From b12c8986778619db5bec0a5e52f2d49247e6b5ba Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Thu, 11 Jun 2009 11:58:55 -0400
Subject: Only sign modules if --unprivileged is specified. Don't generate an
 error message for unsigned modules. Make sure module signature exists before
 attempting to copy to the cache. Allow timer p[robes for unprivileged users.

---
 buildrun.cxx | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'buildrun.cxx')

diff --git a/buildrun.cxx b/buildrun.cxx
index 54aa5d4f..effc6cd8 100644
--- a/buildrun.cxx
+++ b/buildrun.cxx
@@ -223,11 +223,12 @@ compile_pass (systemtap_session& s)
   rc = run_make_cmd(s, make_cmd);
 
 #if HAVE_NSS
-  // If a certificate database was specified, then try to sign the module.
+  // If a certificate database was specified, and we're in unprivileged
+  // mode, then try to sign the module.
   // Failure to do so is not a fatal error. If the signature is actually needed,
   // staprun will complain at that time.
   assert (! s.cert_db_path.empty());
-  if (!rc)
+  if (s.unprivileged && ! rc)
     sign_module (s);
 #endif
 
-- 
cgit