Re: Request review of debconf templates for xastir

To: debian-l10n-english@lists.debian.org
Cc: "Iain R. Learmonth" <irl@fsfe.org>
Subject: Re: Request review of debconf templates for xastir
From: Justin B Rye <justin.byam.rye@gmail.com>
Date: Fri, 3 Apr 2015 01:04:15 +0100
Message-id: <[🔎] 20150403000415.GA29200@xibalba.demon.co.uk>
Mail-followup-to: debian-l10n-english@lists.debian.org, "Iain R. Learmonth" <irl@fsfe.org>
In-reply-to: <[🔎] 20150402221205.GE17930@shiftout.net>
References: <[🔎] 20150402221205.GE17930@shiftout.net>

Iain R. Learmonth wrote:
> I am a native English speaker, but if there are changes that will make this
> text clearer or make the text easier to translate, then I'll be happy to
> make them. I notice it is Debian policy to "Be kind to translators" (section
> 6.5.2.2). (:

I'm just back from the local LUG's monthly pub meeting, which means
I'm in just the right state to detect bits that are hard to follow...

> Template: xastir/install-setuid
> Type: boolean
> Default: false
> _Description: Should non-superusers be able to use native AX.25 from Xastir?

Slightly longer and more technical than the equivalent wireshark
question.  I'll assume people installing Xastir should be aware what
AX.25 is, but could we perhaps drop "from Xastir"?

>  Xastir can be installed in a way that allows members of the "xastir-ax25"
>  system group to use a native Linux AX.25 interface from within Xastir. This
>  is recommended over the alternative of running Xastir as root, as this
>  configuration will attempt to use Linux capabilities to limit the privileges
>  available to Xastir to only those required. Note that if Linux capabilities
>  are not available, the binary will be installed setuid.

The main opportunity for confusion here is "this configuration".  Does
that mean the xastir-ax25 setup or "the alternative"?  It must be the
former, but I have to reread it to be sure.

>  .
>  For more detailed information please see
>  /usr/share/doc/xastir/README.Debian.
>  .
>  Enabling this feature may be a security risk, so it is disabled by
>  default. If in doubt, it is suggested to leave it disabled.

Messing around in the hope of finding a clearer way of saying it:

  _Description: Should non-superusers be able to use native AX.25?
   Xastir can be installed in a way that allows members of the "xastir-ax25"
   system group to use a native Linux AX.25 interface from within Xastir.
   Where available this configuration uses Linux capabilities in order to
   limit the process's privileges to only those required, falling back on
   installing the binary setuid where Linux capabilities are not available.
   .
   This is recommended over the alternative of running Xastir directly as
   root, but enabling it may be a security risk, so it is disabled by
   default. If in doubt, it is suggested to leave it disabled.
   .
   For more detailed information please see
   /usr/share/doc/xastir/README.Debian.

Mind you, it still seems strange to say that the system-group approach
is "recommended" if you're going to go on to suggest leaving it
disabled.
-- 
JBR	with qualifications in linguistics, experience as a Debian
	sysadmin, and probably no clue about this particular package

Reply to:

Follow-Ups:
- Re: Request review of debconf templates for xastir
  - From: "Iain R. Learmonth" <irl@fsfe.org>

References:
- Request review of debconf templates for xastir
  - From: "Iain R. Learmonth" <irl@fsfe.org>

Prev by Date: Request review of debconf templates for xastir
Next by Date: Re: Request review of debconf templates for xastir
Previous by thread: Request review of debconf templates for xastir
Next by thread: Re: Request review of debconf templates for xastir
Index(es):
- Date
- Thread