diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | CONTRIBUTING.md | 14 | ||||
| -rw-r--r-- | Makefile | 6 | ||||
| -rw-r--r-- | README.md | 4 | ||||
| -rw-r--r-- | cmd/fscrypt/flags.go | 2 | ||||
| -rw-r--r-- | filesystem/mountpoint.go | 2 | ||||
| -rw-r--r-- | security/cache.go | 2 | ||||
| -rw-r--r-- | security/keyring.go | 2 | ||||
| -rw-r--r-- | security/privileges.go | 4 |
9 files changed, 21 insertions, 16 deletions
@@ -6,5 +6,6 @@ bin/protoc-gen-go bin/goimports bin/megacheck bin/gocovmerge +bin/misspell *coverage.out .vscode diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0b9f168..f516829 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -45,7 +45,7 @@ Be sure to correctly tag your issue. The usage for the tags is as follows: * Unclear or ambiguous error messages * `enhancement` - Things you want in fscrypt * `question` - You don't know how something works with fscrypt - * This usally turns into a `documentation` issue. + * This usually turns into a `documentation` issue. * `testing` - Strange test failures or missing tests ## Submitting a Change to fscrypt @@ -64,7 +64,7 @@ checks you should make sure that in your submission: - If you made any changes to files ending in `.proto`, the corresponding `.pb.go` files should be regenerated with `make gen`. - Any issues found by `make lint` have been addressed. -- If any dependancies have changed, run `go mod tidy` and `go mod vendor`. +- If any dependencies have changed, run `go mod tidy` and `go mod vendor`. - `make coverage.out` can be used to generate a coverage report for all of the tests, but isn't required for submission (ideally most code would be tested, we are far from that ideal). @@ -98,8 +98,8 @@ make test MOUNT=/foo/bar ``` Otherwise, you can use the `make test-setup`/`make test-teardown` commands to -create/destory a test filesystem for running integration tests. By default, a -filesystem will be created (then destoryed) at `/tmp/fscrypt-mount` (using an +create/destroy a test filesystem for running integration tests. By default, a +filesystem will be created (then destroyed) at `/tmp/fscrypt-mount` (using an image file at `/tmp/fscrypt-image`). To create/test/destroy a filesystem at a custom mountpoint `/foo/bar`, run: ```bash @@ -114,13 +114,13 @@ test filesystem. ### Changing dependencies -fscrypt's dependancies are managed using the [Go 1.11 module system](https://github.com/golang/go/wiki/Modules). +fscrypt's dependencies are managed using the [Go 1.11 module system](https://github.com/golang/go/wiki/Modules). If you add or remove a dependency, be sure to update `go.mod`, `go.sum`, and the `vendor/` directory by running `go mod tidy` and `go mod vendor`. fscrypt still -vendor's it's dependancies for compatiblity with older users, but this will +vendor's it's dependencies for compatibility with older users, but this will probobly be removed once the module system becomes widespread. -Also, when adding a dependancy, the license of the package must be compatible +Also, when adding a dependency, the license of the package must be compatible with [Apache 2.0](https://www.apache.org/licenses/LICENSE-2.0). See the [FSF's article](https://www.gnu.org/licenses/license-list.html) for more information. This (unfortunately) means we cannot use external packages under @@ -102,6 +102,7 @@ lint: $(BIN)/golint $(BIN)/megacheck go vet ./... go list ./... | xargs -L1 golint -set_exit_status megacheck -unused.exported -simple.exit-non-zero ./... + misspell -source=text $(FILES) clean: rm -f $(BIN)/$(NAME) $(PAM_MODULE) $(TOOLS) coverage.out $(COVERAGE_FILES) @@ -162,7 +163,7 @@ uninstall: rm -f $(DESTDIR)/$(NAME) $(PAM_MODULE_DIR)/$(PAM_MODULE) $(PAM_CONFIG_DIR)/$(NAME) #### Tool Building Commands #### -TOOLS := $(addprefix $(BIN)/,protoc golint protoc-gen-go goimports megacheck gocovmerge) +TOOLS := $(addprefix $(BIN)/,protoc golint protoc-gen-go goimports megacheck gocovmerge misspell) .PHONY: tools tools: $(TOOLS) @@ -181,6 +182,9 @@ $(BIN)/megacheck: $(BIN)/gocovmerge: GO111MODULE=off go get github.com/wadey/gocovmerge GO111MODULE=off go build -o $@ github.com/wadey/gocovmerge +$(BIN)/misspell: + GO111MODULE=off go get github.com/client9/misspell + GO111MODULE=off go build -o $@ github.com/client9/misspell/cmd/misspell # Non-go tools downloaded from appropriate repository PROTOC_VERSION := 3.6.1 @@ -570,7 +570,7 @@ To trigger a password authentication event, run `su $(whoami) -c exit`. Getting this error on an ext4 system usually means the filesystem has not been setup for encryption. The only other way to get this error is if filesystem -encryption has been explictly disabled in the kernel config. +encryption has been explicitly disabled in the kernel config. __IMPORTANT:__ Before enabling encryption on an ext4 filesystem __ALL__ of the following should be true: @@ -600,7 +600,7 @@ Note: It is actually possible to get GRUB to boot an encrypted ext4 filesystem. However, it requires GRUB 2.02 (__NOT__ the 2.02 beta) to be installed as the bootloader. As this version was released in April 2017, most systems __WILL FAIL TO BOOT__ with an ext4 encrypted boot directory. Note that this is only -relevant to systems without a seperate boot partition. Sytems with `/boot` on +relevant to systems without a separate boot partition. Sytems with `/boot` on a different partition than the one being encrypted (including all UEFI systems) are not effected by this. diff --git a/cmd/fscrypt/flags.go b/cmd/fscrypt/flags.go index 5137eff..a7992d3 100644 --- a/cmd/fscrypt/flags.go +++ b/cmd/fscrypt/flags.go @@ -210,7 +210,7 @@ var ( userFlag = &stringFlag{ Name: "user", ArgName: "USERNAME", - Usage: `Specifiy which user should be used for login passphrases + Usage: `Specify which user should be used for login passphrases or to which user's keyring keys should be provisioned.`, } protectorFlag = &stringFlag{ diff --git a/filesystem/mountpoint.go b/filesystem/mountpoint.go index 12016dd..991a573 100644 --- a/filesystem/mountpoint.go +++ b/filesystem/mountpoint.go @@ -207,7 +207,7 @@ func GetMount(mountpoint string) (*Mount, error) { // getMountsFromLink returns the Mount objects which match the provided link. // This link if formatted as a tag (e.g. <token>=<value>) similar to how they // apprear in "/etc/fstab". Currently, only "UUID" tokens are supported. Note -// that this can match multiple Mounts (due to the existance of bind mounts). An +// that this can match multiple Mounts (due to the existence of bind mounts). An // error is returned if the link is invalid or we cannot load the required mount // data. If a filesystem has been updated since the last call to one of the // mount functions, run UpdateMountInfo to see the change. diff --git a/security/cache.go b/security/cache.go index d0c60b1..fd22e15 100644 --- a/security/cache.go +++ b/security/cache.go @@ -43,7 +43,7 @@ func DropFilesystemCache() error { defer file.Close() // "2" just frees the reclaimable inodes and dentries, the associated // pages to these inodes will be freed. We do not need to free the - // entire pagecache (as this will severly impact performance). + // entire pagecache (as this will severely impact performance). _, err = file.WriteString("2") return err } diff --git a/security/keyring.go b/security/keyring.go index c4603bc..69ed38b 100644 --- a/security/keyring.go +++ b/security/keyring.go @@ -148,7 +148,7 @@ func userKeyringIDLookup(uid int) (keyringID int, err error) { // Our goals here are to: // - Find the user keyring (for the provided uid) // - Link it into the current process keyring (so we can use it) - // - Make no permenant changes to the process privileges + // - Make no permanent changes to the process privileges // Complicating this are the facts that: // - The value of KEY_SPEC_USER_KEYRING is determined by the ruid // - Keyring linking permissions use the euid diff --git a/security/privileges.go b/security/privileges.go index c9bfde7..649bc30 100644 --- a/security/privileges.go +++ b/security/privileges.go @@ -93,7 +93,7 @@ func ProcessPrivileges() (*Privileges, error) { return &Privileges{euid, egid, groups}, nil } -// UserPrivileges returns the defualt privileges for the specified user. +// UserPrivileges returns the default privileges for the specified user. func UserPrivileges(user *user.User) (*Privileges, error) { privs := &Privileges{ euid: C.uid_t(util.AtoiOrPanic(user.Uid)), @@ -122,7 +122,7 @@ func SetProcessPrivileges(privs *Privileges) error { // the groups/egid/euid, regardless of our original euid. C.seteuid(0) - // Seperately handle the case where the user is in no groups. + // Separately handle the case where the user is in no groups. numGroups := C.size_t(len(privs.groups)) groupsPtr := (*C.gid_t)(nil) if numGroups > 0 { |