Manage allow_Xserver_to_listen for SDDM, to be included in X11 section (mga#19612)

Manage allow_user_list for SDDM to be included in Users section

1 files changed, 110 insertions, 122 deletions

diff --git a/po/msec.pot b/po/msec.pot
index 482b878..2899b1e 100644
--- a/po/msec.pot
+++ b/po/msec.pot
@@ -5,7 +5,7 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
-"POT-Creation-Date: 2017-09-03 08:41+CEST\n"
+"POT-Creation-Date: 2018-03-08 14:08+CET\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -50,15 +50,15 @@ msgid "No exceptions loaded"
 msgstr ""
 
 #: ../src/msec/help.py:14
-msgid "Patterns to exclude from disk checks. This parameter is parsed as a regex (7), so you may use complex expressions."
+msgid "Include current directory into user PATH by default"
 msgstr ""
 
 #: ../src/msec/help.py:16
-msgid "Enable msec to enforce file permissions to the values specified in the msec security policy."
+msgid "Enable checking for files/directories writable by everybody."
 msgstr ""
 
 #: ../src/msec/help.py:18
-msgid "Enable sectools checks. This check will run all sectool checks for a security level configuration. The security level to be used during this test is determined by the CHECK_SECTOOL_LEVELS variable."
+msgid "Allow only users in wheel group to su to root."
 msgstr ""
 
 #: ../src/msec/help.py:20
@@ -66,263 +66,259 @@ msgid "Allow users in wheel group to use sudo. If this option is set to 'yes', t
 msgstr ""
 
 #: ../src/msec/help.py:22
-msgid "Activate ethernet cards promiscuity check."
+msgid "Ask for root password when going to single user level (man sulogin(8))."
 msgstr ""
 
 #: ../src/msec/help.py:24
-msgid "User email to receive security notifications."
+msgid "Enable password-related checks, such as empty passwords and strange super-user accounts."
 msgstr ""
 
 #: ../src/msec/help.py:26
-msgid "Allow remote root login via sshd. If yes, login is allowed. If without-password, only public-key authentication logins are allowed. See sshd_config(5) man page for more information."
+msgid "Show security notifications in system tray using libnotify."
 msgstr ""
 
 #: ../src/msec/help.py:28
-msgid "Perform hourly security check for changes in system configuration."
+msgid "Enable sectools checks. This check will run all sectool checks for a security level configuration. The security level to be used during this test is determined by the CHECK_SECTOOL_LEVELS variable."
 msgstr ""
 
 #: ../src/msec/help.py:30
-msgid "Enables logging of periodic checks to system log."
+msgid "Fix owner and group of unowned files to use nobody/nogroup."
 msgstr ""
 
 #: ../src/msec/help.py:32
-msgid "Set the password minimum length and minimum number of digit and minimum number of capitalized letters, using length,ndigits,nupper format."
+msgid "Accept ICMP echo."
 msgstr ""
 
 #: ../src/msec/help.py:34
-msgid "Allow display managers (sddm and gdm) to display list of local users."
+msgid "Enable checking for changes in firewall settings."
 msgstr ""
 
 #: ../src/msec/help.py:36
-msgid "Defines the base security level, on top of which the current configuration is based."
+msgid "Enable verification for changes in the installed RPM packages. This will notify you when new packages are installed or removed."
 msgstr ""
 
 #: ../src/msec/help.py:38
-msgid "Defines the sectool level to use during the periodic security check. You may use the sectool-gui application to select individual tests for each level. If this variable is not defined, the default level defined in sectool configuration will be used."
+msgid "Accept broadcasted ICMP echo."
 msgstr ""
 
 #: ../src/msec/help.py:40
-msgid "Enable checking for additions/removals of sgid files."
+msgid "Enable periodic security check results to terminal."
 msgstr ""
 
 #: ../src/msec/help.py:42
-msgid "Use password to authenticate users. Take EXTREME care when disabling passwords, as it will leave the machine vulnerable."
+msgid "Enable msec to enforce file permissions to the values specified in the msec security policy."
 msgstr ""
 
 #: ../src/msec/help.py:44
-msgid "Enable periodic security check results to terminal."
+msgid "Log journal messages on console terminal 12."
 msgstr ""
 
 #: ../src/msec/help.py:46
-msgid "Allow direct root login on terminal."
+msgid "Set the root umask."
 msgstr ""
 
 #: ../src/msec/help.py:48
-msgid "Enable checking for empty passwords in /etc/shadow (man shadow(5))."
+msgid "Enable checking for additions/removals of sgid files."
 msgstr ""
 
 #: ../src/msec/help.py:50
-msgid "Allow system reboot and shutdown to local users."
+msgid "Activate ethernet cards promiscuity check."
 msgstr ""
 
 #: ../src/msec/help.py:52
-msgid "Ignore changes in process IDs when checking for open network ports."
+msgid "Enable checking for empty passwords in /etc/shadow (man shadow(5))."
 msgstr ""
 
 #: ../src/msec/help.py:54
-msgid "Enable checking for changes in system users."
+msgid "Allow autologin."
 msgstr ""
 
 #: ../src/msec/help.py:56
-msgid "Enforce MSEC settings on system startup"
+msgid "Define the default retention period for logs, in weeks. Some countries require that the log files should be kept for 12 months, other do not have such strict requirements. This variable defines the number of past log files that should be kept by logrotate on the system."
 msgstr ""
 
 #: ../src/msec/help.py:58
-msgid "Allow local users to connect to X server. Accepted arguments: yes (all connections are allowed), local (only local connection), no (no connection)."
+msgid "Enable checking for additions/removals of suid root files."
 msgstr ""
 
 #: ../src/msec/help.py:60
-msgid "Enable checking for changes in system groups."
+msgid "Enable permission checking on users' files that should not be owned by someone else, or writable."
 msgstr ""
 
 #: ../src/msec/help.py:62
-msgid "Enable checking for known rootkits using chkrootkit."
+msgid "Enable IP spoofing protection."
 msgstr ""
 
 #: ../src/msec/help.py:64
-msgid "Allow autologin."
+msgid "Allow to export display when passing from the root account to the other users. See pam_xauth(8) for more details."
 msgstr ""
 
 #: ../src/msec/help.py:66
-msgid "Enable permission checking on users' files that should not be owned by someone else, or writable."
+msgid "Set the user umask."
 msgstr ""
 
 #: ../src/msec/help.py:68
-msgid "Allow only users in wheel group to su to root."
+msgid "Allow direct root login on terminal."
 msgstr ""
 
 #: ../src/msec/help.py:70
-msgid "Allow full access to network services controlled by tcp_wrapper (see hosts.deny(5)). If yes, all services are allowed. If local, only connections to local services are authorized. If no, the services must be authorized manually in /etc/hosts.allow (see hosts.allow(5))."
+msgid "Enable checking for changes in system groups."
 msgstr ""
 
 #: ../src/msec/help.py:72
-msgid "Allow X server to accept connections from network on tcp port 6000."
+msgid "Enable verification of integrity of installed RPM packages. This will notify you if checksums of the installed files were changed, showing separate results for binary and configuration files."
 msgstr ""
 
 #: ../src/msec/help.py:74
-msgid "Fix owner and group of unowned files to use nobody/nogroup."
+msgid "Enables logging of periodic checks to system log."
 msgstr ""
 
 #: ../src/msec/help.py:76
-msgid "Set the shell timeout. A value of zero means no timeout."
+msgid "Creates the symlink /etc/security/msec/server to point to /etc/security/msec/server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --add to decide to add a service if it is present in the file during the installation of packages. By default, two presets are provided: local (which only enables local services) and remote (which also enables some remote services considered safe). Note that the allowed services must be placed manually into the server.SERVER_LEVEL files when necessary."
 msgstr ""
 
 #: ../src/msec/help.py:78
-msgid "Enable password-related checks, such as empty passwords and strange super-user accounts."
+msgid "Allow remote root login via sshd. If yes, login is allowed. If without-password, only public-key authentication logins are allowed. See sshd_config(5) man page for more information."
 msgstr ""
 
 #: ../src/msec/help.py:80
-msgid "Enable checking for changes in firewall settings."
+msgid "Set umask option for mounting vfat and ntfs partitions. If umask is '-1', default system umask is used."
 msgstr ""
 
 #: ../src/msec/help.py:82
-msgid "Send security check results by email."
+msgid "Enable daily security checks."
 msgstr ""
 
 #: ../src/msec/help.py:84
-msgid "Accept broadcasted ICMP echo."
+msgid "Enable checking for known rootkits using chkrootkit."
 msgstr ""
 
 #: ../src/msec/help.py:86
-msgid "Send mail reports even if no changes were detected."
+msgid "Enable checking for unowned files."
 msgstr ""
 
 #: ../src/msec/help.py:88
-msgid "Enable verification for changes in the installed RPM packages. This will notify you when new packages are installed or removed."
+msgid "Patterns to exclude from disk checks. This parameter is parsed as a regex (7), so you may use complex expressions."
 msgstr ""
 
 #: ../src/msec/help.py:90
-msgid "Enable checking for files/directories writable by everybody."
+msgid "Set shell commands history size. A value of -1 means unlimited."
 msgstr ""
 
 #: ../src/msec/help.py:92
-msgid "Show security notifications in system tray using libnotify."
+msgid "Ignore changes in process IDs when checking for open network ports."
 msgstr ""
 
 #: ../src/msec/help.py:94
-msgid "Enforce MSEC file directory permissions on system startup. If this parameter is set to 'enforce', system permissions will be enforced automatically, according to system security settings."
+msgid "Allow X server to accept connections from network on tcp port 6000."
 msgstr ""
 
 #: ../src/msec/help.py:96
-msgid "Enable checking for unowned files."
+msgid "Enable checksum verification for suid files."
 msgstr ""
 
 #: ../src/msec/help.py:98
-msgid "Enable checksum verification for suid files."
+msgid "Set the shell timeout. A value of zero means no timeout."
 msgstr ""
 
 #: ../src/msec/help.py:100
-msgid "Use secure location for temporary files. If this parameter is set to 'yes', user home directory will be used for temporary files. Otherwise, /tmp will be used."
+msgid "Set the password minimum length and minimum number of digit and minimum number of capitalized letters, using length,ndigits,nupper format."
 msgstr ""
 
 #: ../src/msec/help.py:102
-msgid "Set umask option for mounting vfat and ntfs partitions. If umask is '-1', default system umask is used."
+msgid "User email to receive security notifications."
 msgstr ""
 
 #: ../src/msec/help.py:104
-msgid "Ask for root password when going to single user level (man sulogin(8))."
+msgid "Allow full access to network services controlled by tcp_wrapper (see hosts.deny(5)). If yes, all services are allowed. If local, only connections to local services are authorized. If no, the services must be authorized manually in /etc/hosts.allow (see hosts.allow(5))."
 msgstr ""
 
 #: ../src/msec/help.py:106
-msgid "Accept bogus IPv4 error messages."
+msgid "Enable logging of strange network packets."
 msgstr ""
 
 #: ../src/msec/help.py:108
-msgid "Include current directory into user PATH by default"
+msgid "Enforce MSEC file directory permissions on system startup. If this parameter is set to 'enforce', system permissions will be enforced automatically, according to system security settings."
 msgstr ""
 
 #: ../src/msec/help.py:110
-msgid "Enable IP spoofing protection."
+msgid "Enable checking for open network ports."
 msgstr ""
 
 #: ../src/msec/help.py:112
-msgid "Run security checks when machine is running on battery power."
+msgid "Send mail reports even if no changes were detected."
 msgstr ""
 
 #: ../src/msec/help.py:114
-msgid "Set the root umask."
+msgid "Send security check results by email."
 msgstr ""
 
 #: ../src/msec/help.py:116
-msgid "Set the password history length to prevent password reuse. This is not supported by pam_tcb."
+msgid "Enable checking for changes in system users."
 msgstr ""
 
 #: ../src/msec/help.py:118
-msgid "Enable crontab and at for users. Put allowed users in /etc/cron.allow and /etc/at.allow (see man at(1) and crontab(1))."
+msgid "Allow display managers (sddm and gdm) to display list of local users."
 msgstr ""
 
 #: ../src/msec/help.py:120
-msgid "Enable checking for open network ports."
+msgid "Defines the sectool level to use during the periodic security check. You may use the sectool-gui application to select individual tests for each level. If this variable is not defined, the default level defined in sectool configuration will be used."
 msgstr ""
 
 #: ../src/msec/help.py:122
-msgid "Enable verification of integrity of installed RPM packages. This will notify you if checksums of the installed files were changed, showing separate results for binary and configuration files."
+msgid "Accept bogus IPv4 error messages."
 msgstr ""
 
 #: ../src/msec/help.py:124
-msgid "Enable daily security checks."
+msgid "Allow root access without password for the members of the wheel group."
 msgstr ""
 
 #: ../src/msec/help.py:126
-msgid "Define the default retention period for logs, in weeks. Some countries require that the log files should be kept for 12 months, other do not have such strict requirements. This variable defines the number of past log files that should be kept by logrotate on the system."
+msgid "Set the password history length to prevent password reuse. This is not supported by pam_tcb."
 msgstr ""
 
 #: ../src/msec/help.py:128
-msgid "Enable periodic permission checking for files specified in msec policy."
+msgid "Perform hourly security check for changes in system configuration."
 msgstr ""
 
 #: ../src/msec/help.py:130
-msgid "Creates the symlink /etc/security/msec/server to point to /etc/security/msec/server.SERVER_LEVEL. The /etc/security/msec/server is used by chkconfig --add to decide to add a service if it is present in the file during the installation of packages. By default, two presets are provided: local (which only enables local services) and remote (which also enables some remote services considered safe). Note that the allowed services must be placed manually into the server.SERVER_LEVEL files when necessary."
+msgid "Use secure location for temporary files. If this parameter is set to 'yes', user home directory will be used for temporary files. Otherwise, /tmp will be used."
 msgstr ""
 
 #: ../src/msec/help.py:132
-msgid "Enable checking for additions/removals of suid root files."
+msgid "Enable periodic permission checking for files specified in msec policy."
 msgstr ""
 
 #: ../src/msec/help.py:134
-msgid "Allow root access without password for the members of the wheel group."
+msgid "Allow local users to connect to X server. Accepted arguments: yes (all connections are allowed), local (only local connection), no (no connection)."
 msgstr ""
 
 #: ../src/msec/help.py:136
-msgid "Accept ICMP echo."
+msgid "Use password to authenticate users. Take EXTREME care when disabling passwords, as it will leave the machine vulnerable."
 msgstr ""
 
 #: ../src/msec/help.py:138
-msgid "Allow to export display when passing from the root account to the other users. See pam_xauth(8) for more details."
+msgid "Defines the base security level, on top of which the current configuration is based."
 msgstr ""
 
 #: ../src/msec/help.py:140
-msgid "Set the user umask."
+msgid "Run security checks when machine is running on battery power."
 msgstr ""
 
 #: ../src/msec/help.py:142
-msgid "Log journal messages on console terminal 12."
+msgid "Enable checking for dangerous options in users' .rhosts/.shosts files."
 msgstr ""
 
 #: ../src/msec/help.py:144
-msgid "Enable logging of strange network packets."
+msgid "Allow system reboot and shutdown to local users."
 msgstr ""
 
 #: ../src/msec/help.py:146
-msgid "Enable checking for dangerous options in users' .rhosts/.shosts files."
+msgid "Enforce MSEC settings on system startup"
 msgstr ""
 
 #: ../src/msec/help.py:148
-msgid "Set shell commands history size. A value of -1 means unlimited."
-msgstr ""
-
-#: ../src/msec/help.py:150
-msgid "Enable name resolution spoofing protection."
+msgid "Enable crontab and at for users. Put allowed users in /etc/cron.allow and /etc/at.allow (see man at(1) and crontab(1))."
 msgstr ""
 
 #: ../src/msec/libmsec.py:265
@@ -1016,182 +1012,174 @@ msgstr ""
 msgid "Allowing the X server to listen to tcp connections"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:239
+#: ../src/msec/plugins/msec.py:241
 msgid "Forbidding the X server to listen to tcp connection"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:255
+#: ../src/msec/plugins/msec.py:257
 msgid "Invalid shell timeout \"%s\""
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:263
+#: ../src/msec/plugins/msec.py:265
 msgid "Setting shell timeout to %s"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:271
+#: ../src/msec/plugins/msec.py:273
 msgid "Invalid shell history size \"%s\""
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:282
+#: ../src/msec/plugins/msec.py:284
 msgid "Setting shell history size to %s"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:286
+#: ../src/msec/plugins/msec.py:288
 msgid "Removing limit on shell history size"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:295
+#: ../src/msec/plugins/msec.py:297
 msgid "Invalid file system umask \"%s\""
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:329
+#: ../src/msec/plugins/msec.py:331
 msgid "Allowing reboot and shutdown to the console user"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:336
+#: ../src/msec/plugins/msec.py:338
 msgid "Allowing SysRq key to the console user"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:339
+#: ../src/msec/plugins/msec.py:341
 msgid "Allowing Shutdown/Reboot in GDM"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:347
+#: ../src/msec/plugins/msec.py:349
 msgid "Allowing Ctrl-Alt-Del from console"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:351
+#: ../src/msec/plugins/msec.py:353
 msgid "Forbidding reboot and shutdown to the console user"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:359
+#: ../src/msec/plugins/msec.py:361
 msgid "Forbidding SysRq key to the console user"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:362
+#: ../src/msec/plugins/msec.py:364
 msgid "Forbidding Shutdown/Reboot in GDM"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:370
+#: ../src/msec/plugins/msec.py:372
 msgid "Forbidding Ctrl-Alt-Del from console"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:388 ../src/msec/plugins/msec.py:392
+#: ../src/msec/plugins/msec.py:390 ../src/msec/plugins/msec.py:394
 msgid "Allowing list of users in {}"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:400
+#: ../src/msec/plugins/msec.py:402
 msgid "Forbidding list of users in {}"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:404
+#: ../src/msec/plugins/msec.py:406
 msgid "Forbidding showing last user in {}"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:415
+#: ../src/msec/plugins/msec.py:417
 msgid "Allowing autologin"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:418
+#: ../src/msec/plugins/msec.py:420
 msgid "Forbidding autologin"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:427
+#: ../src/msec/plugins/msec.py:429
 msgid "Enabling log on console"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:431
+#: ../src/msec/plugins/msec.py:433
 msgid "Disabling log on console"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:449
+#: ../src/msec/plugins/msec.py:451
 msgid "Authorizing all services"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:453
+#: ../src/msec/plugins/msec.py:455
 msgid "Disabling all services"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:457
+#: ../src/msec/plugins/msec.py:459
 msgid "Disabling non local services"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:469
+#: ../src/msec/plugins/msec.py:471
 msgid "Enabling sulogin in single user runlevel"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:473
+#: ../src/msec/plugins/msec.py:475
 msgid "Disabling sulogin in single user runlevel"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:484
+#: ../src/msec/plugins/msec.py:486
 msgid "Enabling msec periodic runs"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:488
+#: ../src/msec/plugins/msec.py:490
 msgid "Disabling msec periodic runs"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:501
+#: ../src/msec/plugins/msec.py:503
 msgid "Enabling crontab and at"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:508
+#: ../src/msec/plugins/msec.py:510
 msgid "Disabling crontab and at"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:520
+#: ../src/msec/plugins/msec.py:522
 msgid "Allowing export display from root"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:524
+#: ../src/msec/plugins/msec.py:526
 msgid "Forbidding export display from root"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:551
+#: ../src/msec/plugins/msec.py:553
 msgid "Allowing direct root login"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:574
+#: ../src/msec/plugins/msec.py:576
 msgid "Forbidding direct root login"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:596
+#: ../src/msec/plugins/msec.py:598
 msgid "Using secure location for temporary files"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:598
+#: ../src/msec/plugins/msec.py:600
 msgid "Not using secure location for temporary files"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:618
+#: ../src/msec/plugins/msec.py:620
 msgid "Allowing including current directory in path"
 msgstr ""
 
-#: ../src/msec/plugins/msec.py:621
+#: ../src/msec/plugins/msec.py:623
 msgid "Not allowing including current directory in path"
 msgstr ""
 
-#: ../src/msec/plugins/network.py:132
+#: ../src/msec/plugins/network.py:131
 msgid "Allowing remote root login"
 msgstr ""
 
-#: ../src/msec/plugins/network.py:136
+#: ../src/msec/plugins/network.py:135
 msgid "Forbidding remote root login"
 msgstr ""
 
-#: ../src/msec/plugins/network.py:140
+#: ../src/msec/plugins/network.py:139
 msgid "Allowing remote root login only by passphrase"
 msgstr ""
 
-#: ../src/msec/plugins/network.py:173
-msgid "Enabling name resolution spoofing protection"
-msgstr ""
-
-#: ../src/msec/plugins/network.py:178
-msgid "Disabling name resolution spoofing protection"
-msgstr ""
-
 #: ../src/msec/plugins/pam.py:68
 msgid "Using password to authenticate users"
 msgstr ""