diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch index 7c8352d..b9971b8 100644 --- a/policycoreutils-rhat.patch +++ b/policycoreutils-rhat.patch @@ -34,9 +34,18 @@ index 88635d4..fc290ea 100644 clean: rm -f *~ diff --git a/policycoreutils/audit2allow/audit2allow b/policycoreutils/audit2allow/audit2allow -index 8e0c396..1059bea 100644 +index 8e0c396..4fa07a1 100644 --- a/policycoreutils/audit2allow/audit2allow +++ b/policycoreutils/audit2allow/audit2allow +@@ -1,7 +1,7 @@ + #! /usr/bin/python -Es + # Authors: Karl MacMillan + # +-# Copyright (C) 2006-2007 Red Hat ++# Copyright (C) 2006-2013 Red Hat + # see file 'COPYING' for use and warranty information + # + # This program is free software; you can redistribute it and/or @@ -18,7 +18,7 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # @@ -65,7 +74,16 @@ index 8e0c396..1059bea 100644 help="Translates SELinux audit messages into a description of why the access was denied") options, args = parser.parse_args() -@@ -267,12 +268,10 @@ class AuditToPolicy: +@@ -178,6 +179,8 @@ class AuditToPolicy: + if self.__options.interface_info: + fn = self.__options.interface_info + else: ++ import sepolicy ++ sepolicy.gen_interfaces() + fn = defaults.interface_info() + try: + fd = open(fn) +@@ -267,12 +270,10 @@ class AuditToPolicy: continue if rc == audit2why.CONSTRAINT: @@ -82,7 +100,7 @@ index 8e0c396..1059bea 100644 if rc == audit2why.RBAC: print "\t\tMissing role allow rule.\n" -@@ -350,6 +349,9 @@ class AuditToPolicy: +@@ -350,6 +351,9 @@ class AuditToPolicy: except ValueError, e: print e sys.exit(1) @@ -695,7 +713,7 @@ index a377996..9c1486e 100644 refresh-po: Makefile for cat in $(POFILES); do \ diff --git a/policycoreutils/po/af.po b/policycoreutils/po/af.po -index 961d921..16bdf77 100644 +index 961d921..5ee0bdc 100644 --- a/policycoreutils/po/af.po +++ b/policycoreutils/po/af.po @@ -8,7 +8,7 @@ msgid "" @@ -703,7 +721,7 @@ index 961d921..16bdf77 100644 "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2013-01-04 12:01-0500\n" -+"POT-Creation-Date: 2013-04-08 15:08-0400\n" ++"POT-Creation-Date: 2013-05-07 11:12-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -744,7 +762,7 @@ index 961d921..16bdf77 100644 +#: ../semanage/seobject.py:379 +msgid "" +"The sepolgen python module is required to setup permissive domains.\n" -+"In some distributions it is included in the policycoreutils-devel patckage.\n" ++"In some distributions it is included in the policycoreutils-devel package.\n" +"# yum install policycoreutils-devel\n" +"Or similar for your distro." +msgstr "" @@ -2034,194 +2052,193 @@ index 961d921..16bdf77 100644 msgid "Sandbox" msgstr "" -@@ -2159,261 +2192,313 @@ msgstr "" +@@ -2159,261 +2192,322 @@ msgstr "" msgid "SELinux user '%s' is required" msgstr "" -#: ../sepolicy/sepolicy.py:202 -+#: ../sepolicy/sepolicy.py:257 ++#: ../sepolicy/sepolicy.py:183 ++#, python-format ++msgid "Interface %s does not exist." ++msgstr "" ++ ++#: ../sepolicy/sepolicy.py:267 msgid "Generate SELinux man pages" msgstr "" -#: ../sepolicy/sepolicy.py:205 -+#: ../sepolicy/sepolicy.py:260 ++#: ../sepolicy/sepolicy.py:270 msgid "path in which the generated SELinux man pages will be stored" msgstr "" -#: ../sepolicy/sepolicy.py:207 -+#: ../sepolicy/sepolicy.py:262 ++#: ../sepolicy/sepolicy.py:272 msgid "name of the OS for man pages" msgstr "" -#: ../sepolicy/sepolicy.py:209 -+#: ../sepolicy/sepolicy.py:264 ++#: ../sepolicy/sepolicy.py:274 msgid "Generate HTML man pages structure for selected SELinux man page" msgstr "" -#: ../sepolicy/sepolicy.py:213 -+#: ../sepolicy/sepolicy.py:266 ++#: ../sepolicy/sepolicy.py:276 +msgid "Alternate root directory, defaults to /" +msgstr "" + -+#: ../sepolicy/sepolicy.py:270 ++#: ../sepolicy/sepolicy.py:280 msgid "All domains" msgstr "" -#: ../sepolicy/sepolicy.py:216 -+#: ../sepolicy/sepolicy.py:273 ++#: ../sepolicy/sepolicy.py:283 msgid "Domain name(s) of man pages to be created" msgstr "" -#: ../sepolicy/sepolicy.py:221 -+#: ../sepolicy/sepolicy.py:278 ++#: ../sepolicy/sepolicy.py:288 msgid "Query SELinux policy network information" msgstr "" -#: ../sepolicy/sepolicy.py:226 -+#: ../sepolicy/sepolicy.py:283 ++#: ../sepolicy/sepolicy.py:293 msgid "list all SELinux port types" msgstr "" -#: ../sepolicy/sepolicy.py:229 -+#: ../sepolicy/sepolicy.py:286 ++#: ../sepolicy/sepolicy.py:296 msgid "show SELinux type related to the port" msgstr "" -#: ../sepolicy/sepolicy.py:232 -+#: ../sepolicy/sepolicy.py:289 ++#: ../sepolicy/sepolicy.py:299 msgid "Show ports defined for this SELinux type" msgstr "" -#: ../sepolicy/sepolicy.py:235 -+#: ../sepolicy/sepolicy.py:292 ++#: ../sepolicy/sepolicy.py:302 msgid "show ports to which this domain can bind and/or connect" msgstr "" -#: ../sepolicy/sepolicy.py:250 -+#: ../sepolicy/sepolicy.py:307 ++#: ../sepolicy/sepolicy.py:317 msgid "query SELinux policy to see if domains can communicate with each other" msgstr "" -#: ../sepolicy/sepolicy.py:253 -+#: ../sepolicy/sepolicy.py:310 ++#: ../sepolicy/sepolicy.py:320 msgid "Source Domain" msgstr "" -#: ../sepolicy/sepolicy.py:256 -+#: ../sepolicy/sepolicy.py:313 ++#: ../sepolicy/sepolicy.py:323 msgid "Target Domain" msgstr "" -#: ../sepolicy/sepolicy.py:276 -+#: ../sepolicy/sepolicy.py:332 ++#: ../sepolicy/sepolicy.py:342 msgid "query SELinux Policy to see description of booleans" msgstr "" -#: ../sepolicy/sepolicy.py:280 -+#: ../sepolicy/sepolicy.py:336 ++#: ../sepolicy/sepolicy.py:346 msgid "get all booleans descriptions" msgstr "" -#: ../sepolicy/sepolicy.py:282 -+#: ../sepolicy/sepolicy.py:339 ++#: ../sepolicy/sepolicy.py:349 msgid "boolean to get description" msgstr "" -#: ../sepolicy/sepolicy.py:301 -+#: ../sepolicy/sepolicy.py:349 ++#: ../sepolicy/sepolicy.py:359 msgid "" "query SELinux Policy to see how a source process domain can transition to " "the target process domain" msgstr "" -#: ../sepolicy/sepolicy.py:304 -+#: ../sepolicy/sepolicy.py:352 ++#: ../sepolicy/sepolicy.py:362 msgid "source process domain" msgstr "" -#: ../sepolicy/sepolicy.py:307 -+#: ../sepolicy/sepolicy.py:355 ++#: ../sepolicy/sepolicy.py:365 msgid "target process domain" msgstr "" -#: ../sepolicy/sepolicy.py:327 -+#: ../sepolicy/sepolicy.py:382 ++#: ../sepolicy/sepolicy.py:408 +#, python-format +msgid "sepolicy generate: error: one of the arguments %s is required" +msgstr "" + -+#: ../sepolicy/sepolicy.py:387 ++#: ../sepolicy/sepolicy.py:413 msgid "Command required for this type of policy" msgstr "" -#: ../sepolicy/sepolicy.py:347 -+#: ../sepolicy/sepolicy.py:398 ++#: ../sepolicy/sepolicy.py:424 +msgid "" +"-t option can not be used with this option. Read usage for more details." +msgstr "" + -+#: ../sepolicy/sepolicy.py:403 ++#: ../sepolicy/sepolicy.py:429 +msgid "" +"-d option can not be used with this option. Read usage for more details." +msgstr "" + -+#: ../sepolicy/sepolicy.py:407 ++#: ../sepolicy/sepolicy.py:433 +msgid "" +"-a option can not be used with this option. Read usage for more details." +msgstr "" + -+#: ../sepolicy/sepolicy.py:426 ++#: ../sepolicy/sepolicy.py:452 msgid "List SELinux Policy interfaces" msgstr "" -#: ../sepolicy/sepolicy.py:362 -+#: ../sepolicy/sepolicy.py:444 ++#: ../sepolicy/sepolicy.py:470 ++msgid "Enter interface names, you wish to query" ++msgstr "" ++ ++#: ../sepolicy/sepolicy.py:479 msgid "Generate SELinux Policy module template" msgstr "" -#: ../sepolicy/sepolicy.py:365 -+#: ../sepolicy/sepolicy.py:447 ++#: ../sepolicy/sepolicy.py:482 msgid "Enter domain type which you will be extending" msgstr "" -#: ../sepolicy/sepolicy.py:368 -+#: ../sepolicy/sepolicy.py:450 ++#: ../sepolicy/sepolicy.py:485 msgid "Enter SELinux user(s) which will transition to this domain" msgstr "" -#: ../sepolicy/sepolicy.py:371 -+#: ../sepolicy/sepolicy.py:453 ++#: ../sepolicy/sepolicy.py:488 msgid "Enter domain(s) that this confined admin will administrate" msgstr "" -#: ../sepolicy/sepolicy.py:374 -+#: ../sepolicy/sepolicy.py:456 ++#: ../sepolicy/sepolicy.py:491 msgid "name of policy to generate" msgstr "" -#: ../sepolicy/sepolicy.py:378 -+#: ../sepolicy/sepolicy.py:463 ++#: ../sepolicy/sepolicy.py:498 msgid "path in which the generated policy files will be stored" msgstr "" -#: ../sepolicy/sepolicy.py:380 -msgid "executable to confine" -+#: ../sepolicy/sepolicy.py:465 ++#: ../sepolicy/sepolicy.py:500 +msgid "path to which the confined processes will need to write" +msgstr "" + -+#: ../sepolicy/sepolicy.py:466 ++#: ../sepolicy/sepolicy.py:501 +msgid "Policy types which require a command" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:470 ../sepolicy/sepolicy.py:473 -+#: ../sepolicy/sepolicy.py:476 ../sepolicy/sepolicy.py:479 -+#: ../sepolicy/sepolicy.py:482 ../sepolicy/sepolicy.py:488 -+#: ../sepolicy/sepolicy.py:491 ../sepolicy/sepolicy.py:494 -+#: ../sepolicy/sepolicy.py:500 ../sepolicy/sepolicy.py:503 -+#: ../sepolicy/sepolicy.py:506 ../sepolicy/sepolicy.py:509 -+#, python-format -+msgid "Generate '%s' policy" msgstr "" -#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387 @@ -2230,23 +2247,33 @@ index 961d921..16bdf77 100644 -#: ../sepolicy/sepolicy.py:402 ../sepolicy/sepolicy.py:405 -#: ../sepolicy/sepolicy.py:408 ../sepolicy/sepolicy.py:411 -#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 -+#: ../sepolicy/sepolicy.py:497 ++#: ../sepolicy/sepolicy.py:505 ../sepolicy/sepolicy.py:508 ++#: ../sepolicy/sepolicy.py:511 ../sepolicy/sepolicy.py:514 ++#: ../sepolicy/sepolicy.py:517 ../sepolicy/sepolicy.py:523 ++#: ../sepolicy/sepolicy.py:526 ../sepolicy/sepolicy.py:529 ++#: ../sepolicy/sepolicy.py:535 ../sepolicy/sepolicy.py:538 ++#: ../sepolicy/sepolicy.py:541 ../sepolicy/sepolicy.py:544 #, python-format -msgid "Generate Policy for %s" -+msgid "Generate '%s' policy " ++msgid "Generate '%s' policy" msgstr "" -#: ../sepolicy/sepolicy.py:422 -+#: ../sepolicy/sepolicy.py:511 ++#: ../sepolicy/sepolicy.py:532 ++#, python-format ++msgid "Generate '%s' policy " ++msgstr "" ++ ++#: ../sepolicy/sepolicy.py:546 +msgid "executable to confine" +msgstr "" + -+#: ../sepolicy/sepolicy.py:516 ++#: ../sepolicy/sepolicy.py:551 msgid "commands" msgstr "" -#: ../sepolicy/sepolicy.py:425 -+#: ../sepolicy/sepolicy.py:519 ++#: ../sepolicy/sepolicy.py:554 msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" msgstr "" @@ -2256,13 +2283,13 @@ index 961d921..16bdf77 100644 msgstr "" -#: ../sepolicy/sepolicy/__init__.py:54 -+#: ../sepolicy/sepolicy/__init__.py:239 ++#: ../sepolicy/sepolicy/__init__.py:243 #, python-format msgid "Failed to read %s policy file" msgstr "" -#: ../sepolicy/sepolicy/__init__.py:127 -+#: ../sepolicy/sepolicy/__init__.py:298 ++#: ../sepolicy/sepolicy/__init__.py:302 msgid "unknown" msgstr "" @@ -2416,7 +2443,7 @@ index 961d921..16bdf77 100644 msgid "Setup Script" msgstr "" -@@ -2428,11 +2513,11 @@ msgid "" +@@ -2428,11 +2522,11 @@ msgid "" msgstr "" #: booleans.py:3 @@ -2430,7 +2457,7 @@ index 961d921..16bdf77 100644 msgstr "" #: booleans.py:5 -@@ -2454,50 +2539,54 @@ msgid "Allow users to login using a yubikey server" +@@ -2454,50 +2548,54 @@ msgid "Allow users to login using a yubikey server" msgstr "" #: booleans.py:9 @@ -2497,7 +2524,7 @@ index 961d921..16bdf77 100644 msgstr "" #: booleans.py:20 -@@ -2506,7 +2595,7 @@ msgid "" +@@ -2506,7 +2604,7 @@ msgid "" msgstr "" #: booleans.py:21 @@ -2506,7 +2533,7 @@ index 961d921..16bdf77 100644 msgstr "" #: booleans.py:22 -@@ -2522,951 +2611,996 @@ msgid "Allow all daemons the ability to read/write terminals" +@@ -2522,951 +2620,1000 @@ msgid "Allow all daemons the ability to read/write terminals" msgstr "" #: booleans.py:25 @@ -2528,7 +2555,7 @@ index 961d921..16bdf77 100644 #: booleans.py:28 -msgid "Allow dbadm to read files in users home directories" -+msgid "Allow sysadm to debug or ptrace all processes." ++msgid "Deny any process from ptracing or debugging any other processes." msgstr "" #: booleans.py:29 @@ -2639,7 +2666,7 @@ index 961d921..16bdf77 100644 -msgid "" -"Allow ftp servers to login to local users and read/write all files on the " -"system, governed by DAC." -+#: booleans.py:47 booleans.py:165 ++#: booleans.py:47 booleans.py:166 +msgid "Allow samba to export ntfs/fusefs volumes." msgstr "" @@ -2871,461 +2898,466 @@ index 961d921..16bdf77 100644 -#: booleans.py:88 +#: booleans.py:90 ++msgid "Allow HTTPD scripts and modules to server cobbler files." ++msgstr "" ++ ++#: booleans.py:91 msgid "Allow httpd daemon to change its resource limits" msgstr "" -#: booleans.py:89 -+#: booleans.py:91 ++#: booleans.py:92 msgid "" "Allow HTTPD to run SSI executables in the same domain as system CGI scripts." msgstr "" -#: booleans.py:90 -+#: booleans.py:92 ++#: booleans.py:93 msgid "" "Allow apache scripts to write to public content, directories/files must be " "labeled public_rw_content_t." msgstr "" -#: booleans.py:91 -+#: booleans.py:93 ++#: booleans.py:94 msgid "Allow Apache to execute tmp content." msgstr "" -#: booleans.py:92 -+#: booleans.py:94 ++#: booleans.py:95 msgid "" "Unify HTTPD to communicate with the terminal. Needed for entering the " "passphrase for certificates at the terminal." msgstr "" -#: booleans.py:93 --msgid "Unify HTTPD handling of all content files." --msgstr "" -- ++#: booleans.py:96 + msgid "Unify HTTPD handling of all content files." + msgstr "" + -#: booleans.py:94 --msgid "Allow httpd to access cifs file systems" --msgstr "" -- - #: booleans.py:95 --msgid "Allow httpd to access FUSE file systems" -+msgid "Unify HTTPD handling of all content files." ++#: booleans.py:97 + msgid "Allow httpd to access cifs file systems" msgstr "" - #: booleans.py:96 --msgid "Allow httpd to run gpg" -+msgid "Allow httpd to access cifs file systems" +-#: booleans.py:95 ++#: booleans.py:98 + msgid "Allow httpd to access FUSE file systems" msgstr "" - #: booleans.py:97 --msgid "Allow httpd to access nfs file systems" -+msgid "Allow httpd to access FUSE file systems" +-#: booleans.py:96 ++#: booleans.py:99 + msgid "Allow httpd to run gpg" msgstr "" - #: booleans.py:98 --msgid "Allow httpd to communicate with oddjob to start up a service" -+msgid "Allow httpd to run gpg" +-#: booleans.py:97 ++#: booleans.py:100 + msgid "Allow httpd to access nfs file systems" msgstr "" - #: booleans.py:99 --msgid "Allow httpd to access openstack ports" -+msgid "Allow httpd to access nfs file systems" +-#: booleans.py:98 ++#: booleans.py:101 + msgid "Allow httpd to communicate with oddjob to start up a service" msgstr "" - #: booleans.py:100 --msgid "Allow Apache to query NS records" -+msgid "Allow httpd to communicate with oddjob to start up a service" +-#: booleans.py:99 ++#: booleans.py:102 + msgid "Allow httpd to access openstack ports" msgstr "" - #: booleans.py:101 +-#: booleans.py:100 ++#: booleans.py:103 + msgid "Allow Apache to query NS records" + msgstr "" + +-#: booleans.py:101 -msgid "Allow icecast to connect to all ports, not just sound ports." -+msgid "Allow httpd to access openstack ports" - msgstr "" - - #: booleans.py:102 --msgid "" --"Allow the Irssi IRC Client to connect to any port, and to bind to any " --"unreserved port." -+msgid "Allow Apache to query NS records" - msgstr "" - - #: booleans.py:103 --msgid "Allow confined applications to run with kerberos." ++#: booleans.py:104 +msgid "Determine whether icecast can listen on and connect to any TCP port." msgstr "" - #: booleans.py:104 --msgid "Allow syslogd daemon to send mail" +-#: booleans.py:102 ++#: booleans.py:105 +msgid "" +"Determine whether irc clients can listen on and connect to any unreserved " +"TCP ports." ++msgstr "" ++ ++#: booleans.py:106 + msgid "" + "Allow the Irssi IRC Client to connect to any port, and to bind to any " + "unreserved port." msgstr "" - #: booleans.py:105 --msgid "Allow syslogd the ability to read/write terminals" -+msgid "" -+"Allow the Irssi IRC Client to connect to any port, and to bind to any " -+"unreserved port." +-#: booleans.py:103 ++#: booleans.py:107 + msgid "Allow confined applications to run with kerberos." msgstr "" - #: booleans.py:106 --msgid "Allow logging in and using the system from /dev/console." -+msgid "Allow confined applications to run with kerberos." - msgstr "" - - #: booleans.py:107 --msgid "" --"Control the ability to mmap a low area of the address space, as configured " --"by /proc/sys/kernel/mmap_min_addr." +-#: booleans.py:104 +-msgid "Allow syslogd daemon to send mail" ++#: booleans.py:108 +msgid "Allow ksmtuned to use cifs/Samba file systems" msgstr "" - #: booleans.py:108 --msgid "Allow mock to read files in home directories." +-#: booleans.py:105 +-msgid "Allow syslogd the ability to read/write terminals" ++#: booleans.py:109 +msgid "Allow ksmtuned to use nfs file systems" msgstr "" - #: booleans.py:109 --msgid "Allow the mount command to mount any directory or file." +-#: booleans.py:106 ++#: booleans.py:110 +msgid "Allow syslogd daemon to send mail" - msgstr "" - - #: booleans.py:110 --msgid "Allow mozilla plugin domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:111 +msgid "Allow syslogd the ability to read/write terminals" ++msgstr "" ++ ++#: booleans.py:112 + msgid "Allow logging in and using the system from /dev/console." msgstr "" - #: booleans.py:111 +-#: booleans.py:107 ++#: booleans.py:113 ++msgid "Allow mailman to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:114 ++msgid "Determine whether mcelog supports client mode." ++msgstr "" ++ ++#: booleans.py:115 ++msgid "Determine whether mcelog can execute scripts." ++msgstr "" ++ ++#: booleans.py:116 ++msgid "Determine whether mcelog can use all the user ttys." ++msgstr "" ++ ++#: booleans.py:117 ++msgid "Determine whether mcelog supports server mode." ++msgstr "" ++ ++#: booleans.py:118 + msgid "" + "Control the ability to mmap a low area of the address space, as configured " + "by /proc/sys/kernel/mmap_min_addr." + msgstr "" + +-#: booleans.py:108 ++#: booleans.py:119 + msgid "Allow mock to read files in home directories." + msgstr "" + +-#: booleans.py:109 ++#: booleans.py:120 + msgid "Allow the mount command to mount any directory or file." + msgstr "" + +-#: booleans.py:110 ++#: booleans.py:121 + msgid "Allow mozilla plugin domain to connect to the network using TCP." + msgstr "" + +-#: booleans.py:111 -msgid "" -"Allow mozilla_plugins to create random content in the users home directory" -+msgid "Allow logging in and using the system from /dev/console." - msgstr "" - - #: booleans.py:112 --msgid "Allow confined web browsers to read home directory content" -+msgid "Allow mailman to access FUSE file systems" - msgstr "" - - #: booleans.py:113 --msgid "Allow mplayer executable stack" -+msgid "Determine whether mcelog supports client mode." - msgstr "" - - #: booleans.py:114 --msgid "Allow mysqld to connect to all ports" -+msgid "Determine whether mcelog can execute scripts." - msgstr "" - - #: booleans.py:115 --msgid "Allow BIND to bind apache port." -+msgid "Determine whether mcelog can use all the user ttys." - msgstr "" - - #: booleans.py:116 --msgid "" --"Allow BIND to write the master zone files. Generally this is used for " --"dynamic DNS or zone transfers." -+msgid "Determine whether mcelog supports server mode." - msgstr "" - - #: booleans.py:117 --msgid "Allow any files/directories to be exported read/only via NFS." -+msgid "" -+"Control the ability to mmap a low area of the address space, as configured " -+"by /proc/sys/kernel/mmap_min_addr." - msgstr "" - - #: booleans.py:118 --msgid "Allow any files/directories to be exported read/write via NFS." -+msgid "Allow mock to read files in home directories." - msgstr "" - - #: booleans.py:119 --msgid "" --"Allow nfs servers to modify public files used for public file transfer " --"services. Files/Directories must be labeled public_content_rw_t." -+msgid "Allow the mount command to mount any directory or file." - msgstr "" - - #: booleans.py:120 --msgid "Allow system to run with NIS" -+msgid "Allow mozilla plugin domain to connect to the network using TCP." - msgstr "" - - #: booleans.py:121 --msgid "Allow confined applications to use nscd shared memory." ++#: booleans.py:122 +msgid "Allow confined web browsers to read home directory content" msgstr "" - #: booleans.py:122 --msgid "Allow openshift to lockdown app" +-#: booleans.py:112 +-msgid "Allow confined web browsers to read home directory content" ++#: booleans.py:123 +msgid "Determine whether mpd can traverse user home directories." msgstr "" - #: booleans.py:123 --msgid "Allow openvpn to read home directories" +-#: booleans.py:113 +-msgid "Allow mplayer executable stack" ++#: booleans.py:124 +msgid "Determine whether mpd can use cifs file systems." msgstr "" - #: booleans.py:124 --msgid "Allow piranha-lvs domain to connect to the network using TCP." +-#: booleans.py:114 ++#: booleans.py:125 +msgid "Determine whether mpd can use nfs file systems." - msgstr "" - - #: booleans.py:125 --msgid "Allow polipo to connect to all ports > 1023" ++msgstr "" ++ ++#: booleans.py:126 +msgid "Determine whether mplayer can make its stack executable." ++msgstr "" ++ ++#: booleans.py:127 + msgid "Allow mysqld to connect to all ports" msgstr "" - #: booleans.py:126 --msgid "" --"Determine whether Polipo session daemon can bind tcp sockets to all " --"unreserved ports." -+msgid "Allow mysqld to connect to all ports" - msgstr "" - - #: booleans.py:127 --msgid "" --"Determine whether calling user domains can execute Polipo daemon in the " --"polipo_session_t domain." +-#: booleans.py:115 +-msgid "Allow BIND to bind apache port." ++#: booleans.py:128 +msgid "Determine whether Bind can bind tcp socket to http ports." msgstr "" - #: booleans.py:128 --msgid "Determine whether polipo can access cifs file systems." -+msgid "" +-#: booleans.py:116 ++#: booleans.py:129 + msgid "" +-"Allow BIND to write the master zone files. Generally this is used for " +-"dynamic DNS or zone transfers." +"Determine whether Bind can write to master zone files. Generally this is " +"used for dynamic DNS or zone transfers." msgstr "" - #: booleans.py:129 --msgid "Determine whether Polipo can access nfs file systems." -+msgid "Allow any files/directories to be exported read/only via NFS." +-#: booleans.py:117 ++#: booleans.py:130 + msgid "Allow any files/directories to be exported read/only via NFS." msgstr "" - #: booleans.py:130 --msgid "Enable polyinstantiated directory support." -+msgid "Allow any files/directories to be exported read/write via NFS." +-#: booleans.py:118 ++#: booleans.py:131 + msgid "Allow any files/directories to be exported read/write via NFS." msgstr "" - #: booleans.py:131 --msgid "Allow postfix_local domain full write access to mail_spool directories" -+msgid "" -+"Allow nfs servers to modify public files used for public file transfer " -+"services. Files/Directories must be labeled public_content_rw_t." +-#: booleans.py:119 ++#: booleans.py:132 + msgid "" + "Allow nfs servers to modify public files used for public file transfer " + "services. Files/Directories must be labeled public_content_rw_t." msgstr "" - #: booleans.py:132 --msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" -+msgid "Allow system to run with NIS" +-#: booleans.py:120 ++#: booleans.py:133 + msgid "Allow system to run with NIS" msgstr "" - #: booleans.py:133 --msgid "Allow transmit client label to foreign database" -+msgid "Allow confined applications to use nscd shared memory." +-#: booleans.py:121 ++#: booleans.py:134 + msgid "Allow confined applications to use nscd shared memory." msgstr "" - #: booleans.py:134 --msgid "Allow database admins to execute DML statement" -+msgid "Allow openshift to lockdown app" +-#: booleans.py:122 ++#: booleans.py:135 + msgid "Allow openshift to lockdown app" msgstr "" - #: booleans.py:135 --msgid "Allow unprivileged users to execute DDL statement" +-#: booleans.py:123 +-msgid "Allow openvpn to read home directories" ++#: booleans.py:136 +msgid "Determine whether openvpn can read generic user home content files." msgstr "" - #: booleans.py:136 --msgid "Allow pppd to load kernel modules for certain modems" -+msgid "Allow piranha-lvs domain to connect to the network using TCP." +-#: booleans.py:124 ++#: booleans.py:137 + msgid "Allow piranha-lvs domain to connect to the network using TCP." msgstr "" - #: booleans.py:137 --msgid "Allow pppd to be run for a regular user" -+msgid "Allow polipo to connect to all ports > 1023" +-#: booleans.py:125 ++#: booleans.py:138 + msgid "Allow polipo to connect to all ports > 1023" msgstr "" - #: booleans.py:138 +-#: booleans.py:126 ++#: booleans.py:139 msgid "" + "Determine whether Polipo session daemon can bind tcp sockets to all " + "unreserved ports." + msgstr "" + +-#: booleans.py:127 ++#: booleans.py:140 + msgid "" + "Determine whether calling user domains can execute Polipo daemon in the " + "polipo_session_t domain." + msgstr "" + +-#: booleans.py:128 ++#: booleans.py:141 + msgid "Determine whether polipo can access cifs file systems." + msgstr "" + +-#: booleans.py:129 ++#: booleans.py:142 + msgid "Determine whether Polipo can access nfs file systems." + msgstr "" + +-#: booleans.py:130 ++#: booleans.py:143 + msgid "Enable polyinstantiated directory support." + msgstr "" + +-#: booleans.py:131 ++#: booleans.py:144 + msgid "Allow postfix_local domain full write access to mail_spool directories" + msgstr "" + +-#: booleans.py:132 ++#: booleans.py:145 + msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" + msgstr "" + +-#: booleans.py:133 ++#: booleans.py:146 + msgid "Allow transmit client label to foreign database" + msgstr "" + +-#: booleans.py:134 ++#: booleans.py:147 + msgid "Allow database admins to execute DML statement" + msgstr "" + +-#: booleans.py:135 ++#: booleans.py:148 + msgid "Allow unprivileged users to execute DDL statement" + msgstr "" + +-#: booleans.py:136 ++#: booleans.py:149 + msgid "Allow pppd to load kernel modules for certain modems" + msgstr "" + +-#: booleans.py:137 ++#: booleans.py:150 + msgid "Allow pppd to be run for a regular user" + msgstr "" + +-#: booleans.py:138 +-msgid "" -"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." -+"Determine whether Polipo session daemon can bind tcp sockets to all " -+"unreserved ports." - msgstr "" - - #: booleans.py:139 --msgid "Allow Puppet client to manage all file types." -+msgid "" -+"Determine whether calling user domains can execute Polipo daemon in the " -+"polipo_session_t domain." - msgstr "" - - #: booleans.py:140 --msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" -+msgid "Determine whether polipo can access cifs file systems." - msgstr "" - - #: booleans.py:141 --msgid "Allow racoon to read shadow" -+msgid "Determine whether Polipo can access nfs file systems." - msgstr "" - - #: booleans.py:142 --msgid "Allow rgmanager domain to connect to the network using TCP." -+msgid "Enable polyinstantiated directory support." - msgstr "" - - #: booleans.py:143 --msgid "" --"Allow rsync to modify public files used for public file transfer services. " --"Files/Directories must be labeled public_content_rw_t." -+msgid "Allow postfix_local domain full write access to mail_spool directories" - msgstr "" - - #: booleans.py:144 --msgid "Allow rsync to run as a client" -+msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" - msgstr "" - - #: booleans.py:145 --msgid "Allow rsync to export any files/directories read only." -+msgid "Allow transmit client label to foreign database" - msgstr "" - - #: booleans.py:146 --msgid "Allow rsync servers to share cifs files systems" -+msgid "Allow database admins to execute DML statement" - msgstr "" - - #: booleans.py:147 --msgid "Allow rsync servers to share nfs files systems" -+msgid "Allow unprivileged users to execute DDL statement" - msgstr "" - - #: booleans.py:148 --msgid "Allow samba to create new home directories (e.g. via PAM)" -+msgid "Allow pppd to load kernel modules for certain modems" - msgstr "" - - #: booleans.py:149 --msgid "" --"Allow samba to act as the domain controller, add users, groups and change " --"passwords." -+msgid "Allow pppd to be run for a regular user" - msgstr "" - - #: booleans.py:150 --msgid "Allow samba to share users home directories." ++#: booleans.py:151 +msgid "Determine whether privoxy can connect to all tcp ports." msgstr "" - #: booleans.py:151 --msgid "Allow samba to share any file/directory read only." -+msgid "Allow Puppet client to manage all file types." +-#: booleans.py:139 ++#: booleans.py:152 + msgid "Allow Puppet client to manage all file types." msgstr "" - #: booleans.py:152 --msgid "Allow samba to share any file/directory read/write." -+msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" +-#: booleans.py:140 ++#: booleans.py:153 + msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" msgstr "" - #: booleans.py:153 --msgid "Allow samba to act as a portmapper" -+msgid "Allow racoon to read shadow" +-#: booleans.py:141 ++#: booleans.py:154 + msgid "Allow racoon to read shadow" msgstr "" - #: booleans.py:154 --msgid "Allow samba to run unconfined scripts" -+msgid "" -+"Allow rsync to modify public files used for public file transfer services. " -+"Files/Directories must be labeled public_content_rw_t." +-#: booleans.py:142 +-msgid "Allow rgmanager domain to connect to the network using TCP." +-msgstr "" +- +-#: booleans.py:143 ++#: booleans.py:155 + msgid "" + "Allow rsync to modify public files used for public file transfer services. " + "Files/Directories must be labeled public_content_rw_t." msgstr "" - #: booleans.py:155 --msgid "Allow samba to export ntfs/fusefs volumes." -+msgid "Allow rsync to run as a client" +-#: booleans.py:144 ++#: booleans.py:156 + msgid "Allow rsync to run as a client" msgstr "" - #: booleans.py:156 --msgid "Allow samba to export NFS volumes." -+msgid "Allow rsync to export any files/directories read only." +-#: booleans.py:145 ++#: booleans.py:157 + msgid "Allow rsync to export any files/directories read only." msgstr "" - #: booleans.py:157 --msgid "Allow sanlock to read/write fuse files" +-#: booleans.py:146 +-msgid "Allow rsync servers to share cifs files systems" +-msgstr "" +- +-#: booleans.py:147 +-msgid "Allow rsync servers to share nfs files systems" ++#: booleans.py:158 +msgid "Allow rsync server to manage all files/directories on the system." msgstr "" - #: booleans.py:158 --msgid "Allow sanlock to manage nfs files" -+msgid "Allow samba to create new home directories (e.g. via PAM)" +-#: booleans.py:148 ++#: booleans.py:159 + msgid "Allow samba to create new home directories (e.g. via PAM)" msgstr "" - #: booleans.py:159 --msgid "Allow sanlock to manage cifs files" -+msgid "" -+"Allow samba to act as the domain controller, add users, groups and change " -+"passwords." +-#: booleans.py:149 ++#: booleans.py:160 + msgid "" + "Allow samba to act as the domain controller, add users, groups and change " + "passwords." msgstr "" - #: booleans.py:160 --msgid "Allow sasl to read shadow" -+msgid "Allow samba to share users home directories." +-#: booleans.py:150 ++#: booleans.py:161 + msgid "Allow samba to share users home directories." msgstr "" - #: booleans.py:161 --msgid "Allow secadm to exec content" -+msgid "Allow samba to share any file/directory read only." +-#: booleans.py:151 ++#: booleans.py:162 + msgid "Allow samba to share any file/directory read only." msgstr "" - #: booleans.py:162 -+msgid "Allow samba to share any file/directory read/write." -+msgstr "" -+ +-#: booleans.py:152 +#: booleans.py:163 -+msgid "Allow samba to act as a portmapper" -+msgstr "" -+ + msgid "Allow samba to share any file/directory read/write." + msgstr "" + +-#: booleans.py:153 +#: booleans.py:164 -+msgid "Allow samba to run unconfined scripts" -+msgstr "" -+ -+#: booleans.py:166 -+msgid "Allow samba to export NFS volumes." -+msgstr "" -+ + msgid "Allow samba to act as a portmapper" + msgstr "" + +-#: booleans.py:154 ++#: booleans.py:165 + msgid "Allow samba to run unconfined scripts" + msgstr "" + +-#: booleans.py:155 +-msgid "Allow samba to export ntfs/fusefs volumes." +-msgstr "" +- +-#: booleans.py:156 +#: booleans.py:167 -+msgid "Allow sanlock to read/write fuse files" -+msgstr "" -+ + msgid "Allow samba to export NFS volumes." + msgstr "" + +-#: booleans.py:157 +#: booleans.py:168 -+msgid "Allow sanlock to manage nfs files" -+msgstr "" -+ + msgid "Allow sanlock to read/write fuse files" + msgstr "" + +-#: booleans.py:158 +#: booleans.py:169 -+msgid "Allow sanlock to manage cifs files" -+msgstr "" -+ + msgid "Allow sanlock to manage nfs files" + msgstr "" + +-#: booleans.py:159 +#: booleans.py:170 -+msgid "Allow sasl to read shadow" -+msgstr "" -+ + msgid "Allow sanlock to manage cifs files" + msgstr "" + +-#: booleans.py:160 +#: booleans.py:171 -+msgid "Allow secadm to exec content" -+msgstr "" -+ + msgid "Allow sasl to read shadow" + msgstr "" + +-#: booleans.py:161 +#: booleans.py:172 + msgid "Allow secadm to exec content" + msgstr "" + +-#: booleans.py:162 ++#: booleans.py:173 msgid "" "disallow programs, such as newrole, from transitioning to administrative " "user domains." msgstr "" -#: booleans.py:163 -+#: booleans.py:173 ++#: booleans.py:174 msgid "Disable kernel module loading." msgstr "" -#: booleans.py:164 -+#: booleans.py:174 ++#: booleans.py:175 msgid "" "Boolean to determine whether the system permits loading policy, setting " "enforcing mode, and changing boolean values. Set this to true and you have " @@ -3333,12 +3365,12 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:165 -+#: booleans.py:175 ++#: booleans.py:176 msgid "Allow regular users direct dri device access" msgstr "" -#: booleans.py:166 -+#: booleans.py:176 ++#: booleans.py:177 msgid "" "Allow unconfined executables to make their heap memory executable. Doing " "this is a really bad idea. Probably indicates a badly coded executable, but " @@ -3346,14 +3378,14 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:167 -+#: booleans.py:177 ++#: booleans.py:178 msgid "" "Allow all unconfined executables to use libraries requiring text relocation " "that are not labeled textrel_shlib_t" msgstr "" -#: booleans.py:168 -+#: booleans.py:178 ++#: booleans.py:179 msgid "" "Allow unconfined executables to make their stack executable. This should " "never, ever be necessary. Probably indicates a badly coded executable, but " @@ -3361,30 +3393,34 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:169 -+#: booleans.py:179 ++#: booleans.py:180 msgid "Allow users to connect to the local mysql server" msgstr "" -#: booleans.py:170 -+#: booleans.py:180 ++#: booleans.py:181 msgid "" "Allow confined users the ability to execute the ping and traceroute commands." msgstr "" -#: booleans.py:171 -+#: booleans.py:181 ++#: booleans.py:182 msgid "Allow users to connect to PostgreSQL" msgstr "" -#: booleans.py:172 -+#: booleans.py:182 ++#: booleans.py:183 msgid "" "Allow user to r/w files on filesystems that do not have extended attributes " "(FAT, CDROM, FLOPPY)" msgstr "" -#: booleans.py:173 -+#: booleans.py:183 ++#: booleans.py:184 ++msgid "Allow user music sharing" ++msgstr "" ++ ++#: booleans.py:185 msgid "" "Allow users to run TCP servers (bind to ports and accept connection from the " "same domain and outside users) disabling this forces FTP passive mode and " @@ -3392,17 +3428,16 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:174 -+#: booleans.py:184 ++#: booleans.py:186 msgid "Allow user to use ssh chroot environment." msgstr "" -#: booleans.py:175 -+#: booleans.py:185 - msgid "Allow user music sharing" - msgstr "" - +-msgid "Allow user music sharing" +-msgstr "" +- -#: booleans.py:176 -+#: booleans.py:186 ++#: booleans.py:187 msgid "" -"Allow anon internal-sftp to upload files, used for public file transfer " -"services. Directories must be labeled public_content_rw_t." @@ -3411,14 +3446,14 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:177 -+#: booleans.py:187 ++#: booleans.py:188 msgid "" -"Allow sftp-internal to read and write files in the user home directories" +"Determine whether sftpd-can read and write files in user home directories." msgstr "" -#: booleans.py:178 -+#: booleans.py:188 ++#: booleans.py:189 msgid "" -"Allow sftp-internal to login to local users and read/write all files on the " -"system, governed by DAC." @@ -3427,7 +3462,7 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:179 -+#: booleans.py:189 ++#: booleans.py:190 msgid "" -"Allow internal-sftp to read and write files in the user ssh home directories." +"Determine whether sftpd can read and write files in user ssh home " @@ -3435,225 +3470,225 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:180 -+#: booleans.py:190 ++#: booleans.py:191 msgid "Allow sge to connect to the network using any TCP port" msgstr "" -#: booleans.py:181 -+#: booleans.py:191 ++#: booleans.py:192 msgid "Allow sge to access nfs file systems." msgstr "" -#: booleans.py:182 -msgid "" -"Enable additional permissions needed to support devices on 3ware controllers." -+#: booleans.py:192 ++#: booleans.py:193 +msgid "Determine whether smartmon can support devices on 3ware controllers." msgstr "" -#: booleans.py:183 -+#: booleans.py:193 ++#: booleans.py:194 msgid "" "Allow samba to modify public files used for public file transfer services. " "Files/Directories must be labeled public_content_rw_t." msgstr "" -#: booleans.py:184 -+#: booleans.py:194 ++#: booleans.py:195 msgid "Allow user spamassassin clients to use the network." msgstr "" -#: booleans.py:185 -+#: booleans.py:195 ++#: booleans.py:196 msgid "Allow spamd to read/write user home directories." msgstr "" -#: booleans.py:186 -msgid "" -"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:196 ++#: booleans.py:197 +msgid "Determine whether squid can connect to all TCP ports." msgstr "" -#: booleans.py:187 -msgid "Allow squid to run as a transparent proxy (TPROXY)" -+#: booleans.py:197 ++#: booleans.py:198 +msgid "Determine whether squid can run as a transparent proxy." msgstr "" -#: booleans.py:188 -+#: booleans.py:198 ++#: booleans.py:199 msgid "" "Allow ssh with chroot env to read and write files in the user home " "directories" msgstr "" -#: booleans.py:189 -+#: booleans.py:199 ++#: booleans.py:200 msgid "allow host key based authentication" msgstr "" -#: booleans.py:190 -+#: booleans.py:200 ++#: booleans.py:201 msgid "Allow ssh logins as sysadm_r:sysadm_t" msgstr "" -#: booleans.py:191 -+#: booleans.py:201 ++#: booleans.py:202 msgid "Allow staff to exec content" msgstr "" -#: booleans.py:192 -+#: booleans.py:202 ++#: booleans.py:203 msgid "allow staff user to create and transition to svirt domains." msgstr "" -#: booleans.py:193 -+#: booleans.py:203 ++#: booleans.py:204 msgid "Allow sysadm to exec content" msgstr "" -#: booleans.py:194 -+#: booleans.py:204 ++#: booleans.py:205 msgid "Allow the Telepathy connection managers to connect to any network port." msgstr "" -#: booleans.py:195 -+#: booleans.py:205 ++#: booleans.py:206 msgid "" "Allow the Telepathy connection managers to connect to any generic TCP port." msgstr "" -#: booleans.py:196 -+#: booleans.py:206 ++#: booleans.py:207 msgid "" "Allow tftp to modify public files used for public file transfer services." msgstr "" -#: booleans.py:197 -+#: booleans.py:207 ++#: booleans.py:208 msgid "Allow tftp to read and write files in the user home directories" msgstr "" -#: booleans.py:198 -msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." -+#: booleans.py:208 ++#: booleans.py:209 +msgid "Determine whether tor can bind tcp sockets to all unreserved ports." msgstr "" -#: booleans.py:199 -+#: booleans.py:209 ++#: booleans.py:210 msgid "Allow tor to act as a relay" msgstr "" -#: booleans.py:200 -+#: booleans.py:210 ++#: booleans.py:211 msgid "" "allow unconfined users to transition to the chrome sandbox domains when " "running chrome-sandbox" msgstr "" -#: booleans.py:201 -+#: booleans.py:211 ++#: booleans.py:212 msgid "Allow a user to login as an unconfined domain" msgstr "" -#: booleans.py:202 -+#: booleans.py:212 ++#: booleans.py:213 msgid "" "Allow unconfined users to transition to the Mozilla plugin domain when " "running xulrunner plugin-container." msgstr "" -#: booleans.py:203 -+#: booleans.py:213 ++#: booleans.py:214 msgid "Allow video playing tools to run unconfined" msgstr "" -#: booleans.py:204 -+#: booleans.py:214 ++#: booleans.py:215 msgid "Allow unprivledged user to create and transition to svirt domains." msgstr "" -#: booleans.py:205 -+#: booleans.py:215 ++#: booleans.py:216 msgid "Support ecryptfs home directories" msgstr "" -#: booleans.py:206 -+#: booleans.py:216 ++#: booleans.py:217 msgid "Support fusefs home directories" msgstr "" -#: booleans.py:207 -msgid "Use lpd server instead of cups" -+#: booleans.py:217 ++#: booleans.py:218 +msgid "Determine whether to support lpd server." msgstr "" -#: booleans.py:208 -+#: booleans.py:218 ++#: booleans.py:219 msgid "Support NFS home directories" msgstr "" -#: booleans.py:209 -+#: booleans.py:219 ++#: booleans.py:220 msgid "Support SAMBA home directories" msgstr "" -#: booleans.py:210 -+#: booleans.py:220 ++#: booleans.py:221 msgid "Allow user to exec content" msgstr "" -#: booleans.py:211 -msgid "Allow varnishd to connect to all ports, not just HTTP." -+#: booleans.py:221 ++#: booleans.py:222 +msgid "Determine whether varnishd can use the full TCP network." msgstr "" -#: booleans.py:212 -msgid "Ignore vbetool mmap_zero errors." -+#: booleans.py:222 ++#: booleans.py:223 +msgid "" +"Determine whether attempts by vbetool to mmap low regions should be silently " +"blocked." msgstr "" -#: booleans.py:213 -+#: booleans.py:223 ++#: booleans.py:224 msgid "" "Allow confined virtual guests to use serial/parallel communication ports" msgstr "" -#: booleans.py:214 -+#: booleans.py:224 ++#: booleans.py:225 msgid "" "Allow confined virtual guests to use executable memory and executable stack" msgstr "" -#: booleans.py:215 -+#: booleans.py:225 ++#: booleans.py:226 msgid "Allow confined virtual guests to read fuse files" msgstr "" -#: booleans.py:216 -+#: booleans.py:226 ++#: booleans.py:227 msgid "Allow confined virtual guests to manage nfs files" msgstr "" -#: booleans.py:217 -+#: booleans.py:227 ++#: booleans.py:228 msgid "Allow confined virtual guests to interact with rawip sockets" msgstr "" -#: booleans.py:218 -+#: booleans.py:228 ++#: booleans.py:229 msgid "Allow confined virtual guests to manage cifs files" msgstr "" -#: booleans.py:219 -+#: booleans.py:229 ++#: booleans.py:230 msgid "Allow confined virtual guests to interact with the sanlock" msgstr "" @@ -3662,117 +3697,117 @@ index 961d921..16bdf77 100644 -msgstr "" - -#: booleans.py:221 -+#: booleans.py:230 ++#: booleans.py:231 msgid "Allow confined virtual guests to use usb devices" msgstr "" -#: booleans.py:222 -+#: booleans.py:231 ++#: booleans.py:232 msgid "Allow confined virtual guests to interact with the xserver" msgstr "" -#: booleans.py:223 -msgid "Allow webadm to manage files in users home directories" -+#: booleans.py:232 ++#: booleans.py:233 +msgid "Determine whether webadm can manage generic user files." msgstr "" -#: booleans.py:224 -msgid "Allow webadm to read files in users home directories" -+#: booleans.py:233 ++#: booleans.py:234 +msgid "Determine whether webadm can read generic user files." msgstr "" -#: booleans.py:225 -msgid "Ignore wine mmap_zero errors." -+#: booleans.py:234 ++#: booleans.py:235 +msgid "" +"Determine whether attempts by wine to mmap low regions should be silently " +"blocked." msgstr "" -#: booleans.py:226 -+#: booleans.py:235 ++#: booleans.py:236 msgid "Allow the graphical login program to execute bootloader" msgstr "" -#: booleans.py:227 -+#: booleans.py:236 ++#: booleans.py:237 msgid "" "Allow the graphical login program to login directly as sysadm_r:sysadm_t" msgstr "" -#: booleans.py:228 -+#: booleans.py:237 ++#: booleans.py:238 msgid "Allow xen to manage nfs files" msgstr "" -#: booleans.py:229 -+#: booleans.py:238 ++#: booleans.py:239 msgid "" "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " "logical volumes for disk images." msgstr "" -#: booleans.py:230 -+#: booleans.py:239 ++#: booleans.py:240 msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." msgstr "" -#: booleans.py:231 -+#: booleans.py:240 ++#: booleans.py:241 msgid "" "Allow xguest users to configure Network Manager and connect to apache ports" msgstr "" -#: booleans.py:232 -+#: booleans.py:241 ++#: booleans.py:242 msgid "Allow xguest to exec content" msgstr "" -#: booleans.py:233 -+#: booleans.py:242 ++#: booleans.py:243 msgid "Allow xguest users to mount removable media" msgstr "" -#: booleans.py:234 -+#: booleans.py:243 ++#: booleans.py:244 msgid "Allow xguest to use blue tooth devices" msgstr "" -#: booleans.py:235 -+#: booleans.py:244 ++#: booleans.py:245 msgid "Allows clients to write to the X server shared memory segments." msgstr "" -#: booleans.py:236 -+#: booleans.py:245 ++#: booleans.py:246 msgid "Allows XServer to execute writable memory" msgstr "" -#: booleans.py:237 -+#: booleans.py:246 ++#: booleans.py:247 msgid "Support X userspace object manager" msgstr "" -#: booleans.py:238 -msgid "Allow zabbix to connect to unreserved ports" -+#: booleans.py:247 ++#: booleans.py:248 +msgid "Determine whether zabbix can connect to all TCP ports" msgstr "" -#: booleans.py:239 -+#: booleans.py:248 ++#: booleans.py:249 msgid "Allow zebra daemon to write it configuration files" msgstr "" -#: booleans.py:240 -+#: booleans.py:249 ++#: booleans.py:250 msgid "" "Allow ZoneMinder to modify public files used for public file transfer " "services." diff --git a/policycoreutils/po/am.po b/policycoreutils/po/am.po -index 961d921..16bdf77 100644 +index 961d921..5ee0bdc 100644 --- a/policycoreutils/po/am.po +++ b/policycoreutils/po/am.po @@ -8,7 +8,7 @@ msgid "" @@ -3780,7 +3815,7 @@ index 961d921..16bdf77 100644 "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2013-01-04 12:01-0500\n" -+"POT-Creation-Date: 2013-04-08 15:08-0400\n" ++"POT-Creation-Date: 2013-05-07 11:12-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -3821,7 +3856,7 @@ index 961d921..16bdf77 100644 +#: ../semanage/seobject.py:379 +msgid "" +"The sepolgen python module is required to setup permissive domains.\n" -+"In some distributions it is included in the policycoreutils-devel patckage.\n" ++"In some distributions it is included in the policycoreutils-devel package.\n" +"# yum install policycoreutils-devel\n" +"Or similar for your distro." +msgstr "" @@ -5111,194 +5146,193 @@ index 961d921..16bdf77 100644 msgid "Sandbox" msgstr "" -@@ -2159,261 +2192,313 @@ msgstr "" +@@ -2159,261 +2192,322 @@ msgstr "" msgid "SELinux user '%s' is required" msgstr "" -#: ../sepolicy/sepolicy.py:202 -+#: ../sepolicy/sepolicy.py:257 ++#: ../sepolicy/sepolicy.py:183 ++#, python-format ++msgid "Interface %s does not exist." ++msgstr "" ++ ++#: ../sepolicy/sepolicy.py:267 msgid "Generate SELinux man pages" msgstr "" -#: ../sepolicy/sepolicy.py:205 -+#: ../sepolicy/sepolicy.py:260 ++#: ../sepolicy/sepolicy.py:270 msgid "path in which the generated SELinux man pages will be stored" msgstr "" -#: ../sepolicy/sepolicy.py:207 -+#: ../sepolicy/sepolicy.py:262 ++#: ../sepolicy/sepolicy.py:272 msgid "name of the OS for man pages" msgstr "" -#: ../sepolicy/sepolicy.py:209 -+#: ../sepolicy/sepolicy.py:264 ++#: ../sepolicy/sepolicy.py:274 msgid "Generate HTML man pages structure for selected SELinux man page" msgstr "" -#: ../sepolicy/sepolicy.py:213 -+#: ../sepolicy/sepolicy.py:266 ++#: ../sepolicy/sepolicy.py:276 +msgid "Alternate root directory, defaults to /" +msgstr "" + -+#: ../sepolicy/sepolicy.py:270 ++#: ../sepolicy/sepolicy.py:280 msgid "All domains" msgstr "" -#: ../sepolicy/sepolicy.py:216 -+#: ../sepolicy/sepolicy.py:273 ++#: ../sepolicy/sepolicy.py:283 msgid "Domain name(s) of man pages to be created" msgstr "" -#: ../sepolicy/sepolicy.py:221 -+#: ../sepolicy/sepolicy.py:278 ++#: ../sepolicy/sepolicy.py:288 msgid "Query SELinux policy network information" msgstr "" -#: ../sepolicy/sepolicy.py:226 -+#: ../sepolicy/sepolicy.py:283 ++#: ../sepolicy/sepolicy.py:293 msgid "list all SELinux port types" msgstr "" -#: ../sepolicy/sepolicy.py:229 -+#: ../sepolicy/sepolicy.py:286 ++#: ../sepolicy/sepolicy.py:296 msgid "show SELinux type related to the port" msgstr "" -#: ../sepolicy/sepolicy.py:232 -+#: ../sepolicy/sepolicy.py:289 ++#: ../sepolicy/sepolicy.py:299 msgid "Show ports defined for this SELinux type" msgstr "" -#: ../sepolicy/sepolicy.py:235 -+#: ../sepolicy/sepolicy.py:292 ++#: ../sepolicy/sepolicy.py:302 msgid "show ports to which this domain can bind and/or connect" msgstr "" -#: ../sepolicy/sepolicy.py:250 -+#: ../sepolicy/sepolicy.py:307 ++#: ../sepolicy/sepolicy.py:317 msgid "query SELinux policy to see if domains can communicate with each other" msgstr "" -#: ../sepolicy/sepolicy.py:253 -+#: ../sepolicy/sepolicy.py:310 ++#: ../sepolicy/sepolicy.py:320 msgid "Source Domain" msgstr "" -#: ../sepolicy/sepolicy.py:256 -+#: ../sepolicy/sepolicy.py:313 ++#: ../sepolicy/sepolicy.py:323 msgid "Target Domain" msgstr "" -#: ../sepolicy/sepolicy.py:276 -+#: ../sepolicy/sepolicy.py:332 ++#: ../sepolicy/sepolicy.py:342 msgid "query SELinux Policy to see description of booleans" msgstr "" -#: ../sepolicy/sepolicy.py:280 -+#: ../sepolicy/sepolicy.py:336 ++#: ../sepolicy/sepolicy.py:346 msgid "get all booleans descriptions" msgstr "" -#: ../sepolicy/sepolicy.py:282 -+#: ../sepolicy/sepolicy.py:339 ++#: ../sepolicy/sepolicy.py:349 msgid "boolean to get description" msgstr "" -#: ../sepolicy/sepolicy.py:301 -+#: ../sepolicy/sepolicy.py:349 ++#: ../sepolicy/sepolicy.py:359 msgid "" "query SELinux Policy to see how a source process domain can transition to " "the target process domain" msgstr "" -#: ../sepolicy/sepolicy.py:304 -+#: ../sepolicy/sepolicy.py:352 ++#: ../sepolicy/sepolicy.py:362 msgid "source process domain" msgstr "" -#: ../sepolicy/sepolicy.py:307 -+#: ../sepolicy/sepolicy.py:355 ++#: ../sepolicy/sepolicy.py:365 msgid "target process domain" msgstr "" -#: ../sepolicy/sepolicy.py:327 -+#: ../sepolicy/sepolicy.py:382 ++#: ../sepolicy/sepolicy.py:408 +#, python-format +msgid "sepolicy generate: error: one of the arguments %s is required" +msgstr "" + -+#: ../sepolicy/sepolicy.py:387 ++#: ../sepolicy/sepolicy.py:413 msgid "Command required for this type of policy" msgstr "" -#: ../sepolicy/sepolicy.py:347 -+#: ../sepolicy/sepolicy.py:398 ++#: ../sepolicy/sepolicy.py:424 +msgid "" +"-t option can not be used with this option. Read usage for more details." +msgstr "" + -+#: ../sepolicy/sepolicy.py:403 ++#: ../sepolicy/sepolicy.py:429 +msgid "" +"-d option can not be used with this option. Read usage for more details." +msgstr "" + -+#: ../sepolicy/sepolicy.py:407 ++#: ../sepolicy/sepolicy.py:433 +msgid "" +"-a option can not be used with this option. Read usage for more details." +msgstr "" + -+#: ../sepolicy/sepolicy.py:426 ++#: ../sepolicy/sepolicy.py:452 msgid "List SELinux Policy interfaces" msgstr "" -#: ../sepolicy/sepolicy.py:362 -+#: ../sepolicy/sepolicy.py:444 ++#: ../sepolicy/sepolicy.py:470 ++msgid "Enter interface names, you wish to query" ++msgstr "" ++ ++#: ../sepolicy/sepolicy.py:479 msgid "Generate SELinux Policy module template" msgstr "" -#: ../sepolicy/sepolicy.py:365 -+#: ../sepolicy/sepolicy.py:447 ++#: ../sepolicy/sepolicy.py:482 msgid "Enter domain type which you will be extending" msgstr "" -#: ../sepolicy/sepolicy.py:368 -+#: ../sepolicy/sepolicy.py:450 ++#: ../sepolicy/sepolicy.py:485 msgid "Enter SELinux user(s) which will transition to this domain" msgstr "" -#: ../sepolicy/sepolicy.py:371 -+#: ../sepolicy/sepolicy.py:453 ++#: ../sepolicy/sepolicy.py:488 msgid "Enter domain(s) that this confined admin will administrate" msgstr "" -#: ../sepolicy/sepolicy.py:374 -+#: ../sepolicy/sepolicy.py:456 ++#: ../sepolicy/sepolicy.py:491 msgid "name of policy to generate" msgstr "" -#: ../sepolicy/sepolicy.py:378 -+#: ../sepolicy/sepolicy.py:463 ++#: ../sepolicy/sepolicy.py:498 msgid "path in which the generated policy files will be stored" msgstr "" -#: ../sepolicy/sepolicy.py:380 -msgid "executable to confine" -+#: ../sepolicy/sepolicy.py:465 ++#: ../sepolicy/sepolicy.py:500 +msgid "path to which the confined processes will need to write" +msgstr "" + -+#: ../sepolicy/sepolicy.py:466 ++#: ../sepolicy/sepolicy.py:501 +msgid "Policy types which require a command" -+msgstr "" -+ -+#: ../sepolicy/sepolicy.py:470 ../sepolicy/sepolicy.py:473 -+#: ../sepolicy/sepolicy.py:476 ../sepolicy/sepolicy.py:479 -+#: ../sepolicy/sepolicy.py:482 ../sepolicy/sepolicy.py:488 -+#: ../sepolicy/sepolicy.py:491 ../sepolicy/sepolicy.py:494 -+#: ../sepolicy/sepolicy.py:500 ../sepolicy/sepolicy.py:503 -+#: ../sepolicy/sepolicy.py:506 ../sepolicy/sepolicy.py:509 -+#, python-format -+msgid "Generate '%s' policy" msgstr "" -#: ../sepolicy/sepolicy.py:384 ../sepolicy/sepolicy.py:387 @@ -5307,23 +5341,33 @@ index 961d921..16bdf77 100644 -#: ../sepolicy/sepolicy.py:402 ../sepolicy/sepolicy.py:405 -#: ../sepolicy/sepolicy.py:408 ../sepolicy/sepolicy.py:411 -#: ../sepolicy/sepolicy.py:414 ../sepolicy/sepolicy.py:417 -+#: ../sepolicy/sepolicy.py:497 ++#: ../sepolicy/sepolicy.py:505 ../sepolicy/sepolicy.py:508 ++#: ../sepolicy/sepolicy.py:511 ../sepolicy/sepolicy.py:514 ++#: ../sepolicy/sepolicy.py:517 ../sepolicy/sepolicy.py:523 ++#: ../sepolicy/sepolicy.py:526 ../sepolicy/sepolicy.py:529 ++#: ../sepolicy/sepolicy.py:535 ../sepolicy/sepolicy.py:538 ++#: ../sepolicy/sepolicy.py:541 ../sepolicy/sepolicy.py:544 #, python-format -msgid "Generate Policy for %s" -+msgid "Generate '%s' policy " ++msgid "Generate '%s' policy" msgstr "" -#: ../sepolicy/sepolicy.py:422 -+#: ../sepolicy/sepolicy.py:511 ++#: ../sepolicy/sepolicy.py:532 ++#, python-format ++msgid "Generate '%s' policy " ++msgstr "" ++ ++#: ../sepolicy/sepolicy.py:546 +msgid "executable to confine" +msgstr "" + -+#: ../sepolicy/sepolicy.py:516 ++#: ../sepolicy/sepolicy.py:551 msgid "commands" msgstr "" -#: ../sepolicy/sepolicy.py:425 -+#: ../sepolicy/sepolicy.py:519 ++#: ../sepolicy/sepolicy.py:554 msgid "Alternate SELinux policy, defaults to /sys/fs/selinux/policy" msgstr "" @@ -5333,13 +5377,13 @@ index 961d921..16bdf77 100644 msgstr "" -#: ../sepolicy/sepolicy/__init__.py:54 -+#: ../sepolicy/sepolicy/__init__.py:239 ++#: ../sepolicy/sepolicy/__init__.py:243 #, python-format msgid "Failed to read %s policy file" msgstr "" -#: ../sepolicy/sepolicy/__init__.py:127 -+#: ../sepolicy/sepolicy/__init__.py:298 ++#: ../sepolicy/sepolicy/__init__.py:302 msgid "unknown" msgstr "" @@ -5493,7 +5537,7 @@ index 961d921..16bdf77 100644 msgid "Setup Script" msgstr "" -@@ -2428,11 +2513,11 @@ msgid "" +@@ -2428,11 +2522,11 @@ msgid "" msgstr "" #: booleans.py:3 @@ -5507,7 +5551,7 @@ index 961d921..16bdf77 100644 msgstr "" #: booleans.py:5 -@@ -2454,50 +2539,54 @@ msgid "Allow users to login using a yubikey server" +@@ -2454,50 +2548,54 @@ msgid "Allow users to login using a yubikey server" msgstr "" #: booleans.py:9 @@ -5574,7 +5618,7 @@ index 961d921..16bdf77 100644 msgstr "" #: booleans.py:20 -@@ -2506,7 +2595,7 @@ msgid "" +@@ -2506,7 +2604,7 @@ msgid "" msgstr "" #: booleans.py:21 @@ -5583,7 +5627,7 @@ index 961d921..16bdf77 100644 msgstr "" #: booleans.py:22 -@@ -2522,951 +2611,996 @@ msgid "Allow all daemons the ability to read/write terminals" +@@ -2522,951 +2620,1000 @@ msgid "Allow all daemons the ability to read/write terminals" msgstr "" #: booleans.py:25 @@ -5605,7 +5649,7 @@ index 961d921..16bdf77 100644 #: booleans.py:28 -msgid "Allow dbadm to read files in users home directories" -+msgid "Allow sysadm to debug or ptrace all processes." ++msgid "Deny any process from ptracing or debugging any other processes." msgstr "" #: booleans.py:29 @@ -5716,7 +5760,7 @@ index 961d921..16bdf77 100644 -msgid "" -"Allow ftp servers to login to local users and read/write all files on the " -"system, governed by DAC." -+#: booleans.py:47 booleans.py:165 ++#: booleans.py:47 booleans.py:166 +msgid "Allow samba to export ntfs/fusefs volumes." msgstr "" @@ -5948,461 +5992,466 @@ index 961d921..16bdf77 100644 -#: booleans.py:88 +#: booleans.py:90 ++msgid "Allow HTTPD scripts and modules to server cobbler files." ++msgstr "" ++ ++#: booleans.py:91 msgid "Allow httpd daemon to change its resource limits" msgstr "" -#: booleans.py:89 -+#: booleans.py:91 ++#: booleans.py:92 msgid "" "Allow HTTPD to run SSI executables in the same domain as system CGI scripts." msgstr "" -#: booleans.py:90 -+#: booleans.py:92 ++#: booleans.py:93 msgid "" "Allow apache scripts to write to public content, directories/files must be " "labeled public_rw_content_t." msgstr "" -#: booleans.py:91 -+#: booleans.py:93 ++#: booleans.py:94 msgid "Allow Apache to execute tmp content." msgstr "" -#: booleans.py:92 -+#: booleans.py:94 ++#: booleans.py:95 msgid "" "Unify HTTPD to communicate with the terminal. Needed for entering the " "passphrase for certificates at the terminal." msgstr "" -#: booleans.py:93 --msgid "Unify HTTPD handling of all content files." --msgstr "" -- ++#: booleans.py:96 + msgid "Unify HTTPD handling of all content files." + msgstr "" + -#: booleans.py:94 --msgid "Allow httpd to access cifs file systems" --msgstr "" -- - #: booleans.py:95 --msgid "Allow httpd to access FUSE file systems" -+msgid "Unify HTTPD handling of all content files." ++#: booleans.py:97 + msgid "Allow httpd to access cifs file systems" msgstr "" - #: booleans.py:96 --msgid "Allow httpd to run gpg" -+msgid "Allow httpd to access cifs file systems" +-#: booleans.py:95 ++#: booleans.py:98 + msgid "Allow httpd to access FUSE file systems" msgstr "" - #: booleans.py:97 --msgid "Allow httpd to access nfs file systems" -+msgid "Allow httpd to access FUSE file systems" +-#: booleans.py:96 ++#: booleans.py:99 + msgid "Allow httpd to run gpg" msgstr "" - #: booleans.py:98 --msgid "Allow httpd to communicate with oddjob to start up a service" -+msgid "Allow httpd to run gpg" +-#: booleans.py:97 ++#: booleans.py:100 + msgid "Allow httpd to access nfs file systems" msgstr "" - #: booleans.py:99 --msgid "Allow httpd to access openstack ports" -+msgid "Allow httpd to access nfs file systems" +-#: booleans.py:98 ++#: booleans.py:101 + msgid "Allow httpd to communicate with oddjob to start up a service" msgstr "" - #: booleans.py:100 --msgid "Allow Apache to query NS records" -+msgid "Allow httpd to communicate with oddjob to start up a service" +-#: booleans.py:99 ++#: booleans.py:102 + msgid "Allow httpd to access openstack ports" msgstr "" - #: booleans.py:101 +-#: booleans.py:100 ++#: booleans.py:103 + msgid "Allow Apache to query NS records" + msgstr "" + +-#: booleans.py:101 -msgid "Allow icecast to connect to all ports, not just sound ports." -+msgid "Allow httpd to access openstack ports" - msgstr "" - - #: booleans.py:102 --msgid "" --"Allow the Irssi IRC Client to connect to any port, and to bind to any " --"unreserved port." -+msgid "Allow Apache to query NS records" - msgstr "" - - #: booleans.py:103 --msgid "Allow confined applications to run with kerberos." ++#: booleans.py:104 +msgid "Determine whether icecast can listen on and connect to any TCP port." msgstr "" - #: booleans.py:104 --msgid "Allow syslogd daemon to send mail" +-#: booleans.py:102 ++#: booleans.py:105 +msgid "" +"Determine whether irc clients can listen on and connect to any unreserved " +"TCP ports." ++msgstr "" ++ ++#: booleans.py:106 + msgid "" + "Allow the Irssi IRC Client to connect to any port, and to bind to any " + "unreserved port." msgstr "" - #: booleans.py:105 --msgid "Allow syslogd the ability to read/write terminals" -+msgid "" -+"Allow the Irssi IRC Client to connect to any port, and to bind to any " -+"unreserved port." +-#: booleans.py:103 ++#: booleans.py:107 + msgid "Allow confined applications to run with kerberos." msgstr "" - #: booleans.py:106 --msgid "Allow logging in and using the system from /dev/console." -+msgid "Allow confined applications to run with kerberos." - msgstr "" - - #: booleans.py:107 --msgid "" --"Control the ability to mmap a low area of the address space, as configured " --"by /proc/sys/kernel/mmap_min_addr." +-#: booleans.py:104 +-msgid "Allow syslogd daemon to send mail" ++#: booleans.py:108 +msgid "Allow ksmtuned to use cifs/Samba file systems" msgstr "" - #: booleans.py:108 --msgid "Allow mock to read files in home directories." +-#: booleans.py:105 +-msgid "Allow syslogd the ability to read/write terminals" ++#: booleans.py:109 +msgid "Allow ksmtuned to use nfs file systems" msgstr "" - #: booleans.py:109 --msgid "Allow the mount command to mount any directory or file." +-#: booleans.py:106 ++#: booleans.py:110 +msgid "Allow syslogd daemon to send mail" - msgstr "" - - #: booleans.py:110 --msgid "Allow mozilla plugin domain to connect to the network using TCP." ++msgstr "" ++ ++#: booleans.py:111 +msgid "Allow syslogd the ability to read/write terminals" ++msgstr "" ++ ++#: booleans.py:112 + msgid "Allow logging in and using the system from /dev/console." msgstr "" - #: booleans.py:111 +-#: booleans.py:107 ++#: booleans.py:113 ++msgid "Allow mailman to access FUSE file systems" ++msgstr "" ++ ++#: booleans.py:114 ++msgid "Determine whether mcelog supports client mode." ++msgstr "" ++ ++#: booleans.py:115 ++msgid "Determine whether mcelog can execute scripts." ++msgstr "" ++ ++#: booleans.py:116 ++msgid "Determine whether mcelog can use all the user ttys." ++msgstr "" ++ ++#: booleans.py:117 ++msgid "Determine whether mcelog supports server mode." ++msgstr "" ++ ++#: booleans.py:118 + msgid "" + "Control the ability to mmap a low area of the address space, as configured " + "by /proc/sys/kernel/mmap_min_addr." + msgstr "" + +-#: booleans.py:108 ++#: booleans.py:119 + msgid "Allow mock to read files in home directories." + msgstr "" + +-#: booleans.py:109 ++#: booleans.py:120 + msgid "Allow the mount command to mount any directory or file." + msgstr "" + +-#: booleans.py:110 ++#: booleans.py:121 + msgid "Allow mozilla plugin domain to connect to the network using TCP." + msgstr "" + +-#: booleans.py:111 -msgid "" -"Allow mozilla_plugins to create random content in the users home directory" -+msgid "Allow logging in and using the system from /dev/console." - msgstr "" - - #: booleans.py:112 --msgid "Allow confined web browsers to read home directory content" -+msgid "Allow mailman to access FUSE file systems" - msgstr "" - - #: booleans.py:113 --msgid "Allow mplayer executable stack" -+msgid "Determine whether mcelog supports client mode." - msgstr "" - - #: booleans.py:114 --msgid "Allow mysqld to connect to all ports" -+msgid "Determine whether mcelog can execute scripts." - msgstr "" - - #: booleans.py:115 --msgid "Allow BIND to bind apache port." -+msgid "Determine whether mcelog can use all the user ttys." - msgstr "" - - #: booleans.py:116 --msgid "" --"Allow BIND to write the master zone files. Generally this is used for " --"dynamic DNS or zone transfers." -+msgid "Determine whether mcelog supports server mode." - msgstr "" - - #: booleans.py:117 --msgid "Allow any files/directories to be exported read/only via NFS." -+msgid "" -+"Control the ability to mmap a low area of the address space, as configured " -+"by /proc/sys/kernel/mmap_min_addr." - msgstr "" - - #: booleans.py:118 --msgid "Allow any files/directories to be exported read/write via NFS." -+msgid "Allow mock to read files in home directories." - msgstr "" - - #: booleans.py:119 --msgid "" --"Allow nfs servers to modify public files used for public file transfer " --"services. Files/Directories must be labeled public_content_rw_t." -+msgid "Allow the mount command to mount any directory or file." - msgstr "" - - #: booleans.py:120 --msgid "Allow system to run with NIS" -+msgid "Allow mozilla plugin domain to connect to the network using TCP." - msgstr "" - - #: booleans.py:121 --msgid "Allow confined applications to use nscd shared memory." ++#: booleans.py:122 +msgid "Allow confined web browsers to read home directory content" msgstr "" - #: booleans.py:122 --msgid "Allow openshift to lockdown app" +-#: booleans.py:112 +-msgid "Allow confined web browsers to read home directory content" ++#: booleans.py:123 +msgid "Determine whether mpd can traverse user home directories." msgstr "" - #: booleans.py:123 --msgid "Allow openvpn to read home directories" +-#: booleans.py:113 +-msgid "Allow mplayer executable stack" ++#: booleans.py:124 +msgid "Determine whether mpd can use cifs file systems." msgstr "" - #: booleans.py:124 --msgid "Allow piranha-lvs domain to connect to the network using TCP." +-#: booleans.py:114 ++#: booleans.py:125 +msgid "Determine whether mpd can use nfs file systems." - msgstr "" - - #: booleans.py:125 --msgid "Allow polipo to connect to all ports > 1023" ++msgstr "" ++ ++#: booleans.py:126 +msgid "Determine whether mplayer can make its stack executable." ++msgstr "" ++ ++#: booleans.py:127 + msgid "Allow mysqld to connect to all ports" msgstr "" - #: booleans.py:126 --msgid "" --"Determine whether Polipo session daemon can bind tcp sockets to all " --"unreserved ports." -+msgid "Allow mysqld to connect to all ports" - msgstr "" - - #: booleans.py:127 --msgid "" --"Determine whether calling user domains can execute Polipo daemon in the " --"polipo_session_t domain." +-#: booleans.py:115 +-msgid "Allow BIND to bind apache port." ++#: booleans.py:128 +msgid "Determine whether Bind can bind tcp socket to http ports." msgstr "" - #: booleans.py:128 --msgid "Determine whether polipo can access cifs file systems." -+msgid "" +-#: booleans.py:116 ++#: booleans.py:129 + msgid "" +-"Allow BIND to write the master zone files. Generally this is used for " +-"dynamic DNS or zone transfers." +"Determine whether Bind can write to master zone files. Generally this is " +"used for dynamic DNS or zone transfers." msgstr "" - #: booleans.py:129 --msgid "Determine whether Polipo can access nfs file systems." -+msgid "Allow any files/directories to be exported read/only via NFS." +-#: booleans.py:117 ++#: booleans.py:130 + msgid "Allow any files/directories to be exported read/only via NFS." msgstr "" - #: booleans.py:130 --msgid "Enable polyinstantiated directory support." -+msgid "Allow any files/directories to be exported read/write via NFS." +-#: booleans.py:118 ++#: booleans.py:131 + msgid "Allow any files/directories to be exported read/write via NFS." msgstr "" - #: booleans.py:131 --msgid "Allow postfix_local domain full write access to mail_spool directories" -+msgid "" -+"Allow nfs servers to modify public files used for public file transfer " -+"services. Files/Directories must be labeled public_content_rw_t." +-#: booleans.py:119 ++#: booleans.py:132 + msgid "" + "Allow nfs servers to modify public files used for public file transfer " + "services. Files/Directories must be labeled public_content_rw_t." msgstr "" - #: booleans.py:132 --msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" -+msgid "Allow system to run with NIS" +-#: booleans.py:120 ++#: booleans.py:133 + msgid "Allow system to run with NIS" msgstr "" - #: booleans.py:133 --msgid "Allow transmit client label to foreign database" -+msgid "Allow confined applications to use nscd shared memory." +-#: booleans.py:121 ++#: booleans.py:134 + msgid "Allow confined applications to use nscd shared memory." msgstr "" - #: booleans.py:134 --msgid "Allow database admins to execute DML statement" -+msgid "Allow openshift to lockdown app" +-#: booleans.py:122 ++#: booleans.py:135 + msgid "Allow openshift to lockdown app" msgstr "" - #: booleans.py:135 --msgid "Allow unprivileged users to execute DDL statement" +-#: booleans.py:123 +-msgid "Allow openvpn to read home directories" ++#: booleans.py:136 +msgid "Determine whether openvpn can read generic user home content files." msgstr "" - #: booleans.py:136 --msgid "Allow pppd to load kernel modules for certain modems" -+msgid "Allow piranha-lvs domain to connect to the network using TCP." +-#: booleans.py:124 ++#: booleans.py:137 + msgid "Allow piranha-lvs domain to connect to the network using TCP." msgstr "" - #: booleans.py:137 --msgid "Allow pppd to be run for a regular user" -+msgid "Allow polipo to connect to all ports > 1023" +-#: booleans.py:125 ++#: booleans.py:138 + msgid "Allow polipo to connect to all ports > 1023" msgstr "" - #: booleans.py:138 +-#: booleans.py:126 ++#: booleans.py:139 msgid "" + "Determine whether Polipo session daemon can bind tcp sockets to all " + "unreserved ports." + msgstr "" + +-#: booleans.py:127 ++#: booleans.py:140 + msgid "" + "Determine whether calling user domains can execute Polipo daemon in the " + "polipo_session_t domain." + msgstr "" + +-#: booleans.py:128 ++#: booleans.py:141 + msgid "Determine whether polipo can access cifs file systems." + msgstr "" + +-#: booleans.py:129 ++#: booleans.py:142 + msgid "Determine whether Polipo can access nfs file systems." + msgstr "" + +-#: booleans.py:130 ++#: booleans.py:143 + msgid "Enable polyinstantiated directory support." + msgstr "" + +-#: booleans.py:131 ++#: booleans.py:144 + msgid "Allow postfix_local domain full write access to mail_spool directories" + msgstr "" + +-#: booleans.py:132 ++#: booleans.py:145 + msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" + msgstr "" + +-#: booleans.py:133 ++#: booleans.py:146 + msgid "Allow transmit client label to foreign database" + msgstr "" + +-#: booleans.py:134 ++#: booleans.py:147 + msgid "Allow database admins to execute DML statement" + msgstr "" + +-#: booleans.py:135 ++#: booleans.py:148 + msgid "Allow unprivileged users to execute DDL statement" + msgstr "" + +-#: booleans.py:136 ++#: booleans.py:149 + msgid "Allow pppd to load kernel modules for certain modems" + msgstr "" + +-#: booleans.py:137 ++#: booleans.py:150 + msgid "Allow pppd to be run for a regular user" + msgstr "" + +-#: booleans.py:138 +-msgid "" -"Allow privoxy to connect to all ports, not just HTTP, FTP, and Gopher ports." -+"Determine whether Polipo session daemon can bind tcp sockets to all " -+"unreserved ports." - msgstr "" - - #: booleans.py:139 --msgid "Allow Puppet client to manage all file types." -+msgid "" -+"Determine whether calling user domains can execute Polipo daemon in the " -+"polipo_session_t domain." - msgstr "" - - #: booleans.py:140 --msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" -+msgid "Determine whether polipo can access cifs file systems." - msgstr "" - - #: booleans.py:141 --msgid "Allow racoon to read shadow" -+msgid "Determine whether Polipo can access nfs file systems." - msgstr "" - - #: booleans.py:142 --msgid "Allow rgmanager domain to connect to the network using TCP." -+msgid "Enable polyinstantiated directory support." - msgstr "" - - #: booleans.py:143 --msgid "" --"Allow rsync to modify public files used for public file transfer services. " --"Files/Directories must be labeled public_content_rw_t." -+msgid "Allow postfix_local domain full write access to mail_spool directories" - msgstr "" - - #: booleans.py:144 --msgid "Allow rsync to run as a client" -+msgid "Allow postgresql to use ssh and rsync for point-in-time recovery" - msgstr "" - - #: booleans.py:145 --msgid "Allow rsync to export any files/directories read only." -+msgid "Allow transmit client label to foreign database" - msgstr "" - - #: booleans.py:146 --msgid "Allow rsync servers to share cifs files systems" -+msgid "Allow database admins to execute DML statement" - msgstr "" - - #: booleans.py:147 --msgid "Allow rsync servers to share nfs files systems" -+msgid "Allow unprivileged users to execute DDL statement" - msgstr "" - - #: booleans.py:148 --msgid "Allow samba to create new home directories (e.g. via PAM)" -+msgid "Allow pppd to load kernel modules for certain modems" - msgstr "" - - #: booleans.py:149 --msgid "" --"Allow samba to act as the domain controller, add users, groups and change " --"passwords." -+msgid "Allow pppd to be run for a regular user" - msgstr "" - - #: booleans.py:150 --msgid "Allow samba to share users home directories." ++#: booleans.py:151 +msgid "Determine whether privoxy can connect to all tcp ports." msgstr "" - #: booleans.py:151 --msgid "Allow samba to share any file/directory read only." -+msgid "Allow Puppet client to manage all file types." +-#: booleans.py:139 ++#: booleans.py:152 + msgid "Allow Puppet client to manage all file types." msgstr "" - #: booleans.py:152 --msgid "Allow samba to share any file/directory read/write." -+msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" +-#: booleans.py:140 ++#: booleans.py:153 + msgid "Allow Puppet master to use connect to MySQL and PostgreSQL database" msgstr "" - #: booleans.py:153 --msgid "Allow samba to act as a portmapper" -+msgid "Allow racoon to read shadow" +-#: booleans.py:141 ++#: booleans.py:154 + msgid "Allow racoon to read shadow" msgstr "" - #: booleans.py:154 --msgid "Allow samba to run unconfined scripts" -+msgid "" -+"Allow rsync to modify public files used for public file transfer services. " -+"Files/Directories must be labeled public_content_rw_t." +-#: booleans.py:142 +-msgid "Allow rgmanager domain to connect to the network using TCP." +-msgstr "" +- +-#: booleans.py:143 ++#: booleans.py:155 + msgid "" + "Allow rsync to modify public files used for public file transfer services. " + "Files/Directories must be labeled public_content_rw_t." msgstr "" - #: booleans.py:155 --msgid "Allow samba to export ntfs/fusefs volumes." -+msgid "Allow rsync to run as a client" +-#: booleans.py:144 ++#: booleans.py:156 + msgid "Allow rsync to run as a client" msgstr "" - #: booleans.py:156 --msgid "Allow samba to export NFS volumes." -+msgid "Allow rsync to export any files/directories read only." +-#: booleans.py:145 ++#: booleans.py:157 + msgid "Allow rsync to export any files/directories read only." msgstr "" - #: booleans.py:157 --msgid "Allow sanlock to read/write fuse files" +-#: booleans.py:146 +-msgid "Allow rsync servers to share cifs files systems" +-msgstr "" +- +-#: booleans.py:147 +-msgid "Allow rsync servers to share nfs files systems" ++#: booleans.py:158 +msgid "Allow rsync server to manage all files/directories on the system." msgstr "" - #: booleans.py:158 --msgid "Allow sanlock to manage nfs files" -+msgid "Allow samba to create new home directories (e.g. via PAM)" +-#: booleans.py:148 ++#: booleans.py:159 + msgid "Allow samba to create new home directories (e.g. via PAM)" msgstr "" - #: booleans.py:159 --msgid "Allow sanlock to manage cifs files" -+msgid "" -+"Allow samba to act as the domain controller, add users, groups and change " -+"passwords." +-#: booleans.py:149 ++#: booleans.py:160 + msgid "" + "Allow samba to act as the domain controller, add users, groups and change " + "passwords." msgstr "" - #: booleans.py:160 --msgid "Allow sasl to read shadow" -+msgid "Allow samba to share users home directories." +-#: booleans.py:150 ++#: booleans.py:161 + msgid "Allow samba to share users home directories." msgstr "" - #: booleans.py:161 --msgid "Allow secadm to exec content" -+msgid "Allow samba to share any file/directory read only." +-#: booleans.py:151 ++#: booleans.py:162 + msgid "Allow samba to share any file/directory read only." msgstr "" - #: booleans.py:162 -+msgid "Allow samba to share any file/directory read/write." -+msgstr "" -+ +-#: booleans.py:152 +#: booleans.py:163 -+msgid "Allow samba to act as a portmapper" -+msgstr "" -+ + msgid "Allow samba to share any file/directory read/write." + msgstr "" + +-#: booleans.py:153 +#: booleans.py:164 -+msgid "Allow samba to run unconfined scripts" -+msgstr "" -+ -+#: booleans.py:166 -+msgid "Allow samba to export NFS volumes." -+msgstr "" -+ + msgid "Allow samba to act as a portmapper" + msgstr "" + +-#: booleans.py:154 ++#: booleans.py:165 + msgid "Allow samba to run unconfined scripts" + msgstr "" + +-#: booleans.py:155 +-msgid "Allow samba to export ntfs/fusefs volumes." +-msgstr "" +- +-#: booleans.py:156 +#: booleans.py:167 -+msgid "Allow sanlock to read/write fuse files" -+msgstr "" -+ + msgid "Allow samba to export NFS volumes." + msgstr "" + +-#: booleans.py:157 +#: booleans.py:168 -+msgid "Allow sanlock to manage nfs files" -+msgstr "" -+ + msgid "Allow sanlock to read/write fuse files" + msgstr "" + +-#: booleans.py:158 +#: booleans.py:169 -+msgid "Allow sanlock to manage cifs files" -+msgstr "" -+ + msgid "Allow sanlock to manage nfs files" + msgstr "" + +-#: booleans.py:159 +#: booleans.py:170 -+msgid "Allow sasl to read shadow" -+msgstr "" -+ + msgid "Allow sanlock to manage cifs files" + msgstr "" + +-#: booleans.py:160 +#: booleans.py:171 -+msgid "Allow secadm to exec content" -+msgstr "" -+ + msgid "Allow sasl to read shadow" + msgstr "" + +-#: booleans.py:161 +#: booleans.py:172 + msgid "Allow secadm to exec content" + msgstr "" + +-#: booleans.py:162 ++#: booleans.py:173 msgid "" "disallow programs, such as newrole, from transitioning to administrative " "user domains." msgstr "" -#: booleans.py:163 -+#: booleans.py:173 ++#: booleans.py:174 msgid "Disable kernel module loading." msgstr "" -#: booleans.py:164 -+#: booleans.py:174 ++#: booleans.py:175 msgid "" "Boolean to determine whether the system permits loading policy, setting " "enforcing mode, and changing boolean values. Set this to true and you have " @@ -6410,12 +6459,12 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:165 -+#: booleans.py:175 ++#: booleans.py:176 msgid "Allow regular users direct dri device access" msgstr "" -#: booleans.py:166 -+#: booleans.py:176 ++#: booleans.py:177 msgid "" "Allow unconfined executables to make their heap memory executable. Doing " "this is a really bad idea. Probably indicates a badly coded executable, but " @@ -6423,14 +6472,14 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:167 -+#: booleans.py:177 ++#: booleans.py:178 msgid "" "Allow all unconfined executables to use libraries requiring text relocation " "that are not labeled textrel_shlib_t" msgstr "" -#: booleans.py:168 -+#: booleans.py:178 ++#: booleans.py:179 msgid "" "Allow unconfined executables to make their stack executable. This should " "never, ever be necessary. Probably indicates a badly coded executable, but " @@ -6438,30 +6487,34 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:169 -+#: booleans.py:179 ++#: booleans.py:180 msgid "Allow users to connect to the local mysql server" msgstr "" -#: booleans.py:170 -+#: booleans.py:180 ++#: booleans.py:181 msgid "" "Allow confined users the ability to execute the ping and traceroute commands." msgstr "" -#: booleans.py:171 -+#: booleans.py:181 ++#: booleans.py:182 msgid "Allow users to connect to PostgreSQL" msgstr "" -#: booleans.py:172 -+#: booleans.py:182 ++#: booleans.py:183 msgid "" "Allow user to r/w files on filesystems that do not have extended attributes " "(FAT, CDROM, FLOPPY)" msgstr "" -#: booleans.py:173 -+#: booleans.py:183 ++#: booleans.py:184 ++msgid "Allow user music sharing" ++msgstr "" ++ ++#: booleans.py:185 msgid "" "Allow users to run TCP servers (bind to ports and accept connection from the " "same domain and outside users) disabling this forces FTP passive mode and " @@ -6469,17 +6522,16 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:174 -+#: booleans.py:184 ++#: booleans.py:186 msgid "Allow user to use ssh chroot environment." msgstr "" -#: booleans.py:175 -+#: booleans.py:185 - msgid "Allow user music sharing" - msgstr "" - +-msgid "Allow user music sharing" +-msgstr "" +- -#: booleans.py:176 -+#: booleans.py:186 ++#: booleans.py:187 msgid "" -"Allow anon internal-sftp to upload files, used for public file transfer " -"services. Directories must be labeled public_content_rw_t." @@ -6488,14 +6540,14 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:177 -+#: booleans.py:187 ++#: booleans.py:188 msgid "" -"Allow sftp-internal to read and write files in the user home directories" +"Determine whether sftpd-can read and write files in user home directories." msgstr "" -#: booleans.py:178 -+#: booleans.py:188 ++#: booleans.py:189 msgid "" -"Allow sftp-internal to login to local users and read/write all files on the " -"system, governed by DAC." @@ -6504,7 +6556,7 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:179 -+#: booleans.py:189 ++#: booleans.py:190 msgid "" -"Allow internal-sftp to read and write files in the user ssh home directories." +"Determine whether sftpd can read and write files in user ssh home " @@ -6512,225 +6564,225 @@ index 961d921..16bdf77 100644 msgstr "" -#: booleans.py:180 -+#: booleans.py:190 ++#: booleans.py:191 msgid "Allow sge to connect to the network using any TCP port" msgstr "" -#: booleans.py:181 -+#: booleans.py:191 ++#: booleans.py:192 msgid "Allow sge to access nfs file systems." msgstr "" -#: booleans.py:182 -msgid "" -"Enable additional permissions needed to support devices on 3ware controllers." -+#: booleans.py:192 ++#: booleans.py:193 +msgid "Determine whether smartmon can support devices on 3ware controllers." msgstr "" -#: booleans.py:183 -+#: booleans.py:193 ++#: booleans.py:194 msgid "" "Allow samba to modify public files used for public file transfer services. " "Files/Directories must be labeled public_content_rw_t." msgstr "" -#: booleans.py:184 -+#: booleans.py:194 ++#: booleans.py:195 msgid "Allow user spamassassin clients to use the network." msgstr "" -#: booleans.py:185 -+#: booleans.py:195 ++#: booleans.py:196 msgid "Allow spamd to read/write user home directories." msgstr "" -#: booleans.py:186 -msgid "" -"Allow squid to connect to all ports, not just HTTP, FTP, and Gopher ports." -+#: booleans.py:196 ++#: booleans.py:197 +msgid "Determine whether squid can connect to all TCP ports." msgstr "" -#: booleans.py:187 -msgid "Allow squid to run as a transparent proxy (TPROXY)" -+#: booleans.py:197 ++#: booleans.py:198 +msgid "Determine whether squid can run as a transparent proxy." msgstr "" -#: booleans.py:188 -+#: booleans.py:198 ++#: booleans.py:199 msgid "" "Allow ssh with chroot env to read and write files in the user home " "directories" msgstr "" -#: booleans.py:189 -+#: booleans.py:199 ++#: booleans.py:200 msgid "allow host key based authentication" msgstr "" -#: booleans.py:190 -+#: booleans.py:200 ++#: booleans.py:201 msgid "Allow ssh logins as sysadm_r:sysadm_t" msgstr "" -#: booleans.py:191 -+#: booleans.py:201 ++#: booleans.py:202 msgid "Allow staff to exec content" msgstr "" -#: booleans.py:192 -+#: booleans.py:202 ++#: booleans.py:203 msgid "allow staff user to create and transition to svirt domains." msgstr "" -#: booleans.py:193 -+#: booleans.py:203 ++#: booleans.py:204 msgid "Allow sysadm to exec content" msgstr "" -#: booleans.py:194 -+#: booleans.py:204 ++#: booleans.py:205 msgid "Allow the Telepathy connection managers to connect to any network port." msgstr "" -#: booleans.py:195 -+#: booleans.py:205 ++#: booleans.py:206 msgid "" "Allow the Telepathy connection managers to connect to any generic TCP port." msgstr "" -#: booleans.py:196 -+#: booleans.py:206 ++#: booleans.py:207 msgid "" "Allow tftp to modify public files used for public file transfer services." msgstr "" -#: booleans.py:197 -+#: booleans.py:207 ++#: booleans.py:208 msgid "Allow tftp to read and write files in the user home directories" msgstr "" -#: booleans.py:198 -msgid "Allow tor daemon to bind tcp sockets to all unreserved ports." -+#: booleans.py:208 ++#: booleans.py:209 +msgid "Determine whether tor can bind tcp sockets to all unreserved ports." msgstr "" -#: booleans.py:199 -+#: booleans.py:209 ++#: booleans.py:210 msgid "Allow tor to act as a relay" msgstr "" -#: booleans.py:200 -+#: booleans.py:210 ++#: booleans.py:211 msgid "" "allow unconfined users to transition to the chrome sandbox domains when " "running chrome-sandbox" msgstr "" -#: booleans.py:201 -+#: booleans.py:211 ++#: booleans.py:212 msgid "Allow a user to login as an unconfined domain" msgstr "" -#: booleans.py:202 -+#: booleans.py:212 ++#: booleans.py:213 msgid "" "Allow unconfined users to transition to the Mozilla plugin domain when " "running xulrunner plugin-container." msgstr "" -#: booleans.py:203 -+#: booleans.py:213 ++#: booleans.py:214 msgid "Allow video playing tools to run unconfined" msgstr "" -#: booleans.py:204 -+#: booleans.py:214 ++#: booleans.py:215 msgid "Allow unprivledged user to create and transition to svirt domains." msgstr "" -#: booleans.py:205 -+#: booleans.py:215 ++#: booleans.py:216 msgid "Support ecryptfs home directories" msgstr "" -#: booleans.py:206 -+#: booleans.py:216 ++#: booleans.py:217 msgid "Support fusefs home directories" msgstr "" -#: booleans.py:207 -msgid "Use lpd server instead of cups" -+#: booleans.py:217 ++#: booleans.py:218 +msgid "Determine whether to support lpd server." msgstr "" -#: booleans.py:208 -+#: booleans.py:218 ++#: booleans.py:219 msgid "Support NFS home directories" msgstr "" -#: booleans.py:209 -+#: booleans.py:219 ++#: booleans.py:220 msgid "Support SAMBA home directories" msgstr "" -#: booleans.py:210 -+#: booleans.py:220 ++#: booleans.py:221 msgid "Allow user to exec content" msgstr "" -#: booleans.py:211 -msgid "Allow varnishd to connect to all ports, not just HTTP." -+#: booleans.py:221 ++#: booleans.py:222 +msgid "Determine whether varnishd can use the full TCP network." msgstr "" -#: booleans.py:212 -msgid "Ignore vbetool mmap_zero errors." -+#: booleans.py:222 ++#: booleans.py:223 +msgid "" +"Determine whether attempts by vbetool to mmap low regions should be silently " +"blocked." msgstr "" -#: booleans.py:213 -+#: booleans.py:223 ++#: booleans.py:224 msgid "" "Allow confined virtual guests to use serial/parallel communication ports" msgstr "" -#: booleans.py:214 -+#: booleans.py:224 ++#: booleans.py:225 msgid "" "Allow confined virtual guests to use executable memory and executable stack" msgstr "" -#: booleans.py:215 -+#: booleans.py:225 ++#: booleans.py:226 msgid "Allow confined virtual guests to read fuse files" msgstr "" -#: booleans.py:216 -+#: booleans.py:226 ++#: booleans.py:227 msgid "Allow confined virtual guests to manage nfs files" msgstr "" -#: booleans.py:217 -+#: booleans.py:227 ++#: booleans.py:228 msgid "Allow confined virtual guests to interact with rawip sockets" msgstr "" -#: booleans.py:218 -+#: booleans.py:228 ++#: booleans.py:229 msgid "Allow confined virtual guests to manage cifs files" msgstr "" -#: booleans.py:219 -+#: booleans.py:229 ++#: booleans.py:230 msgid "Allow confined virtual guests to interact with the sanlock" msgstr "" @@ -6739,140 +6791,164 @@ index 961d921..16bdf77 100644 -msgstr "" - -#: booleans.py:221 -+#: booleans.py:230 ++#: booleans.py:231 msgid "Allow confined virtual guests to use usb devices" msgstr "" -#: booleans.py:222 -+#: booleans.py:231 ++#: booleans.py:232 msgid "Allow confined virtual guests to interact with the xserver" msgstr "" -#: booleans.py:223 -msgid "Allow webadm to manage files in users home directories" -+#: booleans.py:232 ++#: booleans.py:233 +msgid "Determine whether webadm can manage generic user files." msgstr "" -#: booleans.py:224 -msgid "Allow webadm to read files in users home directories" -+#: booleans.py:233 ++#: booleans.py:234 +msgid "Determine whether webadm can read generic user files." msgstr "" -#: booleans.py:225 -msgid "Ignore wine mmap_zero errors." -+#: booleans.py:234 ++#: booleans.py:235 +msgid "" +"Determine whether attempts by wine to mmap low regions should be silently " +"blocked." msgstr "" -#: booleans.py:226 -+#: booleans.py:235 ++#: booleans.py:236 msgid "Allow the graphical login program to execute bootloader" msgstr "" -#: booleans.py:227 -+#: booleans.py:236 ++#: booleans.py:237 msgid "" "Allow the graphical login program to login directly as sysadm_r:sysadm_t" msgstr "" -#: booleans.py:228 -+#: booleans.py:237 ++#: booleans.py:238 msgid "Allow xen to manage nfs files" msgstr "" -#: booleans.py:229 -+#: booleans.py:238 ++#: booleans.py:239 msgid "" "Allow xend to run blktapctrl/tapdisk. Not required if using dedicated " "logical volumes for disk images." msgstr "" -#: booleans.py:230 -+#: booleans.py:239 ++#: booleans.py:240 msgid "Allow xend to run qemu-dm. Not required if using paravirt and no vfb." msgstr "" -#: booleans.py:231 -+#: booleans.py:240 ++#: booleans.py:241 msgid "" "Allow xguest users to configure Network Manager and connect to apache ports" msgstr "" -#: booleans.py:232 -+#: booleans.py:241 ++#: booleans.py:242 msgid "Allow xguest to exec content" msgstr "" -#: booleans.py:233 -+#: booleans.py:242 ++#: booleans.py:243 msgid "Allow xguest users to mount removable media" msgstr "" -#: booleans.py:234 -+#: booleans.py:243 ++#: booleans.py:244 msgid "Allow xguest to use blue tooth devices" msgstr "" -#: booleans.py:235 -+#: booleans.py:244 ++#: booleans.py:245 msgid "Allows clients to write to the X server shared memory segments." msgstr "" -#: booleans.py:236 -+#: booleans.py:245 ++#: booleans.py:246 msgid "Allows XServer to execute writable memory" msgstr "" -#: booleans.py:237 -+#: booleans.py:246 ++#: booleans.py:247 msgid "Support X userspace object manager" msgstr "" -#: booleans.py:238 -msgid "Allow zabbix to connect to unreserved ports" -+#: booleans.py:247 ++#: booleans.py:248 +msgid "Determine whether zabbix can connect to all TCP ports" msgstr "" -#: booleans.py:239 -+#: booleans.py:248 ++#: booleans.py:249 msgid "Allow zebra daemon to write it configuration files" msgstr "" -#: booleans.py:240 -+#: booleans.py:249 ++#: booleans.py:250 msgid "" "Allow ZoneMinder to modify public files used for public file transfer " "services." diff --git a/policycoreutils/po/ar.po b/policycoreutils/po/ar.po -index 151ca6a..013c6fc 100644 +index 151ca6a..6010c78 100644 --- a/policycoreutils/po/ar.po +++ b/policycoreutils/po/ar.po -@@ -12,8 +12,8 @@ msgid "" +@@ -1,7 +1,7 @@ + # SOME DESCRIPTIVE TITLE. + # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER + # This file is distributed under the same license as the PACKAGE package. +-# ++# + # Translators: + # Ali Al-Ammari , 2010. + # Amjad Al-Obaili , 2010. +@@ -12,24 +12,28 @@ msgid "" msgstr "" "Project-Id-Version: Policycoreutils\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2013-01-04 12:01-0500\n" -"PO-Revision-Date: 2013-01-04 17:02+0000\n" -+"POT-Creation-Date: 2013-04-08 15:08-0400\n" ++"POT-Creation-Date: 2013-05-07 11:12-0400\n" +"PO-Revision-Date: 2013-04-08 19:09+0000\n" "Last-Translator: dwalsh \n" "Language-Team: Arabic \n" ++"Language: ar\n" "MIME-Version: 1.0\n" -@@ -29,7 +29,7 @@ msgid "" + "Content-Type: text/plain; charset=UTF-8\n" + "Content-Transfer-Encoding: 8bit\n" +-"Language: ar\n" +-"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" ++"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 " ++"&& n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" + + #: ../run_init/run_init.c:67 + msgid "" + "USAGE: run_init