diff options
author | Justin B Rye <jbr@edlug.org.uk> | 2012-06-06 23:56:08 +0200 |
---|---|---|
committer | David Kalnischkies <kalnischkies@gmail.com> | 2012-06-06 23:56:08 +0200 |
commit | 75d9bdba9b62422a42787727e60f850dfd86171b (patch) | |
tree | 82a9a3c15c9a10689e7991b228381669099c61f6 /doc/po/apt-doc.pot | |
parent | 44477002adb73db2324f4218e5d85aae016ff5fa (diff) |
* doc/apt-secure.8.xml:
- review and fix typo, grammar and style issues
Diffstat (limited to 'doc/po/apt-doc.pot')
-rw-r--r-- | doc/po/apt-doc.pot | 120 |
1 files changed, 61 insertions, 59 deletions
diff --git a/doc/po/apt-doc.pot b/doc/po/apt-doc.pot index 1657999e6..56e54b585 100644 --- a/doc/po/apt-doc.pot +++ b/doc/po/apt-doc.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: apt-doc 0.9.5.1\n" "Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" -"POT-Creation-Date: 2012-06-06 15:23+0300\n" +"POT-Creation-Date: 2012-06-06 23:46+0300\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -1110,7 +1110,7 @@ msgid "Files" msgstr "" #. type: Content of: <refentry><refsect1><title> -#: apt-get.8.xml:528 apt-cache.8.xml:350 apt-key.8.xml:195 apt-mark.8.xml:131 apt-secure.8.xml:192 apt-cdrom.8.xml:144 apt-config.8.xml:109 apt.conf.5.xml:1124 apt_preferences.5.xml:705 sources.list.5.xml:252 apt-extracttemplates.1.xml:70 apt-sortpkgs.1.xml:63 apt-ftparchive.1.xml:607 +#: apt-get.8.xml:528 apt-cache.8.xml:350 apt-key.8.xml:195 apt-mark.8.xml:131 apt-secure.8.xml:191 apt-cdrom.8.xml:144 apt-config.8.xml:109 apt.conf.5.xml:1124 apt_preferences.5.xml:705 sources.list.5.xml:252 apt-extracttemplates.1.xml:70 apt-sortpkgs.1.xml:63 apt-ftparchive.1.xml:607 msgid "See Also" msgstr "" @@ -1805,10 +1805,10 @@ msgstr "" #. type: Content of: <refentry><refsect1><para> #: apt-secure.8.xml:60 msgid "" -"If a package comes from a archive without a signature or with a signature " -"that apt does not have a key for that package is considered untrusted and " +"If a package comes from a archive without a signature, or with a signature " +"that apt does not have a key for, that package is considered untrusted, and " "installing it will result in a big warning. <command>apt-get</command> will " -"currently only warn for unsigned archives, future releases might force all " +"currently only warn for unsigned archives; future releases might force all " "sources to be verified before downloading packages from them." msgstr "" @@ -1827,12 +1827,12 @@ msgstr "" #. type: Content of: <refentry><refsect1><para> #: apt-secure.8.xml:77 msgid "" -"The chain of trust from an apt archive to the end user is made up of " -"different steps. <command>apt-secure</command> is the last step in this " -"chain, trusting an archive does not mean that the packages that you trust it " -"do not contain malicious code but means that you trust the archive " -"maintainer. It's the archive maintainer responsibility to ensure that the " -"archive integrity is correct." +"The chain of trust from an apt archive to the end user is made up of several " +"steps. <command>apt-secure</command> is the last step in this chain; " +"trusting an archive does not mean that you trust its packages not to contain " +"malicious code, but means that you trust the archive maintainer. It's the " +"archive maintainer's responsibility to ensure that the archive's integrity " +"is preserved." msgstr "" #. type: Content of: <refentry><refsect1><para> @@ -1848,53 +1848,53 @@ msgstr "" #: apt-secure.8.xml:92 msgid "" "The chain of trust in Debian starts when a maintainer uploads a new package " -"or a new version of a package to the Debian archive. This upload in order to " -"become effective needs to be signed by a key of a maintainer within the " -"Debian maintainer's keyring (available in the debian-keyring " -"package). Maintainer's keys are signed by other maintainers following " -"pre-established procedures to ensure the identity of the key holder." +"or a new version of a package to the Debian archive. In order to become " +"effective, this upload needs to be signed by a key contained in the Debian " +"Maintainers keyring (available in the debian-keyring package). Maintainers' " +"keys are signed by other maintainers following pre-established procedures to " +"ensure the identity of the key holder." msgstr "" #. type: Content of: <refentry><refsect1><para> #: apt-secure.8.xml:102 msgid "" "Once the uploaded package is verified and included in the archive, the " -"maintainer signature is stripped off, an MD5 sum of the package is computed " -"and put in the Packages file. The MD5 sum of all of the packages files are " -"then computed and put into the Release file. The Release file is then signed " -"by the archive key (which is created once a year) and distributed through " -"the FTP server. This key is also on the Debian keyring." +"maintainer signature is stripped off, and checksums of the package are " +"computed and put in the Packages file. The checksums of all of the Packages " +"files are then computed and put into the Release file. The Release file is " +"then signed by the archive key for this Debian release and distributed " +"alongside the packages and the Packages files on Debian mirrors. The keys " +"are in the Debian archive keyring available in the " +"<package>debian-archive-keyring</package> package." msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:112 +#: apt-secure.8.xml:113 msgid "" -"Any end user can check the signature of the Release file, extract the MD5 " -"sum of a package from it and compare it with the MD5 sum of the package he " -"downloaded. Prior to version 0.6 only the MD5 sum of the downloaded Debian " -"package was checked. Now both the MD5 sum and the signature of the Release " -"file are checked." +"End users can check the signature of the Release file, extract a checksum of " +"a package from it and compare it with the checksum of the package they " +"downloaded by hand - or rely on APT doing this automatically." msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:119 +#: apt-secure.8.xml:118 msgid "" "Notice that this is distinct from checking signatures on a per package " "basis. It is designed to prevent two possible attacks:" msgstr "" #. type: Content of: <refentry><refsect1><itemizedlist><listitem><para> -#: apt-secure.8.xml:124 +#: apt-secure.8.xml:123 msgid "" "<literal>Network \"man in the middle\" attacks</literal>. Without signature " -"checking, a malicious agent can introduce himself in the package download " -"process and provide malicious software either by controlling a network " -"element (router, switch, etc.) or by redirecting traffic to a rogue server " -"(through arp or DNS spoofing attacks)." +"checking, malicious agents can introduce themselves into the package " +"download process and provide malicious software either by controlling a " +"network element (router, switch, etc.) or by redirecting traffic to a rogue " +"server (through ARP or DNS spoofing attacks)." msgstr "" #. type: Content of: <refentry><refsect1><itemizedlist><listitem><para> -#: apt-secure.8.xml:132 +#: apt-secure.8.xml:131 msgid "" "<literal>Mirror network compromise</literal>. Without signature checking, a " "malicious agent can compromise a mirror host and modify the files in it to " @@ -1903,7 +1903,7 @@ msgid "" msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:139 +#: apt-secure.8.xml:138 msgid "" "However, it does not defend against a compromise of the Debian master server " "itself (which signs the packages) or against a compromise of the key used to " @@ -1912,21 +1912,21 @@ msgid "" msgstr "" #. type: Content of: <refentry><refsect1><title> -#: apt-secure.8.xml:145 +#: apt-secure.8.xml:144 msgid "User configuration" msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:147 +#: apt-secure.8.xml:146 msgid "" "<command>apt-key</command> is the program that manages the list of keys used " -"by apt. It can be used to add or remove keys although an installation of " -"this release will automatically provide the default Debian archive signing " +"by apt. It can be used to add or remove keys, although an installation of " +"this release will automatically contain the default Debian archive signing " "keys used in the Debian package repositories." msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:154 +#: apt-secure.8.xml:153 msgid "" "In order to add a new key you need to first download it (you should make " "sure you are using a trusted communication channel when retrieving it), add " @@ -1937,19 +1937,19 @@ msgid "" msgstr "" #. type: Content of: <refentry><refsect1><title> -#: apt-secure.8.xml:163 +#: apt-secure.8.xml:162 msgid "Archive configuration" msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:165 +#: apt-secure.8.xml:164 msgid "" "If you want to provide archive signatures in an archive under your " "maintenance you have to:" msgstr "" #. type: Content of: <refentry><refsect1><itemizedlist><listitem><para> -#: apt-secure.8.xml:170 +#: apt-secure.8.xml:169 msgid "" "<emphasis>Create a toplevel Release file</emphasis>, if it does not exist " "already. You can do this by running <command>apt-ftparchive " @@ -1957,7 +1957,7 @@ msgid "" msgstr "" #. type: Content of: <refentry><refsect1><itemizedlist><listitem><para> -#: apt-secure.8.xml:175 +#: apt-secure.8.xml:174 msgid "" "<emphasis>Sign it</emphasis>. You can do this by running <command>gpg " "--clearsign -o InRelease Release</command> and <command>gpg -abs -o " @@ -1965,7 +1965,7 @@ msgid "" msgstr "" #. type: Content of: <refentry><refsect1><itemizedlist><listitem><para> -#: apt-secure.8.xml:179 +#: apt-secure.8.xml:178 msgid "" "<emphasis>Publish the key fingerprint</emphasis>, that way your users will " "know what key they need to import in order to authenticate the files in the " @@ -1973,22 +1973,22 @@ msgid "" msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:186 +#: apt-secure.8.xml:185 msgid "" -"Whenever the contents of the archive changes (new packages are added or " -"removed) the archive maintainer has to follow the first two steps previously " -"outlined." +"Whenever the contents of the archive change (new packages are added or " +"removed) the archive maintainer has to follow the first two steps outlined " +"above." msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:194 +#: apt-secure.8.xml:193 msgid "" "&apt-conf;, &apt-get;, &sources-list;, &apt-key;, &apt-ftparchive;, " "&debsign; &debsig-verify;, &gpg;" msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:198 +#: apt-secure.8.xml:197 msgid "" "For more background information you might want to review the <ulink " "url=\"http://www.debian.org/doc/manuals/securing-debian-howto/ch7\">Debian " @@ -1999,12 +1999,12 @@ msgid "" msgstr "" #. type: Content of: <refentry><refsect1><title> -#: apt-secure.8.xml:211 +#: apt-secure.8.xml:210 msgid "Manpage Authors" msgstr "" #. type: Content of: <refentry><refsect1><para> -#: apt-secure.8.xml:213 +#: apt-secure.8.xml:212 msgid "" "This man-page is based on the work of Javier Fernández-Sanguino Peña, Isaac " "Jones, Colin Walters, Florian Weimer and Michael Vogt." @@ -3819,7 +3819,8 @@ msgid "" "specified packages with a specified version or version range. For example, " "the following record assigns a high priority to all versions of the " "<filename>perl</filename> package whose version number begins with " -"\"<literal>5.8</literal>\". Multiple packages can be separated by spaces." +"\"<literal>&good-perl;</literal>\". Multiple packages can be separated by " +"spaces." msgstr "" #. type: Content of: <refentry><refsect1><refsect2><para><itemizedlist><listitem><programlisting> @@ -3827,7 +3828,7 @@ msgstr "" #, no-wrap msgid "" "Package: perl\n" -"Pin: version 5.8*\n" +"Pin: version &good-perl;*\n" "Pin-Priority: 1001\n" msgstr "" @@ -4092,7 +4093,7 @@ msgstr "" #, no-wrap msgid "" "Package: perl\n" -"Pin: version 5.8*\n" +"Pin: version &good-perl;*\n" "Pin-Priority: 1001\n" "\n" "Package: *\n" @@ -4114,9 +4115,10 @@ msgstr "" msgid "" "The most recent available version of the <literal>perl</literal> package " "will be installed, so long as that version's version number begins with " -"\"<literal>5.8</literal>\". If <emphasis>any</emphasis> 5.8* version of " -"<literal>perl</literal> is available and the installed version is 5.9*, then " -"<literal>perl</literal> will be downgraded." +"\"<literal>&good-perl;</literal>\". If <emphasis>any</emphasis> " +"&good-perl;* version of <literal>perl</literal> is available and the " +"installed version is &bad-perl;*, then <literal>perl</literal> will be " +"downgraded." msgstr "" #. type: Content of: <refentry><refsect1><refsect2><para><itemizedlist><listitem><simpara> |