811 lines
25 KiB
Diff
811 lines
25 KiB
Diff
|
diff -up cups-1.3.8/config.h.in.str2536 cups-1.3.8/config.h.in
|
||
|
--- cups-1.3.8/config.h.in.str2536 2008-09-10 16:16:44.000000000 +0100
|
||
|
+++ cups-1.3.8/config.h.in 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -43,6 +43,13 @@
|
||
|
|
||
|
|
||
|
/*
|
||
|
+ * Default fatal error settings...
|
||
|
+ */
|
||
|
+
|
||
|
+#define CUPS_DEFAULT_FATAL_ERRORS "config"
|
||
|
+
|
||
|
+
|
||
|
+/*
|
||
|
* Default browsing settings...
|
||
|
*/
|
||
|
|
||
|
diff -up cups-1.3.8/config-scripts/cups-defaults.m4.str2536 cups-1.3.8/config-scripts/cups-defaults.m4
|
||
|
--- cups-1.3.8/config-scripts/cups-defaults.m4.str2536 2008-04-14 19:10:27.000000000 +0100
|
||
|
+++ cups-1.3.8/config-scripts/cups-defaults.m4 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -43,6 +43,14 @@ AC_ARG_WITH(log_file_perm, [ --with-log
|
||
|
AC_SUBST(CUPS_LOG_FILE_PERM)
|
||
|
AC_DEFINE_UNQUOTED(CUPS_DEFAULT_LOG_FILE_PERM, 0$CUPS_LOG_FILE_PERM)
|
||
|
|
||
|
+dnl Default FatalErrors
|
||
|
+AC_ARG_WITH(fatal_errors, [ --with-fatal-errors set default FatalErrors value, default=config],
|
||
|
+ CUPS_FATAL_ERRORS="$withval",
|
||
|
+ CUPS_FATAL_ERRORS="config")
|
||
|
+AC_SUBST(CUPS_FATAL_ERRORS)
|
||
|
+AC_DEFINE_UNQUOTED(CUPS_DEFAULT_FATAL_ERRORS, "$CUPS_FATAL_ERRORS")
|
||
|
+
|
||
|
+
|
||
|
dnl Default Browsing
|
||
|
AC_ARG_ENABLE(browsing, [ --enable-browsing enable Browsing by default, default=yes])
|
||
|
if test "x$enable_browsing" = xno; then
|
||
|
diff -up cups-1.3.8/configure.str2536 cups-1.3.8/configure
|
||
|
--- cups-1.3.8/configure.str2536 2008-09-10 16:16:44.000000000 +0100
|
||
|
+++ cups-1.3.8/configure 2008-09-10 16:18:16.000000000 +0100
|
||
|
@@ -782,6 +782,7 @@ LAUNCHDLIBS
|
||
|
LANGUAGES
|
||
|
CUPS_CONFIG_FILE_PERM
|
||
|
CUPS_LOG_FILE_PERM
|
||
|
+CUPS_FATAL_ERRORS
|
||
|
CUPS_BROWSING
|
||
|
CUPS_BROWSE_LOCAL_PROTOCOLS
|
||
|
CUPS_BROWSE_REMOTE_PROTOCOLS
|
||
|
@@ -1471,6 +1472,7 @@ Optional Packages:
|
||
|
--with-languages set installed languages, default=all
|
||
|
--with-config-file-perm set default ConfigFilePerm value, default=0640
|
||
|
--with-log-file-perm set default LogFilePerm value, default=0644
|
||
|
+ --with-fatal-errors set default FatalErrors value, default=config
|
||
|
--with-local-protocols set default BrowseLocalProtocols, default="CUPS"
|
||
|
--with-remote-protocols set default BrowseRemoteProtocols, default="CUPS"
|
||
|
--with-cups-user set default user for CUPS
|
||
|
@@ -9680,10 +9682,10 @@ case "$uname" in
|
||
|
;;
|
||
|
Linux* | GNU*)
|
||
|
# Linux and GNU Hurd
|
||
|
- MAN1EXT=1.gz
|
||
|
- MAN5EXT=5.gz
|
||
|
- MAN7EXT=7.gz
|
||
|
- MAN8EXT=8.gz
|
||
|
+ MAN1EXT=1
|
||
|
+ MAN5EXT=5
|
||
|
+ MAN7EXT=7
|
||
|
+ MAN8EXT=8
|
||
|
MAN8DIR=8
|
||
|
;;
|
||
|
*)
|
||
|
@@ -17624,6 +17626,21 @@ cat >>confdefs.h <<_ACEOF
|
||
|
_ACEOF
|
||
|
|
||
|
|
||
|
+
|
||
|
+# Check whether --with-fatal_errors was given.
|
||
|
+if test "${with_fatal_errors+set}" = set; then
|
||
|
+ withval=$with_fatal_errors; CUPS_FATAL_ERRORS="$withval"
|
||
|
+else
|
||
|
+ CUPS_FATAL_ERRORS="config"
|
||
|
+fi
|
||
|
+
|
||
|
+
|
||
|
+cat >>confdefs.h <<_ACEOF
|
||
|
+#define CUPS_DEFAULT_FATAL_ERRORS "$CUPS_FATAL_ERRORS"
|
||
|
+_ACEOF
|
||
|
+
|
||
|
+
|
||
|
+
|
||
|
# Check whether --enable-browsing was given.
|
||
|
if test "${enable_browsing+set}" = set; then
|
||
|
enableval=$enable_browsing;
|
||
|
@@ -19407,6 +19424,7 @@ LAUNCHDLIBS!$LAUNCHDLIBS$ac_delim
|
||
|
LANGUAGES!$LANGUAGES$ac_delim
|
||
|
CUPS_CONFIG_FILE_PERM!$CUPS_CONFIG_FILE_PERM$ac_delim
|
||
|
CUPS_LOG_FILE_PERM!$CUPS_LOG_FILE_PERM$ac_delim
|
||
|
+CUPS_FATAL_ERRORS!$CUPS_FATAL_ERRORS$ac_delim
|
||
|
CUPS_BROWSING!$CUPS_BROWSING$ac_delim
|
||
|
CUPS_BROWSE_LOCAL_PROTOCOLS!$CUPS_BROWSE_LOCAL_PROTOCOLS$ac_delim
|
||
|
CUPS_BROWSE_REMOTE_PROTOCOLS!$CUPS_BROWSE_REMOTE_PROTOCOLS$ac_delim
|
||
|
@@ -19432,7 +19450,6 @@ PHPCONFIG!$PHPCONFIG$ac_delim
|
||
|
PHPDIR!$PHPDIR$ac_delim
|
||
|
PYTHON!$PYTHON$ac_delim
|
||
|
INSTALL_LANGUAGES!$INSTALL_LANGUAGES$ac_delim
|
||
|
-UNINSTALL_LANGUAGES!$UNINSTALL_LANGUAGES$ac_delim
|
||
|
_ACEOF
|
||
|
|
||
|
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
|
||
|
@@ -19474,11 +19491,12 @@ _ACEOF
|
||
|
ac_delim='%!_!# '
|
||
|
for ac_last_try in false false false false false :; do
|
||
|
cat >conf$$subs.sed <<_ACEOF
|
||
|
+UNINSTALL_LANGUAGES!$UNINSTALL_LANGUAGES$ac_delim
|
||
|
LIBOBJS!$LIBOBJS$ac_delim
|
||
|
LTLIBOBJS!$LTLIBOBJS$ac_delim
|
||
|
_ACEOF
|
||
|
|
||
|
- if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 2; then
|
||
|
+ if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 3; then
|
||
|
break
|
||
|
elif $ac_last_try; then
|
||
|
{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
|
||
|
diff -up cups-1.3.8/doc/help/ref-cupsd-conf.html.in.str2536 cups-1.3.8/doc/help/ref-cupsd-conf.html.in
|
||
|
--- cups-1.3.8/doc/help/ref-cupsd-conf.html.in.str2536 2008-06-17 19:27:16.000000000 +0100
|
||
|
+++ cups-1.3.8/doc/help/ref-cupsd-conf.html.in 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -1115,6 +1115,57 @@ printer.</P>
|
||
|
</UL>
|
||
|
|
||
|
|
||
|
+
|
||
|
+<H2 CLASS="title"><SPAN CLASS="info">CUPS 1.4</SPAN><A NAME="FatalErrors">FatalErrors</A></H2>
|
||
|
+
|
||
|
+<H3>Examples</H3>
|
||
|
+
|
||
|
+<PRE CLASS="command">
|
||
|
+FatalErrors none
|
||
|
+FatalErrors all
|
||
|
+FatalErrors browse
|
||
|
+FatalErrors config
|
||
|
+FatalErrors listen
|
||
|
+FatalErrors log
|
||
|
+FatalErrors permissions
|
||
|
+FatalErrors all -permissions
|
||
|
+FatalErrors config permissions log
|
||
|
+</PRE>
|
||
|
+
|
||
|
+<H3>Description</H3>
|
||
|
+
|
||
|
+<P>The <CODE>FatalErrors</CODE> directive determines whether certain kinds of
|
||
|
+errors are fatal. The following kinds of errors are currently recognized:</P>
|
||
|
+
|
||
|
+<UL>
|
||
|
+
|
||
|
+ <LI><CODE>none</CODE> - No errors are fatal</LI>
|
||
|
+
|
||
|
+ <LI><CODE>all</CODE> - All of the errors below are fatal</LI>
|
||
|
+
|
||
|
+ <LI><CODE>browse</CODE> - Browsing initialization errors are fatal,
|
||
|
+ for example failed binding to the CUPS browse port or failed connections
|
||
|
+ to LDAP servers</LI>
|
||
|
+
|
||
|
+ <LI><CODE>config</CODE> - Configuration file syntax errors are
|
||
|
+ fatal</LI>
|
||
|
+
|
||
|
+ <LI><CODE>listen</CODE> - Listen or Port errors are fatal, except for
|
||
|
+ IPv6 failures on the loopback or "any" addresses</LI>
|
||
|
+
|
||
|
+ <LI><CODE>log</CODE> - Log file creation or write errors are fatal</LI>
|
||
|
+
|
||
|
+ <LI><CODE>permissions</CODE> - Bad startup file permissions are
|
||
|
+ fatal, for example shared SSL certificate and key files with world-
|
||
|
+ read permissions</LI>
|
||
|
+
|
||
|
+</UL>
|
||
|
+
|
||
|
+<P>Multiple errors can be listed, and the form "-kind" can be used with
|
||
|
+<CODE>all</CODE> to remove specific kinds of errors. The default setting is
|
||
|
+<CODE>@CUPS_FATAL_ERRORS@</CODE>.</P>
|
||
|
+
|
||
|
+
|
||
|
<H2 CLASS="title"><SPAN CLASS="info">CUPS 1.1.18</SPAN><A NAME="FileDevice">FileDevice</A></H2>
|
||
|
|
||
|
<H3>Examples</H3>
|
||
|
diff -up cups-1.3.8/man/cupsd.conf.man.in.str2536 cups-1.3.8/man/cupsd.conf.man.in
|
||
|
--- cups-1.3.8/man/cupsd.conf.man.in.str2536 2008-06-16 18:41:11.000000000 +0100
|
||
|
+++ cups-1.3.8/man/cupsd.conf.man.in 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -275,6 +275,15 @@ ErrorLog syslog
|
||
|
.br
|
||
|
Specifies the error log filename.
|
||
|
.TP 5
|
||
|
+FatalErrors none
|
||
|
+.TP 5
|
||
|
+FatalErrors all -kind [... -kind]
|
||
|
+.TP 5
|
||
|
+FatalErrors kind [... kind]
|
||
|
+.br
|
||
|
+Specifies which errors are fatal, causing the scheduler to exit. "Kind" is
|
||
|
+"browse", "config", "listen", "log", or "permissions".
|
||
|
+.TP 5
|
||
|
FileDevice Yes
|
||
|
.TP 5
|
||
|
FileDevice No
|
||
|
diff -up cups-1.3.8/scheduler/conf.c.str2536 cups-1.3.8/scheduler/conf.c
|
||
|
--- cups-1.3.8/scheduler/conf.c.str2536 2008-09-10 16:16:44.000000000 +0100
|
||
|
+++ cups-1.3.8/scheduler/conf.c 2008-09-10 16:17:52.000000000 +0100
|
||
|
@@ -21,6 +21,7 @@
|
||
|
* get_addr_and_mask() - Get an IP address and netmask.
|
||
|
* parse_aaa() - Parse authentication, authorization, and
|
||
|
* access control lines.
|
||
|
+ * parse_fatal_errors() - Parse FatalErrors values in a string.
|
||
|
* parse_groups() - Parse system group names in a string.
|
||
|
* parse_protocols() - Parse browse protocols in a string.
|
||
|
* read_configuration() - Read a configuration file.
|
||
|
@@ -192,6 +193,7 @@ static int get_addr_and_mask(const char
|
||
|
unsigned *mask);
|
||
|
static int parse_aaa(cupsd_location_t *loc, char *line,
|
||
|
char *value, int linenum);
|
||
|
+static int parse_fatal_errors(const char *s);
|
||
|
static int parse_groups(const char *s);
|
||
|
static int parse_protocols(const char *s);
|
||
|
static int read_configuration(cups_file_t *fp);
|
||
|
@@ -512,6 +514,7 @@ cupsdReadConfiguration(void)
|
||
|
*/
|
||
|
|
||
|
ConfigFilePerm = CUPS_DEFAULT_CONFIG_FILE_PERM;
|
||
|
+ FatalErrors = parse_fatal_errors(CUPS_DEFAULT_FATAL_ERRORS);
|
||
|
DefaultAuthType = CUPSD_AUTH_BASIC;
|
||
|
#ifdef HAVE_SSL
|
||
|
DefaultEncryption = HTTP_ENCRYPT_REQUIRED;
|
||
|
@@ -782,30 +785,31 @@ cupsdReadConfiguration(void)
|
||
|
|
||
|
snprintf(temp, sizeof(temp), "%s/rss", CacheDir);
|
||
|
|
||
|
- if (cupsdCheckPermissions(RequestRoot, NULL, 0710, RunUser,
|
||
|
- Group, 1, 1) < 0 ||
|
||
|
- cupsdCheckPermissions(CacheDir, NULL, 0775, RunUser,
|
||
|
- Group, 1, 1) < 0 ||
|
||
|
- cupsdCheckPermissions(temp, NULL, 0775, RunUser,
|
||
|
- Group, 1, 1) < 0 ||
|
||
|
- cupsdCheckPermissions(StateDir, NULL, 0755, RunUser,
|
||
|
- Group, 1, 1) < 0 ||
|
||
|
- cupsdCheckPermissions(StateDir, "certs", RunUser ? 0711 : 0511, User,
|
||
|
- SystemGroupIDs[0], 1, 1) < 0 ||
|
||
|
- cupsdCheckPermissions(ServerRoot, NULL, 0755, RunUser,
|
||
|
- Group, 1, 0) < 0 ||
|
||
|
- cupsdCheckPermissions(ServerRoot, "ppd", 0755, RunUser,
|
||
|
- Group, 1, 1) < 0 ||
|
||
|
- cupsdCheckPermissions(ServerRoot, "ssl", 0700, RunUser,
|
||
|
- Group, 1, 0) < 0 ||
|
||
|
- cupsdCheckPermissions(ServerRoot, "cupsd.conf", ConfigFilePerm, RunUser,
|
||
|
- Group, 0, 0) < 0 ||
|
||
|
- cupsdCheckPermissions(ServerRoot, "classes.conf", 0600, RunUser,
|
||
|
- Group, 0, 0) < 0 ||
|
||
|
- cupsdCheckPermissions(ServerRoot, "printers.conf", 0600, RunUser,
|
||
|
- Group, 0, 0) < 0 ||
|
||
|
- cupsdCheckPermissions(ServerRoot, "passwd.md5", 0600, User,
|
||
|
- Group, 0, 0) < 0)
|
||
|
+ if ((cupsdCheckPermissions(RequestRoot, NULL, 0710, RunUser,
|
||
|
+ Group, 1, 1) < 0 ||
|
||
|
+ cupsdCheckPermissions(CacheDir, NULL, 0775, RunUser,
|
||
|
+ Group, 1, 1) < 0 ||
|
||
|
+ cupsdCheckPermissions(temp, NULL, 0775, RunUser,
|
||
|
+ Group, 1, 1) < 0 ||
|
||
|
+ cupsdCheckPermissions(StateDir, NULL, 0755, RunUser,
|
||
|
+ Group, 1, 1) < 0 ||
|
||
|
+ cupsdCheckPermissions(StateDir, "certs", RunUser ? 0711 : 0511, User,
|
||
|
+ SystemGroupIDs[0], 1, 1) < 0 ||
|
||
|
+ cupsdCheckPermissions(ServerRoot, NULL, 0755, RunUser,
|
||
|
+ Group, 1, 0) < 0 ||
|
||
|
+ cupsdCheckPermissions(ServerRoot, "ppd", 0755, RunUser,
|
||
|
+ Group, 1, 1) < 0 ||
|
||
|
+ cupsdCheckPermissions(ServerRoot, "ssl", 0700, RunUser,
|
||
|
+ Group, 1, 0) < 0 ||
|
||
|
+ cupsdCheckPermissions(ServerRoot, "cupsd.conf", ConfigFilePerm, RunUser,
|
||
|
+ Group, 0, 0) < 0 ||
|
||
|
+ cupsdCheckPermissions(ServerRoot, "classes.conf", 0600, RunUser,
|
||
|
+ Group, 0, 0) < 0 ||
|
||
|
+ cupsdCheckPermissions(ServerRoot, "printers.conf", 0600, RunUser,
|
||
|
+ Group, 0, 0) < 0 ||
|
||
|
+ cupsdCheckPermissions(ServerRoot, "passwd.md5", 0600, User,
|
||
|
+ Group, 0, 0) < 0) &&
|
||
|
+ FatalErrors & CUPSD_FATAL_PERMISSIONS)
|
||
|
return (0);
|
||
|
|
||
|
/*
|
||
|
@@ -855,7 +859,8 @@ cupsdReadConfiguration(void)
|
||
|
* is under the spool directory or does not exist...
|
||
|
*/
|
||
|
|
||
|
- if (cupsdCheckPermissions(TempDir, NULL, 01770, RunUser, Group, 1, 1) < 0)
|
||
|
+ if (cupsdCheckPermissions(TempDir, NULL, 01770, RunUser, Group, 1, 1) < 0 &&
|
||
|
+ (FatalErrors & CUPSD_FATAL_PERMISSIONS))
|
||
|
return (0);
|
||
|
}
|
||
|
|
||
|
@@ -872,8 +877,10 @@ cupsdReadConfiguration(void)
|
||
|
if (MaxClients > (MaxFDs / 3) || MaxClients <= 0)
|
||
|
{
|
||
|
if (MaxClients > 0)
|
||
|
- cupsdLogMessage(CUPSD_LOG_INFO, "MaxClients limited to 1/3 (%d) of the file descriptor limit (%d)...",
|
||
|
- MaxFDs / 3, MaxFDs);
|
||
|
+ cupsdLogMessage(CUPSD_LOG_INFO,
|
||
|
+ "MaxClients limited to 1/3 (%d) of the file descriptor "
|
||
|
+ "limit (%d)...",
|
||
|
+ MaxFDs / 3, MaxFDs);
|
||
|
|
||
|
MaxClients = MaxFDs / 3;
|
||
|
}
|
||
|
@@ -1115,7 +1122,8 @@ cupsdReadConfiguration(void)
|
||
|
{
|
||
|
cupsdLogMessage(CUPSD_LOG_EMERG,
|
||
|
"Unable to load MIME database from \'%s\'!", ServerRoot);
|
||
|
- exit(errno);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
|
||
|
cupsdLogMessage(CUPSD_LOG_INFO,
|
||
|
@@ -1912,6 +1920,86 @@ parse_aaa(cupsd_location_t *loc, /* I -
|
||
|
|
||
|
|
||
|
/*
|
||
|
+ * 'parse_fatal_errors()' - Parse FatalErrors values in a string.
|
||
|
+ */
|
||
|
+
|
||
|
+static int /* O - FatalErrors bits */
|
||
|
+parse_fatal_errors(const char *s) /* I - FatalErrors string */
|
||
|
+{
|
||
|
+ int fatal; /* FatalErrors bits */
|
||
|
+ char value[1024], /* Value string */
|
||
|
+ *valstart, /* Pointer into value */
|
||
|
+ *valend; /* End of value */
|
||
|
+
|
||
|
+
|
||
|
+ /*
|
||
|
+ * Empty FatalErrors line yields NULL pointer...
|
||
|
+ */
|
||
|
+
|
||
|
+ if (!s)
|
||
|
+ return (CUPSD_FATAL_NONE);
|
||
|
+
|
||
|
+ /*
|
||
|
+ * Loop through the value string,...
|
||
|
+ */
|
||
|
+
|
||
|
+ strlcpy(value, s, sizeof(value));
|
||
|
+
|
||
|
+ fatal = CUPSD_FATAL_NONE;
|
||
|
+
|
||
|
+ for (valstart = value; *valstart;)
|
||
|
+ {
|
||
|
+ /*
|
||
|
+ * Get the current space/comma-delimited kind name...
|
||
|
+ */
|
||
|
+
|
||
|
+ for (valend = valstart; *valend; valend ++)
|
||
|
+ if (isspace(*valend & 255) || *valend == ',')
|
||
|
+ break;
|
||
|
+
|
||
|
+ if (*valend)
|
||
|
+ *valend++ = '\0';
|
||
|
+
|
||
|
+ /*
|
||
|
+ * Add the error to the bitmask...
|
||
|
+ */
|
||
|
+
|
||
|
+ if (!strcasecmp(valstart, "all"))
|
||
|
+ fatal = CUPSD_FATAL_ALL;
|
||
|
+ else if (!strcasecmp(valstart, "browse"))
|
||
|
+ fatal |= CUPSD_FATAL_BROWSE;
|
||
|
+ else if (!strcasecmp(valstart, "-browse"))
|
||
|
+ fatal &= ~CUPSD_FATAL_BROWSE;
|
||
|
+ else if (!strcasecmp(valstart, "config"))
|
||
|
+ fatal |= CUPSD_FATAL_CONFIG;
|
||
|
+ else if (!strcasecmp(valstart, "-config"))
|
||
|
+ fatal &= ~CUPSD_FATAL_CONFIG;
|
||
|
+ else if (!strcasecmp(valstart, "listen"))
|
||
|
+ fatal |= CUPSD_FATAL_LISTEN;
|
||
|
+ else if (!strcasecmp(valstart, "-listen"))
|
||
|
+ fatal &= ~CUPSD_FATAL_LISTEN;
|
||
|
+ else if (!strcasecmp(valstart, "log"))
|
||
|
+ fatal |= CUPSD_FATAL_LOG;
|
||
|
+ else if (!strcasecmp(valstart, "-log"))
|
||
|
+ fatal &= ~CUPSD_FATAL_LOG;
|
||
|
+ else if (!strcasecmp(valstart, "permissions"))
|
||
|
+ fatal |= CUPSD_FATAL_PERMISSIONS;
|
||
|
+ else if (!strcasecmp(valstart, "-permissions"))
|
||
|
+ fatal &= ~CUPSD_FATAL_PERMISSIONS;
|
||
|
+ else if (strcasecmp(valstart, "none"))
|
||
|
+ cupsdLogMessage(CUPSD_LOG_ERROR,
|
||
|
+ "Unknown FatalErrors kind \"%s\" ignored!", valstart);
|
||
|
+
|
||
|
+ for (valstart = valend; *valstart; valstart ++)
|
||
|
+ if (!isspace(*valstart & 255) || *valstart != ',')
|
||
|
+ break;
|
||
|
+ }
|
||
|
+
|
||
|
+ return (fatal);
|
||
|
+}
|
||
|
+
|
||
|
+
|
||
|
+/*
|
||
|
* 'parse_groups()' - Parse system group names in a string.
|
||
|
*/
|
||
|
|
||
|
@@ -2740,7 +2828,8 @@ read_configuration(cups_file_t *fp) /* I
|
||
|
cupsdLogMessage(CUPSD_LOG_WARN,
|
||
|
"Unknown default authorization type %s on line %d.",
|
||
|
value, linenum);
|
||
|
- return (0);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
}
|
||
|
#ifdef HAVE_SSL
|
||
|
@@ -2761,7 +2850,8 @@ read_configuration(cups_file_t *fp) /* I
|
||
|
cupsdLogMessage(CUPSD_LOG_WARN,
|
||
|
"Unknown default encryption %s on line %d.",
|
||
|
value, linenum);
|
||
|
- return (0);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
}
|
||
|
#endif /* HAVE_SSL */
|
||
|
@@ -3148,7 +3238,8 @@ read_location(cups_file_t *fp, /* I - C
|
||
|
if (!value)
|
||
|
{
|
||
|
cupsdLogMessage(CUPSD_LOG_ERROR, "Syntax error on line %d.", linenum);
|
||
|
- return (0);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
|
||
|
if ((loc = cupsdCopyLocation(&parent)) == NULL)
|
||
|
@@ -3196,7 +3287,8 @@ read_location(cups_file_t *fp, /* I - C
|
||
|
cupsdLogMessage(CUPSD_LOG_ERROR,
|
||
|
"Unknown Location directive %s on line %d.",
|
||
|
line, linenum);
|
||
|
- return (0);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
@@ -3204,7 +3296,7 @@ read_location(cups_file_t *fp, /* I - C
|
||
|
"Unexpected end-of-file at line %d while reading location!",
|
||
|
linenum);
|
||
|
|
||
|
- return (0);
|
||
|
+ return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
|
||
|
}
|
||
|
|
||
|
|
||
|
@@ -3262,7 +3354,8 @@ read_policy(cups_file_t *fp, /* I - Con
|
||
|
if (!value)
|
||
|
{
|
||
|
cupsdLogMessage(CUPSD_LOG_ERROR, "Syntax error on line %d.", linenum);
|
||
|
- return (0);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
|
||
|
/*
|
||
|
@@ -3336,7 +3429,8 @@ read_policy(cups_file_t *fp, /* I - Con
|
||
|
cupsdLogMessage(CUPSD_LOG_ERROR,
|
||
|
"Missing <Limit ops> directive before %s on line %d.",
|
||
|
line, linenum);
|
||
|
- return (0);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
else if (!parse_aaa(op, line, value, linenum))
|
||
|
{
|
||
|
@@ -3349,7 +3443,8 @@ read_policy(cups_file_t *fp, /* I - Con
|
||
|
"Unknown Policy directive %s on line %d.",
|
||
|
line, linenum);
|
||
|
|
||
|
- return (0);
|
||
|
+ if (FatalErrors & CUPSD_FATAL_CONFIG)
|
||
|
+ return (0);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
@@ -3357,7 +3452,7 @@ read_policy(cups_file_t *fp, /* I - Con
|
||
|
"Unexpected end-of-file at line %d while reading policy \"%s\"!",
|
||
|
linenum, policy);
|
||
|
|
||
|
- return (0);
|
||
|
+ return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
|
||
|
}
|
||
|
|
||
|
|
||
|
diff -up cups-1.3.8/scheduler/conf.h.str2536 cups-1.3.8/scheduler/conf.h
|
||
|
--- cups-1.3.8/scheduler/conf.h.str2536 2008-09-10 16:16:44.000000000 +0100
|
||
|
+++ cups-1.3.8/scheduler/conf.h 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -38,6 +38,19 @@ typedef enum
|
||
|
|
||
|
|
||
|
/*
|
||
|
+ * FatalErrors flags...
|
||
|
+ */
|
||
|
+
|
||
|
+#define CUPSD_FATAL_NONE 0 /* No errors are fatal */
|
||
|
+#define CUPSD_FATAL_BROWSE 1 /* Browse bind errors are fatal */
|
||
|
+#define CUPSD_FATAL_CONFIG 2 /* Config file syntax errors are fatal */
|
||
|
+#define CUPSD_FATAL_LISTEN 4 /* Listen/Port bind errors are fatal */
|
||
|
+#define CUPSD_FATAL_LOG 8 /* Log file errors are fatal */
|
||
|
+#define CUPSD_FATAL_PERMISSIONS 16 /* File permission errors are fatal */
|
||
|
+#define CUPSD_FATAL_ALL ~0 /* All errors are fatal */
|
||
|
+
|
||
|
+
|
||
|
+/*
|
||
|
* Printcap formats...
|
||
|
*/
|
||
|
|
||
|
@@ -124,6 +137,8 @@ VAR int ClassifyOverride VALUE(0),
|
||
|
/* Allow overrides? */
|
||
|
ConfigFilePerm VALUE(0640),
|
||
|
/* Permissions for config files */
|
||
|
+ FatalErrors VALUE(CUPSD_FATAL_CONFIG),
|
||
|
+ /* Which errors are fatal? */
|
||
|
LogFilePerm VALUE(0644),
|
||
|
/* Permissions for log files */
|
||
|
LogLevel VALUE(CUPSD_LOG_ERROR),
|
||
|
diff -up cups-1.3.8/scheduler/dirsvc.c.str2536 cups-1.3.8/scheduler/dirsvc.c
|
||
|
--- cups-1.3.8/scheduler/dirsvc.c.str2536 2008-07-18 21:30:23.000000000 +0100
|
||
|
+++ cups-1.3.8/scheduler/dirsvc.c 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -954,9 +954,14 @@ cupsdStartBrowsing(void)
|
||
|
strerror(errno));
|
||
|
BrowseLocalProtocols &= ~BROWSE_CUPS;
|
||
|
BrowseRemoteProtocols &= ~BROWSE_CUPS;
|
||
|
- return;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
+ }
|
||
|
|
||
|
+ if (BrowseSocket >= 0)
|
||
|
+ {
|
||
|
/*
|
||
|
* Bind the socket to browse port...
|
||
|
*/
|
||
|
@@ -981,50 +986,60 @@ cupsdStartBrowsing(void)
|
||
|
BrowseSocket = -1;
|
||
|
BrowseLocalProtocols &= ~BROWSE_CUPS;
|
||
|
BrowseRemoteProtocols &= ~BROWSE_CUPS;
|
||
|
- return;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
- /*
|
||
|
- * Set the "broadcast" flag...
|
||
|
- */
|
||
|
-
|
||
|
- val = 1;
|
||
|
- if (setsockopt(BrowseSocket, SOL_SOCKET, SO_BROADCAST, &val, sizeof(val)))
|
||
|
+ if (BrowseSocket >= 0)
|
||
|
{
|
||
|
- cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to set broadcast mode - %s.",
|
||
|
- strerror(errno));
|
||
|
+ /*
|
||
|
+ * Set the "broadcast" flag...
|
||
|
+ */
|
||
|
+
|
||
|
+ val = 1;
|
||
|
+ if (setsockopt(BrowseSocket, SOL_SOCKET, SO_BROADCAST, &val, sizeof(val)))
|
||
|
+ {
|
||
|
+ cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to set broadcast mode - %s.",
|
||
|
+ strerror(errno));
|
||
|
|
||
|
#ifdef WIN32
|
||
|
- closesocket(BrowseSocket);
|
||
|
+ closesocket(BrowseSocket);
|
||
|
#else
|
||
|
- close(BrowseSocket);
|
||
|
+ close(BrowseSocket);
|
||
|
#endif /* WIN32 */
|
||
|
|
||
|
- BrowseSocket = -1;
|
||
|
- BrowseLocalProtocols &= ~BROWSE_CUPS;
|
||
|
- BrowseRemoteProtocols &= ~BROWSE_CUPS;
|
||
|
- return;
|
||
|
- }
|
||
|
+ BrowseSocket = -1;
|
||
|
+ BrowseLocalProtocols &= ~BROWSE_CUPS;
|
||
|
+ BrowseRemoteProtocols &= ~BROWSE_CUPS;
|
||
|
|
||
|
- /*
|
||
|
- * Close the socket on exec...
|
||
|
- */
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+ }
|
||
|
+ }
|
||
|
|
||
|
- fcntl(BrowseSocket, F_SETFD, fcntl(BrowseSocket, F_GETFD) | FD_CLOEXEC);
|
||
|
+ if (BrowseSocket >= 0)
|
||
|
+ {
|
||
|
+ /*
|
||
|
+ * Close the socket on exec...
|
||
|
+ */
|
||
|
|
||
|
- /*
|
||
|
- * Finally, add the socket to the input selection set as needed...
|
||
|
- */
|
||
|
+ fcntl(BrowseSocket, F_SETFD, fcntl(BrowseSocket, F_GETFD) | FD_CLOEXEC);
|
||
|
|
||
|
- if (BrowseRemoteProtocols & BROWSE_CUPS)
|
||
|
- {
|
||
|
/*
|
||
|
- * We only listen if we want remote printers...
|
||
|
+ * Finally, add the socket to the input selection set as needed...
|
||
|
*/
|
||
|
|
||
|
- cupsdAddSelect(BrowseSocket, (cupsd_selfunc_t)update_cups_browse,
|
||
|
- NULL, NULL);
|
||
|
+ if (BrowseRemoteProtocols & BROWSE_CUPS)
|
||
|
+ {
|
||
|
+ /*
|
||
|
+ * We only listen if we want remote printers...
|
||
|
+ */
|
||
|
+
|
||
|
+ cupsdAddSelect(BrowseSocket, (cupsd_selfunc_t)update_cups_browse,
|
||
|
+ NULL, NULL);
|
||
|
+ }
|
||
|
}
|
||
|
}
|
||
|
else
|
||
|
@@ -1043,6 +1058,10 @@ cupsdStartBrowsing(void)
|
||
|
"Unable to open an SLP handle; disabling SLP browsing!");
|
||
|
BrowseLocalProtocols &= ~BROWSE_SLP;
|
||
|
BrowseRemoteProtocols &= ~BROWSE_SLP;
|
||
|
+ BrowseSLPHandle = NULL;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
|
||
|
BrowseSLPRefresh = 0;
|
||
|
@@ -1060,6 +1079,9 @@ cupsdStartBrowsing(void)
|
||
|
"Need to set BrowseLDAPDN to use LDAP browsing!");
|
||
|
BrowseLocalProtocols &= ~BROWSE_LDAP;
|
||
|
BrowseRemoteProtocols &= ~BROWSE_LDAP;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
@@ -1105,6 +1127,9 @@ cupsdStartBrowsing(void)
|
||
|
"Unable to initialize LDAP; disabling LDAP browsing!");
|
||
|
BrowseLocalProtocols &= ~BROWSE_LDAP;
|
||
|
BrowseRemoteProtocols &= ~BROWSE_LDAP;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION,
|
||
|
(const void *)&version) != LDAP_SUCCESS)
|
||
|
@@ -1116,6 +1141,9 @@ cupsdStartBrowsing(void)
|
||
|
"disabling LDAP browsing!");
|
||
|
BrowseLocalProtocols &= ~BROWSE_LDAP;
|
||
|
BrowseRemoteProtocols &= ~BROWSE_LDAP;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
@@ -1134,6 +1162,9 @@ cupsdStartBrowsing(void)
|
||
|
ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
|
||
|
BrowseLocalProtocols &= ~BROWSE_LDAP;
|
||
|
BrowseRemoteProtocols &= ~BROWSE_LDAP;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_BROWSE)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
diff -up cups-1.3.8/scheduler/listen.c.str2536 cups-1.3.8/scheduler/listen.c
|
||
|
--- cups-1.3.8/scheduler/listen.c.str2536 2007-08-13 18:20:14.000000000 +0100
|
||
|
+++ cups-1.3.8/scheduler/listen.c 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -150,10 +150,15 @@ cupsdStartListening(void)
|
||
|
httpAddrFreeList(ServerAddrs);
|
||
|
|
||
|
if ((ServerAddrs = httpAddrGetList(ServerName, AF_UNSPEC, NULL)) == NULL)
|
||
|
+ {
|
||
|
cupsdLogMessage(CUPSD_LOG_ERROR,
|
||
|
"Unable to find IP address for server name \"%s\"!\n",
|
||
|
ServerName);
|
||
|
|
||
|
+ if (FatalErrors & CUPSD_FATAL_LISTEN)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+ }
|
||
|
+
|
||
|
/*
|
||
|
* Setup socket listeners...
|
||
|
*/
|
||
|
@@ -194,6 +199,20 @@ cupsdStartListening(void)
|
||
|
cupsdLogMessage(CUPSD_LOG_ERROR,
|
||
|
"Unable to open listen socket for address %s:%d - %s.",
|
||
|
s, p, strerror(errno));
|
||
|
+
|
||
|
+#ifdef AF_INET6
|
||
|
+ /*
|
||
|
+ * IPv6 is often disabled while DNS returns IPv6 addresses...
|
||
|
+ */
|
||
|
+
|
||
|
+ if (lis->address.addr.sa_family != AF_INET6 &&
|
||
|
+ (FatalErrors & CUPSD_FATAL_LISTEN))
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+#else
|
||
|
+ if (FatalErrors & CUPSD_FATAL_LISTEN)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+#endif /* AF_INET6 */
|
||
|
+
|
||
|
continue;
|
||
|
}
|
||
|
|
||
|
@@ -278,6 +297,10 @@ cupsdStartListening(void)
|
||
|
s, p, strerror(errno));
|
||
|
close(lis->fd);
|
||
|
lis->fd = -1;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_LISTEN)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+
|
||
|
continue;
|
||
|
}
|
||
|
|
||
|
@@ -290,7 +313,14 @@ cupsdStartListening(void)
|
||
|
cupsdLogMessage(CUPSD_LOG_ERROR,
|
||
|
"Unable to listen for clients on address %s:%d - %s.",
|
||
|
s, p, strerror(errno));
|
||
|
- exit(errno);
|
||
|
+
|
||
|
+ close(lis->fd);
|
||
|
+ lis->fd = -1;
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_LISTEN)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+
|
||
|
+ continue;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
@@ -339,11 +369,8 @@ cupsdStartListening(void)
|
||
|
"No Listen or Port lines were found to allow access via "
|
||
|
"localhost!");
|
||
|
|
||
|
- /*
|
||
|
- * Commit suicide...
|
||
|
- */
|
||
|
-
|
||
|
- cupsdEndProcess(getpid(), 0);
|
||
|
+ if (FatalErrors & (CUPSD_FATAL_CONFIG | CUPSD_FATAL_LISTEN))
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
}
|
||
|
|
||
|
/*
|
||
|
diff -up cups-1.3.8/scheduler/log.c.str2536 cups-1.3.8/scheduler/log.c
|
||
|
--- cups-1.3.8/scheduler/log.c.str2536 2008-09-10 16:16:44.000000000 +0100
|
||
|
+++ cups-1.3.8/scheduler/log.c 2008-09-10 16:16:44.000000000 +0100
|
||
|
@@ -546,7 +546,20 @@ check_log_file(cups_file_t **lf, /* IO -
|
||
|
|
||
|
if (!strncmp(filename, CUPS_LOGDIR, strlen(CUPS_LOGDIR)))
|
||
|
{
|
||
|
- cupsdCheckPermissions(CUPS_LOGDIR, NULL, 0755, RunUser, Group, 1, -1);
|
||
|
+ /*
|
||
|
+ * Try updating the permissions of the containing log directory, using
|
||
|
+ * the log file permissions as a basis...
|
||
|
+ */
|
||
|
+
|
||
|
+ int log_dir_perm = 0300 | LogFilePerm;
|
||
|
+ /* LogFilePerm + owner write/search */
|
||
|
+ if (log_dir_perm & 0040)
|
||
|
+ log_dir_perm |= 0010; /* Add group search */
|
||
|
+ if (log_dir_perm & 0004)
|
||
|
+ log_dir_perm |= 0001; /* Add other search */
|
||
|
+
|
||
|
+ cupsdCheckPermissions(CUPS_LOGDIR, NULL, log_dir_perm, RunUser, Group,
|
||
|
+ 1, -1);
|
||
|
|
||
|
*lf = cupsFileOpen(filename, "a");
|
||
|
}
|
||
|
@@ -555,6 +568,10 @@ check_log_file(cups_file_t **lf, /* IO -
|
||
|
{
|
||
|
syslog(LOG_ERR, "Unable to open log file \"%s\" - %s", filename,
|
||
|
strerror(errno));
|
||
|
+
|
||
|
+ if (FatalErrors & CUPSD_FATAL_LOG)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+
|
||
|
return (0);
|
||
|
}
|
||
|
}
|
||
|
@@ -622,6 +639,9 @@ check_log_file(cups_file_t **lf, /* IO -
|
||
|
syslog(LOG_ERR, "Unable to open log file \"%s\" - %s", filename,
|
||
|
strerror(errno));
|
||
|
|
||
|
+ if (FatalErrors & CUPSD_FATAL_LOG)
|
||
|
+ cupsdEndProcess(getpid(), 0);
|
||
|
+
|
||
|
return (0);
|
||
|
}
|
||
|
|