Bug#794654: marked as done (cups-browsed: UDS permissions check always fails in Debian)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Thu, 29 Sep 2016 22:59:44 +0200
with message-id <5860994.ss7x08vNSp@gyllingar>
and subject line Re: Bug#794654: cups-browsed: UDS permissions check always fails in Debian
has caused the Debian Bug report #794654,
regarding cups-browsed: UDS permissions check always fails in Debian
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
794654: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794654
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: cups-browsed: UDS permissions check always fails in Debian
• From: Raphael Geissert <geissert@debian.org>
• Date: Wed, 5 Aug 2015 14:50:35 +0200
• Message-id: <CAA7hUgEcjkvBYUv0dB1A5FcNUb4=3qz3DJ0asBBVqKqLNHzG=g@mail.gmail.com>

Package: cups-browsed
Version: 1.0.71-1
Severity: minor
Tags: patch

Hi,

cups-browsed checks the permissions of cups' unix socket, looking for
IRWXO. Not only it appears to be useless to check for the execute bit,
but this check always fails with the default Debian config; which
makes cups-browsed use a TCP socket instead of the unix one.

Attached patch makes cups-browsed check only for read and write
permissions on the unix socket.

What do you think?

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Index: cups-filters-1.0.71-1/utils/cups-browsed.c
===================================================================
--- cups-filters-1.0.71-1/utils/cups-browsed.c
+++ cups-filters-1.0.71-1/utils/cups-browsed.c
@@ -3321,9 +3321,10 @@
 #endif
   if (DomainSocket != NULL) {
     struct stat sockinfo;               /* Domain socket information */
     if (!stat(DomainSocket, &sockinfo) &&
-        (sockinfo.st_mode & S_IRWXO) == S_IRWXO)
+        (sockinfo.st_mode & S_IROTH) == S_IROTH &&
+        (sockinfo.st_mode & S_IWOTH) == S_IWOTH)
       setenv("CUPS_SERVER", DomainSocket, 1);
     else
       setenv("CUPS_SERVER", "localhost", 1);
   } else

--- End Message ---

--- Begin Message ---

• To: 794654-done@bugs.debian.org
• Subject: Re: Bug#794654: cups-browsed: UDS permissions check always fails in Debian
• From: Didier 'OdyX' Raboud <me@odyx.org>
• Date: Thu, 29 Sep 2016 22:59:44 +0200
• Message-id: <5860994.ss7x08vNSp@gyllingar>
• In-reply-to: <1720347.ALF4TpnnmD@gyllingar>
• References: <CAA7hUgEcjkvBYUv0dB1A5FcNUb4=3qz3DJ0asBBVqKqLNHzG=g@mail.gmail.com> <1720347.ALF4TpnnmD@gyllingar>

Le mercredi, 5 août 2015, 15.07:49 h CEST Didier 'OdyX' Raboud a écrit :
> Le mercredi, 5 août 2015, 14.50:35 Raphael Geissert a écrit :
> > cups-browsed checks the permissions of cups' unix socket, looking for
> > IRWXO. Not only it appears to be useless to check for the execute bit,
> > but this check always fails with the default Debian config; which
> > makes cups-browsed use a TCP socket instead of the unix one.
> > 
> > Attached patch makes cups-browsed check only for read and write
> > permissions on the unix socket.
> 
> This looks like the https://cups.org/str.php?L4679 , we should probably
> fix this identically in cups-browsed.
> 
> Till: opinions?

This was fixed in cups-filters 1.6.0.
> CHANGES IN V1.6.0
>
>       - cups-browsed: Fixed use of CUPS domain socket, both
>         detection during build process and permission check at
>         runtime.

--
Cheers,
	OdyX

--- End Message ---