[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#350581: cupsys: Put local certs not on harddrive

Package: cupsys
Version: 1.1.23-15
Severity: wishlist

cupsys generates a coockie (cert) for local clients and for cgi-bin to
backend communication in /etc/cups/certs/, which currently is a symlink
to /var/lib/cups/certs/, which normally is located on a hard disk drive.

The default "RootCertDuration" is 300 seconds, so each 5 minutes that
file is accessed and replaced by a new file, preventing the disk from
spinning down on an otherwise idle computer, of even worse, spins up the
disk regularly. Sadly, this was one cause which destroyed 16+ drives in
several workstations. cupsys needs to run, so automatic printer
discovery works on those workstations and notebooks.

Since the file does not need to survive a reboot, please consider moving
that directory under /var/run, which will be put on a tmpfs filesystem
in Debian hopefully "real soon".

If you don't want to do the move now, please at least don't package the
/etc/cups/certs symlink and create that link instead in postinst, if it
doesn't exist. Currently each time I install a new security update, that
link gets replaces again and again with on pointing to

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (989, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux
Locale: LANG=de_DE.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Reply to: