From d2c9ec9b6933fbe36834d7ad52be0994e96eb12c Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Mon, 14 Sep 2009 11:58:22 -0400
Subject: Allow remaining process.* probes for unprivileged users.

---
 stap-server | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'stap-server')

diff --git a/stap-server b/stap-server
index 316cc954..e6855341 100755
--- a/stap-server
+++ b/stap-server
@@ -377,7 +377,7 @@ function package_response {
 
     # Compress the server's temporary directory into a .zip archive.
     (rm $zip_server && zip -r $zip_server `basename $tmpdir_server` > /dev/null) || \
-	fatal "zip of request tree, $tmpdir_server, failed"
+	fatal "zip of server response tree, $tmpdir_server, failed"
 }
 
 # function: fatal [ MESSAGE ]
-- 
cgit 


From b9c1510ee2ef5283d7faafad4e82a4bb933d9e29 Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Mon, 14 Sep 2009 15:06:36 -0400
Subject: 2009-09-14  Dave Brolley  <brolley@redhat.com>

        * modsign.cxx (init_cert_db_path): Use 'system' call.
        (sign_module): Renamed to 'main'. This is now an independant program.
        Check for arguments. Return 1 on error.
        * buildrun.cxx (modsign.h): Don't #include it.
        (compile_pass): Don't sign the module.
        * main.cxx (main): Don't copy the module signature.
        * cache.cxx (add_to_cache): Don't cache the module signature.
        * Makefile.am (bin_PROGRAMS): Add stap-sign-module.
        (stap_SOURCES): Remove modsign.cxx and nsscommon.c.
        (stap_sign_module_SOURCES): New variable.
        (stap_sign_module_CPPFLAGS): New variable.
        (stap_sign_module_LDFLAGS): New variable.
        (stap_sign_module_LDADD): New variable.
        * stap-server (initialization): Initialize unprivileged.
        (parse_options): Handle --unprivileged.
        (create_response): Call stap-sign-module if --unprivileged was
        specified.
        * systemtap.spec: Add stap-sign-module to stap-server.
        * Makefile.in: Regenerated.
        * doc/Makefile.in: Regenerated.
        * doc/SystemTap_Tapset_Reference/Makefile.in: Regenerated.
        * grapher/Makefile.in: Regenerated.
        * testsuite/Makefile.in: Regenerated.
        * aclocal.m4: Likewise.
        * testsuite/aclocal.m4: Likewise.
        * configure: Likewise.
        * testsuite/configure: Likewise.
---
 stap-server | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'stap-server')

diff --git a/stap-server b/stap-server
index 316cc954..a6539d44 100755
--- a/stap-server
+++ b/stap-server
@@ -31,6 +31,7 @@ function initialization {
     # Default options settings
     p_phase=5
     keep_temps=0
+    unprivileged=0
 
     # Request file name.
     zip_client=$1
@@ -188,6 +189,15 @@ function parse_options {
 
         # Start of a new token.
 	first_token=$1
+
+	# Handle the --unprivileged option.
+	if test "X$first_token" = "X--unprivileged"; then
+	    unprivileged=1
+	    shift
+	    continue
+	fi
+
+	# Process the option.
 	until test $advance_p != 0
 	do
             # Identify the next option
@@ -357,6 +367,14 @@ function create_response {
 
         # Add the contents of the stap temp directory to the server output directory
 	ln -s $tmpdir_stap `basename $tmpdir_stap`
+
+        # Sign any resulting module if --unprivileged was specified.
+	if test $unprivileged = 1; then
+	    modname=`find $tmpdir_stap -name '*.ko'`
+	    if test "X$modname" != "X"; then
+		${stap_exec_prefix}stap-sign-module $modname $ssl_db
+	    fi
+	fi
     fi
 
     # If the user specified -p5, remove the name of the kernel module from stdout.
-- 
cgit 


From 21af222fd514238737bc90ccd5d290152502c5ca Mon Sep 17 00:00:00 2001
From: Josh Stone <jistone@redhat.com>
Date: Mon, 14 Sep 2009 17:43:51 -0700
Subject: Get the module to sign from -p4's stdout

The saved stdout should have the exact name of the generated module,
which is better than using a recursive find to locate it.  Tracepoints
and @cast may generate additional .ko's which we don't want to confuse
with the real deal.

* stap-server (create_response): grep stdout for the module name.
---
 stap-server | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'stap-server')

diff --git a/stap-server b/stap-server
index 3358bcf1..f9ccde04 100755
--- a/stap-server
+++ b/stap-server
@@ -368,9 +368,9 @@ function create_response {
         # Add the contents of the stap temp directory to the server output directory
 	ln -s $tmpdir_stap `basename $tmpdir_stap`
 
-        # Sign any resulting module if --unprivileged was specified.
-	if test $unprivileged = 1; then
-	    modname=`find $tmpdir_stap -name '*.ko'`
+        # Sign the resulting module if --unprivileged was specified.
+	if test $unprivileged = 1 -a $p_phase -ge 4; then
+	    modname=$tmpdir_stap/`grep -m1 '^.*\.ko$' stdout`
 	    if test "X$modname" != "X"; then
 		${stap_exec_prefix}stap-sign-module $modname $ssl_db
 	    fi
-- 
cgit