Update Chinese (Simplified) translation from Tx

1 files changed, 284 insertions, 293 deletions

diff --git a/po/zh_CN.po b/po/zh_CN.po
index 6fc2b94..8120256 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -6,13 +6,13 @@
 # Funda Wang <fundawang@linux.net.cn>, 2002-2005
 # Jesse Kuang <kjx@mandriva.com>, 2002
 # xiao wenming <xwm-citcc5@hotmail.com>, 2015
-# zwpwjwtz <zwpwjwtz@126.com>, 2016
+# zwpwjwtz <zwpwjwtz@126.com>, 2016-2017
 # 汤诗语 <shiyu@mandriva.org>, 2003-2004,2008
 msgid ""
 msgstr ""
 "Project-Id-Version: Mageia\n"
-"POT-Creation-Date: 2016-10-23 09:15+CEST\n"
-"PO-Revision-Date: 2016-11-04 13:20+0000\n"
+"POT-Creation-Date: 2017-09-03 08:41+CEST\n"
+"PO-Revision-Date: 2017-10-22 13:50+0000\n"
 "Last-Translator: zwpwjwtz <zwpwjwtz@126.com>\n"
 "Language-Team: Chinese (China) (http://www.transifex.com/MageiaLinux/mageia/"
 "language/zh_CN/)\n"
@@ -35,405 +35,405 @@ msgstr "系统文件无更改"
 msgid "Disabled"
 msgstr "禁用"
 
-#: ../src/msec/config.py:222 ../src/msec/config.py:434
+#: ../src/msec/config.py:222 ../src/msec/config.py:436
 msgid "Unable to load configuration file %s: %s"
 msgstr "无法加载配置文件 %s：%s"
 
-#: ../src/msec/config.py:236 ../src/msec/config.py:345
-#: ../src/msec/config.py:453
+#: ../src/msec/config.py:236 ../src/msec/config.py:346
+#: ../src/msec/config.py:455
 msgid "Bad config option: %s"
 msgstr "错误的配置选项: %s"
 
-#: ../src/msec/config.py:271 ../src/msec/config.py:384
-#: ../src/msec/config.py:479
+#: ../src/msec/config.py:271 ../src/msec/config.py:385
+#: ../src/msec/config.py:481
 msgid "Unable to save %s: %s"
 msgstr "未能保存 %s: %s"
 
-#: ../src/msec/config.py:330
+#: ../src/msec/config.py:331
 msgid "loading exceptions file %s: %s"
 msgstr "加载例外文件 %s：%s"
 
-#: ../src/msec/config.py:331
+#: ../src/msec/config.py:332
 msgid "No exceptions loaded"
 msgstr "未加载例外"
 
 #: ../src/msec/help.py:14
-msgid "Enable checking for changes in firewall settings."
-msgstr "启用对防火墙设置更改的检查。"
+msgid ""
+"Patterns to exclude from disk checks. This parameter is parsed as a regex "
+"(7), so you may use complex expressions."
+msgstr ""
+"指定磁盘检查中要排除的项目。程序使用 regex(7) 解析此参数，所以您可以使用复杂"
+"的表达式。"
 
 #: ../src/msec/help.py:16
-msgid "Fix owner and group of unowned files to use nobody/nogroup."
-msgstr "将无归属文件的所有者和所有组设为 nobody/nogroup。"
+msgid ""
+"Enable msec to enforce file permissions to the values specified in the msec "
+"security policy."
+msgstr "用 msec 将文件权限强制设置为 msec 安全策略中指定的值。"
 
 #: ../src/msec/help.py:18
 msgid ""
-"Use secure location for temporary files. If this parameter is set to 'yes', "
-"user home directory will be used for temporary files. Otherwise, /tmp will "
-"be used."
+"Enable sectools checks. This check will run all sectool checks for a "
+"security level configuration. The security level to be used during this test "
+"is determined by the CHECK_SECTOOL_LEVELS variable."
 msgstr ""
-"用于存储临时文件的安全位置。若设为“yes”，临时文件将被存放在用户目录中。否则，"
-"将会使用 /tmp。"
+"启用 sectool 检查。将根据安全等级配置运行所有 sectool 检查。可以通过 "
+"CHECK_SECTOOL_LEVELS 变量指定用于检查的安全等级。"
 
 #: ../src/msec/help.py:20
-msgid "Allow autologin."
-msgstr "允许自动登录。"
+msgid ""
+"Allow users in wheel group to use sudo. If this option is set to 'yes', the "
+"users in wheel group are allowed to use sudo and run commands as root by "
+"using their passwords. If this option to set to 'without-password', the "
+"users can use sudo without being asked for their password. WARNING: using "
+"sudo without any password makes your system very vulnerable, and you should "
+"only use this setting if you know what you are doing!"
+msgstr ""
+"允许 wheel 组的成员使用 sudo。若设为“yes”，则 允许wheel 组中的用户执行 sudo，"
+"并使用自己的密码认证。若设为“without-password”，则用户可以不用输入密码便使用 "
+"sudo。\n"
+"警告：无需密码使用 sudo 会导致系统容易受到攻击，仅当您充分了解后果时才进行此"
+"操作！"
 
 #: ../src/msec/help.py:22
-msgid ""
-"Set the password minimum length and minimum number of digit and minimum "
-"number of capitalized letters, using length,ndigits,nupper format."
-msgstr "设置密码的最低长度、最少数字位数、最少大写字符数，使用逗号分隔各个值。"
+msgid "Activate ethernet cards promiscuity check."
+msgstr "激活以太网卡混用检查。"
 
 #: ../src/msec/help.py:24
-msgid "Enable checking for additions/removals of sgid files."
-msgstr "启用对根文件 sgid 添加/移除操作的检查。"
+msgid "User email to receive security notifications."
+msgstr "用于接受安全通知的用户邮箱。"
 
 #: ../src/msec/help.py:26
 msgid ""
-"Enforce MSEC file directory permissions on system startup. If this parameter "
-"is set to 'enforce', system permissions will be enforced automatically, "
-"according to system security settings."
+"Allow remote root login via sshd. If yes, login is allowed. If without-"
+"password, only public-key authentication logins are allowed. See "
+"sshd_config(5) man page for more information."
 msgstr ""
-"在系统启动时强制指定 MSEC 文件目录权限。若设为“enforce”，将会自动根据系统安全"
-"设置来设定系统权限。"
+"允许通过 sshd 以 root 远程登。若为“yes”，则允许登录。若设为“without-"
+"password”，则仅允许通过公钥认证的登录。参见 sshd_config(5) man 页面以获取更多"
+"信息。"
 
 #: ../src/msec/help.py:28
-msgid ""
-"Enable verification of integrity of installed RPM packages. This will notify "
-"you if checksums of the installed files were changed, showing separate "
-"results for binary and configuration files."
-msgstr ""
-"启用对安装的 RPM 软件包的完整性验证。若安装文件的校验和不符，将会提示您二进制"
-"文件和配置文件中存在差异。"
+msgid "Perform hourly security check for changes in system configuration."
+msgstr "对系统配置中的变更进行检查，每小时一次。"
 
 #: ../src/msec/help.py:30
-msgid ""
-"Set the password history length to prevent password reuse. This is not "
-"supported by pam_tcb."
-msgstr "设置密码记录历史，以防密码被重复使用。pam_tcb 不支持此功能。"
+msgid "Enables logging of periodic checks to system log."
+msgstr "启用对系统日志周期性检查的日志记录。"
 
 #: ../src/msec/help.py:32
 msgid ""
-"Set umask option for mounting vfat and ntfs partitions. If umask is '-1', "
-"default system umask is used."
-msgstr ""
-"设置挂载 vfat 和 ntfs 分区时的掩码选项。若设为“-1”，则使用默认的系统掩码。"
+"Set the password minimum length and minimum number of digit and minimum "
+"number of capitalized letters, using length,ndigits,nupper format."
+msgstr "设置密码的最低长度、最少数字位数、最少大写字符数，使用逗号分隔各个值。"
 
 #: ../src/msec/help.py:34
-msgid "Allow X server to accept connections from network on tcp port 6000."
-msgstr "允许 X 服务器接受来自 6000 端口的 TCP 链接。"
+msgid "Allow display managers (sddm and gdm) to display list of local users."
+msgstr "允许显示管理器（kde 和 gdm）显示本地用户列表。"
 
 #: ../src/msec/help.py:36
 msgid ""
-"Enable sectools checks. This check will run all sectool checks for a "
-"security level configuration. The security level to be used during this test "
-"is determined by the CHECK_SECTOOL_LEVELS variable."
-msgstr ""
-"启用 sectool 检查。将根据安全等级配置运行所有 sectool 检查。可以通过 "
-"CHECK_SECTOOL_LEVELS 变量指定用于检查的安全等级。"
+"Defines the base security level, on top of which the current configuration "
+"is based."
+msgstr "定义基础安全等级，并用作当前配置的基础。"
 
 #: ../src/msec/help.py:38
-msgid "Log journal messages on console terminal 12."
-msgstr "将日志消息输出到 12 号控制台终端。"
+msgid ""
+"Defines the sectool level to use during the periodic security check. You may "
+"use the sectool-gui application to select individual tests for each level. "
+"If this variable is not defined, the default level defined in sectool "
+"configuration will be used."
+msgstr ""
+"定义用于周期性安全检查的 sectool 等级。您可以使用 sectool-gui 程序来选择每个"
+"等级中的测试项目。若未定义此变量，则使用 sectool 配置中的默认等级。"
 
 #: ../src/msec/help.py:40
-msgid ""
-"Enable msec to enforce file permissions to the values specified in the msec "
-"security policy."
-msgstr "用 msec 将文件权限强制设置为 msec 安全策略中指定的值。"
+msgid "Enable checking for additions/removals of sgid files."
+msgstr "启用对根文件 sgid 添加/移除操作的检查。"
 
 #: ../src/msec/help.py:42
 msgid ""
-"Patterns to exclude from disk checks. This parameter is parsed as a regex "
-"(7), so you may use complex expressions."
-msgstr ""
-"指定磁盘检查中要排除的项目。程序使用 regex(7) 解析此参数，所以您可以使用复杂"
-"的表达式。"
+"Use password to authenticate users. Take EXTREME care when disabling "
+"passwords, as it will leave the machine vulnerable."
+msgstr "使用密码来认证用户。若禁用密码，机器将很容易收到攻击，请三思而后行！"
 
 #: ../src/msec/help.py:44
-msgid ""
-"Allow to export display when passing from the root account to the other "
-"users. See pam_xauth(8) for more details."
-msgstr ""
-"将 root 账户授权给其他用户时允许导出显示。参见 pam_xauth(8) 以了解更多细节。"
+msgid "Enable periodic security check results to terminal."
+msgstr "启用对终端输出的周期性安全检查。"
 
 #: ../src/msec/help.py:46
-msgid "Enable checking for additions/removals of suid root files."
-msgstr "启用对根文件 suid 添加/移除操作的检查。"
+msgid "Allow direct root login on terminal."
+msgstr "允许在终端中直接以 root 登录。"
 
 #: ../src/msec/help.py:48
-msgid "Allow root access without password for the members of the wheel group."
-msgstr "允许 wheel 组的成员以 root 权限操作，且无需输入 root 密码。"
+msgid "Enable checking for empty passwords in /etc/shadow (man shadow(5))."
+msgstr "为所有人启用空密码检查（根据 /etc/shadow 文件，参见 man shadow(5)）。"
 
 #: ../src/msec/help.py:50
-msgid "Set the user umask."
-msgstr "设置用户 umask。"
+msgid "Allow system reboot and shutdown to local users."
+msgstr "允许本地用户重启和关闭系统。"
 
 #: ../src/msec/help.py:52
-msgid "Enable periodic security check results to terminal."
-msgstr "启用对终端输出的周期性安全检查。"
-
-#: ../src/msec/help.py:54
 msgid "Ignore changes in process IDs when checking for open network ports."
 msgstr "检查开放网络端口时忽略进程 ID 变更。"
 
+#: ../src/msec/help.py:54
+msgid "Enable checking for changes in system users."
+msgstr "启用对系统用户变更的检查。"
+
 #: ../src/msec/help.py:56
-msgid "Run security checks when machine is running on battery power."
-msgstr "当机器使用电池时，仍然运行安全检查。"
+msgid "Enforce MSEC settings on system startup"
+msgstr "系统启动时强制应用 MSEC 设置"
 
 #: ../src/msec/help.py:58
 msgid ""
-"Enable permission checking on users' files that should not be owned by "
-"someone else, or writable."
-msgstr "启用对用户文件权限的检查，如归属错误、不应具有可写属性的文件。"
+"Allow local users to connect to X server. Accepted arguments: yes (all "
+"connections are allowed), local (only local connection), no (no connection)."
+msgstr ""
+"允许本地用户连接到 X 服务器。可能的参数为：yes（允许所有链接）、local（仅允许"
+"本地链接）、no（不允许链接）。"
 
 #: ../src/msec/help.py:60
-msgid "Allow display managers (kdm and gdm) to display list of local users."
-msgstr "允许显示管理器（kde 和 gdm）显示本地用户列表。"
+msgid "Enable checking for changes in system groups."
+msgstr "启用对系统组变更的检查。"
 
 #: ../src/msec/help.py:62
-msgid ""
-"Creates the symlink /etc/security/msec/server to point to /etc/security/msec/"
-"server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --"
-"add to decide to add a service if it is present in the file during the "
-"installation of packages. By default, two presets are provided: local (which "
-"only enables local services) and remote (which also enables some remote "
-"services considered safe). Note that the allowed services must be placed "
-"manually into the server.SERVER_LEVEL files when necessary."
-msgstr ""
-"创建 /etc/security/msec/server.SERVER_LEVEL 的符号链接至 /etc/security/msec/"
-"server。chkconfig -add 使用 /etc/security/msec/server 来确定在安装软件包时要"
-"添加的服务。默认情况下有两种预设值：local（仅启用本地服务）和 remote（也启用"
-"一些安全的远程服务）。注意，某些情况下需要手动添加所需服务至 server."
-"SERVER_LEVEL 文件。"
+msgid "Enable checking for known rootkits using chkrootkit."
+msgstr "使用 chkrootkit 检查已知的 rootkit。"
 
 #: ../src/msec/help.py:64
-msgid "Send mail reports even if no changes were detected."
-msgstr "如果没有检测到更改，也发送邮件报告。"
+msgid "Allow autologin."
+msgstr "允许自动登录。"
 
 #: ../src/msec/help.py:66
-msgid "Activate ethernet cards promiscuity check."
-msgstr "激活以太网卡混用检查。"
+msgid ""
+"Enable permission checking on users' files that should not be owned by "
+"someone else, or writable."
+msgstr "启用对用户文件权限的检查，如归属错误、不应具有可写属性的文件。"
 
 #: ../src/msec/help.py:68
-msgid "User email to receive security notifications."
-msgstr "用于接受安全通知的用户邮箱。"
+msgid "Allow only users in wheel group to su to root."
+msgstr "只允许 wheel 组中的用户 su 到 root。"
 
 #: ../src/msec/help.py:70
-msgid "Enable daily security checks."
-msgstr "启用每日安全检查"
-
-#: ../src/msec/help.py:72
 msgid ""
-"Defines the sectool level to use during the periodic security check. You may "
-"use the sectool-gui application to select individual tests for each level. "
-"If this variable is not defined, the default level defined in sectool "
-"configuration will be used."
+"Allow full access to network services controlled by tcp_wrapper (see hosts."
+"deny(5)). If yes, all services are allowed. If local, only connections to "
+"local services are authorized. If no, the services must be authorized "
+"manually in /etc/hosts.allow (see hosts.allow(5))."
 msgstr ""
-"定义用于周期性安全检查的 sectool 等级。您可以使用 sectool-gui 程序来选择每个"
-"等级中的测试项目。若未定义此变量，则使用 sectool 配置中的默认等级。"
+"允许 tcp_wrapper 对网络服务的完整访问控制（参见 hosts.deny(5)）。若设"
+"为“yes”，则允许所有服务。若设为“local”，则仅授权本地服务链接。若设为“no”，则"
+"须手动添加服务至 /etc/hosts.allow（参见 see hosts.allow(5)）。"
+
+#: ../src/msec/help.py:72
+msgid "Allow X server to accept connections from network on tcp port 6000."
+msgstr "允许 X 服务器接受来自 6000 端口的 TCP 链接。"
 
 #: ../src/msec/help.py:74
-msgid "Accept ICMP echo."
-msgstr "接受ICMP回应。"
+msgid "Fix owner and group of unowned files to use nobody/nogroup."
+msgstr "将无归属文件的所有者和所有组设为 nobody/nogroup。"
 
 #: ../src/msec/help.py:76
-msgid "Enable checking for unowned files."
-msgstr "启用对无归属文件的检查。"
+msgid "Set the shell timeout. A value of zero means no timeout."
+msgstr "设置 shell 超时。若设为 0, 则为没有超时。"
 
 #: ../src/msec/help.py:78
 msgid ""
-"Define the default retention period for logs, in weeks. Some countries "
-"require that the log files should be kept for 12 months, other do not have "
-"such strict requirements. This variable defines the number of past log files "
-"that should be kept by logrotate on the system."
-msgstr ""
-"定义日志的保留周期，单位是周。一些国家需要保留日志文件至少 12 个月，其他国家"
-"则没有此规定。此变量用于定义在日志滚动时需要保留的旧日志文件数。"
+"Enable password-related checks, such as empty passwords and strange super-"
+"user accounts."
+msgstr "启用密码相关检查，如空密码和非常规超级用户账户。"
 
 #: ../src/msec/help.py:80
-msgid ""
-"Allow remote root login via sshd. If yes, login is allowed. If without-"
-"password, only public-key authentication logins are allowed. See "
-"sshd_config(5) man page for more information."
-msgstr ""
-"允许通过 sshd 以 root 远程登。若为“yes”，则允许登录。若设为“without-"
-"password”，则仅允许通过公钥认证的登录。参见 sshd_config(5) man 页面以获取更多"
-"信息。"
+msgid "Enable checking for changes in firewall settings."
+msgstr "启用对防火墙设置更改的检查。"
 
 #: ../src/msec/help.py:82
-msgid "Enforce MSEC settings on system startup"
-msgstr "系统启动时强制应用 MSEC 设置"
+msgid "Send security check results by email."
+msgstr "通过电子邮件发送安全安全检查结果。"
 
 #: ../src/msec/help.py:84
-msgid "Enable checking for known rootkits using chkrootkit."
-msgstr "使用 chkrootkit 检查已知的 rootkit。"
+msgid "Accept broadcasted ICMP echo."
+msgstr "接受广播 ICMP 回应。"
 
 #: ../src/msec/help.py:86
-msgid "Enable checking for changes in system groups."
-msgstr "启用对系统组变更的检查。"
+msgid "Send mail reports even if no changes were detected."
+msgstr "如果没有检测到更改，也发送邮件报告。"
 
 #: ../src/msec/help.py:88
 msgid ""
-"Enable crontab and at for users. Put allowed users in /etc/cron.allow and /"
-"etc/at.allow (see man at(1) and crontab(1))."
-msgstr ""
-"为所有用户启用 crontab。将允许的用户添加至 /etc/cron.allow 和 /etc/at."
-"allow（参见 man at(1) 和 crontab(1)）。"
+"Enable verification for changes in the installed RPM packages. This will "
+"notify you when new packages are installed or removed."
+msgstr "为安装的 RPM 软件包启用更改检查。当安装或移除新软件包时将会提示您。"
 
 #: ../src/msec/help.py:90
-msgid ""
-"Allow full access to network services controlled by tcp_wrapper (see hosts."
-"deny(5)). If yes, all services are allowed. If local, only connections to "
-"local services are authorized. If no, the services must be authorized "
-"manually in /etc/hosts.allow (see hosts.allow(5))."
-msgstr ""
-"允许 tcp_wrapper 对网络服务的完整访问控制（参见 hosts.deny(5)）。若设"
-"为“yes”，则允许所有服务。若设为“local”，则仅授权本地服务链接。若设为“no”，则"
-"须手动添加服务至 /etc/hosts.allow（参见 see hosts.allow(5)）。"
+msgid "Enable checking for files/directories writable by everybody."
+msgstr "为所有人启用文件/目录可写性检查。"
 
 #: ../src/msec/help.py:92
-msgid "Set shell commands history size. A value of -1 means unlimited."
-msgstr "设置 shell 命令历史大小。-1 表示没有限制。"
+msgid "Show security notifications in system tray using libnotify."
+msgstr "使用 libnotify 在系统托盘中显示安全通知。"
 
 #: ../src/msec/help.py:94
-msgid "Send security check results by email."
-msgstr "通过电子邮件发送安全安全检查结果。"
-
-#: ../src/msec/help.py:96
 msgid ""
-"Allow users in wheel group to use sudo. If this option is set to 'yes', the "
-"users in wheel group are allowed to use sudo and run commands as root by "
-"using their passwords. If this option to set to 'without-password', the "
-"users can use sudo without being asked for their password. WARNING: using "
-"sudo without any password makes your system very vulnerable, and you should "
-"only use this setting if you know what you are doing!"
+"Enforce MSEC file directory permissions on system startup. If this parameter "
+"is set to 'enforce', system permissions will be enforced automatically, "
+"according to system security settings."
 msgstr ""
-"允许 wheel 组的成员使用 sudo。若设为“yes”，则 允许wheel 组中的用户执行 sudo，"
-"并使用自己的密码认证。若设为“without-password”，则用户可以不用输入密码便使用 "
-"sudo。\n"
-"警告：无需密码使用 sudo 会导致系统容易受到攻击，仅当您充分了解后果时才进行此"
-"操作！"
+"在系统启动时强制指定 MSEC 文件目录权限。若设为“enforce”，将会自动根据系统安全"
+"设置来设定系统权限。"
+
+#: ../src/msec/help.py:96
+msgid "Enable checking for unowned files."
+msgstr "启用对无归属文件的检查。"
 
 #: ../src/msec/help.py:98
-msgid "Enable name resolution spoofing protection."
-msgstr "启用域名解析欺骗保护。"
+msgid "Enable checksum verification for suid files."
+msgstr "启用对 suid 文件校验和的检查。"
 
 #: ../src/msec/help.py:100
-msgid "Allow system reboot and shutdown to local users."
-msgstr "允许本地用户重启和关闭系统。"
+msgid ""
+"Use secure location for temporary files. If this parameter is set to 'yes', "
+"user home directory will be used for temporary files. Otherwise, /tmp will "
+"be used."
+msgstr ""
+"用于存储临时文件的安全位置。若设为“yes”，临时文件将被存放在用户目录中。否则，"
+"将会使用 /tmp。"
 
 #: ../src/msec/help.py:102
-msgid "Enable checking for files/directories writable by everybody."
-msgstr "为所有人启用文件/目录可写性检查。"
+msgid ""
+"Set umask option for mounting vfat and ntfs partitions. If umask is '-1', "
+"default system umask is used."
+msgstr ""
+"设置挂载 vfat 和 ntfs 分区时的掩码选项。若设为“-1”，则使用默认的系统掩码。"
 
 #: ../src/msec/help.py:104
-msgid "Allow direct root login on terminal."
-msgstr "允许在终端中直接以 root 登录。"
+msgid "Ask for root password when going to single user level (man sulogin(8))."
+msgstr "在进入单用户模式时，要求输入 root 密码（man sulogin(8)）。"
 
 #: ../src/msec/help.py:106
-msgid "Enable checksum verification for suid files."
-msgstr "启用对 suid 文件校验和的检查。"
+msgid "Accept bogus IPv4 error messages."
+msgstr "接受有错的 IPv4 错误消息。"
 
 #: ../src/msec/help.py:108
-msgid ""
-"Defines the base security level, on top of which the current configuration "
-"is based."
-msgstr "定义基础安全等级，并用作当前配置的基础。"
+msgid "Include current directory into user PATH by default"
+msgstr "默认包含当前目录至用户的 PATH 变量"
 
 #: ../src/msec/help.py:110
-msgid ""
-"Enable password-related checks, such as empty passwords and strange super-"
-"user accounts."
-msgstr "启用密码相关检查，如空密码和非常规超级用户账户。"
+msgid "Enable IP spoofing protection."
+msgstr "启用 IP 欺骗保护。"
 
 #: ../src/msec/help.py:112
-msgid "Accept broadcasted ICMP echo."
-msgstr "接受广播 ICMP 回应。"
+msgid "Run security checks when machine is running on battery power."
+msgstr "当机器使用电池时，仍然运行安全检查。"
 
 #: ../src/msec/help.py:114
-msgid "Enable checking for empty passwords in /etc/shadow (man shadow(5))."
-msgstr "为所有人启用空密码检查（根据 /etc/shadow 文件，参见 man shadow(5)）。"
-
-#: ../src/msec/help.py:116
 msgid "Set the root umask."
 msgstr "设置 root umask。"
 
+#: ../src/msec/help.py:116
+msgid ""
+"Set the password history length to prevent password reuse. This is not "
+"supported by pam_tcb."
+msgstr "设置密码记录历史，以防密码被重复使用。pam_tcb 不支持此功能。"
+
 #: ../src/msec/help.py:118
-msgid "Ask for root password when going to single user level (man sulogin(8))."
-msgstr "在进入单用户模式时，要求输入 root 密码（man sulogin(8)）。"
+msgid ""
+"Enable crontab and at for users. Put allowed users in /etc/cron.allow and /"
+"etc/at.allow (see man at(1) and crontab(1))."
+msgstr ""
+"为所有用户启用 crontab。将允许的用户添加至 /etc/cron.allow 和 /etc/at."
+"allow（参见 man at(1) 和 crontab(1)）。"
 
 #: ../src/msec/help.py:120
-msgid "Show security notifications in system tray using libnotify."
-msgstr "使用 libnotify 在系统托盘中显示安全通知。"
+msgid "Enable checking for open network ports."
+msgstr "启用对开放网络端口的检查。"
 
 #: ../src/msec/help.py:122
-msgid "Enable checking for dangerous options in users' .rhosts/.shosts files."
-msgstr "启用对用户 .rhosts/.shosts 文件中危险选项的检查。"
+msgid ""
+"Enable verification of integrity of installed RPM packages. This will notify "
+"you if checksums of the installed files were changed, showing separate "
+"results for binary and configuration files."
+msgstr ""
+"启用对安装的 RPM 软件包的完整性验证。若安装文件的校验和不符，将会提示您二进制"
+"文件和配置文件中存在差异。"
 
 #: ../src/msec/help.py:124
-msgid "Enable periodic permission checking for files specified in msec policy."
-msgstr "对 msec 策略中指定的文件启用周期性权限检查。"
+msgid "Enable daily security checks."
+msgstr "启用每日安全检查"
 
 #: ../src/msec/help.py:126
-msgid "Enable IP spoofing protection."
-msgstr "启用 IP 欺骗保护。"
+msgid ""
+"Define the default retention period for logs, in weeks. Some countries "
+"require that the log files should be kept for 12 months, other do not have "
+"such strict requirements. This variable defines the number of past log files "
+"that should be kept by logrotate on the system."
+msgstr ""
+"定义日志的保留周期，单位是周。一些国家需要保留日志文件至少 12 个月，其他国家"
+"则没有此规定。此变量用于定义在日志滚动时需要保留的旧日志文件数。"
 
 #: ../src/msec/help.py:128
-msgid "Enable logging of strange network packets."
-msgstr "记录非常规网络报文。"
+msgid "Enable periodic permission checking for files specified in msec policy."
+msgstr "对 msec 策略中指定的文件启用周期性权限检查。"
 
 #: ../src/msec/help.py:130
-msgid "Accept bogus IPv4 error messages."
-msgstr "接受有错的 IPv4 错误消息。"
+msgid ""
+"Creates the symlink /etc/security/msec/server to point to /etc/security/msec/"
+"server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --"
+"add to decide to add a service if it is present in the file during the "
+"installation of packages. By default, two presets are provided: local (which "
+"only enables local services) and remote (which also enables some remote "
+"services considered safe). Note that the allowed services must be placed "
+"manually into the server.SERVER_LEVEL files when necessary."
+msgstr ""
+"创建 /etc/security/msec/server.SERVER_LEVEL 的符号链接至 /etc/security/msec/"
+"server。chkconfig -add 使用 /etc/security/msec/server 来确定在安装软件包时要"
+"添加的服务。默认情况下有两种预设值：local（仅启用本地服务）和 remote（也启用"
+"一些安全的远程服务）。注意，某些情况下需要手动添加所需服务至 server."
+"SERVER_LEVEL 文件。"
 
 #: ../src/msec/help.py:132
-msgid "Enable checking for open network ports."
-msgstr "启用对开放网络端口的检查。"
+msgid "Enable checking for additions/removals of suid root files."
+msgstr "启用对根文件 suid 添加/移除操作的检查。"
 
 #: ../src/msec/help.py:134
-msgid "Include current directory into user PATH by default"
-msgstr "默认包含当前目录至用户的 PATH 变量"
+msgid "Allow root access without password for the members of the wheel group."
+msgstr "允许 wheel 组的成员以 root 权限操作，且无需输入 root 密码。"
 
 #: ../src/msec/help.py:136
-msgid ""
-"Enable verification for changes in the installed RPM packages. This will "
-"notify you when new packages are installed or removed."
-msgstr "为安装的 RPM 软件包启用更改检查。当安装或移除新软件包时将会提示您。"
+msgid "Accept ICMP echo."
+msgstr "接受ICMP回应。"
 
 #: ../src/msec/help.py:138
 msgid ""
-"Use password to authenticate users. Take EXTREME care when disabling "
-"passwords, as it will leave the machine vulnerable."
-msgstr "使用密码来认证用户。若禁用密码，机器将很容易收到攻击，请三思而后行！"
+"Allow to export display when passing from the root account to the other "
+"users. See pam_xauth(8) for more details."
+msgstr ""
+"将 root 账户授权给其他用户时允许导出显示。参见 pam_xauth(8) 以了解更多细节。"
 
 #: ../src/msec/help.py:140
-msgid "Enable checking for changes in system users."
-msgstr "启用对系统用户变更的检查。"
+msgid "Set the user umask."
+msgstr "设置用户 umask。"
 
 #: ../src/msec/help.py:142
-msgid ""
-"Allow local users to connect to X server. Accepted arguments: yes (all "
-"connections are allowed), local (only local connection), no (no connection)."
-msgstr ""
-"允许本地用户连接到 X 服务器。可能的参数为：yes（允许所有链接）、local（仅允许"
-"本地链接）、no（不允许链接）。"
+msgid "Log journal messages on console terminal 12."
+msgstr "将日志消息输出到 12 号控制台终端。"
 
 #: ../src/msec/help.py:144
-msgid "Allow only users in wheel group to su to root."
-msgstr "只允许 wheel 组中的用户 su 到 root。"
+msgid "Enable logging of strange network packets."
+msgstr "记录非常规网络报文。"
 
 #: ../src/msec/help.py:146
-msgid "Enables logging of periodic checks to system log."
-msgstr "启用对系统日志周期性检查的日志记录。"
+msgid "Enable checking for dangerous options in users' .rhosts/.shosts files."
+msgstr "启用对用户 .rhosts/.shosts 文件中危险选项的检查。"
 
 #: ../src/msec/help.py:148
-msgid "Perform hourly security check for changes in system configuration."
-msgstr "对系统配置中的变更进行检查，每小时一次。"
+msgid "Set shell commands history size. A value of -1 means unlimited."
+msgstr "设置 shell 命令历史大小。-1 表示没有限制。"
 
 #: ../src/msec/help.py:150
-msgid "Set the shell timeout. A value of zero means no timeout."
-msgstr "设置 shell 超时。若设为 0, 则为没有超时。"
+msgid "Enable name resolution spoofing protection."
+msgstr "启用域名解析欺骗保护。"
 
 #: ../src/msec/libmsec.py:265
 msgid "%s modified so launched command: %s"
@@ -1149,35 +1149,35 @@ msgstr "保留周期无效：“%s”"
 msgid "Setting log retention period to %d weeks"
 msgstr "设置日志保留周期为 %d 周"
 
-#: ../src/msec/plugins/msec.py:150
+#: ../src/msec/plugins/msec.py:149
 msgid "Allowing unrestricted chkconfig for packages"
 msgstr "允许对软件包使用不严格的 chkconfig"
 
-#: ../src/msec/plugins/msec.py:155
+#: ../src/msec/plugins/msec.py:154
 msgid "Restricting chkconfig for packages according to \"%s\" profile"
 msgstr "根据配置“%s”对软件包进行严格的 chkconfig"
 
-#: ../src/msec/plugins/msec.py:165
+#: ../src/msec/plugins/msec.py:164
 msgid "Setting root umask to %s"
 msgstr "为 %s 设置 root umask"
 
-#: ../src/msec/plugins/msec.py:175
+#: ../src/msec/plugins/msec.py:174
 msgid "Setting users umask to %s"
 msgstr "为 %s 设置用户 umask"
 
-#: ../src/msec/plugins/msec.py:196
+#: ../src/msec/plugins/msec.py:195
 msgid "Allowing users to connect X server from everywhere"
 msgstr "允许用户从任意位置连接到 X 服务器"
 
-#: ../src/msec/plugins/msec.py:199
+#: ../src/msec/plugins/msec.py:198
 msgid "Allowing users to connect X server from localhost"
 msgstr "允许用户从 localhost 连接到 X 服务器"
 
-#: ../src/msec/plugins/msec.py:202
+#: ../src/msec/plugins/msec.py:201
 msgid "Restricting X server connection to the console user"
 msgstr "限制控制台用户连接到 X 服务器"
 
-#: ../src/msec/plugins/msec.py:205
+#: ../src/msec/plugins/msec.py:204
 msgid "invalid allow_x_connections arg: %s"
 msgstr "allow_x_connections 参数无效：%s"
 
@@ -1213,160 +1213,151 @@ msgstr "取消 shell 历史大小的限制"
 msgid "Invalid file system umask \"%s\""
 msgstr "文件系统掩码“%s”无效"
 
-#: ../src/msec/plugins/msec.py:331
+#: ../src/msec/plugins/msec.py:329
 msgid "Allowing reboot and shutdown to the console user"
 msgstr "允许控制台用户重启和关机"
 
-#: ../src/msec/plugins/msec.py:338
+#: ../src/msec/plugins/msec.py:336
 msgid "Allowing SysRq key to the console user"
 msgstr "允许控制台用户使用 SysRq"
 
-#: ../src/msec/plugins/msec.py:341
+#: ../src/msec/plugins/msec.py:339
 msgid "Allowing Shutdown/Reboot in GDM"
 msgstr "允许在 GDM 中关机/重启"
 
-#: ../src/msec/plugins/msec.py:350
-msgid "Allowing Shutdown/Reboot in KDM"
-msgstr "允许在 KDM 中关机/重启"
-
-#: ../src/msec/plugins/msec.py:353
+#: ../src/msec/plugins/msec.py:347
 msgid "Allowing Ctrl-Alt-Del from console"
 msgstr "允许在控制台按 Ctrl+Alt+Del"
 
-#: ../src/msec/plugins/msec.py:357
+#: ../src/msec/plugins/msec.py:351
 msgid "Forbidding reboot and shutdown to the console user"
 msgstr "禁止控制台用户重启和关机"
 
-#: ../src/msec/plugins/msec.py:365
+#: ../src/msec/plugins/msec.py:359
 msgid "Forbidding SysRq key to the console user"
 msgstr "禁止控制台用户使用 SysRq"
 
-#: ../src/msec/plugins/msec.py:368
+#: ../src/msec/plugins/msec.py:362
 msgid "Forbidding Shutdown/Reboot in GDM"
 msgstr "禁止在 GDM 中关机/重启"
 
-#: ../src/msec/plugins/msec.py:377
-msgid "Forbidding Shutdown/Reboot in KDM"
-msgstr "禁止在 KDM 中关机/重启"
-
-#: ../src/msec/plugins/msec.py:380
+#: ../src/msec/plugins/msec.py:370
 msgid "Forbidding Ctrl-Alt-Del from console"
 msgstr "禁止在控制台按 Ctrl+Alt+Del"
 
-#: ../src/msec/plugins/msec.py:397 ../src/msec/plugins/msec.py:404
-#: ../src/msec/plugins/msec.py:408
+#: ../src/msec/plugins/msec.py:388 ../src/msec/plugins/msec.py:392
 msgid "Allowing list of users in {}"
 msgstr "允许 {} 中列出的用户"
 
-#: ../src/msec/plugins/msec.py:413 ../src/msec/plugins/msec.py:420
+#: ../src/msec/plugins/msec.py:400
 msgid "Forbidding list of users in {}"
 msgstr "阻止 {} 中列出的用户"
 
-#: ../src/msec/plugins/msec.py:424
+#: ../src/msec/plugins/msec.py:404
 msgid "Forbidding showing last user in {}"
 msgstr "禁止显示 {} 中列出的上一次使用的用户"
 
-#: ../src/msec/plugins/msec.py:435
+#: ../src/msec/plugins/msec.py:415
 msgid "Allowing autologin"
 msgstr "允许自动登录"
 
-#: ../src/msec/plugins/msec.py:438
+#: ../src/msec/plugins/msec.py:418
 msgid "Forbidding autologin"
 msgstr "禁止自动登录"
 
-#: ../src/msec/plugins/msec.py:447
+#: ../src/msec/plugins/msec.py:427
 msgid "Enabling log on console"
 msgstr "启用终端日志记录"
 
-#: ../src/msec/plugins/msec.py:451
+#: ../src/msec/plugins/msec.py:431
 msgid "Disabling log on console"
 msgstr "禁用终端日志记录"
 
-#: ../src/msec/plugins/msec.py:469
+#: ../src/msec/plugins/msec.py:449
 msgid "Authorizing all services"
 msgstr "授权所有服务"
 
-#: ../src/msec/plugins/msec.py:473
+#: ../src/msec/plugins/msec.py:453
 msgid "Disabling all services"
 msgstr "禁用所有服务"
 
-#: ../src/msec/plugins/msec.py:477
+#: ../src/msec/plugins/msec.py:457
 msgid "Disabling non local services"
 msgstr "禁用非本地服务"
 
-#: ../src/msec/plugins/msec.py:489
+#: ../src/msec/plugins/msec.py:469
 msgid "Enabling sulogin in single user runlevel"
 msgstr "在单用户运行等级中启用 sulogin"
 
-#: ../src/msec/plugins/msec.py:493
+#: ../src/msec/plugins/msec.py:473
 msgid "Disabling sulogin in single user runlevel"
 msgstr "在单用户运行等级中禁用 sulogin"
 
-#: ../src/msec/plugins/msec.py:504
+#: ../src/msec/plugins/msec.py:484
 msgid "Enabling msec periodic runs"
 msgstr "启用周期性运行 msec"
 
-#: ../src/msec/plugins/msec.py:508
+#: ../src/msec/plugins/msec.py:488
 msgid "Disabling msec periodic runs"
 msgstr "禁用周期性运行 msec"
 
-#: ../src/msec/plugins/msec.py:521
+#: ../src/msec/plugins/msec.py:501
 msgid "Enabling crontab and at"
 msgstr "启用 crontab 于"
 
-#: ../src/msec/plugins/msec.py:528
+#: ../src/msec/plugins/msec.py:508
 msgid "Disabling crontab and at"
 msgstr "禁用 crontab 于"
 
-#: ../src/msec/plugins/msec.py:540
+#: ../src/msec/plugins/msec.py:520
 msgid "Allowing export display from root"
 msgstr "允许导出 root 的显示"
 
-#: ../src/msec/plugins/msec.py:544
+#: ../src/msec/plugins/msec.py:524
 msgid "Forbidding export display from root"
 msgstr "禁止导出 root 的显示"
 
-#: ../src/msec/plugins/msec.py:571
+#: ../src/msec/plugins/msec.py:551
 msgid "Allowing direct root login"
 msgstr "允许直接以 root 登录"
 
-#: ../src/msec/plugins/msec.py:594
+#: ../src/msec/plugins/msec.py:574
 msgid "Forbidding direct root login"
 msgstr "禁止直接以 root 登录"
 
-#: ../src/msec/plugins/msec.py:616
+#: ../src/msec/plugins/msec.py:596
 msgid "Using secure location for temporary files"
 msgstr "使用安全位置来存放临时文件"
 
-#: ../src/msec/plugins/msec.py:618
+#: ../src/msec/plugins/msec.py:598
 msgid "Not using secure location for temporary files"
 msgstr "不使用安全位置来存放临时文件"
 
-#: ../src/msec/plugins/msec.py:638
+#: ../src/msec/plugins/msec.py:618
 msgid "Allowing including current directory in path"
 msgstr "允许在路径中包含当前目录"
 
-#: ../src/msec/plugins/msec.py:641
+#: ../src/msec/plugins/msec.py:621
 msgid "Not allowing including current directory in path"
 msgstr "不允许在路径中包含当前目录"
 
-#: ../src/msec/plugins/network.py:134
+#: ../src/msec/plugins/network.py:132
 msgid "Allowing remote root login"
 msgstr "允许远程 root 登录"
 
-#: ../src/msec/plugins/network.py:138
+#: ../src/msec/plugins/network.py:136
 msgid "Forbidding remote root login"
 msgstr "禁止远程 root 登录"
 
-#: ../src/msec/plugins/network.py:142
+#: ../src/msec/plugins/network.py:140
 msgid "Allowing remote root login only by passphrase"
 msgstr "允许仅通过密码以 root 身份远程登录"
 
-#: ../src/msec/plugins/network.py:175
+#: ../src/msec/plugins/network.py:173
 msgid "Enabling name resolution spoofing protection"
 msgstr "启用域名解析欺骗保护"
 
-#: ../src/msec/plugins/network.py:180
+#: ../src/msec/plugins/network.py:178
 msgid "Disabling name resolution spoofing protection"
 msgstr "禁用域名解析欺骗保护"