From: Dmitry Eremin-Solenikov <dbaryshkov@xxxxxxxxx> Fix several misspellings noted by lintian. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@xxxxxxxxx> --- README | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/README b/README index 3603ae8..1a3ef02 100644 --- a/README +++ b/README @@ -75,7 +75,7 @@ The evmctl utility is used for producing and verifying digital signatures, which are used by the Linux kernel integrity subsystem. It is also used for importing keys into the kernel keyring. -Linux integrity subsystem allows to use IMA and EVM signatures. EVM signature +Linux integrity subsystem allows one to use IMA and EVM signatures. EVM signature protects file metadata, such as file attributes and extended attributes. IMA signature protects file content. @@ -96,8 +96,8 @@ extended attributes. Kernel configuration option CONFIG_EVM_ATTR_FSUUID controls whether to include filesystem UUID into HMAC and enabled by default. Therefore evmctl also includes -fsuuid by default. Providing '--uuid' option without parameter allows to disable -usage of fs uuid. Providing '--uuid=UUID' option with parameter allows to use +fsuuid by default. Providing '--uuid' option without parameter allows one to disable +usage of fs uuid. Providing '--uuid=UUID' option with parameter allows one to use custom UUID. Providing the '--portable' option will disable usage of the fs uuid and also the inode number and generation. @@ -127,7 +127,7 @@ Integrity keyrings Integrity subsystem uses dedicated IMA/EVM keyrings to search for signature verification keys - '_ima' and '_evm' respectively. -Since 3.13 IMA allows to declare IMA keyring as trusted. It allows only to load keys, +Since 3.13 IMA allows one to declare IMA keyring as trusted. It allows only to load keys, signed by a key from the system keyring (.system). It means self-signed keys are not allowed. This is a default behavior unless CONFIG_IMA_TRUSTED_KEYRING is undefined. IMA trusted keyring is has different name '.ima'. Trusted keyring requires X509 @@ -189,7 +189,7 @@ asymmetric keys support: Configuration file x509_evm.genkey: - # Begining of the file + # Beginning of the file [ req ] default_bits = 1024 distinguished_name = req_distinguished_name @@ -240,7 +240,7 @@ following steps: Configuration file ima-local-ca.genkey: - # Begining of the file + # Beginning of the file [ req ] default_bits = 2048 distinguished_name = req_distinguished_name @@ -271,7 +271,7 @@ Produce X509 in DER format for using while building the kernel: Configuration file ima.genkey: - # Begining of the file + # Beginning of the file [ req ] default_bits = 1024 distinguished_name = req_distinguished_name @@ -405,7 +405,7 @@ When using plain RSA public keys in PEM format, use 'evmctl import --rsa' for im evmctl import --rsa /etc/keys/pubkey_evm.pem $evm_id -Latest version of keyctl allows to import X509 public key certificates: +Latest version of keyctl allows one to import X509 public key certificates: cat /etc/keys/x509_ima.der | keyctl padd asymmetric '' $ima_id @@ -437,5 +437,5 @@ COPYING ------- Copyright \(C) 2012 - 2014 Linux Integrity Project. Free use of this software is granted under -the terms of the GNU Public License (GPL). +the terms of the GNU General Public License (GPL).