-
Notifications
You must be signed in to change notification settings - Fork 457
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PPD files in /etc/cups/ppd/ are sometimes not world-readable #4703
Comments
CUPS.org User: mike First, the PPD file should have ConfigFilePerms applied, not a hardcoded 0644. Second, please report a bug to Google on the Chromium browser - no application should assume the location of PPD files, as that is an implementation detail that is subject to change (and with IPP Everywhere it is conceivable that there will be no constant PPD file in coming releases of CUPS...) The cupsGetPPD API is provided for getting the PPD of a print queue and it what we expect them to use. Anything else WILL fail at some point. |
CUPS.org User: mike Looking at the code, the copy_model code is already doing the Right Thing(tm), but the code that copies the attached PPD file/interface script is not. If you want configuration files readable by ordinary users, that needs to be set in the cups-files.conf file that you ship. The default is 0640 (group read) set with the "--with-config-file-perm" configure option. What I'll do here is update the attachment code to use ConfigFilePerm so that they are consistent. Google needs to fix Chromium. |
CUPS.org User: mike Fixed in Subversion repository. |
"scheduler-create-ppd-correct-permissions.patch": --- a/scheduler/ipp.c
|
"str4703.patch": Index: scheduler/ipp.c--- scheduler/ipp.c (revision 12850)
cupsdLogMessage(CUPSD_LOG_DEBUG,
cupsdLogMessage(CUPSD_LOG_DEBUG,
static int /* O - 0 = success, -1 = error /
cupsFileClose(src);
|
CUPS.org User: till.kamppeter The problem of the Chromium browser mentioned here is solved now. It was a CUPS bug, this one: https://www.cups.org/str.php?L4725 After applying the patch there the print dialog of Chromium works correctly, no need of world-readable PPD files. |
Version: 2.1-current
CUPS.org User: till.kamppeter
Depending on whether the scheduler gets an IPP request for adding or modifying a print queue with a PPD file attached or with a printer model URI (from "lpinfo -m" output) the resulting PPD in /etc/cups/ppd/ is world-readable or not, and it seems that world-readable is the desired way.
Also the print dialog of the Chromium browser (Linux) hangs when the PPD of the selected printer is not world-readable.
If the IPP request has the PPD attached, the scheduler copies it to /etc/cups/ppd/ and explicitly sets the permissions to 0644 (scheduler/ipp.c, line 2651), so I assume that this is intended behavior. Ownerships are root.root in this case (probably UID and GID of the cupsd process).
If the IPP request has no attached PPD but only a model URI, the copy_model() function of scheduler/ipp.c is used which creates a temporary file (not world-readable) through which the PPD gets into /etc/cups/ppd/ and as nowhere permissions are set explicitly, the file ends up not world-readable which is probably not intended. Ownerships are also root.lp in this case.
I have a patch attached which fixes it by explicitly setting permissions and ownerships appropriately for the case that the IPP request has a model URI and no attached PPD file.
The text was updated successfully, but these errors were encountered: