runtime: better staprun diagnostics for failed signature tests

* modverify.c (verify_module): Print some messages for verbose > 1.

diff --git a/runtime/staprun/modverify.c b/runtime/staprun/modverify.c
index a17bb2ec4602f7364ad3fedd33b25c01041118b4..5d442393879a6a7cc5311f56be7aa63f222f0f75 100644 (file)
--- a/runtime/staprun/modverify.c
+++ b/runtime/staprun/modverify.c
@@ -272,12 +272,18 @@ int verify_module (const char *signatureName, const char* module_name,
 
   /* Verify the permissions of the certificate database and its files.  */
   if (! check_cert_db_permissions (dbdir))
-    return MODULE_UNTRUSTED;
+    {
+      if (verbose>1) fprintf (stderr, "Certificate db %s permissions too loose\n", dbdir);
+      return MODULE_UNTRUSTED;
+    }
 
   /* Get the size of the signature file.  */
   prStatus = PR_GetFileInfo (signatureName, &info);
   if (prStatus != PR_SUCCESS || info.type != PR_FILE_FILE || info.size < 0)
-    return MODULE_UNTRUSTED; /* Not signed */
+    {
+      if (verbose>1) fprintf (stderr, "Signature file %s not found\n", signatureName);
+      return MODULE_UNTRUSTED; /* Not signed */
+    }
 
   /* Open the signature file.  */
   local_file_fd = PR_Open (signatureName, PR_RDONLY, 0);