yet. (This feature has no security implications, because the code is
still privileged and can trivially exit the sandbox.)
- * The system manager manager will now parse a new "vmm.notify_socket"
+ * The system manager will now parse a new "vmm.notify_socket"
system credential, which may be supplied to a VM via SMBIOS. If
found, the manager will send a "READY=1" notification on the
specified socket after boot is complete. This allows readiness
with something custom, so this change has limited effect.)
* A new environment variable $SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST
- can can be used to override the mount units burst late limit for
+ can be used to override the mount units burst late limit for
parsing '/proc/self/mountinfo', which was introduced in v249.
Defaults to 5.
* A new build-time configuration setting default-user-shell= can be
used to set the default shell for user records and nspawn shell
- invocations (instead of of the default /bin/bash).
+ invocations (instead of the default /bin/bash).
* systemd-timesyncd now provides a D-Bus API for receiving NTP server
information dynamically at runtime via IPC.
now also owned by the system group "sgx".
* A new build-time meson option "extra-net-naming-schemes=" has been
- added to define additional naming schemes schemes for udev's network
+ added to define additional naming schemes for udev's network
interface naming logic. This is useful for enterprise distributions
and similar which want to pin the schemes of certain distribution
releases under a specific name and previously had to patch the
* in journald: whenever we start a new journal file because the boot ID
changed, let's generate a recognizable log record containing info about old
- and new new ID. Then, when displaying log stream in journalctl look for these
+ and new ID. Then, when displaying log stream in journalctl look for these
records, to be able to order them.
* timesyncd: when saving/restoring clock try to take boot time into account.
protections of the root OS are weakened after interactive confirmation, to
allow hackers to allow their own stuff. idea: allow entering developer mode
only via explicit choice in boot menu: i.e. add explicit boot menu item for
- it. when developer mode is entered generate a key pair in the TPM2, and add
+ it. When developer mode is entered, generate a key pair in the TPM2, and add
the public part of it automatically to keychain of valid code signature keys
on subsequent boots. Then provide a tool to sign code with the key in the
- TPM2. Ensure that boot menu item is only way to enter developer mode, by
- binding it to locality/PCRs so that that keys cannot be generated otherwise.
+ TPM2. Ensure that boot menu item is the only way to enter developer mode, by
+ binding it to locality/PCRs so that keys cannot be generated otherwise.
* services: add support for cryptographically unlocking per-service directories
via TPM2. Specifically, for StateDirectory= (and related dirs) use fscrypt to
mounted from host. maybe put this in systemd-user-sessions.service?
* drop dependency on libcap, replace by direct syscalls based on
- CapabilityQuintet we already have. (This likely allows us drop drop libcap
+ CapabilityQuintet we already have. (This likely allows us to drop libcap
dep in the base OS image)
* sysext: automatically activate sysext images dropped in via new sd-stub
* credentials system:
- acquire from EFI variable?
- - acquire via via ask-password?
+ - acquire via ask-password?
- acquire creds via keyring?
- pass creds via keyring?
- pass creds via memfd?
environment variables the credential data is not propagated down the process
tree. Instead each time a credential is accessed an access check is enforced
by the kernel. If the service is using file system namespacing the loaded
- credential data is invisible to any other services.
+ credential data is invisible to all other services.
4. Service credentials may be acquired from files on disk, specified as literal
strings in unit files, acquired from another service dynamically via an
## Network management services: `network.target`
`network.target` indicates that the network management stack has been started.
-Ordering after it it has little meaning during start-up: whether any network
+Ordering after it has little meaning during start-up: whether any network
interfaces are already configured when it is reached is not defined.
Its primary purpose is for ordering things properly at shutdown: since the
`userName` → The UNIX user name for this record. Takes a string with a valid
UNIX user name. This field is the only mandatory field, all others are
-optional. Corresponds with the `pw_name` field of of `struct passwd` and the
+optional. Corresponds with the `pw_name` field of `struct passwd` and the
`sp_namp` field of `struct spwd` (i.e. the shadow user record stored in
`/etc/shadow`). See [User/Group Name Syntax](USER_NAMES.md) for
the (relaxed) rules the various systemd components enforce on user/group names.
from the kernel entropy pool.</para></listitem>
<listitem><para>In userspace the <filename>systemd-boot-random-seed.service</filename> service updates
- the boot loader random seed with a new value derived from the kernel kernel entropy pool.</para></listitem>
+ the boot loader random seed with a new value derived from the kernel entropy pool.</para></listitem>
</orderedlist>
<para>This logic should ensure that the kernel's entropy pool is seeded during earliest bool already, if
assert_cc(sizeof(dummy_t) == 0);
-/* A little helper for subtracting 1 off a pointer in a safe UB-free way. This is intended to be used for for
+/* A little helper for subtracting 1 off a pointer in a safe UB-free way. This is intended to be used for
* loops that count down from a high pointer until some base. A naive loop would implement this like this:
*
* for (p = end-1; p >= base; p--) …
assert(path_is_absolute(simplified));
- /* Check if the symlink remain inside of of our search path.
+ /* Check if the symlink remain inside of our search path.
* If yes, it is an alias. Verify that it is valid.
*
* If no, then this is a linked unit file or mask, and we don't care about the target name
/* First, process the main (that is, points to the syspath) and (real, not symlink) devnode units. */
if (device_for_action(dev, SD_DEVICE_REMOVE))
- /* If the device is removed, the main and devnode units units will be removed by
+ /* If the device is removed, the main and devnode units will be removed by
* device_update_found_by_sysfs() in device_dispatch_io(). Hence, it is not necessary to
* store them to not_ready_units, and we have nothing to do here.
*
* on services that want to own the console exclusively without our interference. */
m->no_console_output = m->n_on_console > 0;
- /* Acknowledge the child's request, and let all all other children know too that they shouldn't wait
+ /* Acknowledge the child's request, and let all other children know too that they shouldn't wait
* any longer by closing the pipes towards them, which is what they are waiting for. */
manager_close_idle_pipe(m);
* that case the image is pre-allocated and thus appears all used from the host PoV but is not used
* up at all yet from the user's PoV.
*
- * That said, we use use the stat() reported loopback file size as upper boundary: our footprint can
+ * That said, we use the stat() reported loopback file size as upper boundary: our footprint can
* never be larger than what we take up on the lowest layers. */
if (disk_size != UINT64_MAX && disk_size > disk_free) {
BLOCK_WITH_UMASK(0000);
- /* We create the kmsg FIFO as as temporary file in /run, but immediately delete it after bind mounting it to
+ /* We create the kmsg FIFO as a temporary file in /run, but immediately delete it after bind mounting it to
* /proc/kmsg. While FIFOs on the reading side behave very similar to /proc/kmsg, their writing side behaves
* differently from /dev/kmsg in that writing blocks when nothing is reading. In order to avoid any problems
* with containers deadlocking due to this we simply make /dev/kmsg unavailable to the container. */
return r;
/* Handle each pstore file */
- /* Sort files lexigraphically ascending, generally needed by all */
+ /* Sort files lexicographically ascending, generally needed by all */
typesafe_qsort(list.entries, list.n_entries, compare_pstore_entries);
/* Process known file types */
if (!s)
return -EIO;
- /* TODO: We should eventually use use the EVP API once it supports ECDSA signature verification */
+ /* TODO: We should eventually use the EVP API once it supports ECDSA signature verification */
sig = ECDSA_SIG_new();
if (!sig)
char ***ret_files) {
/* This is similar to normalize_filenames()/normalize_names() in src/systemctl/,
- * but operates on real unit names. For each argument we we look up the actual path
+ * but operates on real unit names. For each argument we look up the actual path
* where the unit is found. This way linked units can be re-enabled successfully. */
_cleanup_strv_free_ char **files = NULL, **names = NULL;
if (i >= full_fit)
assert_se(streq(t, escaped));
else if (i >= 3) {
- /* We need up to four columns, so up to three three columns may be wasted */
+ /* We need up to four columns, so up to three columns may be wasted */
assert_se(strlen(t) == i || strlen(t) == i - 1 || strlen(t) == i - 2 || strlen(t) == i - 3);
assert_se(strneq(t, escaped, i - 3) || strneq(t, escaped, i - 4) ||
strneq(t, escaped, i - 5) || strneq(t, escaped, i - 6));
uki = UKI(opts.stub)
initrd = join_initrds(opts.initrd)
- # TODO: derive public key from from opts.pcr_private_keys?
+ # TODO: derive public key from opts.pcr_private_keys?
pcrpkey = opts.pcrpkey
if pcrpkey is None:
if opts.pcr_public_keys and len(opts.pcr_public_keys) == 1:
AgeingTimeSec=9
ForwardDelaySec=9
Priority=9
-#GroupForwardMask=9 # This interferes other other settings
+#GroupForwardMask=9 # This interferes with other settings
DefaultPVID=9
MulticastQuerier=yes
MulticastSnooping=yes
projects / thirdparty / systemd.git / commitdiff
