Adding upstream version 4.23.0.upstream/4.23.0

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 292 insertions, 20 deletions

diff --git a/po/de/man5/crypttab.5.po b/po/de/man5/crypttab.5.po
index 45fffd8b..6f6404de 100644
--- a/po/de/man5/crypttab.5.po
+++ b/po/de/man5/crypttab.5.po
@@ -4,9 +4,9 @@
 # Helge Kreutzmann <debian@helgefjell.de>, 2020-2023.
 msgid ""
 msgstr ""
-"Project-Id-Version: manpages-l10n 4.21.0\n"
-"POT-Creation-Date: 2024-03-01 16:54+0100\n"
-"PO-Revision-Date: 2024-03-02 10:00+0100\n"
+"Project-Id-Version: manpages-l10n 4.22.0\n"
+"POT-Creation-Date: 2024-06-01 05:46+0200\n"
+"PO-Revision-Date: 2024-06-01 14:49+0200\n"
 "Last-Translator: Helge Kreutzmann <debian@helgefjell.de>\n"
 "Language-Team: German <debian-l10n-german@lists.debian.org>\n"
 "Language: de\n"
@@ -23,7 +23,7 @@ msgid "CRYPTTAB"
 msgstr "CRYPTTAB"
 
 #. type: TH
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 #, no-wrap
 msgid "systemd 255"
 msgstr "systemd 255"
@@ -253,7 +253,7 @@ msgstr ""
 "nachfolgend beschrieben\\&."
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "The key may be acquired via a PKCS#11 compatible hardware security token or "
 "smartcard\\&. In this case an encrypted key is stored on disk/removable "
@@ -317,11 +317,11 @@ msgstr ""
 "beschriebene Option B<tpm2-device=>, um diesen Mechanismus zu verwenden\\&."
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-rawhide mageia-cauldron
 msgid ""
 "For the latter five mechanisms the source for the key material used for "
 "unlocking the volume is primarily configured in the third field of each /etc/"
-"crypttab line, but may also configured in /etc/cryptsetup-keys\\&.d/ and /"
+"crypttab line, but may also be configured in /etc/cryptsetup-keys\\&.d/ and /"
 "run/cryptsetup-keys\\&.d/ (see above) or in the LUKS2 JSON token header (in "
 "case of the latter three)\\&. Use the B<systemd-cryptenroll>(1)  tool to "
 "enroll PKCS#11, FIDO2 and TPM2 devices in LUKS2 volumes\\&."
@@ -664,7 +664,7 @@ msgid "B<nofail>"
 msgstr "B<nofail>"
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "This device will not be a hard dependency of cryptsetup\\&.target\\&. "
 "It\\*(Aqll still be pulled in and started, but the system will not wait for "
@@ -897,7 +897,7 @@ msgstr ""
 "B<mkswap>(8) formatiert\\&. Diese Option impliziert B<plain>\\&."
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "WARNING: Using the B<swap> option will destroy the contents of the named "
 "partition during every boot, so make sure the underlying block device is "
@@ -1126,7 +1126,7 @@ msgstr ""
 "ist, ist »ext4« die Vorgabe\\&. Diese Option impliziert B<plain>\\&."
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "WARNING: Using the B<tmp> option will destroy the contents of the named "
 "partition during every boot, so make sure the underlying block device is "
@@ -1228,7 +1228,7 @@ msgid "B<pkcs11-uri=>"
 msgstr "B<pkcs11-uri=>"
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "Takes either the special value \"auto\" or an \\m[blue]B<RFC7512 PKCS#11 "
 "URI>\\m[]\\&\\s-2\\u[2]\\d\\s+2 pointing to a private RSA key which is used "
@@ -1247,7 +1247,7 @@ msgstr ""
 "YubiKey-Sicherheits-Token verwenden können\\&."
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "If specified as \"auto\" the volume must be of type LUKS2 and must carry "
 "PKCS#11 security token metadata in its LUKS2 JSON token section\\&. In this "
@@ -1267,7 +1267,7 @@ msgstr ""
 "Spalte der Zeile leer bleiben (das bedeutet, als »-« festgelegt sein)\\&."
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "The specified URI can refer directly to a private RSA key stored on a token "
 "or alternatively just to a slot or token, in which case a search for a "
@@ -1856,14 +1856,14 @@ msgid "AF_UNIX KEY FILES"
 msgstr "AF_UNIX-SCHLÜSSELDATEIEN"
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-rawhide mageia-cauldron
 msgid ""
 "If the key file path (as specified in the third column of /etc/crypttab "
 "entries, see above) refers to an B<AF_UNIX> stream socket in the file "
 "system, the key is acquired by connecting to the socket and reading the key "
 "from the connection\\&. The connection is made from an B<AF_UNIX> socket "
 "name in the abstract namespace, see B<unix>(7)  for details\\&. The source "
-"socket name is chosen according the following format:"
+"socket name is chosen according to the following format:"
 msgstr ""
 "Falls der Schlüsseldateipfad (wie in der dritten Spalte der /etc/crypttab-"
 "Einträge festgelegt, siehe oben) sich auf ein B<AF_UNIX>-Datenstrom-Socket "
@@ -1976,7 +1976,7 @@ msgstr ""
 "B<Beispiel\\ \\&2.\\ \\&Yubikey-basierte PKCS#11-Datenträger-Entsperrung>"
 
 #. type: Plain text
-#: archlinux fedora-40 fedora-rawhide mageia-cauldron
+#: archlinux fedora-40 mageia-cauldron
 msgid ""
 "The PKCS#11 logic allows hooking up any compatible security token that is "
 "capable of storing RSA decryption keys for unlocking an encrypted volume\\&. "
@@ -3588,11 +3588,283 @@ msgstr ""
 #. type: TH
 #: debian-unstable
 #, no-wrap
-msgid "2024-02-26"
-msgstr "26. Februar 2024"
+msgid "2024-04-14"
+msgstr "14. April 2024"
 
 #. type: TH
 #: debian-unstable
 #, no-wrap
-msgid "cryptsetup 2:2\\&.7\\&.0-1"
-msgstr "cryptsetup 2:2\\&.7\\&.0-1"
+msgid "cryptsetup 2:2\\&.7\\&.2-2"
+msgstr "cryptsetup 2:2\\&.7\\&.2-2"
+
+#. type: Plain text
+#: fedora-40
+msgid ""
+"For the latter five mechanisms the source for the key material used for "
+"unlocking the volume is primarily configured in the third field of each /etc/"
+"crypttab line, but may also configured in /etc/cryptsetup-keys\\&.d/ and /"
+"run/cryptsetup-keys\\&.d/ (see above) or in the LUKS2 JSON token header (in "
+"case of the latter three)\\&. Use the B<systemd-cryptenroll>(1)  tool to "
+"enroll PKCS#11, FIDO2 and TPM2 devices in LUKS2 volumes\\&."
+msgstr ""
+"Für die letzteren fünf Mechanismen ist die Quelle für das Schlüsselmaterial, "
+"das zum Entsperren des Datenträgers verwandt wird, primär in dem dritten "
+"Feld jeder /etc/crypttab-Zeile kodiert, kann aber auch in /etc/cryptsetup-"
+"keys\\&.d/ und /run/cryptsetup-keys\\&.d/ (siehe oben) oder in den LUKS2-"
+"JSON-Token-Datenkopf (im Falle der letzteren drei) konfiguriert werden\\&. "
+"Verwenden Sie das Werkzeug B<systemd-cryptenroll>(1), um PKCS#11-, FIDO2- "
+"und TPM2-Geräte in LUKS2-Datenträgern zu registrieren\\&."
+
+#. type: Plain text
+#: fedora-40
+msgid ""
+"If the key file path (as specified in the third column of /etc/crypttab "
+"entries, see above) refers to an B<AF_UNIX> stream socket in the file "
+"system, the key is acquired by connecting to the socket and reading the key "
+"from the connection\\&. The connection is made from an B<AF_UNIX> socket "
+"name in the abstract namespace, see B<unix>(7)  for details\\&. The source "
+"socket name is chosen according the following format:"
+msgstr ""
+"Falls der Schlüsseldateipfad (wie in der dritten Spalte der /etc/crypttab-"
+"Einträge festgelegt, siehe oben) sich auf ein B<AF_UNIX>-Datenstrom-Socket "
+"in dem Dateisystem bezieht, wird der Schlüssel erlangt, indem eine "
+"Verbindung zu dem Socket aufgebaut und der Schlüssel aus der Verbindung "
+"gelesen wird\\&. Die Verbindung erfolgt von einem B<AF_UNIX>-Socket in dem "
+"abstrakten Namensraum, siehe B<unix>(7) für Details\\&. Der Quell-Socket-"
+"Name wird gemäß folgendem Format ausgewählt:"
+
+#. type: TH
+#: fedora-rawhide
+#, no-wrap
+msgid "systemd 256~rc3"
+msgstr "systemd 256~rc3"
+
+#. type: Plain text
+#: fedora-rawhide
+#, fuzzy
+#| msgid ""
+#| "The key may be acquired via a PKCS#11 compatible hardware security token "
+#| "or smartcard\\&. In this case an encrypted key is stored on disk/"
+#| "removable media, acquired via B<AF_UNIX>, or stored in the LUKS2 JSON "
+#| "token metadata header\\&. The encrypted key is then decrypted by the "
+#| "PKCS#11 token with an RSA key stored on it, and then used to unlock the "
+#| "encrypted volume\\&. Use the B<pkcs11-uri=> option described below to use "
+#| "this mechanism\\&."
+msgid ""
+"The key may be acquired via a PKCS#11 compatible hardware security token or "
+"smartcard\\&. In this case a saved key used in unlock process is stored on "
+"disk/removable media, acquired via B<AF_UNIX>, or stored in the LUKS2 JSON "
+"token metadata header\\&. For RSA, the saved key is an encrypted volume "
+"key\\&. The encrypted volume key is then decrypted by the PKCS#11 token with "
+"an RSA private key stored on it, and used to unlock the encrypted volume\\&. "
+"For elliptic-curve (EC) cryptography, the saved key is the public key "
+"generated in enrollment process\\&. The public key is then used to derive a "
+"shared secret with a private key stored in the PKCS#11 token\\&. The derived "
+"shared secret is then used to unlock the volume\\&. Use the B<pkcs11-uri=> "
+"option described below to use this mechanism\\&."
+msgstr ""
+"Der Schlüssel kann über ein PKCS#11-kompatibles Hardware-Token oder eine "
+"Smartcard beschafft werden\\&. In diesem Fall wird ein verschlüsselter "
+"Schlüssel auf einer Platte/einem Wechselmedium gespeichert und mittels "
+"B<AF_UNIX> beschafft, oder in dem LUKS2-JSON-Token-Metadatenkopf "
+"gespeichert\\&. Der verschlüsselte Schlüssel wird dann durch den PKCS#11-"
+"Token mittels eines darauf gespeicherten RSA-Schlüssels entschlüsselt und "
+"dann für das Entsperren des verschlüsselten Datenträgers verwandt\\&. "
+"Verwenden Sie die nachfolgend beschriebene Option B<pkcs11-uri=>, um diesen "
+"Mechanismus zu verwenden\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+msgid "B<link-volume-key=>"
+msgstr "B<link-volume-key=>"
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"Specifies the kernel keyring and key description (see B<keyrings>(7)) where "
+"LUKS2 volume key gets linked during device activation\\&. The kernel keyring "
+"description and key description must be separated by \"::\"\\&."
+msgstr ""
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"The kernel keyring part can be a string description or a predefined kernel "
+"keyring prefixed with \"@\" (e\\&.g\\&.: to use \"@s\" session or \"@u\" "
+"user keyring directly)\\&. The type prefix text in the kernel keyring "
+"description is not required\\&. The specified kernel keyring must already "
+"exist at the time of device activation\\&."
+msgstr ""
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"The key part is a string description optionally prefixed by a \"%key_type:"
+"\"\\&. If no type is specified, the \"user\" type key is linked by "
+"default\\&. See B<keyctl>(1)  for more information on key descriptions (KEY "
+"IDENTIFIERS section)\\&."
+msgstr ""
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"Note that the linked volume key is not cleaned up automatically when the "
+"device is detached\\&."
+msgstr ""
+
+#. type: Plain text
+#: fedora-rawhide
+msgid "Added in version 256\\&."
+msgstr "Hinzugefügt in Version 256\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+#, fuzzy
+#| msgid ""
+#| "This device will not be a hard dependency of cryptsetup\\&.target\\&. "
+#| "It\\*(Aqll still be pulled in and started, but the system will not wait "
+#| "for the device to show up and be unlocked, and boot will not fail if this "
+#| "is unsuccessful\\&. Note that other units that depend on the unlocked "
+#| "device may still fail\\&. In particular, if the device is used for a "
+#| "mount point, the mount point itself also needs to have the B<nofail> "
+#| "option, or the boot will fail if the device is not unlocked "
+#| "successfully\\&."
+msgid ""
+"This device will not be a hard dependency of cryptsetup\\&.target\\&. "
+"It\\*(Aqll still be pulled in and started, but the system will not wait for "
+"the device to show up and be unlocked, and boot will not fail if this is "
+"unsuccessful\\&. Note that other units that depend on the unlocked device "
+"may still fail\\&. In particular, if the device is used for a mount point, "
+"the mount point itself also needs to have the B<nofail> option, or the boot "
+"will fail if the device is not unlocked successfully\\&. If a keyfile and/or "
+"a B<header> are specified, the dependencies on their respective directories "
+"will also not be fatal, so that umounting said directories will not cause "
+"the generated cryptset unit to be deactivated\\&."
+msgstr ""
+"Dieses Gerät wird keine harte Abhängigkeit von cryptsetup\\&.target sein\\&. "
+"Es wird weiterhin hereingezogen und gestartet, aber das System wird nicht "
+"darauf warten, dass das Gerät auftaucht und entsperrt wird und der "
+"Systemstart wird nicht fehlschlagen, falls das nicht klappt\\&. Beachten "
+"Sie, dass andere Units weiterhin von dem entsperrten Gerät abhängen und "
+"weiterhin fehlschlagen könnten\\&. Falls insbesondere das Gerät als "
+"Einhängepunkt verwandt wird, muss der Einhängepunkt selbst auch die Option "
+"B<nofail> haben, oder der Systemstart wird fehlschlagen, falls das Gerät "
+"nicht erfolgreich entsperrt wurde\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+msgid "B<Warning>"
+msgstr "B<Warnung>"
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"Using the B<swap> option will destroy the contents of the named partition "
+"during every boot, so make sure the underlying block device is specified "
+"correctly\\&."
+msgstr ""
+"Durch Verwendung der Option B<swap> wird der Inhalt der benannten Partition "
+"während jedes Systemstarts zerstört\\&. Stellen Sie daher sicher, dass das "
+"zugrundeliegende Blockgerät korrekt angegeben ist\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"Using the B<tmp> option will destroy the contents of the named partition "
+"during every boot, so make sure the underlying block device is specified "
+"correctly\\&."
+msgstr ""
+"Durch Verwendung der Option B<tmp> wird der Inhalt der benannten Partition "
+"während jedes Systemstarts zerstört\\&. Stellen Sie daher sicher, dass das "
+"zugrundeliegende Blockgerät korrekt angegeben ist\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"Takes either the special value \"auto\" or an \\m[blue]B<RFC7512 PKCS#11 "
+"URI>\\m[]\\&\\s-2\\u[2]\\d\\s+2 pointing to a private key which is used to "
+"decrypt the encrypted key specified in the third column of the line\\&. This "
+"is useful for unlocking encrypted volumes through PKCS#11 compatible "
+"security tokens or smartcards\\&. See below for an example how to set up "
+"this mechanism for unlocking a LUKS2 volume with a YubiKey security token\\&."
+msgstr ""
+"Akzeptiert entweder den besonderen Wert »auto« oder eine \\m[blue]B<RFC7512 "
+"PKCS#11 URI>\\m[]\\&\\s-2\\u[2]\\d\\s+2, die auf einen privaten Schlüssel "
+"zeigt, der zum Enschlüsseln des in der dritten Spalte der Zeile festgelegten "
+"verschlüsselten Schlüssels verwandt wird\\&. Dies ist nützlich, um "
+"verschlüsselte Datenträger mittels PKCS#11-kompatible Sicherheits-Token oder "
+"Smartcards zu entsperren\\&. Weiter unten finden Sie ein Beispiel, wie Sie "
+"diesen Mechanismus zum Entsperren eines LUKS2-Datenträgers mit einem YubiKey-"
+"Sicherheits-Token verwenden können\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"If specified as \"auto\" the volume must be of type LUKS2 and must carry "
+"PKCS#11 security token metadata in its LUKS2 JSON token section\\&. In this "
+"mode the URI and the encrypted key are automatically read from the LUKS2 "
+"JSON token header\\&. Use B<systemd-cryptenroll>(1)  as a simple tool for "
+"enrolling PKCS#11 security tokens or smartcards in a way compatible with "
+"\"auto\"\\&. In this mode the third column of the line should remain empty "
+"(that is, specified as \"-\")\\&."
+msgstr ""
+"Falls dies als »auto« festgelegt wurde, dann muss der Datenträger vom Typ "
+"LUKS2 sein und die PKCS#11-Sicherheits-Token-Metadaten in seinem LUKS2-JSON-"
+"Token-Abschnitt tragen\\&. In diesem Modus werden die URI und der "
+"verschlüsselte Schlüssel automatisch aus dem LUKS2-JSON-Token-Datenkopf "
+"gelesen\\&. Verwenden Sie B<systemd-cryptenroll>(1) als ein einfaches "
+"Werkzeug zum Registrieren von PKCS#11-Sicherheits-Token oder -Smartcards, "
+"auf eine Art, die mit »auto« kompatibel ist\\&. In diesem Modus sollte die "
+"dritte Spalte der Zeile leer bleiben (das bedeutet, als »-« festgelegt "
+"sein)\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+#, fuzzy
+#| msgid ""
+#| "The specified URI can refer directly to a private RSA key stored on a "
+#| "token or alternatively just to a slot or token, in which case a search "
+#| "for a suitable private RSA key will be performed\\&. In this case if "
+#| "multiple suitable objects are found the token is refused\\&. The "
+#| "encrypted key configured in the third column of the line is passed as is "
+#| "(i\\&.e\\&. in binary form, unprocessed) to RSA decryption\\&. The "
+#| "resulting decrypted key is then Base64 encoded before it is used to "
+#| "unlock the LUKS volume\\&."
+msgid ""
+"The specified URI can refer directly to a private key stored on a token or "
+"alternatively just to a slot or token, in which case a search for a suitable "
+"private key will be performed\\&. In this case if multiple suitable objects "
+"are found the token is refused\\&. The keyfile configured in the third "
+"column of the line is used as is (i\\&.e\\&. in binary form, "
+"unprocessed)\\&. The resulting decrypted key (for RSA) or derived shared "
+"secret (for ECC) is then Base64 encoded before it is used to unlock the LUKS "
+"volume\\&."
+msgstr ""
+"Die festgelegte URI kann sich entweder direkt auf einen privaten, auf dem "
+"Token gespeicherten RSA-Schlüssel oder alternativ nur auf ein Position oder "
+"einen Token beziehen\\&. In letzterem Fall wird eine Suche nach einem "
+"geeigneten privaten RSA-Schlüssel durchgeführt\\&. Werden in diesem Fall "
+"mehrere geeignete Objekte gefunden, wird der Token abgelehnt\\&. Der in der "
+"dritten Spalte der Zeile konfigurierte verschlüsselte Schlüssel wird "
+"unverändert (d\\&.h\\&. in binärer Form, unverarbeitet) an die RSA-"
+"Entschlüsselung weitergegeben\\&. Der daraus entstehende entschlüsselte "
+"Schlüssel wird dann Base64-kodiert, bevor er zum Entsperren des LUKS-"
+"Datenträgers verwandt wird\\&."
+
+#. type: Plain text
+#: fedora-rawhide
+msgid ""
+"The PKCS#11 logic allows hooking up any compatible security token that is "
+"capable of storing RSA or EC cryptographic keys for unlocking an encrypted "
+"volume\\&. Here\\*(Aqs an example how to set up a Yubikey security token for "
+"this purpose on a LUKS2 volume, using B<ykmap>(1)  from the yubikey-manager "
+"project to initialize the token and B<systemd-cryptenroll>(1)  to add it in "
+"the LUKS2 volume:"
+msgstr ""
+"Die PKCS#11-Logik erlaubt das Einbinden jedes kompatiblen Sicherheits-"
+"Tokens, der in der Lage ist, RSA oder EC-Entschlüsselungsschlüssel für das "
+"Entsperren verschlüsselter Datenträger zu speichern\\&. Als Beispiel hier "
+"die Einrichtung eines Yubikey-Sicherheits-Tokens für ein LUKS2-Datenträger "
+"zu diesem Zweck mittels B<ykmap>(1) aus dem Yubikey-manager-Projekt, um den "
+"Token zu initialisieren und B<systemd-cryptenroll>(1), um ihn zu dem LUKS2-"
+"Datenträger hinzuzufügen:"