From 30fd9a2dabb81cf7b65aba48b684f1178d9fd879 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 15 Feb 2023 08:00:00 +0000 Subject: treewide: fix a few typos in NEWS, docs and comments --- TODO | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'TODO') diff --git a/TODO b/TODO index 6fd21d244a..15f8c436cd 100644 --- a/TODO +++ b/TODO @@ -209,7 +209,7 @@ Features: * in journald: whenever we start a new journal file because the boot ID changed, let's generate a recognizable log record containing info about old - and new new ID. Then, when displaying log stream in journalctl look for these + and new ID. Then, when displaying log stream in journalctl look for these records, to be able to order them. * timesyncd: when saving/restoring clock try to take boot time into account. @@ -744,11 +744,11 @@ Features: protections of the root OS are weakened after interactive confirmation, to allow hackers to allow their own stuff. idea: allow entering developer mode only via explicit choice in boot menu: i.e. add explicit boot menu item for - it. when developer mode is entered generate a key pair in the TPM2, and add + it. When developer mode is entered, generate a key pair in the TPM2, and add the public part of it automatically to keychain of valid code signature keys on subsequent boots. Then provide a tool to sign code with the key in the - TPM2. Ensure that boot menu item is only way to enter developer mode, by - binding it to locality/PCRs so that that keys cannot be generated otherwise. + TPM2. Ensure that boot menu item is the only way to enter developer mode, by + binding it to locality/PCRs so that keys cannot be generated otherwise. * services: add support for cryptographically unlocking per-service directories via TPM2. Specifically, for StateDirectory= (and related dirs) use fscrypt to @@ -996,7 +996,7 @@ Features: mounted from host. maybe put this in systemd-user-sessions.service? * drop dependency on libcap, replace by direct syscalls based on - CapabilityQuintet we already have. (This likely allows us drop drop libcap + CapabilityQuintet we already have. (This likely allows us to drop libcap dep in the base OS image) * sysext: automatically activate sysext images dropped in via new sd-stub @@ -1144,7 +1144,7 @@ Features: * credentials system: - acquire from EFI variable? - - acquire via via ask-password? + - acquire via ask-password? - acquire creds via keyring? - pass creds via keyring? - pass creds via memfd? -- cgit v1.2.1