[Pkg-cups-devel] r47 - in cupsys/branches/cups-1.2/debian: . patches
Martin Pitt
mpitt at costa.debian.org
Wed Dec 7 14:11:51 UTC 2005
Author: mpitt
Date: Wed Dec 7 14:11:49 2005
New Revision: 47
Added:
cupsys/branches/cups-1.2/debian/patches/09_runasuser_fixes.dpatch (contents, props changed)
Modified:
cupsys/branches/cups-1.2/debian/changelog
cupsys/branches/cups-1.2/debian/patches/00list
Log:
Add debian/patches/09_runasuser_fixes.dpatch:
- scheduler/main.c: Generate a certificate even when running as user, just
as in 1.1.x; this unbreaks local certificate authorization for cupsd
when it runs as normal user.
- scheduler/main.c: When running as non-root, call initgroups() instead of
setgroups() to allow auxiliary groups. These are required to access
different device types (lp for USB/parallel printers, dialout for serial
printers, etc.)
Modified: cupsys/branches/cups-1.2/debian/changelog
==============================================================================
--- cupsys/branches/cups-1.2/debian/changelog (original)
+++ cupsys/branches/cups-1.2/debian/changelog Wed Dec 7 14:11:49 2005
@@ -22,8 +22,16 @@
- Put configuration files into group root instead of nobody to avoid
privilege escalation of nobody/nogroup and comply to Debian standards.
- Disable changing permissions of cupsd.conf conffile.
+ * Add debian/patches/09_runasuser_fixes.dpatch:
+ - scheduler/main.c: Generate a certificate even when running as user, just
+ as in 1.1.x; this unbreaks local certificate authorization for cupsd
+ when it runs as normal user.
+ - scheduler/main.c: When running as non-root, call initgroups() instead of
+ setgroups() to allow auxiliary groups. These are required to access
+ different device types (lp for USB/parallel printers, dialout for serial
+ printers, etc.)
- -- Martin Pitt <mpitt at debian.org> Wed, 7 Dec 2005 14:44:33 +0100
+ -- Martin Pitt <mpitt at debian.org> Wed, 7 Dec 2005 15:01:24 +0100
cupsys (1.1.99.b1.r4841-1) experimental; urgency=low
Modified: cupsys/branches/cups-1.2/debian/patches/00list
==============================================================================
--- cupsys/branches/cups-1.2/debian/patches/00list (original)
+++ cupsys/branches/cups-1.2/debian/patches/00list Wed Dec 7 14:11:49 2005
@@ -5,6 +5,7 @@
06_replacepdftops.dpatch
07_removecvstag.dpatch
08_cupsd.conf.conf.d.dpatch
+09_runasuser_fixes.dpatch
10_cupsd.conf2.dpatch
11_pam.dpatch
19_cupsaccept.dpatch
Added: cupsys/branches/cups-1.2/debian/patches/09_runasuser_fixes.dpatch
==============================================================================
--- (empty file)
+++ cupsys/branches/cups-1.2/debian/patches/09_runasuser_fixes.dpatch Wed Dec 7 14:11:49 2005
@@ -0,0 +1,37 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 09_runasuser_fixes.dpatch by <mpitt at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+ at DPATCH@
+diff -urNad cupsys~/scheduler/main.c cupsys/scheduler/main.c
+--- cupsys~/scheduler/main.c 2005-12-07 14:51:18.000000000 +0100
++++ cupsys/scheduler/main.c 2005-12-07 15:00:24.000000000 +0100
+@@ -52,6 +52,7 @@
+ #include <sys/resource.h>
+ #include <syslog.h>
+ #include <grp.h>
++#include <pwd.h>
+
+ #if defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO)
+ # include <malloc.h>
+@@ -434,7 +435,7 @@
+ if (RunAsUser)
+ {
+ setgid(Group);
+- setgroups(1, &Group);
++ initgroups(getpwuid(User)->pw_name, Group);
+ setuid(User);
+ }
+
+@@ -812,8 +813,7 @@
+ * Update the root certificate once every 5 minutes...
+ */
+
+- if ((current_time - RootCertTime) >= RootCertDuration && RootCertDuration &&
+- !RunUser)
++ if ((current_time - RootCertTime) >= RootCertDuration && RootCertDuration)
+ {
+ /*
+ * Update the root certificate...
More information about the Pkg-cups-devel
mailing list