mirror of
https://github.com/systemd/systemd.git
synced 2025-01-10 05:18:17 +03:00
codespell: fix spelling errors
This commit is contained in:
parent
51aba17b88
commit
5238e95759
12
NEWS
12
NEWS
@ -753,7 +753,7 @@ CHANGES WITH 240:
|
||||
* Journal messages that are generated whenever a unit enters the failed
|
||||
state are now tagged with a unique MESSAGE_ID. Similarly, messages
|
||||
generated whenever a service process exits are now made recognizable,
|
||||
too. A taged message is also emitted whenever a unit enters the
|
||||
too. A tagged message is also emitted whenever a unit enters the
|
||||
"dead" state on success.
|
||||
|
||||
* systemd-run gained a new switch --working-directory= for configuring
|
||||
@ -995,7 +995,7 @@ CHANGES WITH 239:
|
||||
not created by systemd-sysusers anymore.
|
||||
|
||||
NOTE: This has a chance of breaking nss-ldap and similar NSS modules
|
||||
that embedd a network facing module into any process using getpwuid()
|
||||
that embed a network facing module into any process using getpwuid()
|
||||
or related call: the dynamic allocation of the user ID for
|
||||
systemd-resolved.service means the service manager has to check NSS
|
||||
if the user name is already taken when forking off the service. Since
|
||||
@ -1264,7 +1264,7 @@ CHANGES WITH 239:
|
||||
PrivateDevices=, ProtectSystem=, …) are used. This option is hence
|
||||
primarily useful for services that do not use any of the other file
|
||||
system namespacing options. One such service is systemd-udevd.service
|
||||
wher this is now used by default.
|
||||
where this is now used by default.
|
||||
|
||||
* ConditionSecurity= gained a new value "uefi-secureboot" that is true
|
||||
when the system is booted in UEFI "secure mode".
|
||||
@ -2247,7 +2247,7 @@ CHANGES WITH 234:
|
||||
/etc/machine-id. If the machine ID could not be determined,
|
||||
$KERNEL_INSTALL_MACHINE_ID will be empty. Plugins should not put
|
||||
anything in the entry directory (passed as the second argument) if
|
||||
$KERNEL_INSTALL_MACHINE_ID is empty. For backwards compatiblity, a
|
||||
$KERNEL_INSTALL_MACHINE_ID is empty. For backwards compatibility, a
|
||||
temporary directory is passed as the entry directory and removed
|
||||
after all the plugins exit.
|
||||
|
||||
@ -5975,7 +5975,7 @@ CHANGES WITH 214:
|
||||
* We temporarily dropped the "-l" switch for fsck invocations,
|
||||
since they collide with the flock() logic above. util-linux
|
||||
upstream has been changed already to avoid this conflict,
|
||||
and we will readd "-l" as soon as util-linux with this
|
||||
and we will re-add "-l" as soon as util-linux with this
|
||||
change has been released.
|
||||
|
||||
* The dependency on libattr has been removed. Since a long
|
||||
@ -6261,7 +6261,7 @@ CHANGES WITH 213:
|
||||
where the local administrator's configuration in /etc always
|
||||
overrides any other settings.
|
||||
|
||||
Contributions fron: Ali H. Caliskan, Alison Chaiken, Bas van
|
||||
Contributions from: Ali H. Caliskan, Alison Chaiken, Bas van
|
||||
den Berg, Brandon Philips, Cristian Rodríguez, Daniel Buch,
|
||||
Dan Kilman, Dave Reisner, David Härdeman, David Herrmann,
|
||||
David Strauss, Dimitris Spingos, Djalal Harouni, Eelco
|
||||
|
2
README
2
README
@ -182,7 +182,7 @@ REQUIREMENTS:
|
||||
To build in directory build/:
|
||||
meson build/ && ninja -C build
|
||||
|
||||
Any configuration options can be specfied as -Darg=value... arguments
|
||||
Any configuration options can be specified as -Darg=value... arguments
|
||||
to meson. After the build directory is initially configured, meson will
|
||||
refuse to run again, and options must be changed with:
|
||||
mesonconf -Darg=value...
|
||||
|
10
TODO
10
TODO
@ -163,7 +163,7 @@ Features:
|
||||
selected user is resolvable in the service even if it ships its own /etc/passwd)
|
||||
|
||||
* Fix DECIMAL_STR_MAX or DECIMAL_STR_WIDTH. One includes a trailing NUL, the
|
||||
other doesn't. What a desaster. Probably to exclude it. Also
|
||||
other doesn't. What a disaster. Probably to exclude it. Also
|
||||
DECIMAL_STR_WIDTH should probably add an extra "-" into account for negative
|
||||
numbers.
|
||||
|
||||
@ -192,7 +192,7 @@ Features:
|
||||
specific paths only like this.
|
||||
|
||||
* add CopyFile= or so as unit file setting that may be used to copy files or
|
||||
directory trees from the host to te services RootImage= and RootDirectory=
|
||||
directory trees from the host to the services RootImage= and RootDirectory=
|
||||
environment. Which we can use for /etc/machine-id and in particular
|
||||
/etc/resolv.conf. Should be smart and do something useful on read-only
|
||||
images, for example fallback to read-only bind mounting the file instead.
|
||||
@ -452,7 +452,7 @@ Features:
|
||||
* PID 1 should send out sd_notify("WATCHDOG=1") messages (for usage in the --user mode, and when run via nspawn)
|
||||
|
||||
* there's probably something wrong with having user mounts below /sys,
|
||||
as we have for debugfs. for exmaple, src/core/mount.c handles mounts
|
||||
as we have for debugfs. for example, src/core/mount.c handles mounts
|
||||
prefixed with /sys generally special.
|
||||
http://lists.freedesktop.org/archives/systemd-devel/2015-June/032962.html
|
||||
|
||||
@ -514,7 +514,7 @@ Features:
|
||||
|
||||
* systemctl: if some operation fails, show log output?
|
||||
|
||||
* systemctl edit: use equvalent of cat() to insert existing config as a comment, prepended with #.
|
||||
* systemctl edit: use equivalent of cat() to insert existing config as a comment, prepended with #.
|
||||
Upon editor exit, lines with one # are removed, lines with two # are left with one #, etc.
|
||||
|
||||
* exponential backoff in timesyncd when we cannot reach a server
|
||||
@ -726,7 +726,7 @@ Features:
|
||||
- sd-journal: speed up sd_journal_get_data() with transparent hash table in bg
|
||||
- journald: when dropping msgs due to ratelimit make sure to write
|
||||
"dropped %u messages" not only when we are about to print the next
|
||||
message that works, but alraedy after a short tiemout
|
||||
message that works, but already after a short timeout
|
||||
- check if we can make journalctl by default use --follow mode inside of less if called without args?
|
||||
- maybe add API to send pairs of iovecs via sd_journal_send
|
||||
- journal: add a setgid "systemd-journal" utility to invoke from libsystemd-journal, which passes fds via STDOUT and does PK access
|
||||
|
@ -384,7 +384,7 @@ The following "tags" are possible:
|
||||
- "split-usr" — /usr is a separate file system and was not mounted when systemd
|
||||
was booted
|
||||
- "cgroups-missing" — the kernel was compiled without cgroup support or access
|
||||
to expected interface files is resticted
|
||||
to expected interface files is restricted
|
||||
- "var-run-bad" — /var/run is not a symlink to /run
|
||||
- "overflowuid-not-65534" — the kernel user ID used for "unknown" users (with
|
||||
NFS or user namespaces) is not 65534
|
||||
|
@ -154,7 +154,7 @@ strategies to avoid these issues:
|
||||
in these directories when they are no longer needed, in particular when the
|
||||
program dies unexpectedly. Note: this strategy is only really suitable for
|
||||
packages that operate in a "system wide singleton" fashion with "long"
|
||||
persistance of its data or state, i.e. as opposed to programs that run in
|
||||
persistence of its data or state, i.e. as opposed to programs that run in
|
||||
multiple parallel or short-living instances. This is because a private
|
||||
directory under `/run` (and the other mentioned directories) is itself
|
||||
system and package specific singleton with greater longevity.
|
||||
|
@ -60,7 +60,7 @@
|
||||
# Trackpoint const accel settings are specified as
|
||||
# POINTINGSTICK_CONST_ACCEL=<accel>
|
||||
#
|
||||
# Where <accel> is a floating point number, using a '.' seperator, specifying
|
||||
# Where <accel> is a floating point number, using a '.' separator, specifying
|
||||
# by how much to multiply deltas generated by the pointingstick to get
|
||||
# normalized deltas.
|
||||
#
|
||||
|
@ -255,7 +255,7 @@
|
||||
through external means. The <option>dns</option> command expects IPv4 or IPv6 address specifications of DNS
|
||||
servers to use. The <option>domain</option> command expects valid DNS domains, possibly prefixed with
|
||||
<literal>~</literal>, and configures a per-interface search or route-only domain. The
|
||||
<option>default-route</option> command expects a boolean paremeter, and configures whether the link may be
|
||||
<option>default-route</option> command expects a boolean parameter, and configures whether the link may be
|
||||
used as default route for DNS lookups, i.e. if it is suitable for lookups on domains no other link explicitly
|
||||
is configured for. The <option>llmnr</option>, <option>mdns</option>, <option>dnssec</option> and
|
||||
<option>dnsovertls</option> commands may be used to configure the per-interface LLMNR, MulticastDNS, DNSSEC
|
||||
|
@ -277,7 +277,7 @@
|
||||
</para>
|
||||
|
||||
<para>Equivalent to <constant>SD_BUS_SIGNAL_WITH_NAMES()</constant> with the
|
||||
<replaceable>names</replaceable> paramater unset (i.e. no parameter names).</para>
|
||||
<replaceable>names</replaceable> parameter unset (i.e. no parameter names).</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -44,7 +44,7 @@
|
||||
|
||||
<para><function>sd_bus_close()</function> disconnects the specified bus connection. When this call is invoked and
|
||||
the specified bus object refers to an active connection it is immediately terminated. No further messages may be
|
||||
sent or receieved on it. Any messages queued in the bus object (both incoming and outgoing) are released. If
|
||||
sent or received on it. Any messages queued in the bus object (both incoming and outgoing) are released. If
|
||||
invoked on <constant>NULL</constant> bus object or when the bus connection is already closed this function executes
|
||||
no operation. This call does not free or unreference the bus object itself. Use
|
||||
<citerefentry><refentrytitle>sd_bus_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry> for that.</para>
|
||||
|
@ -116,7 +116,7 @@
|
||||
project='man-pages'><refentrytitle>printf</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
format string <parameter>format</parameter> and corresponding arguments.
|
||||
<literal>%m</literal> may be used in the format string to refer to the error
|
||||
string corresponding to the specified errno code. The error message is initalized
|
||||
string corresponding to the specified errno code. The error message is initialized
|
||||
using the error identifier generated from <constant>error</constant> and the
|
||||
formatted string. (If <parameter>error</parameter> is zero, no error is actually
|
||||
set, and an error reply with no information is created.)</para>
|
||||
|
@ -19,7 +19,7 @@
|
||||
<refnamediv>
|
||||
<refname>sd_bus_message_rewind</refname>
|
||||
|
||||
<refpurpose>Return to begining of message or current container</refpurpose>
|
||||
<refpurpose>Return to beginning of message or current container</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
@ -38,7 +38,7 @@
|
||||
<title>Description</title>
|
||||
|
||||
<para><function>sd_bus_message_rewind()</function> moves the "read pointer" in the message
|
||||
<parameter>m</parameter> to either the begining of the message (if
|
||||
<parameter>m</parameter> to either the beginning of the message (if
|
||||
<parameter>complete</parameter> is true) or to the beginning of the currently open container. If
|
||||
no container is open, <parameter>complete</parameter> has no effect.</para>
|
||||
</refsect1>
|
||||
|
@ -70,7 +70,7 @@
|
||||
<listitem><para><parameter>m</parameter> or both <parameter>type</parameter> and
|
||||
<parameter>contents</parameter> are <constant>NULL</constant>.</para>
|
||||
|
||||
<para>Arguments do not satisfy other contraints listed above.</para>
|
||||
<para>Arguments do not satisfy other constraints listed above.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -337,7 +337,7 @@ $ eog targets.svg</programlisting>
|
||||
</example>
|
||||
|
||||
<para>Note that this verb prints the list that is compiled into <command>systemd-analyze</command>
|
||||
itself, and does not comunicate with the running manager. Use
|
||||
itself, and does not communicate with the running manager. Use
|
||||
<programlisting>systemctl [--user] [--global] show -p UnitPath --value</programlisting>
|
||||
to retrieve the actual list that the manager uses, with any empty directories omitted.</para>
|
||||
</refsect2>
|
||||
|
@ -357,7 +357,7 @@
|
||||
|
||||
<para><command>systemd-boot</command> implements a simple boot counting mechanism on top of the <ulink
|
||||
url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot Loader Specification</ulink>, for automatic and unattended
|
||||
fallback to older kernel versions/boot loader entries when a specific entry continously fails. Any boot loader
|
||||
fallback to older kernel versions/boot loader entries when a specific entry continuously fails. Any boot loader
|
||||
entry file and unified kernel image file that contains a <literal>+</literal> followed by one or two numbers (if
|
||||
two they need to be separated by a <literal>-</literal>), before the <filename>.conf</filename> or
|
||||
<filename>.efi</filename> suffix is subject to boot counting: the first of the two numbers ('tries left') is
|
||||
|
@ -234,7 +234,7 @@
|
||||
<term><varname>root=</varname></term>
|
||||
|
||||
<listitem><para>When used with the special value <literal>gpt-auto</literal>, automatic discovery of
|
||||
the root parition based on the GPT partition type is enabled. Any other value disables this
|
||||
the root partition based on the GPT partition type is enabled. Any other value disables this
|
||||
generator.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -55,7 +55,7 @@
|
||||
one is necessary to access some network resources. When used, all other interfaces are ignored.
|
||||
This option may be used more than once to wait for multiple network interfaces. When this
|
||||
option is specified multiple times, then <command>systemd-networkd-wait-online</command> waits
|
||||
for all specified interfaces to be online. Optinally, required minimum operational state can be
|
||||
for all specified interfaces to be online. Optionally, required minimum operational state can be
|
||||
specified after a colon <literal>:</literal>. Please see
|
||||
<citerefentry><refentrytitle>networkctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
for possible operational states. If the operational state is not specified here, then
|
||||
|
@ -163,7 +163,7 @@
|
||||
<listitem><para>Otherwise the query is failed as no suitable DNS servers could be determined.</para></listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>The "DNS default route" option is a boolean setting configureable with <command>resolvectl</command> or in
|
||||
<para>The "DNS default route" option is a boolean setting configurable with <command>resolvectl</command> or in
|
||||
<filename>.network</filename> files. If not set, it is implicitly determined based on the configured DNS domains
|
||||
for a link: if there's any route-only domain (not matching <literal>~.</literal>) it defaults to false, otherwise
|
||||
to true.</para>
|
||||
|
@ -33,7 +33,7 @@
|
||||
|
||||
<para><emphasis>Using this service is not recommended.</emphasis> There can be no guarantee that hardware
|
||||
is fully discovered at any specific time, because the kernel does hardware detection asynchronously, and
|
||||
certain busses and devices take a very long time to become ready, and also additional hardware may be
|
||||
certain buses and devices take a very long time to become ready, and also additional hardware may be
|
||||
plugged in at any time. Instead, services should subscribe to udev events and react to any new hardware as
|
||||
it is discovered. Services that, based on configuration, expect certain devices to appear, may warn or
|
||||
report failure after a timeout. This timeout should be tailored to the hardware type. Waiting for
|
||||
|
@ -1304,7 +1304,7 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
|
||||
running in user mode, or in system mode, but without the <constant>CAP_SYS_ADMIN</constant> capability
|
||||
(e.g. setting <varname>User=nobody</varname>), <varname>NoNewPrivileges=yes</varname> is implied. By default,
|
||||
no restrictions apply, all address families are accessible to processes. If assigned the empty string, any
|
||||
previous address familiy restriction changes are undone. This setting does not affect commands prefixed with
|
||||
previous address family restriction changes are undone. This setting does not affect commands prefixed with
|
||||
<literal>+</literal>.</para>
|
||||
|
||||
<para>Use this option to limit exposure of processes to remote access, in particular via exotic and sensitive
|
||||
@ -1928,7 +1928,7 @@ SystemCallErrorNumber=EPERM</programlisting>
|
||||
<para>Note that services which specify <option>DefaultDependencies=no</option> and use
|
||||
<varname>StandardInput=</varname> or <varname>StandardOutput=</varname> with
|
||||
<option>tty</option>/<option>tty-force</option>/<option>tty-fail</option>, should specify
|
||||
<option>After=systemd-vconsole-setup.service</option>, to make sure that the tty intialization is
|
||||
<option>After=systemd-vconsole-setup.service</option>, to make sure that the tty initialization is
|
||||
finished before they start.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -312,7 +312,7 @@
|
||||
<listitem><para>The file system will be initialized
|
||||
on the device. If the device is not "empty", i.e. it contains any signature,
|
||||
the operation will be skipped. It is hence expected that this option
|
||||
remains set even after the device has been initalized.</para>
|
||||
remains set even after the device has been initialized.</para>
|
||||
|
||||
<para>Note that this option can only be used in
|
||||
<filename>/etc/fstab</filename>, and will be ignored when part of the
|
||||
|
@ -829,13 +829,13 @@
|
||||
<varlistentry>
|
||||
<term><varname>Name=</varname></term>
|
||||
<listitem>
|
||||
<para>Specifies the name of the sesssion. This option is compulsory.</para>
|
||||
<para>Specifies the name of the session. This option is compulsory.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><varname>SessionId=</varname></term>
|
||||
<listitem>
|
||||
<para>Specifies the sesssion id. The value used must match the <literal>SessionId=</literal> value being used at the peer.
|
||||
<para>Specifies the session id. The value used must match the <literal>SessionId=</literal> value being used at the peer.
|
||||
Ranges a number between 1 and 4294967295). This option is compulsory.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
@ -637,7 +637,7 @@
|
||||
<para>Note that if this option is enabled a userspace implementation of the IPv6 RA protocol is
|
||||
used, and the kernel's own implementation remains disabled, since `networkd` needs to know all
|
||||
details supplied in the advertisements, and these are not available from the kernel if the kernel's
|
||||
own implemenation is used.</para>
|
||||
own implementation is used.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
@ -1077,7 +1077,7 @@
|
||||
<varlistentry>
|
||||
<term><varname>InvertRule=</varname></term>
|
||||
<listitem>
|
||||
<para>A boolean. Specifies wheather the rule to be inverted. Defaults to false.</para>
|
||||
<para>A boolean. Specifies whether the rule to be inverted. Defaults to false.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
@ -1197,7 +1197,7 @@
|
||||
<varlistentry>
|
||||
<term><varname>InitialAdvertisedReceiveWindow=</varname></term>
|
||||
<listitem>
|
||||
<para>The TCP initial advertised receive window is the amount of receive data (in bytes) that can initally be buffered at one time
|
||||
<para>The TCP initial advertised receive window is the amount of receive data (in bytes) that can initially be buffered at one time
|
||||
on a connection. The sending host can send only that amount of data before waiting for an acknowledgment and window update
|
||||
from the receiving host. Takes a size in bytes between 1 and 4294967295 (2^32 - 1). The usual suffixes K, M, G are supported
|
||||
and are understood to the base of 1024. When unset, the kernel's default will be used.
|
||||
|
@ -429,7 +429,7 @@
|
||||
<term><varname>Inaccessible=</varname></term>
|
||||
|
||||
<listitem><para>Masks the specified file or directly in the container, by over-mounting it with an empty file
|
||||
node of the same type with the most restrictive access mode. Takes a file system path as arugment. This option
|
||||
node of the same type with the most restrictive access mode. Takes a file system path as argument. This option
|
||||
may be used multiple times to mask multiple files or directories. This option is equivalent to the command line
|
||||
switch <option>--inaccessible=</option>, see
|
||||
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry> for details
|
||||
|
@ -148,7 +148,7 @@
|
||||
|
||||
<listitem><para>The swap structure will be initialized on the device. If the device is not
|
||||
"empty", i.e. it contains any signature, the operation will be skipped. It is hence expected
|
||||
that this option remains set even after the device has been initalized.</para>
|
||||
that this option remains set even after the device has been initialized.</para>
|
||||
|
||||
<para>Note that this option can only be used in <filename>/etc/fstab</filename>, and will be
|
||||
ignored when part of the <varname>Options=</varname> setting in a unit file.</para>
|
||||
|
@ -314,7 +314,7 @@
|
||||
<term><varname>RemainAfterElapse=</varname></term>
|
||||
|
||||
<listitem><para>Takes a boolean argument. If true, an elapsed
|
||||
timer will stay loaded, and its state remains queriable. If
|
||||
timer will stay loaded, and its state remains queryable. If
|
||||
false, an elapsed timer unit that cannot elapse anymore is
|
||||
unloaded. Turning this off is particularly useful for
|
||||
transient timer units that shall disappear after they first
|
||||
|
@ -512,7 +512,7 @@
|
||||
<replaceable>description</replaceable>.</literal>, <literal>Reached target
|
||||
<replaceable>description</replaceable>.</literal>, <literal>Failed to start
|
||||
<replaceable>description</replaceable>.</literal>), so it should be capitalized, and should
|
||||
not be a full sentence or a phrase with a continous verb. Bad examples include
|
||||
not be a full sentence or a phrase with a continuous verb. Bad examples include
|
||||
<literal>exiting the container</literal> or <literal>updating the database once per
|
||||
day.</literal>.</para>
|
||||
</listitem>
|
||||
@ -886,7 +886,7 @@
|
||||
of powering down the system with similar semantics. <option>exit</option> causes the manager to exit following
|
||||
the normal shutdown procedure, and <option>exit-force</option> causes it terminate without shutting down
|
||||
services. When <option>exit</option> or <option>exit-force</option> is used by default the exit status of the
|
||||
main process of the unit (if this applies) is returned from the service manager. However, this may be overriden
|
||||
main process of the unit (if this applies) is returned from the service manager. However, this may be overridden
|
||||
with <varname>FailureActionExitStatus=</varname>/<varname>SuccessActionExitStatus=</varname>, see
|
||||
below.</para></listitem>
|
||||
</varlistentry>
|
||||
@ -1273,7 +1273,7 @@
|
||||
<literal><</literal>, <literal><=</literal>, <literal>=</literal>, <literal>!=</literal>,
|
||||
<literal>>=</literal>, <literal>></literal>. Compares the number of CPUs in the CPU affinity mask
|
||||
configured of the service manager itself with the specified number, adhering to the specified
|
||||
comparision operator. On physical systems the number of CPUs in the affinity mask of the service
|
||||
comparison operator. On physical systems the number of CPUs in the affinity mask of the service
|
||||
manager usually matches the number of physical CPUs, but in special and virtual environments might
|
||||
differ. In particular, in containers the affinity mask usually matches the number of CPUs assigned to
|
||||
the container and not the physically available ones.</para>
|
||||
|
@ -30,7 +30,7 @@
|
||||
<para>Execute the operation remotely. Specify a hostname, or a
|
||||
username and hostname separated by <literal>@</literal>, to
|
||||
connect to. The hostname may optionally be suffixed by a
|
||||
port ssh is listening on, seperated by <literal>:</literal>, and then a
|
||||
port ssh is listening on, separated by <literal>:</literal>, and then a
|
||||
container name, separated by <literal>/</literal>, which
|
||||
connects directly to a specific container on the specified
|
||||
host. This will use SSH to talk to the remote machine manager
|
||||
|
@ -1234,7 +1234,7 @@ if want_remote != 'false'
|
||||
conf.get('HAVE_LIBCURL') == 1]
|
||||
# sd-j-remote requires µhttpd, and sd-j-upload requires libcurl, so
|
||||
# it's possible to build one without the other. Complain only if
|
||||
# support was explictly requested. The auxiliary files like sysusers
|
||||
# support was explicitly requested. The auxiliary files like sysusers
|
||||
# config should be installed when any of the programs are built.
|
||||
if want_remote == 'true' and not (have_deps[0] and have_deps[1])
|
||||
error('remote support was requested, but dependencies are not available')
|
||||
|
@ -23,7 +23,7 @@ int audit_session_from_pid(pid_t pid, uint32_t *id) {
|
||||
assert(id);
|
||||
|
||||
/* We don't convert ENOENT to ESRCH here, since we can't
|
||||
* really distuingish between "audit is not available in the
|
||||
* really distinguish between "audit is not available in the
|
||||
* kernel" and "the process does not exist", both which will
|
||||
* result in ENOENT. */
|
||||
|
||||
|
@ -59,7 +59,7 @@ int get_block_device(const char *path, dev_t *dev) {
|
||||
assert(path);
|
||||
assert(dev);
|
||||
|
||||
/* Get's the block device directly backing a file system. If
|
||||
/* Gets the block device directly backing a file system. If
|
||||
* the block device is encrypted, returns the device mapper
|
||||
* block device. */
|
||||
|
||||
|
@ -1971,7 +1971,7 @@ int cg_slice_to_path(const char *unit, char **ret) {
|
||||
|
||||
#if HAS_FEATURE_MEMORY_SANITIZER
|
||||
/* msan doesn't instrument stpncpy, so it thinks
|
||||
* n is later used unitialized:
|
||||
* n is later used uninitialized:
|
||||
* https://github.com/google/sanitizers/issues/926
|
||||
*/
|
||||
zero(n);
|
||||
@ -2616,7 +2616,7 @@ int cg_enable_everywhere(
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0) {
|
||||
/* On the legacy hiearchy there's no concept of "enabling" controllers in cgroups defined. Let's claim
|
||||
/* On the legacy hierarchy there's no concept of "enabling" controllers in cgroups defined. Let's claim
|
||||
* complete success right away. (If you wonder why we return the full mask here, rather than zero: the
|
||||
* caller tends to use the returned mask later on to compare if all controllers where properly joined,
|
||||
* and if not requeues realization. This use is the primary purpose of the return value, hence let's
|
||||
|
@ -99,7 +99,7 @@ static int files_add(
|
||||
|
||||
/* Does this node have the executable bit set? */
|
||||
if (flags & CONF_FILES_EXECUTABLE)
|
||||
/* As requested: check if the file is marked exectuable. Note that we don't check access(X_OK)
|
||||
/* As requested: check if the file is marked executable. Note that we don't check access(X_OK)
|
||||
* here, as we care about whether the file is marked executable at all, and not whether it is
|
||||
* executable for us, because if so, such errors are stuff we should log about. */
|
||||
|
||||
|
@ -387,7 +387,7 @@ int fd_get_path(int fd, char **ret) {
|
||||
r = readlink_malloc(procfs_path, ret);
|
||||
if (r == -ENOENT) {
|
||||
/* ENOENT can mean two things: that the fd does not exist or that /proc is not mounted. Let's make
|
||||
* things debuggable and distuingish the two. */
|
||||
* things debuggable and distinguish the two. */
|
||||
|
||||
if (access("/proc/self/fd/", F_OK) < 0)
|
||||
/* /proc is not available or not set up properly, we're most likely in some chroot
|
||||
|
@ -135,7 +135,7 @@ struct btrfs_scrub_progress {
|
||||
__u64 tree_bytes_scrubbed; /* # of tree bytes scrubbed */
|
||||
__u64 read_errors; /* # of read errors encountered (EIO) */
|
||||
__u64 csum_errors; /* # of failed csum checks */
|
||||
__u64 verify_errors; /* # of occurences, where the metadata
|
||||
__u64 verify_errors; /* # of occurrences, where the metadata
|
||||
* of a tree block did not match the
|
||||
* expected values, like generation or
|
||||
* logical */
|
||||
@ -155,7 +155,7 @@ struct btrfs_scrub_progress {
|
||||
__u64 last_physical; /* last physical address scrubbed. In
|
||||
* case a scrub was aborted, this can
|
||||
* be used to restart the scrub */
|
||||
__u64 unverified_errors; /* # of occurences where a read for a
|
||||
__u64 unverified_errors; /* # of occurrences where a read for a
|
||||
* full (64k) bio failed, but the re-
|
||||
* check succeeded for each 4k piece.
|
||||
* Intermittent error. */
|
||||
|
@ -54,7 +54,7 @@
|
||||
/* for storing balance parameters in the root tree */
|
||||
#define BTRFS_BALANCE_OBJECTID -4ULL
|
||||
|
||||
/* orhpan objectid for tracking unlinked/truncated files */
|
||||
/* orphan objectid for tracking unlinked/truncated files */
|
||||
#define BTRFS_ORPHAN_OBJECTID -5ULL
|
||||
|
||||
/* does write ahead logging to speed up fsyncs */
|
||||
@ -270,7 +270,7 @@
|
||||
#define BTRFS_PERSISTENT_ITEM_KEY 249
|
||||
|
||||
/*
|
||||
* Persistantly stores the device replace state in the device tree.
|
||||
* Persistently stores the device replace state in the device tree.
|
||||
* The key is built like this: (0, BTRFS_DEV_REPLACE_KEY, 0).
|
||||
*/
|
||||
#define BTRFS_DEV_REPLACE_KEY 250
|
||||
|
@ -184,7 +184,7 @@ struct in6_flowlabel_req {
|
||||
#define IPV6_PMTUDISC_WANT 1
|
||||
#define IPV6_PMTUDISC_DO 2
|
||||
#define IPV6_PMTUDISC_PROBE 3
|
||||
/* same as IPV6_PMTUDISC_PROBE, provided for symetry with IPv4
|
||||
/* same as IPV6_PMTUDISC_PROBE, provided for symmetry with IPv4
|
||||
* also see comments on IP_PMTUDISC_INTERFACE
|
||||
*/
|
||||
#define IPV6_PMTUDISC_INTERFACE 4
|
||||
|
@ -235,7 +235,7 @@ bool is_locale_utf8(void) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* For LC_CTYPE=="C" return true, because CTYPE is effectly
|
||||
/* For LC_CTYPE=="C" return true, because CTYPE is effectively
|
||||
* unset and everything can do to UTF-8 nowadays. */
|
||||
set = setlocale(LC_CTYPE, NULL);
|
||||
if (!set) {
|
||||
|
@ -17,7 +17,7 @@
|
||||
* @flags: Flags to pass to the clone system call
|
||||
*
|
||||
* Uses the clone system call to create a new process with the cloning flags and termination signal passed in the flags
|
||||
* parameter. Opposed to glibc's clone funtion, using this function does not set up a separate stack for the child, but
|
||||
* parameter. Opposed to glibc's clone function, using this function does not set up a separate stack for the child, but
|
||||
* relies on copy-on-write semantics on the one stack at a common virtual address, just as fork does.
|
||||
*
|
||||
* To obtain copy-on-write semantics, flags must not contain CLONE_VM, and thus CLONE_THREAD and CLONE_SIGHAND (which
|
||||
|
@ -1182,7 +1182,7 @@ bool colors_enabled(void) {
|
||||
* (which is the explicit way to turn colors on/off). If that didn't work we turn colors off unless we are on a
|
||||
* TTY. And if we are on a TTY we turn it off if $TERM is set to "dumb". There's one special tweak though: if
|
||||
* we are PID 1 then we do not check whether we are connected to a TTY, because we don't keep /dev/console open
|
||||
* continously due to fear of SAK, and hence things are a bit weird. */
|
||||
* continuously due to fear of SAK, and hence things are a bit weird. */
|
||||
|
||||
if (cached_colors_enabled < 0) {
|
||||
int val;
|
||||
|
@ -55,7 +55,7 @@ int parse_uid(const char *s, uid_t *ret) {
|
||||
|
||||
if (!uid_is_valid(uid))
|
||||
return -ENXIO; /* we return ENXIO instead of EINVAL
|
||||
* here, to make it easy to distuingish
|
||||
* here, to make it easy to distinguish
|
||||
* invalid numeric uids from invalid
|
||||
* strings. */
|
||||
|
||||
|
@ -234,7 +234,7 @@ static int detect_vm_xen_dom0(void) {
|
||||
if (streq(cap, "control_d"))
|
||||
break;
|
||||
if (!cap) {
|
||||
log_debug("Virtualization XEN DomU found (/proc/xen/capabilites)");
|
||||
log_debug("Virtualization XEN DomU found (/proc/xen/capabilities)");
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -114,7 +114,7 @@ EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) {
|
||||
/* fallback for firmware which does not support SimpleTextInputExProtocol
|
||||
*
|
||||
* This is also called in case ReadKeyStrokeEx did not return a key, because
|
||||
* some broken firmwares offer SimpleTextInputExProtocol, but never acually
|
||||
* some broken firmwares offer SimpleTextInputExProtocol, but never actually
|
||||
* handle any key. */
|
||||
err = uefi_call_wrapper(ST->ConIn->ReadKeyStroke, 2, ST->ConIn, &k);
|
||||
if (EFI_ERROR(err))
|
||||
|
@ -158,7 +158,7 @@ static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROT
|
||||
if (status != EFI_SUCCESS)
|
||||
return status;
|
||||
|
||||
/* No need to check return value, this already happend in efi_main() */
|
||||
/* No need to check return value, this already happened in efi_main() */
|
||||
root = LibOpenRoot(h);
|
||||
dev_path_str = DevicePathToStr(dev_path);
|
||||
|
||||
|
@ -111,7 +111,7 @@ static bool is_root_cgroup(const char *path) {
|
||||
*
|
||||
* There's one extra complication in all of this, though 😣: if the path to the cgroup indicates we are in the
|
||||
* root cgroup this might actually not be the case, because cgroup namespacing might be in effect
|
||||
* (CLONE_NEWCGROUP). Since there's no nice way to distuingish a real cgroup root from a fake namespaced one we
|
||||
* (CLONE_NEWCGROUP). Since there's no nice way to distinguish a real cgroup root from a fake namespaced one we
|
||||
* do an explicit container check here, under the assumption that CLONE_NEWCGROUP is generally used when
|
||||
* container managers are used too.
|
||||
*
|
||||
|
@ -1144,7 +1144,7 @@ static void cgroup_context_apply(
|
||||
}
|
||||
}
|
||||
|
||||
/* The bandwith limits are something that make sense to be applied to the host's root but not container
|
||||
/* The bandwidth limits are something that make sense to be applied to the host's root but not container
|
||||
* roots, as there we want the container manager to handle it */
|
||||
if (is_host_root || !is_local_root) {
|
||||
if (has_io) {
|
||||
@ -1310,7 +1310,7 @@ static void cgroup_context_apply(
|
||||
* it also counts. But if the user never set a limit through us (i.e. we are the default of
|
||||
* "unbounded") we leave things unmodified. For this we manage a global boolean that we turn on
|
||||
* the first time we set a limit. Note that this boolean is flushed out on manager reload,
|
||||
* which is desirable so that there's an offical way to release control of the sysctl from
|
||||
* which is desirable so that there's an official way to release control of the sysctl from
|
||||
* systemd: set the limit to unbounded and reload. */
|
||||
|
||||
if (c->tasks_max != CGROUP_LIMIT_MAX) {
|
||||
|
@ -25,7 +25,7 @@ typedef enum CGroupDevicePolicy {
|
||||
/* Everything forbidden, except built-in ones and listed ones. */
|
||||
CGROUP_CLOSED,
|
||||
|
||||
/* Everythings forbidden, except for the listed devices */
|
||||
/* Everything forbidden, except for the listed devices */
|
||||
CGROUP_STRICT,
|
||||
|
||||
_CGROUP_DEVICE_POLICY_MAX,
|
||||
|
@ -1899,7 +1899,7 @@ static int bus_unit_set_transient_property(
|
||||
* transient units, but still). And "References" and "ReferencedBy" is already used as unit reference
|
||||
* dependency type, hence let's not confuse things with that.
|
||||
*
|
||||
* Note that we don't acually add the reference to the bus track. We do that only after the setup of
|
||||
* Note that we don't actually add the reference to the bus track. We do that only after the setup of
|
||||
* the transient unit is complete, so that setting this property multiple times in the same transient
|
||||
* unit creation call doesn't count as individual references. */
|
||||
|
||||
|
@ -1257,7 +1257,7 @@ uint64_t manager_bus_n_queued_write(Manager *m) {
|
||||
sd_bus *b;
|
||||
int r;
|
||||
|
||||
/* Returns the total number of messages queued for writing on all our direct and API busses. */
|
||||
/* Returns the total number of messages queued for writing on all our direct and API buses. */
|
||||
|
||||
SET_FOREACH(b, m->private_buses, i) {
|
||||
uint64_t k;
|
||||
|
@ -420,7 +420,7 @@ static int device_add_udev_wants(Unit *u, sd_device *dev) {
|
||||
/* So here's a special hack, to compensate for the fact that the udev database's reload cycles are not
|
||||
* synchronized with our own reload cycles: when we detect that the SYSTEMD_WANTS property of a device
|
||||
* changes while the device unit is already up, let's manually trigger any new units listed in it not
|
||||
* seen before. This typically appens during the boot-time switch root transition, as udev devices
|
||||
* seen before. This typically happens during the boot-time switch root transition, as udev devices
|
||||
* will generally already be up in the initrd, but SYSTEMD_WANTS properties get then added through udev
|
||||
* rules only available on the host system, and thus only when the initial udev coldplug trigger runs.
|
||||
*
|
||||
@ -525,7 +525,7 @@ static int device_setup_unit(Manager *m, sd_device *dev, const char *path, bool
|
||||
|
||||
delete = false;
|
||||
|
||||
/* Let's remove all dependencies generated due to udev properties. We'll readd whatever is configured
|
||||
/* Let's remove all dependencies generated due to udev properties. We'll re-add whatever is configured
|
||||
* now below. */
|
||||
unit_remove_dependencies(u, UNIT_DEPENDENCY_UDEV);
|
||||
} else {
|
||||
@ -921,7 +921,7 @@ static int device_dispatch_io(sd_device_monitor *monitor, sd_device *dev, void *
|
||||
|
||||
/* A change event can signal that a device is becoming ready, in particular if
|
||||
* the device is using the SYSTEMD_READY logic in udev
|
||||
* so we need to reach the else block of the follwing if, even for change events */
|
||||
* so we need to reach the else block of the following if, even for change events */
|
||||
if (action == DEVICE_ACTION_REMOVE) {
|
||||
r = swap_process_device_remove(m, dev);
|
||||
if (r < 0)
|
||||
|
@ -2202,7 +2202,7 @@ static int setup_exec_directory(
|
||||
}
|
||||
|
||||
/* Lock down the access mode (we use chmod_and_chown() to make this idempotent. We don't
|
||||
* specifiy UID/GID here, so that path_chown_recursive() can optimize things depending on the
|
||||
* specify UID/GID here, so that path_chown_recursive() can optimize things depending on the
|
||||
* current UID/GID ownership.) */
|
||||
r = chmod_and_chown(pp ?: p, context->directories[type].mode, UID_INVALID, GID_INVALID);
|
||||
if (r < 0)
|
||||
@ -2487,7 +2487,7 @@ static int apply_mount_namespace(
|
||||
bind_mount_free_many(bind_mounts, n_bind_mounts);
|
||||
|
||||
/* If we couldn't set up the namespace this is probably due to a missing capability. setup_namespace() reports
|
||||
* that with a special, recognizable error ENOANO. In this case, silently proceeed, but only if exclusively
|
||||
* that with a special, recognizable error ENOANO. In this case, silently proceed, but only if exclusively
|
||||
* sandboxing options were used, i.e. nothing such as RootDirectory= or BindMount= that would result in a
|
||||
* completely different execution environment. */
|
||||
if (r == -ENOANO) {
|
||||
|
@ -72,7 +72,7 @@ enum JobMode {
|
||||
JOB_REPLACE, /* Replace an existing conflicting job */
|
||||
JOB_REPLACE_IRREVERSIBLY,/* Like JOB_REPLACE + produce irreversible jobs */
|
||||
JOB_ISOLATE, /* Start a unit, and stop all others */
|
||||
JOB_FLUSH, /* Flush out all other queued jobs when queing this one */
|
||||
JOB_FLUSH, /* Flush out all other queued jobs when queueing this one */
|
||||
JOB_IGNORE_DEPENDENCIES, /* Ignore both requirement and ordering dependencies */
|
||||
JOB_IGNORE_REQUIREMENTS, /* Ignore requirement dependencies */
|
||||
_JOB_MODE_MAX,
|
||||
|
@ -1823,7 +1823,7 @@ static void do_reexecute(
|
||||
args[i++] = NULL;
|
||||
assert(i <= args_size);
|
||||
|
||||
/* Reenable any blocked signals, especially important if we switch from initial ramdisk to init=... */
|
||||
/* Re-enable any blocked signals, especially important if we switch from initial ramdisk to init=... */
|
||||
(void) reset_all_signal_handlers();
|
||||
(void) reset_signal_mask();
|
||||
(void) rlimit_nofile_safe();
|
||||
@ -2062,7 +2062,7 @@ static int initialize_runtime(
|
||||
return 0;
|
||||
|
||||
if (arg_system) {
|
||||
/* Make sure we leave a core dump without panicing the kernel. */
|
||||
/* Make sure we leave a core dump without panicking the kernel. */
|
||||
install_crash_handler();
|
||||
|
||||
if (!skip_setup) {
|
||||
|
@ -89,7 +89,7 @@
|
||||
#define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
|
||||
#define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
|
||||
|
||||
/* If there are more than 1K bus messages queue across our API and direct busses, then let's not add more on top until
|
||||
/* If there are more than 1K bus messages queue across our API and direct buses, then let's not add more on top until
|
||||
* the queue gets more empty. */
|
||||
#define MANAGER_BUS_BUSY_THRESHOLD 1024LU
|
||||
|
||||
@ -1051,7 +1051,7 @@ static int manager_setup_user_lookup_fd(Manager *m) {
|
||||
* resolutions */
|
||||
r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-11);
|
||||
if (r < 0)
|
||||
return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m");
|
||||
return log_error_errno(errno, "Failed to set priority of user lookup event source: %m");
|
||||
|
||||
(void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
|
||||
}
|
||||
@ -1659,7 +1659,7 @@ int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
|
||||
|
||||
r = lookup_paths_reduce(&m->lookup_paths);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed ot reduce unit file paths, ignoring: %m");
|
||||
log_warning_errno(r, "Failed to reduce unit file paths, ignoring: %m");
|
||||
|
||||
manager_build_unit_path_cache(m);
|
||||
|
||||
@ -1709,7 +1709,7 @@ int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
|
||||
/* Connect to the bus if we are good for it */
|
||||
manager_setup_bus(m);
|
||||
|
||||
/* Now that we are connected to all possible busses, let's deserialize who is tracking us. */
|
||||
/* Now that we are connected to all possible buses, let's deserialize who is tracking us. */
|
||||
r = bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed to deserialized tracked clients, ignoring: %m");
|
||||
@ -2195,8 +2195,8 @@ static unsigned manager_dispatch_dbus_queue(Manager *m) {
|
||||
* overly full before this call we shouldn't increase it in size too wildly in one step, and we
|
||||
* shouldn't monopolize CPU time with generating these messages. Note the difference in counting of
|
||||
* this "budget" and the "threshold" above: the "budget" is decreased only once per generated message,
|
||||
* regardless how many busses/direct connections it is enqueued on, while the "threshold" is applied to
|
||||
* each queued instance of bus message, i.e. if the same message is enqueued to five busses/direct
|
||||
* regardless how many buses/direct connections it is enqueued on, while the "threshold" is applied to
|
||||
* each queued instance of bus message, i.e. if the same message is enqueued to five buses/direct
|
||||
* connections it will be counted five times. This difference in counting ("references"
|
||||
* vs. "instances") is primarily a result of the fact that it's easier to implement it this way,
|
||||
* however it also reflects the thinking that the "threshold" should put a limit on used queue memory,
|
||||
@ -2511,7 +2511,7 @@ static int manager_dispatch_sigchld(sd_event_source *source, void *userdata) {
|
||||
if (array) {
|
||||
size_t n = 0;
|
||||
|
||||
/* Cound how many entries the array has */
|
||||
/* Count how many entries the array has */
|
||||
while (array[n])
|
||||
n++;
|
||||
|
||||
@ -3548,7 +3548,7 @@ int manager_reload(Manager *m) {
|
||||
|
||||
r = lookup_paths_reduce(&m->lookup_paths);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed ot reduce unit file paths, ignoring: %m");
|
||||
log_warning_errno(r, "Failed to reduce unit file paths, ignoring: %m");
|
||||
|
||||
manager_build_unit_path_cache(m);
|
||||
|
||||
|
@ -737,7 +737,7 @@ static int service_add_extras(Service *s) {
|
||||
|
||||
/* If no OOM policy was explicitly set, then default to the configure default OOM policy. Except when
|
||||
* delegation is on, in that case it we assume the payload knows better what to do and can process
|
||||
* things in a more focussed way. */
|
||||
* things in a more focused way. */
|
||||
if (s->oom_policy < 0)
|
||||
s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->default_oom_policy;
|
||||
|
||||
@ -1752,7 +1752,7 @@ static void service_enter_dead(Service *s, ServiceResult f, bool allow_restart)
|
||||
* user can still introspect the counter. Do so on the next start. */
|
||||
s->flush_n_restarts = true;
|
||||
|
||||
/* The new state is in effect, let's decrease the fd store ref counter again. Let's also readd us to the GC
|
||||
/* The new state is in effect, let's decrease the fd store ref counter again. Let's also re-add us to the GC
|
||||
* queue, so that the fd store is possibly gc'ed again */
|
||||
s->n_keep_fd_store--;
|
||||
unit_add_to_gc_queue(UNIT(s));
|
||||
@ -3788,7 +3788,7 @@ static void service_notify_message(
|
||||
|
||||
r = service_is_suitable_main_pid(s, new_main_pid, LOG_WARNING);
|
||||
if (r == 0) {
|
||||
/* The new main PID is a bit suspicous, which is OK if the sender is privileged. */
|
||||
/* The new main PID is a bit suspicious, which is OK if the sender is privileged. */
|
||||
|
||||
if (ucred->uid == 0) {
|
||||
log_unit_debug(u, "New main PID "PID_FMT" does not belong to service, but we'll accept it as the request to change it came from a privileged process.", new_main_pid);
|
||||
|
@ -1868,7 +1868,7 @@ static int socket_coldplug(Unit *u) {
|
||||
SOCKET_RUNNING)) {
|
||||
|
||||
/* Originally, we used to simply reopen all sockets here that we didn't have file descriptors
|
||||
* for. However, this is problematic, as we won't traverse throught the SOCKET_START_CHOWN state for
|
||||
* for. However, this is problematic, as we won't traverse through the SOCKET_START_CHOWN state for
|
||||
* them, and thus the UID/GID wouldn't be right. Hence, instead simply check if we have all fds open,
|
||||
* and if there's a mismatch, warn loudly. */
|
||||
|
||||
@ -2873,7 +2873,7 @@ static int socket_accept_in_cgroup(Socket *s, SocketPort *p, int fd) {
|
||||
assert(p);
|
||||
assert(fd >= 0);
|
||||
|
||||
/* Similar to socket_address_listen_in_cgroup(), but for accept() rathern than socket(): make sure that any
|
||||
/* Similar to socket_address_listen_in_cgroup(), but for accept() rather than socket(): make sure that any
|
||||
* connection socket is also properly associated with the cgroup. */
|
||||
|
||||
if (!IN_SET(p->address.sockaddr.sa.sa_family, AF_INET, AF_INET6))
|
||||
|
@ -807,7 +807,7 @@ static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitD
|
||||
assert(other);
|
||||
assert(d < _UNIT_DEPENDENCY_MAX);
|
||||
|
||||
/* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
|
||||
/* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
|
||||
HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
|
||||
UnitDependency k;
|
||||
|
||||
@ -5144,7 +5144,7 @@ int unit_set_exec_params(Unit *u, ExecParameters *p) {
|
||||
p->prefix = u->manager->prefix;
|
||||
SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
|
||||
|
||||
/* Copy paramaters from unit */
|
||||
/* Copy parameters from unit */
|
||||
p->cgroup_path = u->cgroup_path;
|
||||
SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
|
||||
|
||||
|
@ -51,7 +51,7 @@ static inline bool UNIT_IS_INACTIVE_OR_FAILED(UnitActiveState t) {
|
||||
* use this so that we can selectively flush out parts of dependencies again. Note that the same dependency might be
|
||||
* created as a result of multiple "reasons", hence the bitmask. */
|
||||
typedef enum UnitDependencyMask {
|
||||
/* Configured directly by the unit file, .wants/.requries symlink or drop-in, or as an immediate result of a
|
||||
/* Configured directly by the unit file, .wants/.requires symlink or drop-in, or as an immediate result of a
|
||||
* non-dependency option configured that way. */
|
||||
UNIT_DEPENDENCY_FILE = 1 << 0,
|
||||
|
||||
@ -260,7 +260,7 @@ typedef struct Unit {
|
||||
char *cgroup_path;
|
||||
CGroupMask cgroup_realized_mask; /* In which hierarchies does this unit's cgroup exist? (only relevant on cgroup v1) */
|
||||
CGroupMask cgroup_enabled_mask; /* Which controllers are enabled (or more correctly: enabled for the children) for this unit's cgroup? (only relevant on cgroup v2) */
|
||||
CGroupMask cgroup_invalidated_mask; /* A mask specifiying controllers which shall be considered invalidated, and require re-realization */
|
||||
CGroupMask cgroup_invalidated_mask; /* A mask specifying controllers which shall be considered invalidated, and require re-realization */
|
||||
CGroupMask cgroup_members_mask; /* A cache for the controllers required by all children of this cgroup (only relevant for slice units) */
|
||||
|
||||
/* Inotify watch descriptors for watching cgroup.events and memory.events on cgroupv2 */
|
||||
|
@ -765,7 +765,7 @@ static int submit_coredump(
|
||||
return log_error_errno(r, "Failed to drop privileges: %m");
|
||||
|
||||
#if HAVE_ELFUTILS
|
||||
/* Try to get a strack trace if we can */
|
||||
/* Try to get a stack trace if we can */
|
||||
if (coredump_size <= arg_process_size_max) {
|
||||
_cleanup_free_ char *stacktrace = NULL;
|
||||
|
||||
|
@ -321,7 +321,7 @@ static int print_field(FILE* file, sd_journal *j) {
|
||||
assert(arg_field);
|
||||
|
||||
/* A (user-specified) field may appear more than once for a given entry.
|
||||
* We will print all of the occurences.
|
||||
* We will print all of the occurrences.
|
||||
* This is different below for fields that systemd-coredump uses,
|
||||
* because they cannot meaningfully appear more than once.
|
||||
*/
|
||||
@ -790,7 +790,7 @@ static int save_core(sd_journal *j, FILE *file, char **path, bool *unlink_temp)
|
||||
/* If neither path or file are specified, we will write to stdout. Let's now check
|
||||
* if stdout is connected to a tty. We checked that the file exists, or that the
|
||||
* core might be stored in the journal. In this second case, if we found the entry,
|
||||
* in all likelyhood we will be able to access the COREDUMP= field. In either case,
|
||||
* in all likelihood we will be able to access the COREDUMP= field. In either case,
|
||||
* we stop before doing any "real" work, i.e. before starting decompression or
|
||||
* reading from the file or creating temporary files.
|
||||
*/
|
||||
|
@ -367,7 +367,7 @@ int curl_header_strdup(const void *contents, size_t sz, const char *field, char
|
||||
if (memchr(p, 0, sz))
|
||||
return 0;
|
||||
|
||||
/* Skip over preceeding whitespace */
|
||||
/* Skip over preceding whitespace */
|
||||
while (sz > 0 && strchr(WHITESPACE, p[0])) {
|
||||
p++;
|
||||
sz--;
|
||||
|
@ -436,7 +436,7 @@ int pull_verify(PullJob *main_job,
|
||||
}
|
||||
|
||||
if (!mkdtemp(gpg_home)) {
|
||||
r = log_error_errno(errno, "Failed to create tempory home for gpg: %m");
|
||||
r = log_error_errno(errno, "Failed to create temporary home for gpg: %m");
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -33,7 +33,7 @@
|
||||
|
||||
/* Both the old and new names are defines, check for the new one. */
|
||||
|
||||
/* Compatiblity with libmicrohttpd < 0.9.38 */
|
||||
/* Compatibility with libmicrohttpd < 0.9.38 */
|
||||
#ifndef MHD_HTTP_NOT_ACCEPTABLE
|
||||
# define MHD_HTTP_NOT_ACCEPTABLE MHD_HTTP_METHOD_NOT_ACCEPTABLE
|
||||
#endif
|
||||
|
@ -146,7 +146,7 @@ static int run(int argc, char *argv[]) {
|
||||
|
||||
saved_stderr = fcntl(STDERR_FILENO, F_DUPFD_CLOEXEC, 3);
|
||||
|
||||
r = rearrange_stdio(STDIN_FILENO, outfd, errfd < 0 ? outfd : errfd); /* Invalidates fd on succcess + error! */
|
||||
r = rearrange_stdio(STDIN_FILENO, outfd, errfd < 0 ? outfd : errfd); /* Invalidates fd on success + error! */
|
||||
TAKE_FD(outfd);
|
||||
TAKE_FD(errfd);
|
||||
if (r < 0)
|
||||
|
@ -1263,7 +1263,7 @@ static int get_boots(
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/* At this point the read pointer is positioned at the oldest/newest occurence of the reference boot
|
||||
/* At this point the read pointer is positioned at the oldest/newest occurrence of the reference boot
|
||||
* ID. After flushing the matches, one more invocation of _previous()/_next() will hence place us at
|
||||
* the following entry, which must then have an older/newer boot ID */
|
||||
} else {
|
||||
@ -2427,7 +2427,7 @@ int main(int argc, char *argv[]) {
|
||||
if (arg_follow) {
|
||||
poll_fd = sd_journal_get_fd(j);
|
||||
if (poll_fd == -EMFILE) {
|
||||
log_warning_errno(poll_fd, "Insufficent watch descriptors available. Reverting to -n.");
|
||||
log_warning_errno(poll_fd, "Insufficient watch descriptors available. Reverting to -n.");
|
||||
arg_follow = false;
|
||||
} else if (poll_fd == -EMEDIUMTYPE) {
|
||||
log_error_errno(poll_fd, "The --follow switch is not supported in conjunction with reading from STDIN.");
|
||||
|
@ -445,7 +445,7 @@ void server_process_audit_message(
|
||||
if (IN_SET(nl->nlmsg_type, NLMSG_NOOP, NLMSG_ERROR))
|
||||
return;
|
||||
|
||||
/* Except AUDIT_USER, all messsages below AUDIT_FIRST_USER_MSG are control messages, let's ignore those */
|
||||
/* Except AUDIT_USER, all messages below AUDIT_FIRST_USER_MSG are control messages, let's ignore those */
|
||||
if (nl->nlmsg_type < AUDIT_FIRST_USER_MSG && nl->nlmsg_type != AUDIT_USER)
|
||||
return;
|
||||
|
||||
|
@ -48,7 +48,7 @@
|
||||
* previously had trouble associating the log message with the service.
|
||||
*
|
||||
* NB: With and without the metadata cache: the implicitly added entry metadata in the journal (with the exception of
|
||||
* UID/PID/GID and SELinux label) must be understood as possibly slightly out of sync (i.e. sometimes slighly older
|
||||
* UID/PID/GID and SELinux label) must be understood as possibly slightly out of sync (i.e. sometimes slightly older
|
||||
* and sometimes slightly newer than what was current at the log event).
|
||||
*/
|
||||
|
||||
|
@ -811,7 +811,7 @@ void driver2()
|
||||
{
|
||||
for (j=0; j<8; ++j) /*------------------------ for each input bit, */
|
||||
{
|
||||
for (m=1; m<8; ++m) /*------------ for serveral possible initvals, */
|
||||
for (m=1; m<8; ++m) /*------------- for several possible initvals, */
|
||||
{
|
||||
for (l=0; l<HASHSTATE; ++l)
|
||||
e[l]=f[l]=g[l]=h[l]=x[l]=y[l]=~((uint32_t)0);
|
||||
|
@ -60,7 +60,7 @@ static struct {
|
||||
unsigned char prefixlen;
|
||||
uint32_t valid;
|
||||
uint32_t preferred;
|
||||
bool succesful;
|
||||
bool successful;
|
||||
} prefix[] = {
|
||||
{ { { { 0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0xbe, 0xef,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } } }, 64,
|
||||
@ -329,7 +329,7 @@ static void test_ra(void) {
|
||||
if (prefix[i].preferred)
|
||||
assert_se(sd_radv_prefix_set_preferred_lifetime(p, prefix[i].preferred) >= 0);
|
||||
|
||||
assert_se((sd_radv_add_prefix(ra, p, false) >= 0) == prefix[i].succesful);
|
||||
assert_se((sd_radv_add_prefix(ra, p, false) >= 0) == prefix[i].successful);
|
||||
assert_se(sd_radv_add_prefix(ra, p, false) < 0);
|
||||
|
||||
p = sd_radv_prefix_unref(p);
|
||||
|
@ -55,7 +55,7 @@ Regarding the framing of dbus2, also see:
|
||||
https://wiki.gnome.org/Projects/GLib/GDBus/Version2
|
||||
|
||||
The first four bytes of the header are defined the same way for dbus1
|
||||
and dbus2. The first bytes contain the endianess field and the
|
||||
and dbus2. The first bytes contain the endianness field and the
|
||||
protocol version, so that the remainder of the message can be safely
|
||||
made sense of just by looking at the first 32bit.
|
||||
|
||||
|
@ -532,7 +532,7 @@ _public_ int sd_bus_get_name_creds(
|
||||
if (!sd_bus_error_has_name(&error, SD_BUS_ERROR_UNKNOWN_METHOD))
|
||||
return r;
|
||||
|
||||
/* If we got an unknown method error, fall back to the invidual calls... */
|
||||
/* If we got an unknown method error, fall back to the individual calls... */
|
||||
need_separate_calls = true;
|
||||
sd_bus_error_free(&error);
|
||||
|
||||
|
@ -180,7 +180,7 @@ bool member_name_is_valid(const char *p) {
|
||||
* Complex pattern match
|
||||
* This checks whether @a is a 'complex-prefix' of @b, or @b is a
|
||||
* 'complex-prefix' of @a, based on strings that consist of labels with @c as
|
||||
* spearator. This function returns true if:
|
||||
* separator. This function returns true if:
|
||||
* - both strings are equal
|
||||
* - either is a prefix of the other and ends with @c
|
||||
* The second rule makes sure that either string needs to be fully included in
|
||||
|
@ -924,7 +924,7 @@ _public_ sd_bus_message* sd_bus_message_unref(sd_bus_message *m) {
|
||||
|
||||
/* Unset the bus field if neither the user has a reference nor this message is queued. We are careful
|
||||
* to reset the field only after the last reference to the bus is dropped, after all we might keep
|
||||
* multiple references to the bus, once for each reference kept on outselves. */
|
||||
* multiple references to the bus, once for each reference kept on ourselves. */
|
||||
m->bus = NULL;
|
||||
|
||||
return message_free(m);
|
||||
|
@ -465,9 +465,9 @@ static int synthesize_connected_signal(sd_bus *bus) {
|
||||
|
||||
/* If enabled, synthesizes a local "Connected" signal mirroring the local "Disconnected" signal. This is called
|
||||
* whenever we fully established a connection, i.e. after the authorization phase, and after receiving the
|
||||
* Hello() reply. Or in other words, whenver we enter BUS_RUNNING state.
|
||||
* Hello() reply. Or in other words, whenever we enter BUS_RUNNING state.
|
||||
*
|
||||
* This is useful so that clients can start doing stuff whenver the connection is fully established in a way
|
||||
* This is useful so that clients can start doing stuff whenever the connection is fully established in a way
|
||||
* that works independently from whether we connected to a full bus or just a direct connection. */
|
||||
|
||||
if (!bus->connected_signal)
|
||||
@ -1204,7 +1204,7 @@ _public_ int sd_bus_open_with_description(sd_bus **ret, const char *description)
|
||||
assert_return(ret, -EINVAL);
|
||||
|
||||
/* Let's connect to the starter bus if it is set, and
|
||||
* otherwise to the bus that is appropropriate for the scope
|
||||
* otherwise to the bus that is appropriate for the scope
|
||||
* we are running in */
|
||||
|
||||
e = secure_getenv("DBUS_STARTER_BUS_TYPE");
|
||||
@ -3869,7 +3869,7 @@ _public_ int sd_bus_path_decode_many(const char *path, const char *path_template
|
||||
* For each matched label, the *decoded* label is stored in the
|
||||
* passed output argument, and the caller is responsible to free
|
||||
* it. Note that the output arguments are only modified if the
|
||||
* actualy path matched the template. Otherwise, they're left
|
||||
* actually path matched the template. Otherwise, they're left
|
||||
* untouched.
|
||||
*
|
||||
* This function returns <0 on error, 0 if the path does not match the
|
||||
|
@ -24,7 +24,7 @@ static int test_ref_unref(void) {
|
||||
m = sd_bus_message_unref(m);
|
||||
bus = sd_bus_unref(bus);
|
||||
|
||||
/* We should have a memory leak now on <= v240. Let's do this again, but destory in the opposite
|
||||
/* We should have a memory leak now on <= v240. Let's do this again, but destroy in the opposite
|
||||
* order. On v240 that too should be a leak. */
|
||||
|
||||
r = sd_bus_open_system(&bus);
|
||||
|
@ -3022,7 +3022,7 @@ static void event_close_inode_data_fds(sd_event *e) {
|
||||
|
||||
/* Close the fds pointing to the inodes to watch now. We need to close them as they might otherwise pin
|
||||
* filesystems. But we can't close them right-away as we need them as long as the user still wants to make
|
||||
* adjustments to the even source, such as changing the priority (which requires us to remove and readd a watch
|
||||
* adjustments to the even source, such as changing the priority (which requires us to remove and re-add a watch
|
||||
* for the inode). Hence, let's close them when entering the first iteration after they were added, as a
|
||||
* compromise. */
|
||||
|
||||
|
@ -49,7 +49,7 @@ static MonitorNetlinkGroup monitor_netlink_group_from_string(const char *name) {
|
||||
* source. Valid sources identifiers are "udev" and "kernel".
|
||||
*
|
||||
* Applications should usually not connect directly to the
|
||||
* "kernel" events, because the devices might not be useable
|
||||
* "kernel" events, because the devices might not be usable
|
||||
* at that time, before udev has configured them, and created
|
||||
* device nodes. Accessing devices at the same time as udev,
|
||||
* might result in unpredictable behavior. The "udev" events
|
||||
|
@ -830,7 +830,7 @@ static int method_create_session(sd_bus_message *message, void *userdata, sd_bus
|
||||
} while (hashmap_get(m->sessions, id));
|
||||
}
|
||||
|
||||
/* If we are not watching utmp aleady, try again */
|
||||
/* If we are not watching utmp already, try again */
|
||||
manager_reconnect_utmp(m);
|
||||
|
||||
r = manager_add_user_by_uid(m, uid, &user);
|
||||
|
@ -156,7 +156,7 @@ static int session_device_open(SessionDevice *sd, bool active) {
|
||||
|
||||
case DEVICE_TYPE_UNKNOWN:
|
||||
default:
|
||||
/* fallback for devices wihout synchronizations */
|
||||
/* fallback for devices without synchronizations */
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -369,7 +369,7 @@ int user_start(User *u) {
|
||||
return 0;
|
||||
|
||||
/* If u->stopping is set, the user is marked for removal and service stop-jobs are queued. We have to clear
|
||||
* that flag before queing the start-jobs again. If they succeed, the user object can be re-used just fine
|
||||
* that flag before queueing the start-jobs again. If they succeed, the user object can be re-used just fine
|
||||
* (pid1 takes care of job-ordering and proper restart), but if they fail, we want to force another user_stop()
|
||||
* so possibly pending units are stopped. */
|
||||
u->stopping = false;
|
||||
|
@ -327,7 +327,7 @@ static const char* getenv_harder(pam_handle_t *handle, const char *key, const ch
|
||||
assert(handle);
|
||||
assert(key);
|
||||
|
||||
/* Looks for an environment variable, preferrably in the environment block associated with the
|
||||
/* Looks for an environment variable, preferably in the environment block associated with the
|
||||
* specified PAM handle, falling back to the process' block instead. Why check both? Because we want
|
||||
* to permit configuration of session properties from unit files that invoke PAM services, so that
|
||||
* PAM services don't have to be reworked to set systemd-specific properties, but these properties
|
||||
|
@ -8,7 +8,7 @@
|
||||
#include "networkd-manager.h"
|
||||
#include "vlan-util.h"
|
||||
|
||||
/* callback for brige netdev's parameter set */
|
||||
/* callback for bridge netdev's parameter set */
|
||||
static int netdev_bridge_set_handler(sd_netlink *rtnl, sd_netlink_message *m, NetDev *netdev) {
|
||||
int r;
|
||||
|
||||
|
@ -471,7 +471,7 @@ static int dhcp_lease_acquired(sd_dhcp_client *client, Link *link) {
|
||||
if (r < 0)
|
||||
log_link_warning_errno(link, r, "Unable to shorten overlong DHCP hostname '%s', ignoring: %m", dhcpname);
|
||||
if (r == 1)
|
||||
log_link_notice(link, "Overlong DCHP hostname received, shortened from '%s' to '%s'", dhcpname, hostname);
|
||||
log_link_notice(link, "Overlong DHCP hostname received, shortened from '%s' to '%s'", dhcpname, hostname);
|
||||
}
|
||||
|
||||
if (hostname) {
|
||||
|
@ -3842,7 +3842,7 @@ int link_update(Link *link, sd_netlink_message *m) {
|
||||
assert(m);
|
||||
|
||||
if (link->state == LINK_STATE_LINGER) {
|
||||
log_link_info(link, "Link readded");
|
||||
log_link_info(link, "Link re-added");
|
||||
link_set_state(link, LINK_STATE_CONFIGURING);
|
||||
|
||||
r = link_new_carrier_maps(link);
|
||||
|
@ -344,7 +344,7 @@ int network_load_one(Manager *manager, const char *filename) {
|
||||
.dhcp_use_dns = true,
|
||||
.dhcp_use_hostname = true,
|
||||
.dhcp_use_routes = true,
|
||||
/* NOTE: this var might be overwriten by network_apply_anonymize_if_set */
|
||||
/* NOTE: this var might be overwritten by network_apply_anonymize_if_set */
|
||||
.dhcp_send_hostname = true,
|
||||
/* To enable/disable RFC7844 Anonymity Profiles */
|
||||
.dhcp_anonymize = false,
|
||||
@ -860,7 +860,7 @@ int config_parse_dhcp(
|
||||
if (s < 0) {
|
||||
|
||||
/* Previously, we had a slightly different enum here,
|
||||
* support its values for compatbility. */
|
||||
* support its values for compatibility. */
|
||||
|
||||
if (streq(rvalue, "none"))
|
||||
s = ADDRESS_FAMILY_NO;
|
||||
|
@ -62,7 +62,7 @@ int config_parse_address_family_boolean_with_kernel(
|
||||
|
||||
/* This function is mostly obsolete now. It simply redirects
|
||||
* "kernel" to "no". In older networkd versions we used to
|
||||
* distuingish IPForward=off from IPForward=kernel, where the
|
||||
* distinguish IPForward=off from IPForward=kernel, where the
|
||||
* former would explicitly turn off forwarding while the
|
||||
* latter would simply not touch the setting. But that logic
|
||||
* is gone, hence silently accept the old setting, but turn it
|
||||
@ -84,7 +84,7 @@ int config_parse_address_family_boolean_with_kernel(
|
||||
}
|
||||
|
||||
/* Router lifetime can be set with netlink interface since kernel >= 4.5
|
||||
* so for the supported kernel we dont need to expire routes in userspace */
|
||||
* so for the supported kernel we don't need to expire routes in userspace */
|
||||
int kernel_route_expiration_supported(void) {
|
||||
static int cached = -1;
|
||||
int r;
|
||||
|
@ -35,7 +35,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(NetworkConfigSection*, network_config_section_free);
|
||||
extern const struct hash_ops network_config_hash_ops;
|
||||
|
||||
static inline bool section_is_invalid(NetworkConfigSection *section) {
|
||||
/* If this retuns false, then it does _not_ mean the section is valid. */
|
||||
/* If this returns false, then it does _not_ mean the section is valid. */
|
||||
|
||||
if (!section)
|
||||
return false;
|
||||
|
@ -192,7 +192,7 @@ static int run(int argc, char* argv[]) {
|
||||
if (!n)
|
||||
return log_oom();
|
||||
|
||||
/* If this is requested change to the requested UID/GID. Note thta we only change the real UID here, and leave
|
||||
/* If this is requested change to the requested UID/GID. Note that we only change the real UID here, and leave
|
||||
the effective UID in effect (which is 0 for this to work). That's because we want the privileges to fake the
|
||||
ucred data, and sd_pid_notify() uses the real UID for filling in ucred. */
|
||||
|
||||
|
@ -161,7 +161,7 @@ int create_subcgroup(pid_t pid, bool keep_unit, CGroupUnified unified_requested)
|
||||
* attributes. Hence, let's insert an intermediary cgroup to cover that case too.
|
||||
*
|
||||
* Note that we only bother with the main hierarchy here, not with any secondary ones. On the unified setup
|
||||
* that's fine because there's only one hiearchy anyway and controllers are enabled directly on it. On the
|
||||
* that's fine because there's only one hierarchy anyway and controllers are enabled directly on it. On the
|
||||
* legacy setup, this is fine too, since delegation of controllers is generally not safe there, hence we won't
|
||||
* do it. */
|
||||
|
||||
|
@ -58,6 +58,7 @@
|
||||
* /bin/mount regarding NFS and FUSE required?
|
||||
* what does terminal=false mean?
|
||||
* sysctl inside or outside? whitelisting?
|
||||
* swapiness typo -> swappiness
|
||||
*
|
||||
* Unsupported:
|
||||
*
|
||||
|
@ -103,7 +103,7 @@ static int shift_acl(acl_t acl, uid_t shift, acl_t *ret) {
|
||||
|
||||
if (IN_SET(tag, ACL_USER, ACL_GROUP)) {
|
||||
|
||||
/* We don't distuingish here between uid_t and gid_t, let's make sure the compiler checks that
|
||||
/* We don't distinguish here between uid_t and gid_t, let's make sure the compiler checks that
|
||||
* this is actually OK */
|
||||
assert_cc(sizeof(uid_t) == sizeof(gid_t));
|
||||
|
||||
|
@ -1495,7 +1495,7 @@ static int verify_arguments(void) {
|
||||
|
||||
/* We don't support --private-users-chown together with any of the volatile modes since we couldn't
|
||||
* change the read-only part of the tree (i.e. /usr) anyway, or because it would trigger a massive
|
||||
* copy-up (in case of overlay) making the entire excercise pointless. */
|
||||
* copy-up (in case of overlay) making the entire exercise pointless. */
|
||||
if (arg_userns_chown && arg_volatile_mode != VOLATILE_NO)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "--volatile= and --private-users-chown may not be combined.");
|
||||
|
||||
@ -3293,7 +3293,7 @@ static int outer_child(
|
||||
|
||||
/* Mark everything as shared so our mounts get propagated down. This is
|
||||
* required to make new bind mounts available in systemd services
|
||||
* inside the containter that create a new mount namespace.
|
||||
* inside the container that create a new mount namespace.
|
||||
* See https://github.com/systemd/systemd/issues/3860
|
||||
* Further submounts (such as /dev) done after this will inherit the
|
||||
* shared propagation mode. */
|
||||
@ -3715,7 +3715,7 @@ static int merge_settings(Settings *settings, const char *path) {
|
||||
/* Copy the full capabilities over too */
|
||||
if (capability_quintet_is_set(&settings->full_capabilities)) {
|
||||
if (!arg_settings_trusted)
|
||||
log_warning("Ignoring capabilitiy settings, file %s is not trusted.", path);
|
||||
log_warning("Ignoring capability settings, file %s is not trusted.", path);
|
||||
else
|
||||
arg_full_capabilities = settings->full_capabilities;
|
||||
}
|
||||
|
@ -169,7 +169,7 @@ enum nss_status _nss_resolve_gethostbyname4_r(
|
||||
/* Return NSS_STATUS_UNAVAIL when communication with systemd-resolved fails,
|
||||
allowing falling back to other nss modules. Treat all other error conditions as
|
||||
NOTFOUND. This includes DNSSEC errors and suchlike. (We don't use UNAVAIL in this
|
||||
case so that the nsswitch.conf configuration can distuingish such executed but
|
||||
case so that the nsswitch.conf configuration can distinguish such executed but
|
||||
negative replies from complete failure to talk to resolved). */
|
||||
goto fail;
|
||||
}
|
||||
|
@ -434,7 +434,7 @@ static int portable_extract_by_path(
|
||||
if (r < 0)
|
||||
return log_debug_errno(r, "Failed to receive item: %m");
|
||||
|
||||
/* We can't really distuingish a zero-length datagram without any fds from EOF (both are signalled the
|
||||
/* We can't really distinguish a zero-length datagram without any fds from EOF (both are signalled the
|
||||
* same way by recvmsg()). Hence, accept either as end notification. */
|
||||
if (isempty(name) && fd < 0)
|
||||
break;
|
||||
|
@ -172,7 +172,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) {
|
||||
log_debug("Switch -%c ignored.", c);
|
||||
break;
|
||||
|
||||
/* Everybody else can agree on the existance of -u but we don't support it. */
|
||||
/* Everybody else can agree on the existence of -u but we don't support it. */
|
||||
case 'u':
|
||||
|
||||
/* The following options are openresolv inventions we don't support. */
|
||||
|
@ -1106,7 +1106,7 @@ int dnssec_has_rrsig(DnsAnswer *a, const DnsResourceKey *key) {
|
||||
DnsResourceRecord *rr;
|
||||
int r;
|
||||
|
||||
/* Checks whether there's at least one RRSIG in 'a' that proctects RRs of the specified key */
|
||||
/* Checks whether there's at least one RRSIG in 'a' that protects RRs of the specified key */
|
||||
|
||||
DNS_ANSWER_FOREACH(rr, a) {
|
||||
r = dnssec_key_match_rrsig(key, rr);
|
||||
@ -1985,7 +1985,7 @@ int dnssec_nsec_test(DnsAnswer *answer, DnsResourceKey *key, DnssecNsecResult *r
|
||||
if (have_nsec3)
|
||||
return dnssec_test_nsec3(answer, key, result, authenticated, ttl);
|
||||
|
||||
/* No approproate NSEC RR found, report this. */
|
||||
/* No appropriate NSEC RR found, report this. */
|
||||
*result = DNSSEC_NSEC_NO_RR;
|
||||
return 0;
|
||||
}
|
||||
|
@ -1949,7 +1949,7 @@ int dns_packet_read_rr(DnsPacket *p, DnsResourceRecord **ret, bool *ret_cache_fl
|
||||
case DNS_TYPE_NSEC: {
|
||||
|
||||
/*
|
||||
* RFC6762, section 18.14 explictly states mDNS should use name compression.
|
||||
* RFC6762, section 18.14 explicitly states mDNS should use name compression.
|
||||
* This contradicts RFC3845, section 2.1.1
|
||||
*/
|
||||
|
||||
|
@ -289,7 +289,7 @@ int dns_question_new_address(DnsQuestion **ret, int family, const char *name, bo
|
||||
else
|
||||
/* We did not manage to create convert the idna name, or it's
|
||||
* the same as the original name. We assume the caller already
|
||||
* created an uncoverted question, so let's not repeat work
|
||||
* created an unconverted question, so let's not repeat work
|
||||
* unnecessarily. */
|
||||
return -EALREADY;
|
||||
}
|
||||
|
@ -452,7 +452,7 @@ int dns_scope_socket_udp(DnsScope *s, DnsServer *server, uint16_t port) {
|
||||
}
|
||||
|
||||
int dns_scope_socket_tcp(DnsScope *s, int family, const union in_addr_union *address, DnsServer *server, uint16_t port, union sockaddr_union *ret_socket_address) {
|
||||
/* If ret_socket_address is not NULL, the caller is responisble
|
||||
/* If ret_socket_address is not NULL, the caller is responsible
|
||||
* for calling connect() or sendmsg(). This is required by TCP
|
||||
* Fast Open, to be able to send the initial SYN packet along
|
||||
* with the first data packet. */
|
||||
|
@ -239,7 +239,7 @@ static void dns_server_reset_counters(DnsServer *s) {
|
||||
*
|
||||
* This is particularly important to deal with certain Belkin routers which break OPT for certain lookups (A),
|
||||
* but pass traffic through for others (AAAA). If we detect the broken behaviour on one lookup we should not
|
||||
* reenable it for another, because we cannot validate things anyway, given that the RRSIG/OPT data will be
|
||||
* re-enable it for another, because we cannot validate things anyway, given that the RRSIG/OPT data will be
|
||||
* incomplete. */
|
||||
}
|
||||
|
||||
@ -879,7 +879,7 @@ void dns_server_unref_stream(DnsServer *s) {
|
||||
|
||||
/* Detaches the default stream of this server. Some special care needs to be taken here, as that stream and
|
||||
* this server reference each other. First, take the stream out of the server. It's destructor will check if it
|
||||
* is registered with us, hence let's invalidate this separatly, so that it is already unregistered. */
|
||||
* is registered with us, hence let's invalidate this separately, so that it is already unregistered. */
|
||||
ref = TAKE_PTR(s->stream);
|
||||
|
||||
/* And then, unref it */
|
||||
|
@ -61,7 +61,7 @@ static int dns_stream_complete(DnsStream *s, int error) {
|
||||
assert(error >= 0);
|
||||
|
||||
/* Error is > 0 when the connection failed for some reason in the network stack. It's == 0 if we sent
|
||||
* and receieved exactly one packet each (in the LLMNR client case). */
|
||||
* and received exactly one packet each (in the LLMNR client case). */
|
||||
|
||||
#if ENABLE_DNS_OVER_TLS
|
||||
if (s->encrypted) {
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user