From 98f552c28ebbed982e96be5798a8454c7220925a Mon Sep 17 00:00:00 2001 From: Dave Brolley Date: Thu, 12 Mar 2009 13:38:51 -0400 Subject: 2009-03-12 Dave Brolley * util.cxx (remove_file_or_dir): New function. * util.h (remove_file_or_dir): New function. * systemtap.spec (stap): Add stap-env, stap-gen-cert, stap-authorize-cert, and stap-authorize-signing-cert. (stap-client): Remove stap-find-or-start-server, stap-add-server-cert. Add stap-authorize-server-cert. (stap-server): Add stap-find-servers, stap-find-or-start-server, stap-authorize-server-cert. Remove stap-gen-server-cert. * stap-find-servers: Source stap-env. Use $stap_avahi_service_tag. (initialization): Set timeout to 10. (find_servers): Run avahi-browse in the background and wait for it. Use a temp file for the output of avahi-browse. Kill avahi-browse if the timeout expires. (match_server): Set read timeout. (fatal): New function. * stap-find-or-start-server: Source stap-env. Use $stap_exec_prefix. Always exit with 0. * stap-start-server: Source stap-env. Check for the server PID as a running process and for avahi-publish-service running as a child in order to verify that the server is ready. * stap-add-server-cert: Renamed to stap-authorize-server-cert. Source stap-env. Call stap-authorize-cert. * stap-client: Source stap-env. Use $stap_user_ssl_db and $stap_root_ssl_db. Use $stap_tmpdir_prefix_client, $stap_tmpdir_prefix_server. Use $stap_exec_prefix. (configuration): Removed. (staprun_running): Removed. (interrupt): Don't kill staprun. * stap-server: Source stap-env. Use $stap_user_ssl_db and $stap_root_ssl_db. Use $stap_tmpdir_prefix_client, $stap_tmpdir_prefix_server. Use $stap_exec_prefix. (configuration): Removed. * session.h (systemtap_session): Add cert_db_path. * runtime/staprun/staprun_funcs.c (config.h): #include it. (modverify.h): #include it. (check_signature): New function. (check_groups): New function extracted from check_permissions. (check_permissions): Call check_groups and check_signature. * runtime/staprun/mainloop.c (cleanup_and_exit): Pass modpath to staprun, not modname. * main.cxx (main): Initialize cert_db_path. Handle LONG_OPT_SIGN_MODULE. Save the module signature if the module was signed and is being saved. (LONG_OPT_SIGN_MODULE): #define it. (long_options): Add --sign-module. * cache.cxx (config.h): #include it. (add_to_cache): Add the module signature file to the cache if the module has been signed. * buildrun.cxx (modsign.h): #include it. (compile_pass): Call sign_module, if requested. * configure.ac: Define HAVE_NSS if NSS libraries are available. * Makefile.am (AM_CPPFLAGS): Add -DSYSCONFDIR. (bin_SCRIPTS): Add stap-env, stap-gen-cert, stap-authorize-cert, stap-authorize-signing-cert, stap-authorize-server-cert. Remove stap-gen-server-cert, stap-add-server-cert. (stap_SOURCES): Add nsscommon.c, modsign.cxx (stap_CPPFLAGS): Add $(nss_CFLAGS), $(nspr_CFLAGS). (stap_LDADD): Add -lnss3. (staprun_SOURCES): Add nsscommon.c. * modsign.cxx: New file. * modsign.h: New file. * nsscommon.c: New file. * nsscommon.h: New file. * runtime/staprun/modverify.c: New file. * runtime/staprun/modverify.h: New file. * stap-authorize-cert: New file. * stap-authorize-signing-cert: New file. * stap-env: New file. * Makefile.in: Regenerated. * aclocal.m4: Regenerated. * config.in: Regenerated. * configure: Regenerated. * doc/Makefile.in: Regenerated. * doc/SystemTap_Tapset_Reference/Makefile.in: Regenerated. * testsuite/Makefile.in: Regenerated. * testsuite/aclocal.m4: Regenerated. --- stap-server | 25 +++++++------------------ 1 file changed, 7 insertions(+), 18 deletions(-) (limited to 'stap-server') diff --git a/stap-server b/stap-server index ec827a09..d26eaff9 100755 --- a/stap-server +++ b/stap-server @@ -16,22 +16,12 @@ # Catch ctrl-c and other termination signals trap 'terminate' SIGTERM SIGINT +# Initialize the environment +. stap-env + #----------------------------------------------------------------------------- # Helper functions. #----------------------------------------------------------------------------- -# function: configuration -function configuration { - # INSTALL-HOOK These settings work for running the client from the source tree - # INSTALL-HOOK using the dejagnu test harness and will be overridden at install - # INSTALL-HOOK time. - exec_prefix= - sysconfdir=`pwd`/net - - # Configuration - tmpdir_prefix_client=stap.client - tmpdir_prefix_server=stap.server -} - # function: initialization function initialization { # Initialization @@ -92,18 +82,18 @@ function unpack_request { fatal "Cannot unpack zip archive $zip_client" # Identify the client's request tree. The zip file should have expanded - # into a single directory named to match $tmpdir_prefix_client.?????? + # into a single directory named to match $stap_tmpdir_prefix_client.?????? # which should now be the only item in the current directory. test "`ls | wc -l`" = 3 || \ fatal "Wrong number of files after expansion of client's zip file" - tmpdir_client=`ls | grep $tmpdir_prefix_client.......\$` + tmpdir_client=`ls | grep $stap_tmpdir_prefix_client.......\$` test "X$tmpdir_client" != "X" || \ fatal "Client zip file did not expand as expected" # Move the client's temp directory to a local temp location - local local_tmpdir_client=`mktemp -dt $tmpdir_prefix_server.client.XXXXXX` || \ + local local_tmpdir_client=`mktemp -dt $stap_tmpdir_prefix_server.client.XXXXXX` || \ fatal "Cannot create temporary client request directory " $local_tmpdir_client mv $tmpdir_client/* $local_tmpdir_client rm -fr $tmpdir_client @@ -340,7 +330,7 @@ function call_stap { server_p_phase=$p_phase fi - eval ${exec_prefix}stap "$cmdline" -k -p $server_p_phase \ + eval ${stap_exec_prefix}stap "$cmdline" --sign-module -k -p $server_p_phase \ >> $tmpdir_server/stdout \ 2>> $tmpdir_server/stderr @@ -433,7 +423,6 @@ function terminate { #----------------------------------------------------------------------------- # Beginning of main line execution. #----------------------------------------------------------------------------- -configuration initialization "$@" unpack_request check_request -- cgit