Various minor spelling and grammar fixes

configuration/assigning-devices.md

@@ -58,7 +58,7 @@ list of available devices, which you can select to be assigned to that VM.
 Finding the right USB controller
 --------------------------------
 
-If you want assign a certain [USB] device to a VM (by attaching the whole
+If you want to assign a certain [USB] device to a VM (by attaching the whole
 USB controller), you need to figure out which PCI device is the right
 controller. First, check to which USB bus the device is connected:
 
@@ -66,7 +66,7 @@ controller. First, check to which USB bus the device is connected:
 lsusb
 ~~~
 
-For example, I want assign a broadband modem to the netvm. In the out put of
+For example, I want to assign a broadband modem to the netvm. In the output of
 `lsusb` it can be listed as something like this. (In this case, the device isn't
 fully identified):
 
@@ -76,7 +76,7 @@ Bus 003 Device 003: ID 413c:818d Dell Computer Corp.
 
 The device is connected to USB bus \#3. Then check which other devices are
 connected to the same bus, since *all* of them will be assigned to the same VM.
-Now is the time to find right USB controller:
+Now is the time to find the right USB controller:
 
 ~~~
 readlink /sys/bus/usb/devices/usb3

configuration/config-files.md

@@ -40,7 +40,7 @@ problematic device drivers.
 
 Note that scripts need to be executable (chmod +x) to be used.
 
-Also take a look at [bind-dirs][/doc/bind-dirs] for instruction how to easily
+Also take a look at [bind-dirs](/doc/bind-dirs) for instruction how to easily
 modify arbitrary system file in AppVM and have those changes persistent.
 
 GUI and audio configuration in dom0

configuration/disk-trim.md

@@ -10,7 +10,7 @@ redirect_from:
 
 VMs have already TRIM enabled by default, but dom0 doesn't. There are some security implications (read for example [this article](https://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html)), but IMO not very serious.
 
-To enable TRIM in dom0 you need:
+To enable TRIM in dom0 you need to:
 
 1.  Get your LUKS device UUID:
 

configuration/external-audio.md

@@ -38,9 +38,9 @@ pactl load-module module-udev-detect
 
 Start the audio application that is going to use the external audio device.
 
-Launch pavucontrol, for example using "run command in VM" of Qubes Manager and select you external audio card in pavucontrol. You need to do that only the first time you use a new external audio device, then pulse audio will remember you selection.
+Launch pavucontrol, for example using "run command in VM" of Qubes Manager and select your external audio card in pavucontrol. You need to do that only the first time you use a new external audio device, then pulse audio will remember you selection.
 
-If you detach your external audio device, then want to insert it again, or change it with another one, you need to repeat the previous commands in terminal, adding an other line at the beginning:
+If you detach your external audio device, then want to insert it again, or change it with another one, you need to repeat the previous commands in terminal, adding another line at the beginning:
 
 ~~~
 pactl unload-module module-udev-detect

configuration/http-filtering-proxy.md

@@ -31,10 +31,10 @@ prevents websites that use DNS-based load balancers from working
 unless the user reloads the firewall rules (which re-resolve the DNS
 names) whenever the balancer transfer her session to another IP. Third
 the initial setup of the rules is complicated as the firewall drops
-the connection silently. As a workaround on can use browser's network
+the connection silently. As a workaround one can use browser's network
 console to see what is blocked, but this is time-consuming and one can
 trivially miss some important cases like including in the firewall
-white list sites for OCSP SSL certificate verification.
+white-list sites for OCSP SSL certificate verification.
 
 These drawbacks can be mitigated if one replaces iptable-based rules
 with a filtering HTTP proxy. The following describes how to setup
@@ -94,7 +94,7 @@ Setup
         name.ip-address-of-app-vm
 
    The name part before the dot can be arbitrary. For convenience one can
-   use AppVm name here, but this is not required. It is important to get
+   use AppVM name here, but this is not required. It is important to get
    ip address part right as this is what the control script uses to
    determine for which AppVM to apply the proxy rules. One can check the
    IP address of AppVM in Qubes VM manager in the VM settings dialog, see

configuration/managing-vm-kernel.md

@@ -49,7 +49,7 @@ updatevm          : sys-firewall
 Installing different kernel using Qubes kernel package
 ----------------------------------
 
-VM kernels are packages by Qubes team in `kernel-qubes-vm` packages. Generally system will keep the 3 newest available versions. You can list them with the `rpm` command:
+VM kernels are packages by Qubes team in `kernel-qubes-vm` packages. Generally the system will keep the 3 newest available versions. You can list them with the `rpm` command:
 
 ~~~
 [user@dom0 ~]$ rpm -qa 'kernel-qubes-vm*'
@@ -58,7 +58,7 @@ kernel-qubes-vm-3.18.16-3.pvops.qubes.x86_64
 kernel-qubes-vm-3.18.17-4.pvops.qubes.x86_64
 ~~~
 
-If you want more recent version, you can check `qubes-dom0-unstable` repository. As the name suggest, keep in
+If you want a more recent version, you can check `qubes-dom0-unstable` repository. As the name suggests, keep in
 mind that those packages may be less stable than the default ones.
 
 Checking available versions in `qubes-dom0-unstable` repository:
@@ -212,7 +212,7 @@ This is possible thanks to PV GRUB2 - GRUB2 running in the VM. To make it happen
 
 1. Install PV GRUB2 in dom0 - package is named `grub2-xen`.
 2. Install kernel in the VM. As with all VM software installation - this needs to be done in TemplateVM (of StandaloneVM if you are using one).
-3. Set VM kernel to `pvgrub2` value. You can use `pvgrub2` in selected VMs, not necessary all of them, even when it's template has kernel installed. You can still use dom0-provided kernel for selected VMs.
+3. Set VM kernel to `pvgrub2` value. You can use `pvgrub2` in selected VMs, not necessary all of them, even when its template has kernel installed. You can still use dom0-provided kernel for selected VMs.
 
 **WARNING: When using kernel from within VM, `kernelopts` parameter is ignored.**
 
@@ -230,7 +230,7 @@ In Fedora based VM, you need to install `qubes-kernel-vm-support` package. This
 package include required additional kernel module and initramfs addition
 required to start Qubes VM (for details see
 [template implementation](/doc/template-implementation/)). Additionally you
-need some GRUB tools to create it's configuration. Note: you don't need actual
+need some GRUB tools to create its configuration. Note: you don't need actual
 grub bootloader as it is provided by dom0. But having one also shouldn't harm.
 
 ~~~
@@ -268,7 +268,7 @@ In Debian based VM, you need to install `qubes-kernel-vm-support` package. This
 package include required additional kernel module and initramfs addition
 required to start Qubes VM (for details see
 [template implementation](/doc/template-implementation/)). Additionally you
-need some GRUB tools to create it's configuration. Note: you don't need actual
+need some GRUB tools to create its configuration. Note: you don't need actual
 grub bootloader as it is provided by dom0. But having one also shouldn't harm.
 
 ~~~

configuration/network-bridge-support.md

@@ -42,12 +42,12 @@ First, retrieve the attachment of this Wifi article in dom0. Then apply the thre
 
 Finally restart the qubes manager GUI.
 
-A new option is now available in the AppVM Settings to enable set the NetVM in bridge mode. For a bridged AppVM, you should the select a netvm instead of a firewall vm, enabled the Bridge option and restart your AppVM.
+A new option is now available in the AppVM Settings to enable set the NetVM in bridge mode. For a bridged AppVM, you should the select a netvm instead of a firewall vm, enable the Bridge option and restart your AppVM.
 
 NetVM patch (Qubes R2B2)
 ------------------------
 
-You need to modify manually the NetVM iptable script inside the NetVM. The reason is that by default the NetVM only accept traffic coming from network interfaces called vif\* (in our case, we will use an additional interface called bridge0. The second reason is that all trafic is NATed by default. In our case, we want to forward traffic from the bridge interface without modifying it, while NATing traffic coming from vif\* interfaces.
+You need to modify manually the NetVM iptable script inside the NetVM. The reason is that by default the NetVM only accepts traffic coming from network interfaces called vif\* (in our case, we will use an additional interface called bridge0. The second reason is that all trafic is NATed by default. In our case, we want to forward traffic from the bridge interface without modifying it, while NATing traffic coming from vif\* interfaces.
 
 Modify manually the Template you use for your NetVM (not the NetVM itself). This is by default fedora-x86\_64. Edit the file /etc/sysconfig/iptables. You need to modify two parts of the file.
 
@@ -95,7 +95,7 @@ This requires:
 
 Note: A wireless interface cannot be bridged.
 
-The bridge edition GUI is somehow buggy as it does not remember all the parameter you setup. You can fix it by editing manually the files in /etc/NetworkManager/system-connections/. Here is one example for these files:
+The bridge edition GUI is somewhat buggy as it does not remember all the parameters you set up. You can fix it by editing manually the files in /etc/NetworkManager/system-connections/. Here is one example for these files:
 
 -   Bridge-DHCP
 
@@ -137,7 +137,7 @@ Note: Do not forget to put stp=false if you bridge only eth0 because sending BPD
     slave-type=bridge
     ~~~
 
-If you do not manager to start your bridge, you can start it manually from a NetVM terminal:
+If you do not manage to start your bridge, you can start it manually from a NetVM terminal:
 
 ~~~
 $ nmcli con up id bridge0-eth0

configuration/network-printer.md

@@ -27,7 +27,7 @@ In order to mitigate this risk, one might consider creating a custom template (i
 
 However, one should be aware that most (all?) network printing protocols are insecure, unencrypted protocols. This means, that an attacker who is able to sniff the local network, or who is controlling the (normally untrusted) Qubes NetVM, will likely to be able to see the documents being printed. This is a limitation of today's printers and printing protocols, something that cannot be solved by Qubes or any other OS.
 
-Additionally, the printer drivers as well as CUPS application itself, might be buggy and might got exploited when talking to a compromised printer (or by an attacker who controls the local network, or the default NetVM). Consider not using printing from your more trusted AppVMs for this reason.
+Additionally, the printer drivers as well as CUPS application itself, might be buggy and might get exploited when talking to a compromised printer (or by an attacker who controls the local network, or the default NetVM). Consider not using printing from your more trusted AppVMs for this reason.
 
 Steps to configure a network printer in a template VM
 ----------------------------------------------------------

configuration/postfix.md

@@ -99,14 +99,14 @@ alias_maps = hash:/etc/aliases
 @localhost your.mail@example.com
 ~~~
 
-`/usr/local/etc/postfix/sender_relay`. This is important file. Put there all your SMTP servers. Pay attention to port (smtp/submission). Square brackets have their special meaning, they are almost certainly needed. For more info consult Postfix manual.
+`/usr/local/etc/postfix/sender_relay`. This is an important file. Put all your SMTP servers there. Pay attention to port (smtp/submission). Square brackets have their special meaning, they are almost certainly needed. For more info consult Postfix manual.
 
 ~~~
 your.mail@exmaple.com         [mail.example.com]:submission
 your.other@mail.com         [smtp.mail.com]:smtp
 ~~~
 
-`/usr/local/etc/postfix/saslpass`. Here you put passwords to above mentioned servers. It depends on provider if you need to put whole email as username or just the part before `@`.
+`/usr/local/etc/postfix/saslpass`. Here you put passwords to above mentioned servers. It depends on your provider if you need to put whole email as username or just the part before `@`.
 
 ~~~
 [mail.example.com]:submission     your.mail:y0urP4ssw0rd

configuration/resize-disk-image.md

@@ -34,7 +34,7 @@ The basic idea is to:
 1.  Shrink filesystem on the private disk image.
 2.  Then shrink the image.
 
-Ext4 does not support online shrinking, so can't be done as convenient as image grown. Note that we don't want to touch the VM filesystem directly in dom0 for security reasons. First you need to start VM without `/rw` mounted. One of the possibility is to interrupt its normal startup by adding `rd.break` kernel option:
+Ext4 does not support online shrinking, so can't be done as convenient as image grown. Note that we don't want to touch the VM filesystem directly in dom0 for security reasons. First you need to start VM without `/rw` mounted. One of the possibilities is to interrupt its normal startup by adding `rd.break` kernel option:
 
 ~~~
 qvm-prefs -s <vm-name> kernelopts rd.break
@@ -63,7 +63,7 @@ Now you can resize the image:
 truncate -s <new-desired-size> /var/lib/qubes/appvms/<vm-name>/private.img
 ~~~
 
-**It is critical to use the same (or bigger for some safety margin) size in truncate call compared to resize2fs call. Otherwise you will loose your data!** Then reset kernel options back to default:
+**It is critical to use the same (or bigger for some safety margin) size in truncate call compared to resize2fs call. Otherwise you will lose your data!** Then reset kernel options back to default:
 
 ~~~
 qvm-prefs -s <vm-name> kernelopts default
@@ -75,8 +75,8 @@ Done.
 
 If you want install a lot of software in your TemplateVM, you may need to increase the amount of disk space your TemplateVM can use.
 
-1.  Make sure that all the VMs based on this template are shut off (including netvms etc).
-2.  Sanity check: verify that none of loop device are pointing at this template root.img: `sudo losetup -a`
+1.  Make sure that all the VMs based on this template are powered off (including netvms etc).
+2.  Sanity check: verify that none of the loop devices are pointing at this template root.img: `sudo losetup -a`
 3.  Resize root.img file using `truncate -s <desired size>` (the root.img path can be obtained from qvm-prefs).
 4.  If any netvm/proxyvm used by this template is based on it, set template netvm to none.
 5.  Start the template.

configuration/resize-root-disk-image.md

@@ -11,7 +11,7 @@ redirect_from:
 Resize Root Disk Image
 ----------------------
 
-The safest way to increase the size of `root.img` is to turn your TemplateVM into a StandaloneVM. Doing this means it will have it's own root filesystem *(StandaloneVMs use a copy of template, instead of smart sharing)*. To do this run `qvm-create --standalone` from `dom0` Konsole.
+The safest way to increase the size of `root.img` is to turn your TemplateVM into a StandaloneVM. Doing this means it will have its own root filesystem *(StandaloneVMs use a copy of template, instead of smart sharing)*. To do this run `qvm-create --standalone` from `dom0` Konsole.
 
 ### Resize a StandaloneVM Root Image
 
@@ -27,7 +27,7 @@ Then start Terminal for this StandaloneVM and run:
 sudo resize2fs /dev/mapper/dmroot
 ~~~
 
-Shutdown the StandaloneVM and you will have extended the size of it's `root.img`
+Shutdown the StandaloneVM and you will have extended the size of its `root.img`
 
 
 ### Resize a TemplateVM Root Image
@@ -51,4 +51,4 @@ to do!`.
 sudo resize2fs /dev/mapper/dmroot
 ~~~
 
-Shutdown the TemplateVM and you will have extended the size of it's `root.img`.
+Shutdown the TemplateVM and you will have extended the size of its `root.img`.

configuration/salt.md

@@ -227,7 +227,7 @@ malicious target VM.
 
 ## Writing your own configuration
 
-Let's start with quick example:
+Let's start with a quick example:
 
     my new and shiny vm:
       qvm.present:
@@ -304,7 +304,7 @@ You can set properties of existing domain:
         - netvm: sys-firewall
 
 Note that `name:` is a matcher, ie. it says the domain which properties will be
-manipulated is called `salt-test2`. The implies that you currently cannot rename
+manipulated is called `salt-test2`. This implies that you currently cannot rename
 domains this way.
 
 ### qvm.service