summaryrefslogtreecommitdiffstats
path: root/runtime/staprun/modverify.c
Commit message (Collapse)AuthorAgeFilesLines
* runtime: better staprun diagnostics for failed signature testsFrank Ch. Eigler2010-01-151-2/+8
| | | | * modverify.c (verify_module): Print some messages for verbose > 1.
* Clean up NSS after errors occur during verification.Dave Brolley2009-12-141-0/+3
|
* Regenerate autotools files using autoreconf to pick up latest Makefile.am ↵Dave Brolley2009-12-011-1/+3
| | | | changes.
* Make sure system types are defined.Dave Brolley2009-12-011-3/+4
|
* Replace the use of the global variable 'modpath' in diagnosticDave Brolley2009-11-101-7/+8
| | | | | | | | messages within verify_it with the use of a 'module_name' parameter passed in. Add a comment in insert_module explaining why it's ok to overwrite the 'path' parameter with the canonicalized path.
* rc = 0 should be return 0 for database not ownder by root.Dave Brolley2009-09-041-1/+1
|
* It is not an error or warning if the local database of authorized signingDave Brolley2009-08-101-0/+5
| | | | certificates does not exist. It just means that the signed module is untrusted.
* 2009-08-06 Dave Brolley <brolley@redhat.com>Dave Brolley2009-08-061-95/+73
| | | | | | | | | | | | | | | | | | | * modverify.c (staprun.h): #include it. (verify_it): Now accepts module data and signature data as arguments. Don't open and read the signature here. Don't read the module here. (verify_module): Now accepts module data as argument. Read the signature once here. * modverify.h (verify_module): Now accepts module data as argument. * staprun.c (main): Don't call check_permissions here. * staprun.h (check_permissions): Prototype removed. * staprun_funcs.c (check_permissions): Now static. Accepts module data as argument. Pass module data to check_signature. (insert_module): Canonicalize the module path early here. Call check_permissions here, passing it the mapped module data. (check_signature): Now accepts module data as argument. Pass the module data to verify_module. (check_path): Use the already-canonicalized module path.
* Only sign modules if --unprivileged is specified.Dave Brolley2009-06-111-5/+1
| | | | | | Don't generate an error message for unsigned modules. Make sure module signature exists before attempting to copy to the cache. Allow timer p[robes for unprivileged users.
* Add Vim modelines for new C/C++ sourcesJosh Stone2009-05-051-0/+2
|
* Module signing and verification using a separate file for the module signature.Dave Brolley2009-05-041-0/+389
generated by cgit (git 2.34.1) at 2025-07-31 09:55:09 +0000