From 6634e66ded95bfe0ec0137c4a6b120ce6edcb19a Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Tue, 31 Oct 2023 17:33:29 +0100 Subject: [PATCH] core: fix a couple of typos --- src/core/exec-invoke.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c index 886e087bf0d..4cc303737e2 100644 --- a/src/core/exec-invoke.c +++ b/src/core/exec-invoke.c @@ -4532,7 +4532,7 @@ int exec_invoke( } if (needs_setuid && context->pam_name && username) { - /* Let's call into PAM after we set up our own idea of resource limits to that pam_limits + /* Let's call into PAM after we set up our own idea of resource limits so that pam_limits * wins here. (See above.) */ /* All fds passed in the fds array will be closed in the pam child process. */ @@ -4566,7 +4566,7 @@ int exec_invoke( if (needs_sandboxing && exec_context_need_unprivileged_private_users(context, params)) { /* If we're unprivileged, set up the user namespace first to enable use of the other namespaces. * Users with CAP_SYS_ADMIN can set up user namespaces last because they will be able to - * set up the all of the other namespaces (i.e. network, mount, UTS) without a user namespace. */ + * set up all of the other namespaces (i.e. network, mount, UTS) without a user namespace. */ r = setup_private_users(saved_uid, saved_gid, uid, gid); /* If it was requested explicitly and we can't set it up, fail early. Otherwise, continue and let @@ -4654,7 +4654,7 @@ int exec_invoke( } /* Drop groups as early as possible. - * This needs to be done after PrivateDevices=y setup as device nodes should be owned by the host's root. + * This needs to be done after PrivateDevices=yes setup as device nodes should be owned by the host's root. * For non-root in a userns, devices will be owned by the user/group before the group change, and nobody. */ if (needs_setuid) { _cleanup_free_ gid_t *gids_to_enforce = NULL; -- 2.47.3