Merge pull request #1070 from jsoref/spelling

Spelling improvements

14 files changed, 41 insertions, 41 deletions

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8a9cd525..85b06981 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -46,7 +46,7 @@
 - CRYP-7902 - Added support for certificates in DER format
 - CRYP-7931 - Added data to report
 - CRYP-7931 - Redirect errors (e.g. when swap is not encrypted)
-- FILE-6430 - Don't grep nonexistant modprobe.d files
+- FILE-6430 - Don't grep nonexistent modprobe.d files
 - FIRE-4535 - Set initial firewall state
 - INSE-8312 - Corrected text on screen
 - KRNL-5728 - Handle zipped kernel configuration correctly
@@ -164,7 +164,7 @@ Using the relevant options, the scan will change base on the intended goal.
 - AUTH-9268 - Perform test also on DragonFly, FreeBSD, and NetBSD
 - AUTH-9282 - fix: temporary variable was overwritten
 - AUTH-9408 - added support for pam_tally2 to log failed logins
-- AUTH-9489 - test removedd as it is merged with AUTH-9218
+- AUTH-9489 - test removed as it is merged with AUTH-9218
 - BANN-7126 - additional words for login banner are accepted
 - BOOT-5122 - check for defined password in all GRUB configuration files
 - CONT-8106 - support newer 'docker info' output
@@ -450,7 +450,7 @@ Tests:
 * [AUTH-9308] - Made 'sulogin' more generic for systemd rescue shell
 * [DNS-1600]  - Initial work on DNSSEC validation testing
 * [NETW-2704] - Added support for local resolver 127.0.0.53
-* [PHP-2379]  - Suhosin test disbled
+* [PHP-2379]  - Suhosin test disabled
 * [SSH-7408]  - Removed 'DELAYED' from OpenSSH Compression setting
 * [TIME-3160] - Improvements to detect step-tickers file and entries
 
@@ -697,7 +697,7 @@ Changes:
 * Renamed some variables to better indicate their purpose (counting, data type)
 * Removal of unused code and comments
 * Deleted unused tests from database file
-* Correct levels of identation
+* Correct levels of indentation
 * Support for older mac OS X versions (Lion and Mountain Lion)
 * Initialized variables for more binaries
 * Additional sysctls are tested
@@ -1358,7 +1358,7 @@ Functions
 * AddSetting            - New function to store settings (lynis show settings)
 * ContainsString        - New function to search for a string in another one
 * Display               - Added --debug, showing details on screen in debug mode
-                        - Reset identation for lines which are too long
+                        - Reset indentation for lines which are too long
 * DisplayToolTip        - New function to display tooltips
 * IsDebug               - Check for usage of --debug
 * IsDeveloperMode       - Status for development and debugging (--developer)
@@ -1431,7 +1431,7 @@ release.
 ------------
 The biggest change in this release is the optimization of several functions. It
 allows for better detection, and dealing with the quirks, of every single
-operating system. Some functions were fortified to handle unexcepted results
+operating system. Some functions were fortified to handle unexpected results
 better, like missing a particular binary, or not returning the hostname.
 
 This release also enables tests to be shorter, by adding new functions. Some
@@ -1709,7 +1709,7 @@ Added tests for CSF's lfd utility for integrity monitoring on directories and
 files. Related tests are FINT-4334 and FINT-4336.
 
 Added support for Chrony time daemon and timesync daemon. Additionally NTP
-sychronization status is checked when it is enabled.
+synchronization status is checked when it is enabled.
 
 Improved single user mode protection on the rescue.service file.
 
@@ -2291,7 +2291,7 @@ Lynis 1.4.2 (2014-02-19)
  Changes:
  - Ignore interfaces aliases for HostID
  - Extended umask tests with pam_umask entries [AUTH-9328]
- - Check for supressed version on Squid [SQD-3680]
+ - Check for suppressed version on Squid [SQD-3680]
 
 ---------------------------------------------------------------------------------
 
@@ -2304,7 +2304,7 @@ Lynis 1.4.1 (2014-02-15)
  - Added 64 bits locations for Apache modules
  - Add start of new category to logfile
  - Extended sysstat test with /etc/cron.d/sysstat [ACCT-9626]
- - Extended cron job tests with entries start with asterix (*) [SCHD-7704]
+ - Extended cron job tests with entries start with asterisk (*) [SCHD-7704]
  - Additional check for multiple umask entries (like RHEL 6.x) [AUTH-9328]
  - Adjusted PHP test for register_globals (explicit test) [PHP-2368]
  - Small adjustments for upcoming plugin support
@@ -2431,7 +2431,7 @@ Lynis 1.3.6 (2013-12-03)
  - Adjusted PHP check to find ini files [PHP-2211]
  - Skip Apache test for NetBSD [HTTP-6622]
  - Skip test http version check for NetBSD [HTTP-6624]
- - Additional check to supress sort error [HTTP-6626]
+ - Additional check to suppress sort error [HTTP-6626]
  - Improved the way binaries are checked (less disk reads)
  - Adjusted ReportWarning() function to skip impact rating
  - Improved report on screen by leaving out date/time and type
@@ -2467,7 +2467,7 @@ Lynis 1.3.5 (2013-11-19)
  - Added suggestion about BIND version [NAME-4210]
  - Merged test NTP daemon test TIME-3108 into TIME-3104
  - Improved support for Arch Linux (output, detection)
- - Extended common list of directories with SSL certifcates in profile
+ - Extended common list of directories with SSL certificates in profile
  - New function GetHostID() to determine an unique identifier of the machine
  - Added a tests_custom file template
  - Perform file permissions test on tests_custom file
@@ -2510,7 +2510,7 @@ Lynis 1.3.3 (2013-10-24)
 Lynis 1.3.2 (2013-10-09)
 
  New:
- - Test for PowerDNS authoritive servers (master/slave status) [NAME-4238]
+ - Test for PowerDNS authoritative servers (master/slave status) [NAME-4238]
 
  Changes:
  - CUPS test extended with hardening rules [PRNT-2308]
@@ -2557,7 +2557,7 @@ Lynis 1.3.0 (2011-12-25)
  - Fixed incorrect warning for single user mode [AUTH-9308]
  - Improved output for stratum 16 time servers [TIME-3116]
  - Added suggestion and screen output for kernel hardening [KRNL-6000]
- - Screen layout optimalizations and log file improvements
+ - Screen layout optimizations and log file improvements
  - Improved list/layout of scan options
  - Improved binary check for compilers
  - Added configuration option in scan profile (show_tool_tips, default true)
@@ -3120,7 +3120,7 @@ Lynis 1.1.5 (2008-06-10)
  - Improved FreeBSD pkg_info output, logging output and report data [PKG-7302]
  - Changed shell history file test, searching files with maxdepth 1 [HOME-9310]
  - Extended iptables test, to check Linux kernel configuration file [FIRE-4511]
- - Added report warning to promicuous test [NETW-3014]
+ - Added report warning to promiscuous test [NETW-3014]
  - Fixed yellow color when being used at text display
  - Several logging improvements and cleanups
 
@@ -3189,11 +3189,11 @@ Lynis 1.1.2 (2008-05-11)
  - Improved LILO test and removed double message
  - Fixed incorrect message when using --help parameter
  - Improved portaudit test (FreeBSD) to show unique packages only
- - Updated man page, FAQ, extended documention with plugin information
+ - Updated man page, FAQ, extended documentation with plugin information
  - Added several php.ini file locations (MacOS X, OpenBSD, OpenSuSE)
 
  ** Special release notes [package/ports]: **
- - Added several default paths to check for usuable an INCLUDE directory. This
+ - Added several default paths to check for usable INCLUDE directory. This
    should make packaging Lynis easier for downstream package providers.
  - When no profile is set, Lynis will check first /etc/lynis/default.prf,
    before setting default.prf (in current work directory) as profile to use.
@@ -3252,7 +3252,7 @@ Lynis 1.0.9 (2008-03-24)
  - Added available shells from /etc/shells to report file
  - Updated man page
  - Fixed option in main help window for --man option
- - Code improvement, splitting up sections to seperated files
+ - Code improvement, splitting up sections to separated files
 
 ---------------------------------------------------------------------------------
 
@@ -3268,7 +3268,7 @@ Lynis 1.0.8 (2008-02-10)
  - Changed old temporary files check
  - Changed test to include ubuntu security repository
  - Moved UID check to avoid PID creation as non root user
- - Moved most functions to seperated files and several code cleanups
+ - Moved most functions to separated files and several code cleanups
  - Improved logging output
  - Extended FreeBSD (Copyright file) test
  - Changed indentation for many tests
@@ -3312,7 +3312,7 @@ Lynis 1.0.7 (2008-01-28)
  - Updated year number in program and support files
  - Added new function Display, to use indentation within lines
  - Added function RemovePIDFile before some exit routines, to clean up PID file
- - Extracted profile support, parameter support to seperated files
+ - Extracted profile support, parameter support to separated files
  - Created file tests_ports_packages for Ports and Packages
  - Deleted lynis.spec file, since it was not working and will be rewritten later
 
@@ -3465,7 +3465,7 @@ Lynis 1.0.0 (2007-11-08)
  - Test: query nameservers and test connectivity
  - Test: check promiscuous interfaces (FreeBSD)
  - Test: check sticky bit on /tmp directory
- - Test: check debian.org security brance in /etc/apt/sources.list
+ - Test: check debian.org security branch in /etc/apt/sources.list
  - Test: check kernel update on Debian
  - Test: query default Linux run level
  - Test: query chkconfig to see which services start at boot
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 66a7b19b..5d9d4b00 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -27,7 +27,7 @@ To ensure all pull requests can be easily checked and merged, here are some tips
 ## Code Guidelines
 
 ### General
-Identation should be 4 spaces (no tab character).
+Indentation should be 4 spaces (no tab character).
 
 ### Comments
 Comments: use # sign followed by a space. When needed, create a comment block.
@@ -68,6 +68,6 @@ software or computer software documentation in whole or in part, in any manner
 and for any purpose whatsoever, and to have or authorize others to do so.
 
 If you want to be named in as a contributor in the CONTRIBUTOR file, then include
-this notition in your pull request. Preferred format: Full Name, and your e-mail
+this notation in your pull request. Preferred format: Full Name, and your e-mail
 address).
 
diff --git a/db/tests.db b/db/tests.db
index 6513bb0b..49b705a3 100644
--- a/db/tests.db
+++ b/db/tests.db
@@ -282,7 +282,7 @@ NAME-4210:test:security:nameservices::Check DNS banner:
 NAME-4230:test:security:nameservices::Check PowerDNS status:
 NAME-4232:test:security:nameservices::Search PowerDNS configuration file:
 NAME-4236:test:security:nameservices::Check PowerDNS backends:
-NAME-4238:test:security:nameservices::Check PowerDNS authoritive status:
+NAME-4238:test:security:nameservices::Check PowerDNS authoritative status:
 NAME-4304:test:security:nameservices::Check NIS ypbind status:
 NAME-4306:test:security:nameservices::Check NIS domain:
 NAME-4402:test:security:nameservices::Check duplicate line in /etc/hosts:
diff --git a/extras/bash_completion.d/lynis b/extras/bash_completion.d/lynis
index 7eee7375..5c816aea 100644
--- a/extras/bash_completion.d/lynis
+++ b/extras/bash_completion.d/lynis
@@ -126,7 +126,7 @@ _lynis()
         report)
             return 0
             ;;
-        settiings)
+        settings)
             return 0
             ;;
         tests)
diff --git a/include/functions b/include/functions
index 26916461..b72e7156 100644
--- a/include/functions
+++ b/include/functions
@@ -38,7 +38,7 @@
 #    DigitsOnly                 Return only the digits from a string
 #    DirectoryExists            Check if a directory exists on the disk
 #    DiscoverProfiles           Determine available profiles on system
-#    Display                    Output text to screen with colors and identation
+#    Display                    Output text to screen with colors and indentation
 #    DisplayError               Show an error on screen
 #    DisplayException           Show an exception on screen
 #    DisplayManual              Output text to screen without any layout
diff --git a/include/helper_configure b/include/helper_configure
index ebd7f706..029ab4f7 100644
--- a/include/helper_configure
+++ b/include/helper_configure
@@ -72,7 +72,7 @@
             ExitFatal
         fi
 
-        FIND=$(echo ${HELPER_PARAMERS} | grep " ")
+        FIND=$(echo ${HELPER_PARAMS} | grep " ")
         if [ ! "${FIND}" = "" ]; then ${ECHOCMD} "Found invalid character (space) in configuration string"; ExitFatal; fi
 
         CONFIGURE_SETTINGS=$(echo $2 | sed 's/:/ /g')
diff --git a/include/profiles b/include/profiles
index 2b0885ce..e7b9557a 100644
--- a/include/profiles
+++ b/include/profiles
@@ -50,7 +50,7 @@
             Display --text " "
             Display --text "=================================================================================================="
             Display --text " "
-            LogText "Insight: Profile '${PROFILE}' contians one or more old-style configuration entries"
+            LogText "Insight: Profile '${PROFILE}' contains one or more old-style configuration entries"
             ReportWarning "GEN-0020" "Your profile contains one or more old-style configuration entries"
             sleep 10
         fi
diff --git a/include/report b/include/report
index 29f45643..3d0c7fdf 100644
--- a/include/report
+++ b/include/report
@@ -151,14 +151,14 @@
             fi
 
             # Show suggestions from logfile
-            SSUGGESTIONS=$(${GREPBINARY} 'Suggestion: ' ${LOGFILE} | sed 's/ /!space!/g')
+            SUGGESTIONS=$(${GREPBINARY} 'Suggestion: ' ${LOGFILE} | sed 's/ /!space!/g')
 
-            if [ -z "${SSUGGESTIONS}" ]; then
+            if [ -z "${SUGGESTIONS}" ]; then
                 echo "  ${OK}No suggestions${NORMAL}"; echo ""
             else
                 echo "  ${YELLOW}Suggestions${NORMAL} (${TOTAL_SUGGESTIONS}):"
                 echo "  ${WHITE}----------------------------${NORMAL}"
-                for SUGGESTION in ${SSUGGESTIONS}; do
+                for SUGGESTION in ${SUGGESTIONS}; do
                     SOLUTION=""
                     SHOWSUGGESTION=$(echo ${SUGGESTION} | sed 's/!space!/ /g' | sed 's/^.* Suggestion: //' | sed 's/\[details:\(.*\)\] \[solution:\(.*\)\]//' | sed 's/test://')
                     ADDLINK=$(echo ${SUGGESTION} | sed 's/!space!/ /g' | sed 's/^.* Suggestion: \(.*\)\[test://' | sed 's/\]\(.*\)]//' | ${AWKBINARY} -F: '{print $1}')
@@ -183,7 +183,7 @@
                 done
             fi
             # Show tip on how to continue (next steps)
-            if [ ! "${SWARNINGS}" = "" -o ! "${SSUGGESTIONS}" = "" ]; then
+            if [ ! "${SWARNINGS}" = "" -o ! "${SUGGESTIONS}" = "" ]; then
                 echo "  ${CYAN}Follow-up${NORMAL}:"
                 echo "  ${WHITE}----------------------------${NORMAL}"
                 echo "  ${WHITE}-${NORMAL} Show details of a test (lynis show details TEST-ID)"
diff --git a/include/tests_authentication b/include/tests_authentication
index 4f43745a..b27e59c7 100644
--- a/include/tests_authentication
+++ b/include/tests_authentication
@@ -1068,7 +1068,7 @@
     # Test        : AUTH-9306
     # Description : Check if authentication is needed to boot the system
     # Notes       : :d_boot_authenticate: is a good option for production machines to
-    #               avoid unauthorized booting of systems. Option :d_boot_autentication@:
+    #               avoid unauthorized booting of systems. Option :d_boot_authentication@:
     #               disabled a required login.
     Register --test-no AUTH-9306 --os HP-UX --weight L --network NO --category security --description "Check single boot authentication"
     if [ ${SKIPTEST} -eq 0 ]; then
diff --git a/include/tests_dns b/include/tests_dns
index e21a2aef..085168d4 100644
--- a/include/tests_dns
+++ b/include/tests_dns
@@ -45,11 +45,11 @@
 #
 #            if [ "${GOOD}" = "${TIMEOUT}" -a "${BAD}" = "${TIMEOUT}" ]; then
 #                LogText "Result: received timeout, can't determine DNSSEC validation"
-#                Display --indent 4 --text "- Checking DNSSEC validation" --result "${STATUS_UNKOWN}" --color YELLOW
+#                Display --indent 4 --text "- Checking DNSSEC validation" --result "${STATUS_UNKNOWN}" --color YELLOW
 #                #ReportException "${TEST_NO}" "Exception found, both query failed, due to connection timeout"
 #            elif [ -z "${GOOD}" -a -n "${BAD}" ]; then
 #                LogText "Result: good signature failed, yet bad signature was accepted"
-#                Display --indent 4 --text "- Checking DNSSEC validation" --result "${STATUS_UNKOWN}" --color YELLOW
+#                Display --indent 4 --text "- Checking DNSSEC validation" --result "${STATUS_UNKNOWN}" --color YELLOW
 #                #ReportException "${TEST_NO}" "Exception found, OK failed, bad signature was accepted"
 #            elif [ -n "${GOOD}" -a -n "${BAD}" ]; then
 #                Display --indent 4 --text "- Checking DNSSEC validation" --result "${STATUS_SUGGESTION}" --color YELLOW
diff --git a/include/tests_kernel b/include/tests_kernel
index b3ce61f7..3d3ac339 100644
--- a/include/tests_kernel
+++ b/include/tests_kernel
@@ -485,7 +485,7 @@
                  ( [ ${SYSD_CORED_BASE_PROCSIZEMAX_NR_ENABLED} -ge 1 ] && [ ${SYSD_CORED_SUB_STORAGE_NR_ENABLED} -ge 1 ] ) || \
                  ( [ ${SYSD_CORED_BASE_STORAGE_NR_ENABLED} -ge 1 ] && [ ${SYSD_CORED_SUB_PROCSIZEMAX_NR_ENABLED} -ge 1 ] ) || \
                  ( [ ${SYSD_CORED_SUB_PROCSIZEMAX_NR_ENABLED} -ge 1 ] && [ ${SYSD_CORED_SUB_STORAGE_NR_ENABLED} -ge 1 ] ); then
-                LogText "Result: core dumps are explicitely enabled in systemd configuration files"
+                LogText "Result: core dumps are explicitly enabled in systemd configuration files"
                 ReportSuggestion "${TEST_NO}" "If not required, consider explicit disabling of core dump in ${ROOTDIR}etc/systemd/coredump.conf ('ProcessSizeMax=0', 'Storage=none')"
                 Display --indent 4 --text "- configuration in systemd conf files" --result "${STATUS_ENABLED}" --color RED
                 AddHP 0 1
@@ -796,7 +796,7 @@
         # Attempt to check for Raspbian if reboot is needed
         # This check searches for apt package "raspberrypi-kernel-[package-date]", trys to extract the date of packaging from the filename
         # and compares that date with the currently running kernel's build date (uname -v).
-        # Of course there can be a time difference between kernel build and kernel packaging, therefor a time difference of
+        # Of course there can be a time difference between kernel build and kernel packaging, therefore a time difference of
         # 3 days is accepted and it is assumed with only 3 days apart, this must be the same kernel version.
         if [ ${REBOOT_NEEDED} -eq 2 ] && [ -d "${APT_ARCHIVE_DIRECTORY}" ]; then
             LogText "Result: found folder ${APT_ARCHIVE_DIRECTORY}; assuming this is a debian based distribution"
diff --git a/include/tests_kernel_hardening b/include/tests_kernel_hardening
index 2b45394e..e117a704 100644
--- a/include/tests_kernel_hardening
+++ b/include/tests_kernel_hardening
@@ -28,7 +28,7 @@
 #
     # Test        : KRNL-6000
     # Description : Check sysctl parameters
-    # Sysctl      : net.ipv4.icmp_ingore_bogus_error_responses (=1)
+    # Sysctl      : net.ipv4.icmp_ignore_bogus_error_responses (=1)
     if [ ! "${SYSCTL_READKEY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
     Register --test-no KRNL-6000 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check sysctl key pairs in scan profile"
     if [ ${SKIPTEST} -eq 0 ]; then
diff --git a/include/tests_time b/include/tests_time
index 95c695bc..0d1d65cb 100644
--- a/include/tests_time
+++ b/include/tests_time
@@ -86,7 +86,7 @@
             # Reason: openntpd syncs only if large time corrections are not required or -s is passed.
             #         This might be not intended by the administrator (-s is NOT the default!)
             FIND=$(${PSBINARY} ax | ${GREPBINARY} "ntpd: ntp engine" | ${GREPBINARY} -v "grep")
-            # Status code 0 is when communication over the socket is successfull
+            # Status code 0 is when communication over the socket is successful
             if ${NTPCTLBINARY} -s status > /dev/null 2> /dev/null; then
                 FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="openntpd"
                 LogText "result: found openntpd (method: ntpctl)"
@@ -97,7 +97,7 @@
                 FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="openntpd"
                 LogText "result: found openntpd (method: ps)"
             else
-                LogText "result: running openntpd not found, but ntpctl is instaalled"
+                LogText "result: running openntpd not found, but ntpctl is installed"
             fi
 
             if [ "${NTP_DAEMON}" = "openntpd" ]; then
@@ -106,7 +106,7 @@
         fi
 
         # Check running processes (ntpd from ntp.org)
-        # As checking by process name is ambigiouse (openntpd has the same process name),
+        # As checking by process name is ambiguous (openntpd has the same process name),
         # this check will be skipped if openntpd has been found.
         FIND=$(${PSBINARY} ax | ${GREPBINARY} "ntpd" | ${GREPBINARY} -v "dntpd" | ${GREPBINARY} -v "ntpd: " | ${GREPBINARY} -v "grep")
         if [ "${NTP_DAEMON}" != "openntpd" ] && [  -n "${FIND}" ]; then
diff --git a/lynis b/lynis
index e7af15da..7ea78b0c 100755
--- a/lynis
+++ b/lynis
@@ -589,7 +589,7 @@ ${NORMAL}
     if [ ${SET_STRICT} -eq 0 ]; then
         set +u  # Allow uninitialized variables
     else
-        set -u  # Do not allow unitialized variables
+        set -u  # Do not allow uninitialized variables
     fi
 
     # Import a different language when configured