|
 |
0ac9f2 |
From a7b0f7e1ce2de1acea9a8c286a0ff3dd9bc245cb Mon Sep 17 00:00:00 2001
|
|
|
0ac9f2 |
From: Peter Jones <pjones@redhat.com>
|
|
|
0ac9f2 |
Date: Tue, 8 Aug 2017 17:28:19 -0400
|
|
|
0ac9f2 |
Subject: [PATCH 24/29] Make the daemon also try to give better errors on
|
|
|
0ac9f2 |
-EPERM etc.
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
Basically 6796e5f but also for the daemon. This also tries to fix them
|
|
|
0ac9f2 |
up to save errno better, for more accurate reporting.
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
|
0ac9f2 |
---
|
|
|
0ac9f2 |
src/daemon.c | 27 +++++++++++++++++++++++++--
|
|
|
0ac9f2 |
src/pesign.c | 8 ++++++--
|
|
|
0ac9f2 |
2 files changed, 31 insertions(+), 4 deletions(-)
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
diff --git a/src/daemon.c b/src/daemon.c
|
|
|
0ac9f2 |
index 7f694b2..942d576 100644
|
|
|
0ac9f2 |
--- a/src/daemon.c
|
|
|
0ac9f2 |
+++ b/src/daemon.c
|
|
|
0ac9f2 |
@@ -19,6 +19,7 @@
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
#include <errno.h>
|
|
|
0ac9f2 |
#include <fcntl.h>
|
|
|
0ac9f2 |
+#include <glob.h>
|
|
|
0ac9f2 |
#include <poll.h>
|
|
|
0ac9f2 |
#include <pwd.h>
|
|
|
0ac9f2 |
#include <signal.h>
|
|
|
0ac9f2 |
@@ -1104,10 +1105,32 @@ daemonize(cms_context *cms_ctx, char *certdir, int do_fork)
|
|
|
0ac9f2 |
"pesignd starting (pid %d)", ctx.pid);
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
SECStatus status = NSS_Init(certdir);
|
|
|
0ac9f2 |
+ int error = errno;
|
|
|
0ac9f2 |
if (status != SECSuccess) {
|
|
|
0ac9f2 |
+ char *globpattern = NULL;
|
|
|
0ac9f2 |
+ rc = asprintf(&globpattern, "%s/cert*.db",
|
|
|
0ac9f2 |
+ certdir);
|
|
|
0ac9f2 |
+ if (rc > 0) {
|
|
|
0ac9f2 |
+ glob_t globbuf;
|
|
|
0ac9f2 |
+ memset(&globbuf, 0, sizeof(globbuf));
|
|
|
0ac9f2 |
+ rc = glob(globpattern, GLOB_ERR, NULL,
|
|
|
0ac9f2 |
+ &globbuf);
|
|
|
0ac9f2 |
+ if (rc != 0) {
|
|
|
0ac9f2 |
+ errno = error;
|
|
|
0ac9f2 |
+ ctx.backup_cms->log(ctx.backup_cms,
|
|
|
0ac9f2 |
+ ctx.priority|LOG_NOTICE,
|
|
|
0ac9f2 |
+ "Could not open NSS database (\"%s\"): %m",
|
|
|
0ac9f2 |
+ PORT_ErrorToString(PORT_GetError()));
|
|
|
0ac9f2 |
+ exit(1);
|
|
|
0ac9f2 |
+ }
|
|
|
0ac9f2 |
+ }
|
|
|
0ac9f2 |
+ }
|
|
|
0ac9f2 |
+ if (status != SECSuccess) {
|
|
|
0ac9f2 |
+ errno = error;
|
|
|
0ac9f2 |
ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
|
|
|
0ac9f2 |
- "Could not initialize nss: %s\n",
|
|
|
0ac9f2 |
- PORT_ErrorToString(PORT_GetError()));
|
|
|
0ac9f2 |
+ "Could not initialize nss.\n"
|
|
|
0ac9f2 |
+ "NSS says \"%s\" errno says \"%m\"\n",
|
|
|
0ac9f2 |
+ PORT_ErrorToString(PORT_GetError()));
|
|
|
0ac9f2 |
exit(1);
|
|
|
0ac9f2 |
}
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
diff --git a/src/pesign.c b/src/pesign.c
|
|
|
0ac9f2 |
index 5879cfc..6ceda34 100644
|
|
|
0ac9f2 |
--- a/src/pesign.c
|
|
|
0ac9f2 |
+++ b/src/pesign.c
|
|
|
0ac9f2 |
@@ -660,10 +660,12 @@ main(int argc, char *argv[])
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
if (!daemon) {
|
|
|
0ac9f2 |
SECStatus status;
|
|
|
0ac9f2 |
+ int error;
|
|
|
0ac9f2 |
if (need_db) {
|
|
|
0ac9f2 |
status = NSS_Init(certdir);
|
|
|
0ac9f2 |
if (status != SECSuccess) {
|
|
|
0ac9f2 |
char *globpattern = NULL;
|
|
|
0ac9f2 |
+ error = errno;
|
|
|
0ac9f2 |
rc = asprintf(&globpattern, "%s/cert*.db",
|
|
|
0ac9f2 |
certdir);
|
|
|
0ac9f2 |
if (rc > 0) {
|
|
|
0ac9f2 |
@@ -680,8 +682,10 @@ main(int argc, char *argv[])
|
|
|
0ac9f2 |
} else
|
|
|
0ac9f2 |
status = NSS_NoDB_Init(NULL);
|
|
|
0ac9f2 |
if (status != SECSuccess) {
|
|
|
0ac9f2 |
- errx(1, "Could not initialize nss. NSS says \"%s\" errno says \"%m\"\n",
|
|
|
0ac9f2 |
- PORT_ErrorToString(PORT_GetError()));
|
|
|
0ac9f2 |
+ errno = error;
|
|
|
0ac9f2 |
+ errx(1, "Could not initialize nss.\n"
|
|
|
0ac9f2 |
+ "NSS says \"%s\" errno says \"%m\"\n",
|
|
|
0ac9f2 |
+ PORT_ErrorToString(PORT_GetError()));
|
|
|
0ac9f2 |
}
|
|
|
0ac9f2 |
|
|
|
0ac9f2 |
status = register_oids(ctxp->cms_ctx);
|
|
|
0ac9f2 |
--
|
|
|
0ac9f2 |
2.13.4
|
|
|
0ac9f2 |
|