picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix spelling of privilege

This commit is contained in:
Nis Martensen 2014-05-18 15:43:18 +02:00 committed by Lennart Poettering
parent 8891f695c7
commit f1721625e7
9 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
NEWS
View File

@ -166,7 +166,7 @@ CHANGES WITH 211:
directory's lifetime is bound to the daemon runtime and that
the daemon starts up with an empty directory each time. This
is particularly useful when writing services that drop
priviliges using the User= or Group= setting.
privileges using the User= or Group= setting.
* The DeviceAllow= unit setting now supports globbing for
matching against device group names.

2
README
View File

@ -185,7 +185,7 @@ USERS AND GROUPS:
The NTP daemon requires the "systemd-timesync" system user and
group to exist. During execution this network facing service
will drop priviliges (with the exception of CAP_SYS_TIME) and
will drop privileges (with the exception of CAP_SYS_TIME) and
assume this uid/gid for security reasons.
WARNINGS:

2
man/systemd.exec.xml
View File

@ -1275,7 +1275,7 @@
<literal>/</literal>, i.e. must refer
to simple directories to create or
remove. This is particularly useful
for unpriviliges daemons that cannot
for unprivileged daemons that cannot
create runtime directories in
<filename>/run</filename> due to lack
of privileges, and to make sure the

2
src/core/load-fragment-gperf.gperf.m4
View File

@ -48,7 +48,7 @@ $1.Capabilities, config_parse_exec_capabilities, 0,
$1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context)
$1.CapabilityBoundingSet, config_parse_bounding_set, 0, offsetof($1, exec_context.capability_bounding_set_drop)
$1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec)
$1.NoNewPrivileges, config_parse_no_new_priviliges, 0, offsetof($1, exec_context)
$1.NoNewPrivileges, config_parse_no_new_privileges, 0, offsetof($1, exec_context)
m4_ifdef(`HAVE_SECCOMP',
`$1.SystemCallFilter, config_parse_syscall_filter, 0, offsetof($1, exec_context)
$1.SystemCallArchitectures, config_parse_syscall_archs, 0, offsetof($1, exec_context.syscall_archs)

2
src/core/load-fragment.c
View File

@ -3029,7 +3029,7 @@ int config_parse_namespace_path_strv(
return 0;
}
int config_parse_no_new_priviliges(
int config_parse_no_new_privileges(
const char* unit,
const char *filename,
unsigned line,

2
src/core/load-fragment.h
View File

@ -95,7 +95,7 @@ int config_parse_address_families(const char *unit, const char *filename, unsign
int config_parse_runtime_directory(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_set_status(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_namespace_path_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_no_new_priviliges(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_no_new_privileges(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_cpu_quota(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
/* gperf prototypes */

2
src/nspawn/nspawn.c
View File

@ -3057,7 +3057,7 @@ int main(int argc, char *argv[]) {
fds = NULL;
/* Wait until the child reported that it is ready with
* all it needs to do with priviliges. After we got
* all it needs to do with privileges. After we got
* the notification we can make the process join its
* cgroup which might limit what it can do */
eventfd_read(child_ready_fd, &x);

2
src/systemctl/systemctl.c
View File

@ -5923,7 +5923,7 @@ static int systemctl_parse_argv(int argc, char *argv[]) {
case 'r':
if (geteuid() != 0) {
log_error("--recursive requires root priviliges.");
log_error("--recursive requires root privileges.");
return -EPERM;
}

6
src/timesync/timesyncd.c
View File

@ -1141,7 +1141,7 @@ static int manager_network_monitor_listen(Manager *m) {
return 0;
}
static int drop_priviliges(void) {
static int drop_privileges(void) {
static const cap_value_t bits[] = {
CAP_SYS_TIME,
};
@ -1152,7 +1152,7 @@ static int drop_priviliges(void) {
gid_t gid;
int r;
/* Unfortunately we cannot leave privilige dropping to PID 1
/* Unfortunately we cannot leave privilege dropping to PID 1
* here, since we want to run as user but want to keep te
* CAP_SYS_TIME capability. Since file capabilities have been
* introduced this cannot be done across exec() anymore,
@ -1231,7 +1231,7 @@ int main(int argc, char *argv[]) {
umask(0022);
r = drop_priviliges();
r = drop_privileges();
if (r < 0)
goto out;