diff --git a/cups-lspp.patch b/cups-lspp.patch index cfa9f96..680bfb8 100644 --- a/cups-lspp.patch +++ b/cups-lspp.patch @@ -1,23 +1,37 @@ -diff -up cups-2.4.8/config.h.in.lspp cups-2.4.8/config.h.in ---- cups-2.4.8/config.h.in.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/config.h.in 2024-05-14 13:15:22.457678901 +0200 -@@ -685,6 +685,13 @@ static __inline int _cups_abs(int i) { r +diff --git a/Makedefs.in b/Makedefs.in +index 9211338..8a1e0be 100644 +--- a/Makedefs.in ++++ b/Makedefs.in +@@ -162,7 +162,7 @@ ARFLAGS = @ARFLAGS@ + BACKLIBS = @BACKLIBS@ + BUILDDIRS = @BUILDDIRS@ + CFLAGS = @CPPFLAGS@ @CFLAGS@ +-COMMONLIBS = @LIBS@ ++COMMONLIBS = @LIBS@ @LIBAUDIT@ @LIBSELINUX@ + CXXFLAGS = @CPPFLAGS@ @CXXFLAGS@ + CXXLIBS = @CXXLIBS@ + DBUS_NOTIFIER = @DBUS_NOTIFIER@ +diff --git a/config.h.in b/config.h.in +index 6940b96..363780a 100644 +--- a/config.h.in ++++ b/config.h.in +@@ -684,6 +684,13 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); } + #endif /* !HAVE_ABS && !abs */ - /* ++/* + * Are we trying to meet LSPP requirements? + */ + +#undef WITH_LSPP + + -+/* + /* * Building as a snap (snapcraft.io)? */ - diff -up cups-2.4.8/config-scripts/cups-lspp.m4.lspp cups-2.4.8/config-scripts/cups-lspp.m4 ---- cups-2.4.8/config-scripts/cups-lspp.m4.lspp 2024-05-14 13:15:22.457678901 +0200 -+++ cups-2.4.8/config-scripts/cups-lspp.m4 2024-05-14 13:15:22.457678901 +0200 +--- cups-2.4.8/config-scripts/cups-lspp.m4.lspp 2024-05-14 13:15:22.457678901 +0200 ++++ cups-2.4.8/config-scripts/cups-lspp.m4 2024-05-14 13:15:22.457678901 +0200 @@ -0,0 +1,36 @@ +dnl +dnl LSPP code for the Common UNIX Printing System (CUPS). @@ -42,7 +56,7 @@ diff -up cups-2.4.8/config-scripts/cups-lspp.m4.lspp cups-2.4.8/config-scripts/c +AC_ARG_ENABLE(lspp, [ --enable-lspp turn on auditing and label support, default=no]) + +if test x"$enable_lspp" != xno; then -+ case "$uname" in ++ case "$(uname)" in + Linux) + AC_CHECK_LIB(audit,audit_log_user_message, [LIBAUDIT="-laudit" AC_SUBST(LIBAUDIT)]) + AC_CHECK_HEADER(libaudit.h) @@ -55,10 +69,11 @@ diff -up cups-2.4.8/config-scripts/cups-lspp.m4.lspp cups-2.4.8/config-scripts/c + ;; + esac +fi -diff -up cups-2.4.8/configure.ac.lspp cups-2.4.8/configure.ac ---- cups-2.4.8/configure.ac.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/configure.ac 2024-05-14 13:15:22.457678901 +0200 -@@ -40,6 +40,8 @@ sinclude(config-scripts/cups-container.m +diff --git a/configure.ac b/configure.ac +index 3b5dd73..0e61044 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -40,6 +40,8 @@ sinclude(config-scripts/cups-container.m4) sinclude(config-scripts/cups-startup.m4) sinclude(config-scripts/cups-defaults.m4) @@ -67,9 +82,10 @@ diff -up cups-2.4.8/configure.ac.lspp cups-2.4.8/configure.ac dnl See what languages are available and make sure we generate the localization dnl files as needed... INSTALL_LANGUAGES="" -diff -up cups-2.4.8/filter/common.c.lspp cups-2.4.8/filter/common.c ---- cups-2.4.8/filter/common.c.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/filter/common.c 2024-05-14 13:15:22.457678901 +0200 +diff --git a/filter/common.c b/filter/common.c +index 22217be..070662f 100644 +--- a/filter/common.c ++++ b/filter/common.c @@ -12,6 +12,12 @@ * Include necessary headers... */ @@ -83,7 +99,7 @@ diff -up cups-2.4.8/filter/common.c.lspp cups-2.4.8/filter/common.c #include "common.h" #include -@@ -294,6 +300,18 @@ WriteLabelProlog(const char *label, /* I +@@ -294,6 +300,18 @@ WriteLabelProlog(const char *label, /* I - Page label */ { const char *classification; /* CLASSIFICATION environment variable */ const char *ptr; /* Temporary string pointer */ @@ -102,7 +118,7 @@ diff -up cups-2.4.8/filter/common.c.lspp cups-2.4.8/filter/common.c /* -@@ -316,6 +334,124 @@ WriteLabelProlog(const char *label, /* I +@@ -316,6 +334,124 @@ WriteLabelProlog(const char *label, /* I - Page label */ return; } @@ -223,11 +239,11 @@ diff -up cups-2.4.8/filter/common.c.lspp cups-2.4.8/filter/common.c + else + { +#endif /* !WITH_LSPP */ -+ ++ /* * Set the classification + page label string... */ -@@ -396,7 +532,10 @@ WriteLabelProlog(const char *label, /* I +@@ -396,7 +532,10 @@ WriteLabelProlog(const char *label, /* I - Page label */ printf(" %.0f moveto ESPpl show\n", top - 14.0); puts("pop"); puts("}bind put"); @@ -238,10 +254,11 @@ diff -up cups-2.4.8/filter/common.c.lspp cups-2.4.8/filter/common.c /* -diff -up cups-2.4.8/filter/pstops.c.lspp cups-2.4.8/filter/pstops.c ---- cups-2.4.8/filter/pstops.c.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/filter/pstops.c 2024-05-14 13:15:22.458678907 +0200 -@@ -3171,6 +3171,18 @@ write_label_prolog(pstops_doc_t *doc, /* +diff --git a/filter/pstops.c b/filter/pstops.c +index 41090c8..87da143 100644 +--- a/filter/pstops.c ++++ b/filter/pstops.c +@@ -3171,6 +3171,18 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */ { const char *classification; /* CLASSIFICATION environment variable */ const char *ptr; /* Temporary string pointer */ @@ -260,7 +277,7 @@ diff -up cups-2.4.8/filter/pstops.c.lspp cups-2.4.8/filter/pstops.c /* -@@ -3193,6 +3205,124 @@ write_label_prolog(pstops_doc_t *doc, /* +@@ -3193,6 +3205,124 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */ return; } @@ -385,7 +402,7 @@ diff -up cups-2.4.8/filter/pstops.c.lspp cups-2.4.8/filter/pstops.c /* * Set the classification + page label string... */ -@@ -3271,7 +3401,10 @@ write_label_prolog(pstops_doc_t *doc, /* +@@ -3271,7 +3401,10 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */ doc_printf(doc, " %.0f moveto ESPpl show\n", top - 14.0); doc_puts(doc, "pop\n"); doc_puts(doc, "}bind put\n"); @@ -396,9 +413,10 @@ diff -up cups-2.4.8/filter/pstops.c.lspp cups-2.4.8/filter/pstops.c /* -diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c ---- cups-2.4.8/scheduler/client.c.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/client.c 2024-05-14 13:15:22.458678907 +0200 +diff --git a/scheduler/client.c b/scheduler/client.c +index 779404c..1bc6721 100644 +--- a/scheduler/client.c ++++ b/scheduler/client.c @@ -20,12 +20,20 @@ #define _HTTP_NO_PRIVATE #include "cupsd.h" @@ -420,7 +438,7 @@ diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c /* -@@ -264,6 +272,59 @@ cupsdAcceptClient(cupsd_listener_t *lis) +@@ -264,6 +272,59 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */ } #endif /* HAVE_TCPD_H */ @@ -454,7 +472,7 @@ diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c + httpClose(con->http); + cupsdLogClient(con, CUPSD_LOG_ERROR, "getsockopt() failed"); + free(con); -+ return; ++ return; + } + + /* @@ -465,7 +483,7 @@ diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c + httpClose(con->http); + cupsdLogClient(con, CUPSD_LOG_ERROR, "getpeercon() failed"); + free(con); -+ return; ++ return; + } + + cupsdLogClient(con, CUPSD_LOG_INFO, "client context=%s", con->scon); @@ -480,7 +498,7 @@ diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c #ifdef AF_LOCAL if (httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL) { -@@ -565,6 +626,13 @@ cupsdReadClient(cupsd_client_t *con) /* +@@ -566,6 +627,13 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ struct stat filestats; /* File information */ mime_type_t *type; /* MIME type of file */ static unsigned request_id = 0; /* Request ID for temp files */ @@ -494,10 +512,10 @@ diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c status = HTTP_STATUS_CONTINUE; -@@ -1712,6 +1780,73 @@ cupsdReadClient(cupsd_client_t *con) /* +@@ -1737,7 +1805,73 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */ + fchmod(con->file, 0640); + fchown(con->file, RunUser, Group); fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC); - } - +#ifdef WITH_LSPP + if (strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0) + { @@ -558,17 +576,17 @@ diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c + cupsdCloseClient(con); + return; + } -+ cupsdLogClient(con, CUPSD_LOG_DEBUG2, "%s set to %s", ++ cupsdLogClient(con, CUPSD_LOG_DEBUG2, "%s set to %s", + con->filename, context_str(tmpcon)); + context_free(tmpcon); + context_free(clicon); -+ } + } +#endif /* WITH_LSPP */ -+ ++ } + if (httpGetState(con->http) != HTTP_STATE_POST_SEND) { - if (!httpWait(con->http, 0)) -@@ -3208,6 +3343,49 @@ is_path_absolute(const char *path) /* I +@@ -3235,6 +3369,49 @@ is_path_absolute(const char *path) /* I - Input path */ return (1); } @@ -618,9 +636,10 @@ diff -up cups-2.4.8/scheduler/client.c.lspp cups-2.4.8/scheduler/client.c /* * 'pipe_command()' - Pipe the output of a command to the remote client. -diff -up cups-2.4.8/scheduler/client.h.lspp cups-2.4.8/scheduler/client.h ---- cups-2.4.8/scheduler/client.h.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/client.h 2024-05-14 13:15:22.458678907 +0200 +diff --git a/scheduler/client.h b/scheduler/client.h +index 9fe4e2e..51c3ab5 100644 +--- a/scheduler/client.h ++++ b/scheduler/client.h @@ -14,6 +14,13 @@ #endif /* HAVE_AUTHORIZATION_H */ @@ -657,9 +676,10 @@ diff -up cups-2.4.8/scheduler/client.h.lspp cups-2.4.8/scheduler/client.h #ifdef HAVE_TLS extern int cupsdEndTLS(cupsd_client_t *con); extern int cupsdStartTLS(cupsd_client_t *con); -diff -up cups-2.4.8/scheduler/conf.c.lspp cups-2.4.8/scheduler/conf.c ---- cups-2.4.8/scheduler/conf.c.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/conf.c 2024-05-14 13:15:22.459678912 +0200 +diff --git a/scheduler/conf.c b/scheduler/conf.c +index 0d4bb6a..88d67cf 100644 +--- a/scheduler/conf.c ++++ b/scheduler/conf.c @@ -38,6 +38,9 @@ # define INADDR_NONE 0xffffffff #endif /* !INADDR_NONE */ @@ -691,7 +711,7 @@ diff -up cups-2.4.8/scheduler/conf.c.lspp cups-2.4.8/scheduler/conf.c /* -@@ -854,6 +864,25 @@ cupsdReadConfiguration(void) +@@ -866,6 +876,25 @@ cupsdReadConfiguration(void) RunUser = getuid(); @@ -717,7 +737,7 @@ diff -up cups-2.4.8/scheduler/conf.c.lspp cups-2.4.8/scheduler/conf.c cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.", RemotePort ? "enabled" : "disabled"); -@@ -1282,7 +1311,19 @@ cupsdReadConfiguration(void) +@@ -1272,7 +1301,19 @@ cupsdReadConfiguration(void) cupsdClearString(&Classification); if (Classification) @@ -737,7 +757,7 @@ diff -up cups-2.4.8/scheduler/conf.c.lspp cups-2.4.8/scheduler/conf.c /* * Check the MaxClients setting, and then allocate memory for it... -@@ -3881,6 +3922,18 @@ read_location(cups_file_t *fp, /* I - C +@@ -3880,6 +3921,18 @@ read_location(cups_file_t *fp, /* I - Configuration file */ return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum); } @@ -756,9 +776,10 @@ diff -up cups-2.4.8/scheduler/conf.c.lspp cups-2.4.8/scheduler/conf.c /* * 'read_policy()' - Read a definition. -diff -up cups-2.4.8/scheduler/conf.h.lspp cups-2.4.8/scheduler/conf.h ---- cups-2.4.8/scheduler/conf.h.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/conf.h 2024-05-14 13:15:22.459678912 +0200 +diff --git a/scheduler/conf.h b/scheduler/conf.h +index 2e5aac6..df22b07 100644 +--- a/scheduler/conf.h ++++ b/scheduler/conf.h @@ -242,6 +242,13 @@ VAR char *ServerKeychain VALUE(NULL); /* Keychain holding cert + key */ #endif /* HAVE_TLS */ @@ -783,9 +804,10 @@ diff -up cups-2.4.8/scheduler/conf.h.lspp cups-2.4.8/scheduler/conf.h /* * Prototypes... -diff -up cups-2.4.8/scheduler/cupsd.h.lspp cups-2.4.8/scheduler/cupsd.h ---- cups-2.4.8/scheduler/cupsd.h.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/cupsd.h 2024-05-14 13:15:22.459678912 +0200 +diff --git a/scheduler/cupsd.h b/scheduler/cupsd.h +index 164df6e..2d66464 100644 +--- a/scheduler/cupsd.h ++++ b/scheduler/cupsd.h @@ -9,6 +9,8 @@ * information. */ @@ -810,9 +832,10 @@ diff -up cups-2.4.8/scheduler/cupsd.h.lspp cups-2.4.8/scheduler/cupsd.h #include "mime.h" #if defined(HAVE_CDSASSL) -diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c ---- cups-2.4.8/scheduler/ipp.c.lspp 2024-05-14 13:15:22.447678849 +0200 -+++ cups-2.4.8/scheduler/ipp.c 2024-05-14 13:15:22.460678917 +0200 +diff --git a/scheduler/ipp.c b/scheduler/ipp.c +index 6892188..2f30d59 100644 +--- a/scheduler/ipp.c ++++ b/scheduler/ipp.c @@ -12,6 +12,9 @@ * information. */ @@ -823,7 +846,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c /* * Include necessary headers... */ -@@ -28,6 +31,14 @@ extern int mbr_group_name_to_uuid(const +@@ -28,6 +31,12 @@ extern int mbr_group_name_to_uuid(const char* name, uuid_t uu); extern int mbr_check_membership_by_id(uuid_t user, gid_t group, int* ismember); #endif /* __APPLE__ */ @@ -832,13 +855,11 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c +#include +#include +#include -+#include -+#include +#endif /* WITH_LSPP */ /* * Local functions... -@@ -52,6 +63,9 @@ static void cancel_all_jobs(cupsd_client +@@ -52,6 +61,9 @@ static void cancel_all_jobs(cupsd_client_t *con, ipp_attribute_t *uri); static void cancel_job(cupsd_client_t *con, ipp_attribute_t *uri); static void cancel_subscription(cupsd_client_t *con, int id); static int check_rss_recipient(const char *recipient); @@ -848,7 +869,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c static int check_quotas(cupsd_client_t *con, cupsd_printer_t *p); static void close_job(cupsd_client_t *con, ipp_attribute_t *uri); static void copy_attrs(ipp_t *to, ipp_t *from, cups_array_t *ra, -@@ -1188,6 +1202,21 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1188,6 +1200,21 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "time-at-creation", "time-at-processing" }; @@ -870,7 +891,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c cupsdLogMessage(CUPSD_LOG_DEBUG2, "add_job(%p[%d], %p(%s), %p(%s/%s))", -@@ -1516,6 +1545,106 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1516,6 +1543,106 @@ add_job(cupsd_client_t *con, /* I - Client connection */ attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME); @@ -907,18 +928,18 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c + /* + * The printer does not exist, so for now assume it's a FileDevice + */ -+ tclass = SECCLASS_FILE; -+ avr = FILE__WRITE; ++ tclass = string_to_security_class("file"); ++ avr = string_to_av_perm(tclass, "write"); + } + else if (S_ISCHR(printerstat.st_mode)) + { -+ tclass = SECCLASS_CHR_FILE; -+ avr = CHR_FILE__WRITE; ++ tclass = string_to_security_class("chr_file"); ++ avr = string_to_av_perm(tclass, "write"); + } + else if (S_ISREG(printerstat.st_mode)) + { -+ tclass = SECCLASS_FILE; -+ avr = FILE__WRITE; ++ tclass = string_to_security_class("file"); ++ avr = string_to_av_perm(tclass, "write"); + } + else + { @@ -977,7 +998,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c if ((job = cupsdAddJob(priority, printer->name)) == NULL) { send_ipp_status(con, IPP_INTERNAL_ERROR, -@@ -1524,6 +1653,32 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1524,6 +1651,32 @@ add_job(cupsd_client_t *con, /* I - Client connection */ return (NULL); } @@ -1010,7 +1031,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c job->dtype = printer->type & (CUPS_PRINTER_CLASS | CUPS_PRINTER_REMOTE); job->attrs = con->request; job->dirty = 1; -@@ -1711,6 +1866,29 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1711,6 +1864,29 @@ add_job(cupsd_client_t *con, /* I - Client connection */ ippSetString(job->attrs, &attr, 0, printer->job_sheets[0]); ippSetString(job->attrs, &attr, 1, printer->job_sheets[1]); } @@ -1040,7 +1061,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c job->job_sheets = attr; -@@ -1741,6 +1919,9 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1741,6 +1917,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-sheets=\"%s,none\", " "job-originating-user-name=\"%s\"", Classification, job->username); @@ -1050,7 +1071,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c } else if (attr->num_values == 2 && strcmp(attr->values[0].string.text, -@@ -1759,6 +1940,9 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1759,6 +1938,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-originating-user-name=\"%s\"", attr->values[0].string.text, attr->values[1].string.text, job->username); @@ -1060,7 +1081,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c } else if (strcmp(attr->values[0].string.text, Classification) && strcmp(attr->values[0].string.text, "none") && -@@ -1779,6 +1963,9 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1779,6 +1961,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-originating-user-name=\"%s\"", attr->values[0].string.text, attr->values[1].string.text, job->username); @@ -1070,7 +1091,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c } } else if (strcmp(attr->values[0].string.text, Classification) && -@@ -1819,8 +2006,52 @@ add_job(cupsd_client_t *con, /* I - Cl +@@ -1819,9 +2004,53 @@ add_job(cupsd_client_t *con, /* I - Client connection */ "job-sheets=\"%s\", " "job-originating-user-name=\"%s\"", Classification, job->username); @@ -1119,11 +1140,12 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c + free(userfooter); +#endif /* WITH_LSPP */ } -+ ++ /* * See if we need to add the starting sheet... -@@ -3647,6 +3878,128 @@ check_rss_recipient( + */ +@@ -3647,6 +3876,128 @@ check_rss_recipient( } @@ -1178,8 +1200,8 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c + { + cupsdLogJob(job, CUPSD_LOG_ERROR, "check_context: unable avc_init"); + return -1; -+ } -+ } ++ } ++ } + if (avc_context_to_sid(con->scon, &clisid) != 0) + { + cupsdLogJob(job, CUPSD_LOG_ERROR, @@ -1195,8 +1217,8 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c + return -1; + } + avc_entry_ref_init(&avcref); -+ tclass = SECCLASS_FILE; -+ avr = FILE__READ; ++ tclass = string_to_security_class("file"); ++ avr = string_to_av_perm(tclass, "read"); + + /* + * Perform the check with the client as the subject, first with the job as the object @@ -1252,7 +1274,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c /* * 'check_quotas()' - Check quotas for a printer and user. */ -@@ -4102,6 +4455,15 @@ copy_banner(cupsd_client_t *con, /* I - +@@ -4102,6 +4453,15 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */ char attrname[255], /* Name of attribute */ *s; /* Pointer into name */ ipp_attribute_t *attr; /* Attribute */ @@ -1268,7 +1290,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c cupsdLogMessage(CUPSD_LOG_DEBUG2, -@@ -4137,6 +4499,85 @@ copy_banner(cupsd_client_t *con, /* I - +@@ -4137,6 +4497,85 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */ fchmod(cupsFileNumber(out), 0640); fchown(cupsFileNumber(out), RunUser, Group); @@ -1354,7 +1376,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c /* * Try the localized banner file under the subdirectory... -@@ -4231,6 +4672,24 @@ copy_banner(cupsd_client_t *con, /* I - +@@ -4231,6 +4670,24 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */ else s = attrname; @@ -1379,7 +1401,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c if (!strcmp(s, "printer-name")) { cupsFilePuts(out, job->dest); -@@ -6681,6 +7140,22 @@ get_job_attrs(cupsd_client_t *con, /* I +@@ -6681,6 +7138,22 @@ get_job_attrs(cupsd_client_t *con, /* I - Client connection */ exclude = cupsdGetPrivateAttrs(policy, con, printer, job->username); @@ -1402,7 +1424,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c /* * Copy attributes... */ -@@ -7079,6 +7554,11 @@ get_jobs(cupsd_client_t *con, /* I - C +@@ -7079,6 +7552,11 @@ get_jobs(cupsd_client_t *con, /* I - Client connection */ if (username[0] && _cups_strcasecmp(username, job->username)) continue; @@ -1414,7 +1436,7 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c if (count > 0) ippAddSeparator(con->response); -@@ -11810,6 +12290,11 @@ validate_user(cupsd_job_t *job, /* I +@@ -11810,6 +12288,11 @@ validate_user(cupsd_job_t *job, /* I - Job */ strlcpy(username, get_username(con), userlen); @@ -1426,9 +1448,10 @@ diff -up cups-2.4.8/scheduler/ipp.c.lspp cups-2.4.8/scheduler/ipp.c /* * Check the username against the owner... */ -diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c ---- cups-2.4.8/scheduler/job.c.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/job.c 2024-05-14 13:16:41.100084985 +0200 +diff --git a/scheduler/job.c b/scheduler/job.c +index 822a247..1cd7d35 100644 +--- a/scheduler/job.c ++++ b/scheduler/job.c @@ -9,6 +9,9 @@ * information. */ @@ -1439,7 +1462,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c /* * Include necessary headers... */ -@@ -24,6 +27,14 @@ +@@ -24,6 +27,12 @@ # endif /* HAVE_IOKIT_PWR_MGT_IOPMLIBPRIVATE_H */ #endif /* __APPLE__ */ @@ -1448,13 +1471,11 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c +#include +#include +#include -+#include -+#include +#endif /* WITH_LSPP */ /* * Design Notes for Job Management -@@ -544,6 +555,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I +@@ -544,6 +553,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ /* PRINTER env variable */ *printer_state_reasons = NULL; /* PRINTER_STATE_REASONS env var */ @@ -1469,7 +1490,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c cupsdLogMessage(CUPSD_LOG_DEBUG2, -@@ -1070,6 +1089,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I +@@ -1070,6 +1087,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ if (final_content_type[0]) envp[envc ++] = final_content_type; @@ -1488,7 +1509,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c + cupsdClearString(&audit_message); + } + } -+ else ++ else + { + jobcon = context_new(job->scon); + @@ -1537,7 +1558,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c if (Classification && !banner_page) { if ((attr = ippFindAttribute(job->attrs, "job-sheets", -@@ -1856,6 +1936,22 @@ cupsdLoadJob(cupsd_job_t *job) /* I - J +@@ -1856,6 +1934,22 @@ cupsdLoadJob(cupsd_job_t *job) /* I - Job */ ippSetString(job->attrs, &job->reasons, 0, "job-completed-successfully"); } @@ -1560,7 +1581,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c job->impressions = ippFindAttribute(job->attrs, "job-impressions-completed", IPP_TAG_INTEGER); job->sheets = ippFindAttribute(job->attrs, "job-media-sheets-completed", IPP_TAG_INTEGER); job->job_sheets = ippFindAttribute(job->attrs, "job-sheets", IPP_TAG_NAME); -@@ -2268,6 +2364,14 @@ cupsdSaveJob(cupsd_job_t *job) /* I - J +@@ -2268,6 +2362,14 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */ { char filename[1024]; /* Job control filename */ cups_file_t *fp; /* Job file */ @@ -1575,7 +1596,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdSaveJob(job=%p(%d)): job->attrs=%p", -@@ -2290,6 +2394,78 @@ cupsdSaveJob(cupsd_job_t *job) /* I - J +@@ -2290,6 +2392,78 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */ fchown(cupsFileNumber(fp), RunUser, Group); @@ -1654,7 +1675,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c job->attrs->state = IPP_IDLE; if (ippWriteIO(fp, (ipp_iocb_t)cupsFileWrite, 1, NULL, -@@ -4020,6 +4196,19 @@ get_options(cupsd_job_t *job, /* I - Jo +@@ -4020,6 +4194,19 @@ get_options(cupsd_job_t *job, /* I - Job */ banner_page) continue; @@ -1674,7 +1695,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c /* * Otherwise add them to the list... */ -@@ -4834,6 +5023,18 @@ start_job(cupsd_job_t *job, /* I - +@@ -4834,6 +5021,18 @@ start_job(cupsd_job_t *job, /* I - Job ID */ cupsd_printer_t *printer) /* I - Printer to print job */ { const char *filename; /* Support filename */ @@ -1693,7 +1714,7 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c ipp_attribute_t *cancel_after = ippFindAttribute(job->attrs, "job-cancel-after", IPP_TAG_INTEGER); -@@ -5022,6 +5223,113 @@ start_job(cupsd_job_t *job, /* I - +@@ -5022,6 +5221,113 @@ start_job(cupsd_job_t *job, /* I - Job ID */ fcntl(job->side_pipes[1], F_SETFD, fcntl(job->side_pipes[1], F_GETFD) | FD_CLOEXEC); @@ -1724,18 +1745,18 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c + /* + * The printer does not exist, so for now assume it's a FileDevice + */ -+ tclass = SECCLASS_FILE; -+ avr = FILE__WRITE; ++ tclass = string_to_security_class("file"); ++ avr = string_to_av_perm(tclass, "write"); + } + else if (S_ISCHR(printerstat.st_mode)) + { -+ tclass = SECCLASS_CHR_FILE; -+ avr = CHR_FILE__WRITE; ++ tclass = string_to_security_class("chr_file"); ++ avr = string_to_av_perm(tclass, "write"); + } + else if (S_ISREG(printerstat.st_mode)) + { -+ tclass = SECCLASS_FILE; -+ avr = FILE__WRITE; ++ tclass = string_to_security_class("file"); ++ avr = string_to_av_perm(tclass, "write"); + } + else + { @@ -1807,9 +1828,10 @@ diff -up cups-2.4.8/scheduler/job.c.lspp cups-2.4.8/scheduler/job.c /* * Now start the first file in the job... */ -diff -up cups-2.4.8/scheduler/job.h.lspp cups-2.4.8/scheduler/job.h ---- cups-2.4.8/scheduler/job.h.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/job.h 2024-05-14 13:15:22.461678922 +0200 +diff --git a/scheduler/job.h b/scheduler/job.h +index 619353d..310b66a 100644 +--- a/scheduler/job.h ++++ b/scheduler/job.h @@ -8,6 +8,13 @@ * Licensed under Apache License v2.0. See the file "LICENSE" for more information. */ @@ -1824,7 +1846,7 @@ diff -up cups-2.4.8/scheduler/job.h.lspp cups-2.4.8/scheduler/job.h /* * Constants... */ -@@ -85,6 +92,10 @@ struct cupsd_job_s /**** Job request * +@@ -85,6 +92,10 @@ struct cupsd_job_s /**** Job request ****/ int progress; /* Printing progress */ int num_keywords; /* Number of PPD keywords */ cups_option_t *keywords; /* PPD keywords */ @@ -1835,9 +1857,10 @@ diff -up cups-2.4.8/scheduler/job.h.lspp cups-2.4.8/scheduler/job.h }; typedef struct cupsd_joblog_s /**** Job log message ****/ -diff -up cups-2.4.8/scheduler/main.c.lspp cups-2.4.8/scheduler/main.c ---- cups-2.4.8/scheduler/main.c.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/main.c 2024-05-14 13:15:22.461678922 +0200 +diff --git a/scheduler/main.c b/scheduler/main.c +index ae2409e..21bd989 100644 +--- a/scheduler/main.c ++++ b/scheduler/main.c @@ -58,6 +58,9 @@ # include #endif /* HAVE_SYS_PARAM_H */ @@ -1848,7 +1871,7 @@ diff -up cups-2.4.8/scheduler/main.c.lspp cups-2.4.8/scheduler/main.c /* * Local functions... -@@ -124,6 +127,9 @@ main(int argc, /* I - Number of comm +@@ -124,6 +127,9 @@ main(int argc, /* I - Number of command-line args */ #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) struct sigaction action; /* Actions for POSIX signals */ #endif /* HAVE_SIGACTION && !HAVE_SIGSET */ @@ -1858,7 +1881,7 @@ diff -up cups-2.4.8/scheduler/main.c.lspp cups-2.4.8/scheduler/main.c #ifdef __APPLE__ int use_sysman = 1; /* Use system management functions? */ #else -@@ -494,6 +500,25 @@ main(int argc, /* I - Number of comm +@@ -494,6 +500,25 @@ main(int argc, /* I - Number of command-line args */ exit(errno); } @@ -1884,7 +1907,7 @@ diff -up cups-2.4.8/scheduler/main.c.lspp cups-2.4.8/scheduler/main.c /* * Let the system know we are busy while we bring up cupsd... */ -@@ -1203,6 +1228,11 @@ main(int argc, /* I - Number of comm +@@ -1203,6 +1228,11 @@ main(int argc, /* I - Number of command-line args */ cupsdStopSelect(); @@ -1896,9 +1919,10 @@ diff -up cups-2.4.8/scheduler/main.c.lspp cups-2.4.8/scheduler/main.c return (!stop_scheduler); } -diff -up cups-2.4.8/scheduler/printers.c.lspp cups-2.4.8/scheduler/printers.c ---- cups-2.4.8/scheduler/printers.c.lspp 2024-04-26 13:38:21.000000000 +0200 -+++ cups-2.4.8/scheduler/printers.c 2024-05-14 13:15:22.462678928 +0200 +diff --git a/scheduler/printers.c b/scheduler/printers.c +index bf493a3..d06bd93 100644 +--- a/scheduler/printers.c ++++ b/scheduler/printers.c @@ -9,6 +9,8 @@ * information. */ @@ -1919,7 +1943,7 @@ diff -up cups-2.4.8/scheduler/printers.c.lspp cups-2.4.8/scheduler/printers.c /* * Local functions... -@@ -2184,6 +2190,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p) +@@ -2184,6 +2190,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */ ipp_attribute_t *attr; /* Attribute data */ char *name, /* Current user/group name */ *filter; /* Current filter */ @@ -1933,7 +1957,7 @@ diff -up cups-2.4.8/scheduler/printers.c.lspp cups-2.4.8/scheduler/printers.c /* -@@ -2309,6 +2322,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p) +@@ -2309,6 +2322,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */ attr->values[1].string.text = _cupsStrAlloc(Classification ? Classification : p->job_sheets[1]); } diff --git a/cups.spec b/cups.spec index 9831780..1b8a27e 100644 --- a/cups.spec +++ b/cups.spec @@ -22,7 +22,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.4.10 -Release: 3%{?dist} +Release: 4%{?dist} # backend/failover.c - BSD-3-Clause # cups/md5* - Zlib # scheduler/colorman.c - Apache-2.0 WITH LLVM-exception AND BSD-2-Clause @@ -787,6 +787,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man7/ippeveps.7.gz %changelog +* Wed Aug 14 2024 Zdenek Dohnal - 1:2.4.10-4 +- RHEL-54297 cups source rpm doesn't actually build lspp support + * Tue Jul 23 2024 Zdenek Dohnal - 1:2.4.10-3 - RHEL-49449 Fix checkbox support in web ui