Blob Blame History Raw
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 8 Aug 2017 17:28:19 -0400
Subject: [PATCH] Make the daemon also try to give better errors on -EPERM etc.

Basically 6796e5f but also for the daemon.  This also tries to fix them
up to save errno better, for more accurate reporting.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/daemon.c | 27 +++++++++++++++++++++++++--
 src/pesign.c |  8 ++++++--
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/src/daemon.c b/src/daemon.c
index 7f694b2..942d576 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -19,6 +19,7 @@
 
 #include <errno.h>
 #include <fcntl.h>
+#include <glob.h>
 #include <poll.h>
 #include <pwd.h>
 #include <signal.h>
@@ -1104,10 +1105,32 @@ daemonize(cms_context *cms_ctx, char *certdir, int do_fork)
 		"pesignd starting (pid %d)", ctx.pid);
 
 	SECStatus status = NSS_Init(certdir);
+	int error = errno;
 	if (status != SECSuccess) {
+		char *globpattern = NULL;
+		rc = asprintf(&globpattern, "%s/cert*.db",
+			      certdir);
+		if (rc > 0) {
+			glob_t globbuf;
+			memset(&globbuf, 0, sizeof(globbuf));
+			rc = glob(globpattern, GLOB_ERR, NULL,
+				  &globbuf);
+			if (rc != 0) {
+				errno = error;
+				ctx.backup_cms->log(ctx.backup_cms,
+					ctx.priority|LOG_NOTICE,
+					"Could not open NSS database (\"%s\"): %m",
+					PORT_ErrorToString(PORT_GetError()));
+				exit(1);
+			}
+		}
+	}
+	if (status != SECSuccess) {
+		errno = error;
 		ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
-			"Could not initialize nss: %s\n",
-			PORT_ErrorToString(PORT_GetError()));
+				    "Could not initialize nss.\n"
+				    "NSS says \"%s\" errno says \"%m\"\n",
+				    PORT_ErrorToString(PORT_GetError()));
 		exit(1);
 	}
 
diff --git a/src/pesign.c b/src/pesign.c
index 5879cfc..6ceda34 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -660,10 +660,12 @@ main(int argc, char *argv[])
 
 	if (!daemon) {
 		SECStatus status;
+		int error;
 		if (need_db) {
 			status = NSS_Init(certdir);
 			if (status != SECSuccess) {
 				char *globpattern = NULL;
+				error = errno;
 				rc = asprintf(&globpattern, "%s/cert*.db",
 					      certdir);
 				if (rc > 0) {
@@ -680,8 +682,10 @@ main(int argc, char *argv[])
 		} else
 			status = NSS_NoDB_Init(NULL);
 		if (status != SECSuccess) {
-			errx(1, "Could not initialize nss. NSS says \"%s\" errno says \"%m\"\n",
-				PORT_ErrorToString(PORT_GetError()));
+			errno = error;
+			errx(1, "Could not initialize nss.\n"
+			        "NSS says \"%s\" errno says \"%m\"\n",
+			     PORT_ErrorToString(PORT_GetError()));
 		}
 
 		status = register_oids(ctxp->cms_ctx);