[Pkg-cups-devel] r198 - in cupsys/branches/cups-1.2-ubuntu/debian: . patches

Martin Pitt mpitt at costa.debian.org
Mon Apr 24 17:25:33 UTC 2006 

Author: mpitt
Date: Mon Apr 24 17:25:32 2006
New Revision: 198

Modified:
   cupsys/branches/cups-1.2-ubuntu/debian/changelog
   cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch
Log:
* debian/patches/09_runasuser.dpatch: Do not drop additional group
  privileges in scheduler/process.c. This should fix a range of bugs
  concerning detection of parallel port printers and other 'permission
  denied' bugs.



Modified: cupsys/branches/cups-1.2-ubuntu/debian/changelog
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/changelog	(original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/changelog	Mon Apr 24 17:25:32 2006
@@ -2,8 +2,12 @@
 
   * debian/cupsys-client.links: Fix cupsenable/cupsdisable manpage link.
     Closes: LP#40725
+  * debian/patches/09_runasuser.dpatch: Do not drop additional group
+    privileges in scheduler/process.c. This should fix a range of bugs
+    concerning detection of parallel port printers and other 'permission
+    denied' bugs.
 
- -- Martin Pitt <martin.pitt at ubuntu.com>  Mon, 24 Apr 2006 18:07:20 +0200
+ -- Martin Pitt <martin.pitt at ubuntu.com>  Mon, 24 Apr 2006 19:17:12 +0200
 
 cupsys (1.1.99.rc2-0ubuntu1) dapper; urgency=low
 

Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch	(original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch	Mon Apr 24 17:25:32 2006
@@ -6,8 +6,8 @@
 
 @DPATCH@
 diff -urNad cups-1.2-ubuntu~/config-scripts/cups-defaults.m4 cups-1.2-ubuntu/config-scripts/cups-defaults.m4
---- cups-1.2-ubuntu~/config-scripts/cups-defaults.m4	2006-04-06 22:03:32.000000000 +0200
-+++ cups-1.2-ubuntu/config-scripts/cups-defaults.m4	2006-04-21 15:52:19.000000000 +0200
+--- cups-1.2-ubuntu~/config-scripts/cups-defaults.m4	2006-04-24 19:15:03.000000000 +0200
++++ cups-1.2-ubuntu/config-scripts/cups-defaults.m4	2006-04-24 19:15:53.000000000 +0200
 @@ -218,6 +218,17 @@
  AC_DEFINE_UNQUOTED(CUPS_DEFAULT_GROUP, "$CUPS_GROUP")
  AC_DEFINE_UNQUOTED(CUPS_DEFAULT_SYSTEM_GROUPS, "$CUPS_SYSTEM_GROUPS")
@@ -27,8 +27,8 @@
  AC_ARG_WITH(printcap, [  --with-printcap     set default printcap file],
  	default_printcap="$withval",
 diff -urNad cups-1.2-ubuntu~/config.h.in cups-1.2-ubuntu/config.h.in
---- cups-1.2-ubuntu~/config.h.in	2006-04-06 22:03:32.000000000 +0200
-+++ cups-1.2-ubuntu/config.h.in	2006-04-21 15:52:19.000000000 +0200
+--- cups-1.2-ubuntu~/config.h.in	2006-04-24 19:15:03.000000000 +0200
++++ cups-1.2-ubuntu/config.h.in	2006-04-24 19:15:53.000000000 +0200
 @@ -41,6 +41,11 @@
  #define CUPS_DEFAULT_GROUP	"sys"
  #define CUPS_DEFAULT_SYSTEM_GROUPS	"sys root system"
@@ -42,8 +42,8 @@
  /*
   * Default file permissions...
 diff -urNad cups-1.2-ubuntu~/scheduler/cert.c cups-1.2-ubuntu/scheduler/cert.c
---- cups-1.2-ubuntu~/scheduler/cert.c	2006-04-07 16:39:46.000000000 +0200
-+++ cups-1.2-ubuntu/scheduler/cert.c	2006-04-21 15:52:42.000000000 +0200
+--- cups-1.2-ubuntu~/scheduler/cert.c	2006-04-24 19:15:03.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/cert.c	2006-04-24 19:15:53.000000000 +0200
 @@ -116,7 +116,7 @@
      * Root certificate...
      */
@@ -54,8 +54,8 @@
  
      cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdAddCert: NumSystemGroups=%d",
 diff -urNad cups-1.2-ubuntu~/scheduler/conf.c cups-1.2-ubuntu/scheduler/conf.c
---- cups-1.2-ubuntu~/scheduler/conf.c	2006-04-06 22:03:32.000000000 +0200
-+++ cups-1.2-ubuntu/scheduler/conf.c	2006-04-21 15:52:19.000000000 +0200
+--- cups-1.2-ubuntu~/scheduler/conf.c	2006-04-24 19:15:03.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/conf.c	2006-04-24 19:15:53.000000000 +0200
 @@ -460,7 +460,11 @@
    if (!status)
      return (0);
@@ -69,8 +69,8 @@
   /*
    * Use the default system group if none was supplied in cupsd.conf...
 diff -urNad cups-1.2-ubuntu~/scheduler/main.c cups-1.2-ubuntu/scheduler/main.c
---- cups-1.2-ubuntu~/scheduler/main.c	2006-04-07 17:36:10.000000000 +0200
-+++ cups-1.2-ubuntu/scheduler/main.c	2006-04-21 15:52:19.000000000 +0200
+--- cups-1.2-ubuntu~/scheduler/main.c	2006-04-24 19:15:03.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/main.c	2006-04-24 19:15:53.000000000 +0200
 @@ -56,6 +56,9 @@
  #include <sys/resource.h>
  #include <syslog.h>
@@ -112,3 +112,22 @@
      {
       /*
        * Update the root certificate...
+diff -urNad cups-1.2-ubuntu~/scheduler/process.c cups-1.2-ubuntu/scheduler/process.c
+--- cups-1.2-ubuntu~/scheduler/process.c	2006-04-06 22:32:07.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/process.c	2006-04-24 19:16:09.000000000 +0200
+@@ -245,15 +245,6 @@
+       if (setuid(User))
+         exit(errno);
+     }
+-    else
+-    {
+-     /*
+-      * Reset group membership to just the main one we belong to.
+-      */
+-
+-      setgid(Group);
+-      setgroups(1, &Group);
+-    }
+ 
+    /*
+     * Change umask to restrict permissions on created files...

More information about the Pkg-cups-devel mailing list