diff options
author | Yuri Chornoivan <yurchor@ukr.net> | 2016-11-04 22:07:30 +0200 |
---|---|---|
committer | Yuri Chornoivan <yurchor@ukr.net> | 2016-11-04 22:07:30 +0200 |
commit | b5ace1b43dcac0f8fe0e435a1581ad41cd0e3f0a (patch) | |
tree | 093963e8bbd57f64fecd867e5bc317cbd55a1e84 /po | |
parent | ef48d40a0721965a444c7af56050277d54c96a75 (diff) | |
download | msec-b5ace1b43dcac0f8fe0e435a1581ad41cd0e3f0a.tar msec-b5ace1b43dcac0f8fe0e435a1581ad41cd0e3f0a.tar.gz msec-b5ace1b43dcac0f8fe0e435a1581ad41cd0e3f0a.tar.bz2 msec-b5ace1b43dcac0f8fe0e435a1581ad41cd0e3f0a.tar.xz msec-b5ace1b43dcac0f8fe0e435a1581ad41cd0e3f0a.zip |
Update Chinese (Simplified) translation from Tx
Diffstat (limited to 'po')
-rw-r--r-- | po/zh_CN.po | 543 |
1 files changed, 266 insertions, 277 deletions
diff --git a/po/zh_CN.po b/po/zh_CN.po index 5f04cfb..6fc2b94 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -11,8 +11,8 @@ msgid "" msgstr "" "Project-Id-Version: Mageia\n" -"POT-Creation-Date: 2014-05-11 22:07+CEST\n" -"PO-Revision-Date: 2016-04-22 09:05+0000\n" +"POT-Creation-Date: 2016-10-23 09:15+CEST\n" +"PO-Revision-Date: 2016-11-04 13:20+0000\n" "Last-Translator: zwpwjwtz <zwpwjwtz@126.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/MageiaLinux/mageia/" "language/zh_CN/)\n" @@ -35,91 +35,95 @@ msgstr "系统文件无更改" msgid "Disabled" msgstr "禁用" -#: ../src/msec/config.py:211 ../src/msec/config.py:423 +#: ../src/msec/config.py:222 ../src/msec/config.py:434 msgid "Unable to load configuration file %s: %s" msgstr "无法加载配置文件 %s:%s" -#: ../src/msec/config.py:225 ../src/msec/config.py:334 -#: ../src/msec/config.py:442 +#: ../src/msec/config.py:236 ../src/msec/config.py:345 +#: ../src/msec/config.py:453 msgid "Bad config option: %s" msgstr "错误的配置选项: %s" -#: ../src/msec/config.py:260 ../src/msec/config.py:373 -#: ../src/msec/config.py:468 +#: ../src/msec/config.py:271 ../src/msec/config.py:384 +#: ../src/msec/config.py:479 msgid "Unable to save %s: %s" msgstr "未能保存 %s: %s" -#: ../src/msec/config.py:319 +#: ../src/msec/config.py:330 msgid "loading exceptions file %s: %s" msgstr "加载例外文件 %s:%s" -#: ../src/msec/config.py:320 +#: ../src/msec/config.py:331 msgid "No exceptions loaded" msgstr "未加载例外" #: ../src/msec/help.py:14 -msgid "" -"Allow local users to connect to X server. Accepted arguments: yes (all " -"connections are allowed), local (only local connection), no (no connection)." -msgstr "" -"允许本地用户连接到 X 服务器。可能的参数为:yes(允许所有链接)、local(仅允许" -"本地链接)、no(不允许链接)。" +msgid "Enable checking for changes in firewall settings." +msgstr "启用对防火墙设置更改的检查。" #: ../src/msec/help.py:16 -msgid "Enable checking for files/directories writable by everybody." -msgstr "为所有人启用文件/目录可写性检查。" +msgid "Fix owner and group of unowned files to use nobody/nogroup." +msgstr "将无归属文件的所有者和所有组设为 nobody/nogroup。" #: ../src/msec/help.py:18 -msgid "Enable checking for empty passwords in /etc/shadow (man shadow(5))." -msgstr "为所有人启用空密码检查(根据 /etc/shadow 文件,参见 man shadow(5))。" +msgid "" +"Use secure location for temporary files. If this parameter is set to 'yes', " +"user home directory will be used for temporary files. Otherwise, /tmp will " +"be used." +msgstr "" +"用于存储临时文件的安全位置。若设为“yes”,临时文件将被存放在用户目录中。否则," +"将会使用 /tmp。" #: ../src/msec/help.py:20 -msgid "Log syslog messages on console terminal 12." -msgstr "将系统日志消息输出到 12 号控制台终端。" +msgid "Allow autologin." +msgstr "允许自动登录。" #: ../src/msec/help.py:22 -msgid "Send mail reports even if no changes were detected." -msgstr "如果没有检测到更改,也发送邮件报告。" +msgid "" +"Set the password minimum length and minimum number of digit and minimum " +"number of capitalized letters, using length,ndigits,nupper format." +msgstr "设置密码的最低长度、最少数字位数、最少大写字符数,使用逗号分隔各个值。" #: ../src/msec/help.py:24 -msgid "" -"Defines the base security level, on top of which the current configuration " -"is based." -msgstr "定义基础安全等级,并用作当前配置的基础。" +msgid "Enable checking for additions/removals of sgid files." +msgstr "启用对根文件 sgid 添加/移除操作的检查。" #: ../src/msec/help.py:26 -msgid "Accept broadcasted ICMP echo." -msgstr "接受广播 ICMP 回应。" +msgid "" +"Enforce MSEC file directory permissions on system startup. If this parameter " +"is set to 'enforce', system permissions will be enforced automatically, " +"according to system security settings." +msgstr "" +"在系统启动时强制指定 MSEC 文件目录权限。若设为“enforce”,将会自动根据系统安全" +"设置来设定系统权限。" #: ../src/msec/help.py:28 msgid "" -"Enable verification for changes in the installed RPM packages. This will " -"notify you when new packages are installed or removed." -msgstr "为安装的 RPM 软件包启用更改检查。当安装或移除新软件包时将会提示您。" +"Enable verification of integrity of installed RPM packages. This will notify " +"you if checksums of the installed files were changed, showing separate " +"results for binary and configuration files." +msgstr "" +"启用对安装的 RPM 软件包的完整性验证。若安装文件的校验和不符,将会提示您二进制" +"文件和配置文件中存在差异。" #: ../src/msec/help.py:30 -msgid "Enable periodic permission checking for files specified in msec policy." -msgstr "对 msec 策略中指定的文件启用周期性权限检查。" +msgid "" +"Set the password history length to prevent password reuse. This is not " +"supported by pam_tcb." +msgstr "设置密码记录历史,以防密码被重复使用。pam_tcb 不支持此功能。" #: ../src/msec/help.py:32 -msgid "Ignore changes in process IDs when checking for open network ports." -msgstr "检查开放网络端口时忽略进程 ID 变更。" +msgid "" +"Set umask option for mounting vfat and ntfs partitions. If umask is '-1', " +"default system umask is used." +msgstr "" +"设置挂载 vfat 和 ntfs 分区时的掩码选项。若设为“-1”,则使用默认的系统掩码。" #: ../src/msec/help.py:34 msgid "Allow X server to accept connections from network on tcp port 6000." msgstr "允许 X 服务器接受来自 6000 端口的 TCP 链接。" #: ../src/msec/help.py:36 -msgid "Enable checking for known rootkits using chkrootkit." -msgstr "使用 chkrootkit 检查已知的 rootkit。" - -#: ../src/msec/help.py:38 -msgid "" -"Enable msec to enforce file permissions to the values specified in the msec " -"security policy." -msgstr "用 msec 将文件权限强制设置为 msec 安全策略中指定的值。" - -#: ../src/msec/help.py:40 msgid "" "Enable sectools checks. This check will run all sectool checks for a " "security level configuration. The security level to be used during this test " @@ -128,69 +132,92 @@ msgstr "" "启用 sectool 检查。将根据安全等级配置运行所有 sectool 检查。可以通过 " "CHECK_SECTOOL_LEVELS 变量指定用于检查的安全等级。" +#: ../src/msec/help.py:38 +msgid "Log journal messages on console terminal 12." +msgstr "将日志消息输出到 12 号控制台终端。" + +#: ../src/msec/help.py:40 +msgid "" +"Enable msec to enforce file permissions to the values specified in the msec " +"security policy." +msgstr "用 msec 将文件权限强制设置为 msec 安全策略中指定的值。" + #: ../src/msec/help.py:42 -msgid "Set shell commands history size. A value of -1 means unlimited." -msgstr "设置 shell 命令历史大小。-1 表示没有限制。" +msgid "" +"Patterns to exclude from disk checks. This parameter is parsed as a regex " +"(7), so you may use complex expressions." +msgstr "" +"指定磁盘检查中要排除的项目。程序使用 regex(7) 解析此参数,所以您可以使用复杂" +"的表达式。" #: ../src/msec/help.py:44 -msgid "Allow system reboot and shutdown to local users." -msgstr "允许本地用户重启和关闭系统。" +msgid "" +"Allow to export display when passing from the root account to the other " +"users. See pam_xauth(8) for more details." +msgstr "" +"将 root 账户授权给其他用户时允许导出显示。参见 pam_xauth(8) 以了解更多细节。" #: ../src/msec/help.py:46 -msgid "Enable checking for changes in firewall settings." -msgstr "启用对防火墙设置更改的检查。" - -#: ../src/msec/help.py:48 msgid "Enable checking for additions/removals of suid root files." msgstr "启用对根文件 suid 添加/移除操作的检查。" +#: ../src/msec/help.py:48 +msgid "Allow root access without password for the members of the wheel group." +msgstr "允许 wheel 组的成员以 root 权限操作,且无需输入 root 密码。" + #: ../src/msec/help.py:50 -msgid "Include current directory into user PATH by default" -msgstr "默认包含当前目录至用户的 PATH 变量" +msgid "Set the user umask." +msgstr "设置用户 umask。" #: ../src/msec/help.py:52 -msgid "" -"Enable crontab and at for users. Put allowed users in /etc/cron.allow and /" -"etc/at.allow (see man at(1) and crontab(1))." -msgstr "" -"为所有用户启用 crontab。将允许的用户添加至 /etc/cron.allow 和 /etc/at." -"allow(参见 man at(1) 和 crontab(1))。" +msgid "Enable periodic security check results to terminal." +msgstr "启用对终端输出的周期性安全检查。" #: ../src/msec/help.py:54 -msgid "Set the shell timeout. A value of zero means no timeout." -msgstr "设置 shell 超时。若设为 0, 则为没有超时。" +msgid "Ignore changes in process IDs when checking for open network ports." +msgstr "检查开放网络端口时忽略进程 ID 变更。" #: ../src/msec/help.py:56 -msgid "" -"Enable password-related checks, such as empty passwords and strange super-" -"user accounts." -msgstr "启用密码相关检查,如空密码和非常规超级用户账户。" +msgid "Run security checks when machine is running on battery power." +msgstr "当机器使用电池时,仍然运行安全检查。" #: ../src/msec/help.py:58 msgid "" -"Set the password history length to prevent password reuse. This is not " -"supported by pam_tcb." -msgstr "设置密码记录历史,以防密码被重复使用。pam_tcb 不支持此功能。" +"Enable permission checking on users' files that should not be owned by " +"someone else, or writable." +msgstr "启用对用户文件权限的检查,如归属错误、不应具有可写属性的文件。" #: ../src/msec/help.py:60 -msgid "Set the user umask." -msgstr "设置用户 umask。" +msgid "Allow display managers (kdm and gdm) to display list of local users." +msgstr "允许显示管理器(kde 和 gdm)显示本地用户列表。" #: ../src/msec/help.py:62 -msgid "Enable checking for dangerous options in users' .rhosts/.shosts files." -msgstr "启用对用户 .rhosts/.shosts 文件中危险选项的检查。" +msgid "" +"Creates the symlink /etc/security/msec/server to point to /etc/security/msec/" +"server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --" +"add to decide to add a service if it is present in the file during the " +"installation of packages. By default, two presets are provided: local (which " +"only enables local services) and remote (which also enables some remote " +"services considered safe). Note that the allowed services must be placed " +"manually into the server.SERVER_LEVEL files when necessary." +msgstr "" +"创建 /etc/security/msec/server.SERVER_LEVEL 的符号链接至 /etc/security/msec/" +"server。chkconfig -add 使用 /etc/security/msec/server 来确定在安装软件包时要" +"添加的服务。默认情况下有两种预设值:local(仅启用本地服务)和 remote(也启用" +"一些安全的远程服务)。注意,某些情况下需要手动添加所需服务至 server." +"SERVER_LEVEL 文件。" #: ../src/msec/help.py:64 -msgid "User email to receive security notifications." -msgstr "用于接受安全通知的用户邮箱。" +msgid "Send mail reports even if no changes were detected." +msgstr "如果没有检测到更改,也发送邮件报告。" #: ../src/msec/help.py:66 -msgid "Allow autologin." -msgstr "允许自动登录。" +msgid "Activate ethernet cards promiscuity check." +msgstr "激活以太网卡混用检查。" #: ../src/msec/help.py:68 -msgid "Allow only users in wheel group to su to root." -msgstr "只允许 wheel 组中的用户 su 到 root。" +msgid "User email to receive security notifications." +msgstr "用于接受安全通知的用户邮箱。" #: ../src/msec/help.py:70 msgid "Enable daily security checks." @@ -198,242 +225,215 @@ msgstr "启用每日安全检查" #: ../src/msec/help.py:72 msgid "" -"Use secure location for temporary files. If this parameter is set to 'yes', " -"user home directory will be used for temporary files. Otherwise, /tmp will " -"be used." +"Defines the sectool level to use during the periodic security check. You may " +"use the sectool-gui application to select individual tests for each level. " +"If this variable is not defined, the default level defined in sectool " +"configuration will be used." msgstr "" -"用于存储临时文件的安全位置。若设为“yes”,临时文件将被存放在用户目录中。否则," -"将会使用 /tmp。" +"定义用于周期性安全检查的 sectool 等级。您可以使用 sectool-gui 程序来选择每个" +"等级中的测试项目。若未定义此变量,则使用 sectool 配置中的默认等级。" #: ../src/msec/help.py:74 -msgid "Allow direct root login on terminal." -msgstr "允许在终端中直接以 root 登录。" +msgid "Accept ICMP echo." +msgstr "接受ICMP回应。" #: ../src/msec/help.py:76 -msgid "Enable checking for changes in system users." -msgstr "启用对系统用户变更的检查。" - -#: ../src/msec/help.py:78 msgid "Enable checking for unowned files." msgstr "启用对无归属文件的检查。" +#: ../src/msec/help.py:78 +msgid "" +"Define the default retention period for logs, in weeks. Some countries " +"require that the log files should be kept for 12 months, other do not have " +"such strict requirements. This variable defines the number of past log files " +"that should be kept by logrotate on the system." +msgstr "" +"定义日志的保留周期,单位是周。一些国家需要保留日志文件至少 12 个月,其他国家" +"则没有此规定。此变量用于定义在日志滚动时需要保留的旧日志文件数。" + #: ../src/msec/help.py:80 -msgid "Enable IP spoofing protection." -msgstr "启用 IP 欺骗保护。" +msgid "" +"Allow remote root login via sshd. If yes, login is allowed. If without-" +"password, only public-key authentication logins are allowed. See " +"sshd_config(5) man page for more information." +msgstr "" +"允许通过 sshd 以 root 远程登。若为“yes”,则允许登录。若设为“without-" +"password”,则仅允许通过公钥认证的登录。参见 sshd_config(5) man 页面以获取更多" +"信息。" #: ../src/msec/help.py:82 -msgid "Allow display managers (kdm and gdm) to display list of local users." -msgstr "允许显示管理器(kde 和 gdm)显示本地用户列表。" +msgid "Enforce MSEC settings on system startup" +msgstr "系统启动时强制应用 MSEC 设置" #: ../src/msec/help.py:84 -msgid "Enable name resolution spoofing protection." -msgstr "启用域名解析欺骗保护。" +msgid "Enable checking for known rootkits using chkrootkit." +msgstr "使用 chkrootkit 检查已知的 rootkit。" #: ../src/msec/help.py:86 -msgid "" -"Enforce MSEC file directory permissions on system startup. If this parameter " -"is set to 'enforce', system permissions will be enforced automatically, " -"according to system security settings." -msgstr "" -"在系统启动时强制指定 MSEC 文件目录权限。若设为“enforce”,将会自动根据系统安全" -"设置来设定系统权限。" +msgid "Enable checking for changes in system groups." +msgstr "启用对系统组变更的检查。" #: ../src/msec/help.py:88 -msgid "Enables logging of periodic checks to system log." -msgstr "启用对系统日志周期性检查的日志记录。" +msgid "" +"Enable crontab and at for users. Put allowed users in /etc/cron.allow and /" +"etc/at.allow (see man at(1) and crontab(1))." +msgstr "" +"为所有用户启用 crontab。将允许的用户添加至 /etc/cron.allow 和 /etc/at." +"allow(参见 man at(1) 和 crontab(1))。" #: ../src/msec/help.py:90 msgid "" -"Enable permission checking on users' files that should not be owned by " -"someone else, or writable." -msgstr "启用对用户文件权限的检查,如归属错误、不应具有可写属性的文件。" +"Allow full access to network services controlled by tcp_wrapper (see hosts." +"deny(5)). If yes, all services are allowed. If local, only connections to " +"local services are authorized. If no, the services must be authorized " +"manually in /etc/hosts.allow (see hosts.allow(5))." +msgstr "" +"允许 tcp_wrapper 对网络服务的完整访问控制(参见 hosts.deny(5))。若设" +"为“yes”,则允许所有服务。若设为“local”,则仅授权本地服务链接。若设为“no”,则" +"须手动添加服务至 /etc/hosts.allow(参见 see hosts.allow(5))。" #: ../src/msec/help.py:92 -msgid "" -"Creates the symlink /etc/security/msec/server to point to /etc/security/msec/" -"server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --" -"add to decide to add a service if it is present in the file during the " -"installation of packages. By default, two presets are provided: local (which " -"only enables local services) and remote (which also enables some remote " -"services considered safe). Note that the allowed services must be placed " -"manually into the server.SERVER_LEVEL files when necessary." -msgstr "" -"创建 /etc/security/msec/server.SERVER_LEVEL 的符号链接至 /etc/security/msec/" -"server。chkconfig -add 使用 /etc/security/msec/server 来确定在安装软件包时要" -"添加的服务。默认情况下有两种预设值:local(仅启用本地服务)和 remote(也启用" -"一些安全的远程服务)。注意,某些情况下需要手动添加所需服务至 server." -"SERVER_LEVEL 文件。" +msgid "Set shell commands history size. A value of -1 means unlimited." +msgstr "设置 shell 命令历史大小。-1 表示没有限制。" #: ../src/msec/help.py:94 -msgid "" -"Use password to authenticate users. Take EXTREME care when disabling " -"passwords, as it will leave the machine vulnerable." -msgstr "使用密码来认证用户。若禁用密码,机器将很容易收到攻击,请三思而后行!" +msgid "Send security check results by email." +msgstr "通过电子邮件发送安全安全检查结果。" #: ../src/msec/help.py:96 -msgid "Enable checking for changes in system groups." -msgstr "启用对系统组变更的检查。" - -#: ../src/msec/help.py:98 msgid "" -"Set umask option for mounting vfat and ntfs partitions. If umask is '-1', " -"default system umask is used." +"Allow users in wheel group to use sudo. If this option is set to 'yes', the " +"users in wheel group are allowed to use sudo and run commands as root by " +"using their passwords. If this option to set to 'without-password', the " +"users can use sudo without being asked for their password. WARNING: using " +"sudo without any password makes your system very vulnerable, and you should " +"only use this setting if you know what you are doing!" msgstr "" -"设置挂载 vfat 和 ntfs 分区时的掩码选项。若设为“-1”,则使用默认的系统掩码。" +"允许 wheel 组的成员使用 sudo。若设为“yes”,则 允许wheel 组中的用户执行 sudo," +"并使用自己的密码认证。若设为“without-password”,则用户可以不用输入密码便使用 " +"sudo。\n" +"警告:无需密码使用 sudo 会导致系统容易受到攻击,仅当您充分了解后果时才进行此" +"操作!" + +#: ../src/msec/help.py:98 +msgid "Enable name resolution spoofing protection." +msgstr "启用域名解析欺骗保护。" #: ../src/msec/help.py:100 -msgid "Show security notifications in system tray using libnotify." -msgstr "使用 libnotify 在系统托盘中显示安全通知。" +msgid "Allow system reboot and shutdown to local users." +msgstr "允许本地用户重启和关闭系统。" #: ../src/msec/help.py:102 -msgid "Enable checking for open network ports." -msgstr "启用对开放网络端口的检查。" +msgid "Enable checking for files/directories writable by everybody." +msgstr "为所有人启用文件/目录可写性检查。" #: ../src/msec/help.py:104 -msgid "Run security checks when machine is running on battery power." -msgstr "当机器使用电池时,仍然运行安全检查。" +msgid "Allow direct root login on terminal." +msgstr "允许在终端中直接以 root 登录。" #: ../src/msec/help.py:106 -msgid "Perform hourly security check for changes in system configuration." -msgstr "对系统配置中的变更进行检查,每小时一次。" +msgid "Enable checksum verification for suid files." +msgstr "启用对 suid 文件校验和的检查。" #: ../src/msec/help.py:108 msgid "" -"Allow remote root login via sshd. If yes, login is allowed. If without-" -"password, only public-key authentication logins are allowed. See " -"sshd_config(5) man page for more information." -msgstr "" -"允许通过 sshd 以 root 远程登。若为“yes”,则允许登录。若设为“without-" -"password”,则仅允许通过公钥认证的登录。参见 sshd_config(5) man 页面以获取更多" -"信息。" +"Defines the base security level, on top of which the current configuration " +"is based." +msgstr "定义基础安全等级,并用作当前配置的基础。" #: ../src/msec/help.py:110 -msgid "Enable logging of strange network packets." -msgstr "记录非常规网络报文。" +msgid "" +"Enable password-related checks, such as empty passwords and strange super-" +"user accounts." +msgstr "启用密码相关检查,如空密码和非常规超级用户账户。" #: ../src/msec/help.py:112 -msgid "" -"Define the default retention period for logs, in weeks. Some countries " -"require that the log files should be kept for 12 months, other do not have " -"such strict requirements. This variable defines the number of past log files " -"that should be kept by logrotate on the system." -msgstr "" -"定义日志的保留周期,单位是周。一些国家需要保留日志文件至少 12 个月,其他国家" -"则没有此规定。此变量用于定义在日志滚动时需要保留的旧日志文件数。" +msgid "Accept broadcasted ICMP echo." +msgstr "接受广播 ICMP 回应。" #: ../src/msec/help.py:114 -msgid "Ask for root password when going to single user level (man sulogin(8))." -msgstr "在进入单用户模式时,要求输入 root 密码(man sulogin(8))。" +msgid "Enable checking for empty passwords in /etc/shadow (man shadow(5))." +msgstr "为所有人启用空密码检查(根据 /etc/shadow 文件,参见 man shadow(5))。" #: ../src/msec/help.py:116 -msgid "Allow root access without password for the members of the wheel group." -msgstr "允许 wheel 组的成员以 root 权限操作,且无需输入 root 密码。" +msgid "Set the root umask." +msgstr "设置 root umask。" #: ../src/msec/help.py:118 -msgid "Fix owner and group of unowned files to use nobody/nogroup." -msgstr "将无归属文件的所有者和所有组设为 nobody/nogroup。" +msgid "Ask for root password when going to single user level (man sulogin(8))." +msgstr "在进入单用户模式时,要求输入 root 密码(man sulogin(8))。" #: ../src/msec/help.py:120 -msgid "Send security check results by email." -msgstr "通过电子邮件发送安全安全检查结果。" +msgid "Show security notifications in system tray using libnotify." +msgstr "使用 libnotify 在系统托盘中显示安全通知。" #: ../src/msec/help.py:122 -msgid "" -"Allow to export display when passing from the root account to the other " -"users. See pam_xauth(8) for more details." -msgstr "" -"将 root 账户授权给其他用户时允许导出显示。参见 pam_xauth(8) 以了解更多细节。" +msgid "Enable checking for dangerous options in users' .rhosts/.shosts files." +msgstr "启用对用户 .rhosts/.shosts 文件中危险选项的检查。" #: ../src/msec/help.py:124 -msgid "" -"Allow users in wheel group to use sudo. If this option is set to 'yes', the " -"users in wheel group are allowed to use sudo and run commands as root by " -"using their passwords. If this option to set to 'without-password', the " -"users can use sudo without being asked for their password. WARNING: using " -"sudo without any password makes your system very vulnerable, and you should " -"only use this setting if you know what you are doing!" -msgstr "" -"允许 wheel 组的成员使用 sudo。若设为“yes”,则 允许wheel 组中的用户执行 sudo," -"并使用自己的密码认证。若设为“without-password”,则用户可以不用输入密码便使用 " -"sudo。\n" -"警告:无需密码使用 sudo 会导致系统容易受到攻击,仅当您充分了解后果时才进行此" -"操作!" +msgid "Enable periodic permission checking for files specified in msec policy." +msgstr "对 msec 策略中指定的文件启用周期性权限检查。" #: ../src/msec/help.py:126 -msgid "Enable checksum verification for suid files." -msgstr "启用对 suid 文件校验和的检查。" +msgid "Enable IP spoofing protection." +msgstr "启用 IP 欺骗保护。" #: ../src/msec/help.py:128 -msgid "Accept ICMP echo." -msgstr "接受ICMP回应。" +msgid "Enable logging of strange network packets." +msgstr "记录非常规网络报文。" #: ../src/msec/help.py:130 -msgid "" -"Set the password minimum length and minimum number of digit and minimum " -"number of capitalized letters, using length,ndigits,nupper format." -msgstr "设置密码的最低长度、最少数字位数、最少大写字符数,使用逗号分隔各个值。" +msgid "Accept bogus IPv4 error messages." +msgstr "接受有错的 IPv4 错误消息。" #: ../src/msec/help.py:132 -msgid "" -"Allow full access to network services controlled by tcp_wrapper (see hosts." -"deny(5)). If yes, all services are allowed. If local, only connections to " -"local services are authorized. If no, the services must be authorized " -"manually in /etc/hosts.allow (see hosts.allow(5))." -msgstr "" -"允许 tcp_wrapper 对网络服务的完整访问控制(参见 hosts.deny(5))。若设" -"为“yes”,则允许所有服务。若设为“local”,则仅授权本地服务链接。若设为“no”,则" -"须手动添加服务至 /etc/hosts.allow(参见 see hosts.allow(5))。" +msgid "Enable checking for open network ports." +msgstr "启用对开放网络端口的检查。" #: ../src/msec/help.py:134 -msgid "" -"Enable verification of integrity of installed RPM packages. This will notify " -"you if checksums of the installed files were changed, showing separate " -"results for binary and configuration files." -msgstr "" -"启用对安装的 RPM 软件包的完整性验证。若安装文件的校验和不符,将会提示您二进制" -"文件和配置文件中存在差异。" +msgid "Include current directory into user PATH by default" +msgstr "默认包含当前目录至用户的 PATH 变量" #: ../src/msec/help.py:136 msgid "" -"Patterns to exclude from disk checks. This parameter is parsed as a regex " -"(7), so you may use complex expressions." -msgstr "" -"指定磁盘检查中要排除的项目。程序使用 regex(7) 解析此参数,所以您可以使用复杂" -"的表达式。" +"Enable verification for changes in the installed RPM packages. This will " +"notify you when new packages are installed or removed." +msgstr "为安装的 RPM 软件包启用更改检查。当安装或移除新软件包时将会提示您。" #: ../src/msec/help.py:138 msgid "" -"Defines the sectool level to use during the periodic security check. You may " -"use the sectool-gui application to select individual tests for each level. " -"If this variable is not defined, the default level defined in sectool " -"configuration will be used." -msgstr "" -"定义用于周期性安全检查的 sectool 等级。您可以使用 sectool-gui 程序来选择每个" -"等级中的测试项目。若未定义此变量,则使用 sectool 配置中的默认等级。" +"Use password to authenticate users. Take EXTREME care when disabling " +"passwords, as it will leave the machine vulnerable." +msgstr "使用密码来认证用户。若禁用密码,机器将很容易收到攻击,请三思而后行!" #: ../src/msec/help.py:140 -msgid "Set the root umask." -msgstr "设置 root umask。" +msgid "Enable checking for changes in system users." +msgstr "启用对系统用户变更的检查。" #: ../src/msec/help.py:142 -msgid "Enforce MSEC settings on system startup" -msgstr "系统启动时强制应用 MSEC 设置" +msgid "" +"Allow local users to connect to X server. Accepted arguments: yes (all " +"connections are allowed), local (only local connection), no (no connection)." +msgstr "" +"允许本地用户连接到 X 服务器。可能的参数为:yes(允许所有链接)、local(仅允许" +"本地链接)、no(不允许链接)。" #: ../src/msec/help.py:144 -msgid "Enable periodic security check results to terminal." -msgstr "启用对终端输出的周期性安全检查。" +msgid "Allow only users in wheel group to su to root." +msgstr "只允许 wheel 组中的用户 su 到 root。" #: ../src/msec/help.py:146 -msgid "Accept bogus IPv4 error messages." -msgstr "接受有错的 IPv4 错误消息。" +msgid "Enables logging of periodic checks to system log." +msgstr "启用对系统日志周期性检查的日志记录。" #: ../src/msec/help.py:148 -msgid "Enable checking for additions/removals of sgid files." -msgstr "启用对根文件 sgid 添加/移除操作的检查。" +msgid "Perform hourly security check for changes in system configuration." +msgstr "对系统配置中的变更进行检查,每小时一次。" #: ../src/msec/help.py:150 -msgid "Activate ethernet cards promiscuity check." -msgstr "激活以太网卡混用检查。" +msgid "Set the shell timeout. A value of zero means no timeout." +msgstr "设置 shell 超时。若设为 0, 则为没有超时。" #: ../src/msec/libmsec.py:265 msgid "%s modified so launched command: %s" @@ -1253,111 +1253,100 @@ msgstr "禁止在 KDM 中关机/重启" msgid "Forbidding Ctrl-Alt-Del from console" msgstr "禁止在控制台按 Ctrl+Alt+Del" -#: ../src/msec/plugins/msec.py:395 -msgid "Allowing list of users in KDM" -msgstr "允许在 KDM 中列出用户" +#: ../src/msec/plugins/msec.py:397 ../src/msec/plugins/msec.py:404 +#: ../src/msec/plugins/msec.py:408 +msgid "Allowing list of users in {}" +msgstr "允许 {} 中列出的用户" -#: ../src/msec/plugins/msec.py:402 -msgid "Allowing list of users in GDM" -msgstr "允许在 GDM 中列出用户" +#: ../src/msec/plugins/msec.py:413 ../src/msec/plugins/msec.py:420 +msgid "Forbidding list of users in {}" +msgstr "阻止 {} 中列出的用户" -#: ../src/msec/plugins/msec.py:407 -msgid "Forbidding list of users in KDM" -msgstr "禁止在 KDM 中列出用户" +#: ../src/msec/plugins/msec.py:424 +msgid "Forbidding showing last user in {}" +msgstr "禁止显示 {} 中列出的上一次使用的用户" -#: ../src/msec/plugins/msec.py:414 -msgid "Forbidding list of users in GDM" -msgstr "禁止在 GDM 中列出用户" - -#: ../src/msec/plugins/msec.py:425 +#: ../src/msec/plugins/msec.py:435 msgid "Allowing autologin" msgstr "允许自动登录" -#: ../src/msec/plugins/msec.py:428 +#: ../src/msec/plugins/msec.py:438 msgid "Forbidding autologin" msgstr "禁止自动登录" -#: ../src/msec/plugins/msec.py:433 -msgid "Activating password in boot loader" -msgstr "在引导器中启用密码控制" - #: ../src/msec/plugins/msec.py:447 -msgid "Removing password in boot loader" -msgstr "取消引导器中的密码控制" - -#: ../src/msec/plugins/msec.py:462 msgid "Enabling log on console" msgstr "启用终端日志记录" -#: ../src/msec/plugins/msec.py:466 +#: ../src/msec/plugins/msec.py:451 msgid "Disabling log on console" msgstr "禁用终端日志记录" -#: ../src/msec/plugins/msec.py:483 +#: ../src/msec/plugins/msec.py:469 msgid "Authorizing all services" msgstr "授权所有服务" -#: ../src/msec/plugins/msec.py:487 +#: ../src/msec/plugins/msec.py:473 msgid "Disabling all services" msgstr "禁用所有服务" -#: ../src/msec/plugins/msec.py:491 +#: ../src/msec/plugins/msec.py:477 msgid "Disabling non local services" msgstr "禁用非本地服务" -#: ../src/msec/plugins/msec.py:503 +#: ../src/msec/plugins/msec.py:489 msgid "Enabling sulogin in single user runlevel" msgstr "在单用户运行等级中启用 sulogin" -#: ../src/msec/plugins/msec.py:507 +#: ../src/msec/plugins/msec.py:493 msgid "Disabling sulogin in single user runlevel" msgstr "在单用户运行等级中禁用 sulogin" -#: ../src/msec/plugins/msec.py:518 +#: ../src/msec/plugins/msec.py:504 msgid "Enabling msec periodic runs" msgstr "启用周期性运行 msec" -#: ../src/msec/plugins/msec.py:522 +#: ../src/msec/plugins/msec.py:508 msgid "Disabling msec periodic runs" msgstr "禁用周期性运行 msec" -#: ../src/msec/plugins/msec.py:535 +#: ../src/msec/plugins/msec.py:521 msgid "Enabling crontab and at" msgstr "启用 crontab 于" -#: ../src/msec/plugins/msec.py:542 +#: ../src/msec/plugins/msec.py:528 msgid "Disabling crontab and at" msgstr "禁用 crontab 于" -#: ../src/msec/plugins/msec.py:554 +#: ../src/msec/plugins/msec.py:540 msgid "Allowing export display from root" msgstr "允许导出 root 的显示" -#: ../src/msec/plugins/msec.py:558 +#: ../src/msec/plugins/msec.py:544 msgid "Forbidding export display from root" msgstr "禁止导出 root 的显示" -#: ../src/msec/plugins/msec.py:585 +#: ../src/msec/plugins/msec.py:571 msgid "Allowing direct root login" msgstr "允许直接以 root 登录" -#: ../src/msec/plugins/msec.py:608 +#: ../src/msec/plugins/msec.py:594 msgid "Forbidding direct root login" msgstr "禁止直接以 root 登录" -#: ../src/msec/plugins/msec.py:630 +#: ../src/msec/plugins/msec.py:616 msgid "Using secure location for temporary files" msgstr "使用安全位置来存放临时文件" -#: ../src/msec/plugins/msec.py:632 +#: ../src/msec/plugins/msec.py:618 msgid "Not using secure location for temporary files" msgstr "不使用安全位置来存放临时文件" -#: ../src/msec/plugins/msec.py:652 +#: ../src/msec/plugins/msec.py:638 msgid "Allowing including current directory in path" msgstr "允许在路径中包含当前目录" -#: ../src/msec/plugins/msec.py:655 +#: ../src/msec/plugins/msec.py:641 msgid "Not allowing including current directory in path" msgstr "不允许在路径中包含当前目录" @@ -1490,7 +1479,7 @@ msgstr "/etc/security/msec/security.conf 不存在。" msgid "MSEC: audit script $script failed" msgstr "MSEC:审计脚本 $script 运行失败" -# File: ../cron-sh/security.sh, line: 127 +# File: ../cron-sh/security.sh, line: 128 #, sh-format msgid "" "MSEC has performed Security Check on ${REPORT_HOSTNAME} on ${REPORT_DATE}. " @@ -1499,7 +1488,7 @@ msgstr "" "MSEC 为 ${REPORT_HOSTNAME} 于 ${REPORT_DATE} 执行了安全检查。详细结果可以查" "看 ${MAIL_LOG_TODAY}" -# File: ../cron-sh/security.sh, line: 138 +# File: ../cron-sh/security.sh, line: 139 #, sh-format msgid "" "MSEC has performed Diff Check on ${REPORT_HOSTNAME} on ${REPORT_DATE}. " |