|
|
|
@ -1,21 +1,21 @@
|
|
|
|
|
diff --git a/Makedefs.in b/Makedefs.in
|
|
|
|
|
index d1b1ae9..4dba556 100644
|
|
|
|
|
--- a/Makedefs.in
|
|
|
|
|
+++ b/Makedefs.in
|
|
|
|
|
@@ -161,7 +161,7 @@ ARFLAGS = @ARFLAGS@
|
|
|
|
|
BACKLIBS = @BACKLIBS@
|
|
|
|
|
BUILDDIRS = @BUILDDIRS@
|
|
|
|
|
CFLAGS = @CPPFLAGS@ @CFLAGS@
|
|
|
|
|
-COMMONLIBS = @LIBS@
|
|
|
|
|
+COMMONLIBS = @LIBS@ @LIBAUDIT@ @LIBSELINUX@
|
|
|
|
|
CXXFLAGS = @CPPFLAGS@ @CXXFLAGS@
|
|
|
|
|
CXXLIBS = @CXXLIBS@
|
|
|
|
|
DBUS_NOTIFIER = @DBUS_NOTIFIER@
|
|
|
|
|
diff --git a/config-scripts/cups-lspp.m4 b/config-scripts/cups-lspp.m4
|
|
|
|
|
new file mode 100644
|
|
|
|
|
index 0000000..55bd1bb
|
|
|
|
|
--- /dev/null
|
|
|
|
|
+++ b/config-scripts/cups-lspp.m4
|
|
|
|
|
diff -up cups-2.3.0/config.h.in.lspp cups-2.3.0/config.h.in
|
|
|
|
|
--- cups-2.3.0/config.h.in.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/config.h.in 2019-10-07 12:24:43.058597468 +0200
|
|
|
|
|
@@ -684,4 +684,11 @@ static __inline int _cups_abs(int i) { r
|
|
|
|
|
# endif /* __GNUC__ || __STDC_VERSION__ */
|
|
|
|
|
#endif /* !HAVE_ABS && !abs */
|
|
|
|
|
|
|
|
|
|
+/*
|
|
|
|
|
+ * Are we trying to meet LSPP requirements?
|
|
|
|
|
+ */
|
|
|
|
|
+
|
|
|
|
|
+#undef WITH_LSPP
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
#endif /* !_CUPS_CONFIG_H_ */
|
|
|
|
|
diff -up cups-2.3.0/config-scripts/cups-lspp.m4.lspp cups-2.3.0/config-scripts/cups-lspp.m4
|
|
|
|
|
--- cups-2.3.0/config-scripts/cups-lspp.m4.lspp 2019-10-07 12:24:43.058597468 +0200
|
|
|
|
|
+++ cups-2.3.0/config-scripts/cups-lspp.m4 2019-10-07 12:24:43.058597468 +0200
|
|
|
|
|
@@ -0,0 +1,36 @@
|
|
|
|
|
+dnl
|
|
|
|
|
+dnl LSPP code for the Common UNIX Printing System (CUPS).
|
|
|
|
@ -40,7 +40,7 @@ index 0000000..55bd1bb
|
|
|
|
|
+AC_ARG_ENABLE(lspp, [ --enable-lspp turn on auditing and label support, default=no])
|
|
|
|
|
+
|
|
|
|
|
+if test x"$enable_lspp" != xno; then
|
|
|
|
|
+ case "$(uname)" in
|
|
|
|
|
+ case "$uname" in
|
|
|
|
|
+ Linux)
|
|
|
|
|
+ AC_CHECK_LIB(audit,audit_log_user_message, [LIBAUDIT="-laudit" AC_SUBST(LIBAUDIT)])
|
|
|
|
|
+ AC_CHECK_HEADER(libaudit.h)
|
|
|
|
@ -53,28 +53,10 @@ index 0000000..55bd1bb
|
|
|
|
|
+ ;;
|
|
|
|
|
+ esac
|
|
|
|
|
+fi
|
|
|
|
|
diff --git a/config.h.in b/config.h.in
|
|
|
|
|
index 6343e6d..1be3ca1 100644
|
|
|
|
|
--- a/config.h.in
|
|
|
|
|
+++ b/config.h.in
|
|
|
|
|
@@ -693,4 +693,12 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); }
|
|
|
|
|
# endif /* __GNUC__ || __STDC_VERSION__ */
|
|
|
|
|
#endif /* !HAVE_ABS && !abs */
|
|
|
|
|
|
|
|
|
|
+
|
|
|
|
|
+/*
|
|
|
|
|
+ * Are we trying to meet LSPP requirements?
|
|
|
|
|
+ */
|
|
|
|
|
+
|
|
|
|
|
+#undef WITH_LSPP
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
#endif /* !_CUPS_CONFIG_H_ */
|
|
|
|
|
diff --git a/configure.ac b/configure.ac
|
|
|
|
|
index 93a4b97..47587c9 100644
|
|
|
|
|
--- a/configure.ac
|
|
|
|
|
+++ b/configure.ac
|
|
|
|
|
@@ -35,6 +35,8 @@ sinclude(config-scripts/cups-dnssd.m4)
|
|
|
|
|
diff -up cups-2.3.0/configure.ac.lspp cups-2.3.0/configure.ac
|
|
|
|
|
--- cups-2.3.0/configure.ac.lspp 2019-10-07 12:24:43.058597468 +0200
|
|
|
|
|
+++ cups-2.3.0/configure.ac 2019-10-07 12:39:20.122546282 +0200
|
|
|
|
|
@@ -34,6 +34,8 @@ sinclude(config-scripts/cups-dnssd.m4)
|
|
|
|
|
sinclude(config-scripts/cups-startup.m4)
|
|
|
|
|
sinclude(config-scripts/cups-defaults.m4)
|
|
|
|
|
|
|
|
|
@ -83,10 +65,9 @@ index 93a4b97..47587c9 100644
|
|
|
|
|
INSTALL_LANGUAGES=""
|
|
|
|
|
UNINSTALL_LANGUAGES=""
|
|
|
|
|
LANGFILES=""
|
|
|
|
|
diff --git a/filter/common.c b/filter/common.c
|
|
|
|
|
index 672b7c8..f323abd 100644
|
|
|
|
|
--- a/filter/common.c
|
|
|
|
|
+++ b/filter/common.c
|
|
|
|
|
diff -up cups-2.3.0/filter/common.c.lspp cups-2.3.0/filter/common.c
|
|
|
|
|
--- cups-2.3.0/filter/common.c.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/filter/common.c 2019-10-07 12:24:43.059597461 +0200
|
|
|
|
|
@@ -11,6 +11,12 @@
|
|
|
|
|
* Include necessary headers...
|
|
|
|
|
*/
|
|
|
|
@ -100,7 +81,7 @@ index 672b7c8..f323abd 100644
|
|
|
|
|
#include "common.h"
|
|
|
|
|
#include <locale.h>
|
|
|
|
|
|
|
|
|
|
@@ -293,6 +299,18 @@ WriteLabelProlog(const char *label, /* I - Page label */
|
|
|
|
|
@@ -293,6 +299,18 @@ WriteLabelProlog(const char *label, /* I
|
|
|
|
|
{
|
|
|
|
|
const char *classification; /* CLASSIFICATION environment variable */
|
|
|
|
|
const char *ptr; /* Temporary string pointer */
|
|
|
|
@ -119,7 +100,7 @@ index 672b7c8..f323abd 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
@@ -315,6 +333,124 @@ WriteLabelProlog(const char *label, /* I - Page label */
|
|
|
|
|
@@ -315,6 +333,124 @@ WriteLabelProlog(const char *label, /* I
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -240,11 +221,11 @@ index 672b7c8..f323abd 100644
|
|
|
|
|
+ else
|
|
|
|
|
+ {
|
|
|
|
|
+#endif /* !WITH_LSPP */
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
/*
|
|
|
|
|
* Set the classification + page label string...
|
|
|
|
|
*/
|
|
|
|
|
@@ -395,7 +531,10 @@ WriteLabelProlog(const char *label, /* I - Page label */
|
|
|
|
|
@@ -395,7 +531,10 @@ WriteLabelProlog(const char *label, /* I
|
|
|
|
|
printf(" %.0f moveto ESPpl show\n", top - 14.0);
|
|
|
|
|
puts("pop");
|
|
|
|
|
puts("}bind put");
|
|
|
|
@ -255,11 +236,10 @@ index 672b7c8..f323abd 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
diff --git a/filter/pstops.c b/filter/pstops.c
|
|
|
|
|
index d251abb..8afff4a 100644
|
|
|
|
|
--- a/filter/pstops.c
|
|
|
|
|
+++ b/filter/pstops.c
|
|
|
|
|
@@ -3170,6 +3170,18 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */
|
|
|
|
|
diff -up cups-2.3.0/filter/pstops.c.lspp cups-2.3.0/filter/pstops.c
|
|
|
|
|
--- cups-2.3.0/filter/pstops.c.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/filter/pstops.c 2019-10-07 12:24:43.059597461 +0200
|
|
|
|
|
@@ -3170,6 +3170,18 @@ write_label_prolog(pstops_doc_t *doc, /*
|
|
|
|
|
{
|
|
|
|
|
const char *classification; /* CLASSIFICATION environment variable */
|
|
|
|
|
const char *ptr; /* Temporary string pointer */
|
|
|
|
@ -278,7 +258,7 @@ index d251abb..8afff4a 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
@@ -3192,6 +3204,124 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */
|
|
|
|
|
@@ -3192,6 +3204,124 @@ write_label_prolog(pstops_doc_t *doc, /*
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -403,7 +383,7 @@ index d251abb..8afff4a 100644
|
|
|
|
|
/*
|
|
|
|
|
* Set the classification + page label string...
|
|
|
|
|
*/
|
|
|
|
|
@@ -3270,7 +3400,10 @@ write_label_prolog(pstops_doc_t *doc, /* I - Document info */
|
|
|
|
|
@@ -3270,7 +3400,10 @@ write_label_prolog(pstops_doc_t *doc, /*
|
|
|
|
|
doc_printf(doc, " %.0f moveto ESPpl show\n", top - 14.0);
|
|
|
|
|
doc_puts(doc, "pop\n");
|
|
|
|
|
doc_puts(doc, "}bind put\n");
|
|
|
|
@ -414,10 +394,21 @@ index d251abb..8afff4a 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
diff --git a/scheduler/client.c b/scheduler/client.c
|
|
|
|
|
index cef4115..e186e4c 100644
|
|
|
|
|
--- a/scheduler/client.c
|
|
|
|
|
+++ b/scheduler/client.c
|
|
|
|
|
diff -up cups-2.3.0/Makedefs.in.lspp cups-2.3.0/Makedefs.in
|
|
|
|
|
--- cups-2.3.0/Makedefs.in.lspp 2019-10-07 12:24:43.059597461 +0200
|
|
|
|
|
+++ cups-2.3.0/Makedefs.in 2019-10-07 12:37:19.200565805 +0200
|
|
|
|
|
@@ -174,7 +174,7 @@ IPPFIND_MAN = @IPPFIND_MAN@
|
|
|
|
|
LDFLAGS = @LDFLAGS@
|
|
|
|
|
LINKCUPS = @LINKCUPS@
|
|
|
|
|
LINKCUPSSTATIC = ../cups/$(LIBCUPSSTATIC) $(LIBS)
|
|
|
|
|
-LIBS = $(LIBGSSAPI) $(DNSSDLIBS) $(SSLLIBS) $(LIBZ) $(COMMONLIBS)
|
|
|
|
|
+LIBS = $(LIBGSSAPI) $(DNSSDLIBS) $(SSLLIBS) $(LIBZ) $(COMMONLIBS) @LIBAUDIT@ @LIBSELINUX@
|
|
|
|
|
ONDEMANDFLAGS = @ONDEMANDFLAGS@
|
|
|
|
|
ONDEMANDLIBS = @ONDEMANDLIBS@
|
|
|
|
|
OPTIM = @OPTIM@
|
|
|
|
|
diff -up cups-2.3.0/scheduler/client.c.lspp cups-2.3.0/scheduler/client.c
|
|
|
|
|
--- cups-2.3.0/scheduler/client.c.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/client.c 2019-10-07 12:33:10.459693580 +0200
|
|
|
|
|
@@ -19,12 +19,20 @@
|
|
|
|
|
#define _HTTP_NO_PRIVATE
|
|
|
|
|
#include "cupsd.h"
|
|
|
|
@ -439,7 +430,7 @@ index cef4115..e186e4c 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
@@ -263,6 +271,59 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */
|
|
|
|
|
@@ -265,6 +273,59 @@ cupsdAcceptClient(cupsd_listener_t *lis)
|
|
|
|
|
}
|
|
|
|
|
#endif /* HAVE_TCPD_H */
|
|
|
|
|
|
|
|
|
@ -473,7 +464,7 @@ index cef4115..e186e4c 100644
|
|
|
|
|
+ httpClose(con->http);
|
|
|
|
|
+ cupsdLogClient(con, CUPSD_LOG_ERROR, "getsockopt() failed");
|
|
|
|
|
+ free(con);
|
|
|
|
|
+ return;
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ /*
|
|
|
|
@ -484,7 +475,7 @@ index cef4115..e186e4c 100644
|
|
|
|
|
+ httpClose(con->http);
|
|
|
|
|
+ cupsdLogClient(con, CUPSD_LOG_ERROR, "getpeercon() failed");
|
|
|
|
|
+ free(con);
|
|
|
|
|
+ return;
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ cupsdLogClient(con, CUPSD_LOG_INFO, "client context=%s", con->scon);
|
|
|
|
@ -499,19 +490,7 @@ index cef4115..e186e4c 100644
|
|
|
|
|
#ifdef AF_LOCAL
|
|
|
|
|
if (httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL)
|
|
|
|
|
{
|
|
|
|
|
@@ -517,6 +578,11 @@ cupsdCloseClient(cupsd_client_t *con) /* I - Client to close */
|
|
|
|
|
}
|
|
|
|
|
#endif /* HAVE_AUTHORIZATION_H */
|
|
|
|
|
|
|
|
|
|
+#ifdef WITH_LSPP
|
|
|
|
|
+ if (con->scon)
|
|
|
|
|
+ cupsdClearString(&con->scon);
|
|
|
|
|
+#endif /* WITH_LSPP */
|
|
|
|
|
+
|
|
|
|
|
/*
|
|
|
|
|
* Re-enable new client connections if we are going back under the
|
|
|
|
|
* limit...
|
|
|
|
|
@@ -556,6 +622,13 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */
|
|
|
|
|
@@ -558,6 +619,13 @@ cupsdReadClient(cupsd_client_t *con) /*
|
|
|
|
|
struct stat filestats; /* File information */
|
|
|
|
|
mime_type_t *type; /* MIME type of file */
|
|
|
|
|
static unsigned request_id = 0; /* Request ID for temp files */
|
|
|
|
@ -525,10 +504,10 @@ index cef4115..e186e4c 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
status = HTTP_STATUS_CONTINUE;
|
|
|
|
|
@@ -1675,7 +1748,73 @@ cupsdReadClient(cupsd_client_t *con) /* I - Client to read from */
|
|
|
|
|
fchmod(con->file, 0640);
|
|
|
|
|
fchown(con->file, RunUser, Group);
|
|
|
|
|
@@ -1679,6 +1747,73 @@ cupsdReadClient(cupsd_client_t *con) /*
|
|
|
|
|
fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
+#ifdef WITH_LSPP
|
|
|
|
|
+ if (strncmp(con->scon, UNKNOWN_SL, strlen(UNKNOWN_SL)) != 0)
|
|
|
|
|
+ {
|
|
|
|
@ -589,17 +568,17 @@ index cef4115..e186e4c 100644
|
|
|
|
|
+ cupsdCloseClient(con);
|
|
|
|
|
+ return;
|
|
|
|
|
+ }
|
|
|
|
|
+ cupsdLogClient(con, CUPSD_LOG_DEBUG2, "%s set to %s",
|
|
|
|
|
+ cupsdLogClient(con, CUPSD_LOG_DEBUG2, "%s set to %s",
|
|
|
|
|
+ con->filename, context_str(tmpcon));
|
|
|
|
|
+ context_free(tmpcon);
|
|
|
|
|
+ context_free(clicon);
|
|
|
|
|
}
|
|
|
|
|
+ }
|
|
|
|
|
+#endif /* WITH_LSPP */
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
|
|
+
|
|
|
|
|
if (httpGetState(con->http) != HTTP_STATE_POST_SEND)
|
|
|
|
|
{
|
|
|
|
|
@@ -3173,6 +3312,49 @@ is_path_absolute(const char *path) /* I - Input path */
|
|
|
|
|
if (!httpWait(con->http, 0))
|
|
|
|
|
@@ -3174,6 +3309,49 @@ is_path_absolute(const char *path) /* I
|
|
|
|
|
return (1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -649,10 +628,9 @@ index cef4115..e186e4c 100644
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* 'pipe_command()' - Pipe the output of a command to the remote client.
|
|
|
|
|
diff --git a/scheduler/client.h b/scheduler/client.h
|
|
|
|
|
index fc7af54..c665d0c 100644
|
|
|
|
|
--- a/scheduler/client.h
|
|
|
|
|
+++ b/scheduler/client.h
|
|
|
|
|
diff -up cups-2.3.0/scheduler/client.h.lspp cups-2.3.0/scheduler/client.h
|
|
|
|
|
--- cups-2.3.0/scheduler/client.h.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/client.h 2019-10-07 12:24:43.113597079 +0200
|
|
|
|
|
@@ -13,6 +13,13 @@
|
|
|
|
|
#endif /* HAVE_AUTHORIZATION_H */
|
|
|
|
|
|
|
|
|
@ -678,21 +656,19 @@ index fc7af54..c665d0c 100644
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#define HTTP(con) ((con)->http)
|
|
|
|
|
@@ -137,6 +148,10 @@ extern void cupsdStopListening(void);
|
|
|
|
|
@@ -136,6 +147,9 @@ extern void cupsdStartListening(void);
|
|
|
|
|
extern void cupsdStopListening(void);
|
|
|
|
|
extern void cupsdUpdateCGI(void);
|
|
|
|
|
extern void cupsdWriteClient(cupsd_client_t *con);
|
|
|
|
|
|
|
|
|
|
+#ifdef WITH_LSPP
|
|
|
|
|
+extern uid_t client_pid_to_auid(pid_t clipid);
|
|
|
|
|
+#endif /* WITH_LSPP */
|
|
|
|
|
+
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_SSL
|
|
|
|
|
extern int cupsdEndTLS(cupsd_client_t *con);
|
|
|
|
|
extern int cupsdStartTLS(cupsd_client_t *con);
|
|
|
|
|
diff --git a/scheduler/conf.c b/scheduler/conf.c
|
|
|
|
|
index 21386cd..a52e9a6 100644
|
|
|
|
|
--- a/scheduler/conf.c
|
|
|
|
|
+++ b/scheduler/conf.c
|
|
|
|
|
diff -up cups-2.3.0/scheduler/conf.c.lspp cups-2.3.0/scheduler/conf.c
|
|
|
|
|
--- cups-2.3.0/scheduler/conf.c.lspp 2019-10-07 12:24:43.049597531 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/conf.c 2019-10-07 12:24:43.113597079 +0200
|
|
|
|
|
@@ -37,6 +37,9 @@
|
|
|
|
|
# define INADDR_NONE 0xffffffff
|
|
|
|
|
#endif /* !INADDR_NONE */
|
|
|
|
@ -724,7 +700,7 @@ index 21386cd..a52e9a6 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
@@ -877,6 +887,25 @@ cupsdReadConfiguration(void)
|
|
|
|
|
@@ -864,6 +874,25 @@ cupsdReadConfiguration(void)
|
|
|
|
|
|
|
|
|
|
RunUser = getuid();
|
|
|
|
|
|
|
|
|
@ -750,7 +726,7 @@ index 21386cd..a52e9a6 100644
|
|
|
|
|
cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.",
|
|
|
|
|
RemotePort ? "enabled" : "disabled");
|
|
|
|
|
|
|
|
|
|
@@ -1269,7 +1298,19 @@ cupsdReadConfiguration(void)
|
|
|
|
|
@@ -1275,7 +1304,19 @@ cupsdReadConfiguration(void)
|
|
|
|
|
cupsdClearString(&Classification);
|
|
|
|
|
|
|
|
|
|
if (Classification)
|
|
|
|
@ -770,7 +746,7 @@ index 21386cd..a52e9a6 100644
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Check the MaxClients setting, and then allocate memory for it...
|
|
|
|
|
@@ -3857,6 +3898,18 @@ read_location(cups_file_t *fp, /* I - Configuration file */
|
|
|
|
|
@@ -3830,6 +3871,18 @@ read_location(cups_file_t *fp, /* I - C
|
|
|
|
|
return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -789,11 +765,10 @@ index 21386cd..a52e9a6 100644
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* 'read_policy()' - Read a <Policy name> definition.
|
|
|
|
|
diff --git a/scheduler/conf.h b/scheduler/conf.h
|
|
|
|
|
index 7d5eb40..3c27828 100644
|
|
|
|
|
--- a/scheduler/conf.h
|
|
|
|
|
+++ b/scheduler/conf.h
|
|
|
|
|
@@ -245,6 +245,13 @@ VAR char *ServerKeychain VALUE(NULL);
|
|
|
|
|
diff -up cups-2.3.0/scheduler/conf.h.lspp cups-2.3.0/scheduler/conf.h
|
|
|
|
|
--- cups-2.3.0/scheduler/conf.h.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/conf.h 2019-10-07 12:24:43.113597079 +0200
|
|
|
|
|
@@ -243,6 +243,13 @@ VAR char *ServerKeychain VALUE(NULL);
|
|
|
|
|
/* Keychain holding cert + key */
|
|
|
|
|
#endif /* HAVE_SSL */
|
|
|
|
|
|
|
|
|
@ -807,7 +782,7 @@ index 7d5eb40..3c27828 100644
|
|
|
|
|
#ifdef HAVE_ONDEMAND
|
|
|
|
|
VAR int IdleExitTimeout VALUE(60);
|
|
|
|
|
/* Time after which an idle cupsd will exit */
|
|
|
|
|
@@ -263,6 +270,9 @@ VAR int HaveServerCreds VALUE(0);
|
|
|
|
|
@@ -261,6 +268,9 @@ VAR int HaveServerCreds VALUE(0);
|
|
|
|
|
VAR gss_cred_id_t ServerCreds; /* Server's GSS credentials */
|
|
|
|
|
#endif /* HAVE_GSSAPI */
|
|
|
|
|
|
|
|
|
@ -817,10 +792,9 @@ index 7d5eb40..3c27828 100644
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Prototypes...
|
|
|
|
|
diff --git a/scheduler/cupsd.h b/scheduler/cupsd.h
|
|
|
|
|
index bc1350e..64d57d1 100644
|
|
|
|
|
--- a/scheduler/cupsd.h
|
|
|
|
|
+++ b/scheduler/cupsd.h
|
|
|
|
|
diff -up cups-2.3.0/scheduler/cupsd.h.lspp cups-2.3.0/scheduler/cupsd.h
|
|
|
|
|
--- cups-2.3.0/scheduler/cupsd.h.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/cupsd.h 2019-10-07 12:31:38.458480578 +0200
|
|
|
|
|
@@ -8,6 +8,8 @@
|
|
|
|
|
* information.
|
|
|
|
|
*/
|
|
|
|
@ -845,11 +819,10 @@ index bc1350e..64d57d1 100644
|
|
|
|
|
#include "mime.h"
|
|
|
|
|
|
|
|
|
|
#if defined(HAVE_CDSASSL)
|
|
|
|
|
diff --git a/scheduler/ipp.c b/scheduler/ipp.c
|
|
|
|
|
index 19d6608..728d164 100644
|
|
|
|
|
--- a/scheduler/ipp.c
|
|
|
|
|
+++ b/scheduler/ipp.c
|
|
|
|
|
@@ -12,6 +12,9 @@
|
|
|
|
|
diff -up cups-2.3.0/scheduler/ipp.c.lspp cups-2.3.0/scheduler/ipp.c
|
|
|
|
|
--- cups-2.3.0/scheduler/ipp.c.lspp 2019-10-07 12:24:43.016597764 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/ipp.c 2019-10-07 12:31:01.243798920 +0200
|
|
|
|
|
@@ -11,6 +11,9 @@
|
|
|
|
|
* information.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
@ -859,7 +832,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
/*
|
|
|
|
|
* Include necessary headers...
|
|
|
|
|
*/
|
|
|
|
|
@@ -28,6 +31,12 @@ extern int mbr_group_name_to_uuid(const char* name, uuid_t uu);
|
|
|
|
|
@@ -27,6 +30,14 @@ extern int mbr_group_name_to_uuid(const
|
|
|
|
|
extern int mbr_check_membership_by_id(uuid_t user, gid_t group, int* ismember);
|
|
|
|
|
#endif /* __APPLE__ */
|
|
|
|
|
|
|
|
|
@ -868,11 +841,13 @@ index 19d6608..728d164 100644
|
|
|
|
|
+#include <selinux/selinux.h>
|
|
|
|
|
+#include <selinux/context.h>
|
|
|
|
|
+#include <selinux/avc.h>
|
|
|
|
|
+#include <selinux/flask.h>
|
|
|
|
|
+#include <selinux/av_permissions.h>
|
|
|
|
|
+#endif /* WITH_LSPP */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Local functions...
|
|
|
|
|
@@ -52,6 +61,9 @@ static void cancel_all_jobs(cupsd_client_t *con, ipp_attribute_t *uri);
|
|
|
|
|
@@ -51,6 +62,9 @@ static void cancel_all_jobs(cupsd_client
|
|
|
|
|
static void cancel_job(cupsd_client_t *con, ipp_attribute_t *uri);
|
|
|
|
|
static void cancel_subscription(cupsd_client_t *con, int id);
|
|
|
|
|
static int check_rss_recipient(const char *recipient);
|
|
|
|
@ -882,7 +857,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
static int check_quotas(cupsd_client_t *con, cupsd_printer_t *p);
|
|
|
|
|
static void close_job(cupsd_client_t *con, ipp_attribute_t *uri);
|
|
|
|
|
static void copy_attrs(ipp_t *to, ipp_t *from, cups_array_t *ra,
|
|
|
|
|
@@ -1241,6 +1253,21 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1240,6 +1254,21 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
"time-at-creation",
|
|
|
|
|
"time-at-processing"
|
|
|
|
|
};
|
|
|
|
@ -904,7 +879,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
cupsdLogMessage(CUPSD_LOG_DEBUG2, "add_job(%p[%d], %p(%s), %p(%s/%s))",
|
|
|
|
|
@@ -1569,6 +1596,106 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1568,6 +1597,106 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
|
|
|
|
|
attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME);
|
|
|
|
|
|
|
|
|
@ -941,18 +916,18 @@ index 19d6608..728d164 100644
|
|
|
|
|
+ /*
|
|
|
|
|
+ * The printer does not exist, so for now assume it's a FileDevice
|
|
|
|
|
+ */
|
|
|
|
|
+ tclass = string_to_security_class("file");
|
|
|
|
|
+ avr = string_to_av_perm(tclass, "write");
|
|
|
|
|
+ tclass = SECCLASS_FILE;
|
|
|
|
|
+ avr = FILE__WRITE;
|
|
|
|
|
+ }
|
|
|
|
|
+ else if (S_ISCHR(printerstat.st_mode))
|
|
|
|
|
+ {
|
|
|
|
|
+ tclass = string_to_security_class("chr_file");
|
|
|
|
|
+ avr = string_to_av_perm(tclass, "write");
|
|
|
|
|
+ tclass = SECCLASS_CHR_FILE;
|
|
|
|
|
+ avr = CHR_FILE__WRITE;
|
|
|
|
|
+ }
|
|
|
|
|
+ else if (S_ISREG(printerstat.st_mode))
|
|
|
|
|
+ {
|
|
|
|
|
+ tclass = string_to_security_class("file");
|
|
|
|
|
+ avr = string_to_av_perm(tclass, "write");
|
|
|
|
|
+ tclass = SECCLASS_FILE;
|
|
|
|
|
+ avr = FILE__WRITE;
|
|
|
|
|
+ }
|
|
|
|
|
+ else
|
|
|
|
|
+ {
|
|
|
|
@ -1011,7 +986,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
if ((job = cupsdAddJob(priority, printer->name)) == NULL)
|
|
|
|
|
{
|
|
|
|
|
send_ipp_status(con, IPP_INTERNAL_ERROR,
|
|
|
|
|
@@ -1577,6 +1704,32 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1576,6 +1705,32 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
return (NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -1044,7 +1019,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
job->dtype = printer->type & (CUPS_PRINTER_CLASS | CUPS_PRINTER_REMOTE);
|
|
|
|
|
job->attrs = con->request;
|
|
|
|
|
job->dirty = 1;
|
|
|
|
|
@@ -1764,6 +1917,29 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1763,6 +1918,29 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
ippSetString(job->attrs, &attr, 0, printer->job_sheets[0]);
|
|
|
|
|
ippSetString(job->attrs, &attr, 1, printer->job_sheets[1]);
|
|
|
|
|
}
|
|
|
|
@ -1074,7 +1049,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
|
|
|
|
|
job->job_sheets = attr;
|
|
|
|
|
|
|
|
|
|
@@ -1794,6 +1970,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1793,6 +1971,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
"job-sheets=\"%s,none\", "
|
|
|
|
|
"job-originating-user-name=\"%s\"",
|
|
|
|
|
Classification, job->username);
|
|
|
|
@ -1084,7 +1059,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
}
|
|
|
|
|
else if (attr->num_values == 2 &&
|
|
|
|
|
strcmp(attr->values[0].string.text,
|
|
|
|
|
@@ -1812,6 +1991,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1811,6 +1992,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
"job-originating-user-name=\"%s\"",
|
|
|
|
|
attr->values[0].string.text,
|
|
|
|
|
attr->values[1].string.text, job->username);
|
|
|
|
@ -1094,7 +1069,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
}
|
|
|
|
|
else if (strcmp(attr->values[0].string.text, Classification) &&
|
|
|
|
|
strcmp(attr->values[0].string.text, "none") &&
|
|
|
|
|
@@ -1832,6 +2014,9 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1831,6 +2015,9 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
"job-originating-user-name=\"%s\"",
|
|
|
|
|
attr->values[0].string.text,
|
|
|
|
|
attr->values[1].string.text, job->username);
|
|
|
|
@ -1104,7 +1079,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (strcmp(attr->values[0].string.text, Classification) &&
|
|
|
|
|
@@ -1872,9 +2057,55 @@ add_job(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -1871,8 +2058,52 @@ add_job(cupsd_client_t *con, /* I - Cl
|
|
|
|
|
"job-sheets=\"%s\", "
|
|
|
|
|
"job-originating-user-name=\"%s\"",
|
|
|
|
|
Classification, job->username);
|
|
|
|
@ -1146,21 +1121,18 @@ index 19d6608..728d164 100644
|
|
|
|
|
+ cupsdClearString(&audit_message);
|
|
|
|
|
+ }
|
|
|
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+ if (userheader)
|
|
|
|
|
+ free(userheader);
|
|
|
|
|
+ if (userfooter)
|
|
|
|
|
+ free(userfooter);
|
|
|
|
|
+#endif /* WITH_LSPP */
|
|
|
|
|
}
|
|
|
|
|
+
|
|
|
|
|
|
|
|
|
|
+#ifdef WITH_LSPP
|
|
|
|
|
+ if (userheader)
|
|
|
|
|
+ free(userheader);
|
|
|
|
|
+ if (userfooter)
|
|
|
|
|
+ free(userfooter);
|
|
|
|
|
+#endif /* WITH_LSPP */
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
/*
|
|
|
|
|
* See if we need to add the starting sheet...
|
|
|
|
|
*/
|
|
|
|
|
@@ -3649,6 +3880,128 @@ check_rss_recipient(
|
|
|
|
|
@@ -3648,6 +3879,128 @@ check_rss_recipient(
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -1215,8 +1187,8 @@ index 19d6608..728d164 100644
|
|
|
|
|
+ {
|
|
|
|
|
+ cupsdLogJob(job, CUPSD_LOG_ERROR, "check_context: unable avc_init");
|
|
|
|
|
+ return -1;
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ if (avc_context_to_sid(con->scon, &clisid) != 0)
|
|
|
|
|
+ {
|
|
|
|
|
+ cupsdLogJob(job, CUPSD_LOG_ERROR,
|
|
|
|
@ -1232,8 +1204,8 @@ index 19d6608..728d164 100644
|
|
|
|
|
+ return -1;
|
|
|
|
|
+ }
|
|
|
|
|
+ avc_entry_ref_init(&avcref);
|
|
|
|
|
+ tclass = string_to_security_class("file");
|
|
|
|
|
+ avr = string_to_av_perm(tclass, "read");
|
|
|
|
|
+ tclass = SECCLASS_FILE;
|
|
|
|
|
+ avr = FILE__READ;
|
|
|
|
|
+
|
|
|
|
|
+ /*
|
|
|
|
|
+ * Perform the check with the client as the subject, first with the job as the object
|
|
|
|
@ -1289,7 +1261,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
/*
|
|
|
|
|
* 'check_quotas()' - Check quotas for a printer and user.
|
|
|
|
|
*/
|
|
|
|
|
@@ -4104,6 +4457,15 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -4103,6 +4456,15 @@ copy_banner(cupsd_client_t *con, /* I -
|
|
|
|
|
char attrname[255], /* Name of attribute */
|
|
|
|
|
*s; /* Pointer into name */
|
|
|
|
|
ipp_attribute_t *attr; /* Attribute */
|
|
|
|
@ -1305,7 +1277,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
cupsdLogMessage(CUPSD_LOG_DEBUG2,
|
|
|
|
|
@@ -4139,6 +4501,85 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -4138,6 +4500,85 @@ copy_banner(cupsd_client_t *con, /* I -
|
|
|
|
|
|
|
|
|
|
fchmod(cupsFileNumber(out), 0640);
|
|
|
|
|
fchown(cupsFileNumber(out), RunUser, Group);
|
|
|
|
@ -1391,7 +1363,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Try the localized banner file under the subdirectory...
|
|
|
|
|
@@ -4233,6 +4674,24 @@ copy_banner(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -4232,6 +4673,24 @@ copy_banner(cupsd_client_t *con, /* I -
|
|
|
|
|
else
|
|
|
|
|
s = attrname;
|
|
|
|
|
|
|
|
|
@ -1416,7 +1388,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
if (!strcmp(s, "printer-name"))
|
|
|
|
|
{
|
|
|
|
|
cupsFilePuts(out, job->dest);
|
|
|
|
|
@@ -6443,6 +6902,22 @@ get_job_attrs(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -6439,6 +6898,22 @@ get_job_attrs(cupsd_client_t *con, /* I
|
|
|
|
|
|
|
|
|
|
exclude = cupsdGetPrivateAttrs(policy, con, printer, job->username);
|
|
|
|
|
|
|
|
|
@ -1439,7 +1411,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
/*
|
|
|
|
|
* Copy attributes...
|
|
|
|
|
*/
|
|
|
|
|
@@ -6840,6 +7315,11 @@ get_jobs(cupsd_client_t *con, /* I - Client connection */
|
|
|
|
|
@@ -6836,6 +7311,11 @@ get_jobs(cupsd_client_t *con, /* I - C
|
|
|
|
|
if (username[0] && _cups_strcasecmp(username, job->username))
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
@ -1451,7 +1423,7 @@ index 19d6608..728d164 100644
|
|
|
|
|
if (count > 0)
|
|
|
|
|
ippAddSeparator(con->response);
|
|
|
|
|
|
|
|
|
|
@@ -11441,6 +11921,11 @@ validate_user(cupsd_job_t *job, /* I - Job */
|
|
|
|
|
@@ -11445,6 +11925,11 @@ validate_user(cupsd_job_t *job, /* I
|
|
|
|
|
|
|
|
|
|
strlcpy(username, get_username(con), userlen);
|
|
|
|
|
|
|
|
|
@ -1463,10 +1435,9 @@ index 19d6608..728d164 100644
|
|
|
|
|
/*
|
|
|
|
|
* Check the username against the owner...
|
|
|
|
|
*/
|
|
|
|
|
diff --git a/scheduler/job.c b/scheduler/job.c
|
|
|
|
|
index 834e170..dbc64c3 100644
|
|
|
|
|
--- a/scheduler/job.c
|
|
|
|
|
+++ b/scheduler/job.c
|
|
|
|
|
diff -up cups-2.3.0/scheduler/job.c.lspp cups-2.3.0/scheduler/job.c
|
|
|
|
|
--- cups-2.3.0/scheduler/job.c.lspp 2019-10-07 12:24:43.024597707 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/job.c 2019-10-07 12:30:13.092210820 +0200
|
|
|
|
|
@@ -8,6 +8,9 @@
|
|
|
|
|
* information.
|
|
|
|
|
*/
|
|
|
|
@ -1477,7 +1448,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
/*
|
|
|
|
|
* Include necessary headers...
|
|
|
|
|
*/
|
|
|
|
|
@@ -23,6 +26,12 @@
|
|
|
|
|
@@ -23,6 +26,14 @@
|
|
|
|
|
# endif /* HAVE_IOKIT_PWR_MGT_IOPMLIBPRIVATE_H */
|
|
|
|
|
#endif /* __APPLE__ */
|
|
|
|
|
|
|
|
|
@ -1486,11 +1457,13 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
+#include <selinux/selinux.h>
|
|
|
|
|
+#include <selinux/context.h>
|
|
|
|
|
+#include <selinux/avc.h>
|
|
|
|
|
+#include <selinux/flask.h>
|
|
|
|
|
+#include <selinux/av_permissions.h>
|
|
|
|
|
+#endif /* WITH_LSPP */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Design Notes for Job Management
|
|
|
|
|
@@ -545,6 +554,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */
|
|
|
|
|
@@ -544,6 +555,14 @@ cupsdContinueJob(cupsd_job_t *job) /* I
|
|
|
|
|
/* PRINTER_STATE_REASONS env var */
|
|
|
|
|
rip_max_cache[255];
|
|
|
|
|
/* RIP_MAX_CACHE env variable */
|
|
|
|
@ -1505,7 +1478,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
cupsdLogMessage(CUPSD_LOG_DEBUG2,
|
|
|
|
|
@@ -1066,6 +1083,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */
|
|
|
|
|
@@ -1080,6 +1099,67 @@ cupsdContinueJob(cupsd_job_t *job) /* I
|
|
|
|
|
if (final_content_type[0])
|
|
|
|
|
envp[envc ++] = final_content_type;
|
|
|
|
|
|
|
|
|
@ -1524,7 +1497,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
+ cupsdClearString(&audit_message);
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ else
|
|
|
|
|
+ else
|
|
|
|
|
+ {
|
|
|
|
|
+ jobcon = context_new(job->scon);
|
|
|
|
|
+
|
|
|
|
@ -1573,19 +1546,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
if (Classification && !banner_page)
|
|
|
|
|
{
|
|
|
|
|
if ((attr = ippFindAttribute(job->attrs, "job-sheets",
|
|
|
|
|
@@ -1400,6 +1478,11 @@ cupsdDeleteJob(cupsd_job_t *job, /* I - Job */
|
|
|
|
|
|
|
|
|
|
cupsdClearString(&job->username);
|
|
|
|
|
cupsdClearString(&job->dest);
|
|
|
|
|
+
|
|
|
|
|
+#ifdef WITH_LSPP
|
|
|
|
|
+ cupsdClearString(&job->scon);
|
|
|
|
|
+#endif
|
|
|
|
|
+
|
|
|
|
|
for (i = 0;
|
|
|
|
|
i < (int)(sizeof(job->auth_env) / sizeof(job->auth_env[0]));
|
|
|
|
|
i ++)
|
|
|
|
|
@@ -1844,6 +1927,22 @@ cupsdLoadJob(cupsd_job_t *job) /* I - Job */
|
|
|
|
|
@@ -1858,6 +1938,22 @@ cupsdLoadJob(cupsd_job_t *job) /* I - J
|
|
|
|
|
ippSetString(job->attrs, &job->reasons, 0, "none");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -1608,7 +1569,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
job->impressions = ippFindAttribute(job->attrs, "job-impressions-completed", IPP_TAG_INTEGER);
|
|
|
|
|
job->sheets = ippFindAttribute(job->attrs, "job-media-sheets-completed", IPP_TAG_INTEGER);
|
|
|
|
|
job->job_sheets = ippFindAttribute(job->attrs, "job-sheets", IPP_TAG_NAME);
|
|
|
|
|
@@ -2259,6 +2358,14 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */
|
|
|
|
|
@@ -2273,6 +2369,14 @@ cupsdSaveJob(cupsd_job_t *job) /* I - J
|
|
|
|
|
{
|
|
|
|
|
char filename[1024]; /* Job control filename */
|
|
|
|
|
cups_file_t *fp; /* Job file */
|
|
|
|
@ -1623,7 +1584,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdSaveJob(job=%p(%d)): job->attrs=%p",
|
|
|
|
|
@@ -2281,6 +2388,78 @@ cupsdSaveJob(cupsd_job_t *job) /* I - Job */
|
|
|
|
|
@@ -2295,6 +2399,78 @@ cupsdSaveJob(cupsd_job_t *job) /* I - J
|
|
|
|
|
|
|
|
|
|
fchown(cupsFileNumber(fp), RunUser, Group);
|
|
|
|
|
|
|
|
|
@ -1702,7 +1663,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
job->attrs->state = IPP_IDLE;
|
|
|
|
|
|
|
|
|
|
if (ippWriteIO(fp, (ipp_iocb_t)cupsFileWrite, 1, NULL,
|
|
|
|
|
@@ -3981,6 +4160,19 @@ get_options(cupsd_job_t *job, /* I - Job */
|
|
|
|
|
@@ -3995,6 +4171,19 @@ get_options(cupsd_job_t *job, /* I - Jo
|
|
|
|
|
banner_page)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
@ -1722,7 +1683,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
/*
|
|
|
|
|
* Otherwise add them to the list...
|
|
|
|
|
*/
|
|
|
|
|
@@ -4791,6 +4983,18 @@ start_job(cupsd_job_t *job, /* I - Job ID */
|
|
|
|
|
@@ -4805,6 +4994,18 @@ start_job(cupsd_job_t *job, /* I -
|
|
|
|
|
cupsd_printer_t *printer) /* I - Printer to print job */
|
|
|
|
|
{
|
|
|
|
|
const char *filename; /* Support filename */
|
|
|
|
@ -1741,7 +1702,7 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
ipp_attribute_t *cancel_after = ippFindAttribute(job->attrs,
|
|
|
|
|
"job-cancel-after",
|
|
|
|
|
IPP_TAG_INTEGER);
|
|
|
|
|
@@ -4979,6 +5183,113 @@ start_job(cupsd_job_t *job, /* I - Job ID */
|
|
|
|
|
@@ -4993,6 +5194,113 @@ start_job(cupsd_job_t *job, /* I -
|
|
|
|
|
fcntl(job->side_pipes[1], F_SETFD,
|
|
|
|
|
fcntl(job->side_pipes[1], F_GETFD) | FD_CLOEXEC);
|
|
|
|
|
|
|
|
|
@ -1772,18 +1733,18 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
+ /*
|
|
|
|
|
+ * The printer does not exist, so for now assume it's a FileDevice
|
|
|
|
|
+ */
|
|
|
|
|
+ tclass = string_to_security_class("file");
|
|
|
|
|
+ avr = string_to_av_perm(tclass, "write");
|
|
|
|
|
+ tclass = SECCLASS_FILE;
|
|
|
|
|
+ avr = FILE__WRITE;
|
|
|
|
|
+ }
|
|
|
|
|
+ else if (S_ISCHR(printerstat.st_mode))
|
|
|
|
|
+ {
|
|
|
|
|
+ tclass = string_to_security_class("chr_file");
|
|
|
|
|
+ avr = string_to_av_perm(tclass, "write");
|
|
|
|
|
+ tclass = SECCLASS_CHR_FILE;
|
|
|
|
|
+ avr = CHR_FILE__WRITE;
|
|
|
|
|
+ }
|
|
|
|
|
+ else if (S_ISREG(printerstat.st_mode))
|
|
|
|
|
+ {
|
|
|
|
|
+ tclass = string_to_security_class("file");
|
|
|
|
|
+ avr = string_to_av_perm(tclass, "write");
|
|
|
|
|
+ tclass = SECCLASS_FILE;
|
|
|
|
|
+ avr = FILE__WRITE;
|
|
|
|
|
+ }
|
|
|
|
|
+ else
|
|
|
|
|
+ {
|
|
|
|
@ -1855,10 +1816,9 @@ index 834e170..dbc64c3 100644
|
|
|
|
|
/*
|
|
|
|
|
* Now start the first file in the job...
|
|
|
|
|
*/
|
|
|
|
|
diff --git a/scheduler/job.h b/scheduler/job.h
|
|
|
|
|
index 2400ea9..cc05450 100644
|
|
|
|
|
--- a/scheduler/job.h
|
|
|
|
|
+++ b/scheduler/job.h
|
|
|
|
|
diff -up cups-2.3.0/scheduler/job.h.lspp cups-2.3.0/scheduler/job.h
|
|
|
|
|
--- cups-2.3.0/scheduler/job.h.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/job.h 2019-10-07 12:29:54.364371023 +0200
|
|
|
|
|
@@ -7,6 +7,13 @@
|
|
|
|
|
* Licensed under Apache License v2.0. See the file "LICENSE" for more information.
|
|
|
|
|
*/
|
|
|
|
@ -1873,7 +1833,7 @@ index 2400ea9..cc05450 100644
|
|
|
|
|
/*
|
|
|
|
|
* Constants...
|
|
|
|
|
*/
|
|
|
|
|
@@ -84,6 +91,10 @@ struct cupsd_job_s /**** Job request ****/
|
|
|
|
|
@@ -84,6 +91,10 @@ struct cupsd_job_s /**** Job request *
|
|
|
|
|
int progress; /* Printing progress */
|
|
|
|
|
int num_keywords; /* Number of PPD keywords */
|
|
|
|
|
cups_option_t *keywords; /* PPD keywords */
|
|
|
|
@ -1884,10 +1844,9 @@ index 2400ea9..cc05450 100644
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
typedef struct cupsd_joblog_s /**** Job log message ****/
|
|
|
|
|
diff --git a/scheduler/main.c b/scheduler/main.c
|
|
|
|
|
index 47968e6..2802625 100644
|
|
|
|
|
--- a/scheduler/main.c
|
|
|
|
|
+++ b/scheduler/main.c
|
|
|
|
|
diff -up cups-2.3.0/scheduler/main.c.lspp cups-2.3.0/scheduler/main.c
|
|
|
|
|
--- cups-2.3.0/scheduler/main.c.lspp 2019-10-07 12:24:43.037597616 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/main.c 2019-10-07 12:24:43.119597037 +0200
|
|
|
|
|
@@ -57,6 +57,9 @@
|
|
|
|
|
# include <sys/param.h>
|
|
|
|
|
#endif /* HAVE_SYS_PARAM_H */
|
|
|
|
@ -1898,7 +1857,7 @@ index 47968e6..2802625 100644
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Local functions...
|
|
|
|
|
@@ -123,6 +126,9 @@ main(int argc, /* I - Number of command-line args */
|
|
|
|
|
@@ -123,6 +126,9 @@ main(int argc, /* I - Number of comm
|
|
|
|
|
#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
|
|
|
|
|
struct sigaction action; /* Actions for POSIX signals */
|
|
|
|
|
#endif /* HAVE_SIGACTION && !HAVE_SIGSET */
|
|
|
|
@ -1908,7 +1867,7 @@ index 47968e6..2802625 100644
|
|
|
|
|
#ifdef __APPLE__
|
|
|
|
|
int use_sysman = 1; /* Use system management functions? */
|
|
|
|
|
#else
|
|
|
|
|
@@ -495,6 +501,25 @@ main(int argc, /* I - Number of command-line args */
|
|
|
|
|
@@ -495,6 +501,25 @@ main(int argc, /* I - Number of comm
|
|
|
|
|
exit(errno);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -1934,7 +1893,7 @@ index 47968e6..2802625 100644
|
|
|
|
|
/*
|
|
|
|
|
* Let the system know we are busy while we bring up cupsd...
|
|
|
|
|
*/
|
|
|
|
|
@@ -1204,6 +1229,11 @@ main(int argc, /* I - Number of command-line args */
|
|
|
|
|
@@ -1201,6 +1226,11 @@ main(int argc, /* I - Number of comm
|
|
|
|
|
|
|
|
|
|
cupsdStopSelect();
|
|
|
|
|
|
|
|
|
@ -1946,11 +1905,10 @@ index 47968e6..2802625 100644
|
|
|
|
|
return (!stop_scheduler);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
diff --git a/scheduler/printers.c b/scheduler/printers.c
|
|
|
|
|
index 234d441..248bdba 100644
|
|
|
|
|
--- a/scheduler/printers.c
|
|
|
|
|
+++ b/scheduler/printers.c
|
|
|
|
|
@@ -9,6 +9,8 @@
|
|
|
|
|
diff -up cups-2.3.0/scheduler/printers.c.lspp cups-2.3.0/scheduler/printers.c
|
|
|
|
|
--- cups-2.3.0/scheduler/printers.c.lspp 2019-08-23 17:19:38.000000000 +0200
|
|
|
|
|
+++ cups-2.3.0/scheduler/printers.c 2019-10-07 12:29:17.956658129 +0200
|
|
|
|
|
@@ -8,6 +8,8 @@
|
|
|
|
|
* information.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
@ -1959,7 +1917,7 @@ index 234d441..248bdba 100644
|
|
|
|
|
/*
|
|
|
|
|
* Include necessary headers...
|
|
|
|
|
*/
|
|
|
|
|
@@ -33,6 +35,10 @@
|
|
|
|
|
@@ -32,6 +34,10 @@
|
|
|
|
|
# include <asl.h>
|
|
|
|
|
#endif /* __APPLE__ */
|
|
|
|
|
|
|
|
|
@ -1970,7 +1928,7 @@ index 234d441..248bdba 100644
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Local functions...
|
|
|
|
|
@@ -2288,6 +2294,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */
|
|
|
|
|
@@ -2252,6 +2258,13 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
|
|
|
|
|
ipp_attribute_t *attr; /* Attribute data */
|
|
|
|
|
char *name, /* Current user/group name */
|
|
|
|
|
*filter; /* Current filter */
|
|
|
|
@ -1984,7 +1942,7 @@ index 234d441..248bdba 100644
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
@@ -2412,6 +2425,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)/* I - Printer to setup */
|
|
|
|
|
@@ -2378,6 +2391,45 @@ cupsdSetPrinterAttrs(cupsd_printer_t *p)
|
|
|
|
|
attr->values[1].string.text = _cupsStrAlloc(Classification ?
|
|
|
|
|
Classification : p->job_sheets[1]);
|
|
|
|
|
}
|
|
|
|
|