diff options
| -rw-r--r-- | modsign.cxx | 29 | ||||
| -rw-r--r-- | modsign.h | 2 | ||||
| -rw-r--r-- | nsscommon.c | 2 | ||||
| -rw-r--r-- | nsscommon.h | 2 | ||||
| -rw-r--r-- | runtime/staprun/modverify.c | 2 | ||||
| -rw-r--r-- | runtime/staprun/modverify.h | 1 |
6 files changed, 24 insertions, 14 deletions
diff --git a/modsign.cxx b/modsign.cxx index b66497fd..8f29dab1 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -21,6 +21,7 @@ */ #include "session.h" +#include "util.h" #include <iostream> #include <string> @@ -219,20 +220,18 @@ check_cert_db_permissions (const string &cert_db_path) { // We must be the owner of the database. euid = geteuid (); + pw = getpwuid (euid); + if (! pw) + { + cerr << "Unable to obtain current user information which checking certificate database " + << cert_db_path << endl; + perror (""); + return 0; + } if (info.st_uid != euid) { - pw = getpwuid (euid); - if (pw) - { - cerr << "Certificate database " << cert_db_path << " must be owned by " - << pw->pw_name << endl; - } - else - { - cerr << "Unable to obtain current user information which checking certificate database " - << cert_db_path << endl; - perror (""); - } + cerr << "Certificate database " << cert_db_path << " must be owned by " + << pw->pw_name << endl; rc = 0; } @@ -285,14 +284,14 @@ init_cert_db_path (const string &cert_db_path) { // Generate the certificate and database. string cmd = BINDIR "/stap-gen-cert " + cert_db_path; - rc = system (cmd.c_str()) == 0; + rc = stap_system (cmd.c_str()) == 0; // If we are root, authorize the new certificate as a trusted // signer. It is not an error if this fails. if (geteuid () == 0) { cmd = BINDIR "/stap-authorize-signing-cert " + cert_db_path + "/stap.cert"; - system (cmd.c_str()); + stap_system (cmd.c_str()); } return rc; @@ -552,3 +551,5 @@ sign_module (systemtap_session& s) /* Shutdown NSS and exit NSPR gracefully. */ nssCleanup (); } + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ @@ -1 +1,3 @@ void sign_module (systemtap_session& s); + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/nsscommon.c b/nsscommon.c index 0a90b963..2e9c748b 100644 --- a/nsscommon.c +++ b/nsscommon.c @@ -81,3 +81,5 @@ nssCleanup (void) NSS_Shutdown (); PR_Cleanup (); } + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/nsscommon.h b/nsscommon.h index 7f4097e1..c6ab8aa7 100644 --- a/nsscommon.h +++ b/nsscommon.h @@ -1,2 +1,4 @@ void nssError (void); void nssCleanup (void); + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/runtime/staprun/modverify.c b/runtime/staprun/modverify.c index 2f3b96d5..b50a69f4 100644 --- a/runtime/staprun/modverify.c +++ b/runtime/staprun/modverify.c @@ -387,3 +387,5 @@ int verify_module (const char *module_name, const char *signature_name) return rc; } + +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ diff --git a/runtime/staprun/modverify.h b/runtime/staprun/modverify.h index 9abf62d4..49b90bfe 100644 --- a/runtime/staprun/modverify.h +++ b/runtime/staprun/modverify.h @@ -6,3 +6,4 @@ int verify_module (const char *module_name, const char *signature_name); #define MODULE_CHECK_ERROR -1 #define MODULE_ALTERED -2 +/* vim: set sw=2 ts=8 cino=>4,n-2,{2,^-2,t0,(0,u0,w1,M1 : */ |