diff --git a/Tools/aa-genprof b/Tools/aa-genprof index 0a573a4ef..4acaade53 100644 --- a/Tools/aa-genprof +++ b/Tools/aa-genprof @@ -40,8 +40,8 @@ parser.add_argument('program', type=str, help='name of program to profile') args = parser.parse_args() profiling = args.program -profiledir = args.d -filename = args.f +profiledir = args.dir +filename = args.file aa_mountpoint = apparmor.check_for_apparmor() if not aa_mountpoint: @@ -50,7 +50,7 @@ if not aa_mountpoint: if profiledir: apparmor.profile_dir = apparmor.get_full_path(profiledir) if not os.path.isdir(apparmor.profile_dir): - raise apparmor.AppArmorException("%s is not a directory." %profiledir) + raise apparmor.AppArmorException(_("%s is not a directory.") %profiledir) program = None #if os.path.exists(apparmor.which(profiling.strip())): @@ -64,7 +64,7 @@ else: if not program or not os.path.exists(program): if '/' not in profiling: - raise apparmor.AppArmorException(_("Can't find %s in the system path list. If the name of the application is correct, please run 'which %s' in another window in order to find the fully-qualified path and use the full path as parameter.") %(profiling, profiling)) + raise apparmor.AppArmorException(_("Can't find %s in the system path list. If the name of the application\nis correct, please run 'which %s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter.") %(profiling, profiling)) else: raise apparmor.AppArmorException(_('%s does not exists, please double-check the path.') %profiling) @@ -94,7 +94,7 @@ sysctl_write(ratelimit_sysctl, 0) atexit.register(restore_ratelimit) -apparmor.UI_Info(_('\nBefore you begin, you may wish to check if a\nprofile already exists for the application you\nwish to confine. See the following wiki page for\nmore information:\nhttp://wiki.apparmor.net/index.php/Profiles')) +apparmor.UI_Info(_('\nBefore you begin, you may wish to check if a\nprofile already exists for the application you\nwish to confine. See the following wiki page for\nmore information:')+'\nhttp://wiki.apparmor.net/index.php/Profiles') apparmor.UI_Important(_('Please start the application to be profiled in\nanother window and exercise its functionality now.\n\nOnce completed, select the "Scan" option below in \norder to scan the system logs for AppArmor events. \n\nFor each AppArmor event, you will be given the \nopportunity to choose whether the access should be \nallowed or denied.')) @@ -136,6 +136,6 @@ for p in sorted(apparmor.helpers.keys()): reload(p) apparmor.UI_Info(_('\nReloaded AppArmor profiles in enforce mode.')) -apparmor.UI_Info(_('\nPlease consider contributing your new profile!\nSee the following wiki page for more information:\nhttp://wiki.apparmor.net/index.php/Profiles\n')) +apparmor.UI_Info(_('\nPlease consider contributing your new profile!\nSee the following wiki page for more information:')+'\nhttp://wiki.apparmor.net/index.php/Profiles\n') apparmor.UI_Info(_('Finished generating profile for %s.')%program) sys.exit(0) diff --git a/Tools/aa-logprof b/Tools/aa-logprof index 065cbe80c..51fc387bc 100644 --- a/Tools/aa-logprof +++ b/Tools/aa-logprof @@ -8,12 +8,12 @@ import apparmor.aa as apparmor parser = argparse.ArgumentParser(description='Process log entries to generate profiles') parser.add_argument('-d', '--dir', type=str, help='path to profiles') parser.add_argument('-f', '--file', type=str, help='path to logfile') -parser.add_argument('-m', type=str, help='mark in the log to start processing after') +parser.add_argument('-m', '--mark', type=str, help='mark in the log to start processing after') args = parser.parse_args() -profiledir = args.d -filename = args.f -logmark = args.m or '' +profiledir = args.dir +filename = args.file +logmark = args.mark or '' aa_mountpoint = apparmor.check_for_apparmor() if not aa_mountpoint: diff --git a/Tools/aa-unconfined b/Tools/aa-unconfined index cc9159f6d..989459d79 100644 --- a/Tools/aa-unconfined +++ b/Tools/aa-unconfined @@ -21,7 +21,9 @@ if paranoid: pids = list(filter(lambda x: re.search('^\d+$', x), apparmor.get_subdirectories('/proc'))) else: regex_tcp_udp = re.compile('^(tcp|udp)\s+\d+\s+\d+\s+\S+\:(\d+)\s+\S+\:(\*|\d+)\s+(LISTEN|\s+)\s+(\d+)\/(\S+)') - output = apparmor.cmd(['netstat','-nlp'])[1].split('\n') + import subprocess + output = subprocess.check_output('LANG=en netstat -nlp', shell=True).split('\n') + for line in output: match = regex_tcp_udp.search(line) if match: diff --git a/Tools/manpages/aa-audit.pod b/Tools/manpages/aa-audit.pod index d429a1559..9898782fc 100644 --- a/Tools/manpages/aa-audit.pod +++ b/Tools/manpages/aa-audit.pod @@ -2,7 +2,7 @@ =head1 NAME -aa-audit - set a AppArmor security profile to I mode. +aa-audit - set an AppArmor security profile to I mode. =head1 SYNOPSIS @@ -21,7 +21,7 @@ B<-r --remove> =head1 DESCRIPTION -B is used to set the audit mode for one or more profiles to audit. +B is used to set one or more profiles to audit mode. In this mode security policy is enforced and all access (successes and failures) are logged to the system log. The I<--remove> option can be used to remove the audit mode for the profile. @@ -29,7 +29,7 @@ The I<--remove> option can be used to remove the audit mode for the profile. =head1 BUGS If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-autodep.pod b/Tools/manpages/aa-autodep.pod index d9930729d..06ae2f2b5 100644 --- a/Tools/manpages/aa-autodep.pod +++ b/Tools/manpages/aa-autodep.pod @@ -37,7 +37,7 @@ B<-d --dir /path/to/profiles> B<-f --force> - Overrides any existing AppArmor profile for the executable with the generated minimal AppArmor profile. + Overwrites any existing AppArmor profile for the executable with the generated minimal AppArmor profile. =head1 DESCRIPTION @@ -48,7 +48,7 @@ a base profile containing a base include directive which includes basic profile entries needed by most programs. The profile is generated by recursively calling ldd(1) on the executables listed on the command line. -The I<--force> option will override any existing profile for the executable with +The I<--force> option will overwrite any existing profile for the executable with the newly generated minimal AppArmor profile. =head1 BUGS @@ -56,7 +56,7 @@ the newly generated minimal AppArmor profile. This program does not perform full static analysis of executables, so the profiles generated are necessarily incomplete. If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-cleanprof.pod b/Tools/manpages/aa-cleanprof.pod index 88b5ea448..d2485fd38 100644 --- a/Tools/manpages/aa-cleanprof.pod +++ b/Tools/manpages/aa-cleanprof.pod @@ -18,13 +18,14 @@ B<-d --dir /path/to/profiles> =head1 DESCRIPTION B is used to perform a cleanup on one or more profiles. -The tool removes any existing superfluous rules, reorders the rules to group -similar rules together and removes all comments. +The tool removes any existing superfluous rules (Rules that are covered +under an include or another rule),reorders the rules to group similar rules +together and removes all comments. =head1 BUGS If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-complain.pod b/Tools/manpages/aa-complain.pod index e41dd886f..cb4f81258 100644 --- a/Tools/manpages/aa-complain.pod +++ b/Tools/manpages/aa-complain.pod @@ -22,7 +22,7 @@ =head1 NAME -aa-complain - set a AppArmor security profile to I mode. +aa-complain - set an AppArmor security profile to I mode. =head1 SYNOPSIS @@ -41,9 +41,9 @@ B<-r --remove> =head1 DESCRIPTION -B is used to set the enforcement mode for one or more profiles to -complain. In this mode security policy is not enforced but rather access -violations are logged to the system log. +B is used to set one or more profiles to I mode. +In this mode security policy is not enforced but rather access violations +are logged to the system log. The I<--remove> option can be used to remove the complain mode for the profile, setting it to enforce mode by default. @@ -51,7 +51,7 @@ setting it to enforce mode by default. =head1 BUGS If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-disable.pod b/Tools/manpages/aa-disable.pod index 7af82f847..85c765329 100644 --- a/Tools/manpages/aa-disable.pod +++ b/Tools/manpages/aa-disable.pod @@ -41,11 +41,11 @@ B<-r --revert> =head1 DESCRIPTION -B is used to disable the enforcement mode for one or more -profiles. This command will unload the profile from the kernel and -prevent the profile from being loaded on AppArmor startup. The -I and I utilities may be used to to change this -behavior. +B is used to I one or more profiles. +This command will unload the profile from the kernel and prevent the +profile from being loaded on AppArmor startup. +The I and I utilities may be used to to change +this behavior. The I<--revert> option can be used to enable the profile. diff --git a/Tools/manpages/aa-enforce.pod b/Tools/manpages/aa-enforce.pod index 9577288f1..53aef579b 100644 --- a/Tools/manpages/aa-enforce.pod +++ b/Tools/manpages/aa-enforce.pod @@ -42,12 +42,12 @@ B<-r --remove> =head1 DESCRIPTION -B is used to set the enforcement mode for one or more profiles -to I. This command is only relevant in conjunction with the -I utility which sets a profile to complain mode and the -I utility which unloads and disables a profile. The default -mode for a security policy is enforce and the I utility must -be run to change this behavior. +B is used to set one or more profiles to I mode. +This command is only relevant in conjunction with the I utility +which sets a profile to complain mode and the I utility which +unloads and disables a profile. +The default mode for a security policy is enforce and the I +utility must be run to change this behavior. The I<--remove> option can be used to remove the enforce mode for the profile, setting it to complain mode. @@ -55,7 +55,7 @@ setting it to complain mode. =head1 BUGS If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-genprof.pod b/Tools/manpages/aa-genprof.pod index d2f2e38fa..c259408a1 100644 --- a/Tools/manpages/aa-genprof.pod +++ b/Tools/manpages/aa-genprof.pod @@ -72,7 +72,7 @@ using aa-logprof(1). After the user finishes selecting profile entries based on violations that were detected during the program execution, aa-genprof will reload the updated profiles in complain mode and again prompt the user for (S)can and -(D)one. This cycle can then be repeated as necessary until all application +(F)inish. This cycle can then be repeated as necessary until all application functionality has been exercised without generating access violations. When the user eventually hits (F)inish, aa-genprof will set the main profile, @@ -81,7 +81,7 @@ and any other profiles that were generated, into enforce mode and exit. =head1 BUGS If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-logprof.pod b/Tools/manpages/aa-logprof.pod index a703a4061..cb10d3b7d 100644 --- a/Tools/manpages/aa-logprof.pod +++ b/Tools/manpages/aa-logprof.pod @@ -22,7 +22,7 @@ =head1 NAME -aa-logprof - utility program for managing AppArmor security profiles +aa-logprof - utility for updating AppArmor security profiles =head1 SYNOPSIS @@ -52,9 +52,8 @@ B< -m --logmark "mark"> =head1 DESCRIPTION -B is an interactive tool used to review AppArmor's -complain mode output and generate new entries for AppArmor security -profiles. +B is an interactive tool used to review AppArmor generated +messages and update AppArmor security profiles. Running aa-logprof will scan the log file and if there are new AppArmor events that are not covered by the existing profile set, the user will @@ -76,11 +75,14 @@ The user is then presented with info about the access including profile, path, old mode if there was a previous entry in the profile for this path, new mode, the suggestion list, and given these options: - (A)llow, (D)eny, (N)ew, (G)lob last piece, (Q)uit + (A)llow, (D)eny, (I)gnore, (N)ew, (G)lob last piece, (Q)uit If the AppArmor profile was in complain mode when the event was generated, the default for this option is (A)llow, otherwise, it's (D)eny. +The (I)gnore allows user to ignore the event, without making any changes to +the AppArmor profile. + The suggestion list is presented as a numbered list with includes at the top, the literal path in the middle, and the suggested globs at the bottom. If any globs are being suggested, the shortest glob @@ -114,9 +116,9 @@ Adding r access to /usr/share/themes/** would delete an entry for r access to /usr/share/themes/foo/*.gif if it exists in the profile. If (Q)uit is selected at this point, aa-logprof will ignore all new pending -capability and path accesses. +accesses. -After all of the path accesses have been handled, logrof will write all +After all of the accesses have been handled, logrof will write all updated profiles to the disk and reload them if AppArmor is running. =head2 New Process (Execution) Events @@ -160,7 +162,7 @@ user wants to quit. See capability(7) for details. =head1 BUGS If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-mergeprof.pod b/Tools/manpages/aa-mergeprof.pod index 63cef3c80..272c04688 100644 --- a/Tools/manpages/aa-mergeprof.pod +++ b/Tools/manpages/aa-mergeprof.pod @@ -22,7 +22,7 @@ B =head1 BUGS If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Tools/manpages/aa-unconfined.pod b/Tools/manpages/aa-unconfined.pod index ca006056b..aaf8e4740 100644 --- a/Tools/manpages/aa-unconfined.pod +++ b/Tools/manpages/aa-unconfined.pod @@ -33,8 +33,8 @@ B]> B<--paranoid> - Displays all processes from F filesystem with tcp or udp ports that - do no have AppArmor profiles loaded. + Displays all processes from F filesystem with tcp or udp ports + that do not have AppArmor profiles loaded. =head1 DESCRIPTION @@ -46,7 +46,7 @@ network sockets and do not have AppArmor profiles loaded into the kernel. B must be run as root to retrieve the process executable link from the F filesystem. This program is susceptible to race conditions of several flavours: an unlinked executable will be mishandled; -an executable started before a AppArmor profile is loaded will not +an executable started before an AppArmor profile is loaded will not appear in the output, despite running without confinement; a process that dies between the netstat(8) and further checks will be mishandled. This program only lists processes using TCP and UDP. In short, this @@ -54,7 +54,7 @@ program is unsuitable for forensics use and is provided only as an aid to profiling all network-accessible processes in the lab. If you find any bugs, please report them at -L. +L. =head1 SEE ALSO diff --git a/Translate/README b/Translate/README new file mode 100644 index 000000000..357f8a1e4 --- /dev/null +++ b/Translate/README @@ -0,0 +1,10 @@ +GENERATING TRANSLATION MESSAGES + +To generate the messages.pot file: + +Navigate to apparmor/ and run the following command. +python pygettext.py aa.py aamode.py cleanprofile.py common.py config.py logparser.py severity.py tools.py ui.py writeprofile.py yasti.py ./../Tools/aa* + +It will generate the messages.pot file in apparmor/ + +You might need to provide the full path to pygettext.py from your python installation. It will typically be in the /path/to/python/libs/Tools/i18n/pygettext.py diff --git a/Translate/messages.pot b/Translate/messages.pot index f73b67656..0ff280c09 100644 --- a/Translate/messages.pot +++ b/Translate/messages.pot @@ -1,11 +1,11 @@ -# Translations for AppArmor Profile Tools. +# Messages from AppArmor Profile utils. # Copyright (C) 2013 -# Kshitij Gupta , 2013. +# Kshitij Gupta , 2013. # msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" -"POT-Creation-Date: 2013-09-19 21:16+IST\n" +"POT-Creation-Date: 2013-09-20 16:48+IST\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -20,8 +20,16 @@ msgstr "" msgid "It seems AppArmor was not started. Please enable AppArmor and try again." msgstr "" -#: ./../Tools/aa-genprof:67 -msgid "Can't find %s in the system path list. If the name of the application is correct, please run 'which %s' in another window in order to find the fully-qualified path and use the full path as parameter." +#: ./../Tools/aa-genprof:53 +msgid "%s is not a directory." +msgstr "" + +#: ./../Tools/aa-genprof:67 tools.py:105 +msgid "" +"Can't find %s in the system path list. If the name of the application\n" +"is correct, please run 'which %s' as a user with correct PATH\n" +"environment set up in order to find the fully-qualified path and\n" +"use the full path as parameter." msgstr "" #: ./../Tools/aa-genprof:69 @@ -34,8 +42,7 @@ msgid "" "Before you begin, you may wish to check if a\n" "profile already exists for the application you\n" "wish to confine. See the following wiki page for\n" -"more information:\n" -"http://wiki.apparmor.net/index.php/Profiles" +"more information:" msgstr "" #: ./../Tools/aa-genprof:99 @@ -65,38 +72,59 @@ msgstr "" msgid "" "\n" "Please consider contributing your new profile!\n" -"See the following wiki page for more information:\n" -"http://wiki.apparmor.net/index.php/Profiles\n" +"See the following wiki page for more information:" msgstr "" #: ./../Tools/aa-genprof:140 msgid "Finished generating profile for %s." msgstr "" -#: ./../Tools/aa-unconfined:56 +#: ./../Tools/aa-unconfined:58 msgid "" "%s %s (%s) not confined\n" msgstr "" -#: ./../Tools/aa-unconfined:60 +#: ./../Tools/aa-unconfined:62 msgid "" "%s %s %snot confined\n" msgstr "" -#: ./../Tools/aa-unconfined:65 +#: ./../Tools/aa-unconfined:67 msgid "" "%s %s (%s) confined by '%s'\n" msgstr "" -#: ./../Tools/aa-unconfined:69 +#: ./../Tools/aa-unconfined:71 msgid "" "%s %s %sconfined by '%s'\n" msgstr "" +#: aa.py:242 aa.py:516 +msgid "Setting %s to complain mode." +msgstr "" + +#: aa.py:248 +msgid "Setting %s to enforce mode." +msgstr "" + #: aa.py:263 msgid "Unable to find basename for %s." msgstr "" +#: aa.py:278 +msgid "Could not create %s symlink to %s." +msgstr "" + +#: aa.py:288 +msgid "Unable to read first line from: %s : File Not Found" +msgstr "" + +#: aa.py:302 +msgid "" +"Unable to fork: %s\n" +"\t%s" +msgstr "" + #: aa.py:420 ui.py:270 msgid "Are you sure you want to abandon this set of profile changes and exit?" msgstr "" @@ -105,43 +133,80 @@ msgstr "" msgid "Abandoning all changes." msgstr "" +#: aa.py:441 +msgid "WARNING: Error fetching profiles from the repository" +msgstr "" + +#: aa.py:518 +msgid "Error activating profiles: %s" +msgstr "" + #: aa.py:564 msgid "%s contains no profile" msgstr "" -#: aa.py:936 aa.py:1192 aa.py:1496 aa.py:1532 aa.py:1695 aa.py:1897 aa.py:1928 +#: aa.py:656 +msgid "" +"WARNING: Error synchronizing profiles with the repository:\n" +"%s\n" +msgstr "" + +#: aa.py:694 +msgid "" +"WARNING: Error synchronizing profiles with the repository\n" +"%s\n" +msgstr "" + +#: aa.py:816 +msgid "Changelog Entry: " +msgstr "" + +#: aa.py:836 +msgid "" +"Repository Error\n" +"Registration or Sigin was unsuccessful. User login\n" +"information is required to upload profiles to the repository.\n" +"These changes could not be sent.\n" +msgstr "" + +#: aa.py:934 aa.py:1190 aa.py:1494 aa.py:1530 aa.py:1693 aa.py:1895 aa.py:1926 msgid "Profile" msgstr "" -#: aa.py:939 +#: aa.py:937 msgid "Default Hat" msgstr "" -#: aa.py:941 +#: aa.py:939 msgid "Requested Hat" msgstr "" -#: aa.py:1194 +#: aa.py:1170 +msgid "" +"Target profile exists: %s\n" +msgstr "" + +#: aa.py:1192 msgid "Program" msgstr "" -#: aa.py:1197 +#: aa.py:1195 msgid "Execute" msgstr "" -#: aa.py:1198 aa.py:1498 aa.py:1534 aa.py:1746 +#: aa.py:1196 aa.py:1496 aa.py:1532 aa.py:1744 msgid "Severity" msgstr "" -#: aa.py:1221 +#: aa.py:1219 msgid "Are you specifying a transition to a local profile?" msgstr "" -#: aa.py:1233 +#: aa.py:1231 msgid "Enter profile name to transition to: " msgstr "" -#: aa.py:1242 +#: aa.py:1240 msgid "" "Should AppArmor sanitise the environment when\n" "switching profiles?\n" @@ -151,7 +216,7 @@ msgid "" "of LD_PRELOAD or LD_LIBRARY_PATH." msgstr "" -#: aa.py:1244 +#: aa.py:1242 msgid "" "Should AppArmor sanitise the environment when\n" "switching profiles?\n" @@ -162,16 +227,16 @@ msgid "" "could cause functionality problems." msgstr "" -#: aa.py:1252 +#: aa.py:1250 msgid "" "Launching processes in an unconfined state is a very\n" "dangerous operation and can cause serious security holes.\n" "\n" "Are you absolutely certain you wish to remove all\n" -"AppArmor protection when executing : %s ?" +"AppArmor protection when executing %s ?" msgstr "" -#: aa.py:1254 +#: aa.py:1252 msgid "" "Should AppArmor sanitise the environment when\n" "running this program unconfined?\n" @@ -181,159 +246,159 @@ msgid "" "and should be avoided if at all possible." msgstr "" -#: aa.py:1330 +#: aa.py:1328 msgid "" "A profile for %s does not exist.\n" "Do you want to create one?" msgstr "" -#: aa.py:1348 +#: aa.py:1346 msgid "A local profile for %s does not exit. Create one?" msgstr "" -#: aa.py:1457 +#: aa.py:1455 msgid "Complain-mode changes:" msgstr "" -#: aa.py:1459 +#: aa.py:1457 msgid "Enforce-mode changes:" msgstr "" -#: aa.py:1462 +#: aa.py:1460 msgid "Invalid mode found: %s" msgstr "" -#: aa.py:1497 aa.py:1533 +#: aa.py:1495 aa.py:1531 msgid "Capability" msgstr "" -#: aa.py:1547 aa.py:1782 +#: aa.py:1545 aa.py:1780 msgid "Adding %s to profile." msgstr "" -#: aa.py:1549 aa.py:1784 aa.py:1824 aa.py:1946 +#: aa.py:1547 aa.py:1782 aa.py:1822 aa.py:1944 msgid "Deleted %s previous matching profile entries." msgstr "" -#: aa.py:1556 +#: aa.py:1554 msgid "Adding capability %s to profile." msgstr "" -#: aa.py:1563 +#: aa.py:1561 msgid "Denying capability %s to profile." msgstr "" -#: aa.py:1696 +#: aa.py:1694 msgid "Path" msgstr "" -#: aa.py:1705 aa.py:1736 +#: aa.py:1703 aa.py:1734 msgid "(owner permissions off)" msgstr "" -#: aa.py:1710 +#: aa.py:1708 msgid "(force new perms to owner)" msgstr "" -#: aa.py:1713 +#: aa.py:1711 msgid "(force all rule perms to owner)" msgstr "" -#: aa.py:1725 +#: aa.py:1723 msgid "Old Mode" msgstr "" -#: aa.py:1726 +#: aa.py:1724 msgid "New Mode" msgstr "" -#: aa.py:1741 +#: aa.py:1739 msgid "(force perms to owner)" msgstr "" -#: aa.py:1744 +#: aa.py:1742 msgid "Mode" msgstr "" -#: aa.py:1822 +#: aa.py:1820 msgid "Adding %s %s to profile" msgstr "" -#: aa.py:1840 +#: aa.py:1838 msgid "Enter new path:" msgstr "" -#: aa.py:1843 +#: aa.py:1841 msgid "The specified path does not match this log entry:" msgstr "" -#: aa.py:1844 +#: aa.py:1842 msgid "Log Entry" msgstr "" -#: aa.py:1845 +#: aa.py:1843 msgid "Entered Path" msgstr "" -#: aa.py:1846 +#: aa.py:1844 msgid "Do you really want to use this path?" msgstr "" -#: aa.py:1898 aa.py:1929 +#: aa.py:1896 aa.py:1927 msgid "Network Family" msgstr "" -#: aa.py:1899 aa.py:1930 +#: aa.py:1897 aa.py:1928 msgid "Socket Type" msgstr "" -#: aa.py:1944 +#: aa.py:1942 msgid "Adding %s to profile" msgstr "" -#: aa.py:1954 +#: aa.py:1952 msgid "Adding network access %s %s to profile." msgstr "" -#: aa.py:1960 +#: aa.py:1958 msgid "Denying network access %s %s to profile" msgstr "" -#: aa.py:2171 +#: aa.py:2169 msgid "Reading log entries from %s." msgstr "" -#: aa.py:2174 +#: aa.py:2172 msgid "Updating AppArmor profiles in %s." msgstr "" -#: aa.py:2178 +#: aa.py:2176 msgid "unknown" msgstr "" -#: aa.py:2241 +#: aa.py:2239 msgid "" "Select which profile changes you would like to save to the\n" "local profile set." msgstr "" -#: aa.py:2242 +#: aa.py:2240 msgid "Local profile changes" msgstr "" -#: aa.py:2264 +#: aa.py:2262 msgid "The following local profiles were changed. Would you like to save them?" msgstr "" -#: aa.py:2338 +#: aa.py:2336 msgid "Profile Changes" msgstr "" -#: aa.py:3831 +#: aa.py:3829 msgid "Writing updated profile for %s." msgstr "" -#: aa.py:4074 +#: aa.py:4072 msgid "" "%s is currently marked as a program that should not have its own\n" "profile. Usually, programs are marked this way if creating a profile for \n" @@ -378,12 +443,6 @@ msgid "" "Removing audit mode from %s.\n" msgstr "" -#: tools.py:105 -msgid "" -"Can't find %s in the system path list. If the name of the application is correct, please run 'which %s' as a user with correct PATH environment set up in order to find the fully-qualified path.\n" -"Please use the full path as parameter" -msgstr "" - #: tools.py:122 msgid "The profile for %s does not exists. Nothing to clean." msgstr "" @@ -628,19 +687,24 @@ msgstr "" msgid "(I)gnore" msgstr "" +#: ui.py:295 +msgid "" +"FINISHING...\n" +msgstr "" + #: ui.py:316 -msgid "Unknown command" +msgid "PromptUser: Unknown command %s" msgstr "" #: ui.py:323 -msgid "Duplicate hotkey for" +msgid "PromptUser: Duplicate hotkey for %s: %s " msgstr "" #: ui.py:335 -msgid "Invalid hotkey in default item" +msgid "PromptUser: Invalid hotkey in default item" msgstr "" #: ui.py:340 -msgid "Invalid default" +msgid "PromptUser: Invalid default %s" msgstr "" diff --git a/apparmor/aa.py b/apparmor/aa.py index adb1c8282..c9e09209d 100644 --- a/apparmor/aa.py +++ b/apparmor/aa.py @@ -239,13 +239,13 @@ def enforce(path): def set_complain(filename, program, ): """Sets the profile to complain mode""" - UI_Info('Setting %s to complain mode.\n' % program) + UI_Info(_('Setting %s to complain mode.') % program) create_symlink('force-complain', filename) change_profile_flags(filename, 'complain', True) def set_enforce(filename, program): """Sets the profile to enforce mode""" - UI_Info('Setting %s to enforce mode.\n' % program) + UI_Info(_('Setting %s to enforce mode.') % program) delete_symlink('force-complain', filename) delete_symlink('disable', filename) change_profile_flags(filename, 'complain', False) @@ -275,7 +275,7 @@ def create_symlink(subdir, filename): try: os.symlink(filename, link) except: - raise AppArmorException('Could not create %s symlink to %s.'%(link, filename)) + raise AppArmorException(_('Could not create %s symlink to %s.')%(link, filename)) def head(file): """Returns the first/head line of the file""" @@ -285,7 +285,7 @@ def head(file): first = f_in.readline().rstrip() return first else: - raise AppArmorException('Unable to read first line from: %s : File Not Found' %file) + raise AppArmorException(_('Unable to read first line from: %s : File Not Found') %file) def get_output(params): """Returns the return code output by running the program with the args given in the list""" @@ -299,7 +299,7 @@ def get_output(params): # Get the output of the program output = subprocess.check_output(params) except OSError as e: - raise AppArmorException("Unable to fork: %s\n\t%s" %(program, str(e))) + raise AppArmorException(_("Unable to fork: %s\n\t%s") %(program, str(e))) # If exit-codes besides 0 except subprocess.CalledProcessError as e: output = e.output @@ -432,13 +432,13 @@ def get_profile(prof_name): local_profiles = [] profile_hash = hasher() if repo_is_enabled(): - UI_BusyStart('Coonecting to repository.....') + UI_BusyStart('Connecting to repository.....') status_ok, ret = fetch_profiles_by_name(repo_url, distro, prof_name) UI_BusyStop() if status_ok: profile_hash = ret else: - UI_Important('WARNING: Error fetching profiles from the repository') + UI_Important(_('WARNING: Error fetching profiles from the repository')) inactive_profile = get_inactive_profile(prof_name) if inactive_profile: uname = 'Inactive local profile for %s' % prof_name @@ -513,9 +513,9 @@ def activate_repo_profiles(url, profiles, complain): if complain: fname = get_profile_filename(pname) set_profile_flags(profile_dir + fname, 'complain') - UI_Info('Setting %s to complain mode.' % pname) + UI_Info(_('Setting %s to complain mode.') % pname) except Exception as e: - sys.stderr.write("Error activating profiles: %s" % e) + sys.stderr.write(_("Error activating profiles: %s") % e) def autodep(bin_name, pname=''): bin_full = None @@ -653,7 +653,7 @@ def sync_profile(): if not status_ok: if not ret: ret = 'UNKNOWN ERROR' - UI_Important('WARNING: Error synchronizing profiles with the repository:\n%s\n' % ret) + UI_Important(_('WARNING: Error synchronizing profiles with the repository:\n%s\n') % ret) else: users_repo_profiles = ret serialize_opts['NO_FLAGS'] = True @@ -691,7 +691,7 @@ def sync_profile(): else: if not ret: ret = 'UNKNOWN ERROR' - UI_Important('WARNING: Error synchronizing profiles witht he repository\n%s\n' % ret) + UI_Important(_('WARNING: Error synchronizing profiles with the repository\n%s\n') % ret) continue if p_repo != p_local: changed_profiles.append(prof) @@ -813,7 +813,7 @@ def console_select_and_upload_profiles(title, message, profiles_up): if ans == 'CMD_NEVER_ASK': set_profiles_local_only([i[0] for i in profs]) elif ans == 'CMD_UPLOAD_CHANGES': - changelog = UI_GetString('Changelog Entry: ', '') + changelog = UI_GetString(_('Changelog Entry: '), '') user, passw = get_repo_user_pass() if user and passw: for p_data in profs: @@ -831,11 +831,9 @@ def console_select_and_upload_profiles(title, message, profiles_up): else: if not ret: ret = 'UNKNOWN ERROR' - UI_Important('WARNING: An error occured while uploading the profile %s\n%s\n' % (prof, ret)) + UI_Important('WARNING: An error occurred while uploading the profile %s\n%s\n' % (prof, ret)) else: - UI_Important('Repository Error\nRegistration or Sigin was unsuccessful. User login\n' + - 'information is required to upload profiles to the repository.\n' + - 'These changes could not be sent.\n') + UI_Important(_('Repository Error\nRegistration or Sigin was unsuccessful. User login\ninformation is required to upload profiles to the repository.\nThese changes could not be sent.\n')) def set_profiles_local_only(profs): for p in profs: @@ -1169,7 +1167,7 @@ def handle_children(profile, hat, root): default = None if 'p' in options and os.path.exists(get_profile_filename(exec_target)): default = 'CMD_px' - sys.stdout.write('Target profile exists: %s\n' %get_profile_filename(exec_target)) + sys.stdout.write(_('Target profile exists: %s\n') %get_profile_filename(exec_target)) elif 'i' in options: default = 'CMD_ix' elif 'c' in options: @@ -1249,7 +1247,7 @@ def handle_children(profile, hat, root): exec_mode = exec_mode - (AA_EXEC_UNSAFE | AA_OTHER(AA_EXEC_UNSAFE)) elif ans == 'CMD_ux': exec_mode = str_to_mode('ux') - ynans = UI_YesNo(_("""Launching processes in an unconfined state is a very\ndangerous operation and can cause serious security holes.\n\nAre you absolutely certain you wish to remove all\nAppArmor protection when executing : %s ?""") % exec_target, 'n') + ynans = UI_YesNo(_("""Launching processes in an unconfined state is a very\ndangerous operation and can cause serious security holes.\n\nAre you absolutely certain you wish to remove all\nAppArmor protection when executing %s ?""") % exec_target, 'n') if ynans == 'y': ynans = UI_YesNo(_("""Should AppArmor sanitise the environment when\nrunning this program unconfined?\n\nNot sanitising the environment when unconfining\na program opens up significant security holes\nand should be avoided if at all possible."""), 'y') if ynans == 'y': diff --git a/apparmor/tools.py b/apparmor/tools.py index 7d5df9ac5..b2a7ce5d4 100644 --- a/apparmor/tools.py +++ b/apparmor/tools.py @@ -102,7 +102,7 @@ class aa_tools: else: if '/' not in p: - apparmor.UI_Info(_("Can't find %s in the system path list. If the name of the application is correct, please run 'which %s' as a user with correct PATH environment set up in order to find the fully-qualified path.\nPlease use the full path as parameter")%(p, p)) + apparmor.UI_Info(_("Can't find %s in the system path list. If the name of the application\nis correct, please run 'which %s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter.")%(p, p)) else: apparmor.UI_Info(_("%s does not exist, please double-check the path.")%p) sys.exit(1) diff --git a/apparmor/ui.py b/apparmor/ui.py index ced5b2c09..9e89fafb2 100644 --- a/apparmor/ui.py +++ b/apparmor/ui.py @@ -292,7 +292,7 @@ def UI_LongMessage(title, message): ypath, yarg = GetDataFromYast() def confirm_and_finish(): - sys.stdout.write('FINISHING...\n') + sys.stdout.write(_('FINISHING...\n')) sys.exit(0) def Text_PromptUser(question): @@ -313,14 +313,14 @@ def Text_PromptUser(question): for cmd in functions: if not CMDS.get(cmd, False): - raise AppArmorException('PromptUser: %s %s' %(_('Unknown command'), cmd)) + raise AppArmorException(_('PromptUser: Unknown command %s') % cmd) menutext = CMDS[cmd] key = get_translated_hotkey(menutext).lower() # Duplicate hotkey if keys.get(key, False): - raise AppArmorException('PromptUser: %s %s: %s' %(_('Duplicate hotkey for'), cmd, menutext)) + raise AppArmorException(_('PromptUser: Duplicate hotkey for %s: %s ') % (cmd, menutext)) keys[key] = cmd @@ -332,12 +332,12 @@ def Text_PromptUser(question): default_key = 0 if default and CMDS[default]: defaulttext = CMDS[default] - defmsg = 'PromptUser: ' + _('Invalid hotkey in default item') + defmsg = _('PromptUser: Invalid hotkey in default item') default_key = get_translated_hotkey(defaulttext, defmsg).lower() if not keys.get(default_key, False): - raise AppArmorException('PromptUser: %s %s' %(_('Invalid default'), default)) + raise AppArmorException(_('PromptUser: Invalid default %s') % default) widest = 0 header_copy = headers[:]