From a7b0f7e1ce2de1acea9a8c286a0ff3dd9bc245cb Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 8 Aug 2017 17:28:19 -0400 Subject: [PATCH 24/29] Make the daemon also try to give better errors on -EPERM etc. Basically 6796e5f but also for the daemon. This also tries to fix them up to save errno better, for more accurate reporting. Signed-off-by: Peter Jones --- src/daemon.c | 27 +++++++++++++++++++++++++-- src/pesign.c | 8 ++++++-- 2 files changed, 31 insertions(+), 4 deletions(-) diff --git a/src/daemon.c b/src/daemon.c index 7f694b2..942d576 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -19,6 +19,7 @@ #include #include +#include #include #include #include @@ -1104,10 +1105,32 @@ daemonize(cms_context *cms_ctx, char *certdir, int do_fork) "pesignd starting (pid %d)", ctx.pid); SECStatus status = NSS_Init(certdir); + int error = errno; if (status != SECSuccess) { + char *globpattern = NULL; + rc = asprintf(&globpattern, "%s/cert*.db", + certdir); + if (rc > 0) { + glob_t globbuf; + memset(&globbuf, 0, sizeof(globbuf)); + rc = glob(globpattern, GLOB_ERR, NULL, + &globbuf); + if (rc != 0) { + errno = error; + ctx.backup_cms->log(ctx.backup_cms, + ctx.priority|LOG_NOTICE, + "Could not open NSS database (\"%s\"): %m", + PORT_ErrorToString(PORT_GetError())); + exit(1); + } + } + } + if (status != SECSuccess) { + errno = error; ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE, - "Could not initialize nss: %s\n", - PORT_ErrorToString(PORT_GetError())); + "Could not initialize nss.\n" + "NSS says \"%s\" errno says \"%m\"\n", + PORT_ErrorToString(PORT_GetError())); exit(1); } diff --git a/src/pesign.c b/src/pesign.c index 5879cfc..6ceda34 100644 --- a/src/pesign.c +++ b/src/pesign.c @@ -660,10 +660,12 @@ main(int argc, char *argv[]) if (!daemon) { SECStatus status; + int error; if (need_db) { status = NSS_Init(certdir); if (status != SECSuccess) { char *globpattern = NULL; + error = errno; rc = asprintf(&globpattern, "%s/cert*.db", certdir); if (rc > 0) { @@ -680,8 +682,10 @@ main(int argc, char *argv[]) } else status = NSS_NoDB_Init(NULL); if (status != SECSuccess) { - errx(1, "Could not initialize nss. NSS says \"%s\" errno says \"%m\"\n", - PORT_ErrorToString(PORT_GetError())); + errno = error; + errx(1, "Could not initialize nss.\n" + "NSS says \"%s\" errno says \"%m\"\n", + PORT_ErrorToString(PORT_GetError())); } status = register_oids(ctxp->cms_ctx); -- 2.13.4