config-selinux.glade:335 -+#: ../semanage/seobject.py:1213 ../gui/system-config-selinux.glade:335 - msgid "Port Number" - msgstr "" - --#: ../semanage/seobject.py:1227 -+#: ../semanage/seobject.py:1237 - msgid "Node Address is required" - msgstr "" - --#: ../semanage/seobject.py:1242 -+#: ../semanage/seobject.py:1252 - msgid "Unknown or missing protocol" - msgstr "" - --#: ../semanage/seobject.py:1256 -+#: ../semanage/seobject.py:1266 - msgid "SELinux node type is required" - msgstr "" - --#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327 -+#: ../semanage/seobject.py:1269 ../semanage/seobject.py:1337 - #, python-format - msgid "Type %s is invalid, must be a node type" - msgstr "" - --#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331 --#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465 --#: ../semanage/seobject.py:1527 ../semanage/seobject.py:1561 --#: ../semanage/seobject.py:1759 -+#: ../semanage/seobject.py:1273 ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1377 ../semanage/seobject.py:1475 -+#: ../semanage/seobject.py:1537 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1773 - #, python-format - msgid "Could not create key for %s" - msgstr "" - --#: ../semanage/seobject.py:1265 ../semanage/seobject.py:1335 --#: ../semanage/seobject.py:1371 ../semanage/seobject.py:1377 -+#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1345 -+#: ../semanage/seobject.py:1381 ../semanage/seobject.py:1387 - #, python-format - msgid "Could not check if addr %s is defined" - msgstr "" - --#: ../semanage/seobject.py:1274 -+#: ../semanage/seobject.py:1284 - #, python-format - msgid "Could not create addr for %s" - msgstr "" - --#: ../semanage/seobject.py:1280 ../semanage/seobject.py:1481 --#: ../semanage/seobject.py:1714 -+#: ../semanage/seobject.py:1290 ../semanage/seobject.py:1491 -+#: ../semanage/seobject.py:1728 - #, python-format - msgid "Could not create context for %s" - msgstr "" - --#: ../semanage/seobject.py:1284 -+#: ../semanage/seobject.py:1294 - #, python-format - msgid "Could not set mask for %s" - msgstr "" - --#: ../semanage/seobject.py:1288 -+#: ../semanage/seobject.py:1298 - #, python-format - msgid "Could not set user in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1292 -+#: ../semanage/seobject.py:1302 - #, python-format - msgid "Could not set role in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1296 -+#: ../semanage/seobject.py:1306 - #, python-format - msgid "Could not set type in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1301 -+#: ../semanage/seobject.py:1311 - #, python-format - msgid "Could not set mls fields in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1305 -+#: ../semanage/seobject.py:1315 - #, python-format - msgid "Could not set addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1309 -+#: ../semanage/seobject.py:1319 - #, python-format - msgid "Could not add addr %s" - msgstr "" - --#: ../semanage/seobject.py:1337 ../semanage/seobject.py:1373 -+#: ../semanage/seobject.py:1347 ../semanage/seobject.py:1383 - #, python-format - msgid "Addr %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1351 - #, python-format - msgid "Could not query addr %s" - msgstr "" - --#: ../semanage/seobject.py:1351 -+#: ../semanage/seobject.py:1361 - #, python-format - msgid "Could not modify addr %s" - msgstr "" - --#: ../semanage/seobject.py:1379 -+#: ../semanage/seobject.py:1389 - #, python-format - msgid "Addr %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1383 -+#: ../semanage/seobject.py:1393 - #, python-format - msgid "Could not delete addr %s" - msgstr "" - --#: ../semanage/seobject.py:1395 -+#: ../semanage/seobject.py:1405 - msgid "Could not deleteall node mappings" - msgstr "" - --#: ../semanage/seobject.py:1409 -+#: ../semanage/seobject.py:1419 - msgid "Could not list addrs" - msgstr "" - --#: ../semanage/seobject.py:1461 ../semanage/seobject.py:1752 -+#: ../semanage/seobject.py:1471 ../semanage/seobject.py:1766 - msgid "SELinux Type is required" - msgstr "" - --#: ../semanage/seobject.py:1469 ../semanage/seobject.py:1531 --#: ../semanage/seobject.py:1565 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1479 ../semanage/seobject.py:1541 -+#: ../semanage/seobject.py:1575 ../semanage/seobject.py:1581 - #, python-format - msgid "Could not check if interface %s is defined" - msgstr "" - --#: ../semanage/seobject.py:1476 -+#: ../semanage/seobject.py:1486 - #, python-format - msgid "Could not create interface for %s" - msgstr "" - --#: ../semanage/seobject.py:1485 -+#: ../semanage/seobject.py:1495 - #, python-format - msgid "Could not set user in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1489 -+#: ../semanage/seobject.py:1499 - #, python-format - msgid "Could not set role in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1493 -+#: ../semanage/seobject.py:1503 - #, python-format - msgid "Could not set type in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1498 -+#: ../semanage/seobject.py:1508 - #, python-format - msgid "Could not set mls fields in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1502 -+#: ../semanage/seobject.py:1512 - #, python-format - msgid "Could not set interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1506 -+#: ../semanage/seobject.py:1516 - #, python-format - msgid "Could not set message context for %s" - msgstr "" - --#: ../semanage/seobject.py:1510 -+#: ../semanage/seobject.py:1520 - #, python-format - msgid "Could not add interface %s" - msgstr "" - --#: ../semanage/seobject.py:1533 ../semanage/seobject.py:1567 -+#: ../semanage/seobject.py:1543 ../semanage/seobject.py:1577 - #, python-format - msgid "Interface %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1537 -+#: ../semanage/seobject.py:1547 - #, python-format - msgid "Could not query interface %s" - msgstr "" - --#: ../semanage/seobject.py:1548 -+#: ../semanage/seobject.py:1558 - #, python-format - msgid "Could not modify interface %s" - msgstr "" - --#: ../semanage/seobject.py:1573 -+#: ../semanage/seobject.py:1583 - #, python-format - msgid "Interface %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1577 -+#: ../semanage/seobject.py:1587 - #, python-format - msgid "Could not delete interface %s" - msgstr "" - --#: ../semanage/seobject.py:1589 -+#: ../semanage/seobject.py:1599 - msgid "Could not delete all interface mappings" - msgstr "" - --#: ../semanage/seobject.py:1603 -+#: ../semanage/seobject.py:1613 - msgid "Could not list interfaces" - msgstr "" - --#: ../semanage/seobject.py:1628 -+#: ../semanage/seobject.py:1638 - msgid "SELinux Interface" - msgstr "" - --#: ../semanage/seobject.py:1628 ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1638 ../semanage/seobject.py:1988 - msgid "Context" - msgstr "" - --#: ../semanage/seobject.py:1691 -+#: ../semanage/seobject.py:1705 - #, python-format - msgid "Equivalence class for %s already exists" - msgstr "" - --#: ../semanage/seobject.py:1697 -+#: ../semanage/seobject.py:1711 - #, python-format - msgid "File spec %s conflicts with equivalency rule '%s %s'" - msgstr "" - --#: ../semanage/seobject.py:1706 -+#: ../semanage/seobject.py:1720 - #, python-format - msgid "Equivalence class for %s does not exists" - msgstr "" - --#: ../semanage/seobject.py:1720 -+#: ../semanage/seobject.py:1734 - #, python-format - msgid "Could not set user in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1724 -+#: ../semanage/seobject.py:1738 - #, python-format - msgid "Could not set role in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1729 ../semanage/seobject.py:1789 -+#: ../semanage/seobject.py:1743 ../semanage/seobject.py:1803 - #, python-format - msgid "Could not set mls fields in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1735 -+#: ../semanage/seobject.py:1749 - msgid "Invalid file specification" - msgstr "" - --#: ../semanage/seobject.py:1737 -+#: ../semanage/seobject.py:1751 - msgid "File specification can not include spaces" - msgstr "" - --#: ../semanage/seobject.py:1742 -+#: ../semanage/seobject.py:1756 - #, python-format - msgid "" - "File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' instead" - msgstr "" - --#: ../semanage/seobject.py:1755 -+#: ../semanage/seobject.py:1769 - #, python-format - msgid "Type %s is invalid, must be a file or device type" - msgstr "" - --#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768 --#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906 --#: ../semanage/seobject.py:1910 -+#: ../semanage/seobject.py:1777 ../semanage/seobject.py:1782 -+#: ../semanage/seobject.py:1838 ../semanage/seobject.py:1920 -+#: ../semanage/seobject.py:1924 - #, python-format - msgid "Could not check if file context for %s is defined" - msgstr "" - --#: ../semanage/seobject.py:1776 -+#: ../semanage/seobject.py:1790 - #, python-format - msgid "Could not create file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1784 -+#: ../semanage/seobject.py:1798 - #, python-format - msgid "Could not set type in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1792 ../semanage/seobject.py:1852 --#: ../semanage/seobject.py:1856 -+#: ../semanage/seobject.py:1806 ../semanage/seobject.py:1866 -+#: ../semanage/seobject.py:1870 - #, python-format - msgid "Could not set file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1798 -+#: ../semanage/seobject.py:1812 - #, python-format - msgid "Could not add file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1812 -+#: ../semanage/seobject.py:1826 - msgid "Requires setype, serange or seuser" - msgstr "" - --#: ../semanage/seobject.py:1828 ../semanage/seobject.py:1914 -+#: ../semanage/seobject.py:1842 ../semanage/seobject.py:1928 - #, python-format - msgid "File context for %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1834 -+#: ../semanage/seobject.py:1848 - #, python-format - msgid "Could not query file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1860 -+#: ../semanage/seobject.py:1874 - #, python-format - msgid "Could not modify file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1873 -+#: ../semanage/seobject.py:1887 - msgid "Could not list the file contexts" - msgstr "" - --#: ../semanage/seobject.py:1887 -+#: ../semanage/seobject.py:1901 - #, python-format - msgid "Could not delete the file context %s" - msgstr "" - --#: ../semanage/seobject.py:1912 -+#: ../semanage/seobject.py:1926 - #, python-format - msgid "File context for %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1918 -+#: ../semanage/seobject.py:1932 - #, python-format - msgid "Could not delete file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1933 -+#: ../semanage/seobject.py:1947 - msgid "Could not list file contexts" - msgstr "" - --#: ../semanage/seobject.py:1937 -+#: ../semanage/seobject.py:1951 - msgid "Could not list local file contexts" - msgstr "" - --#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 - msgid "SELinux fcontext" - msgstr "" - --#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 - msgid "type" - msgstr "" - --#: ../semanage/seobject.py:1987 -+#: ../semanage/seobject.py:2001 - msgid "" - "\n" - "SELinux Distribution fcontext Equivalence \n" - msgstr "" - --#: ../semanage/seobject.py:1992 -+#: ../semanage/seobject.py:2006 - msgid "" - "\n" - "SELinux Local fcontext Equivalence \n" - msgstr "" - --#: ../semanage/seobject.py:2028 ../semanage/seobject.py:2079 --#: ../semanage/seobject.py:2085 -+#: ../semanage/seobject.py:2036 -+#, python-format -+msgid "Value Required for %s" -+msgstr "" -+ -+#: ../semanage/seobject.py:2045 ../semanage/seobject.py:2096 -+#: ../semanage/seobject.py:2102 - #, python-format - msgid "Could not check if boolean %s is defined" - msgstr "" - --#: ../semanage/seobject.py:2030 ../semanage/seobject.py:2081 -+#: ../semanage/seobject.py:2047 ../semanage/seobject.py:2098 - #, python-format - msgid "Boolean %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:2034 -+#: ../semanage/seobject.py:2051 - #, python-format - msgid "Could not query file context %s" - msgstr "" - --#: ../semanage/seobject.py:2039 -+#: ../semanage/seobject.py:2056 - #, python-format - msgid "You must specify one of the following values: %s" - msgstr "" - --#: ../semanage/seobject.py:2044 -+#: ../semanage/seobject.py:2061 - #, python-format - msgid "Could not set active value of boolean %s" - msgstr "" - --#: ../semanage/seobject.py:2047 -+#: ../semanage/seobject.py:2064 - #, python-format - msgid "Could not modify boolean %s" - msgstr "" - --#: ../semanage/seobject.py:2063 -+#: ../semanage/seobject.py:2080 - #, python-format - msgid "Bad format %s: Record %s" - msgstr "" - --#: ../semanage/seobject.py:2087 -+#: ../semanage/seobject.py:2104 - #, python-format - msgid "Boolean %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:2091 -+#: ../semanage/seobject.py:2108 - #, python-format - msgid "Could not delete boolean %s" - msgstr "" - --#: ../semanage/seobject.py:2103 ../semanage/seobject.py:2120 -+#: ../semanage/seobject.py:2120 ../semanage/seobject.py:2137 - msgid "Could not list booleans" - msgstr "" - --#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 - msgid "off" - msgstr "" - --#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 - msgid "on" - msgstr "" - --#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 - msgid "SELinux boolean" - msgstr "" - --#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 - msgid "State" - msgstr "" - --#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 - msgid "Default" - msgstr "" - --#: ../semanage/seobject.py:2169 ../gui/polgen.glade:113 -+#: ../semanage/seobject.py:2186 ../gui/polgen.glade:113 - #: ../gui/polgengui.py:269 - msgid "Description" - msgstr "" -@@ -988,206 +1001,226 @@ msgstr "" - msgid "Unable to clear environment\n" - msgstr "" - --#: ../newrole/newrole.c:556 ../newrole/newrole.c:587 ../newrole/newrole.c:617 -+#: ../newrole/newrole.c:554 ../newrole/newrole.c:585 ../newrole/newrole.c:616 - #, c-format - msgid "Error changing uid, aborting.\n" - msgstr "" - --#: ../newrole/newrole.c:612 -+#: ../newrole/newrole.c:611 - #, c-format - msgid "Error resetting KEEPCAPS, aborting\n" - msgstr "" - --#: ../newrole/newrole.c:635 -+#: ../newrole/newrole.c:634 - #, c-format - msgid "Error connecting to audit system.\n" - msgstr "" - --#: ../newrole/newrole.c:641 -+#: ../newrole/newrole.c:640 - #, c-format - msgid "Error allocating memory.\n" - msgstr "" - --#: ../newrole/newrole.c:648 -+#: ../newrole/newrole.c:647 - #, c-format - msgid "Error sending audit message.\n" - msgstr "" - --#: ../newrole/newrole.c:692 ../newrole/newrole.c:1058 -+#: ../newrole/newrole.c:691 ../newrole/newrole.c:1063 - #, c-format - msgid "Could not determine enforcing mode.\n" - msgstr "" - --#: ../newrole/newrole.c:699 -+#: ../newrole/newrole.c:698 - #, c-format - msgid "Error! Could not open %s.\n" - msgstr "" - --#: ../newrole/newrole.c:705 -+#: ../newrole/newrole.c:704 -+#, c-format -+msgid "Error! Could not clear O_NONBLOCK on %s\n" -+msgstr "" -+ -+#: ../newrole/newrole.c:710 - #, c-format - msgid "%s! Could not get current context for %s, not relabeling tty.\n" - msgstr "" - --#: ../newrole/newrole.c:715 -+#: ../newrole/newrole.c:720 - #, c-format - msgid "%s! Could not get new context for %s, not relabeling tty.\n" - msgstr "" - --#: ../newrole/newrole.c:725 -+#: ../newrole/newrole.c:730 - #, c-format - msgid "%s! Could not set new context for %s\n" - msgstr "" - --#: ../newrole/newrole.c:772 -+#: ../newrole/newrole.c:777 - #, c-format - msgid "%s changed labels.\n" - msgstr "" - --#: ../newrole/newrole.c:778 -+#: ../newrole/newrole.c:783 - #, c-format - msgid "Warning! Could not restore context for %s\n" - msgstr "" - --#: ../newrole/newrole.c:835 -+#: ../newrole/newrole.c:840 - #, c-format - msgid "Error: multiple roles specified\n" - msgstr "" - --#: ../newrole/newrole.c:843 -+#: ../newrole/newrole.c:848 - #, c-format - msgid "Error: multiple types specified\n" - msgstr "" - --#: ../newrole/newrole.c:850 -+#: ../newrole/newrole.c:855 - #, c-format - msgid "Sorry, -l may be used with SELinux MLS support.\n" - msgstr "" - --#: ../newrole/newrole.c:855 -+#: ../newrole/newrole.c:860 - #, c-format - msgid "Error: multiple levels specified\n" - msgstr "" - --#: ../newrole/newrole.c:865 -+#: ../newrole/newrole.c:870 - #, c-format - msgid "Error: you are not allowed to change levels on a non secure terminal \n" - msgstr "" - --#: ../newrole/newrole.c:891 -+#: ../newrole/newrole.c:896 - #, c-format - msgid "Couldn't get default type.\n" - msgstr "" - --#: ../newrole/newrole.c:901 -+#: ../newrole/newrole.c:906 - #, c-format - msgid "failed to get new context.\n" - msgstr "" - --#: ../newrole/newrole.c:908 -+#: ../newrole/newrole.c:913 - #, c-format - msgid "failed to set new role %s\n" - msgstr "" - --#: ../newrole/newrole.c:915 -+#: ../newrole/newrole.c:920 - #, c-format - msgid "failed to set new type %s\n" - msgstr "" - --#: ../newrole/newrole.c:925 -+#: ../newrole/newrole.c:930 - #, c-format - msgid "failed to build new range with level %s\n" - msgstr "" - --#: ../newrole/newrole.c:930 -+#: ../newrole/newrole.c:935 - #, c-format - msgid "failed to set new range %s\n" - msgstr "" - --#: ../newrole/newrole.c:938 -+#: ../newrole/newrole.c:943 - #, c-format - msgid "failed to convert new context to string\n" - msgstr "" - --#: ../newrole/newrole.c:943 -+#: ../newrole/newrole.c:948 - #, c-format - msgid "%s is not a valid context\n" - msgstr "" - --#: ../newrole/newrole.c:950 -+#: ../newrole/newrole.c:955 - #, c-format - msgid "Unable to allocate memory for new_context" - msgstr "" - --#: ../newrole/newrole.c:976 -+#: ../newrole/newrole.c:981 - #, c-format - msgid "Unable to obtain empty signal set\n" - msgstr "" - --#: ../newrole/newrole.c:984 -+#: ../newrole/newrole.c:989 - #, c-format - msgid "Unable to set SIGHUP handler\n" - msgstr "" - --#: ../newrole/newrole.c:1036 -+#: ../newrole/newrole.c:1041 - msgid "Sorry, newrole failed to drop capabilities\n" - msgstr "" - --#: ../newrole/newrole.c:1052 -+#: ../newrole/newrole.c:1057 - #, c-format - msgid "Sorry, newrole may be used only on a SELinux kernel.\n" - msgstr "" - --#: ../newrole/newrole.c:1069 -+#: ../newrole/newrole.c:1074 - #, c-format - msgid "failed to get old_context.\n" - msgstr "" - --#: ../newrole/newrole.c:1076 -+#: ../newrole/newrole.c:1081 - #, c-format - msgid "Warning! Could not retrieve tty information.\n" - msgstr "" - --#: ../newrole/newrole.c:1097 -+#: ../newrole/newrole.c:1102 - #, c-format - msgid "error on reading PAM service configuration.\n" - msgstr "" - --#: ../newrole/newrole.c:1132 -+#: ../newrole/newrole.c:1137 - #, c-format - msgid "newrole: incorrect password for %s\n" - msgstr "" - --#: ../newrole/newrole.c:1159 -+#: ../newrole/newrole.c:1164 - #, c-format - msgid "newrole: failure forking: %s" - msgstr "" - --#: ../newrole/newrole.c:1162 ../newrole/newrole.c:1185 -+#: ../newrole/newrole.c:1167 ../newrole/newrole.c:1190 - #, c-format - msgid "Unable to restore tty label...\n" - msgstr "" - --#: ../newrole/newrole.c:1164 ../newrole/newrole.c:1191 -+#: ../newrole/newrole.c:1169 ../newrole/newrole.c:1196 - #, c-format - msgid "Failed to close tty properly\n" - msgstr "" - --#: ../newrole/newrole.c:1223 -+#: ../newrole/newrole.c:1228 - #, c-format - msgid "Could not close descriptors.\n" - msgstr "" - --#: ../newrole/newrole.c:1250 -+#: ../newrole/newrole.c:1263 - #, c-format - msgid "Error allocating shell's argv0.\n" - msgstr "" - --#: ../newrole/newrole.c:1286 -+#: ../newrole/newrole.c:1285 -+#, c-format -+msgid "Failed to send audit message" -+msgstr "" -+ -+#: ../newrole/newrole.c:1293 -+#, c-format -+msgid "Failed to transition to namespace\n" -+msgstr "" -+ -+#: ../newrole/newrole.c:1299 -+#, c-format -+msgid "Failed to drop capabilities %m\n" -+msgstr "" -+ -+#: ../newrole/newrole.c:1304 - #, c-format - msgid "Unable to restore the environment, aborting\n" - msgstr "" - --#: ../newrole/newrole.c:1297 -+#: ../newrole/newrole.c:1315 - msgid "failed to exec shell\n" - msgstr "" - -@@ -1414,7 +1447,7 @@ msgstr "" - msgid "Applications" - msgstr "" - --#: ../gui/polgen.glade:316 ../sepolicy/sepolicy/generate.py:171 -+#: ../gui/polgen.glade:316 ../sepolicy/sepolicy/generate.py:130 - msgid "Standard Init Daemon" - msgstr "" - -@@ -1424,7 +1457,7 @@ msgid "" - "requires a script in /etc/rc.d/init.d" - msgstr "" - --#: ../gui/polgen.glade:332 ../sepolicy/sepolicy/generate.py:172 -+#: ../gui/polgen.glade:332 ../sepolicy/sepolicy/generate.py:131 - msgid "DBUS System Daemon" - msgstr "" - -@@ -1436,7 +1469,7 @@ msgstr "" - msgid "Internet Services Daemon are daemons started by xinetd" - msgstr "" - --#: ../gui/polgen.glade:366 ../sepolicy/sepolicy/generate.py:174 -+#: ../gui/polgen.glade:366 ../sepolicy/sepolicy/generate.py:133 - msgid "Web Application/Script (CGI)" - msgstr "" - -@@ -1445,7 +1478,7 @@ msgid "" - "Web Applications/Script (CGI) CGI scripts started by the web server (apache)" - msgstr "" - --#: ../gui/polgen.glade:383 ../sepolicy/sepolicy/generate.py:176 -+#: ../gui/polgen.glade:383 ../sepolicy/sepolicy/generate.py:135 - msgid "User Application" - msgstr "" - -@@ -1455,7 +1488,7 @@ msgid "" - "started by a user" - msgstr "" - --#: ../gui/polgen.glade:400 ../sepolicy/sepolicy/generate.py:175 -+#: ../gui/polgen.glade:400 ../sepolicy/sepolicy/generate.py:134 - msgid "Sandbox" - msgstr "" - -@@ -2159,261 +2192,322 @@ msgstr "" - msgid "SELinux user '%s' is required" - msgstr "" - --#: ../sepolicy/sepolicy.py:202 -+#: ../sepolicy/sepolicy.py:183 -+#, python-format -+msgid "Interface %s does not exist." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:267 - msgid "Generate SELinux man pages" - msgstr "" - --#: ../sepolicy/sepolicy.py:205 -+#: ../sepolicy/sepolicy.py:270 - msgid "path in which the generated SELinux man pages will be stored" - msgstr "" - --#: ../sepolicy/sepolicy.py:207 -+#: ../sepolicy/sepolicy.py:272 - msgid "name of the OS for man pages" - msgstr "" - --#: ../sepolicy/sepolicy.py:209 -+#: ../sepolicy/sepolicy.py:274 - msgid "Generate HTML man pages structure for selected SELinux man page" - msgstr "" - --#: ../sepolicy/sepolicy.py:213 -+#: ../sepolicy/sepolicy.py:276 -+msgid "Alternate root directory, defaults to /" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:280 - msgid "All domains" - msgstr "" - --#: ../sepolicy/sepolicy.py:216 -+#: ../sepolicy/sepolicy.py:283 - msgid "Domain name(s) of man pages to be created" - msgstr "" - --#: ../sepolicy/sepolicy.py:221 -+#: ../sepolicy/sepolicy.py:288 - msgid "Query SELinux policy network information" - msgstr "" - --#: ../sepolicy/sepolicy.py:226 -+#: ../sepolicy/sepolicy.py:293 - msgid "list all SELinux port types" - msgstr "" - --#: ../sepolicy/sepolicy.py:229 -+#: ../sepolicy/sepolicy.py:296 - msgid "show SELinux type related to the port" - msgstr "" - --#: ../sepolicy/sepolicy.py:232 -+#: ../sepolicy/sepolicy.py:299 - msgid "Show ports defined for this SELinux type" - msgstr "" - --#: ../sepolicy/sepolicy.py:235 -+#: ../sepolicy/sepolicy.py:302 - msgid "show ports to which this domain can bind and/or connect" - msgstr "" - --#: ../sepolicy/sepolicy.py:250 -+#: ../sepolicy/sepolicy.py:317 - msgid "query SELinux policy to see if domains can communicate with each other" - msgstr "" - --#: ../sepolicy/sepolicy.py:253 -+#: ../sepolicy/sepolicy.py:320 - msgid "Source Domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:256 -+#: ../sepolicy/sepolicy.py:323 - msgid "Target Domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:276 -+#: ../sepolicy/sepolicy.py:342 - msgid "query SELinux Policy to see description of booleans" - msgstr "" - --#: ../sepolicy/sepolicy.py:280 -+#: ../sepolicy/sepolicy.py:346 - msgid "get all booleans descriptions" - msgstr "" - --#: ../sepolicy/sepolicy.py:282 -+#: ../sepolicy/sepolicy.py:349 - msgid "boolean to get description" - msgstr "" - --#: ../sepolicy/sepolicy.py:301 -+#: ../sepolicy/sepolicy.py:359 - msgid "" - "query SELinux Policy to see how a source process domain can transition to " - "the target process domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:304 -+#: ../sepolicy/sepolicy.py:362 - msgid "source process domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:307 -+#: ../sepolicy/sepolicy.py:365 - msgid "target process domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:327 -+#: ../sepolicy/sepolicy.py:408 -+#, python-format -+msgid "sepolicy generate: error: one of the arguments %s is required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:413 - msgid "Command required for this type of policy" - msgstr "" - --#: ../sepolicy/sepolicy.py:347 -+#: ../sepolicy/sepolicy.py:424 -+msgid "" -+"-t option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:429 -+msgid "" -+"-d option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:433 -+msgid "" -+"-a option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:452 - msgid "List SELinux Policy interfaces" - msgstr "" - --#: ../sepolicy/sepolicy.py:362 -+#: ../sepolicy/sepolicy.py:470 -+msgid "Enter interface names, you wish to query" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:479 - msgid "Generate SELinux Policy module template" - msgstr "" - --#: ../sepolicy/sepolicy.py:365 -+#: ../sepolicy/sepolicy.py:482 - msgid "Enter domain type which you will be extending" - msgstr "" - --#: ../sepolicy/sepolicy.py:368 -+#: ../sepolicy/sepolicy.py:485 - msgid "Enter SELinux user(s) which will transition to this domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:371 -+#: ../sepolicy/sepolicy.py:488 - msgid "Enter domain(s) that this confined admin will administrate" - msgstr "" - --#: ../sepolicy/sepolicy.py:374 -+#: ../sepolicy/sepolicy.py:491 - msgid "name of policy to generate" - msgstr "" - --#: ../sepolicy/sepolicy.py:378 -+#: ../sepolicy/sepolicy.py:498 - msgid "path in which the generated policy files will be stored" - msgstr "" - --#: ../sepolicy/sepolicy.py:380 --msgid "executable to confine" -+#: ../sepolicy/sepolicy.py:500 -+msgid "path to which the confined processes will need to write" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:501 -+msgid "Policy types which require a command" - msgstr "" - --#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387 --#: ../sepolicy/sepolicy.py:390 ../sepolicy/sepolicy.py:393 --#: ../sepolicy/sepolicy.py:396 ../sepolicy/sepolicy.py:399 --#: ../sepolicy/sepolicy.py:402 ../sepolicy/sepolicy.py:405 --#: ../sepolicy/sepolicy.py:408 ../sepolicy/sepolicy.py:411 --#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 -+#: ../sepolicy/sepolicy.py:505 ../sepolicy/sepolicy.py:508 -+#: ../sepolicy/sepolicy.py:511 ../sepolicy/sepolicy.py:514 -+#: ../sepolicy/sepolicy.py:517 ../sepolicy/sepolicy.py:523 -+#: ../sepolicy/sepolicy.py:526 ../sepolicy/sepolicy.py:529 -+#: ../sepolicy/sepolicy.py:535 ../sepolicy/sepolicy.py:538 -+#: ../sepolicy/sepolicy.py:541 ../sepolicy/sepolicy.py:544 - #, python-format --msgid "Generate Policy for %s" -+msgid "Generate '%s' policy" - msgstr "" - --#: ../sepolicy/sepolicy.py:422 -+#: ../sepolicy/sepolicy.py:532 -+#, python-format -+msgid "Generate '%s' policy " -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:546 -+msgid "executable to confine" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:551 - msgid "commands" - msgstr "" - --#: ../sepolicy/sepolicy.py:425 -+#: ../sepolicy/sepolicy.py:554 - msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:48 -+#: ../sepolicy/sepolicy/__init__.py:72 - msgid "No SELinux Policy installed" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:54 -+#: ../sepolicy/sepolicy/__init__.py:243 - #, python-format - msgid "Failed to read %s policy file" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:127 -+#: ../sepolicy/sepolicy/__init__.py:302 - msgid "unknown" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:173 -+#: ../sepolicy/sepolicy/generate.py:132 - msgid "Internet Services Daemon" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:177 -+#: ../sepolicy/sepolicy/generate.py:136 - msgid "Existing Domain Type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:178 -+#: ../sepolicy/sepolicy/generate.py:137 - msgid "Minimal Terminal Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:179 -+#: ../sepolicy/sepolicy/generate.py:138 - msgid "Minimal X Windows Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:180 -+#: ../sepolicy/sepolicy/generate.py:139 - msgid "Desktop Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:181 -+#: ../sepolicy/sepolicy/generate.py:140 - msgid "Administrator Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:182 -+#: ../sepolicy/sepolicy/generate.py:141 - msgid "Confined Root Administrator Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:187 -+#: ../sepolicy/sepolicy/generate.py:142 -+msgid "Module information for a new type" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:147 - msgid "Valid Types:\n" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:221 -+#: ../sepolicy/sepolicy/generate.py:181 - #, python-format - msgid "Ports must be numbers or ranges of numbers from 1 to %d " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:231 -+#: ../sepolicy/sepolicy/generate.py:192 - msgid "You must enter a valid policy type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:234 -+#: ../sepolicy/sepolicy/generate.py:195 - #, python-format - msgid "You must enter a name for your policy module for your %s." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:355 -+#: ../sepolicy/sepolicy/generate.py:327 - msgid "" - "Name must be alpha numberic with no spaces. Consider using option \"-n " - "MODULENAME\"" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:447 -+#: ../sepolicy/sepolicy/generate.py:419 - msgid "User Role types can not be assigned executables." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:453 -+#: ../sepolicy/sepolicy/generate.py:425 - msgid "Only Daemon apps can use an init script.." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:471 -+#: ../sepolicy/sepolicy/generate.py:443 - msgid "use_resolve must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:477 -+#: ../sepolicy/sepolicy/generate.py:449 - msgid "use_syslog must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:483 -+#: ../sepolicy/sepolicy/generate.py:455 - msgid "use_kerberos must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:489 -+#: ../sepolicy/sepolicy/generate.py:461 - msgid "manage_krb5_rcache must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:519 -+#: ../sepolicy/sepolicy/generate.py:491 - msgid "USER Types automatically get a tmp type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:857 -+#: ../sepolicy/sepolicy/generate.py:832 - #, python-format - msgid "%s policy modules require existing domains" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1059 -+#: ../sepolicy/sepolicy/generate.py:857 -+msgid "Type field required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:869 -+#, python-format -+msgid "" -+"You need to define a new type which ends with: \n" -+" %s" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:1088 - msgid "You must enter the executable path for your confined process" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1321 -+#: ../sepolicy/sepolicy/generate.py:1351 - msgid "Type Enforcement file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1322 -+#: ../sepolicy/sepolicy/generate.py:1352 - msgid "Interface file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1323 -+#: ../sepolicy/sepolicy/generate.py:1353 - msgid "File Contexts file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1324 -+#: ../sepolicy/sepolicy/generate.py:1354 - msgid "Spec file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1325 -+#: ../sepolicy/sepolicy/generate.py:1355 - msgid "Setup Script" - msgstr "" - -@@ -2428,11 +2522,11 @@ msgid "" - msgstr "" - - #: booleans.py:3 --msgid "Allow amavis to use JIT compiler" -+msgid "Allow antivirus programs to read non security files on a system" - msgstr "" - - #: booleans.py:4 --msgid "Allow antivirus programs to read non security files on a system" -+msgid "Determine whether can antivirus programs use JIT compiler." - msgstr "" - - #: booleans.py:5 -@@ -2454,50 +2548,54 @@ msgid "Allow users to login using a yubikey server" - msgstr "" - - #: booleans.py:9 --msgid "Allow awstats to purge Apache logs" -+msgid "Determine whether awstats can purge httpd log files." - msgstr "" - - #: booleans.py:10 - msgid "" --"Allow cdrecord to read various content. nfs, samba, removable devices, user " --"temp and untrusted content files" -+"Determine whether cdrecord can read various content. nfs, samba, removable " -+"devices, user temp and untrusted content files" - msgstr "" - - #: booleans.py:11 --msgid "Allow clamd to use JIT compiler" -+msgid "" -+"Allow cluster administrative domains to connect to the network using TCP." - msgstr "" - - #: booleans.py:12 --msgid "Allow clamscan to non security files on a system" -+msgid "Allow cluster administrative domains to manage all files on a system." - msgstr "" - - #: booleans.py:13 --msgid "Allow clamscan to read user content" -+msgid "" -+"Allow cluster administrative cluster domains memcheck-amd64- to use " -+"executable memory" - msgstr "" - - #: booleans.py:14 - msgid "" --"Allow Cobbler to modify public files used for public file transfer services." -+"Determine whether Cobbler can modify public files used for public file " -+"transfer services." - msgstr "" - - #: booleans.py:15 --msgid "Allow Cobbler to connect to the network using TCP." -+msgid "Determine whether Cobbler can connect to the network using TCP." - msgstr "" - - #: booleans.py:16 --msgid "Allow Cobbler to access cifs file systems." -+msgid "Determine whether Cobbler can access cifs file systems." - msgstr "" - - #: booleans.py:17 --msgid "Allow Cobbler to access nfs file systems." -+msgid "Determine whether Cobbler can access nfs file systems." - msgstr "" - - #: booleans.py:18 --msgid "Allow collectd to connect to the network using TCP." -+msgid "Determine whether collectd can connect to the network using TCP." - msgstr "" - - #: booleans.py:19 --msgid "Allow codnor domain to connect to the network using TCP." -+msgid "Determine whether Condor can connect to the network using TCP." - msgstr "" - - #: booleans.py:20 -@@ -2506,7 +2604,7 @@ msgid "" - msgstr "" - - #: booleans.py:21 --msgid "Allow cvs daemon to read shadow" -+msgid "Determine whether cvs can read shadow password files." - msgstr "" - - #: booleans.py:22 -@@ -2522,951 +2620,1000 @@ msgid "Allow all daemons the ability to read/write terminals" - msgstr "" - - #: booleans.py:25 --msgid "Allow dan to manage user files" -+msgid "Determine whether dbadm can manage generic user files." - msgstr "" - - #: booleans.py:26 --msgid "Allow dan to read user files" -+msgid "Determine whether dbadm can read generic user files." - msgstr "" - - #: booleans.py:27 --msgid "Allow dbadm to manage files in users home directories" -+msgid "" -+"Deny user domains applications to map a memory region as both executable and " -+"writable, this is dangerous and the executable should be reported in bugzilla" - msgstr "" - - #: booleans.py:28 --msgid "Allow dbadm to read files in users home directories" -+msgid "Deny any process from ptracing or debugging any other processes." - msgstr "" - - #: booleans.py:29 --msgid "" --"Deny user domains applications to map a memory region as both executable and " --"writable, this is dangerous and the executable should be reported in bugzilla" -+msgid "Allow dhcpc client applications to execute iptables commands" - msgstr "" - - #: booleans.py:30 --msgid "Allow sysadm to debug or ptrace all processes." -+msgid "Determine whether DHCP daemon can use LDAP backends." - msgstr "" - - #: booleans.py:31 --msgid "Allow dhcpc client applications to execute iptables commands" -+msgid "Allow all domains to use other domains file descriptors" - msgstr "" - - #: booleans.py:32 --msgid "Allow DHCP daemon to use LDAP backends" -+msgid "Allow all domains to have the kernel load modules" - msgstr "" - - #: booleans.py:33 --msgid "Allow all domains to use other domains file descriptors" -+msgid "" -+"Determine whether entropyd can use audio devices as the source for the " -+"entropy feeds." - msgstr "" - - #: booleans.py:34 --msgid "Allow all domains to have the kernel load modules" -+msgid "Determine whether exim can connect to databases." - msgstr "" - - #: booleans.py:35 --msgid "Allow the use of the audio devices as the source for the entropy feeds" -+msgid "" -+"Determine whether exim can create, read, write, and delete generic user " -+"content files." - msgstr "" - - #: booleans.py:36 --msgid "Allow exim to connect to databases (postgres, mysql)" -+msgid "Determine whether exim can read generic user content files." - msgstr "" - - #: booleans.py:37 --msgid "Allow exim to create, read, write, and delete unprivileged user files." -+msgid "Enable extra rules in the cron domain to support fcron." - msgstr "" - - #: booleans.py:38 --msgid "Allow exim to read unprivileged user files." -+msgid "Determine whether fenced can connect to the TCP network." - msgstr "" - - #: booleans.py:39 --msgid "Enable extra rules in the cron domain to support fcron." -+msgid "Determine whether fenced can use ssh." - msgstr "" - - #: booleans.py:40 --msgid "Allow fenced domain to connect to the network using TCP." -+msgid "Allow all domains to execute in fips_mode" - msgstr "" - - #: booleans.py:41 --msgid "Allow fenced domain to execute ssh." -+msgid "" -+"Determine whether ftpd can read and write files in user home directories." - msgstr "" - - #: booleans.py:42 --msgid "Allow all domains to execute in fips_mode" -+msgid "" -+"Determine whether ftpd can modify public files used for public file transfer " -+"services. Directories/Files must be labeled public_content_rw_t." - msgstr "" - - #: booleans.py:43 --msgid "Allow ftp to read and write files in the user home directories" -+msgid "Determine whether ftpd can connect to all unreserved ports." - msgstr "" - - #: booleans.py:44 --msgid "" --"Allow ftp servers to upload files, used for public file transfer services. " --"Directories must be labeled public_content_rw_t." -+msgid "Determine whether ftpd can connect to databases over the TCP network." - msgstr "" - - #: booleans.py:45 --msgid "Allow ftp servers to connect to all ports > 1023" -+msgid "" -+"Determine whether ftpd can login to local users and can read and write all " -+"files on the system, governed by DAC." - msgstr "" - - #: booleans.py:46 --msgid "Allow ftp servers to connect to mysql database ports" -+msgid "" -+"Determine whether ftpd can use CIFS used for public file transfer services." - msgstr "" - --#: booleans.py:47 --msgid "" --"Allow ftp servers to login to local users and read/write all files on the " --"system, governed by DAC." -+#: booleans.py:47 booleans.py:166 -+msgid "Allow samba to export ntfs/fusefs volumes." - msgstr "" - - #: booleans.py:48 --msgid "Allow ftp servers to use cifs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can use NFS used for public file transfer services." - msgstr "" - - #: booleans.py:49 --msgid "Allow ftp servers to use nfs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can bind to all unreserved ports for passive mode." - msgstr "" - - #: booleans.py:50 --msgid "Allow ftp servers to use bind to all unreserved ports for passive mode" --msgstr "" -- --#: booleans.py:51 - msgid "Determine whether Git CGI can search home directories." - msgstr "" - --#: booleans.py:52 -+#: booleans.py:51 - msgid "Determine whether Git CGI can access cifs file systems." - msgstr "" - --#: booleans.py:53 -+#: booleans.py:52 - msgid "Determine whether Git CGI can access nfs file systems." - msgstr "" - --#: booleans.py:54 -+#: booleans.py:53 - msgid "" - "Determine whether Git session daemon can bind TCP sockets to all unreserved " - "ports." - msgstr "" - --#: booleans.py:55 -+#: booleans.py:54 - msgid "" - "Determine whether calling user domains can execute Git daemon in the " - "git_session_t domain." - msgstr "" - --#: booleans.py:56 -+#: booleans.py:55 - msgid "Determine whether Git system daemon can search home directories." - msgstr "" - --#: booleans.py:57 -+#: booleans.py:56 - msgid "Determine whether Git system daemon can access cifs file systems." - msgstr "" - --#: booleans.py:58 -+#: booleans.py:57 - msgid "Determine whether Git system daemon can access nfs file systems." - msgstr "" - -+#: booleans.py:58 -+msgid "Determine whether Gitosis can send mail." -+msgstr "" -+ - #: booleans.py:59 --msgid "Allow gitisis daemon to send mail" -+msgid "Enable reading of urandom for all domains." - msgstr "" - - #: booleans.py:60 --msgid "Enable reading of urandom for all domains." -+msgid "" -+"Allow glusterfsd to modify public files used for public file transfer " -+"services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - - #: booleans.py:61 -+msgid "Allow glusterfsd to share any file/directory read only." -+msgstr "" -+ -+#: booleans.py:62 -+msgid "Allow glusterfsd to share any file/directory read/write." -+msgstr "" -+ -+#: booleans.py:63 - msgid "" - "Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" - "agent to manage user files." - msgstr "" - --#: booleans.py:62 -+#: booleans.py:64 - msgid "" - "Allow gpg web domain to modify public files used for public file transfer " - "services." - msgstr "" - --#: booleans.py:63 -+#: booleans.py:65 - msgid "Allow gssd to read temp directory. For access to kerberos tgt." - msgstr "" - --#: booleans.py:64 -+#: booleans.py:66 - msgid "Allow guest to exec content" - msgstr "" - --#: booleans.py:65 -+#: booleans.py:67 - msgid "" - "Allow Apache to modify public files used for public file transfer services. " - "Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:66 -+#: booleans.py:68 - msgid "Allow httpd to use built in scripting (usually php)" - msgstr "" - --#: booleans.py:67 -+#: booleans.py:69 - msgid "Allow http daemon to check spam" - msgstr "" - --#: booleans.py:68 -+#: booleans.py:70 - msgid "" - "Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " - "ports" - msgstr "" - --#: booleans.py:69 -+#: booleans.py:71 - msgid "Allow httpd to connect to the ldap port" - msgstr "" - --#: booleans.py:70 -+#: booleans.py:72 - msgid "Allow http daemon to connect to zabbix" - msgstr "" - --#: booleans.py:71 -+#: booleans.py:73 - msgid "Allow HTTPD scripts and modules to connect to the network using TCP." - msgstr "" - --#: booleans.py:72 -+#: booleans.py:74 - msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." - msgstr "" - --#: booleans.py:73 -+#: booleans.py:75 - msgid "" - "Allow HTTPD scripts and modules to connect to databases over the network." - msgstr "" - --#: booleans.py:74 -+#: booleans.py:76 - msgid "Allow httpd to connect to memcache server" - msgstr "" - --#: booleans.py:75 -+#: booleans.py:77 - msgid "Allow httpd to act as a relay" - msgstr "" - --#: booleans.py:76 -+#: booleans.py:78 - msgid "Allow http daemon to send mail" - msgstr "" - --#: booleans.py:77 -+#: booleans.py:79 - msgid "Allow Apache to communicate with avahi service via dbus" - msgstr "" - --#: booleans.py:78 -+#: booleans.py:80 - msgid "Allow httpd cgi support" - msgstr "" - --#: booleans.py:79 -+#: booleans.py:81 - msgid "Allow httpd to act as a FTP server by listening on the ftp port." - msgstr "" - --#: booleans.py:80 -+#: booleans.py:82 - msgid "Allow httpd to read home directories" - msgstr "" - --#: booleans.py:81 -+#: booleans.py:83 - msgid "Allow httpd scripts and modules execmem/execstack" - msgstr "" - --#: booleans.py:82 -+#: booleans.py:84 - msgid "Allow HTTPD to connect to port 80 for graceful shutdown" - msgstr "" - --#: booleans.py:83 -+#: booleans.py:85 - msgid "Allow httpd processes to manage IPA content" - msgstr "" - --#: booleans.py:84 -+#: booleans.py:86 - msgid "Allow Apache to use mod_auth_ntlm_winbind" - msgstr "" - --#: booleans.py:85 -+#: booleans.py:87 - msgid "Allow Apache to use mod_auth_pam" - msgstr "" - --#: booleans.py:86 -+#: booleans.py:88 - msgid "Allow httpd to read user content" - msgstr "" - --#: booleans.py:87 -+#: booleans.py:89 - msgid "Allow Apache to run in stickshift mode, not transition to passenger" - msgstr "" - --#: booleans.py:88 -+#: booleans.py:90 -+msgid "Allow HTTPD scripts and modules to server cobbler files." -+msgstr "" -+ -+#: booleans.py:91 - msgid "Allow httpd daemon to change its resource limits" - msgstr "" - --#: booleans.py:89 -+#: booleans.py:92 - msgid "" - "Allow HTTPD to run SSI executables in the same domain as system CGI scripts." - msgstr "" - --#: booleans.py:90 -+#: booleans.py:93 - msgid "" - "Allow apache scripts to write to public content, directories/files must be " - "labeled public_rw_content_t." - msgstr "" - --#: booleans.py:91 -+#: booleans.py:94 - msgid "Allow Apache to execute tmp content." - msgstr "" - --#: booleans.py:92 -+#: booleans.py:95 - msgid "" - "Unify HTTPD to communicate with the terminal. Needed for entering the " - "passphrase for certificates at the terminal." - msgstr "" - --#: booleans.py:93 -+#: booleans.py:96 - msgid "Unify HTTPD handling of all content files." - msgstr "" - --#: booleans.py:94 -+#: booleans.py:97 - msgid "Allow httpd to access cifs file systems" - msgstr "" - --#: booleans.py:95 -+#: booleans.py:98 - msgid "Allow httpd to access FUSE file systems" - msgstr "" - --#: booleans.py:96 -+#: booleans.py:99 - msgid "Allow httpd to run gpg" - msgstr "" - --#: booleans.py:97 -+#: booleans.py:100 - msgid "Allow httpd to access nfs file systems" - msgstr "" - --#: booleans.py:98 -+#: booleans.py:101 - msgid "Allow httpd to communicate with oddjob to start up a service" - msgstr "" - --#: booleans.py:99 -+#: booleans.py:102 - msgid "Allow httpd to access openstack ports" - msgstr "" - --#: booleans.py:100 -+#: booleans.py:103 - msgid "Allow Apache to query NS records" - msgstr "" - --#: booleans.py:101 --msgid "Allow icecast to connect to all ports, not just sound ports." -+#: booleans.py:104 -+msgid "Determine whether icecast can listen on and connect to any TCP port." - msgstr "" - --#: booleans.py:102 -+#: booleans.py:105 -+msgid "" -+"Determine whether irc clients can listen on and connect to any unreserved " -+"TCP ports." -+msgstr "" -+ -+#: booleans.py:106 - msgid "" - "Allow the Irssi IRC Client to connect to any port, and to bind to any " - "unreserved port." - msgstr "" - --#: booleans.py:103 -+#: booleans.py:107 - msgid "Allow confined applications to run with kerberos." - msgstr "" - --#: booleans.py:104 --msgid "Allow syslogd daemon to send mail" -+#: booleans.py:108 -+msgid "Allow ksmtuned to use cifs/Samba file systems" - msgstr "" - --#: booleans.py:105 --msgid "Allow syslogd the ability to read/write terminals" -+#: booleans.py:109 -+msgid "Allow ksmtuned to use nfs file systems" - msgstr "" - --#: booleans.py:106 -+#: booleans.py:110 -+msgid "Allow syslogd daemon to send mail" -+msgstr "" -+ -+#: booleans.py:111 -+msgid "Allow syslogd the ability to read/write terminals" -+msgstr "" -+ -+#: booleans.py:112 - msgid "Allow logging in and using the system from /dev/console." - msgstr "" - --#: booleans.py:107 -+#: booleans.py:113 -+msgid "Allow mailman to access FUSE file systems" -+msgstr "" -+ -+#: booleans.py:114 -+msgid "Determine whether mcelog supports client mode." -+msgstr "" -+ -+#: booleans.py:115 -+msgid "Determine whether mcelog can execute scripts." -+msgstr "" -+ -+#: booleans.py:116 -+msgid "Determine whether mcelog can use all the user ttys." -+msgstr "" -+ -+#: booleans.py:117 -+msgid "Determine whether mcelog supports server mode." -+msgstr "" -+ -+#: booleans.py:118 - msgid "" - "Control the ability to mmap a low area of the address space, as configured " - "by /proc/sys/kernel/mmap_min_addr." - msgstr "" - --#: booleans.py:108 -+#: booleans.py:119 - msgid "Allow mock to read files in home directories." - msgstr "" - --#: booleans.py:109 -+#: booleans.py:120 - msgid "Allow the mount command to mount any directory or file." - msgstr "" - --#: booleans.py:110 -+#: booleans.py:121 - msgid "Allow mozilla plugin domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:111 --msgid "" --"Allow mozilla_plugins to create random content in the users home directory" -+#: booleans.py:122 -+msgid "Allow confined web browsers to read home directory content" - msgstr "" - --#: booleans.py:112 --msgid "Allow confined web browsers to read home directory content" -+#: booleans.py:123 -+msgid "Determine whether mpd can traverse user home directories." - msgstr "" - --#: booleans.py:113 --msgid "Allow mplayer executable stack" -+#: booleans.py:124 -+msgid "Determine whether mpd can use cifs file systems." - msgstr "" - --#: booleans.py:114 -+#: booleans.py:125 -+msgid "Determine whether mpd can use nfs file systems." -+msgstr "" -+ -+#: booleans.py:126 -+msgid "Determine whether mplayer can make its stack executable." -+msgstr "" -+ -+#: booleans.py:127 - msgid "Allow mysqld to connect to all ports" - msgstr "" - --#: booleans.py:115 --msgid "Allow BIND to bind apache port." -+#: booleans.py:128 -+msgid "Determine whether Bind can bind tcp socket to http ports." - msgstr "" - --#: booleans.py:116 -+#: booleans.py:129 - msgid "" --"Allow BIND to write the master zone files. Generally this is used for " --"dynamic DNS or zone transfers." -+"Determine whether Bind can write to master zone files. Generally this is " -+"used for dynamic DNS or zone transfers." - msgstr "" - --#: booleans.py:117 -+#: booleans.py:130 - msgid "Allow any files/directories to be exported read/only via NFS." - msgstr "" - --#: booleans.py:118 -+#: booleans.py:131 - msgid "Allow any files/directories to be exported read/write via NFS." - msgstr "" - --#: booleans.py:119 -+#: booleans.py:132 - msgid "" - "Allow nfs servers to modify public files used for public file transfer " - "services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:120 -+#: booleans.py:133 - msgid "Allow system to run with NIS" - msgstr "" - --#: booleans.py:121 -+#: booleans.py:134 - msgid "Allow confined applications to use nscd shared memory." - msgstr "" - --#: booleans.py:122 -+#: booleans.py:135 - msgid "Allow openshift to lockdown app" - msgstr "" - --#: booleans.py:123 --msgid "Allow openvpn to read home directories" -+#: booleans.py:136 -+msgid "Determine whether openvpn can read generic user home content files." - msgstr "" - --#: booleans.py:124 -+#: booleans.py:137 - msgid "Allow piranha-lvs domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:125 -+#: booleans.py:138 - msgid "Allow polipo to connect to all ports > 1023" - msgstr "" - --#: booleans.py:126 -+#: booleans.py:139 - msgid "" - "Determine whether Polipo session daemon can bind tcp sockets to all " - "unreserved ports." - msgstr "" - --#: booleans.py:127 -+#: booleans.py:140 - msgid "" - "Determine whether calling user domains can execute Polipo daemon in the " - "polipo_session_t domain." - msgstr "" - --#: booleans.py:128 -+#: booleans.py:141 - msgid "Determine whether polipo can access cifs file systems." - msgstr "" - --#: booleans.py:129 -+#: booleans.py:142 - msgid "Determine whether Polipo can access nfs file systems." - msgstr "" - --#: booleans.py:130 -+#: booleans.py:143 - msgid "Enable polyinstantiated directory support." - msgstr "" - --#: booleans.py:131 -+#: booleans.py:144 - msgid "Allow postfix_local domain full write access to mail_spool directories" - msgstr "" - --#: booleans.py:132 -+#: booleans.py:145 - msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" - msgstr "" - --#: booleans.py:133 -+#: booleans.py:146 - msgid "Allow transmit client label to foreign database" - msgstr "" - --#: booleans.py:134 -+#: booleans.py:147 - msgid "Allow database admins to execute DML statement" - msgstr "" - --#: booleans.py:135 -+#: booleans.py:148 - msgid "Allow unprivileged users to execute DDL statement" - msgstr "" - --#: booleans.py:136 -+#: booleans.py:149 - msgid "Allow pppd to load kernel modules for certain modems" - msgstr "" - --#: booleans.py:137 -+#: booleans.py:150 - msgid "Allow pppd to be run for a regular user" - msgstr "" - --#: booleans.py:138 --msgid "" --"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:151 -+msgid "Determine whether privoxy can connect to all tcp ports." - msgstr "" - --#: booleans.py:139 -+#: booleans.py:152 - msgid "Allow Puppet client to manage all file types." - msgstr "" - --#: booleans.py:140 -+#: booleans.py:153 - msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" - msgstr "" - --#: booleans.py:141 -+#: booleans.py:154 - msgid "Allow racoon to read shadow" - msgstr "" - --#: booleans.py:142 --msgid "Allow rgmanager domain to connect to the network using TCP." --msgstr "" -- --#: booleans.py:143 -+#: booleans.py:155 - msgid "" - "Allow rsync to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:144 -+#: booleans.py:156 - msgid "Allow rsync to run as a client" - msgstr "" - --#: booleans.py:145 -+#: booleans.py:157 - msgid "Allow rsync to export any files/directories read only." - msgstr "" - --#: booleans.py:146 --msgid "Allow rsync servers to share cifs files systems" --msgstr "" -- --#: booleans.py:147 --msgid "Allow rsync servers to share nfs files systems" -+#: booleans.py:158 -+msgid "Allow rsync server to manage all files/directories on the system." - msgstr "" - --#: booleans.py:148 -+#: booleans.py:159 - msgid "Allow samba to create new home directories (e.g. via PAM)" - msgstr "" - --#: booleans.py:149 -+#: booleans.py:160 - msgid "" - "Allow samba to act as the domain controller, add users, groups and change " - "passwords." - msgstr "" - --#: booleans.py:150 -+#: booleans.py:161 - msgid "Allow samba to share users home directories." - msgstr "" - --#: booleans.py:151 -+#: booleans.py:162 - msgid "Allow samba to share any file/directory read only." - msgstr "" - --#: booleans.py:152 -+#: booleans.py:163 - msgid "Allow samba to share any file/directory read/write." - msgstr "" - --#: booleans.py:153 -+#: booleans.py:164 - msgid "Allow samba to act as a portmapper" - msgstr "" - --#: booleans.py:154 -+#: booleans.py:165 - msgid "Allow samba to run unconfined scripts" - msgstr "" - --#: booleans.py:155 --msgid "Allow samba to export ntfs/fusefs volumes." --msgstr "" -- --#: booleans.py:156 -+#: booleans.py:167 - msgid "Allow samba to export NFS volumes." - msgstr "" - --#: booleans.py:157 -+#: booleans.py:168 - msgid "Allow sanlock to read/write fuse files" - msgstr "" - --#: booleans.py:158 -+#: booleans.py:169 - msgid "Allow sanlock to manage nfs files" - msgstr "" - --#: booleans.py:159 -+#: booleans.py:170 - msgid "Allow sanlock to manage cifs files" - msgstr "" - --#: booleans.py:160 -+#: booleans.py:171 - msgid "Allow sasl to read shadow" - msgstr "" - --#: booleans.py:161 -+#: booleans.py:172 - msgid "Allow secadm to exec content" - msgstr "" - --#: booleans.py:162 -+#: booleans.py:173 - msgid "" - "disallow programs, such as newrole, from transitioning to administrative " - "user domains." - msgstr "" - --#: booleans.py:163 -+#: booleans.py:174 - msgid "Disable kernel module loading." - msgstr "" - --#: booleans.py:164 -+#: booleans.py:175 - msgid "" - "Boolean to determine whether the system permits loading policy, setting " - "enforcing mode, and changing boolean values. Set this to true and you have " - "to reboot to set it back." - msgstr "" - --#: booleans.py:165 -+#: booleans.py:176 - msgid "Allow regular users direct dri device access" - msgstr "" - --#: booleans.py:166 -+#: booleans.py:177 - msgid "" - "Allow unconfined executables to make their heap memory executable. Doing " - "this is a really bad idea. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:167 -+#: booleans.py:178 - msgid "" - "Allow all unconfined executables to use libraries requiring text relocation " - "that are not labeled textrel_shlib_t" - msgstr "" - --#: booleans.py:168 -+#: booleans.py:179 - msgid "" - "Allow unconfined executables to make their stack executable. This should " - "never, ever be necessary. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:169 -+#: booleans.py:180 - msgid "Allow users to connect to the local mysql server" - msgstr "" - --#: booleans.py:170 -+#: booleans.py:181 - msgid "" - "Allow confined users the ability to execute the ping and traceroute commands." - msgstr "" - --#: booleans.py:171 -+#: booleans.py:182 - msgid "Allow users to connect to PostgreSQL" - msgstr "" - --#: booleans.py:172 -+#: booleans.py:183 - msgid "" - "Allow user to r/w files on filesystems that do not have extended attributes " - "(FAT, CDROM, FLOPPY)" - msgstr "" - --#: booleans.py:173 -+#: booleans.py:184 -+msgid "Allow user music sharing" -+msgstr "" -+ -+#: booleans.py:185 - msgid "" - "Allow users to run TCP servers (bind to ports and accept connection from the " - "same domain and outside users) disabling this forces FTP passive mode and " - "may change other protocols." - msgstr "" - --#: booleans.py:174 -+#: booleans.py:186 - msgid "Allow user to use ssh chroot environment." - msgstr "" - --#: booleans.py:175 --msgid "Allow user music sharing" --msgstr "" -- --#: booleans.py:176 -+#: booleans.py:187 - msgid "" --"Allow anon internal-sftp to upload files, used for public file transfer " --"services. Directories must be labeled public_content_rw_t." -+"Determine whether sftpd can modify public files used for public file " -+"transfer services. Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:177 -+#: booleans.py:188 - msgid "" --"Allow sftp-internal to read and write files in the user home directories" -+"Determine whether sftpd-can read and write files in user home directories." - msgstr "" - --#: booleans.py:178 -+#: booleans.py:189 - msgid "" --"Allow sftp-internal to login to local users and read/write all files on the " --"system, governed by DAC." -+"Determine whether sftpd-can login to local users and read and write all " -+"files on the system, governed by DAC." - msgstr "" - --#: booleans.py:179 -+#: booleans.py:190 - msgid "" --"Allow internal-sftp to read and write files in the user ssh home directories." -+"Determine whether sftpd can read and write files in user ssh home " -+"directories." - msgstr "" - --#: booleans.py:180 -+#: booleans.py:191 - msgid "Allow sge to connect to the network using any TCP port" - msgstr "" - --#: booleans.py:181 -+#: booleans.py:192 - msgid "Allow sge to access nfs file systems." - msgstr "" - --#: booleans.py:182 --msgid "" --"Enable additional permissions needed to support devices on 3ware controllers." -+#: booleans.py:193 -+msgid "Determine whether smartmon can support devices on 3ware controllers." - msgstr "" - --#: booleans.py:183 -+#: booleans.py:194 - msgid "" - "Allow samba to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:184 -+#: booleans.py:195 - msgid "Allow user spamassassin clients to use the network." - msgstr "" - --#: booleans.py:185 -+#: booleans.py:196 - msgid "Allow spamd to read/write user home directories." - msgstr "" - --#: booleans.py:186 --msgid "" --"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:197 -+msgid "Determine whether squid can connect to all TCP ports." - msgstr "" - --#: booleans.py:187 --msgid "Allow squid to run as a transparent proxy (TPROXY)" -+#: booleans.py:198 -+msgid "Determine whether squid can run as a transparent proxy." - msgstr "" - --#: booleans.py:188 -+#: booleans.py:199 - msgid "" - "Allow ssh with chroot env to read and write files in the user home " - "directories" - msgstr "" - --#: booleans.py:189 -+#: booleans.py:200 - msgid "allow host key based authentication" - msgstr "" - --#: booleans.py:190 -+#: booleans.py:201 - msgid "Allow ssh logins as sysadm_r:sysadm_t" - msgstr "" - --#: booleans.py:191 -+#: booleans.py:202 - msgid "Allow staff to exec content" - msgstr "" - --#: booleans.py:192 -+#: booleans.py:203 - msgid "allow staff user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:193 -+#: booleans.py:204 - msgid "Allow sysadm to exec content" - msgstr "" - --#: booleans.py:194 -+#: booleans.py:205 - msgid "Allow the Telepathy connection managers to connect to any network port." - msgstr "" - --#: booleans.py:195 -+#: booleans.py:206 - msgid "" - "Allow the Telepathy connection managers to connect to any generic TCP port." - msgstr "" - --#: booleans.py:196 -+#: booleans.py:207 - msgid "" - "Allow tftp to modify public files used for public file transfer services." - msgstr "" - --#: booleans.py:197 -+#: booleans.py:208 - msgid "Allow tftp to read and write files in the user home directories" - msgstr "" - --#: booleans.py:198 --msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." -+#: booleans.py:209 -+msgid "Determine whether tor can bind tcp sockets to all unreserved ports." - msgstr "" - --#: booleans.py:199 -+#: booleans.py:210 - msgid "Allow tor to act as a relay" - msgstr "" - --#: booleans.py:200 -+#: booleans.py:211 - msgid "" - "allow unconfined users to transition to the chrome sandbox domains when " - "running chrome-sandbox" - msgstr "" - --#: booleans.py:201 -+#: booleans.py:212 - msgid "Allow a user to login as an unconfined domain" - msgstr "" - --#: booleans.py:202 -+#: booleans.py:213 - msgid "" - "Allow unconfined users to transition to the Mozilla plugin domain when " - "running xulrunner plugin-container." - msgstr "" - --#: booleans.py:203 -+#: booleans.py:214 - msgid "Allow video playing tools to run unconfined" - msgstr "" - --#: booleans.py:204 -+#: booleans.py:215 - msgid "Allow unprivledged user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:205 -+#: booleans.py:216 - msgid "Support ecryptfs home directories" - msgstr "" - --#: booleans.py:206 -+#: booleans.py:217 - msgid "Support fusefs home directories" - msgstr "" - --#: booleans.py:207 --msgid "Use lpd server instead of cups" -+#: booleans.py:218 -+msgid "Determine whether to support lpd server." - msgstr "" - --#: booleans.py:208 -+#: booleans.py:219 - msgid "Support NFS home directories" - msgstr "" - --#: booleans.py:209 -+#: booleans.py:220 - msgid "Support SAMBA home directories" - msgstr "" - --#: booleans.py:210 -+#: booleans.py:221 - msgid "Allow user to exec content" - msgstr "" - --#: booleans.py:211 --msgid "Allow varnishd to connect to all ports, not just HTTP." -+#: booleans.py:222 -+msgid "Determine whether varnishd can use the full TCP network." - msgstr "" - --#: booleans.py:212 --msgid "Ignore vbetool mmap_zero errors." -+#: booleans.py:223 -+msgid "" -+"Determine whether attempts by vbetool to mmap low regions should be silently " -+"blocked." - msgstr "" - --#: booleans.py:213 -+#: booleans.py:224 - msgid "" - "Allow confined virtual guests to use serial/parallel communication ports" - msgstr "" - --#: booleans.py:214 -+#: booleans.py:225 - msgid "" - "Allow confined virtual guests to use executable memory and executable stack" - msgstr "" - --#: booleans.py:215 -+#: booleans.py:226 - msgid "Allow confined virtual guests to read fuse files" - msgstr "" - --#: booleans.py:216 -+#: booleans.py:227 - msgid "Allow confined virtual guests to manage nfs files" - msgstr "" - --#: booleans.py:217 -+#: booleans.py:228 - msgid "Allow confined virtual guests to interact with rawip sockets" - msgstr "" - --#: booleans.py:218 -+#: booleans.py:229 - msgid "Allow confined virtual guests to manage cifs files" - msgstr "" - --#: booleans.py:219 -+#: booleans.py:230 - msgid "Allow confined virtual guests to interact with the sanlock" - msgstr "" - --#: booleans.py:220 --msgid "Allow confined virtual guests to manage device configuration, (pci)" --msgstr "" -- --#: booleans.py:221 -+#: booleans.py:231 - msgid "Allow confined virtual guests to use usb devices" - msgstr "" - --#: booleans.py:222 -+#: booleans.py:232 - msgid "Allow confined virtual guests to interact with the xserver" - msgstr "" - --#: booleans.py:223 --msgid "Allow webadm to manage files in users home directories" -+#: booleans.py:233 -+msgid "Determine whether webadm can manage generic user files." - msgstr "" - --#: booleans.py:224 --msgid "Allow webadm to read files in users home directories" -+#: booleans.py:234 -+msgid "Determine whether webadm can read generic user files." - msgstr "" - --#: booleans.py:225 --msgid "Ignore wine mmap_zero errors." -+#: booleans.py:235 -+msgid "" -+"Determine whether attempts by wine to mmap low regions should be silently " -+"blocked." - msgstr "" - --#: booleans.py:226 -+#: booleans.py:236 - msgid "Allow the graphical login program to execute bootloader" - msgstr "" - --#: booleans.py:227 -+#: booleans.py:237 - msgid "" - "Allow the graphical login program to login directly as sysadm_r:sysadm_t" - msgstr "" - --#: booleans.py:228 -+#: booleans.py:238 - msgid "Allow xen to manage nfs files" - msgstr "" - --#: booleans.py:229 -+#: booleans.py:239 - msgid "" - "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " - "logical volumes for disk images." - msgstr "" - --#: booleans.py:230 -+#: booleans.py:240 - msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." - msgstr "" - --#: booleans.py:231 -+#: booleans.py:241 - msgid "" - "Allow xguest users to configure Network Manager and connect to apache ports" - msgstr "" - --#: booleans.py:232 -+#: booleans.py:242 - msgid "Allow xguest to exec content" - msgstr "" - --#: booleans.py:233 -+#: booleans.py:243 - msgid "Allow xguest users to mount removable media" - msgstr "" - --#: booleans.py:234 -+#: booleans.py:244 - msgid "Allow xguest to use blue tooth devices" - msgstr "" - --#: booleans.py:235 -+#: booleans.py:245 - msgid "Allows clients to write to the X server shared memory segments." - msgstr "" - --#: booleans.py:236 -+#: booleans.py:246 - msgid "Allows XServer to execute writable memory" - msgstr "" - --#: booleans.py:237 -+#: booleans.py:247 - msgid "Support X userspace object manager" - msgstr "" - --#: booleans.py:238 --msgid "Allow zabbix to connect to unreserved ports" -+#: booleans.py:248 -+msgid "Determine whether zabbix can connect to all TCP ports" - msgstr "" - --#: booleans.py:239 -+#: booleans.py:249 - msgid "Allow zebra daemon to write it configuration files" - msgstr "" - --#: booleans.py:240 -+#: booleans.py:250 - msgid "" - "Allow ZoneMinder to modify public files used for public file transfer " - "services." -diff --git a/policycoreutils/po/am.po b/policycoreutils/po/am.po -index 961d921..5ee0bdc 100644 ---- a/policycoreutils/po/am.po -+++ b/policycoreutils/po/am.po -@@ -8,7 +8,7 @@ msgid "" - msgstr "" - "Project-Id-Version: PACKAGE VERSION\n" - "Report-Msgid-Bugs-To: \n" --"POT-Creation-Date: 2013-01-04 12:01-0500\n" -+"POT-Creation-Date: 2013-05-07 11:12-0400\n" - "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" - "Last-Translator: FULL NAME \n" - "Language-Team: LANGUAGE \n" -@@ -24,7 +24,7 @@ msgid "" - " are the arguments to that script." - msgstr "" - --#: ../run_init/run_init.c:126 ../newrole/newrole.c:1123 -+#: ../run_init/run_init.c:126 ../newrole/newrole.c:1128 - #, c-format - msgid "failed to initialize PAM\n" - msgstr "" -@@ -73,16 +73,16 @@ msgstr "" - msgid "authentication failed.\n" - msgstr "" - --#: ../run_init/run_init.c:405 ../newrole/newrole.c:1257 -+#: ../run_init/run_init.c:405 ../newrole/newrole.c:1270 - #, c-format - msgid "Could not set exec context to %s.\n" - msgstr "" - --#: ../audit2allow/audit2allow:232 -+#: ../audit2allow/audit2allow:231 - msgid "******************** IMPORTANT ***********************\n" - msgstr "" - --#: ../audit2allow/audit2allow:233 -+#: ../audit2allow/audit2allow:232 - msgid "To make this policy package active, execute:" - msgstr "" - -@@ -169,786 +169,799 @@ msgstr "" - msgid "Customized Permissive Types" - msgstr "" - --#: ../semanage/seobject.py:412 -+#: ../semanage/seobject.py:379 -+msgid "" -+"The sepolgen python module is required to setup permissive domains.\n" -+"In some distributions it is included in the policycoreutils-devel package.\n" -+"# yum install policycoreutils-devel\n" -+"Or similar for your distro." -+msgstr "" -+ -+#: ../semanage/seobject.py:416 - #, python-format - msgid "Could not set permissive domain %s (module installation failed)" - msgstr "" - --#: ../semanage/seobject.py:418 -+#: ../semanage/seobject.py:422 - #, python-format - msgid "Could not remove permissive domain %s (remove failed)" - msgstr "" - --#: ../semanage/seobject.py:453 ../semanage/seobject.py:527 --#: ../semanage/seobject.py:573 ../semanage/seobject.py:695 --#: ../semanage/seobject.py:725 ../semanage/seobject.py:792 --#: ../semanage/seobject.py:849 ../semanage/seobject.py:1104 --#: ../semanage/seobject.py:1820 ../semanage/seobject.py:1883 --#: ../semanage/seobject.py:1902 ../semanage/seobject.py:2025 --#: ../semanage/seobject.py:2076 -+#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 -+#: ../semanage/seobject.py:577 ../semanage/seobject.py:699 -+#: ../semanage/seobject.py:729 ../semanage/seobject.py:796 -+#: ../semanage/seobject.py:853 ../semanage/seobject.py:1111 -+#: ../semanage/seobject.py:1834 ../semanage/seobject.py:1897 -+#: ../semanage/seobject.py:1916 ../semanage/seobject.py:2042 -+#: ../semanage/seobject.py:2093 - #, python-format - msgid "Could not create a key for %s" - msgstr "" - --#: ../semanage/seobject.py:457 ../semanage/seobject.py:531 --#: ../semanage/seobject.py:577 ../semanage/seobject.py:583 -+#: ../semanage/seobject.py:461 ../semanage/seobject.py:535 -+#: ../semanage/seobject.py:581 ../semanage/seobject.py:587 - #, python-format - msgid "Could not check if login mapping for %s is defined" - msgstr "" - --#: ../semanage/seobject.py:466 -+#: ../semanage/seobject.py:470 - #, python-format - msgid "Linux Group %s does not exist" - msgstr "" - --#: ../semanage/seobject.py:471 -+#: ../semanage/seobject.py:475 - #, python-format - msgid "Linux User %s does not exist" - msgstr "" - --#: ../semanage/seobject.py:475 -+#: ../semanage/seobject.py:479 - #, python-format - msgid "Could not create login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:479 ../semanage/seobject.py:740 -+#: ../semanage/seobject.py:483 ../semanage/seobject.py:744 - #, python-format - msgid "Could not set name for %s" - msgstr "" - --#: ../semanage/seobject.py:484 ../semanage/seobject.py:750 -+#: ../semanage/seobject.py:488 ../semanage/seobject.py:754 - #, python-format - msgid "Could not set MLS range for %s" - msgstr "" - --#: ../semanage/seobject.py:488 -+#: ../semanage/seobject.py:492 - #, python-format - msgid "Could not set SELinux user for %s" - msgstr "" - --#: ../semanage/seobject.py:492 -+#: ../semanage/seobject.py:496 - #, python-format - msgid "Could not add login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:510 -+#: ../semanage/seobject.py:514 - msgid "Requires seuser or serange" - msgstr "" - --#: ../semanage/seobject.py:533 ../semanage/seobject.py:579 -+#: ../semanage/seobject.py:537 ../semanage/seobject.py:583 - #, python-format - msgid "Login mapping for %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:537 -+#: ../semanage/seobject.py:541 - #, python-format - msgid "Could not query seuser for %s" - msgstr "" - --#: ../semanage/seobject.py:551 -+#: ../semanage/seobject.py:555 - #, python-format - msgid "Could not modify login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:585 -+#: ../semanage/seobject.py:589 - #, python-format - msgid "Login mapping for %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:589 -+#: ../semanage/seobject.py:593 - #, python-format - msgid "Could not delete login mapping for %s" - msgstr "" - --#: ../semanage/seobject.py:611 ../semanage/seobject.py:644 --#: ../semanage/seobject.py:892 -+#: ../semanage/seobject.py:615 ../semanage/seobject.py:648 -+#: ../semanage/seobject.py:896 - msgid "Could not list login mappings" - msgstr "" - --#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 - #: ../gui/system-config-selinux.glade:100 - msgid "Login Name" - msgstr "" - --#: ../semanage/seobject.py:672 ../semanage/seobject.py:684 --#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:676 ../semanage/seobject.py:688 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 - #: ../gui/system-config-selinux.glade:128 - #: ../gui/system-config-selinux.glade:915 - #: ../gui/system-config-selinux.glade:2285 ../gui/usersPage.py:44 - msgid "SELinux User" - msgstr "" - --#: ../semanage/seobject.py:672 ../gui/system-config-selinux.glade:156 -+#: ../semanage/seobject.py:676 ../gui/system-config-selinux.glade:156 - #: ../gui/system-config-selinux.glade:943 - msgid "MLS/MCS Range" - msgstr "" - --#: ../semanage/seobject.py:672 -+#: ../semanage/seobject.py:676 - msgid "Service" - msgstr "" - --#: ../semanage/seobject.py:698 ../semanage/seobject.py:729 --#: ../semanage/seobject.py:796 ../semanage/seobject.py:853 --#: ../semanage/seobject.py:859 -+#: ../semanage/seobject.py:702 ../semanage/seobject.py:733 -+#: ../semanage/seobject.py:800 ../semanage/seobject.py:857 -+#: ../semanage/seobject.py:863 - #, python-format - msgid "Could not check if SELinux user %s is defined" - msgstr "" - --#: ../semanage/seobject.py:701 ../semanage/seobject.py:802 --#: ../semanage/seobject.py:865 -+#: ../semanage/seobject.py:705 ../semanage/seobject.py:806 -+#: ../semanage/seobject.py:869 - #, python-format - msgid "Could not query user for %s" - msgstr "" - --#: ../semanage/seobject.py:721 -+#: ../semanage/seobject.py:725 - #, python-format - msgid "You must add at least one role for %s" - msgstr "" - --#: ../semanage/seobject.py:736 -+#: ../semanage/seobject.py:740 - #, python-format - msgid "Could not create SELinux user for %s" - msgstr "" - --#: ../semanage/seobject.py:745 -+#: ../semanage/seobject.py:749 - #, python-format - msgid "Could not add role %s for %s" - msgstr "" - --#: ../semanage/seobject.py:754 -+#: ../semanage/seobject.py:758 - #, python-format - msgid "Could not set MLS level for %s" - msgstr "" - --#: ../semanage/seobject.py:757 -+#: ../semanage/seobject.py:761 - #, python-format - msgid "Could not add prefix %s for %s" - msgstr "" - --#: ../semanage/seobject.py:760 -+#: ../semanage/seobject.py:764 - #, python-format - msgid "Could not extract key for %s" - msgstr "" - --#: ../semanage/seobject.py:764 -+#: ../semanage/seobject.py:768 - #, python-format - msgid "Could not add SELinux user %s" - msgstr "" - --#: ../semanage/seobject.py:786 -+#: ../semanage/seobject.py:790 - msgid "Requires prefix, roles, level or range" - msgstr "" - --#: ../semanage/seobject.py:788 -+#: ../semanage/seobject.py:792 - msgid "Requires prefix or roles" - msgstr "" - --#: ../semanage/seobject.py:798 ../semanage/seobject.py:855 -+#: ../semanage/seobject.py:802 ../semanage/seobject.py:859 - #, python-format - msgid "SELinux user %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:827 -+#: ../semanage/seobject.py:831 - #, python-format - msgid "Could not modify SELinux user %s" - msgstr "" - --#: ../semanage/seobject.py:861 -+#: ../semanage/seobject.py:865 - #, python-format - msgid "SELinux user %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:872 -+#: ../semanage/seobject.py:876 - #, python-format - msgid "Could not delete SELinux user %s" - msgstr "" - --#: ../semanage/seobject.py:910 -+#: ../semanage/seobject.py:914 - msgid "Could not list SELinux users" - msgstr "" - --#: ../semanage/seobject.py:916 -+#: ../semanage/seobject.py:920 - #, python-format - msgid "Could not list roles for user %s" - msgstr "" - --#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 - msgid "Labeling" - msgstr "" - --#: ../semanage/seobject.py:941 -+#: ../semanage/seobject.py:945 - msgid "MLS/" - msgstr "" - --#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 - msgid "Prefix" - msgstr "" - --#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 - msgid "MCS Level" - msgstr "" - --#: ../semanage/seobject.py:942 -+#: ../semanage/seobject.py:946 - msgid "MCS Range" - msgstr "" - --#: ../semanage/seobject.py:942 ../semanage/seobject.py:947 -+#: ../semanage/seobject.py:946 ../semanage/seobject.py:951 - #: ../gui/system-config-selinux.glade:992 ../gui/usersPage.py:59 - msgid "SELinux Roles" - msgstr "" - --#: ../semanage/seobject.py:964 -+#: ../semanage/seobject.py:971 - msgid "Protocol udp or tcp is required" - msgstr "" - --#: ../semanage/seobject.py:966 -+#: ../semanage/seobject.py:973 - msgid "Port is required" - msgstr "" - --#: ../semanage/seobject.py:976 -+#: ../semanage/seobject.py:983 - msgid "Invalid Port" - msgstr "" - --#: ../semanage/seobject.py:980 -+#: ../semanage/seobject.py:987 - #, python-format - msgid "Could not create a key for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:991 -+#: ../semanage/seobject.py:998 - msgid "Type is required" - msgstr "" - --#: ../semanage/seobject.py:994 ../semanage/seobject.py:1056 --#: ../semanage/seobject.py:1814 -+#: ../semanage/seobject.py:1001 ../semanage/seobject.py:1063 -+#: ../semanage/seobject.py:1828 - #, python-format - msgid "Type %s is invalid, must be a port type" - msgstr "" - --#: ../semanage/seobject.py:1000 ../semanage/seobject.py:1062 --#: ../semanage/seobject.py:1117 ../semanage/seobject.py:1123 -+#: ../semanage/seobject.py:1007 ../semanage/seobject.py:1069 -+#: ../semanage/seobject.py:1124 ../semanage/seobject.py:1130 - #, python-format - msgid "Could not check if port %s/%s is defined" - msgstr "" - --#: ../semanage/seobject.py:1002 -+#: ../semanage/seobject.py:1009 - #, python-format - msgid "Port %s/%s already defined" - msgstr "" - --#: ../semanage/seobject.py:1006 -+#: ../semanage/seobject.py:1013 - #, python-format - msgid "Could not create port for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1012 -+#: ../semanage/seobject.py:1019 - #, python-format - msgid "Could not create context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1016 -+#: ../semanage/seobject.py:1023 - #, python-format - msgid "Could not set user in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1020 -+#: ../semanage/seobject.py:1027 - #, python-format - msgid "Could not set role in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1024 -+#: ../semanage/seobject.py:1031 - #, python-format - msgid "Could not set type in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1029 -+#: ../semanage/seobject.py:1036 - #, python-format - msgid "Could not set mls fields in port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1033 -+#: ../semanage/seobject.py:1040 - #, python-format - msgid "Could not set port context for %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1037 -+#: ../semanage/seobject.py:1044 - #, python-format - msgid "Could not add port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1051 ../semanage/seobject.py:1324 --#: ../semanage/seobject.py:1523 -+#: ../semanage/seobject.py:1058 ../semanage/seobject.py:1334 -+#: ../semanage/seobject.py:1533 - msgid "Requires setype or serange" - msgstr "" - --#: ../semanage/seobject.py:1053 -+#: ../semanage/seobject.py:1060 - msgid "Requires setype" - msgstr "" - --#: ../semanage/seobject.py:1064 ../semanage/seobject.py:1119 -+#: ../semanage/seobject.py:1071 ../semanage/seobject.py:1126 - #, python-format - msgid "Port %s/%s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1068 -+#: ../semanage/seobject.py:1075 - #, python-format - msgid "Could not query port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1079 -+#: ../semanage/seobject.py:1086 - #, python-format - msgid "Could not modify port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1092 -+#: ../semanage/seobject.py:1099 - msgid "Could not list the ports" - msgstr "" - --#: ../semanage/seobject.py:1108 -+#: ../semanage/seobject.py:1115 - #, python-format - msgid "Could not delete the port %s" - msgstr "" - --#: ../semanage/seobject.py:1125 -+#: ../semanage/seobject.py:1132 - #, python-format - msgid "Port %s/%s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1129 -+#: ../semanage/seobject.py:1136 - #, python-format - msgid "Could not delete port %s/%s" - msgstr "" - --#: ../semanage/seobject.py:1145 ../semanage/seobject.py:1167 -+#: ../semanage/seobject.py:1152 ../semanage/seobject.py:1174 - msgid "Could not list ports" - msgstr "" - --#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 - msgid "SELinux Port Type" - msgstr "" - --#: ../semanage/seobject.py:1206 -+#: ../semanage/seobject.py:1213 - msgid "Proto" - msgstr "" - --#: ../semanage/seobject.py:1206 ../gui/system-config-selinux.glade:335 -+#: ../semanage/seobject.py:1213 ../gui/system-config-selinux.glade:335 - msgid "Port Number" - msgstr "" - --#: ../semanage/seobject.py:1227 -+#: ../semanage/seobject.py:1237 - msgid "Node Address is required" - msgstr "" - --#: ../semanage/seobject.py:1242 -+#: ../semanage/seobject.py:1252 - msgid "Unknown or missing protocol" - msgstr "" - --#: ../semanage/seobject.py:1256 -+#: ../semanage/seobject.py:1266 - msgid "SELinux node type is required" - msgstr "" - --#: ../semanage/seobject.py:1259 ../semanage/seobject.py:1327 -+#: ../semanage/seobject.py:1269 ../semanage/seobject.py:1337 - #, python-format - msgid "Type %s is invalid, must be a node type" - msgstr "" - --#: ../semanage/seobject.py:1263 ../semanage/seobject.py:1331 --#: ../semanage/seobject.py:1367 ../semanage/seobject.py:1465 --#: ../semanage/seobject.py:1527 ../semanage/seobject.py:1561 --#: ../semanage/seobject.py:1759 -+#: ../semanage/seobject.py:1273 ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1377 ../semanage/seobject.py:1475 -+#: ../semanage/seobject.py:1537 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1773 - #, python-format - msgid "Could not create key for %s" - msgstr "" - --#: ../semanage/seobject.py:1265 ../semanage/seobject.py:1335 --#: ../semanage/seobject.py:1371 ../semanage/seobject.py:1377 -+#: ../semanage/seobject.py:1275 ../semanage/seobject.py:1345 -+#: ../semanage/seobject.py:1381 ../semanage/seobject.py:1387 - #, python-format - msgid "Could not check if addr %s is defined" - msgstr "" - --#: ../semanage/seobject.py:1274 -+#: ../semanage/seobject.py:1284 - #, python-format - msgid "Could not create addr for %s" - msgstr "" - --#: ../semanage/seobject.py:1280 ../semanage/seobject.py:1481 --#: ../semanage/seobject.py:1714 -+#: ../semanage/seobject.py:1290 ../semanage/seobject.py:1491 -+#: ../semanage/seobject.py:1728 - #, python-format - msgid "Could not create context for %s" - msgstr "" - --#: ../semanage/seobject.py:1284 -+#: ../semanage/seobject.py:1294 - #, python-format - msgid "Could not set mask for %s" - msgstr "" - --#: ../semanage/seobject.py:1288 -+#: ../semanage/seobject.py:1298 - #, python-format - msgid "Could not set user in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1292 -+#: ../semanage/seobject.py:1302 - #, python-format - msgid "Could not set role in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1296 -+#: ../semanage/seobject.py:1306 - #, python-format - msgid "Could not set type in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1301 -+#: ../semanage/seobject.py:1311 - #, python-format - msgid "Could not set mls fields in addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1305 -+#: ../semanage/seobject.py:1315 - #, python-format - msgid "Could not set addr context for %s" - msgstr "" - --#: ../semanage/seobject.py:1309 -+#: ../semanage/seobject.py:1319 - #, python-format - msgid "Could not add addr %s" - msgstr "" - --#: ../semanage/seobject.py:1337 ../semanage/seobject.py:1373 -+#: ../semanage/seobject.py:1347 ../semanage/seobject.py:1383 - #, python-format - msgid "Addr %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1341 -+#: ../semanage/seobject.py:1351 - #, python-format - msgid "Could not query addr %s" - msgstr "" - --#: ../semanage/seobject.py:1351 -+#: ../semanage/seobject.py:1361 - #, python-format - msgid "Could not modify addr %s" - msgstr "" - --#: ../semanage/seobject.py:1379 -+#: ../semanage/seobject.py:1389 - #, python-format - msgid "Addr %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1383 -+#: ../semanage/seobject.py:1393 - #, python-format - msgid "Could not delete addr %s" - msgstr "" - --#: ../semanage/seobject.py:1395 -+#: ../semanage/seobject.py:1405 - msgid "Could not deleteall node mappings" - msgstr "" - --#: ../semanage/seobject.py:1409 -+#: ../semanage/seobject.py:1419 - msgid "Could not list addrs" - msgstr "" - --#: ../semanage/seobject.py:1461 ../semanage/seobject.py:1752 -+#: ../semanage/seobject.py:1471 ../semanage/seobject.py:1766 - msgid "SELinux Type is required" - msgstr "" - --#: ../semanage/seobject.py:1469 ../semanage/seobject.py:1531 --#: ../semanage/seobject.py:1565 ../semanage/seobject.py:1571 -+#: ../semanage/seobject.py:1479 ../semanage/seobject.py:1541 -+#: ../semanage/seobject.py:1575 ../semanage/seobject.py:1581 - #, python-format - msgid "Could not check if interface %s is defined" - msgstr "" - --#: ../semanage/seobject.py:1476 -+#: ../semanage/seobject.py:1486 - #, python-format - msgid "Could not create interface for %s" - msgstr "" - --#: ../semanage/seobject.py:1485 -+#: ../semanage/seobject.py:1495 - #, python-format - msgid "Could not set user in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1489 -+#: ../semanage/seobject.py:1499 - #, python-format - msgid "Could not set role in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1493 -+#: ../semanage/seobject.py:1503 - #, python-format - msgid "Could not set type in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1498 -+#: ../semanage/seobject.py:1508 - #, python-format - msgid "Could not set mls fields in interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1502 -+#: ../semanage/seobject.py:1512 - #, python-format - msgid "Could not set interface context for %s" - msgstr "" - --#: ../semanage/seobject.py:1506 -+#: ../semanage/seobject.py:1516 - #, python-format - msgid "Could not set message context for %s" - msgstr "" - --#: ../semanage/seobject.py:1510 -+#: ../semanage/seobject.py:1520 - #, python-format - msgid "Could not add interface %s" - msgstr "" - --#: ../semanage/seobject.py:1533 ../semanage/seobject.py:1567 -+#: ../semanage/seobject.py:1543 ../semanage/seobject.py:1577 - #, python-format - msgid "Interface %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1537 -+#: ../semanage/seobject.py:1547 - #, python-format - msgid "Could not query interface %s" - msgstr "" - --#: ../semanage/seobject.py:1548 -+#: ../semanage/seobject.py:1558 - #, python-format - msgid "Could not modify interface %s" - msgstr "" - --#: ../semanage/seobject.py:1573 -+#: ../semanage/seobject.py:1583 - #, python-format - msgid "Interface %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1577 -+#: ../semanage/seobject.py:1587 - #, python-format - msgid "Could not delete interface %s" - msgstr "" - --#: ../semanage/seobject.py:1589 -+#: ../semanage/seobject.py:1599 - msgid "Could not delete all interface mappings" - msgstr "" - --#: ../semanage/seobject.py:1603 -+#: ../semanage/seobject.py:1613 - msgid "Could not list interfaces" - msgstr "" - --#: ../semanage/seobject.py:1628 -+#: ../semanage/seobject.py:1638 - msgid "SELinux Interface" - msgstr "" - --#: ../semanage/seobject.py:1628 ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1638 ../semanage/seobject.py:1988 - msgid "Context" - msgstr "" - --#: ../semanage/seobject.py:1691 -+#: ../semanage/seobject.py:1705 - #, python-format - msgid "Equivalence class for %s already exists" - msgstr "" - --#: ../semanage/seobject.py:1697 -+#: ../semanage/seobject.py:1711 - #, python-format - msgid "File spec %s conflicts with equivalency rule '%s %s'" - msgstr "" - --#: ../semanage/seobject.py:1706 -+#: ../semanage/seobject.py:1720 - #, python-format - msgid "Equivalence class for %s does not exists" - msgstr "" - --#: ../semanage/seobject.py:1720 -+#: ../semanage/seobject.py:1734 - #, python-format - msgid "Could not set user in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1724 -+#: ../semanage/seobject.py:1738 - #, python-format - msgid "Could not set role in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1729 ../semanage/seobject.py:1789 -+#: ../semanage/seobject.py:1743 ../semanage/seobject.py:1803 - #, python-format - msgid "Could not set mls fields in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1735 -+#: ../semanage/seobject.py:1749 - msgid "Invalid file specification" - msgstr "" - --#: ../semanage/seobject.py:1737 -+#: ../semanage/seobject.py:1751 - msgid "File specification can not include spaces" - msgstr "" - --#: ../semanage/seobject.py:1742 -+#: ../semanage/seobject.py:1756 - #, python-format - msgid "" - "File spec %s conflicts with equivalency rule '%s %s'; Try adding '%s' instead" - msgstr "" - --#: ../semanage/seobject.py:1755 -+#: ../semanage/seobject.py:1769 - #, python-format - msgid "Type %s is invalid, must be a file or device type" - msgstr "" - --#: ../semanage/seobject.py:1763 ../semanage/seobject.py:1768 --#: ../semanage/seobject.py:1824 ../semanage/seobject.py:1906 --#: ../semanage/seobject.py:1910 -+#: ../semanage/seobject.py:1777 ../semanage/seobject.py:1782 -+#: ../semanage/seobject.py:1838 ../semanage/seobject.py:1920 -+#: ../semanage/seobject.py:1924 - #, python-format - msgid "Could not check if file context for %s is defined" - msgstr "" - --#: ../semanage/seobject.py:1776 -+#: ../semanage/seobject.py:1790 - #, python-format - msgid "Could not create file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1784 -+#: ../semanage/seobject.py:1798 - #, python-format - msgid "Could not set type in file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1792 ../semanage/seobject.py:1852 --#: ../semanage/seobject.py:1856 -+#: ../semanage/seobject.py:1806 ../semanage/seobject.py:1866 -+#: ../semanage/seobject.py:1870 - #, python-format - msgid "Could not set file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1798 -+#: ../semanage/seobject.py:1812 - #, python-format - msgid "Could not add file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1812 -+#: ../semanage/seobject.py:1826 - msgid "Requires setype, serange or seuser" - msgstr "" - --#: ../semanage/seobject.py:1828 ../semanage/seobject.py:1914 -+#: ../semanage/seobject.py:1842 ../semanage/seobject.py:1928 - #, python-format - msgid "File context for %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:1834 -+#: ../semanage/seobject.py:1848 - #, python-format - msgid "Could not query file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1860 -+#: ../semanage/seobject.py:1874 - #, python-format - msgid "Could not modify file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1873 -+#: ../semanage/seobject.py:1887 - msgid "Could not list the file contexts" - msgstr "" - --#: ../semanage/seobject.py:1887 -+#: ../semanage/seobject.py:1901 - #, python-format - msgid "Could not delete the file context %s" - msgstr "" - --#: ../semanage/seobject.py:1912 -+#: ../semanage/seobject.py:1926 - #, python-format - msgid "File context for %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:1918 -+#: ../semanage/seobject.py:1932 - #, python-format - msgid "Could not delete file context for %s" - msgstr "" - --#: ../semanage/seobject.py:1933 -+#: ../semanage/seobject.py:1947 - msgid "Could not list file contexts" - msgstr "" - --#: ../semanage/seobject.py:1937 -+#: ../semanage/seobject.py:1951 - msgid "Could not list local file contexts" - msgstr "" - --#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 - msgid "SELinux fcontext" - msgstr "" - --#: ../semanage/seobject.py:1974 -+#: ../semanage/seobject.py:1988 - msgid "type" - msgstr "" - --#: ../semanage/seobject.py:1987 -+#: ../semanage/seobject.py:2001 - msgid "" - "\n" - "SELinux Distribution fcontext Equivalence \n" - msgstr "" - --#: ../semanage/seobject.py:1992 -+#: ../semanage/seobject.py:2006 - msgid "" - "\n" - "SELinux Local fcontext Equivalence \n" - msgstr "" - --#: ../semanage/seobject.py:2028 ../semanage/seobject.py:2079 --#: ../semanage/seobject.py:2085 -+#: ../semanage/seobject.py:2036 -+#, python-format -+msgid "Value Required for %s" -+msgstr "" -+ -+#: ../semanage/seobject.py:2045 ../semanage/seobject.py:2096 -+#: ../semanage/seobject.py:2102 - #, python-format - msgid "Could not check if boolean %s is defined" - msgstr "" - --#: ../semanage/seobject.py:2030 ../semanage/seobject.py:2081 -+#: ../semanage/seobject.py:2047 ../semanage/seobject.py:2098 - #, python-format - msgid "Boolean %s is not defined" - msgstr "" - --#: ../semanage/seobject.py:2034 -+#: ../semanage/seobject.py:2051 - #, python-format - msgid "Could not query file context %s" - msgstr "" - --#: ../semanage/seobject.py:2039 -+#: ../semanage/seobject.py:2056 - #, python-format - msgid "You must specify one of the following values: %s" - msgstr "" - --#: ../semanage/seobject.py:2044 -+#: ../semanage/seobject.py:2061 - #, python-format - msgid "Could not set active value of boolean %s" - msgstr "" - --#: ../semanage/seobject.py:2047 -+#: ../semanage/seobject.py:2064 - #, python-format - msgid "Could not modify boolean %s" - msgstr "" - --#: ../semanage/seobject.py:2063 -+#: ../semanage/seobject.py:2080 - #, python-format - msgid "Bad format %s: Record %s" - msgstr "" - --#: ../semanage/seobject.py:2087 -+#: ../semanage/seobject.py:2104 - #, python-format - msgid "Boolean %s is defined in policy, cannot be deleted" - msgstr "" - --#: ../semanage/seobject.py:2091 -+#: ../semanage/seobject.py:2108 - #, python-format - msgid "Could not delete boolean %s" - msgstr "" - --#: ../semanage/seobject.py:2103 ../semanage/seobject.py:2120 -+#: ../semanage/seobject.py:2120 ../semanage/seobject.py:2137 - msgid "Could not list booleans" - msgstr "" - --#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 - msgid "off" - msgstr "" - --#: ../semanage/seobject.py:2155 -+#: ../semanage/seobject.py:2172 - msgid "on" - msgstr "" - --#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 - msgid "SELinux boolean" - msgstr "" - --#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 - msgid "State" - msgstr "" - --#: ../semanage/seobject.py:2169 -+#: ../semanage/seobject.py:2186 - msgid "Default" - msgstr "" - --#: ../semanage/seobject.py:2169 ../gui/polgen.glade:113 -+#: ../semanage/seobject.py:2186 ../gui/polgen.glade:113 - #: ../gui/polgengui.py:269 - msgid "Description" - msgstr "" -@@ -988,206 +1001,226 @@ msgstr "" - msgid "Unable to clear environment\n" - msgstr "" - --#: ../newrole/newrole.c:556 ../newrole/newrole.c:587 ../newrole/newrole.c:617 -+#: ../newrole/newrole.c:554 ../newrole/newrole.c:585 ../newrole/newrole.c:616 - #, c-format - msgid "Error changing uid, aborting.\n" - msgstr "" - --#: ../newrole/newrole.c:612 -+#: ../newrole/newrole.c:611 - #, c-format - msgid "Error resetting KEEPCAPS, aborting\n" - msgstr "" - --#: ../newrole/newrole.c:635 -+#: ../newrole/newrole.c:634 - #, c-format - msgid "Error connecting to audit system.\n" - msgstr "" - --#: ../newrole/newrole.c:641 -+#: ../newrole/newrole.c:640 - #, c-format - msgid "Error allocating memory.\n" - msgstr "" - --#: ../newrole/newrole.c:648 -+#: ../newrole/newrole.c:647 - #, c-format - msgid "Error sending audit message.\n" - msgstr "" - --#: ../newrole/newrole.c:692 ../newrole/newrole.c:1058 -+#: ../newrole/newrole.c:691 ../newrole/newrole.c:1063 - #, c-format - msgid "Could not determine enforcing mode.\n" - msgstr "" - --#: ../newrole/newrole.c:699 -+#: ../newrole/newrole.c:698 - #, c-format - msgid "Error! Could not open %s.\n" - msgstr "" - --#: ../newrole/newrole.c:705 -+#: ../newrole/newrole.c:704 -+#, c-format -+msgid "Error! Could not clear O_NONBLOCK on %s\n" -+msgstr "" -+ -+#: ../newrole/newrole.c:710 - #, c-format - msgid "%s! Could not get current context for %s, not relabeling tty.\n" - msgstr "" - --#: ../newrole/newrole.c:715 -+#: ../newrole/newrole.c:720 - #, c-format - msgid "%s! Could not get new context for %s, not relabeling tty.\n" - msgstr "" - --#: ../newrole/newrole.c:725 -+#: ../newrole/newrole.c:730 - #, c-format - msgid "%s! Could not set new context for %s\n" - msgstr "" - --#: ../newrole/newrole.c:772 -+#: ../newrole/newrole.c:777 - #, c-format - msgid "%s changed labels.\n" - msgstr "" - --#: ../newrole/newrole.c:778 -+#: ../newrole/newrole.c:783 - #, c-format - msgid "Warning! Could not restore context for %s\n" - msgstr "" - --#: ../newrole/newrole.c:835 -+#: ../newrole/newrole.c:840 - #, c-format - msgid "Error: multiple roles specified\n" - msgstr "" - --#: ../newrole/newrole.c:843 -+#: ../newrole/newrole.c:848 - #, c-format - msgid "Error: multiple types specified\n" - msgstr "" - --#: ../newrole/newrole.c:850 -+#: ../newrole/newrole.c:855 - #, c-format - msgid "Sorry, -l may be used with SELinux MLS support.\n" - msgstr "" - --#: ../newrole/newrole.c:855 -+#: ../newrole/newrole.c:860 - #, c-format - msgid "Error: multiple levels specified\n" - msgstr "" - --#: ../newrole/newrole.c:865 -+#: ../newrole/newrole.c:870 - #, c-format - msgid "Error: you are not allowed to change levels on a non secure terminal \n" - msgstr "" - --#: ../newrole/newrole.c:891 -+#: ../newrole/newrole.c:896 - #, c-format - msgid "Couldn't get default type.\n" - msgstr "" - --#: ../newrole/newrole.c:901 -+#: ../newrole/newrole.c:906 - #, c-format - msgid "failed to get new context.\n" - msgstr "" - --#: ../newrole/newrole.c:908 -+#: ../newrole/newrole.c:913 - #, c-format - msgid "failed to set new role %s\n" - msgstr "" - --#: ../newrole/newrole.c:915 -+#: ../newrole/newrole.c:920 - #, c-format - msgid "failed to set new type %s\n" - msgstr "" - --#: ../newrole/newrole.c:925 -+#: ../newrole/newrole.c:930 - #, c-format - msgid "failed to build new range with level %s\n" - msgstr "" - --#: ../newrole/newrole.c:930 -+#: ../newrole/newrole.c:935 - #, c-format - msgid "failed to set new range %s\n" - msgstr "" - --#: ../newrole/newrole.c:938 -+#: ../newrole/newrole.c:943 - #, c-format - msgid "failed to convert new context to string\n" - msgstr "" - --#: ../newrole/newrole.c:943 -+#: ../newrole/newrole.c:948 - #, c-format - msgid "%s is not a valid context\n" - msgstr "" - --#: ../newrole/newrole.c:950 -+#: ../newrole/newrole.c:955 - #, c-format - msgid "Unable to allocate memory for new_context" - msgstr "" - --#: ../newrole/newrole.c:976 -+#: ../newrole/newrole.c:981 - #, c-format - msgid "Unable to obtain empty signal set\n" - msgstr "" - --#: ../newrole/newrole.c:984 -+#: ../newrole/newrole.c:989 - #, c-format - msgid "Unable to set SIGHUP handler\n" - msgstr "" - --#: ../newrole/newrole.c:1036 -+#: ../newrole/newrole.c:1041 - msgid "Sorry, newrole failed to drop capabilities\n" - msgstr "" - --#: ../newrole/newrole.c:1052 -+#: ../newrole/newrole.c:1057 - #, c-format - msgid "Sorry, newrole may be used only on a SELinux kernel.\n" - msgstr "" - --#: ../newrole/newrole.c:1069 -+#: ../newrole/newrole.c:1074 - #, c-format - msgid "failed to get old_context.\n" - msgstr "" - --#: ../newrole/newrole.c:1076 -+#: ../newrole/newrole.c:1081 - #, c-format - msgid "Warning! Could not retrieve tty information.\n" - msgstr "" - --#: ../newrole/newrole.c:1097 -+#: ../newrole/newrole.c:1102 - #, c-format - msgid "error on reading PAM service configuration.\n" - msgstr "" - --#: ../newrole/newrole.c:1132 -+#: ../newrole/newrole.c:1137 - #, c-format - msgid "newrole: incorrect password for %s\n" - msgstr "" - --#: ../newrole/newrole.c:1159 -+#: ../newrole/newrole.c:1164 - #, c-format - msgid "newrole: failure forking: %s" - msgstr "" - --#: ../newrole/newrole.c:1162 ../newrole/newrole.c:1185 -+#: ../newrole/newrole.c:1167 ../newrole/newrole.c:1190 - #, c-format - msgid "Unable to restore tty label...\n" - msgstr "" - --#: ../newrole/newrole.c:1164 ../newrole/newrole.c:1191 -+#: ../newrole/newrole.c:1169 ../newrole/newrole.c:1196 - #, c-format - msgid "Failed to close tty properly\n" - msgstr "" - --#: ../newrole/newrole.c:1223 -+#: ../newrole/newrole.c:1228 - #, c-format - msgid "Could not close descriptors.\n" - msgstr "" - --#: ../newrole/newrole.c:1250 -+#: ../newrole/newrole.c:1263 - #, c-format - msgid "Error allocating shell's argv0.\n" - msgstr "" - --#: ../newrole/newrole.c:1286 -+#: ../newrole/newrole.c:1285 -+#, c-format -+msgid "Failed to send audit message" -+msgstr "" -+ -+#: ../newrole/newrole.c:1293 -+#, c-format -+msgid "Failed to transition to namespace\n" -+msgstr "" -+ -+#: ../newrole/newrole.c:1299 -+#, c-format -+msgid "Failed to drop capabilities %m\n" -+msgstr "" -+ -+#: ../newrole/newrole.c:1304 - #, c-format - msgid "Unable to restore the environment, aborting\n" - msgstr "" - --#: ../newrole/newrole.c:1297 -+#: ../newrole/newrole.c:1315 - msgid "failed to exec shell\n" - msgstr "" - -@@ -1414,7 +1447,7 @@ msgstr "" - msgid "Applications" - msgstr "" - --#: ../gui/polgen.glade:316 ../sepolicy/sepolicy/generate.py:171 -+#: ../gui/polgen.glade:316 ../sepolicy/sepolicy/generate.py:130 - msgid "Standard Init Daemon" - msgstr "" - -@@ -1424,7 +1457,7 @@ msgid "" - "requires a script in /etc/rc.d/init.d" - msgstr "" - --#: ../gui/polgen.glade:332 ../sepolicy/sepolicy/generate.py:172 -+#: ../gui/polgen.glade:332 ../sepolicy/sepolicy/generate.py:131 - msgid "DBUS System Daemon" - msgstr "" - -@@ -1436,7 +1469,7 @@ msgstr "" - msgid "Internet Services Daemon are daemons started by xinetd" - msgstr "" - --#: ../gui/polgen.glade:366 ../sepolicy/sepolicy/generate.py:174 -+#: ../gui/polgen.glade:366 ../sepolicy/sepolicy/generate.py:133 - msgid "Web Application/Script (CGI)" - msgstr "" - -@@ -1445,7 +1478,7 @@ msgid "" - "Web Applications/Script (CGI) CGI scripts started by the web server (apache)" - msgstr "" - --#: ../gui/polgen.glade:383 ../sepolicy/sepolicy/generate.py:176 -+#: ../gui/polgen.glade:383 ../sepolicy/sepolicy/generate.py:135 - msgid "User Application" - msgstr "" - -@@ -1455,7 +1488,7 @@ msgid "" - "started by a user" - msgstr "" - --#: ../gui/polgen.glade:400 ../sepolicy/sepolicy/generate.py:175 -+#: ../gui/polgen.glade:400 ../sepolicy/sepolicy/generate.py:134 - msgid "Sandbox" - msgstr "" - -@@ -2159,261 +2192,322 @@ msgstr "" - msgid "SELinux user '%s' is required" - msgstr "" - --#: ../sepolicy/sepolicy.py:202 -+#: ../sepolicy/sepolicy.py:183 -+#, python-format -+msgid "Interface %s does not exist." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:267 - msgid "Generate SELinux man pages" - msgstr "" - --#: ../sepolicy/sepolicy.py:205 -+#: ../sepolicy/sepolicy.py:270 - msgid "path in which the generated SELinux man pages will be stored" - msgstr "" - --#: ../sepolicy/sepolicy.py:207 -+#: ../sepolicy/sepolicy.py:272 - msgid "name of the OS for man pages" - msgstr "" - --#: ../sepolicy/sepolicy.py:209 -+#: ../sepolicy/sepolicy.py:274 - msgid "Generate HTML man pages structure for selected SELinux man page" - msgstr "" - --#: ../sepolicy/sepolicy.py:213 -+#: ../sepolicy/sepolicy.py:276 -+msgid "Alternate root directory, defaults to /" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:280 - msgid "All domains" - msgstr "" - --#: ../sepolicy/sepolicy.py:216 -+#: ../sepolicy/sepolicy.py:283 - msgid "Domain name(s) of man pages to be created" - msgstr "" - --#: ../sepolicy/sepolicy.py:221 -+#: ../sepolicy/sepolicy.py:288 - msgid "Query SELinux policy network information" - msgstr "" - --#: ../sepolicy/sepolicy.py:226 -+#: ../sepolicy/sepolicy.py:293 - msgid "list all SELinux port types" - msgstr "" - --#: ../sepolicy/sepolicy.py:229 -+#: ../sepolicy/sepolicy.py:296 - msgid "show SELinux type related to the port" - msgstr "" - --#: ../sepolicy/sepolicy.py:232 -+#: ../sepolicy/sepolicy.py:299 - msgid "Show ports defined for this SELinux type" - msgstr "" - --#: ../sepolicy/sepolicy.py:235 -+#: ../sepolicy/sepolicy.py:302 - msgid "show ports to which this domain can bind and/or connect" - msgstr "" - --#: ../sepolicy/sepolicy.py:250 -+#: ../sepolicy/sepolicy.py:317 - msgid "query SELinux policy to see if domains can communicate with each other" - msgstr "" - --#: ../sepolicy/sepolicy.py:253 -+#: ../sepolicy/sepolicy.py:320 - msgid "Source Domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:256 -+#: ../sepolicy/sepolicy.py:323 - msgid "Target Domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:276 -+#: ../sepolicy/sepolicy.py:342 - msgid "query SELinux Policy to see description of booleans" - msgstr "" - --#: ../sepolicy/sepolicy.py:280 -+#: ../sepolicy/sepolicy.py:346 - msgid "get all booleans descriptions" - msgstr "" - --#: ../sepolicy/sepolicy.py:282 -+#: ../sepolicy/sepolicy.py:349 - msgid "boolean to get description" - msgstr "" - --#: ../sepolicy/sepolicy.py:301 -+#: ../sepolicy/sepolicy.py:359 - msgid "" - "query SELinux Policy to see how a source process domain can transition to " - "the target process domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:304 -+#: ../sepolicy/sepolicy.py:362 - msgid "source process domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:307 -+#: ../sepolicy/sepolicy.py:365 - msgid "target process domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:327 -+#: ../sepolicy/sepolicy.py:408 -+#, python-format -+msgid "sepolicy generate: error: one of the arguments %s is required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:413 - msgid "Command required for this type of policy" - msgstr "" - --#: ../sepolicy/sepolicy.py:347 -+#: ../sepolicy/sepolicy.py:424 -+msgid "" -+"-t option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:429 -+msgid "" -+"-d option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:433 -+msgid "" -+"-a option can not be used with this option. Read usage for more details." -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:452 - msgid "List SELinux Policy interfaces" - msgstr "" - --#: ../sepolicy/sepolicy.py:362 -+#: ../sepolicy/sepolicy.py:470 -+msgid "Enter interface names, you wish to query" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:479 - msgid "Generate SELinux Policy module template" - msgstr "" - --#: ../sepolicy/sepolicy.py:365 -+#: ../sepolicy/sepolicy.py:482 - msgid "Enter domain type which you will be extending" - msgstr "" - --#: ../sepolicy/sepolicy.py:368 -+#: ../sepolicy/sepolicy.py:485 - msgid "Enter SELinux user(s) which will transition to this domain" - msgstr "" - --#: ../sepolicy/sepolicy.py:371 -+#: ../sepolicy/sepolicy.py:488 - msgid "Enter domain(s) that this confined admin will administrate" - msgstr "" - --#: ../sepolicy/sepolicy.py:374 -+#: ../sepolicy/sepolicy.py:491 - msgid "name of policy to generate" - msgstr "" - --#: ../sepolicy/sepolicy.py:378 -+#: ../sepolicy/sepolicy.py:498 - msgid "path in which the generated policy files will be stored" - msgstr "" - --#: ../sepolicy/sepolicy.py:380 --msgid "executable to confine" -+#: ../sepolicy/sepolicy.py:500 -+msgid "path to which the confined processes will need to write" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:501 -+msgid "Policy types which require a command" - msgstr "" - --#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387 --#: ../sepolicy/sepolicy.py:390 ../sepolicy/sepolicy.py:393 --#: ../sepolicy/sepolicy.py:396 ../sepolicy/sepolicy.py:399 --#: ../sepolicy/sepolicy.py:402 ../sepolicy/sepolicy.py:405 --#: ../sepolicy/sepolicy.py:408 ../sepolicy/sepolicy.py:411 --#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 -+#: ../sepolicy/sepolicy.py:505 ../sepolicy/sepolicy.py:508 -+#: ../sepolicy/sepolicy.py:511 ../sepolicy/sepolicy.py:514 -+#: ../sepolicy/sepolicy.py:517 ../sepolicy/sepolicy.py:523 -+#: ../sepolicy/sepolicy.py:526 ../sepolicy/sepolicy.py:529 -+#: ../sepolicy/sepolicy.py:535 ../sepolicy/sepolicy.py:538 -+#: ../sepolicy/sepolicy.py:541 ../sepolicy/sepolicy.py:544 - #, python-format --msgid "Generate Policy for %s" -+msgid "Generate '%s' policy" - msgstr "" - --#: ../sepolicy/sepolicy.py:422 -+#: ../sepolicy/sepolicy.py:532 -+#, python-format -+msgid "Generate '%s' policy " -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:546 -+msgid "executable to confine" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:551 - msgid "commands" - msgstr "" - --#: ../sepolicy/sepolicy.py:425 -+#: ../sepolicy/sepolicy.py:554 - msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:48 -+#: ../sepolicy/sepolicy/__init__.py:72 - msgid "No SELinux Policy installed" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:54 -+#: ../sepolicy/sepolicy/__init__.py:243 - #, python-format - msgid "Failed to read %s policy file" - msgstr "" - --#: ../sepolicy/sepolicy/__init__.py:127 -+#: ../sepolicy/sepolicy/__init__.py:302 - msgid "unknown" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:173 -+#: ../sepolicy/sepolicy/generate.py:132 - msgid "Internet Services Daemon" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:177 -+#: ../sepolicy/sepolicy/generate.py:136 - msgid "Existing Domain Type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:178 -+#: ../sepolicy/sepolicy/generate.py:137 - msgid "Minimal Terminal Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:179 -+#: ../sepolicy/sepolicy/generate.py:138 - msgid "Minimal X Windows Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:180 -+#: ../sepolicy/sepolicy/generate.py:139 - msgid "Desktop Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:181 -+#: ../sepolicy/sepolicy/generate.py:140 - msgid "Administrator Login User Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:182 -+#: ../sepolicy/sepolicy/generate.py:141 - msgid "Confined Root Administrator Role" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:187 -+#: ../sepolicy/sepolicy/generate.py:142 -+msgid "Module information for a new type" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:147 - msgid "Valid Types:\n" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:221 -+#: ../sepolicy/sepolicy/generate.py:181 - #, python-format - msgid "Ports must be numbers or ranges of numbers from 1 to %d " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:231 -+#: ../sepolicy/sepolicy/generate.py:192 - msgid "You must enter a valid policy type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:234 -+#: ../sepolicy/sepolicy/generate.py:195 - #, python-format - msgid "You must enter a name for your policy module for your %s." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:355 -+#: ../sepolicy/sepolicy/generate.py:327 - msgid "" - "Name must be alpha numberic with no spaces. Consider using option \"-n " - "MODULENAME\"" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:447 -+#: ../sepolicy/sepolicy/generate.py:419 - msgid "User Role types can not be assigned executables." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:453 -+#: ../sepolicy/sepolicy/generate.py:425 - msgid "Only Daemon apps can use an init script.." - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:471 -+#: ../sepolicy/sepolicy/generate.py:443 - msgid "use_resolve must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:477 -+#: ../sepolicy/sepolicy/generate.py:449 - msgid "use_syslog must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:483 -+#: ../sepolicy/sepolicy/generate.py:455 - msgid "use_kerberos must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:489 -+#: ../sepolicy/sepolicy/generate.py:461 - msgid "manage_krb5_rcache must be a boolean value " - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:519 -+#: ../sepolicy/sepolicy/generate.py:491 - msgid "USER Types automatically get a tmp type" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:857 -+#: ../sepolicy/sepolicy/generate.py:832 - #, python-format - msgid "%s policy modules require existing domains" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1059 -+#: ../sepolicy/sepolicy/generate.py:857 -+msgid "Type field required" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:869 -+#, python-format -+msgid "" -+"You need to define a new type which ends with: \n" -+" %s" -+msgstr "" -+ -+#: ../sepolicy/sepolicy/generate.py:1088 - msgid "You must enter the executable path for your confined process" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1321 -+#: ../sepolicy/sepolicy/generate.py:1351 - msgid "Type Enforcement file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1322 -+#: ../sepolicy/sepolicy/generate.py:1352 - msgid "Interface file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1323 -+#: ../sepolicy/sepolicy/generate.py:1353 - msgid "File Contexts file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1324 -+#: ../sepolicy/sepolicy/generate.py:1354 - msgid "Spec file" - msgstr "" - --#: ../sepolicy/sepolicy/generate.py:1325 -+#: ../sepolicy/sepolicy/generate.py:1355 - msgid "Setup Script" - msgstr "" - -@@ -2428,11 +2522,11 @@ msgid "" - msgstr "" - - #: booleans.py:3 --msgid "Allow amavis to use JIT compiler" -+msgid "Allow antivirus programs to read non security files on a system" - msgstr "" - - #: booleans.py:4 --msgid "Allow antivirus programs to read non security files on a system" -+msgid "Determine whether can antivirus programs use JIT compiler." - msgstr "" - - #: booleans.py:5 -@@ -2454,50 +2548,54 @@ msgid "Allow users to login using a yubikey server" - msgstr "" - - #: booleans.py:9 --msgid "Allow awstats to purge Apache logs" -+msgid "Determine whether awstats can purge httpd log files." - msgstr "" - - #: booleans.py:10 - msgid "" --"Allow cdrecord to read various content. nfs, samba, removable devices, user " --"temp and untrusted content files" -+"Determine whether cdrecord can read various content. nfs, samba, removable " -+"devices, user temp and untrusted content files" - msgstr "" - - #: booleans.py:11 --msgid "Allow clamd to use JIT compiler" -+msgid "" -+"Allow cluster administrative domains to connect to the network using TCP." - msgstr "" - - #: booleans.py:12 --msgid "Allow clamscan to non security files on a system" -+msgid "Allow cluster administrative domains to manage all files on a system." - msgstr "" - - #: booleans.py:13 --msgid "Allow clamscan to read user content" -+msgid "" -+"Allow cluster administrative cluster domains memcheck-amd64- to use " -+"executable memory" - msgstr "" - - #: booleans.py:14 - msgid "" --"Allow Cobbler to modify public files used for public file transfer services." -+"Determine whether Cobbler can modify public files used for public file " -+"transfer services." - msgstr "" - - #: booleans.py:15 --msgid "Allow Cobbler to connect to the network using TCP." -+msgid "Determine whether Cobbler can connect to the network using TCP." - msgstr "" - - #: booleans.py:16 --msgid "Allow Cobbler to access cifs file systems." -+msgid "Determine whether Cobbler can access cifs file systems." - msgstr "" - - #: booleans.py:17 --msgid "Allow Cobbler to access nfs file systems." -+msgid "Determine whether Cobbler can access nfs file systems." - msgstr "" - - #: booleans.py:18 --msgid "Allow collectd to connect to the network using TCP." -+msgid "Determine whether collectd can connect to the network using TCP." - msgstr "" - - #: booleans.py:19 --msgid "Allow codnor domain to connect to the network using TCP." -+msgid "Determine whether Condor can connect to the network using TCP." - msgstr "" - - #: booleans.py:20 -@@ -2506,7 +2604,7 @@ msgid "" - msgstr "" - - #: booleans.py:21 --msgid "Allow cvs daemon to read shadow" -+msgid "Determine whether cvs can read shadow password files." - msgstr "" - - #: booleans.py:22 -@@ -2522,951 +2620,1000 @@ msgid "Allow all daemons the ability to read/write terminals" - msgstr "" - - #: booleans.py:25 --msgid "Allow dan to manage user files" -+msgid "Determine whether dbadm can manage generic user files." - msgstr "" - - #: booleans.py:26 --msgid "Allow dan to read user files" -+msgid "Determine whether dbadm can read generic user files." - msgstr "" - - #: booleans.py:27 --msgid "Allow dbadm to manage files in users home directories" -+msgid "" -+"Deny user domains applications to map a memory region as both executable and " -+"writable, this is dangerous and the executable should be reported in bugzilla" - msgstr "" - - #: booleans.py:28 --msgid "Allow dbadm to read files in users home directories" -+msgid "Deny any process from ptracing or debugging any other processes." - msgstr "" - - #: booleans.py:29 --msgid "" --"Deny user domains applications to map a memory region as both executable and " --"writable, this is dangerous and the executable should be reported in bugzilla" -+msgid "Allow dhcpc client applications to execute iptables commands" - msgstr "" - - #: booleans.py:30 --msgid "Allow sysadm to debug or ptrace all processes." -+msgid "Determine whether DHCP daemon can use LDAP backends." - msgstr "" - - #: booleans.py:31 --msgid "Allow dhcpc client applications to execute iptables commands" -+msgid "Allow all domains to use other domains file descriptors" - msgstr "" - - #: booleans.py:32 --msgid "Allow DHCP daemon to use LDAP backends" -+msgid "Allow all domains to have the kernel load modules" - msgstr "" - - #: booleans.py:33 --msgid "Allow all domains to use other domains file descriptors" -+msgid "" -+"Determine whether entropyd can use audio devices as the source for the " -+"entropy feeds." - msgstr "" - - #: booleans.py:34 --msgid "Allow all domains to have the kernel load modules" -+msgid "Determine whether exim can connect to databases." - msgstr "" - - #: booleans.py:35 --msgid "Allow the use of the audio devices as the source for the entropy feeds" -+msgid "" -+"Determine whether exim can create, read, write, and delete generic user " -+"content files." - msgstr "" - - #: booleans.py:36 --msgid "Allow exim to connect to databases (postgres, mysql)" -+msgid "Determine whether exim can read generic user content files." - msgstr "" - - #: booleans.py:37 --msgid "Allow exim to create, read, write, and delete unprivileged user files." -+msgid "Enable extra rules in the cron domain to support fcron." - msgstr "" - - #: booleans.py:38 --msgid "Allow exim to read unprivileged user files." -+msgid "Determine whether fenced can connect to the TCP network." - msgstr "" - - #: booleans.py:39 --msgid "Enable extra rules in the cron domain to support fcron." -+msgid "Determine whether fenced can use ssh." - msgstr "" - - #: booleans.py:40 --msgid "Allow fenced domain to connect to the network using TCP." -+msgid "Allow all domains to execute in fips_mode" - msgstr "" - - #: booleans.py:41 --msgid "Allow fenced domain to execute ssh." -+msgid "" -+"Determine whether ftpd can read and write files in user home directories." - msgstr "" - - #: booleans.py:42 --msgid "Allow all domains to execute in fips_mode" -+msgid "" -+"Determine whether ftpd can modify public files used for public file transfer " -+"services. Directories/Files must be labeled public_content_rw_t." - msgstr "" - - #: booleans.py:43 --msgid "Allow ftp to read and write files in the user home directories" -+msgid "Determine whether ftpd can connect to all unreserved ports." - msgstr "" - - #: booleans.py:44 --msgid "" --"Allow ftp servers to upload files, used for public file transfer services. " --"Directories must be labeled public_content_rw_t." -+msgid "Determine whether ftpd can connect to databases over the TCP network." - msgstr "" - - #: booleans.py:45 --msgid "Allow ftp servers to connect to all ports > 1023" -+msgid "" -+"Determine whether ftpd can login to local users and can read and write all " -+"files on the system, governed by DAC." - msgstr "" - - #: booleans.py:46 --msgid "Allow ftp servers to connect to mysql database ports" -+msgid "" -+"Determine whether ftpd can use CIFS used for public file transfer services." - msgstr "" - --#: booleans.py:47 --msgid "" --"Allow ftp servers to login to local users and read/write all files on the " --"system, governed by DAC." -+#: booleans.py:47 booleans.py:166 -+msgid "Allow samba to export ntfs/fusefs volumes." - msgstr "" - - #: booleans.py:48 --msgid "Allow ftp servers to use cifs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can use NFS used for public file transfer services." - msgstr "" - - #: booleans.py:49 --msgid "Allow ftp servers to use nfs used for public file transfer services." -+msgid "" -+"Determine whether ftpd can bind to all unreserved ports for passive mode." - msgstr "" - - #: booleans.py:50 --msgid "Allow ftp servers to use bind to all unreserved ports for passive mode" --msgstr "" -- --#: booleans.py:51 - msgid "Determine whether Git CGI can search home directories." - msgstr "" - --#: booleans.py:52 -+#: booleans.py:51 - msgid "Determine whether Git CGI can access cifs file systems." - msgstr "" - --#: booleans.py:53 -+#: booleans.py:52 - msgid "Determine whether Git CGI can access nfs file systems." - msgstr "" - --#: booleans.py:54 -+#: booleans.py:53 - msgid "" - "Determine whether Git session daemon can bind TCP sockets to all unreserved " - "ports." - msgstr "" - --#: booleans.py:55 -+#: booleans.py:54 - msgid "" - "Determine whether calling user domains can execute Git daemon in the " - "git_session_t domain." - msgstr "" - --#: booleans.py:56 -+#: booleans.py:55 - msgid "Determine whether Git system daemon can search home directories." - msgstr "" - --#: booleans.py:57 -+#: booleans.py:56 - msgid "Determine whether Git system daemon can access cifs file systems." - msgstr "" - --#: booleans.py:58 -+#: booleans.py:57 - msgid "Determine whether Git system daemon can access nfs file systems." - msgstr "" - -+#: booleans.py:58 -+msgid "Determine whether Gitosis can send mail." -+msgstr "" -+ - #: booleans.py:59 --msgid "Allow gitisis daemon to send mail" -+msgid "Enable reading of urandom for all domains." - msgstr "" - - #: booleans.py:60 --msgid "Enable reading of urandom for all domains." -+msgid "" -+"Allow glusterfsd to modify public files used for public file transfer " -+"services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - - #: booleans.py:61 -+msgid "Allow glusterfsd to share any file/directory read only." -+msgstr "" -+ -+#: booleans.py:62 -+msgid "Allow glusterfsd to share any file/directory read/write." -+msgstr "" -+ -+#: booleans.py:63 - msgid "" - "Allow usage of the gpg-agent --write-env-file option. This also allows gpg-" - "agent to manage user files." - msgstr "" - --#: booleans.py:62 -+#: booleans.py:64 - msgid "" - "Allow gpg web domain to modify public files used for public file transfer " - "services." - msgstr "" - --#: booleans.py:63 -+#: booleans.py:65 - msgid "Allow gssd to read temp directory. For access to kerberos tgt." - msgstr "" - --#: booleans.py:64 -+#: booleans.py:66 - msgid "Allow guest to exec content" - msgstr "" - --#: booleans.py:65 -+#: booleans.py:67 - msgid "" - "Allow Apache to modify public files used for public file transfer services. " - "Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:66 -+#: booleans.py:68 - msgid "Allow httpd to use built in scripting (usually php)" - msgstr "" - --#: booleans.py:67 -+#: booleans.py:69 - msgid "Allow http daemon to check spam" - msgstr "" - --#: booleans.py:68 -+#: booleans.py:70 - msgid "" - "Allow httpd to act as a FTP client connecting to the ftp port and ephemeral " - "ports" - msgstr "" - --#: booleans.py:69 -+#: booleans.py:71 - msgid "Allow httpd to connect to the ldap port" - msgstr "" - --#: booleans.py:70 -+#: booleans.py:72 - msgid "Allow http daemon to connect to zabbix" - msgstr "" - --#: booleans.py:71 -+#: booleans.py:73 - msgid "Allow HTTPD scripts and modules to connect to the network using TCP." - msgstr "" - --#: booleans.py:72 -+#: booleans.py:74 - msgid "Allow HTTPD scripts and modules to connect to cobbler over the network." - msgstr "" - --#: booleans.py:73 -+#: booleans.py:75 - msgid "" - "Allow HTTPD scripts and modules to connect to databases over the network." - msgstr "" - --#: booleans.py:74 -+#: booleans.py:76 - msgid "Allow httpd to connect to memcache server" - msgstr "" - --#: booleans.py:75 -+#: booleans.py:77 - msgid "Allow httpd to act as a relay" - msgstr "" - --#: booleans.py:76 -+#: booleans.py:78 - msgid "Allow http daemon to send mail" - msgstr "" - --#: booleans.py:77 -+#: booleans.py:79 - msgid "Allow Apache to communicate with avahi service via dbus" - msgstr "" - --#: booleans.py:78 -+#: booleans.py:80 - msgid "Allow httpd cgi support" - msgstr "" - --#: booleans.py:79 -+#: booleans.py:81 - msgid "Allow httpd to act as a FTP server by listening on the ftp port." - msgstr "" - --#: booleans.py:80 -+#: booleans.py:82 - msgid "Allow httpd to read home directories" - msgstr "" - --#: booleans.py:81 -+#: booleans.py:83 - msgid "Allow httpd scripts and modules execmem/execstack" - msgstr "" - --#: booleans.py:82 -+#: booleans.py:84 - msgid "Allow HTTPD to connect to port 80 for graceful shutdown" - msgstr "" - --#: booleans.py:83 -+#: booleans.py:85 - msgid "Allow httpd processes to manage IPA content" - msgstr "" - --#: booleans.py:84 -+#: booleans.py:86 - msgid "Allow Apache to use mod_auth_ntlm_winbind" - msgstr "" - --#: booleans.py:85 -+#: booleans.py:87 - msgid "Allow Apache to use mod_auth_pam" - msgstr "" - --#: booleans.py:86 -+#: booleans.py:88 - msgid "Allow httpd to read user content" - msgstr "" - --#: booleans.py:87 -+#: booleans.py:89 - msgid "Allow Apache to run in stickshift mode, not transition to passenger" - msgstr "" - --#: booleans.py:88 -+#: booleans.py:90 -+msgid "Allow HTTPD scripts and modules to server cobbler files." -+msgstr "" -+ -+#: booleans.py:91 - msgid "Allow httpd daemon to change its resource limits" - msgstr "" - --#: booleans.py:89 -+#: booleans.py:92 - msgid "" - "Allow HTTPD to run SSI executables in the same domain as system CGI scripts." - msgstr "" - --#: booleans.py:90 -+#: booleans.py:93 - msgid "" - "Allow apache scripts to write to public content, directories/files must be " - "labeled public_rw_content_t." - msgstr "" - --#: booleans.py:91 -+#: booleans.py:94 - msgid "Allow Apache to execute tmp content." - msgstr "" - --#: booleans.py:92 -+#: booleans.py:95 - msgid "" - "Unify HTTPD to communicate with the terminal. Needed for entering the " - "passphrase for certificates at the terminal." - msgstr "" - --#: booleans.py:93 -+#: booleans.py:96 - msgid "Unify HTTPD handling of all content files." - msgstr "" - --#: booleans.py:94 -+#: booleans.py:97 - msgid "Allow httpd to access cifs file systems" - msgstr "" - --#: booleans.py:95 -+#: booleans.py:98 - msgid "Allow httpd to access FUSE file systems" - msgstr "" - --#: booleans.py:96 -+#: booleans.py:99 - msgid "Allow httpd to run gpg" - msgstr "" - --#: booleans.py:97 -+#: booleans.py:100 - msgid "Allow httpd to access nfs file systems" - msgstr "" - --#: booleans.py:98 -+#: booleans.py:101 - msgid "Allow httpd to communicate with oddjob to start up a service" - msgstr "" - --#: booleans.py:99 -+#: booleans.py:102 - msgid "Allow httpd to access openstack ports" - msgstr "" - --#: booleans.py:100 -+#: booleans.py:103 - msgid "Allow Apache to query NS records" - msgstr "" - --#: booleans.py:101 --msgid "Allow icecast to connect to all ports, not just sound ports." -+#: booleans.py:104 -+msgid "Determine whether icecast can listen on and connect to any TCP port." - msgstr "" - --#: booleans.py:102 -+#: booleans.py:105 -+msgid "" -+"Determine whether irc clients can listen on and connect to any unreserved " -+"TCP ports." -+msgstr "" -+ -+#: booleans.py:106 - msgid "" - "Allow the Irssi IRC Client to connect to any port, and to bind to any " - "unreserved port." - msgstr "" - --#: booleans.py:103 -+#: booleans.py:107 - msgid "Allow confined applications to run with kerberos." - msgstr "" - --#: booleans.py:104 --msgid "Allow syslogd daemon to send mail" -+#: booleans.py:108 -+msgid "Allow ksmtuned to use cifs/Samba file systems" - msgstr "" - --#: booleans.py:105 --msgid "Allow syslogd the ability to read/write terminals" -+#: booleans.py:109 -+msgid "Allow ksmtuned to use nfs file systems" - msgstr "" - --#: booleans.py:106 -+#: booleans.py:110 -+msgid "Allow syslogd daemon to send mail" -+msgstr "" -+ -+#: booleans.py:111 -+msgid "Allow syslogd the ability to read/write terminals" -+msgstr "" -+ -+#: booleans.py:112 - msgid "Allow logging in and using the system from /dev/console." - msgstr "" - --#: booleans.py:107 -+#: booleans.py:113 -+msgid "Allow mailman to access FUSE file systems" -+msgstr "" -+ -+#: booleans.py:114 -+msgid "Determine whether mcelog supports client mode." -+msgstr "" -+ -+#: booleans.py:115 -+msgid "Determine whether mcelog can execute scripts." -+msgstr "" -+ -+#: booleans.py:116 -+msgid "Determine whether mcelog can use all the user ttys." -+msgstr "" -+ -+#: booleans.py:117 -+msgid "Determine whether mcelog supports server mode." -+msgstr "" -+ -+#: booleans.py:118 - msgid "" - "Control the ability to mmap a low area of the address space, as configured " - "by /proc/sys/kernel/mmap_min_addr." - msgstr "" - --#: booleans.py:108 -+#: booleans.py:119 - msgid "Allow mock to read files in home directories." - msgstr "" - --#: booleans.py:109 -+#: booleans.py:120 - msgid "Allow the mount command to mount any directory or file." - msgstr "" - --#: booleans.py:110 -+#: booleans.py:121 - msgid "Allow mozilla plugin domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:111 --msgid "" --"Allow mozilla_plugins to create random content in the users home directory" -+#: booleans.py:122 -+msgid "Allow confined web browsers to read home directory content" - msgstr "" - --#: booleans.py:112 --msgid "Allow confined web browsers to read home directory content" -+#: booleans.py:123 -+msgid "Determine whether mpd can traverse user home directories." - msgstr "" - --#: booleans.py:113 --msgid "Allow mplayer executable stack" -+#: booleans.py:124 -+msgid "Determine whether mpd can use cifs file systems." - msgstr "" - --#: booleans.py:114 -+#: booleans.py:125 -+msgid "Determine whether mpd can use nfs file systems." -+msgstr "" -+ -+#: booleans.py:126 -+msgid "Determine whether mplayer can make its stack executable." -+msgstr "" -+ -+#: booleans.py:127 - msgid "Allow mysqld to connect to all ports" - msgstr "" - --#: booleans.py:115 --msgid "Allow BIND to bind apache port." -+#: booleans.py:128 -+msgid "Determine whether Bind can bind tcp socket to http ports." - msgstr "" - --#: booleans.py:116 -+#: booleans.py:129 - msgid "" --"Allow BIND to write the master zone files. Generally this is used for " --"dynamic DNS or zone transfers." -+"Determine whether Bind can write to master zone files. Generally this is " -+"used for dynamic DNS or zone transfers." - msgstr "" - --#: booleans.py:117 -+#: booleans.py:130 - msgid "Allow any files/directories to be exported read/only via NFS." - msgstr "" - --#: booleans.py:118 -+#: booleans.py:131 - msgid "Allow any files/directories to be exported read/write via NFS." - msgstr "" - --#: booleans.py:119 -+#: booleans.py:132 - msgid "" - "Allow nfs servers to modify public files used for public file transfer " - "services. Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:120 -+#: booleans.py:133 - msgid "Allow system to run with NIS" - msgstr "" - --#: booleans.py:121 -+#: booleans.py:134 - msgid "Allow confined applications to use nscd shared memory." - msgstr "" - --#: booleans.py:122 -+#: booleans.py:135 - msgid "Allow openshift to lockdown app" - msgstr "" - --#: booleans.py:123 --msgid "Allow openvpn to read home directories" -+#: booleans.py:136 -+msgid "Determine whether openvpn can read generic user home content files." - msgstr "" - --#: booleans.py:124 -+#: booleans.py:137 - msgid "Allow piranha-lvs domain to connect to the network using TCP." - msgstr "" - --#: booleans.py:125 -+#: booleans.py:138 - msgid "Allow polipo to connect to all ports > 1023" - msgstr "" - --#: booleans.py:126 -+#: booleans.py:139 - msgid "" - "Determine whether Polipo session daemon can bind tcp sockets to all " - "unreserved ports." - msgstr "" - --#: booleans.py:127 -+#: booleans.py:140 - msgid "" - "Determine whether calling user domains can execute Polipo daemon in the " - "polipo_session_t domain." - msgstr "" - --#: booleans.py:128 -+#: booleans.py:141 - msgid "Determine whether polipo can access cifs file systems." - msgstr "" - --#: booleans.py:129 -+#: booleans.py:142 - msgid "Determine whether Polipo can access nfs file systems." - msgstr "" - --#: booleans.py:130 -+#: booleans.py:143 - msgid "Enable polyinstantiated directory support." - msgstr "" - --#: booleans.py:131 -+#: booleans.py:144 - msgid "Allow postfix_local domain full write access to mail_spool directories" - msgstr "" - --#: booleans.py:132 -+#: booleans.py:145 - msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" - msgstr "" - --#: booleans.py:133 -+#: booleans.py:146 - msgid "Allow transmit client label to foreign database" - msgstr "" - --#: booleans.py:134 -+#: booleans.py:147 - msgid "Allow database admins to execute DML statement" - msgstr "" - --#: booleans.py:135 -+#: booleans.py:148 - msgid "Allow unprivileged users to execute DDL statement" - msgstr "" - --#: booleans.py:136 -+#: booleans.py:149 - msgid "Allow pppd to load kernel modules for certain modems" - msgstr "" - --#: booleans.py:137 -+#: booleans.py:150 - msgid "Allow pppd to be run for a regular user" - msgstr "" - --#: booleans.py:138 --msgid "" --"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:151 -+msgid "Determine whether privoxy can connect to all tcp ports." - msgstr "" - --#: booleans.py:139 -+#: booleans.py:152 - msgid "Allow Puppet client to manage all file types." - msgstr "" - --#: booleans.py:140 -+#: booleans.py:153 - msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" - msgstr "" - --#: booleans.py:141 -+#: booleans.py:154 - msgid "Allow racoon to read shadow" - msgstr "" - --#: booleans.py:142 --msgid "Allow rgmanager domain to connect to the network using TCP." --msgstr "" -- --#: booleans.py:143 -+#: booleans.py:155 - msgid "" - "Allow rsync to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:144 -+#: booleans.py:156 - msgid "Allow rsync to run as a client" - msgstr "" - --#: booleans.py:145 -+#: booleans.py:157 - msgid "Allow rsync to export any files/directories read only." - msgstr "" - --#: booleans.py:146 --msgid "Allow rsync servers to share cifs files systems" --msgstr "" -- --#: booleans.py:147 --msgid "Allow rsync servers to share nfs files systems" -+#: booleans.py:158 -+msgid "Allow rsync server to manage all files/directories on the system." - msgstr "" - --#: booleans.py:148 -+#: booleans.py:159 - msgid "Allow samba to create new home directories (e.g. via PAM)" - msgstr "" - --#: booleans.py:149 -+#: booleans.py:160 - msgid "" - "Allow samba to act as the domain controller, add users, groups and change " - "passwords." - msgstr "" - --#: booleans.py:150 -+#: booleans.py:161 - msgid "Allow samba to share users home directories." - msgstr "" - --#: booleans.py:151 -+#: booleans.py:162 - msgid "Allow samba to share any file/directory read only." - msgstr "" - --#: booleans.py:152 -+#: booleans.py:163 - msgid "Allow samba to share any file/directory read/write." - msgstr "" - --#: booleans.py:153 -+#: booleans.py:164 - msgid "Allow samba to act as a portmapper" - msgstr "" - --#: booleans.py:154 -+#: booleans.py:165 - msgid "Allow samba to run unconfined scripts" - msgstr "" - --#: booleans.py:155 --msgid "Allow samba to export ntfs/fusefs volumes." --msgstr "" -- --#: booleans.py:156 -+#: booleans.py:167 - msgid "Allow samba to export NFS volumes." - msgstr "" - --#: booleans.py:157 -+#: booleans.py:168 - msgid "Allow sanlock to read/write fuse files" - msgstr "" - --#: booleans.py:158 -+#: booleans.py:169 - msgid "Allow sanlock to manage nfs files" - msgstr "" - --#: booleans.py:159 -+#: booleans.py:170 - msgid "Allow sanlock to manage cifs files" - msgstr "" - --#: booleans.py:160 -+#: booleans.py:171 - msgid "Allow sasl to read shadow" - msgstr "" - --#: booleans.py:161 -+#: booleans.py:172 - msgid "Allow secadm to exec content" - msgstr "" - --#: booleans.py:162 -+#: booleans.py:173 - msgid "" - "disallow programs, such as newrole, from transitioning to administrative " - "user domains." - msgstr "" - --#: booleans.py:163 -+#: booleans.py:174 - msgid "Disable kernel module loading." - msgstr "" - --#: booleans.py:164 -+#: booleans.py:175 - msgid "" - "Boolean to determine whether the system permits loading policy, setting " - "enforcing mode, and changing boolean values. Set this to true and you have " - "to reboot to set it back." - msgstr "" - --#: booleans.py:165 -+#: booleans.py:176 - msgid "Allow regular users direct dri device access" - msgstr "" - --#: booleans.py:166 -+#: booleans.py:177 - msgid "" - "Allow unconfined executables to make their heap memory executable. Doing " - "this is a really bad idea. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:167 -+#: booleans.py:178 - msgid "" - "Allow all unconfined executables to use libraries requiring text relocation " - "that are not labeled textrel_shlib_t" - msgstr "" - --#: booleans.py:168 -+#: booleans.py:179 - msgid "" - "Allow unconfined executables to make their stack executable. This should " - "never, ever be necessary. Probably indicates a badly coded executable, but " - "could indicate an attack. This executable should be reported in bugzilla" - msgstr "" - --#: booleans.py:169 -+#: booleans.py:180 - msgid "Allow users to connect to the local mysql server" - msgstr "" - --#: booleans.py:170 -+#: booleans.py:181 - msgid "" - "Allow confined users the ability to execute the ping and traceroute commands." - msgstr "" - --#: booleans.py:171 -+#: booleans.py:182 - msgid "Allow users to connect to PostgreSQL" - msgstr "" - --#: booleans.py:172 -+#: booleans.py:183 - msgid "" - "Allow user to r/w files on filesystems that do not have extended attributes " - "(FAT, CDROM, FLOPPY)" - msgstr "" - --#: booleans.py:173 -+#: booleans.py:184 -+msgid "Allow user music sharing" -+msgstr "" -+ -+#: booleans.py:185 - msgid "" - "Allow users to run TCP servers (bind to ports and accept connection from the " - "same domain and outside users) disabling this forces FTP passive mode and " - "may change other protocols." - msgstr "" - --#: booleans.py:174 -+#: booleans.py:186 - msgid "Allow user to use ssh chroot environment." - msgstr "" - --#: booleans.py:175 --msgid "Allow user music sharing" --msgstr "" -- --#: booleans.py:176 -+#: booleans.py:187 - msgid "" --"Allow anon internal-sftp to upload files, used for public file transfer " --"services. Directories must be labeled public_content_rw_t." -+"Determine whether sftpd can modify public files used for public file " -+"transfer services. Directories/Files must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:177 -+#: booleans.py:188 - msgid "" --"Allow sftp-internal to read and write files in the user home directories" -+"Determine whether sftpd-can read and write files in user home directories." - msgstr "" - --#: booleans.py:178 -+#: booleans.py:189 - msgid "" --"Allow sftp-internal to login to local users and read/write all files on the " --"system, governed by DAC." -+"Determine whether sftpd-can login to local users and read and write all " -+"files on the system, governed by DAC." - msgstr "" - --#: booleans.py:179 -+#: booleans.py:190 - msgid "" --"Allow internal-sftp to read and write files in the user ssh home directories." -+"Determine whether sftpd can read and write files in user ssh home " -+"directories." - msgstr "" - --#: booleans.py:180 -+#: booleans.py:191 - msgid "Allow sge to connect to the network using any TCP port" - msgstr "" - --#: booleans.py:181 -+#: booleans.py:192 - msgid "Allow sge to access nfs file systems." - msgstr "" - --#: booleans.py:182 --msgid "" --"Enable additional permissions needed to support devices on 3ware controllers." -+#: booleans.py:193 -+msgid "Determine whether smartmon can support devices on 3ware controllers." - msgstr "" - --#: booleans.py:183 -+#: booleans.py:194 - msgid "" - "Allow samba to modify public files used for public file transfer services. " - "Files/Directories must be labeled public_content_rw_t." - msgstr "" - --#: booleans.py:184 -+#: booleans.py:195 - msgid "Allow user spamassassin clients to use the network." - msgstr "" - --#: booleans.py:185 -+#: booleans.py:196 - msgid "Allow spamd to read/write user home directories." - msgstr "" - --#: booleans.py:186 --msgid "" --"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:197 -+msgid "Determine whether squid can connect to all TCP ports." - msgstr "" - --#: booleans.py:187 --msgid "Allow squid to run as a transparent proxy (TPROXY)" -+#: booleans.py:198 -+msgid "Determine whether squid can run as a transparent proxy." - msgstr "" - --#: booleans.py:188 -+#: booleans.py:199 - msgid "" - "Allow ssh with chroot env to read and write files in the user home " - "directories" - msgstr "" - --#: booleans.py:189 -+#: booleans.py:200 - msgid "allow host key based authentication" - msgstr "" - --#: booleans.py:190 -+#: booleans.py:201 - msgid "Allow ssh logins as sysadm_r:sysadm_t" - msgstr "" - --#: booleans.py:191 -+#: booleans.py:202 - msgid "Allow staff to exec content" - msgstr "" - --#: booleans.py:192 -+#: booleans.py:203 - msgid "allow staff user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:193 -+#: booleans.py:204 - msgid "Allow sysadm to exec content" - msgstr "" - --#: booleans.py:194 -+#: booleans.py:205 - msgid "Allow the Telepathy connection managers to connect to any network port." - msgstr "" - --#: booleans.py:195 -+#: booleans.py:206 - msgid "" - "Allow the Telepathy connection managers to connect to any generic TCP port." - msgstr "" - --#: booleans.py:196 -+#: booleans.py:207 - msgid "" - "Allow tftp to modify public files used for public file transfer services." - msgstr "" - --#: booleans.py:197 -+#: booleans.py:208 - msgid "Allow tftp to read and write files in the user home directories" - msgstr "" - --#: booleans.py:198 --msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." -+#: booleans.py:209 -+msgid "Determine whether tor can bind tcp sockets to all unreserved ports." - msgstr "" - --#: booleans.py:199 -+#: booleans.py:210 - msgid "Allow tor to act as a relay" - msgstr "" - --#: booleans.py:200 -+#: booleans.py:211 - msgid "" - "allow unconfined users to transition to the chrome sandbox domains when " - "running chrome-sandbox" - msgstr "" - --#: booleans.py:201 -+#: booleans.py:212 - msgid "Allow a user to login as an unconfined domain" - msgstr "" - --#: booleans.py:202 -+#: booleans.py:213 - msgid "" - "Allow unconfined users to transition to the Mozilla plugin domain when " - "running xulrunner plugin-container." - msgstr "" - --#: booleans.py:203 -+#: booleans.py:214 - msgid "Allow video playing tools to run unconfined" - msgstr "" - --#: booleans.py:204 -+#: booleans.py:215 - msgid "Allow unprivledged user to create and transition to svirt domains." - msgstr "" - --#: booleans.py:205 -+#: booleans.py:216 - msgid "Support ecryptfs home directories" - msgstr "" - --#: booleans.py:206 -+#: booleans.py:217 - msgid "Support fusefs home directories" - msgstr "" - --#: booleans.py:207 --msgid "Use lpd server instead of cups" -+#: booleans.py:218 -+msgid "Determine whether to support lpd server." - msgstr "" - --#: booleans.py:208 -+#: booleans.py:219 - msgid "Support NFS home directories" - msgstr "" - --#: booleans.py:209 -+#: booleans.py:220 - msgid "Support SAMBA home directories" - msgstr "" - --#: booleans.py:210 -+#: booleans.py:221 - msgid "Allow user to exec content" - msgstr "" - --#: booleans.py:211 --msgid "Allow varnishd to connect to all ports, not just HTTP." -+#: booleans.py:222 -+msgid "Determine whether varnishd can use the full TCP network." - msgstr "" - --#: booleans.py:212 --msgid "Ignore vbetool mmap_zero errors." -+#: booleans.py:223 -+msgid "" -+"Determine whether attempts by vbetool to mmap low regions should be silently " -+"blocked." - msgstr "" - --#: booleans.py:213 -+#: booleans.py:224 - msgid "" - "Allow confined virtual guests to use serial/parallel communication ports" - msgstr "" - --#: booleans.py:214 -+#: booleans.py:225 - msgid "" - "Allow confined virtual guests to use executable memory and executable stack" - msgstr "" - --#: booleans.py:215 -+#: booleans.py:226 - msgid "Allow confined virtual guests to read fuse files" - msgstr "" - --#: booleans.py:216 -+#: booleans.py:227 - msgid "Allow confined virtual guests to manage nfs files" - msgstr "" - --#: booleans.py:217 -+#: booleans.py:228 - msgid "Allow confined virtual guests to interact with rawip sockets" - msgstr "" - --#: booleans.py:218 -+#: booleans.py:229 - msgid "Allow confined virtual guests to manage cifs files" - msgstr "" - --#: booleans.py:219 -+#: booleans.py:230 - msgid "Allow confined virtual guests to interact with the sanlock" - msgstr "" - --#: booleans.py:220 --msgid "Allow confined virtual guests to manage device configuration, (pci)" --msgstr "" -- --#: booleans.py:221 -+#: booleans.py:231 - msgid "Allow confined virtual guests to use usb devices" - msgstr "" - --#: booleans.py:222 -+#: booleans.py:232 - msgid "Allow confined virtual guests to interact with the xserver" - msgstr "" - --#: booleans.py:223 --msgid "Allow webadm to manage files in users home directories" -+#: booleans.py:233 -+msgid "Determine whether webadm can manage generic user files." - msgstr "" - --#: booleans.py:224 --msgid "Allow webadm to read files in users home directories" -+#: booleans.py:234 -+msgid "Determine whether webadm can read generic user files." - msgstr "" - --#: booleans.py:225 --msgid "Ignore wine mmap_zero errors." -+#: booleans.py:235 -+msgid "" -+"Determine whether attempts by wine to mmap low regions should be silently " -+"blocked." - msgstr "" - --#: booleans.py:226 -+#: booleans.py:236 - msgid "Allow the graphical login program to execute bootloader" - msgstr "" - --#: booleans.py:227 -+#: booleans.py:237 - msgid "" - "Allow the graphical login program to login directly as sysadm_r:sysadm_t" - msgstr "" - --#: booleans.py:228 -+#: booleans.py:238 - msgid "Allow xen to manage nfs files" - msgstr "" - --#: booleans.py:229 -+#: booleans.py:239 - msgid "" - "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " - "logical volumes for disk images." - msgstr "" - --#: booleans.py:230 -+#: booleans.py:240 - msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." - msgstr "" - --#: booleans.py:231 -+#: booleans.py:241 - msgid "" - "Allow xguest users to configure Network Manager and connect to apache ports" - msgstr "" - --#: booleans.py:232 -+#: booleans.py:242 - msgid "Allow xguest to exec content" - msgstr "" - --#: booleans.py:233 -+#: booleans.py:243 - msgid "Allow xguest users to mount removable media" - msgstr "" - --#: booleans.py:234 -+#: booleans.py:244 - msgid "Allow xguest to use blue tooth devices" - msgstr "" - --#: booleans.py:235 -+#: booleans.py:245 - msgid "Allows clients to write to the X server shared memory segments." - msgstr "" - --#: booleans.py:236 -+#: booleans.py:246 - msgid "Allows XServer to execute writable memory" - msgstr "" - --#: booleans.py:237 -+#: booleans.py:247 - msgid "Support X userspace object manager" - msgstr "" - --#: booleans.py:238 --msgid "Allow zabbix to connect to unreserved ports" -+#: booleans.py:248 -+msgid "Determine whether zabbix can connect to all TCP ports" - msgstr "" - --#: booleans.py:239 -+#: booleans.py:249 - msgid "Allow zebra daemon to write it configuration files" - msgstr "" - --#: booleans.py:240 -+#: booleans.py:250 - msgid "" - "Allow ZoneMinder to modify public files used for public file transfer " - "services." -diff --git a/policycoreutils/po/ar.po b/policycoreutils/po/ar.po -index 151ca6a..6010c78 100644 ---- a/policycoreutils/po/ar.po -+++ b/policycoreutils/po/ar.po -@@ -1,7 +1,7 @@ - # SOME DESCRIPTIVE TITLE. - # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER - # This file is distributed under the same license as the PACKAGE package. --# -+# - # Translators: - # Ali Al-Ammari , 2010. - # Amjad Al-Obaili , 2010. -@@ -12,24 +12,28 @@ msgid "" - msgstr "" - "Project-Id-Version: Policycoreutils\n" - "Report-Msgid-Bugs-To: \n" --"POT-Creation-Date: 2013-01-04 12:01-0500\n" --"PO-Revision-Date: 2013-01-04 17:02+0000\n" -+"POT-Creation-Date: 2013-05-07 11:12-0400\n" -+"PO-Revision-Date: 2013-04-08 19:09+0000\n" - "Last-Translator: dwalsh \n" - "Language-Team: Arabic \n" -+"Language: ar\n" - "MIME-Version: 1.0\n" - "Content-Type: text/plain; charset=UTF-8\n" - "Content-Transfer-Encoding: 8bit\n" --"Language: ar\n" --"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" -+"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 " -+"&& n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" - - #: ../run_init/run_init.c:67 - msgid "" - "USAGE: run_init