setroubleshoot

Clone

#9 Translation issues
Merged 6 years ago by plautrba. Opened 6 years ago by vmojzis.
vmojzis/setroubleshoot stable  into  stable

file modified
+5 -5 
@@ -101,7 +101,7 @@ 
 

                  </child>
 

                  <child>
 

                    <object class="GtkButton" id="delete_list_button">
 

-                     <property name="label">gtk-delete</property>
 

+                     <property name="label" translatable="yes">Delete</property>
 

                      <property name="visible">True</property>
 

                      <property name="can_focus">True</property>
 

                      <property name="receives_default">True</property>
 
@@ -176,7 +176,7 @@ 
 

              </child>
 

              <child>
 

                <object class="GtkButton" id="close_details_button">
 

-                 <property name="label">gtk-close</property>
 

+                 <property name="label" translatable="yes">Close</property>
 

                  <property name="visible">True</property>
 

                  <property name="can_focus">True</property>
 

                  <property name="receives_default">True</property>
 
@@ -545,7 +545,7 @@ 
 

                              </child>
 

                              <child>
 

                                <object class="GtkButton" id="delete_button">
 

-                                 <property name="label">gtk-delete</property>
 

+                                 <property name="label" translatable="yes">Delete</property>
 

                                  <property name="visible">True</property>
 

                                  <property name="can_focus">True</property>
 

                                  <property name="receives_default">True</property>
 
@@ -653,7 +653,7 @@ 
 

                  <property name="spacing">5</property>
 

                  <child>
 

                    <object class="GtkButton" id="previous_button">
 

-                     <property name="label">gtk-media-previous</property>
 

+                     <property name="label" translatable="yes">Previous</property>
 

                      <property name="visible">True</property>
 

                      <property name="can_focus">True</property>
 

                      <property name="receives_default">True</property>
 
@@ -686,7 +686,7 @@ 
 

                  </child>
 

                  <child>
 

                    <object class="GtkButton" id="next_button">
 

-                     <property name="label">gtk-media-next</property>
 

+                     <property name="label" translatable="yes">Next</property>
 

                      <property name="visible">True</property>
 

                      <property name="can_focus">True</property>
 

                      <property name="receives_default">True</property>

file modified
+3 -3 
@@ -159,7 +159,7 @@ 
 

  

          self.read_config()
 

          builder = gtk.Builder()
 

- #        builder.set_translation_domain("setroubleshoot")
 

+         builder.set_translation_domain(domain)
 

          builder.add_from_file("/usr/share/setroubleshoot/gui/browser.glade") 

          self.plugins = load_plugins()
 

  
@@ -410,7 +410,7 @@ 
 

  

      def add_row(self, plugin, alert, args):
 

          avc = alert.audit_event.records
 

-         if_text = _("If ") + alert.substitute(plugin.get_if_text(avc, args))
 

+         if_text = alert.substitute(plugin.get_if_text(avc, args))
 

          then_text = alert.substitute(plugin.get_then_text(avc, args))
 

          then_text += "\n" + alert.substitute(plugin.get_do_text(avc, args))
 

  
@@ -546,7 +546,7 @@ 
 

             for i in plugin.get_problem_description(avc, args).split("\n"):
 

                 msg += alert.substitute(i.strip()) + "\n"
 

             message += html_to_text(msg) + "\n\n"
 

-            message += alert.substitute(_("If ") + plugin.get_if_text(avc, args)) + "\n"
 

+            message += alert.substitute(plugin.get_if_text(avc, args)) + "\n"
 

             message += alert.substitute(plugin.get_then_text(avc, args)) + "\n"
 

             message += alert.substitute(plugin.get_do_text(avc, args)) + "\n"
 

  #           message += alert.substitute(alert.format_details()) + "\n"

file modified
+1 -1 
@@ -575,7 +575,7 @@ 
 

          plugins = []
 

          for plugin, args in alert_plugins:
 

              plugins.append((
 

-                 _("If ") + alert.substitute(plugin.get_if_text(avc, args)),
 

+                 alert.substitute(plugin.get_if_text(avc, args)),
 

                  alert.substitute(plugin.get_then_text(avc, args)),
 

                  alert.substitute(plugin.get_do_text(avc, args)),
 

                  plugin.analysis_id,

file modified
+1 -1 
@@ -41,7 +41,7 @@ 
 

      "setsebool -P $BOOLEAN=1; chcon -t public_content_rw_t <path>"
 

      You must also change the default file context labeling files on the system in order to preserve public directory labeling even on a full relabel.  "semanage fcontext -a -t public_content_rw_t <path>"
 

      ''')
 

-     if_text = _("you want to allow $SOURCE_PATH to be able to write to shared public content")
 

+     if_text = _("If you want to allow $SOURCE_PATH to be able to write to shared public content")
 

      then_text = _("you need to change the label on $TARGET_PATH to public_content_rw_t, and potentially turn on the allow_httpd_sys_script_anon_write boolean.")
 

  

      def get_do_text(self, avc, args):

file modified
+1 -1 
@@ -47,7 +47,7 @@ 
 

      on the system.
 

      ''')
 

  

-     if_text = _("you do not think $SOURCE_PATH should need to map heap memory that is both writable and executable.")
 

+     if_text = _("If you do not think $SOURCE_PATH should need to map heap memory that is both writable and executable.")
 

      then_text = _("you need to report a bug. This is a potentially dangerous access.")
 

      do_text = _("Contact your security administrator and report this issue.")

file modified
+2 -2 
@@ -86,7 +86,7 @@ 
 

  

      fix_cmd = ""
 

  

-     if_text = _("you do not think $SOURCE_PATH should need to map stack memory that is both writable and executable.")
 

+     if_text = _("If you do not think $SOURCE_PATH should need to map stack memory that is both writable and executable.")
 

      then_text = _("you need to report a bug. \nThis is a potentially dangerous access.")
 

      do_text = _("Contact your security administrator and report this issue.")
 

  
@@ -96,7 +96,7 @@ 
 

              if not path:
 

                  return self.if_text
 

  

-             return _("you believe that \n%s\nshould not require execstack") % path
 

+             return _("If you believe that \n%s\nshould not require execstack") % path
 

          except:
 

              return self.if_text

file modified
+1 -1 
@@ -59,7 +59,7 @@ 
 

      files and directories on CIFS filesystems.  ''')
 

  

      rw_fix_cmd = 'setsebool -P $BOOLEAN=1 $WRITE_BOOLEAN=1'
 

-     if_text = _("you want to allow ftpd to write to cifs file systems")
 

+     if_text = _("If you want to allow ftpd to write to cifs file systems")
 

      then_text = _("you must tell SELinux about this")
 

      do_text = '# setsebool -P allow_ftpd_use_cifs=1 allow_ftpd_anon_write=1'

file modified
+1 -1 
@@ -61,7 +61,7 @@ 
 

  

      rw_fix_cmd = 'setsebool -P allow_ftpd_use_nfs=1 $WRITE_BOOLEAN=1'
 

  

-     if_text = _("you want to allow ftpd to write to nfs file systems")
 

+     if_text = _("If you want to allow ftpd to write to nfs file systems")
 

      then_text = _("you must tell SELinux about this")
 

      do_text = 'setsebool -P allow_ftpd_use_nfs=1 allow_ftpd_anon_write=1'

file modified
+1 -1 
@@ -41,7 +41,7 @@ 
 

  

      ''') % args[1]
 

  

-     if_text = _('you want to change the label of $TARGET_PATH to %s, you are not allowed to since it is not a valid file type.')
 

+     if_text = _("If you want to change the label of $TARGET_PATH to %s, you are not allowed to since it is not a valid file type.")
 

  

      def get_if_text(self, avc, args):
 

          return self.if_text % args[1]

file modified
+1 -1 
@@ -44,7 +44,7 @@ 
 

      ''')
 

  

      fix_cmd = ''
 

-     if_text = 'you want to allow $SOURCE_PATH to bind to network port $PORT_NUMBER'
 

+     if_text = _('If you want to allow $SOURCE_PATH to bind to network port $PORT_NUMBER')
 

      then_text = 'you need to modify the port type.'
 

  

      def get_do_text(self, avc, options):

file modified
+3 -3 
@@ -47,10 +47,10 @@ 
 

  

      def get_if_text(self, avc, args):
 

          if args[1] == "process":
 

-             return _('you believe that $SOURCE_BASE_PATH should be allowed $ACCESS access on processes labeled $TARGET_TYPE by default.')
 

+             return _('If you believe that $SOURCE_BASE_PATH should be allowed $ACCESS access on processes labeled $TARGET_TYPE by default.')
 

          if args[1] in ["capability", "capability2"]:
 

-             return _('you believe that $SOURCE_BASE_PATH should have the $ACCESS capability by default.')
 

-         return _('you believe that $SOURCE_BASE_PATH should be allowed $ACCESS access on the $TARGET_BASE_PATH $TARGET_CLASS by default.')
 

+             return _('If you believe that $SOURCE_BASE_PATH should have the $ACCESS capability by default.')
 

+         return _('If you believe that $SOURCE_BASE_PATH should be allowed $ACCESS access on the $TARGET_BASE_PATH $TARGET_CLASS by default.')
 

  

      then_text = _('You should report this as a bug.\nYou can generate a local policy module to allow this access.')
 

      do_text = _("""Allow this access for now by executing:

file modified
+1 -1 
@@ -59,7 +59,7 @@ 
 

          txt=seobject.boolean_desc(args[0])
 

          if not isinstance(txt, unicode):
 

              txt=unicode(txt, encoding="utf8")
 

-         return _("you want to %s") % (txt[0].lower() + txt[1:])
 

+         return _("If you want to %s") % (txt[0].lower() + txt[1:])
 

  

      def get_do_text(self, avc, args):
 

          return _("setsebool -P %s %s") % (args[0], args[1])

file modified
+1 -1 
@@ -35,7 +35,7 @@ 
 

      fix_description = _('''
 

  Either remove the mozplugger or spice-xpi package by executing 'yum remove mozplugger spice-xpi', or turn off enforcement of SELinux over the Chrome plugins. setsebool -P unconfined_chrome_sandbox_transition 0
 

      ''')
 

-     if_text = _("you want to use the %s package")
 

+     if_text = _("If you want to use the %s package")
 

  

      def get_if_text(self, avc, args):
 

          return self.if_text % args[0]

file modified
+2 -2 
@@ -32,7 +32,7 @@ 
 

      SELinux has denied $SOURCE from connecting to a network port $PORT_NUMBER which does not have an SELinux type associated with it.
 

      If $SOURCE should be allowed to connect on $PORT_NUMBER, use the <i>semanage</i> command to assign $PORT_NUMBER to a port type that $SOURCE_TYPE can connect to (%s).
 

      \n\nIf $SOURCE is not supposed
 

-     to connect to $PORT_NUMBER, this could signal a intrusion attempt.
 

+     to connect to $PORT_NUMBER, this could signal an intrusion attempt.
 

      ''')
 

  

      fix_description = _('''
 
@@ -42,7 +42,7 @@ 
 

      ''')
 

  

      fix_cmd = ''
 

-     if_text = 'you want to allow $SOURCE_PATH to connect to network port $PORT_NUMBER'
 

+     if_text = _('If you want to allow $SOURCE_PATH to connect to network port $PORT_NUMBER')
 

      then_text = 'you need to modify the port type.'
 

  

      def get_do_text(self, avc, options):

file modified
+1 -1 
@@ -41,7 +41,7 @@ 
 

      

      ''')
 

  

-     if_text = _("$TARGET_BASE_PATH should be shared via the cvs daemon")
 

+     if_text = _("If $TARGET_BASE_PATH should be shared via the cvs daemon")
 

      then_text = _("You need to change the label on $TARGET_BASE_PATH'")
 

      do_text = """# semanage fcontext -a -t cvs_data_t '$FIX_TARGET_PATH'
 

  # restorecon -v '$FIX_TARGET_PATH'"""

file modified
+1 -1 
@@ -35,7 +35,7 @@ 
 

  

      fix_description = ""
 

      fix_cmd = ""
 

-     if_text = _("you want to help identify if domain needs this access or you have a file with the wrong permissions on your system")
 

+     if_text = _("If you want to help identify if domain needs this access or you have a file with the wrong permissions on your system")
 

      then_text = _("turn on full auditing to get path information about the offending file and generate the error again.")
 

      do_text = _("""
 

  Turn on full auditing

file modified
+1 -1 
@@ -37,7 +37,7 @@ 
 

  

      fix_cmd = ""
 

  

-     if_text = _("you want to disable IPV6 on this machine")
 

+     if_text = _("If you want to disable IPV6 on this machine")
 

      then_text = _("you need to set /proc/sys/net/ipv6/conf/all/disable_ipv6 to 1 and do not blacklist the module'")
 

      do_text = _("""Add 

  net.ipv6.conf.all.disable_ipv6 = 1

file modified
+2 -2 
@@ -46,9 +46,9 @@ 
 

  

      def get_if_text(self, avc, args):
 

          if args == (1,0):
 

-             return _('this is caused by a newly created file system.')
 

+             return _('This is caused by a newly created file system.')
 

          else:
 

-             return _('you think this is caused by a badly mislabeled machine.')
 

+             return _('If you think this is caused by a badly mislabeled machine.')
 

  

      def get_then_text(self, avc, args):
 

          if args == (1,0):

file modified
+1 -1 
@@ -40,7 +40,7 @@ 
 

      fix_description = _('''
 

      Use a command like "cp -p" to preserve all permissions except SELinux context.
 

      ''')
 

-     if_text = _("you believe $SOURCE_BASE_PATH should be allowed to create $TARGET_BASE_PATH files")
 

+     if_text = _("If you believe $SOURCE_BASE_PATH should be allowed to create $TARGET_BASE_PATH files")
 

      then_text = _("you need to use a different command. You are not allowed to preserve the SELinux context on the target file system.")
 

  

      do_text = _('use a command like "cp -p" to preserve all permissions except SELinux context.')

file modified
+2 -2 
@@ -33,7 +33,7 @@ 
 

      SELinux has denied the http daemon from sending mail. An
 

      httpd script is trying to connect to a mail port or execute the
 

      sendmail command. If you did not setup httpd to sendmail, this could
 

-     signal a intrusion attempt.
 

+     signal an intrusion attempt.
 

      ''')
 

  

      fix_description = _('''
 
@@ -44,7 +44,7 @@ 
 

  

      fix_cmd = 'setsebool -P $BOOLEAN=1'
 

  

-     if_text = _("you want to allow httpd to send mail")
 

+     if_text = _("If you want to allow httpd to send mail")
 

      then_text = _("you must setup SELinux to allow this")
 

      do_text = 'setsebool -P httpd_can_sendmail=1'

file modified
+1 -1 
@@ -54,7 +54,7 @@ 
 

  

      fix_cmd = 'setsebool -P $BOOLEAN=1'
 

  

-     if_text = _("you want to allow httpd to execute cgi scripts and to unify HTTPD handling of all content files.")
 

+     if_text = _("If you want to allow httpd to execute cgi scripts and to unify HTTPD handling of all content files.")
 

      then_text = _("you must tell SELinux about this by enabling the 'httpd_unified' and 'http_enable_cgi' booleans")
 

      do_text = "# setsebool -P httpd_unified=1 httpd_enable_cgi=1"

file modified
+1 -1 
@@ -41,7 +41,7 @@ 
 

  

      fix_description = "Contact your security administrator and report this issue."
 

      fix_cmd = ""
 

-     if_text = _("you do not think $SOURCE_BASE_PATH should try $ACCESS access on $TARGET_BASE_PATH.")
 

+     if_text = _("If you do not think $SOURCE_BASE_PATH should try $ACCESS access on $TARGET_BASE_PATH.")
 

      then_text = _("you may be under attack by a hacker, since confined applications should not need this access.")
 

      do_text = _("Contact your security administrator and report this issue.")

file modified
+1 -1 
@@ -39,7 +39,7 @@ 
 

  

      fix_cmd = ""
 

  

-     if_text = _('you want to ignore $SOURCE_BASE_PATH trying to $ACCESS access the $TARGET_BASE_PATH $TARGET_CLASS, because you believe it should not need this access.')
 

+     if_text = _("If you want to ignore $SOURCE_BASE_PATH trying to $ACCESS access the $TARGET_BASE_PATH $TARGET_CLASS, because you believe it should not need this access.")
 

      then_text = _('You should report this as a bug.  \nYou can generate a local policy module to dontaudit this access.')
 

      do_text = _("""# ausearch -x $SOURCE_PATH --raw | audit2allow -D -M my-$SOURCE
 

  # semodule -i my-$SOURCE.pp""")

file modified
+3 -3 
@@ -32,18 +32,18 @@ 
 

  

      problem_description = _('''
 

      SELinux has denied the $SOURCE the ability to mmap low area of the kernel 

-     address space.  The ability to mmap a low area of the address space, as 

+     address space.  The ability to mmap a low area of the address space is 

      configured by /proc/sys/kernel/mmap_min_addr.  Preventing such mappings 

      helps protect against exploiting null deref bugs in the kernel. All 

      applications that need this access should have already had policy written 

-     for them.  If a compromised application tries modify the kernel this AVC 

+     for them.  If a compromised application tries to modify the kernel, this AVC 

      would be generated. This is a serious issue. Your system may very well be 

      compromised.
 

      ''')
 

  

      fix_description = ("Contact your security administrator and report this issue.")
 

      fix_cmd = ""
 

-     if_text = _("you do not think $SOURCE_PATH should need to mmap low memory in the kernel.")
 

+     if_text = _("If you do not think $SOURCE_PATH should need to mmap low memory in the kernel.")
 

      then_text = _("you may be under attack by a hacker, this is a very dangerous access.")
 

      do_text = _("Contact your security administrator and report this issue.")
 

      def __init__(self):

file modified
+1 -1 
@@ -45,7 +45,7 @@ 
 

      "chcon -t mnt_t '$TARGET_PATH'."
 

      You must also change the default file context files on the system in order to preserve them even on a full relabel.  "semanage fcontext -a -t mnt_t '$FIX_TARGET_PATH'"
 

      ''')
 

-     if_text = _("you want to allow $SOURCE_BASE_PATH to mount on $TARGET_BASE_PATH.")
 

+     if_text = _("If you want to allow $SOURCE_BASE_PATH to mount on $TARGET_BASE_PATH.")
 

      then_text = _("you must change the labeling on $TARGET_PATH.")
 

      do_text = """# semanage fcontext -a -t mnt_t '$FIX_TARGET_PATH'
 

  # restorecon -v $TARGET_PATH"""

file modified
+1 -1 
@@ -35,7 +35,7 @@ 
 

      fix_description = _('''
 

  Either remove the mozplugger or spice-xpi package by executing 'yum remove mozplugger spice-xpi' or turn off enforcement of SELinux over the Firefox plugins. setsebool -P unconfined_mozilla_plugin_transition 0
 

      ''')
 

-     if_text = _("you want to use the %s package")
 

+     if_text = _("If you want to use the %s package")
 

  

      def get_if_text(self, avc, args):
 

          return self.if_text % args[0]

file modified
+1 -1 
@@ -41,7 +41,7 @@ 
 

  Or turn off enforcement of SELinux over the Firefox plugins.
 

  setsebool -P unconfined_mozilla_plugin_transition 0
 

      ''')
 

-     if_text = _("you want to to continue using SELinux Firefox plugin containment rather then using mozplugger package")
 

+     if_text = _("If you want to to continue using SELinux Firefox plugin containment rather then using mozplugger package")
 

      then_text = _("you must remove the mozplugger package.")
 

      do_text = """# yum remove mozplugger"""

file modified
+5 -4 
@@ -34,20 +34,21 @@ 
 

  

      problem_description = _('''
 

      SELinux denied access requested by $SOURCE. $TARGET_PATH may
 

-     be a mislabeled. openvpn is allowed to read content in home directory if it
 

+     be mislabeled. openvpn is allowed to read content in home directory if it
 

      is labeled correctly.
 

      ''')
 

  

      fix_description = _('''
 

      You can restore the default system context to this file by executing the
 

-     restorecon command.  restorecon restore using restorecon -R /root/.ssh.
 

+     restorecon command.  

+     # restorecon -R /root/.ssh
 

      ''')
 

  

      def get_if_text(self, avc, args):
 

          if (args[0] == "move"):
 

-             return _('you want to mv $TARGET_BASE_PATH to standard location so that $SOURCE_BASE_PATH can have $ACCESS access')
 

+             return _('If you want to mv $TARGET_BASE_PATH to standard location so that $SOURCE_BASE_PATH can have $ACCESS access')
 

          else:
 

-             return _('you want to modify the label on $TARGET_BASE_PATH so that $SOURCE_BASE_PATH can have $ACCESS access on it')
 

+             return _('If you want to modify the label on $TARGET_BASE_PATH so that $SOURCE_BASE_PATH can have $ACCESS access on it')
 

  

      def get_then_text(self, avc, args):
 

          if (args[0] == "move"):

file modified
+1 -1 
@@ -47,7 +47,7 @@ 
 

          Plugin.__init__(self, __name__)
 

          self.set_priority(8)
 

  

-     if_text=_("you want to treat $TARGET_BASE_PATH as public content")
 

+     if_text = _("If you want to treat $TARGET_BASE_PATH as public content")
 

      then_text = _("You need to change the label on $TARGET_BASE_PATH to public_content_t or public_content_rw_t.")
 

      do_text = """# semanage fcontext -a -t public_content_t '$FIX_TARGET_PATH'
 

  # restorecon -v '$FIX_TARGET_PATH'"""

file modified
+1 -1 
@@ -45,7 +45,7 @@ 
 

  

      fix_cmd = "chcon -t virt_image_t '$TARGET_PATH'"
 

  

-     if_text = _("$TARGET_BASE_PATH is a virtualization target")
 

+     if_text = _("If $TARGET_BASE_PATH is a virtualization target")
 

      then_text = _("You need to change the label on $TARGET_BASE_PATH'")
 

      do_text = """# semanage fcontext -a -t virt_image_t '$FIX_TARGET_PATH'
 

  # restorecon -v '$FIX_TARGET_PATH'"""

file modified
+3 -3 
@@ -63,9 +63,9 @@ 
 

      def get_problem_description(self, avc, args):
 

          return _('''
 

      SELinux denied access requested by $SOURCE. $TARGET_PATH may
 

-     be a mislabeled.  $TARGET_PATH default SELinux type is
 

+     be mislabeled.  $TARGET_PATH default SELinux type is
 

      <B>%s</B>, but its current type is <B>$TARGET_TYPE</B>. Changing
 

-     this file back to the default type, may fix your problem.
 

+     this file back to the default type may fix your problem.
 

      <p>
 

      File contexts can be assigned to a file in the following ways.
 

      <ul>
 
@@ -87,7 +87,7 @@ 
 

      If you believe this is a bug, please file a bug report against this package.
 

      ''') % args[1]
 

  

-     if_text = _('you want to fix the label. \n$TARGET_PATH default label should be %s.')
 

+     if_text = _("If you want to fix the label. \n$TARGET_PATH default label should be %s.")
 

  

      def get_if_text(self, avc, args):
 

          return self.if_text % args[1]

file modified
+3 -3 
@@ -44,9 +44,9 @@ 
 

      def get_problem_description(self, avc, args):
 

          return _('''
 

      SELinux denied access requested by $SOURCE. $SOURCE_PATH may
 

-     be a mislabeled.  $SOURCE_PATH default SELinux type is
 

+     be mislabeled.  $SOURCE_PATH default SELinux type is
 

      <B>%s</B>, but its current type is <B>$SOURCE_TYPE</B>. Changing
 

-     this file back to the default type, may fix your problem.
 

+     this file back to the default type may fix your problem.
 

      <p>
 

      This file could have been mislabeled either by user error, or if an normally confined application
 

      was run under the wrong domain.
 
@@ -57,7 +57,7 @@ 
 

      If you believe this is a bug, please file a bug report against this package.
 

      ''') % args[1]
 

  

-     if_text = _('you want to fix the label. \n$SOURCE_PATH default label should be %s.')
 

+     if_text = _("If you want to fix the label. \n$SOURCE_PATH default label should be %s.")
 

  

      def get_if_text(self, avc, args):
 

          return self.if_text % args[1]

file modified
+5 -5 
@@ -29,10 +29,10 @@ 
 

      ''')
 

  

      problem_description = _('''
 

-     SELinux denied rsync access to $TARGET_PATH.
 

-     If this is a RSYNC repository it has to have a file context label of
 

-     rsync_data_t. If you did not intend to use $TARGET_PATH as a rsync repository
 

-     it could indicate either a bug or it could signal a intrusion attempt.
 

+     SELinux denied RSYNC access to $TARGET_PATH.
 

+     If this is an RSYNC repository, it has to have a file context label of
 

+     rsync_data_t. If you did not intend to use $TARGET_PATH as an RSYNC repository,
 

+     this message could indicate either a bug or an intrusion attempt.
 

      ''')
 

  

      fix_description = _('''
 
@@ -42,7 +42,7 @@ 
 

  

      fix_cmd = "chcon -R -t rsync_data_t '$TARGET_PATH'"
 

  

-     if_text = _("$TARGET_BASE_PATH should be shared via the rsync daemon")
 

+     if_text = _("If $TARGET_BASE_PATH should be shared via the RSYNC daemon")
 

      then_text = _("You need to change the label on $TARGET_BASE_PATH")
 

      do_text = """# semanage fcontext -a -t rsync_data_t '$FIX_TARGET_PATH'
 

  # restorecon -v '$FIX_TARGET_PATH'"""

file modified
+2 -2 
@@ -31,8 +31,8 @@ 
 

      problem_description = _('''
 

      SELinux denied samba access to $TARGET_PATH.
 

      If you want to share this directory with samba it has to have a file context label of
 

-     samba_share_t. If you did not intend to use $TARGET_PATH as a samba repository
 

-     it could indicate either a bug or it could signal a intrusion attempt.
 

+     samba_share_t. If you did not intend to use $TARGET_PATH as a samba repository,
 

+     this message could indicate either a bug or an intrusion attempt.
 

      Please refer to 'man samba_selinux' for more information on setting up Samba and SELinux.
 

      ''')

file modified
+4 -3 
@@ -32,9 +32,10 @@ 
 

  

      problem_description = _('''
 

      SELinux has denied $SOURCE from connecting to a network port $PORT_NUMBER within a sandbox.
 

-     If $SOURCE should be allowed to connect on $PORT_NUMBER, you need to use a different sandbox type like sandbox_web_t or sandbox_net_t.  sandbox -X -t sandbox_net_t $SOURCE.
 

+     If $SOURCE should be allowed to connect on $PORT_NUMBER, you need to use a different sandbox type like sandbox_web_t or sandbox_net_t.  

+     # sandbox -X -t sandbox_net_t $SOURCE
 

      \n\nIf $SOURCE is not supposed
 

-     to connect to $PORT_NUMBER, this could signal a intrusion attempt.
 

+     to connect to $PORT_NUMBER, this could signal an intrusion attempt.
 

      ''')
 

  

      fix_description = _('''
 
@@ -43,7 +44,7 @@ 
 

      ''')
 

  

      fix_cmd = ''
 

-     if_text = _('you want to allow $SOURCE_PATH to connect to network port $PORT_NUMBER')
 

+     if_text = _("If you want to allow $SOURCE_PATH to connect to network port $PORT_NUMBER")
 

  

      then_text =  _("""you need to modify the sandbox type. sandbox_web_t or sandbox_net_t.
 

  For example:

file modified
+1 -1 
@@ -41,7 +41,7 @@ 
 

  

      fix_description = "Contact your security administrator and report this issue."
 

      fix_cmd = ""
 

-     if_text = _("you do not think $SOURCE_BASE_PATH should try $ACCESS access on $TARGET_BASE_PATH.")
 

+     if_text = _("If you do not think $SOURCE_BASE_PATH should try $ACCESS access on $TARGET_BASE_PATH.")
 

      then_text = _("you may be under attack by a hacker, since confined applications should not need this access.")
 

      do_text = _("Contact your security administrator and report this issue.")

file modified
+2 -2 
@@ -24,7 +24,7 @@ 
 

  from setroubleshoot.util import *
 

  from setroubleshoot.Plugin import Plugin
 

  

- if_text = _("you did not directly cause this AVC through testing.")
 

+ if_text = _("If you did not directly cause this AVC through testing.")
 

  then_text = _("if you think that you might have been hacked")
 

  do_text = _("Contact your security administrator and report this issue.")
 

  
@@ -45,7 +45,7 @@ 
 

      fix_description = "Contact your security administrator and report this issue."
 

      fix_cmd = ""
 

  

-     if_text = _("you believe $SOURCE_PATH tried to disable SELinux.")
 

+     if_text = _("If you believe $SOURCE_PATH tried to disable SELinux.")
 

      then_text = _("you may be under attack by a hacker, since confined applications should never need this access.")
 

      do_text = _("Contact your security administrator and report this issue.")

file modified
+3 -2 
@@ -35,13 +35,14 @@ 
 

  

      problem_description = _('''
 

      SELinux denied access requested by $SOURCE. $TARGET_PATH may
 

-     be a mislabeled. sshd is allowed to read content in /root/.ssh directory if it
 

+     be mislabeled. sshd is allowed to read content in /root/.ssh directory if it
 

      is labeled correctly.
 

      ''')
 

  

      fix_description = _('''
 

      You can restore the default system context to this file by executing the
 

-     restorecon command.  restorecon restore using restorecon -R /root/.ssh.
 

+     restorecon command.
 

+     # restorecon -R /root/.ssh
 

      ''')
 

  

      then_text = _('you must fix the labels.')

file modified
+2 -3 
@@ -30,10 +30,9 @@ 
 

  

      problem_description = _('''
 

      SELinux denied $SOURCE access to $TARGET_PATH.
 

-     If this is a swapfile it has to have a file context label of
 

+     If this is a swapfile, it has to have a file context label of
 

      swapfile_t. If you did not intend to use
 

-     $TARGET_PATH as a swapfile it probably indicates a bug, however it could also
 

-     signal a intrusion attempt.
 

+     $TARGET_PATH as a swapfile, this message could indicate either a bug or an intrusion attempt.
 

      ''')
 

  

      fix_description = _('''

file modified
+2 -2 
@@ -25,7 +25,7 @@ 
 

  from setroubleshoot.util import *
 

  from setroubleshoot.Plugin import Plugin
 

  

- if_text = _("you do not believe your $SOURCE_PATH should be modifying the kernel, by loading kernel modules")
 

+ if_text = _("If you do not believe your $SOURCE_PATH should be modifying the kernel, by loading kernel modules")
 

  then_text = _("You might have been hacked.")
 

  do_text = _("Contact your security administrator and report this issue.")
 

  
@@ -43,7 +43,7 @@ 
 

      ''')
 

  

      fix_description = "Contact your security administrator and report this issue."
 

-     if_text = _("you do not believe that $SOURCE_PATH should be attempting to modify the kernel by loading a kernel module.")
 

+     if_text = _("If you do not believe that $SOURCE_PATH should be attempting to modify the kernel by loading a kernel module.")
 

      then_text = _("A process might be attempting to hack into your system.")
 

      do_text = _("Contact your security administrator and report this issue.")
 

      fix_cmd = ""

file modified
+1 -1 
@@ -36,7 +36,7 @@ 
 

  

      fix_description = "Fix the cause of the SYS_RESOURCE on your system."
 

  

-     if_text = _("you do not want processes to require capabilities to use up all the system resources on your system;")
 

+     if_text = _("If you do not want processes to require capabilities to use up all the system resources on your system;")
 

      then_text = _("""you need to diagnose why your system is running out of system resources and fix the problem.
 

  

  According to /usr/include/linux/capability.h, sys_resource is required to:

file modified
+1 -1 
@@ -52,7 +52,7 @@ 
 

  

      fix_cmd = "/usr/sbin/setsebool -P mmap_low_allowed 1"
 

  

-     if_text=_("you want to ignore this AVC because it is dangerous and your machine seems to be working correctly.")
 

+     if_text = _("If you want to ignore this AVC because it is dangerous and your machine seems to be working correctly.")
 

      then_text = _("you must tell SELinux about this by enabling the vbetool_mmap_zero_ignore boolean.")
 

      do_text = "# setsebool -P vbetool_mmap_zero_ignore 1"

file modified
+1 -1 
@@ -63,7 +63,7 @@ 
 

  

      fix_cmd = "/usr/sbin/setsebool -P mmap_low_allowed 1"
 

  

-     if_text=_("you want to ignore this AVC because it is dangerous and your wine applications are working correctly.")
 

+     if_text = _("If you want to ignore this AVC because it is dangerous and your wine applications are working correctly.")
 

      then_text = _("you must tell SELinux about this by enabling the wine_mmap_zero_ignore boolean.")
 

      do_text = "# setsebool -P wine_mmap_zero_ignore 1"

no initial comment

Pull-Request has been merged by plautrba
6 years ago
Metadata
None
No Tags
Changes Summary 43
+5 -5
file changed
framework/gui/browser.glade
+3 -3
file changed
framework/src/setroubleshoot/browser.py
+1 -1
file changed
framework/src/setroubleshoot/server.py
+1 -1
file changed
plugins/src/allow_anon_write.py
+1 -1
file changed
plugins/src/allow_execheap.py
+2 -2
file changed
plugins/src/allow_execstack.py
+1 -1
file changed
plugins/src/allow_ftpd_use_cifs.py
+1 -1
file changed
plugins/src/allow_ftpd_use_nfs.py
+1 -1
file changed
plugins/src/associate.py
+1 -1
file changed
plugins/src/bind_ports.py
+3 -3
file changed
plugins/src/catchall.py
+1 -1
file changed
plugins/src/catchall_boolean.py
+1 -1
file changed
plugins/src/chrome.py
+2 -2
file changed
plugins/src/connect_ports.py
+1 -1
file changed
plugins/src/cvs_data.py
+1 -1
file changed
plugins/src/dac_override.py
+1 -1
file changed
plugins/src/disable_ipv6.py
+2 -2
file changed
plugins/src/file.py
+1 -1
file changed
plugins/src/filesystem_associate.py
+2 -2
file changed
plugins/src/httpd_can_sendmail.py
+1 -1
file changed
plugins/src/httpd_unified.py
+1 -1
file changed
plugins/src/kernel_modules.py
+1 -1
file changed
plugins/src/leaks.py
+3 -3
file changed
plugins/src/mmap_zero.py
+1 -1
file changed
plugins/src/mounton.py
+1 -1
file changed
plugins/src/mozplugger.py
+1 -1
file changed
plugins/src/mozplugger_remove.py
+5 -4
file changed
plugins/src/openvpn.py
+1 -1
file changed
plugins/src/public_content.py
+1 -1
file changed
plugins/src/qemu_file_image.py
+3 -3
file changed
plugins/src/restorecon.py
+3 -3
file changed
plugins/src/restorecon_source.py
+5 -5
file changed
plugins/src/rsync_data.py
+2 -2
file changed
plugins/src/samba_share.py
+4 -3
file changed
plugins/src/sandbox_connect.py
+1 -1
file changed
plugins/src/selinuxpolicy.py
+2 -2
file changed
plugins/src/setenforce.py
+3 -2
file changed
plugins/src/sshd_root.py
+2 -3
file changed
plugins/src/swapfile.py
+2 -2
file changed
plugins/src/sys_module.py
+1 -1
file changed
plugins/src/sys_resource.py
+1 -1
file changed
plugins/src/vbetool.py
+1 -1
file changed
plugins/src/wine.py
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.