directory's lifetime is bound to the daemon runtime and that
the daemon starts up with an empty directory each time. This
is particularly useful when writing services that drop
- priviliges using the User= or Group= setting.
+ privileges using the User= or Group= setting.
* The DeviceAllow= unit setting now supports globbing for
matching against device group names.
The NTP daemon requires the "systemd-timesync" system user and
group to exist. During execution this network facing service
- will drop priviliges (with the exception of CAP_SYS_TIME) and
+ will drop privileges (with the exception of CAP_SYS_TIME) and
assume this uid/gid for security reasons.
WARNINGS:
<literal>/</literal>, i.e. must refer
to simple directories to create or
remove. This is particularly useful
- for unpriviliges daemons that cannot
+ for unprivileged daemons that cannot
create runtime directories in
<filename>/run</filename> due to lack
of privileges, and to make sure the
$1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context)
$1.CapabilityBoundingSet, config_parse_bounding_set, 0, offsetof($1, exec_context.capability_bounding_set_drop)
$1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec)
-$1.NoNewPrivileges, config_parse_no_new_priviliges, 0, offsetof($1, exec_context)
+$1.NoNewPrivileges, config_parse_no_new_privileges, 0, offsetof($1, exec_context)
m4_ifdef(`HAVE_SECCOMP',
`$1.SystemCallFilter, config_parse_syscall_filter, 0, offsetof($1, exec_context)
$1.SystemCallArchitectures, config_parse_syscall_archs, 0, offsetof($1, exec_context.syscall_archs)
return 0;
}
-int config_parse_no_new_priviliges(
+int config_parse_no_new_privileges(
const char* unit,
const char *filename,
unsigned line,
int config_parse_runtime_directory(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_set_status(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_namespace_path_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_no_new_priviliges(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+int config_parse_no_new_privileges(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_cpu_quota(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
/* gperf prototypes */
fds = NULL;
/* Wait until the child reported that it is ready with
- * all it needs to do with priviliges. After we got
+ * all it needs to do with privileges. After we got
* the notification we can make the process join its
* cgroup which might limit what it can do */
eventfd_read(child_ready_fd, &x);
case 'r':
if (geteuid() != 0) {
- log_error("--recursive requires root priviliges.");
+ log_error("--recursive requires root privileges.");
return -EPERM;
}
return 0;
}
-static int drop_priviliges(void) {
+static int drop_privileges(void) {
static const cap_value_t bits[] = {
CAP_SYS_TIME,
};
gid_t gid;
int r;
- /* Unfortunately we cannot leave privilige dropping to PID 1
+ /* Unfortunately we cannot leave privilege dropping to PID 1
* here, since we want to run as user but want to keep te
* CAP_SYS_TIME capability. Since file capabilities have been
* introduced this cannot be done across exec() anymore,
umask(0022);
- r = drop_priviliges();
+ r = drop_privileges();
if (r < 0)
goto out;