From: Frank Ch. Eigler <fche@elastic.org>
Date: Fri, 15 Jan 2010 08:04:18 +0000 (-0500)
Subject: runtime: better staprun diagnostics for failed signature tests
X-Git-Tag: release-1.1~6
X-Git-Url: https://sourceware.org/git/?a=commitdiff_plain;h=4b9b5e8597daa65325756b18fcb87b71c60b26aa;p=systemtap.git

runtime: better staprun diagnostics for failed signature tests

* modverify.c (verify_module): Print some messages for verbose > 1.
---

diff --git a/runtime/staprun/modverify.c b/runtime/staprun/modverify.c
index a17bb2ec4..5d4423938 100644
--- a/runtime/staprun/modverify.c
+++ b/runtime/staprun/modverify.c
@@ -272,12 +272,18 @@ int verify_module (const char *signatureName, const char* module_name,
 
   /* Verify the permissions of the certificate database and its files.  */
   if (! check_cert_db_permissions (dbdir))
-    return MODULE_UNTRUSTED;
+    {
+      if (verbose>1) fprintf (stderr, "Certificate db %s permissions too loose\n", dbdir);
+      return MODULE_UNTRUSTED;
+    }
 
   /* Get the size of the signature file.  */
   prStatus = PR_GetFileInfo (signatureName, &info);
   if (prStatus != PR_SUCCESS || info.type != PR_FILE_FILE || info.size < 0)
-    return MODULE_UNTRUSTED; /* Not signed */
+    {
+      if (verbose>1) fprintf (stderr, "Signature file %s not found\n", signatureName);
+      return MODULE_UNTRUSTED; /* Not signed */
+    }
 
   /* Open the signature file.  */
   local_file_fd = PR_Open (signatureName, PR_RDONLY, 0);