Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/policy/modules
diff options
context:
space:
mode:
Diffstat (limited to 'policy/modules')
-rw-r--r--policy/modules/admin/dphysswapfile.if2
-rw-r--r--policy/modules/admin/firstboot.if4
-rw-r--r--policy/modules/apps/cryfs.te2
-rw-r--r--policy/modules/kernel/corecommands.if6
-rw-r--r--policy/modules/kernel/corenetwork.if.in2
-rw-r--r--policy/modules/kernel/devices.fc2
-rw-r--r--policy/modules/kernel/domain.if8
-rw-r--r--policy/modules/kernel/files.if20
-rw-r--r--policy/modules/kernel/files.te2
-rw-r--r--policy/modules/kernel/filesystem.if2
-rw-r--r--policy/modules/kernel/kernel.if8
-rw-r--r--policy/modules/kernel/kernel.te2
-rw-r--r--policy/modules/kernel/mls.if2
-rw-r--r--policy/modules/kernel/storage.if2
-rw-r--r--policy/modules/kernel/terminal.if2
-rw-r--r--policy/modules/roles/guest.if2
-rw-r--r--policy/modules/roles/xguest.if2
-rw-r--r--policy/modules/services/apache.te2
-rw-r--r--policy/modules/services/couchdb.te2
-rw-r--r--policy/modules/services/cron.if2
-rw-r--r--policy/modules/services/mailman.if2
-rw-r--r--policy/modules/services/nis.if2
-rw-r--r--policy/modules/services/oddjob.if2
-rw-r--r--policy/modules/services/rhsmcertd.if2
-rw-r--r--policy/modules/services/ricci.if2
-rw-r--r--policy/modules/services/shibboleth.if2
-rw-r--r--policy/modules/system/application.if2
-rw-r--r--policy/modules/system/authlogin.if6
-rw-r--r--policy/modules/system/iptables.te2
-rw-r--r--policy/modules/system/logging.if2
-rw-r--r--policy/modules/system/systemd.if2
-rw-r--r--policy/modules/system/systemd.te2
32 files changed, 52 insertions, 52 deletions
diff --git a/policy/modules/admin/dphysswapfile.if b/policy/modules/admin/dphysswapfile.if
index c39464e41..e445069d1 100644
--- a/policy/modules/admin/dphysswapfile.if
+++ b/policy/modules/admin/dphysswapfile.if
@@ -2,7 +2,7 @@
########################################
## <summary>
-## Dontaudit acces to the swap file.
+## Dontaudit access to the swap file.
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/admin/firstboot.if b/policy/modules/admin/firstboot.if
index 280f875f0..e575eafa5 100644
--- a/policy/modules/admin/firstboot.if
+++ b/policy/modules/admin/firstboot.if
@@ -120,7 +120,7 @@ interface(`firstboot_rw_pipes',`
########################################
## <summary>
-## Do not audit attemps to read and
+## Do not audit attempts to read and
## write firstboot unnamed pipes.
## </summary>
## <param name="domain">
@@ -139,7 +139,7 @@ interface(`firstboot_dontaudit_rw_pipes',`
########################################
## <summary>
-## Do not audit attemps to read and
+## Do not audit attempts to read and
## write firstboot unix domain
## stream sockets.
## </summary>
diff --git a/policy/modules/apps/cryfs.te b/policy/modules/apps/cryfs.te
index 3c02318c7..72d3393d1 100644
--- a/policy/modules/apps/cryfs.te
+++ b/policy/modules/apps/cryfs.te
@@ -21,7 +21,7 @@ allow cryfs_t self:capability { dac_read_search sys_admin };
allow cryfs_t self:process { getsched signal };
allow cryfs_t self:fifo_file rw_fifo_file_perms;
-# CryFS 0.9.10 can check for updates everytime it runs, if it is not compiled with CRYFS_NO_UPDATE_CHECKS (option -DCRYFS_UPDATE_CHECKS=off).
+# CryFS 0.9.10 can check for updates every time it runs, if it is not compiled with CRYFS_NO_UPDATE_CHECKS (option -DCRYFS_UPDATE_CHECKS=off).
# When update checks are disabled (for example with Debian package), libcurl is nonetheless initialized.
# curl_global_init() calls Curl_ipv6works(), which uses socket(PF_INET6, SOCK_DGRAM, 0) to check for IPv6 support.
# Hide this useless access.
diff --git a/policy/modules/kernel/corecommands.if b/policy/modules/kernel/corecommands.if
index cea4e7b7f..b6d972303 100644
--- a/policy/modules/kernel/corecommands.if
+++ b/policy/modules/kernel/corecommands.if
@@ -11,7 +11,7 @@
########################################
## <summary>
## Make the specified type usable for files
-## that are exectuables, such as binary programs.
+## that are executables, such as binary programs.
## This does not include shared libraries.
## </summary>
## <param name="type">
@@ -32,7 +32,7 @@ interface(`corecmd_executable_file',`
########################################
## <summary>
-## Make general progams in bin an entrypoint for
+## Make general programs in bin an entrypoint for
## the specified domain.
## </summary>
## <param name="domain">
@@ -303,7 +303,7 @@ interface(`corecmd_read_bin_sockets',`
## </p>
## <p>
## Typically, this interface should be used when the domain
-## executes general system progams within the privileges
+## executes general system programs within the privileges
## of the source domain. Some examples of these programs
## are ls, cp, sed, python, and tar. This does not include
## shells, such as bash.
diff --git a/policy/modules/kernel/corenetwork.if.in b/policy/modules/kernel/corenetwork.if.in
index d8ad6aed5..7b77d8d85 100644
--- a/policy/modules/kernel/corenetwork.if.in
+++ b/policy/modules/kernel/corenetwork.if.in
@@ -2757,7 +2757,7 @@ interface(`corenet_dontaudit_raw_recvfrom_unlabeled',`
## Allow the specified domain to receive packets from an
## unlabeled connection. On machines that do not utilize
## labeled networking, this will be required on all
-## networking domains. On machines tha do utilize
+## networking domains. On machines that do utilize
## labeled networking, this will be required for any
## networking domain that is allowed to receive
## network traffic that does not have a label.
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 0242cb5e5..a167126da 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -211,7 +211,7 @@ ifdef(`distro_debian',`
/etc/udev/devices -d gen_context(system_u:object_r:device_t,s0)
-# used by init scripts to initally populate udev /dev
+# used by init scripts to initially populate udev /dev
/usr/lib/udev/devices(/.*)? gen_context(system_u:object_r:device_t,s0)
/usr/lib/udev/devices/lp.* -c gen_context(system_u:object_r:printer_device_t,s0)
/usr/lib/udev/devices/null -c gen_context(system_u:object_r:null_device_t,s0)
diff --git a/policy/modules/kernel/domain.if b/policy/modules/kernel/domain.if
index 4d805da88..9e691a6d9 100644
--- a/policy/modules/kernel/domain.if
+++ b/policy/modules/kernel/domain.if
@@ -185,7 +185,7 @@ interface(`domain_dyntrans_type',`
########################################
## <summary>
-## Makes caller and execption to the constraint
+## Makes caller and exception to the constraint
## preventing changing to the system user
## identity and system role.
## </summary>
@@ -1040,7 +1040,7 @@ interface(`domain_dontaudit_rw_all_udp_sockets',`
########################################
## <summary>
-## Do not audit attempts to get attribues of
+## Do not audit attempts to get attributes of
## all domains IPSEC key management sockets.
## </summary>
## <param name="domain">
@@ -1059,7 +1059,7 @@ interface(`domain_dontaudit_getattr_all_key_sockets',`
########################################
## <summary>
-## Do not audit attempts to get attribues of
+## Do not audit attempts to get attributes of
## all domains packet sockets.
## </summary>
## <param name="domain">
@@ -1078,7 +1078,7 @@ interface(`domain_dontaudit_getattr_all_packet_sockets',`
########################################
## <summary>
-## Do not audit attempts to get attribues of
+## Do not audit attempts to get attributes of
## all domains raw sockets.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index bace73fc9..6105cdb28 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -5910,7 +5910,7 @@ interface(`files_read_var_lib_symlinks',`
')
# cjp: the next two interfaces really need to be fixed
-# in some way. They really neeed their own types.
+# in some way. They really need their own types.
########################################
## <summary>
@@ -7032,7 +7032,7 @@ interface(`files_manage_all_runtime_dirs',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7153,7 +7153,7 @@ interface(`files_delete_all_runtime_files',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7209,7 +7209,7 @@ interface(`files_delete_all_runtime_symlinks',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7227,7 +7227,7 @@ interface(`files_manage_all_runtime_symlinks',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7319,7 +7319,7 @@ interface(`files_delete_all_runtime_sockets',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7474,7 +7474,7 @@ interface(`files_delete_all_pid_dirs',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7491,7 +7491,7 @@ interface(`files_manage_all_pids',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7506,7 +7506,7 @@ interface(`files_relabel_all_pid_dirs',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -7521,7 +7521,7 @@ interface(`files_relabel_all_pid_sock_files',`
## </summary>
## <param name="domain">
## <summary>
-## Domain alloed access.
+## Domain allowed access.
## </summary>
## </param>
#
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 1bb1ad49c..069d5e197 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -168,7 +168,7 @@ type var_lib_t;
files_mountpoint(var_lib_t)
#
-# var_lock_t is tye type of /var/lock
+# var_lock_t is the type of /var/lock
#
type var_lock_t;
files_lock_file(var_lock_t)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 7b9973b5e..0fb322ffc 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -1529,7 +1529,7 @@ interface(`fs_manage_noxattr_fs_symlinks',`
########################################
## <summary>
-## Relabel all objets from filesystems that
+## Relabel all objects from filesystems that
## do not support extended attributes.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 2e915da3e..48c035df9 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -1251,7 +1251,7 @@ interface(`kernel_rw_software_raid_state',`
########################################
## <summary>
-## Allows caller to get attribues of core kernel interface.
+## Allows caller to get attributes of core kernel interface.
## </summary>
## <param name="domain">
## <summary>
@@ -2270,7 +2270,7 @@ interface(`kernel_read_fs_sysctls',`
########################################
## <summary>
-## Read and write fileystem sysctls.
+## Read and write filesystem sysctls.
## </summary>
## <param name="domain">
## <summary>
@@ -3258,7 +3258,7 @@ interface(`kernel_relabelfrom_unlabeled_chr_devs',`
## unlabeled IPSEC association. Network
## connections that are not protected
## by IPSEC have use an unlabeled
-## assocation.
+## association.
## </p>
## <p>
## The corenetwork interface
@@ -3291,7 +3291,7 @@ interface(`kernel_sendrecv_unlabeled_association',`
## from an unlabeled IPSEC association. Network
## connections that are not protected
## by IPSEC have use an unlabeled
-## assocation.
+## association.
## </p>
## <p>
## The corenetwork interface
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 1a77ab066..ca1806900 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -517,7 +517,7 @@ if( ! secure_mode_insmod ) {
########################################
#
-# Rules for unconfined acccess to this module
+# Rules for unconfined access to this module
#
allow kern_unconfined proc_type:dir { manage_dir_perms relabelfrom relabelto append map execute quotaon mounton audit_access execmod watch };
diff --git a/policy/modules/kernel/mls.if b/policy/modules/kernel/mls.if
index c11c7b954..ad88899a1 100644
--- a/policy/modules/kernel/mls.if
+++ b/policy/modules/kernel/mls.if
@@ -828,7 +828,7 @@ interface(`mls_fd_use_all_levels',`
########################################
## <summary>
## Make the file descriptors from the
-## specifed domain inheritable by
+## specified domain inheritable by
## all levels.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/storage.if b/policy/modules/kernel/storage.if
index 6dec6b757..2898214e4 100644
--- a/policy/modules/kernel/storage.if
+++ b/policy/modules/kernel/storage.if
@@ -534,7 +534,7 @@ interface(`storage_write_scsi_generic',`
########################################
## <summary>
## Set attributes of the device nodes
-## for the SCSI generic inerface.
+## for the SCSI generic interface.
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index 4bd4884f8..43c93e449 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -323,7 +323,7 @@ interface(`term_use_console',`
########################################
## <summary>
-## Do not audit attemtps to read from
+## Do not audit attempts to read from
## or write to the console.
## </summary>
## <param name="domain">
diff --git a/policy/modules/roles/guest.if b/policy/modules/roles/guest.if
index ad1653f9a..15ac65a12 100644
--- a/policy/modules/roles/guest.if
+++ b/policy/modules/roles/guest.if
@@ -1,4 +1,4 @@
-## <summary>Least privledge terminal user role.</summary>
+## <summary>Least privilege terminal user role.</summary>
########################################
## <summary>
diff --git a/policy/modules/roles/xguest.if b/policy/modules/roles/xguest.if
index 4f1d07d71..4d91fa9d6 100644
--- a/policy/modules/roles/xguest.if
+++ b/policy/modules/roles/xguest.if
@@ -1,4 +1,4 @@
-## <summary>Least privledge xwindows user role.</summary>
+## <summary>Least privilege xwindows user role.</summary>
########################################
## <summary>
diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
index 78080e764..9199b8520 100644
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@@ -108,7 +108,7 @@ gen_tunable(httpd_dbus_avahi, false)
## <desc>
## <p>
-## Determine wether httpd can use support.
+## Determine whether httpd can use support.
## </p>
## </desc>
gen_tunable(httpd_enable_cgi, false)
diff --git a/policy/modules/services/couchdb.te b/policy/modules/services/couchdb.te
index 3277858f3..8de70d489 100644
--- a/policy/modules/services/couchdb.te
+++ b/policy/modules/services/couchdb.te
@@ -104,7 +104,7 @@ miscfiles_read_localization(couchdb_t)
#
# this is a complete policy. It processes the javascript
-# ouside the main process, passing data via FIFO.
+# outside the main process, passing data via FIFO.
allow couchdb_js_t self:process { execmem getsched setsched };
files_read_usr_files(couchdb_js_t)
diff --git a/policy/modules/services/cron.if b/policy/modules/services/cron.if
index a774c5b8a..4fb832ffa 100644
--- a/policy/modules/services/cron.if
+++ b/policy/modules/services/cron.if
@@ -296,7 +296,7 @@ interface(`cron_admin_role',`
########################################
## <summary>
## Make the specified program domain
-## accessable from the system cron jobs.
+## accessible from the system cron jobs.
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/services/mailman.if b/policy/modules/services/mailman.if
index 52e37149c..235be33c2 100644
--- a/policy/modules/services/mailman.if
+++ b/policy/modules/services/mailman.if
@@ -113,7 +113,7 @@ interface(`mailman_domtrans_cgi',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowd access.
+## Domain allowed access.
## </summary>
## </param>
#
diff --git a/policy/modules/services/nis.if b/policy/modules/services/nis.if
index e258da0ef..4c6724b57 100644
--- a/policy/modules/services/nis.if
+++ b/policy/modules/services/nis.if
@@ -69,7 +69,7 @@ interface(`nis_use_ypbind_uncond',`
## <p>
## Allow the specified domain to use the ypbind service
## to access Network Information Service (NIS) services.
-## Information that can be retreived from NIS includes
+## Information that can be retrieved from NIS includes
## usernames, passwords, home directories, and groups.
## If the network is configured to have a single sign-on
## using NIS, it is likely that any program that does
diff --git a/policy/modules/services/oddjob.if b/policy/modules/services/oddjob.if
index baa890a94..48ed905d3 100644
--- a/policy/modules/services/oddjob.if
+++ b/policy/modules/services/oddjob.if
@@ -22,7 +22,7 @@ interface(`oddjob_domtrans',`
########################################
## <summary>
## Make the specified program domain
-## accessable from the oddjob.
+## accessible from the oddjob.
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/services/rhsmcertd.if b/policy/modules/services/rhsmcertd.if
index 9d876e40f..dbc8a61c0 100644
--- a/policy/modules/services/rhsmcertd.if
+++ b/policy/modules/services/rhsmcertd.if
@@ -179,7 +179,7 @@ interface(`rhsmcertd_manage_lib_dirs',`
########################################
## <summary>
-## Read rhsmcertd pid files. (Deprectated)
+## Read rhsmcertd pid files. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/services/ricci.if b/policy/modules/services/ricci.if
index be70502e6..3e828adc2 100644
--- a/policy/modules/services/ricci.if
+++ b/policy/modules/services/ricci.if
@@ -61,7 +61,7 @@ interface(`ricci_dontaudit_use_modcluster_fds',`
########################################
## <summary>
## Do not audit attempts to read write
-## ricci modcluster unamed pipes.
+## ricci modcluster unnamed pipes.
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/services/shibboleth.if b/policy/modules/services/shibboleth.if
index 93929c342..f9415233f 100644
--- a/policy/modules/services/shibboleth.if
+++ b/policy/modules/services/shibboleth.if
@@ -1,4 +1,4 @@
-## <summary>Shibboleth authentication deamon</summary>
+## <summary>Shibboleth authentication daemon</summary>
########################################
## <summary>
diff --git a/policy/modules/system/application.if b/policy/modules/system/application.if
index 1b6619e64..29c9b3ed1 100644
--- a/policy/modules/system/application.if
+++ b/policy/modules/system/application.if
@@ -24,7 +24,7 @@ interface(`application_type',`
########################################
## <summary>
## Make the specified type usable for files
-## that are exectuables, such as binary programs.
+## that are executables, such as binary programs.
## This does not include shared libraries.
## </summary>
## <param name="type">
diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index ff80a980b..c25fe5ec7 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -1105,7 +1105,7 @@ interface(`auth_read_pam_pid',`
#######################################
## <summary>
-## Do not audit attemps to read PAM PID files. (Deprecated)
+## Do not audit attempts to read PAM PID files. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -1248,7 +1248,7 @@ interface(`auth_read_pam_runtime_files',`
#######################################
## <summary>
-## Do not audit attemps to read PAM runtime files.
+## Do not audit attempts to read PAM runtime files.
## </summary>
## <param name="domain">
## <summary>
@@ -1561,7 +1561,7 @@ interface(`auth_run_utempter',`
#######################################
## <summary>
-## Do not audit attemps to execute utempter executable.
+## Do not audit attempts to execute utempter executable.
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te
index 9ff383e4b..cfe7c25b2 100644
--- a/policy/modules/system/iptables.te
+++ b/policy/modules/system/iptables.te
@@ -146,6 +146,6 @@ optional_policy(`
optional_policy(`
udev_read_db(iptables_t)
- # this is for iptables_t to inherit a file hande from xen vif-bridge
+ # this is for iptables_t to inherit a file handle from xen vif-bridge
udev_manage_runtime_files(iptables_t)
')
diff --git a/policy/modules/system/logging.if b/policy/modules/system/logging.if
index a2275df92..ff5f9bef3 100644
--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
@@ -1016,7 +1016,7 @@ interface(`logging_dontaudit_getattr_all_logs',`
########################################
## <summary>
-## Read the atttributes of any log file
+## Read the attributes of any log file
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index b81300835..262c26d18 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -51,7 +51,7 @@ template(`systemd_role_template',`
allow $3 systemd_user_runtime_notify_t:sock_file { manage_sock_file_perms relabel_sock_file_perms };
# This domain is per-role because of the below transitions.
- # See the sytemd --user section of systemd.te for the
+ # See the systemd --user section of systemd.te for the
# remainder of the rules.
allow $1_systemd_t $3:process { setsched rlimitinh };
corecmd_shell_domtrans($1_systemd_t, $3)
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 136990d08..2d02477cc 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -480,7 +480,7 @@ optional_policy(`
######################################
#
-# systemd log parse enviroment
+# systemd log parse environment
#
# Do not audit setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, ...) failure (e.g. when using create_log_socket() internal function)