import UBI cups-2.2.6-61.el8_10
This commit is contained in:
parent
2ceea50d47
commit
23e0ddf978
@ -1,10 +1,11 @@
|
||||
diff -up cups-2.2.5/config.h.in.lspp cups-2.2.5/config.h.in
|
||||
--- cups-2.2.5/config.h.in.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/config.h.in 2017-10-17 19:06:19.640228964 +0200
|
||||
@@ -730,4 +730,11 @@ static __inline int _cups_abs(int i) { r
|
||||
diff -up cups-2.2.6/config.h.in.lspp cups-2.2.6/config.h.in
|
||||
--- cups-2.2.6/config.h.in.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/config.h.in 2024-08-15 14:55:07.310818870 +0200
|
||||
@@ -730,4 +730,12 @@ static __inline int _cups_abs(int i) { r
|
||||
# endif /* __GNUC__ || __STDC_VERSION__ */
|
||||
#endif /* !HAVE_ABS && !abs */
|
||||
|
||||
+
|
||||
+/*
|
||||
+ * Are we trying to meet LSPP requirements?
|
||||
+ */
|
||||
@ -13,9 +14,9 @@ diff -up cups-2.2.5/config.h.in.lspp cups-2.2.5/config.h.in
|
||||
+
|
||||
+
|
||||
#endif /* !_CUPS_CONFIG_H_ */
|
||||
diff -up cups-2.2.5/config-scripts/cups-lspp.m4.lspp cups-2.2.5/config-scripts/cups-lspp.m4
|
||||
--- cups-2.2.5/config-scripts/cups-lspp.m4.lspp 2017-10-17 19:06:19.640228964 +0200
|
||||
+++ cups-2.2.5/config-scripts/cups-lspp.m4 2017-10-17 19:06:19.640228964 +0200
|
||||
diff -up cups-2.2.6/config-scripts/cups-lspp.m4.lspp cups-2.2.6/config-scripts/cups-lspp.m4
|
||||
--- cups-2.2.6/config-scripts/cups-lspp.m4.lspp 2024-08-15 14:55:07.310818870 +0200
|
||||
+++ cups-2.2.6/config-scripts/cups-lspp.m4 2024-08-15 14:55:07.310818870 +0200
|
||||
@@ -0,0 +1,36 @@
|
||||
+dnl
|
||||
+dnl LSPP code for the Common UNIX Printing System (CUPS).
|
||||
@ -40,7 +41,7 @@ diff -up cups-2.2.5/config-scripts/cups-lspp.m4.lspp cups-2.2.5/config-scripts/c
|
||||
+AC_ARG_ENABLE(lspp, [ --enable-lspp turn on auditing and label support, default=no])
|
||||
+
|
||||
+if test x"$enable_lspp" != xno; then
|
||||
+ case "$uname" in
|
||||
+ case "$(uname)" in
|
||||
+ Linux)
|
||||
+ AC_CHECK_LIB(audit,audit_log_user_message, [LIBAUDIT="-laudit" AC_SUBST(LIBAUDIT)])
|
||||
+ AC_CHECK_HEADER(libaudit.h)
|
||||
@ -53,9 +54,9 @@ diff -up cups-2.2.5/config-scripts/cups-lspp.m4.lspp cups-2.2.5/config-scripts/c
|
||||
+ ;;
|
||||
+ esac
|
||||
+fi
|
||||
diff -up cups-2.2.5/configure.ac.lspp cups-2.2.5/configure.ac
|
||||
--- cups-2.2.5/configure.ac.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/configure.ac 2017-10-17 19:06:19.640228964 +0200
|
||||
diff -up cups-2.2.6/configure.ac.lspp cups-2.2.6/configure.ac
|
||||
--- cups-2.2.6/configure.ac.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/configure.ac 2024-08-15 14:55:07.310818870 +0200
|
||||
@@ -38,6 +38,8 @@ sinclude(config-scripts/cups-startup.m4)
|
||||
sinclude(config-scripts/cups-defaults.m4)
|
||||
sinclude(config-scripts/cups-scripting.m4)
|
||||
@ -65,9 +66,9 @@ diff -up cups-2.2.5/configure.ac.lspp cups-2.2.5/configure.ac
|
||||
INSTALL_LANGUAGES=""
|
||||
UNINSTALL_LANGUAGES=""
|
||||
LANGFILES=""
|
||||
diff -up cups-2.2.5/filter/common.c.lspp cups-2.2.5/filter/common.c
|
||||
--- cups-2.2.5/filter/common.c.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/filter/common.c 2017-10-17 19:06:19.640228964 +0200
|
||||
diff -up cups-2.2.6/filter/common.c.lspp cups-2.2.6/filter/common.c
|
||||
--- cups-2.2.6/filter/common.c.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/filter/common.c 2024-08-15 14:55:07.310818870 +0200
|
||||
@@ -17,6 +17,12 @@
|
||||
* Include necessary headers...
|
||||
*/
|
||||
@ -236,9 +237,9 @@ diff -up cups-2.2.5/filter/common.c.lspp cups-2.2.5/filter/common.c
|
||||
|
||||
|
||||
/*
|
||||
diff -up cups-2.2.5/filter/pstops.c.lspp cups-2.2.5/filter/pstops.c
|
||||
--- cups-2.2.5/filter/pstops.c.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/filter/pstops.c 2017-10-17 19:06:19.641228955 +0200
|
||||
diff -up cups-2.2.6/filter/pstops.c.lspp cups-2.2.6/filter/pstops.c
|
||||
--- cups-2.2.6/filter/pstops.c.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/filter/pstops.c 2024-08-15 14:55:07.311818856 +0200
|
||||
@@ -3176,6 +3176,18 @@ write_label_prolog(pstops_doc_t *doc, /*
|
||||
{
|
||||
const char *classification; /* CLASSIFICATION environment variable */
|
||||
@ -394,21 +395,21 @@ diff -up cups-2.2.5/filter/pstops.c.lspp cups-2.2.5/filter/pstops.c
|
||||
|
||||
|
||||
/*
|
||||
diff -up cups-2.2.5/Makedefs.in.lspp cups-2.2.5/Makedefs.in
|
||||
--- cups-2.2.5/Makedefs.in.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/Makedefs.in 2017-10-17 19:06:19.641228955 +0200
|
||||
@@ -161,7 +161,7 @@ LDFLAGS = -L../cgi-bin -L../cups -L../f
|
||||
@LDFLAGS@ @RELROFLAGS@ @PIEFLAGS@ $(OPTIM)
|
||||
LINKCUPS = @LINKCUPS@ $(LIBGSSAPI) $(DNSSDLIBS) $(SSLLIBS) $(LIBZ)
|
||||
LINKCUPSIMAGE = @LINKCUPSIMAGE@
|
||||
-LIBS = $(LINKCUPS) $(COMMONLIBS)
|
||||
+LIBS = $(LINKCUPS) $(COMMONLIBS) @LIBAUDIT@ @LIBSELINUX@
|
||||
ONDEMANDFLAGS = @ONDEMANDFLAGS@
|
||||
ONDEMANDLIBS = @ONDEMANDLIBS@
|
||||
OPTIM = @OPTIM@
|
||||
diff -up cups-2.2.5/scheduler/client.c.lspp cups-2.2.5/scheduler/client.c
|
||||
--- cups-2.2.5/scheduler/client.c.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/scheduler/client.c 2017-10-17 19:06:19.689228556 +0200
|
||||
diff -up cups-2.2.6/Makedefs.in.lspp cups-2.2.6/Makedefs.in
|
||||
--- cups-2.2.6/Makedefs.in.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/Makedefs.in 2024-08-15 14:55:07.310818870 +0200
|
||||
@@ -145,7 +145,7 @@ ARFLAGS = @ARFLAGS@
|
||||
BACKLIBS = @BACKLIBS@
|
||||
BUILDDIRS = @BUILDDIRS@
|
||||
CFLAGS = @CPPFLAGS@ @CFLAGS@
|
||||
-COMMONLIBS = @LIBS@
|
||||
+COMMONLIBS = @LIBS@ @LIBAUDIT@ @LIBSELINUX@
|
||||
CXXFLAGS = @CPPFLAGS@ @CXXFLAGS@
|
||||
CXXLIBS = @CXXLIBS@
|
||||
DBUS_NOTIFIER = @DBUS_NOTIFIER@
|
||||
diff -up cups-2.2.6/scheduler/client.c.lspp cups-2.2.6/scheduler/client.c
|
||||
--- cups-2.2.6/scheduler/client.c.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/scheduler/client.c 2024-08-15 14:55:07.311818856 +0200
|
||||
@@ -22,12 +22,20 @@
|
||||
#define _HTTP_NO_PRIVATE
|
||||
#include "cupsd.h"
|
||||
@ -490,7 +491,19 @@ diff -up cups-2.2.5/scheduler/client.c.lspp cups-2.2.5/scheduler/client.c
|
||||
#ifdef AF_LOCAL
|
||||
if (httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL)
|
||||
{
|
||||
@@ -562,6 +623,13 @@ cupsdReadClient(cupsd_client_t *con) /*
|
||||
@@ -522,6 +583,11 @@ cupsdCloseClient(cupsd_client_t *con) /*
|
||||
}
|
||||
#endif /* HAVE_AUTHORIZATION_H */
|
||||
|
||||
+#ifdef WITH_LSPP
|
||||
+ if (con->scon)
|
||||
+ cupsdClearString(&con->scon);
|
||||
+#endif /* WITH_LSPP */
|
||||
+
|
||||
/*
|
||||
* Re-enable new client connections if we are going back under the
|
||||
* limit...
|
||||
@@ -562,6 +628,13 @@ cupsdReadClient(cupsd_client_t *con) /*
|
||||
mime_type_t *type; /* MIME type of file */
|
||||
cupsd_printer_t *p; /* Printer */
|
||||
static unsigned request_id = 0; /* Request ID for temp files */
|
||||
@ -504,10 +517,10 @@ diff -up cups-2.2.5/scheduler/client.c.lspp cups-2.2.5/scheduler/client.c
|
||||
|
||||
|
||||
status = HTTP_STATUS_CONTINUE;
|
||||
@@ -1926,6 +1994,73 @@ cupsdReadClient(cupsd_client_t *con) /*
|
||||
@@ -1924,7 +1997,73 @@ cupsdReadClient(cupsd_client_t *con) /*
|
||||
fchmod(con->file, 0640);
|
||||
fchown(con->file, RunUser, Group);
|
||||
fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
|
||||
}
|
||||
|
||||
+#ifdef WITH_LSPP
|
||||
+ if (strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0)
|
||||
+ {
|
||||
@ -572,13 +585,13 @@ diff -up cups-2.2.5/scheduler/client.c.lspp cups-2.2.5/scheduler/client.c
|
||||
+ con->filename, context_str(tmpcon));
|
||||
+ context_free(tmpcon);
|
||||
+ context_free(clicon);
|
||||
+ }
|
||||
}
|
||||
+#endif /* WITH_LSPP */
|
||||
+
|
||||
+ }
|
||||
|
||||
if (httpGetState(con->http) != HTTP_STATE_POST_SEND)
|
||||
{
|
||||
if (!httpWait(con->http, 0))
|
||||
@@ -3456,6 +3591,49 @@ is_path_absolute(const char *path) /* I
|
||||
@@ -3456,6 +3595,49 @@ is_path_absolute(const char *path) /* I
|
||||
return (1);
|
||||
}
|
||||
|
||||
@ -628,9 +641,9 @@ diff -up cups-2.2.5/scheduler/client.c.lspp cups-2.2.5/scheduler/client.c
|
||||
|
||||
/*
|
||||
* 'pipe_command()' - Pipe the output of a command to the remote client.
|
||||
diff -up cups-2.2.5/scheduler/client.h.lspp cups-2.2.5/scheduler/client.h
|
||||
--- cups-2.2.5/scheduler/client.h.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/scheduler/client.h 2017-10-17 19:06:19.690228548 +0200
|
||||
diff -up cups-2.2.6/scheduler/client.h.lspp cups-2.2.6/scheduler/client.h
|
||||
--- cups-2.2.6/scheduler/client.h.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/scheduler/client.h 2024-08-15 14:55:07.312818843 +0200
|
||||
@@ -16,6 +16,13 @@
|
||||
#endif /* HAVE_AUTHORIZATION_H */
|
||||
|
||||
@ -656,19 +669,20 @@ diff -up cups-2.2.5/scheduler/client.h.lspp cups-2.2.5/scheduler/client.h
|
||||
};
|
||||
|
||||
#define HTTP(con) ((con)->http)
|
||||
@@ -138,6 +149,9 @@ extern void cupsdStartListening(void);
|
||||
extern void cupsdStopListening(void);
|
||||
@@ -139,6 +150,10 @@ extern void cupsdStopListening(void);
|
||||
extern void cupsdUpdateCGI(void);
|
||||
extern void cupsdWriteClient(cupsd_client_t *con);
|
||||
|
||||
+#ifdef WITH_LSPP
|
||||
+extern uid_t client_pid_to_auid(pid_t clipid);
|
||||
+#endif /* WITH_LSPP */
|
||||
|
||||
+
|
||||
#ifdef HAVE_SSL
|
||||
extern int cupsdEndTLS(cupsd_client_t *con);
|
||||
diff -up cups-2.2.5/scheduler/conf.c.lspp cups-2.2.5/scheduler/conf.c
|
||||
--- cups-2.2.5/scheduler/conf.c.lspp 2017-10-17 19:06:19.637228989 +0200
|
||||
+++ cups-2.2.5/scheduler/conf.c 2017-10-17 19:06:19.691228540 +0200
|
||||
extern int cupsdStartTLS(cupsd_client_t *con);
|
||||
diff -up cups-2.2.6/scheduler/conf.c.lspp cups-2.2.6/scheduler/conf.c
|
||||
--- cups-2.2.6/scheduler/conf.c.lspp 2024-08-15 14:55:07.306818923 +0200
|
||||
+++ cups-2.2.6/scheduler/conf.c 2024-08-15 14:55:07.312818843 +0200
|
||||
@@ -40,6 +40,9 @@
|
||||
# define INADDR_NONE 0xffffffff
|
||||
#endif /* !INADDR_NONE */
|
||||
@ -726,7 +740,7 @@ diff -up cups-2.2.5/scheduler/conf.c.lspp cups-2.2.5/scheduler/conf.c
|
||||
cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.",
|
||||
RemotePort ? "enabled" : "disabled");
|
||||
|
||||
@@ -1286,7 +1315,19 @@ cupsdReadConfiguration(void)
|
||||
@@ -1277,7 +1306,19 @@ cupsdReadConfiguration(void)
|
||||
cupsdClearString(&Classification);
|
||||
|
||||
if (Classification)
|
||||
@ -746,7 +760,7 @@ diff -up cups-2.2.5/scheduler/conf.c.lspp cups-2.2.5/scheduler/conf.c
|
||||
|
||||
/*
|
||||
* Check the MaxClients setting, and then allocate memory for it...
|
||||
@@ -3770,6 +3811,18 @@ read_location(cups_file_t *fp, /* I - C
|
||||
@@ -3761,6 +3802,18 @@ read_location(cups_file_t *fp, /* I - C
|
||||
return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
|
||||
}
|
||||
|
||||
@ -765,9 +779,9 @@ diff -up cups-2.2.5/scheduler/conf.c.lspp cups-2.2.5/scheduler/conf.c
|
||||
|
||||
/*
|
||||
* 'read_policy()' - Read a <Policy name> definition.
|
||||
diff -up cups-2.2.5/scheduler/conf.h.lspp cups-2.2.5/scheduler/conf.h
|
||||
--- cups-2.2.5/scheduler/conf.h.lspp 2017-10-17 19:06:19.585229421 +0200
|
||||
+++ cups-2.2.5/scheduler/conf.h 2017-10-17 19:06:19.691228540 +0200
|
||||
diff -up cups-2.2.6/scheduler/conf.h.lspp cups-2.2.6/scheduler/conf.h
|
||||
--- cups-2.2.6/scheduler/conf.h.lspp 2024-08-15 14:55:07.250819672 +0200
|
||||
+++ cups-2.2.6/scheduler/conf.h 2024-08-15 14:55:07.312818843 +0200
|
||||
@@ -250,6 +250,13 @@ VAR char *ServerKeychain VALUE(NULL);
|
||||
/* Keychain holding cert + key */
|
||||
#endif /* HAVE_SSL */
|
||||
@ -792,19 +806,10 @@ diff -up cups-2.2.5/scheduler/conf.h.lspp cups-2.2.5/scheduler/conf.h
|
||||
|
||||
/*
|
||||
* Prototypes...
|
||||
diff -up cups-2.2.5/scheduler/cupsd.h.lspp cups-2.2.5/scheduler/cupsd.h
|
||||
--- cups-2.2.5/scheduler/cupsd.h.lspp 2017-10-17 19:06:19.626229080 +0200
|
||||
+++ cups-2.2.5/scheduler/cupsd.h 2017-10-17 19:06:19.691228540 +0200
|
||||
@@ -11,6 +11,8 @@
|
||||
* file is missing or damaged, see the license at "http://www.cups.org/".
|
||||
*/
|
||||
|
||||
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
||||
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
||||
|
||||
/*
|
||||
* Include necessary headers.
|
||||
@@ -36,13 +38,20 @@
|
||||
diff -up cups-2.2.6/scheduler/cupsd.h.lspp cups-2.2.6/scheduler/cupsd.h
|
||||
--- cups-2.2.6/scheduler/cupsd.h.lspp 2024-08-15 14:55:07.298819030 +0200
|
||||
+++ cups-2.2.6/scheduler/cupsd.h 2024-08-15 14:55:07.312818843 +0200
|
||||
@@ -36,6 +36,14 @@
|
||||
# include <unistd.h>
|
||||
#endif /* WIN32 */
|
||||
|
||||
@ -819,27 +824,17 @@ diff -up cups-2.2.5/scheduler/cupsd.h.lspp cups-2.2.5/scheduler/cupsd.h
|
||||
#include "mime.h"
|
||||
|
||||
#if defined(HAVE_CDSASSL)
|
||||
# include <CoreFoundation/CoreFoundation.h>
|
||||
#endif /* HAVE_CDSASSL */
|
||||
|
||||
-
|
||||
/*
|
||||
* Some OS's don't have hstrerror(), most notably Solaris...
|
||||
*/
|
||||
diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
--- cups-2.2.5/scheduler/ipp.c.lspp 2017-10-17 19:06:19.599229305 +0200
|
||||
+++ cups-2.2.5/scheduler/ipp.c 2017-10-17 19:06:19.695228506 +0200
|
||||
@@ -14,6 +14,9 @@
|
||||
* missing or damaged, see the license at "http://www.cups.org/".
|
||||
*/
|
||||
|
||||
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
||||
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
||||
+
|
||||
/*
|
||||
* Include necessary headers...
|
||||
*/
|
||||
@@ -37,6 +40,14 @@ extern int mbr_check_membership_by_id(uu
|
||||
@@ -248,4 +256,4 @@ extern void cupsdRunTimeout (cupsd_t
|
||||
extern void cupsdUpdateTimeout (cupsd_timeout_t *timeout,
|
||||
const struct timeval *tv);
|
||||
extern void cupsdRemoveTimeout (cupsd_timeout_t *timeout);
|
||||
-#endif /* HAVE_AVAHI */
|
||||
\ No newline at end of file
|
||||
+#endif /* HAVE_AVAHI */
|
||||
diff -up cups-2.2.6/scheduler/ipp.c.lspp cups-2.2.6/scheduler/ipp.c
|
||||
--- cups-2.2.6/scheduler/ipp.c.lspp 2024-08-15 14:55:07.268819431 +0200
|
||||
+++ cups-2.2.6/scheduler/ipp.c 2024-08-15 14:56:15.961900807 +0200
|
||||
@@ -37,6 +37,12 @@ extern int mbr_check_membership_by_id(uu
|
||||
# endif /* HAVE_MEMBERSHIPPRIV_H */
|
||||
#endif /* __APPLE__ */
|
||||
|
||||
@ -848,13 +843,11 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
+#include <selinux/selinux.h>
|
||||
+#include <selinux/context.h>
|
||||
+#include <selinux/avc.h>
|
||||
+#include <selinux/flask.h>
|
||||
+#include <selinux/av_permissions.h>
|
||||
+#endif /* WITH_LSPP */
|
||||
|
||||
/*
|
||||
* Local functions...
|
||||
@@ -61,6 +72,9 @@ static void cancel_all_jobs(cupsd_client
|
||||
@@ -61,6 +67,9 @@ static void cancel_all_jobs(cupsd_client
|
||||
static void cancel_job(cupsd_client_t *con, ipp_attribute_t *uri);
|
||||
static void cancel_subscription(cupsd_client_t *con, int id);
|
||||
static int check_rss_recipient(const char *recipient);
|
||||
@ -864,7 +857,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
static int check_quotas(cupsd_client_t *con, cupsd_printer_t *p);
|
||||
static void close_job(cupsd_client_t *con, ipp_attribute_t *uri);
|
||||
static void copy_attrs(ipp_t *to, ipp_t *from, cups_array_t *ra,
|
||||
@@ -1286,6 +1300,21 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1286,6 +1295,21 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
"time-at-creation",
|
||||
"time-at-processing"
|
||||
};
|
||||
@ -886,7 +879,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
|
||||
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "add_job(%p[%d], %p(%s), %p(%s/%s))",
|
||||
@@ -1597,6 +1626,106 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1607,6 +1631,106 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
@ -923,18 +916,18 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
+ /*
|
||||
+ * The printer does not exist, so for now assume it's a FileDevice
|
||||
+ */
|
||||
+ tclass = SECCLASS_FILE;
|
||||
+ avr = FILE__WRITE;
|
||||
+ tclass = string_to_security_class("file");
|
||||
+ avr = string_to_av_perm(tclass, "write");
|
||||
+ }
|
||||
+ else if (S_ISCHR(printerstat.st_mode))
|
||||
+ {
|
||||
+ tclass = SECCLASS_CHR_FILE;
|
||||
+ avr = CHR_FILE__WRITE;
|
||||
+ tclass = string_to_security_class("chr_file");
|
||||
+ avr = string_to_av_perm(tclass, "write");
|
||||
+ }
|
||||
+ else if (S_ISREG(printerstat.st_mode))
|
||||
+ {
|
||||
+ tclass = SECCLASS_FILE;
|
||||
+ avr = FILE__WRITE;
|
||||
+ tclass = string_to_security_class("file");
|
||||
+ avr = string_to_av_perm(tclass, "write");
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
@ -993,7 +986,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
if ((job = cupsdAddJob(priority, printer->name)) == NULL)
|
||||
{
|
||||
send_ipp_status(con, IPP_INTERNAL_ERROR,
|
||||
@@ -1605,6 +1734,32 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1615,6 +1739,32 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
@ -1026,7 +1019,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
job->dtype = printer->type & (CUPS_PRINTER_CLASS | CUPS_PRINTER_REMOTE);
|
||||
job->attrs = con->request;
|
||||
job->dirty = 1;
|
||||
@@ -1794,6 +1949,29 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1802,6 +1952,29 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
ippSetString(job->attrs, &attr, 0, printer->job_sheets[0]);
|
||||
ippSetString(job->attrs, &attr, 1, printer->job_sheets[1]);
|
||||
}
|
||||
@ -1056,7 +1049,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
|
||||
job->job_sheets = attr;
|
||||
|
||||
@@ -1824,6 +2002,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1832,6 +2005,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
"job-sheets=\"%s,none\", "
|
||||
"job-originating-user-name=\"%s\"",
|
||||
Classification, job->username);
|
||||
@ -1066,7 +1059,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
}
|
||||
else if (attr->num_values == 2 &&
|
||||
strcmp(attr->values[0].string.text,
|
||||
@@ -1842,6 +2023,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1850,6 +2026,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
"job-originating-user-name=\"%s\"",
|
||||
attr->values[0].string.text,
|
||||
attr->values[1].string.text, job->username);
|
||||
@ -1076,7 +1069,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
}
|
||||
else if (strcmp(attr->values[0].string.text, Classification) &&
|
||||
strcmp(attr->values[0].string.text, "none") &&
|
||||
@@ -1862,6 +2046,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1870,6 +2049,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
"job-originating-user-name=\"%s\"",
|
||||
attr->values[0].string.text,
|
||||
attr->values[1].string.text, job->username);
|
||||
@ -1086,14 +1079,14 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
}
|
||||
}
|
||||
else if (strcmp(attr->values[0].string.text, Classification) &&
|
||||
@@ -1902,8 +2089,52 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
@@ -1910,9 +2092,55 @@ add_job(cupsd_client_t *con, /* I - Cl
|
||||
"job-sheets=\"%s\", "
|
||||
"job-originating-user-name=\"%s\"",
|
||||
Classification, job->username);
|
||||
+#ifdef WITH_LSPP
|
||||
+ override = 1;
|
||||
+#endif /* WITH_LSPP */
|
||||
}
|
||||
+ }
|
||||
+#ifdef WITH_LSPP
|
||||
+ if (is_lspp_config() && AuditLog != -1)
|
||||
+ {
|
||||
@ -1127,19 +1120,22 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
+ }
|
||||
+ cupsdClearString(&audit_message);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
}
|
||||
+#endif /* WITH_LSPP */
|
||||
}
|
||||
|
||||
+#ifdef WITH_LSPP
|
||||
+ if (userheader)
|
||||
+ free(userheader);
|
||||
+ if (userfooter)
|
||||
+ free(userfooter);
|
||||
+#endif /* WITH_LSPP */
|
||||
}
|
||||
+
|
||||
|
||||
+
|
||||
/*
|
||||
* See if we need to add the starting sheet...
|
||||
@@ -3686,6 +3917,128 @@ check_rss_recipient(
|
||||
*/
|
||||
@@ -3694,6 +3922,128 @@ check_rss_recipient(
|
||||
}
|
||||
|
||||
|
||||
@ -1211,8 +1207,8 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
+ return -1;
|
||||
+ }
|
||||
+ avc_entry_ref_init(&avcref);
|
||||
+ tclass = SECCLASS_FILE;
|
||||
+ avr = FILE__READ;
|
||||
+ tclass = string_to_security_class("file");
|
||||
+ avr = string_to_av_perm(tclass, "read");
|
||||
+
|
||||
+ /*
|
||||
+ * Perform the check with the client as the subject, first with the job as the object
|
||||
@ -1268,7 +1264,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
/*
|
||||
* 'check_quotas()' - Check quotas for a printer and user.
|
||||
*/
|
||||
@@ -4142,6 +4495,15 @@ copy_banner(cupsd_client_t *con, /* I -
|
||||
@@ -4150,6 +4500,15 @@ copy_banner(cupsd_client_t *con, /* I -
|
||||
char attrname[255], /* Name of attribute */
|
||||
*s; /* Pointer into name */
|
||||
ipp_attribute_t *attr; /* Attribute */
|
||||
@ -1284,7 +1280,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
|
||||
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2,
|
||||
@@ -4177,6 +4539,85 @@ copy_banner(cupsd_client_t *con, /* I -
|
||||
@@ -4185,6 +4544,85 @@ copy_banner(cupsd_client_t *con, /* I -
|
||||
|
||||
fchmod(cupsFileNumber(out), 0640);
|
||||
fchown(cupsFileNumber(out), RunUser, Group);
|
||||
@ -1370,7 +1366,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
|
||||
/*
|
||||
* Try the localized banner file under the subdirectory...
|
||||
@@ -4271,6 +4712,24 @@ copy_banner(cupsd_client_t *con, /* I -
|
||||
@@ -4279,6 +4717,24 @@ copy_banner(cupsd_client_t *con, /* I -
|
||||
else
|
||||
s = attrname;
|
||||
|
||||
@ -1395,7 +1391,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
if (!strcmp(s, "printer-name"))
|
||||
{
|
||||
cupsFilePuts(out, job->dest);
|
||||
@@ -6459,6 +6918,22 @@ get_job_attrs(cupsd_client_t *con, /* I
|
||||
@@ -6467,6 +6923,22 @@ get_job_attrs(cupsd_client_t *con, /* I
|
||||
|
||||
exclude = cupsdGetPrivateAttrs(policy, con, printer, job->username);
|
||||
|
||||
@ -1418,7 +1414,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
/*
|
||||
* Copy attributes...
|
||||
*/
|
||||
@@ -6856,6 +7331,11 @@ get_jobs(cupsd_client_t *con, /* I - C
|
||||
@@ -6864,6 +7336,11 @@ get_jobs(cupsd_client_t *con, /* I - C
|
||||
if (username[0] && _cups_strcasecmp(username, job->username))
|
||||
continue;
|
||||
|
||||
@ -1430,7 +1426,7 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
if (count > 0)
|
||||
ippAddSeparator(con->response);
|
||||
|
||||
@@ -11487,6 +11967,11 @@ validate_user(cupsd_job_t *job, /* I
|
||||
@@ -11495,6 +11972,11 @@ validate_user(cupsd_job_t *job, /* I
|
||||
|
||||
strlcpy(username, get_username(con), userlen);
|
||||
|
||||
@ -1442,20 +1438,10 @@ diff -up cups-2.2.5/scheduler/ipp.c.lspp cups-2.2.5/scheduler/ipp.c
|
||||
/*
|
||||
* Check the username against the owner...
|
||||
*/
|
||||
diff -up cups-2.2.5/scheduler/job.c.lspp cups-2.2.5/scheduler/job.c
|
||||
--- cups-2.2.5/scheduler/job.c.lspp 2017-10-17 19:06:19.607229238 +0200
|
||||
+++ cups-2.2.5/scheduler/job.c 2017-10-17 19:06:19.696228498 +0200
|
||||
@@ -11,6 +11,9 @@
|
||||
* missing or damaged, see the license at "http://www.cups.org/".
|
||||
*/
|
||||
|
||||
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
||||
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
||||
+
|
||||
/*
|
||||
* Include necessary headers...
|
||||
*/
|
||||
@@ -26,6 +29,14 @@
|
||||
diff -up cups-2.2.6/scheduler/job.c.lspp cups-2.2.6/scheduler/job.c
|
||||
--- cups-2.2.6/scheduler/job.c.lspp 2024-08-15 14:55:07.278819298 +0200
|
||||
+++ cups-2.2.6/scheduler/job.c 2024-08-15 14:55:07.316818790 +0200
|
||||
@@ -26,6 +26,12 @@
|
||||
# endif /* HAVE_IOKIT_PWR_MGT_IOPMLIBPRIVATE_H */
|
||||
#endif /* __APPLE__ */
|
||||
|
||||
@ -1464,13 +1450,11 @@ diff -up cups-2.2.5/scheduler/job.c.lspp cups-2.2.5/scheduler/job.c
|
||||
+#include <selinux/selinux.h>
|
||||
+#include <selinux/context.h>
|
||||
+#include <selinux/avc.h>
|
||||
+#include <selinux/flask.h>
|
||||
+#include <selinux/av_permissions.h>
|
||||
+#endif /* WITH_LSPP */
|
||||
|
||||
/*
|
||||
* Design Notes for Job Management
|
||||
@@ -547,6 +558,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I
|
||||
@@ -547,6 +553,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I
|
||||
/* PRINTER_STATE_REASONS env var */
|
||||
rip_max_cache[255];
|
||||
/* RIP_MAX_CACHE env variable */
|
||||
@ -1485,7 +1469,7 @@ diff -up cups-2.2.5/scheduler/job.c.lspp cups-2.2.5/scheduler/job.c
|
||||
|
||||
|
||||
cupsdLogMessage(CUPSD_LOG_DEBUG2,
|
||||
@@ -1083,6 +1102,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I
|
||||
@@ -1083,6 +1097,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I
|
||||
if (final_content_type[0])
|
||||
envp[envc ++] = final_content_type;
|
||||
|
||||
@ -1553,6 +1537,18 @@ diff -up cups-2.2.5/scheduler/job.c.lspp cups-2.2.5/scheduler/job.c
|
||||
if (Classification && !banner_page)
|
||||
{
|
||||
if ((attr = ippFindAttribute(job->attrs, "job-sheets",
|
||||
@@ -1464,6 +1539,11 @@ cupsdDeleteJob(cupsd_job_t *job, /
|
||||
|
||||
cupsdClearString(&job->username);
|
||||
cupsdClearString(&job->dest);
|
||||
+
|
||||
+#ifdef WITH_LSPP
|
||||
+ cupsdClearString(&job->scon);
|
||||
+#endif
|
||||
+
|
||||
for (i = 0;
|
||||
i < (int)(sizeof(job->auth_env) / sizeof(job->auth_env[0]));
|
||||
i ++)
|
||||
@@ -1908,6 +1988,22 @@ cupsdLoadJob(cupsd_job_t *job) /* I - J
|
||||
ippSetString(job->attrs, &job->reasons, 0, "none");
|
||||
}
|
||||
@ -1740,18 +1736,18 @@ diff -up cups-2.2.5/scheduler/job.c.lspp cups-2.2.5/scheduler/job.c
|
||||
+ /*
|
||||
+ * The printer does not exist, so for now assume it's a FileDevice
|
||||
+ */
|
||||
+ tclass = SECCLASS_FILE;
|
||||
+ avr = FILE__WRITE;
|
||||
+ tclass = string_to_security_class("file");
|
||||
+ avr = string_to_av_perm(tclass, "write");
|
||||
+ }
|
||||
+ else if (S_ISCHR(printerstat.st_mode))
|
||||
+ {
|
||||
+ tclass = SECCLASS_CHR_FILE;
|
||||
+ avr = CHR_FILE__WRITE;
|
||||
+ tclass = string_to_security_class("chr_file");
|
||||
+ avr = string_to_av_perm(tclass, "write");
|
||||
+ }
|
||||
+ else if (S_ISREG(printerstat.st_mode))
|
||||
+ {
|
||||
+ tclass = SECCLASS_FILE;
|
||||
+ avr = FILE__WRITE;
|
||||
+ tclass = string_to_security_class("file");
|
||||
+ avr = string_to_av_perm(tclass, "write");
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
@ -1823,16 +1819,13 @@ diff -up cups-2.2.5/scheduler/job.c.lspp cups-2.2.5/scheduler/job.c
|
||||
/*
|
||||
* Now start the first file in the job...
|
||||
*/
|
||||
diff -up cups-2.2.5/scheduler/job.h.lspp cups-2.2.5/scheduler/job.h
|
||||
--- cups-2.2.5/scheduler/job.h.lspp 2017-10-13 20:22:26.000000000 +0200
|
||||
+++ cups-2.2.5/scheduler/job.h 2017-10-17 19:06:19.696228498 +0200
|
||||
@@ -11,6 +11,13 @@
|
||||
diff -up cups-2.2.6/scheduler/job.h.lspp cups-2.2.6/scheduler/job.h
|
||||
--- cups-2.2.6/scheduler/job.h.lspp 2017-11-01 15:57:53.000000000 +0100
|
||||
+++ cups-2.2.6/scheduler/job.h 2024-08-15 14:55:07.316818790 +0200
|
||||
@@ -11,6 +11,10 @@
|
||||
* missing or damaged, see the license at "http://www.cups.org/".
|
||||
*/
|
||||
|
||||
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
||||
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
||||
+
|
||||
+#ifdef WITH_LSPP
|
||||
+#include <selinux/selinux.h>
|
||||
+#endif /* WITH_LSPP */
|
||||
@ -1840,7 +1833,7 @@ diff -up cups-2.2.5/scheduler/job.h.lspp cups-2.2.5/scheduler/job.h
|
||||
/*
|
||||
* Constants...
|
||||
*/
|
||||
@@ -88,6 +95,10 @@ struct cupsd_job_s /**** Job request *
|
||||
@@ -88,6 +92,10 @@ struct cupsd_job_s /**** Job request *
|
||||
int progress; /* Printing progress */
|
||||
int num_keywords; /* Number of PPD keywords */
|
||||
cups_option_t *keywords; /* PPD keywords */
|
||||
@ -1851,9 +1844,9 @@ diff -up cups-2.2.5/scheduler/job.h.lspp cups-2.2.5/scheduler/job.h
|
||||
};
|
||||
|
||||
typedef struct cupsd_joblog_s /**** Job log message ****/
|
||||
diff -up cups-2.2.5/scheduler/main.c.lspp cups-2.2.5/scheduler/main.c
|
||||
--- cups-2.2.5/scheduler/main.c.lspp 2017-10-17 19:06:19.637228989 +0200
|
||||
+++ cups-2.2.5/scheduler/main.c 2017-10-17 19:08:26.642173026 +0200
|
||||
diff -up cups-2.2.6/scheduler/main.c.lspp cups-2.2.6/scheduler/main.c
|
||||
--- cups-2.2.6/scheduler/main.c.lspp 2024-08-15 14:55:07.299819017 +0200
|
||||
+++ cups-2.2.6/scheduler/main.c 2024-08-15 14:55:07.316818790 +0200
|
||||
@@ -56,6 +56,9 @@
|
||||
# include <sys/param.h>
|
||||
#endif /* HAVE_SYS_PARAM_H */
|
||||
@ -1874,7 +1867,7 @@ diff -up cups-2.2.5/scheduler/main.c.lspp cups-2.2.5/scheduler/main.c
|
||||
#ifdef __APPLE__
|
||||
int use_sysman = 1; /* Use system management functions? */
|
||||
#else
|
||||
@@ -516,6 +522,25 @@ main(int argc, /* I - Number of comm
|
||||
@@ -508,6 +514,25 @@ main(int argc, /* I - Number of comm
|
||||
exit(errno);
|
||||
}
|
||||
|
||||
@ -1900,7 +1893,7 @@ diff -up cups-2.2.5/scheduler/main.c.lspp cups-2.2.5/scheduler/main.c
|
||||
/*
|
||||
* Let the system know we are busy while we bring up cupsd...
|
||||
*/
|
||||
@@ -1227,6 +1252,11 @@ main(int argc, /* I - Number of comm
|
||||
@@ -1219,6 +1244,11 @@ main(int argc, /* I - Number of comm
|
||||
|
||||
cupsdStopSelect();
|
||||
|
||||
@ -1912,19 +1905,10 @@ diff -up cups-2.2.5/scheduler/main.c.lspp cups-2.2.5/scheduler/main.c
|
||||
return (!stop_scheduler);
|
||||
}
|
||||
|
||||
diff -up cups-2.2.5/scheduler/printers.c.lspp cups-2.2.5/scheduler/printers.c
|
||||
--- cups-2.2.5/scheduler/printers.c.lspp 2017-10-17 19:06:19.587229404 +0200
|
||||
+++ cups-2.2.5/scheduler/printers.c 2017-10-17 19:06:19.697228490 +0200
|
||||
@@ -11,6 +11,8 @@
|
||||
* missing or damaged, see the license at "http://www.cups.org/".
|
||||
*/
|
||||
|
||||
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
||||
+
|
||||
/*
|
||||
* Include necessary headers...
|
||||
*/
|
||||
@@ -35,6 +37,10 @@
|
||||
diff -up cups-2.2.6/scheduler/printers.c.lspp cups-2.2.6/scheduler/printers.c
|
||||
--- cups-2.2.6/scheduler/printers.c.lspp 2024-08-15 14:55:07.253819632 +0200
|
||||
+++ cups-2.2.6/scheduler/printers.c 2024-08-15 14:55:07.317818776 +0200
|
||||
@@ -35,6 +35,10 @@
|
||||
# include <asl.h>
|
||||
#endif /* __APPLE__ */
|
||||
|
||||
@ -1935,7 +1919,7 @@ diff -up cups-2.2.5/scheduler/printers.c.lspp cups-2.2.5/scheduler/printers.c
|
||||
|
||||
/*
|
||||
* Local functions...
|
||||
@@ -2212,6 +2218,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
|
||||
@@ -2212,6 +2216,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
|
||||
ipp_attribute_t *attr; /* Attribute data */
|
||||
char *name, /* Current user/group name */
|
||||
*filter; /* Current filter */
|
||||
@ -1949,7 +1933,7 @@ diff -up cups-2.2.5/scheduler/printers.c.lspp cups-2.2.5/scheduler/printers.c
|
||||
|
||||
|
||||
DEBUG_printf(("cupsdSetPrinterAttrs: entering name = %s, type = %x\n", p->name,
|
||||
@@ -2339,6 +2352,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
|
||||
@@ -2339,6 +2350,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
|
||||
attr->values[1].string.text = _cupsStrAlloc(Classification ?
|
||||
Classification : p->job_sheets[1]);
|
||||
}
|
||||
|
@ -22,7 +22,7 @@ Summary: CUPS printing system
|
||||
Name: cups
|
||||
Epoch: 1
|
||||
Version: 2.2.6
|
||||
Release: 60%{?dist}
|
||||
Release: 61%{?dist}
|
||||
License: GPLv2+ and LGPLv2 with exceptions and AML
|
||||
Url: http://www.cups.org/
|
||||
Source0: https://github.com/apple/cups/releases/download/v%{VERSION}/cups-%{VERSION}-source.tar.gz
|
||||
@ -935,6 +935,10 @@ rm -f %{cups_serverbin}/backend/smb
|
||||
%{_mandir}/man5/ipptoolfile.5.gz
|
||||
|
||||
%changelog
|
||||
* Thu Aug 15 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.2.6-61
|
||||
- RHEL-54038 cups source rpm doesn't actually build lspp support
|
||||
- fix memory leaks caused by lspp
|
||||
|
||||
* Tue Jun 18 2024 Pavol Zacik <pzacik@redhat.com> - 1:2.2.6-60
|
||||
- RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777
|
||||
- Delete the domain socket file after stopping the cups.socket service
|
||||
|
Loading…
Reference in New Issue
Block a user