image" environments, where the machine ID shall be initialized on
first boot (as opposed to at installation time before first boot) the
machine ID is not be available at build time to name the entry
- after. In this case the the --entry-token= switch to bootctl (or the
+ after. In this case the --entry-token= switch to bootctl (or the
/etc/kernel/entry-token file) may be used to override the "token" to
identify the entry by, and use another ID, for example the IMAGE_ID=
or ID= fields from /etc/os-release. This will make the OS images
/* This TPM PCR is where we extend the kernel command line and any passed credentials here. */
#define TPM_PCR_INDEX_KERNEL_PARAMETERS 12U
-/* We used to write the the kernel command line/credentials into PCR 8, in systemd <= 250. Let's provide for
+/* We used to write the kernel command line/credentials into PCR 8, in systemd <= 250. Let's provide for
* some compatibility. (Remove in 2023!) */
#if EFI_TPM_PCR_COMPAT
#define TPM_PCR_INDEX_KERNEL_PARAMETERS_COMPAT 8U
/* Before using this key as passphrase we base64 encode it. Why? For compatibility
* with homed's PKCS#11 hookup: there we want to use the key we acquired through
* PKCS#11 for other authentication/decryption mechanisms too, and some of them do
- * not not take arbitrary binary blobs, but require NUL-terminated strings — most
+ * not take arbitrary binary blobs, but require NUL-terminated strings — most
* importantly UNIX password hashes. Hence, for compatibility we want to use a string
* without embedded NUL here too, and that's easiest to generate from a binary blob
* via base64 encoding. */
}
/* Let's start a timer to retry deactivation in 15. We'll stop the timer once we manage to deactivate
- * the home directory again, or we we start any other operation. */
+ * the home directory again, or we start any other operation. */
home_start_retry_deactivate(h);
return r;
* the unified hierarchy and the container does the same, and we did not create a scope unit for the container
* move us and the container into two separate subcgroups.
*
- * Moreover, container payloads such as systemd try to manage the cgroup they run in in full (i.e. including
+ * Moreover, container payloads such as systemd try to manage the cgroup they run in full (i.e. including
* its attributes), while the host systemd will only delegate cgroups for children of the cgroup created for a
* delegation unit, instead of the cgroup itself. This means, if we'd pass on the cgroup allocated from the
* host systemd directly to the payload, the host and payload systemd might fight for the cgroup
if (!path_is_absolute(p))
return json_log(v, flags, SYNTHETIC_ERRNO(EINVAL),
- "Path is not not absolute, refusing: %s", p);
+ "Path is not absolute, refusing: %s", p);
if (oci_exclude_mount(p))
continue;
if (!path_is_absolute(p))
return json_log(v, flags, SYNTHETIC_ERRNO(EINVAL),
- "Path is not not absolute, refusing: %s", p);
+ "Path is not absolute, refusing: %s", p);
if (oci_exclude_mount(p))
continue;
};
const NamingScheme* naming_scheme_from_name(const char *name) {
- /* "latest" may either be defined explicitly by the extra map, in which case we we will find it in
+ /* "latest" may either be defined explicitly by the extra map, in which case we will find it in
* the table like any other name. After iterating through the table, we check for "latest" again,
* which means that if not mapped explicitly, it maps to the last defined entry, whatever that is. */
* supposed to be enabled via an option set via udev rules (OPTIONS+="watch"). If we skip the
* udev rules here however (as we just said we do), we would thus never see that specific
* udev rule, and thus never turn on inotify watching. But in order to catch up eventually
- * and run them we we need the inotify watching: hence a classic chicken and egg problem.
+ * and run them we need the inotify watching: hence a classic chicken and egg problem.
*
* Our way out here: if we see the block device locked, unconditionally watch the device via
* inotify, regardless of any explicit request via OPTIONS+="watch". Thus, a device that is
def read_attr(self, link, attribute):
"""Read a link attributed from the sysfs."""
- # Note we we don't want to check if interface `link' is managed, we
+ # Note we don't want to check if interface `link' is managed, we
# want to evaluate link variable and pass the value of the link to
# assert_link_states e.g. eth0=managed.
self.assert_link_states(**{link:'managed'})
projects / thirdparty / systemd.git / commitdiff
