1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-18 06:03:42 +03:00

Merge pull request #26424 from ldv-alt/fix-typos

Fix a few typos in NEWS, docs and comments
This commit is contained in:
Yu Watanabe 2023-02-16 00:10:18 +09:00 committed by GitHub
commit fff1edc9f9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
20 changed files with 29 additions and 29 deletions

8
NEWS
View File

@ -167,7 +167,7 @@ CHANGES WITH 253 in spe:
yet. (This feature has no security implications, because the code is yet. (This feature has no security implications, because the code is
still privileged and can trivially exit the sandbox.) still privileged and can trivially exit the sandbox.)
* The system manager manager will now parse a new "vmm.notify_socket" * The system manager will now parse a new "vmm.notify_socket"
system credential, which may be supplied to a VM via SMBIOS. If system credential, which may be supplied to a VM via SMBIOS. If
found, the manager will send a "READY=1" notification on the found, the manager will send a "READY=1" notification on the
specified socket after boot is complete. This allows readiness specified socket after boot is complete. This allows readiness
@ -180,7 +180,7 @@ CHANGES WITH 253 in spe:
with something custom, so this change has limited effect.) with something custom, so this change has limited effect.)
* A new environment variable $SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST * A new environment variable $SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST
can can be used to override the mount units burst late limit for can be used to override the mount units burst late limit for
parsing '/proc/self/mountinfo', which was introduced in v249. parsing '/proc/self/mountinfo', which was introduced in v249.
Defaults to 5. Defaults to 5.
@ -1769,7 +1769,7 @@ CHANGES WITH 251:
* A new build-time configuration setting default-user-shell= can be * A new build-time configuration setting default-user-shell= can be
used to set the default shell for user records and nspawn shell used to set the default shell for user records and nspawn shell
invocations (instead of of the default /bin/bash). invocations (instead of the default /bin/bash).
* systemd-timesyncd now provides a D-Bus API for receiving NTP server * systemd-timesyncd now provides a D-Bus API for receiving NTP server
information dynamically at runtime via IPC. information dynamically at runtime via IPC.
@ -2457,7 +2457,7 @@ CHANGES WITH 250:
now also owned by the system group "sgx". now also owned by the system group "sgx".
* A new build-time meson option "extra-net-naming-schemes=" has been * A new build-time meson option "extra-net-naming-schemes=" has been
added to define additional naming schemes schemes for udev's network added to define additional naming schemes for udev's network
interface naming logic. This is useful for enterprise distributions interface naming logic. This is useful for enterprise distributions
and similar which want to pin the schemes of certain distribution and similar which want to pin the schemes of certain distribution
releases under a specific name and previously had to patch the releases under a specific name and previously had to patch the

12
TODO
View File

@ -209,7 +209,7 @@ Features:
* in journald: whenever we start a new journal file because the boot ID * in journald: whenever we start a new journal file because the boot ID
changed, let's generate a recognizable log record containing info about old changed, let's generate a recognizable log record containing info about old
and new new ID. Then, when displaying log stream in journalctl look for these and new ID. Then, when displaying log stream in journalctl look for these
records, to be able to order them. records, to be able to order them.
* timesyncd: when saving/restoring clock try to take boot time into account. * timesyncd: when saving/restoring clock try to take boot time into account.
@ -744,11 +744,11 @@ Features:
protections of the root OS are weakened after interactive confirmation, to protections of the root OS are weakened after interactive confirmation, to
allow hackers to allow their own stuff. idea: allow entering developer mode allow hackers to allow their own stuff. idea: allow entering developer mode
only via explicit choice in boot menu: i.e. add explicit boot menu item for only via explicit choice in boot menu: i.e. add explicit boot menu item for
it. when developer mode is entered generate a key pair in the TPM2, and add it. When developer mode is entered, generate a key pair in the TPM2, and add
the public part of it automatically to keychain of valid code signature keys the public part of it automatically to keychain of valid code signature keys
on subsequent boots. Then provide a tool to sign code with the key in the on subsequent boots. Then provide a tool to sign code with the key in the
TPM2. Ensure that boot menu item is only way to enter developer mode, by TPM2. Ensure that boot menu item is the only way to enter developer mode, by
binding it to locality/PCRs so that that keys cannot be generated otherwise. binding it to locality/PCRs so that keys cannot be generated otherwise.
* services: add support for cryptographically unlocking per-service directories * services: add support for cryptographically unlocking per-service directories
via TPM2. Specifically, for StateDirectory= (and related dirs) use fscrypt to via TPM2. Specifically, for StateDirectory= (and related dirs) use fscrypt to
@ -996,7 +996,7 @@ Features:
mounted from host. maybe put this in systemd-user-sessions.service? mounted from host. maybe put this in systemd-user-sessions.service?
* drop dependency on libcap, replace by direct syscalls based on * drop dependency on libcap, replace by direct syscalls based on
CapabilityQuintet we already have. (This likely allows us drop drop libcap CapabilityQuintet we already have. (This likely allows us to drop libcap
dep in the base OS image) dep in the base OS image)
* sysext: automatically activate sysext images dropped in via new sd-stub * sysext: automatically activate sysext images dropped in via new sd-stub
@ -1144,7 +1144,7 @@ Features:
* credentials system: * credentials system:
- acquire from EFI variable? - acquire from EFI variable?
- acquire via via ask-password? - acquire via ask-password?
- acquire creds via keyring? - acquire creds via keyring?
- pass creds via keyring? - pass creds via keyring?
- pass creds via memfd? - pass creds via memfd?

View File

@ -34,7 +34,7 @@ purpose. Specifically, the following features are provided:
environment variables the credential data is not propagated down the process environment variables the credential data is not propagated down the process
tree. Instead each time a credential is accessed an access check is enforced tree. Instead each time a credential is accessed an access check is enforced
by the kernel. If the service is using file system namespacing the loaded by the kernel. If the service is using file system namespacing the loaded
credential data is invisible to any other services. credential data is invisible to all other services.
4. Service credentials may be acquired from files on disk, specified as literal 4. Service credentials may be acquired from files on disk, specified as literal
strings in unit files, acquired from another service dynamically via an strings in unit files, acquired from another service dynamically via an

View File

@ -28,7 +28,7 @@ avoiding an unnecessary synchronization point.
## Network management services: `network.target` ## Network management services: `network.target`
`network.target` indicates that the network management stack has been started. `network.target` indicates that the network management stack has been started.
Ordering after it it has little meaning during start-up: whether any network Ordering after it has little meaning during start-up: whether any network
interfaces are already configured when it is reached is not defined. interfaces are already configured when it is reached is not defined.
Its primary purpose is for ordering things properly at shutdown: since the Its primary purpose is for ordering things properly at shutdown: since the

View File

@ -212,7 +212,7 @@ object. The following fields are currently defined:
`userName` → The UNIX user name for this record. Takes a string with a valid `userName` → The UNIX user name for this record. Takes a string with a valid
UNIX user name. This field is the only mandatory field, all others are UNIX user name. This field is the only mandatory field, all others are
optional. Corresponds with the `pw_name` field of of `struct passwd` and the optional. Corresponds with the `pw_name` field of `struct passwd` and the
`sp_namp` field of `struct spwd` (i.e. the shadow user record stored in `sp_namp` field of `struct spwd` (i.e. the shadow user record stored in
`/etc/shadow`). See [User/Group Name Syntax](USER_NAMES.md) for `/etc/shadow`). See [User/Group Name Syntax](USER_NAMES.md) for
the (relaxed) rules the various systemd components enforce on user/group names. the (relaxed) rules the various systemd components enforce on user/group names.

View File

@ -77,7 +77,7 @@
from the kernel entropy pool.</para></listitem> from the kernel entropy pool.</para></listitem>
<listitem><para>In userspace the <filename>systemd-boot-random-seed.service</filename> service updates <listitem><para>In userspace the <filename>systemd-boot-random-seed.service</filename> service updates
the boot loader random seed with a new value derived from the kernel kernel entropy pool.</para></listitem> the boot loader random seed with a new value derived from the kernel entropy pool.</para></listitem>
</orderedlist> </orderedlist>
<para>This logic should ensure that the kernel's entropy pool is seeded during earliest bool already, if <para>This logic should ensure that the kernel's entropy pool is seeded during earliest bool already, if

View File

@ -418,7 +418,7 @@ typedef struct {
assert_cc(sizeof(dummy_t) == 0); assert_cc(sizeof(dummy_t) == 0);
/* A little helper for subtracting 1 off a pointer in a safe UB-free way. This is intended to be used for for /* A little helper for subtracting 1 off a pointer in a safe UB-free way. This is intended to be used for
* loops that count down from a high pointer until some base. A naive loop would implement this like this: * loops that count down from a high pointer until some base. A naive loop would implement this like this:
* *
* for (p = end-1; p >= base; p--) * for (p = end-1; p >= base; p--)

View File

@ -329,7 +329,7 @@ int unit_file_resolve_symlink(
assert(path_is_absolute(simplified)); assert(path_is_absolute(simplified));
/* Check if the symlink remain inside of of our search path. /* Check if the symlink remain inside of our search path.
* If yes, it is an alias. Verify that it is valid. * If yes, it is an alias. Verify that it is valid.
* *
* If no, then this is a linked unit file or mask, and we don't care about the target name * If no, then this is a linked unit file or mask, and we don't care about the target name

View File

@ -892,7 +892,7 @@ static int device_setup_units(Manager *m, sd_device *dev, Set **ready_units, Set
/* First, process the main (that is, points to the syspath) and (real, not symlink) devnode units. */ /* First, process the main (that is, points to the syspath) and (real, not symlink) devnode units. */
if (device_for_action(dev, SD_DEVICE_REMOVE)) if (device_for_action(dev, SD_DEVICE_REMOVE))
/* If the device is removed, the main and devnode units units will be removed by /* If the device is removed, the main and devnode units will be removed by
* device_update_found_by_sysfs() in device_dispatch_io(). Hence, it is not necessary to * device_update_found_by_sysfs() in device_dispatch_io(). Hence, it is not necessary to
* store them to not_ready_units, and we have nothing to do here. * store them to not_ready_units, and we have nothing to do here.
* *

View File

@ -2994,7 +2994,7 @@ static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32
* on services that want to own the console exclusively without our interference. */ * on services that want to own the console exclusively without our interference. */
m->no_console_output = m->n_on_console > 0; m->no_console_output = m->n_on_console > 0;
/* Acknowledge the child's request, and let all all other children know too that they shouldn't wait /* Acknowledge the child's request, and let all other children know too that they shouldn't wait
* any longer by closing the pipes towards them, which is what they are waiting for. */ * any longer by closing the pipes towards them, which is what they are waiting for. */
manager_close_idle_pipe(m); manager_close_idle_pipe(m);

View File

@ -2242,7 +2242,7 @@ static int home_get_disk_status_luks(
* that case the image is pre-allocated and thus appears all used from the host PoV but is not used * that case the image is pre-allocated and thus appears all used from the host PoV but is not used
* up at all yet from the user's PoV. * up at all yet from the user's PoV.
* *
* That said, we use use the stat() reported loopback file size as upper boundary: our footprint can * That said, we use the stat() reported loopback file size as upper boundary: our footprint can
* never be larger than what we take up on the lowest layers. */ * never be larger than what we take up on the lowest layers. */
if (disk_size != UINT64_MAX && disk_size > disk_free) { if (disk_size != UINT64_MAX && disk_size > disk_free) {

View File

@ -1807,7 +1807,7 @@ static int oci_seccomp_args(const char *name, JsonVariant *v, JsonDispatchFlags
expected = p->op == SCMP_CMP_MASKED_EQ ? 4 : 3; expected = p->op == SCMP_CMP_MASKED_EQ ? 4 : 3;
if (r != expected) if (r != expected)
json_log(e, flags|JSON_WARNING, 0, "Wrong number of system call arguments for JSON data data, ignoring."); json_log(e, flags|JSON_WARNING, 0, "Wrong number of system call arguments for JSON data, ignoring.");
/* Note that we are a bit sloppy here and do not insist that SCMP_CMP_MASKED_EQ gets two datum values, /* Note that we are a bit sloppy here and do not insist that SCMP_CMP_MASKED_EQ gets two datum values,
* and the other only one. That's because buildah for example by default calls things with * and the other only one. That's because buildah for example by default calls things with

View File

@ -2516,7 +2516,7 @@ static int setup_kmsg(int fd_inner_socket) {
BLOCK_WITH_UMASK(0000); BLOCK_WITH_UMASK(0000);
/* We create the kmsg FIFO as as temporary file in /run, but immediately delete it after bind mounting it to /* We create the kmsg FIFO as a temporary file in /run, but immediately delete it after bind mounting it to
* /proc/kmsg. While FIFOs on the reading side behave very similar to /proc/kmsg, their writing side behaves * /proc/kmsg. While FIFOs on the reading side behave very similar to /proc/kmsg, their writing side behaves
* differently from /dev/kmsg in that writing blocks when nothing is reading. In order to avoid any problems * differently from /dev/kmsg in that writing blocks when nothing is reading. In order to avoid any problems
* with containers deadlocking due to this we simply make /dev/kmsg unavailable to the container. */ * with containers deadlocking due to this we simply make /dev/kmsg unavailable to the container. */

View File

@ -351,7 +351,7 @@ static int run(int argc, char *argv[]) {
return r; return r;
/* Handle each pstore file */ /* Handle each pstore file */
/* Sort files lexigraphically ascending, generally needed by all */ /* Sort files lexicographically ascending, generally needed by all */
typesafe_qsort(list.entries, list.n_entries, compare_pstore_entries); typesafe_qsort(list.entries, list.n_entries, compare_pstore_entries);
/* Process known file types */ /* Process known file types */

View File

@ -348,7 +348,7 @@ static int dnssec_ecdsa_verify_raw(
if (!s) if (!s)
return -EIO; return -EIO;
/* TODO: We should eventually use use the EVP API once it supports ECDSA signature verification */ /* TODO: We should eventually use the EVP API once it supports ECDSA signature verification */
sig = ECDSA_SIG_new(); sig = ECDSA_SIG_new();
if (!sig) if (!sig)

View File

@ -2868,7 +2868,7 @@ static int normalize_linked_files(
char ***ret_files) { char ***ret_files) {
/* This is similar to normalize_filenames()/normalize_names() in src/systemctl/, /* This is similar to normalize_filenames()/normalize_names() in src/systemctl/,
* but operates on real unit names. For each argument we we look up the actual path * but operates on real unit names. For each argument we look up the actual path
* where the unit is found. This way linked units can be re-enabled successfully. */ * where the unit is found. This way linked units can be re-enabled successfully. */
_cleanup_strv_free_ char **files = NULL, **names = NULL; _cleanup_strv_free_ char **files = NULL, **names = NULL;

View File

@ -488,7 +488,7 @@ static int fido2_use_hmac_hash_specific_token(
* it gracefully (also see below.) */ * it gracefully (also see below.) */
if (has_up && (required & (FIDO2ENROLL_UP|FIDO2ENROLL_UP_IF_NEEDED)) == FIDO2ENROLL_UP_IF_NEEDED) { if (has_up && (required & (FIDO2ENROLL_UP|FIDO2ENROLL_UP_IF_NEEDED)) == FIDO2ENROLL_UP_IF_NEEDED) {
log_notice("%s%sGot unsupported option error when when user presence test is turned off. Trying with user presence test turned on.", log_notice("%s%sGot unsupported option error when user presence test is turned off. Trying with user presence test turned on.",
emoji_enabled() ? special_glyph(SPECIAL_GLYPH_TOUCH) : "", emoji_enabled() ? special_glyph(SPECIAL_GLYPH_TOUCH) : "",
emoji_enabled() ? " " : ""); emoji_enabled() ? " " : "");
retry_with_up = true; retry_with_up = true;
@ -957,7 +957,7 @@ int fido2_generate_hmac_hash(
* slightly more defensively. */ * slightly more defensively. */
if (has_up && !FLAGS_SET(lock_with, FIDO2ENROLL_UP)) { if (has_up && !FLAGS_SET(lock_with, FIDO2ENROLL_UP)) {
log_notice("%s%sGot unsupported option error when when user presence test is turned off. Trying with user presence test turned on.", log_notice("%s%sGot unsupported option error when user presence test is turned off. Trying with user presence test turned on.",
emoji_enabled() ? special_glyph(SPECIAL_GLYPH_TOUCH) : "", emoji_enabled() ? special_glyph(SPECIAL_GLYPH_TOUCH) : "",
emoji_enabled() ? " " : ""); emoji_enabled() ? " " : "");
retry_with_up = true; retry_with_up = true;

View File

@ -38,7 +38,7 @@ static void test_xescape_full_one(bool eight_bits) {
if (i >= full_fit) if (i >= full_fit)
assert_se(streq(t, escaped)); assert_se(streq(t, escaped));
else if (i >= 3) { else if (i >= 3) {
/* We need up to four columns, so up to three three columns may be wasted */ /* We need up to four columns, so up to three columns may be wasted */
assert_se(strlen(t) == i || strlen(t) == i - 1 || strlen(t) == i - 2 || strlen(t) == i - 3); assert_se(strlen(t) == i || strlen(t) == i - 1 || strlen(t) == i - 2 || strlen(t) == i - 3);
assert_se(strneq(t, escaped, i - 3) || strneq(t, escaped, i - 4) || assert_se(strneq(t, escaped, i - 3) || strneq(t, escaped, i - 4) ||
strneq(t, escaped, i - 5) || strneq(t, escaped, i - 6)); strneq(t, escaped, i - 5) || strneq(t, escaped, i - 6));

View File

@ -518,7 +518,7 @@ def make_uki(opts):
uki = UKI(opts.stub) uki = UKI(opts.stub)
initrd = join_initrds(opts.initrd) initrd = join_initrds(opts.initrd)
# TODO: derive public key from from opts.pcr_private_keys? # TODO: derive public key from opts.pcr_private_keys?
pcrpkey = opts.pcrpkey pcrpkey = opts.pcrpkey
if pcrpkey is None: if pcrpkey is None:
if opts.pcr_public_keys and len(opts.pcr_public_keys) == 1: if opts.pcr_public_keys and len(opts.pcr_public_keys) == 1:

View File

@ -9,7 +9,7 @@ MaxAgeSec=9
AgeingTimeSec=9 AgeingTimeSec=9
ForwardDelaySec=9 ForwardDelaySec=9
Priority=9 Priority=9
#GroupForwardMask=9 # This interferes other other settings #GroupForwardMask=9 # This interferes with other settings
DefaultPVID=9 DefaultPVID=9
MulticastQuerier=yes MulticastQuerier=yes
MulticastSnooping=yes MulticastSnooping=yes