- LSPP patch didn't get updated properly in 1:1.2.4-6. Use the right patch
this time (bug #208676). LSPP re-enabled.
This commit is contained in:
Tim Waugh
parent
6bb98ac828
commit
c5c707372a
@ -955,7 +955,7 @@
|
|||||||
OPTIONS =
|
OPTIONS =
|
||||||
PAMLIBS = @PAMLIBS@
|
PAMLIBS = @PAMLIBS@
|
||||||
--- cups-1.2.4-orig/scheduler/client.c 2006-09-19 16:44:07.000000000 -0400
|
--- cups-1.2.4-orig/scheduler/client.c 2006-09-19 16:44:07.000000000 -0400
|
||||||
+++ cups-1.2.4/scheduler/client.c 2006-10-03 12:04:45.000000000 -0400
|
+++ cups-1.2.4/scheduler/client.c 2006-10-04 11:53:10.000000000 -0400
|
||||||
@@ -44,12 +44,17 @@
|
@@ -44,12 +44,17 @@
|
||||||
* make_certificate() - Make a self-signed SSL/TLS certificate.
|
* make_certificate() - Make a self-signed SSL/TLS certificate.
|
||||||
* pipe_command() - Pipe the output of a command to the remote client.
|
* pipe_command() - Pipe the output of a command to the remote client.
|
||||||
@ -987,7 +987,7 @@
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Local functions...
|
* Local functions...
|
||||||
@@ -381,6 +392,53 @@
|
@@ -381,6 +392,55 @@
|
||||||
"cupsdAcceptClient: %d connected to server on %s:%d",
|
"cupsdAcceptClient: %d connected to server on %s:%d",
|
||||||
con->http.fd, con->servername, con->serverport);
|
con->http.fd, con->servername, con->serverport);
|
||||||
|
|
||||||
@ -1007,7 +1007,8 @@
|
|||||||
+ {
|
+ {
|
||||||
+ close(con->http.fd);
|
+ close(con->http.fd);
|
||||||
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: unable to determine client auid");
|
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: unable to determine client auid");
|
||||||
+ return (cupsdCloseClient(con));
|
+ free(con);
|
||||||
|
+ return;
|
||||||
+ }
|
+ }
|
||||||
+ cupsdLogMessage(CUPSD_LOG_INFO, "cupsdAcceptClient: peer's pid=%d, uid=%d, gid=%d, auid=%d",
|
+ cupsdLogMessage(CUPSD_LOG_INFO, "cupsdAcceptClient: peer's pid=%d, uid=%d, gid=%d, auid=%d",
|
||||||
+ cr.pid, cr.uid, cr.gid, con->auid);
|
+ cr.pid, cr.uid, cr.gid, con->auid);
|
||||||
@ -1016,7 +1017,8 @@
|
|||||||
+ {
|
+ {
|
||||||
+ close(con->http.fd);
|
+ close(con->http.fd);
|
||||||
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: getsockopt() failed");
|
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: getsockopt() failed");
|
||||||
+ return (cupsdCloseClient(con));
|
+ free(con);
|
||||||
|
+ return;
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
+ /*
|
+ /*
|
||||||
@ -1041,7 +1043,7 @@
|
|||||||
/*
|
/*
|
||||||
* Using TCP_NODELAY improves responsiveness, especially on systems
|
* Using TCP_NODELAY improves responsiveness, especially on systems
|
||||||
* with a slow loopback interface... Since we write large buffers
|
* with a slow loopback interface... Since we write large buffers
|
||||||
@@ -711,6 +769,11 @@
|
@@ -711,6 +771,11 @@
|
||||||
mime_type_t *type; /* MIME type of file */
|
mime_type_t *type; /* MIME type of file */
|
||||||
cupsd_printer_t *p; /* Printer */
|
cupsd_printer_t *p; /* Printer */
|
||||||
static unsigned request_id = 0; /* Request ID for temp files */
|
static unsigned request_id = 0; /* Request ID for temp files */
|
||||||
@ -1053,7 +1055,7 @@
|
|||||||
|
|
||||||
|
|
||||||
status = HTTP_CONTINUE;
|
status = HTTP_CONTINUE;
|
||||||
@@ -1797,6 +1860,38 @@
|
@@ -1797,6 +1862,47 @@
|
||||||
fchmod(con->file, 0640);
|
fchmod(con->file, 0640);
|
||||||
fchown(con->file, RunUser, Group);
|
fchown(con->file, RunUser, Group);
|
||||||
fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
|
fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
|
||||||
@ -1069,6 +1071,15 @@
|
|||||||
+ clicon = context_new(con->scon);
|
+ clicon = context_new(con->scon);
|
||||||
+ tmpcon = context_new(spoolcon);
|
+ tmpcon = context_new(spoolcon);
|
||||||
+ freecon(spoolcon);
|
+ freecon(spoolcon);
|
||||||
|
+ if (!clicon || !tmpcon)
|
||||||
|
+ {
|
||||||
|
+ cupsdSendError(con, HTTP_SERVER_ERROR);
|
||||||
|
+ if (clicon)
|
||||||
|
+ context_free(clicon);
|
||||||
|
+ if (tmpcon)
|
||||||
|
+ context_free(tmpcon);
|
||||||
|
+ return (cupsdCloseClient(con));
|
||||||
|
+ }
|
||||||
+ if (context_range_set(tmpcon, (context_range_get(clicon))) == -1)
|
+ if (context_range_set(tmpcon, (context_range_get(clicon))) == -1)
|
||||||
+ {
|
+ {
|
||||||
+ cupsdSendError(con, HTTP_SERVER_ERROR);
|
+ cupsdSendError(con, HTTP_SERVER_ERROR);
|
||||||
@ -1092,7 +1103,7 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (con->http.state != HTTP_POST_SEND)
|
if (con->http.state != HTTP_POST_SEND)
|
||||||
@@ -3810,6 +3905,49 @@
|
@@ -3810,6 +3916,49 @@
|
||||||
#endif /* HAVE_SSL */
|
#endif /* HAVE_SSL */
|
||||||
|
|
||||||
|
|
||||||
@ -1304,7 +1315,7 @@
|
|||||||
/*
|
/*
|
||||||
* End of "$Id: conf.h 5696 2006-06-26 18:34:20Z mike $".
|
* End of "$Id: conf.h 5696 2006-06-26 18:34:20Z mike $".
|
||||||
--- cups-1.2.4-orig/scheduler/ipp.c 2006-09-28 11:38:08.000000000 -0400
|
--- cups-1.2.4-orig/scheduler/ipp.c 2006-09-28 11:38:08.000000000 -0400
|
||||||
+++ cups-1.2.4/scheduler/ipp.c 2006-10-03 13:15:06.000000000 -0400
|
+++ cups-1.2.4/scheduler/ipp.c 2006-10-04 11:53:10.000000000 -0400
|
||||||
@@ -96,6 +96,9 @@
|
@@ -96,6 +96,9 @@
|
||||||
* validate_user() - Validate the user for the request.
|
* validate_user() - Validate the user for the request.
|
||||||
*/
|
*/
|
||||||
@ -1514,14 +1525,14 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if (strcmp(attr->values[0].string.text, Classification) &&
|
else if (strcmp(attr->values[0].string.text, Classification) &&
|
||||||
@@ -1652,9 +1805,52 @@
|
@@ -1652,7 +1805,50 @@
|
||||||
"job-sheets=\"%s\", "
|
"job-sheets=\"%s\", "
|
||||||
"job-originating-user-name=\"%s\"",
|
"job-originating-user-name=\"%s\"",
|
||||||
job->id, Classification, job->username);
|
job->id, Classification, job->username);
|
||||||
+#ifdef WITH_LSPP
|
+#ifdef WITH_LSPP
|
||||||
+ override = 1;
|
+ override = 1;
|
||||||
+#endif /* WITH_LSPP */
|
+#endif /* WITH_LSPP */
|
||||||
+ }
|
}
|
||||||
+#ifdef WITH_LSPP
|
+#ifdef WITH_LSPP
|
||||||
+ if (is_lspp_config() && AuditLog != -1)
|
+ if (is_lspp_config() && AuditLog != -1)
|
||||||
+ {
|
+ {
|
||||||
@ -1554,19 +1565,17 @@
|
|||||||
+ ServerName, NULL, NULL, 0);
|
+ ServerName, NULL, NULL, 0);
|
||||||
+ }
|
+ }
|
||||||
+ free(audit_message);
|
+ free(audit_message);
|
||||||
}
|
+ }
|
||||||
}
|
+ }
|
||||||
|
+
|
||||||
+ if (userheader)
|
+ if (userheader)
|
||||||
+ free(userheader);
|
+ free(userheader);
|
||||||
+ if (userfooter)
|
+ if (userfooter)
|
||||||
+ free(userfooter);
|
+ free(userfooter);
|
||||||
+#endif /* WITH_LSPP */
|
+#endif /* WITH_LSPP */
|
||||||
+ }
|
}
|
||||||
+
|
|
||||||
/*
|
/*
|
||||||
* See if we need to add the starting sheet...
|
|
||||||
*/
|
|
||||||
@@ -3504,6 +3700,13 @@
|
@@ -3504,6 +3700,13 @@
|
||||||
char attrname[255], /* Name of attribute */
|
char attrname[255], /* Name of attribute */
|
||||||
*s; /* Pointer into name */
|
*s; /* Pointer into name */
|
||||||
@ -1581,7 +1590,7 @@
|
|||||||
|
|
||||||
|
|
||||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "copy_banner(%p[%d], %p[%d], %s)",
|
cupsdLogMessage(CUPSD_LOG_DEBUG2, "copy_banner(%p[%d], %p[%d], %s)",
|
||||||
@@ -3537,6 +3740,46 @@
|
@@ -3537,6 +3740,57 @@
|
||||||
|
|
||||||
fchmod(cupsFileNumber(out), 0640);
|
fchmod(cupsFileNumber(out), 0640);
|
||||||
fchown(cupsFileNumber(out), RunUser, Group);
|
fchown(cupsFileNumber(out), RunUser, Group);
|
||||||
@ -1599,6 +1608,17 @@
|
|||||||
+ tmpcon = context_new(spoolcon);
|
+ tmpcon = context_new(spoolcon);
|
||||||
+ jobcon = context_new(con->scon);
|
+ jobcon = context_new(con->scon);
|
||||||
+ freecon(spoolcon);
|
+ freecon(spoolcon);
|
||||||
|
+ if (!tmpcon || !jobcon)
|
||||||
|
+ {
|
||||||
|
+ if (tmpcon)
|
||||||
|
+ context_free(tmpcon);
|
||||||
|
+ if (jobcon)
|
||||||
|
+ context_free(jobcon);
|
||||||
|
+ cupsdLogMessage(CUPSD_LOG_ERROR,
|
||||||
|
+ "copy_banner: Unable to get the SELinux contexts");
|
||||||
|
+ job->num_files --;
|
||||||
|
+ return (0);
|
||||||
|
+ }
|
||||||
+ if (context_range_set(tmpcon, (context_range_get(jobcon))) == -1)
|
+ if (context_range_set(tmpcon, (context_range_get(jobcon))) == -1)
|
||||||
+ {
|
+ {
|
||||||
+ cupsdLogMessage(CUPSD_LOG_ERROR,
|
+ cupsdLogMessage(CUPSD_LOG_ERROR,
|
||||||
@ -1628,7 +1648,7 @@
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Try the localized banner file under the subdirectory...
|
* Try the localized banner file under the subdirectory...
|
||||||
@@ -3631,6 +3874,24 @@
|
@@ -3631,6 +3885,24 @@
|
||||||
else
|
else
|
||||||
s = attrname;
|
s = attrname;
|
||||||
|
|
||||||
@ -1653,7 +1673,7 @@
|
|||||||
if (!strcmp(s, "printer-name"))
|
if (!strcmp(s, "printer-name"))
|
||||||
{
|
{
|
||||||
cupsFilePuts(out, job->dest);
|
cupsFilePuts(out, job->dest);
|
||||||
@@ -5352,6 +5613,18 @@
|
@@ -5352,6 +5624,18 @@
|
||||||
cupsd_printer_t *printer; /* Printer */
|
cupsd_printer_t *printer; /* Printer */
|
||||||
cups_array_t *list; /* Which job list... */
|
cups_array_t *list; /* Which job list... */
|
||||||
cups_array_t *ra; /* Requested attributes array */
|
cups_array_t *ra; /* Requested attributes array */
|
||||||
@ -1672,7 +1692,7 @@
|
|||||||
|
|
||||||
|
|
||||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs(%p[%d], %s)", con, con->http.fd,
|
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs(%p[%d], %s)", con, con->http.fd,
|
||||||
@@ -5469,6 +5742,45 @@
|
@@ -5469,6 +5753,45 @@
|
||||||
|
|
||||||
ra = create_requested_array(con->request);
|
ra = create_requested_array(con->request);
|
||||||
|
|
||||||
@ -1718,7 +1738,7 @@
|
|||||||
/*
|
/*
|
||||||
* OK, build a list of jobs for this printer...
|
* OK, build a list of jobs for this printer...
|
||||||
*/
|
*/
|
||||||
@@ -5506,6 +5818,42 @@
|
@@ -5506,6 +5829,42 @@
|
||||||
if (count > 0)
|
if (count > 0)
|
||||||
ippAddSeparator(con->response);
|
ippAddSeparator(con->response);
|
||||||
|
|
||||||
@ -1761,7 +1781,7 @@
|
|||||||
count ++;
|
count ++;
|
||||||
|
|
||||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs: count = %d", count);
|
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs: count = %d", count);
|
||||||
@@ -7944,12 +8292,22 @@
|
@@ -7944,12 +8303,22 @@
|
||||||
* See if we need to add the ending sheet...
|
* See if we need to add the ending sheet...
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@ -1784,7 +1804,7 @@
|
|||||||
/*
|
/*
|
||||||
* Yes...
|
* Yes...
|
||||||
*/
|
*/
|
||||||
@@ -9201,6 +9559,17 @@
|
@@ -9201,6 +9570,17 @@
|
||||||
int userlen) /* I - Length of username */
|
int userlen) /* I - Length of username */
|
||||||
{
|
{
|
||||||
cupsd_printer_t *printer; /* Printer for job */
|
cupsd_printer_t *printer; /* Printer for job */
|
||||||
@ -1802,7 +1822,7 @@
|
|||||||
|
|
||||||
|
|
||||||
cupsdLogMessage(CUPSD_LOG_DEBUG2,
|
cupsdLogMessage(CUPSD_LOG_DEBUG2,
|
||||||
@@ -9222,6 +9591,59 @@
|
@@ -9222,6 +9602,59 @@
|
||||||
|
|
||||||
strlcpy(username, get_username(con), userlen);
|
strlcpy(username, get_username(con), userlen);
|
||||||
|
|
||||||
@ -1863,7 +1883,7 @@
|
|||||||
* Check the username against the owner...
|
* Check the username against the owner...
|
||||||
*/
|
*/
|
||||||
--- cups-1.2.4-orig/scheduler/job.c 2006-09-28 11:38:08.000000000 -0400
|
--- cups-1.2.4-orig/scheduler/job.c 2006-09-28 11:38:08.000000000 -0400
|
||||||
+++ cups-1.2.4/scheduler/job.c 2006-10-03 12:04:45.000000000 -0400
|
+++ cups-1.2.4/scheduler/job.c 2006-10-04 11:53:10.000000000 -0400
|
||||||
@@ -68,6 +68,9 @@
|
@@ -68,6 +68,9 @@
|
||||||
* unload_job() - Unload a job from memory.
|
* unload_job() - Unload a job from memory.
|
||||||
*/
|
*/
|
||||||
@ -1925,7 +1945,7 @@
|
|||||||
|
|
||||||
|
|
||||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdSaveJob(job=%p(%d)): job->attrs=%p",
|
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdSaveJob(job=%p(%d)): job->attrs=%p",
|
||||||
@@ -1359,6 +1392,44 @@
|
@@ -1359,6 +1392,53 @@
|
||||||
fchmod(cupsFileNumber(fp), 0600);
|
fchmod(cupsFileNumber(fp), 0600);
|
||||||
fchown(cupsFileNumber(fp), RunUser, Group);
|
fchown(cupsFileNumber(fp), RunUser, Group);
|
||||||
|
|
||||||
@ -1942,6 +1962,15 @@
|
|||||||
+ jobcon = context_new(job->scon);
|
+ jobcon = context_new(job->scon);
|
||||||
+ tmpcon = context_new(spoolcon);
|
+ tmpcon = context_new(spoolcon);
|
||||||
+ freecon(spoolcon);
|
+ freecon(spoolcon);
|
||||||
|
+ if (!jobcon || !tmpcon)
|
||||||
|
+ {
|
||||||
|
+ if (jobcon)
|
||||||
|
+ context_free(jobcon);
|
||||||
|
+ if (tmpcon)
|
||||||
|
+ context_free(tmpcon);
|
||||||
|
+ cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to get SELinux contexts");
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
+ if (context_range_set(tmpcon, (context_range_get(jobcon))) == -1)
|
+ if (context_range_set(tmpcon, (context_range_get(jobcon))) == -1)
|
||||||
+ {
|
+ {
|
||||||
+ cupsdLogMessage(CUPSD_LOG_ERROR,
|
+ cupsdLogMessage(CUPSD_LOG_ERROR,
|
||||||
@ -1970,7 +1999,7 @@
|
|||||||
job->attrs->state = IPP_IDLE;
|
job->attrs->state = IPP_IDLE;
|
||||||
|
|
||||||
if (ippWriteIO(fp, (ipp_iocb_t)cupsFileWrite, 1, NULL,
|
if (ippWriteIO(fp, (ipp_iocb_t)cupsFileWrite, 1, NULL,
|
||||||
@@ -2487,6 +2558,21 @@
|
@@ -2487,6 +2567,21 @@
|
||||||
/* RIP_MAX_CACHE env variable */
|
/* RIP_MAX_CACHE env variable */
|
||||||
static char *options = NULL;/* Full list of options */
|
static char *options = NULL;/* Full list of options */
|
||||||
static int optlength = 0; /* Length of option buffer */
|
static int optlength = 0; /* Length of option buffer */
|
||||||
@ -1992,7 +2021,7 @@
|
|||||||
|
|
||||||
|
|
||||||
cupsdLogMessage(CUPSD_LOG_DEBUG2, "start_job: id = %d, file = %d/%d",
|
cupsdLogMessage(CUPSD_LOG_DEBUG2, "start_job: id = %d, file = %d/%d",
|
||||||
@@ -2740,6 +2826,77 @@
|
@@ -2740,6 +2835,77 @@
|
||||||
|
|
||||||
cupsdLogMessage(CUPSD_LOG_DEBUG, "banner_page = %d", banner_page);
|
cupsdLogMessage(CUPSD_LOG_DEBUG, "banner_page = %d", banner_page);
|
||||||
|
|
||||||
@ -2070,14 +2099,14 @@
|
|||||||
/*
|
/*
|
||||||
* Building the options string is harder than it needs to be, but
|
* Building the options string is harder than it needs to be, but
|
||||||
* for the moment we need to pass strings for command-line args and
|
* for the moment we need to pass strings for command-line args and
|
||||||
@@ -3069,7 +3226,66 @@
|
@@ -3069,7 +3235,66 @@
|
||||||
snprintf(classification, sizeof(classification), "CLASSIFICATION=%s",
|
snprintf(classification, sizeof(classification), "CLASSIFICATION=%s",
|
||||||
attr->values[0].string.text);
|
attr->values[0].string.text);
|
||||||
|
|
||||||
+#ifdef WITH_LSPP
|
+#ifdef WITH_LSPP
|
||||||
+ if (is_lspp_config())
|
+ if (is_lspp_config())
|
||||||
+ {
|
+ {
|
||||||
+ if (job->scon == NULL)
|
+ if (!job->scon || strncmp(job->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) == 0)
|
||||||
+ {
|
+ {
|
||||||
+ if (AuditLog != -1)
|
+ if (AuditLog != -1)
|
||||||
+ {
|
+ {
|
||||||
|
|||||||
@ -6,7 +6,7 @@
|
|||||||
Summary: Common Unix Printing System
|
Summary: Common Unix Printing System
|
||||||
Name: cups
|
Name: cups
|
||||||
Version: 1.2.4
|
Version: 1.2.4
|
||||||
Release: 7
|
Release: 8
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
Source: ftp://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
|
Source: ftp://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
|
||||||
@ -413,7 +413,7 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{cups_serverbin}/daemon/cups-lpd
|
%{cups_serverbin}/daemon/cups-lpd
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Wed Oct 4 2006 Tim Waugh <twaugh@redhat.com>
|
* Wed Oct 4 2006 Tim Waugh <twaugh@redhat.com> 1:1.2.4-8
|
||||||
- LSPP patch didn't get updated properly in 1:1.2.4-6. Use the right
|
- LSPP patch didn't get updated properly in 1:1.2.4-6. Use the right
|
||||||
patch this time (bug #208676). LSPP re-enabled.
|
patch this time (bug #208676). LSPP re-enabled.
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user