Bug#427559: marked as done (cupsys: make backend permissions behaviour compatible to upstream)

To: Martin Pitt <mpitt@debian.org>
Subject: Bug#427559: marked as done (cupsys: make backend permissions behaviour compatible to upstream)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 08 Jun 2007 09:51:03 +0000
Message-id: <[🔎] handler.427559.D427559.118129618631794.ackdone@bugs.debian.org>
References: <E1Hwb3f-0003CB-O1@ries.debian.org> <[🔎] 466481E3.4080000@infotec.com>

Your message dated Fri, 08 Jun 2007 09:47:03 +0000
with message-id <E1Hwb3f-0003CB-O1@ries.debian.org>
and subject line Bug#427559: fixed in cupsys 1.2.11-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: <submit@bugs.debian.org>
Subject: cupsd "run as user" changes in 1.2.11-2 breaks existing installations (no printing)
From: "Kurt Pfeifle" <kurt.pfeifle@infotec.com>
Date: Mon, 04 Jun 2007 23:19:31 +0200
Message-id: <[🔎] 466481E3.4080000@infotec.com>
Reply-to: <kurt.pfeifle@infotec.com>

Package: cupsys
Version: 1.2.11-2


(I'm sorry to not be able to use "reportbug"; I'm reporting on behalf of
a customer who called me today because important functions on his test
printserver [running on Sid] broke after upgrading to CUPS 1.2.11-2; I'm
not running Sid, but I was able to ssh into his system for a few minutes
and poke around a bit...)

--------------

It looks like the 1.2.11-2 package changed a few very substantial things
over the previous package (1.2.7-4?):

 * you have changed cupsd to run as user cupsys, while upstream CUPS
   developers have dropped this again (and they gave very good reasons
   for that) when they released 1.2.0.

 * in previous upstream versions when cupsd ran as an unprivileged user,
   it was possible to use "RunAsUser No" in cupsd.conf -- you have re-
   applied that old patch without keeping the user option to not follow
   your default.

 * you have removed the possibility to run individual backends as root
   (by simply giving them 0700 permissions and root ownership).

This breaks all customized backends which need root permissions in order
to do their job. In our case it was...

  (a) a custom pdf-creating backend (*NOT* the "cups-pdf" package) that
      was geared to work with SAP output, and write its results into
      specific directories owned by different system users

  (b) another custom pdf-creating backend (*NOT* the "cups-pdf" package)
      which was geared to work for MS Windows domain users via Samba and
      write its output to user-owned directories

  (c) a backend using Pykota (http://www.pykota.com/software/pykota) as
      a printjob accounting software

  (d) a backend using Tea4CUPs (http://www.pykota.com/software/tea4cups)
      to "fan out" (multiply) certain jobs to multiple production printers

  (e) a backend that reads a hidden file in each user's home directory
      containing a PIN and a USERCODE to insert these into the PostScript
      file to enable user specific "locked printing" on certain printers

  (f) and 3 more custom backends which I can't talk about here.

This change caught the customer completely off guard; it looks like the
upgrade did not warn him about such heavy-handed changes when the post-
install script ran.

He can not use that system any more for now, until he pays money to some-
one to fix everything (if that is at all possible; otherwise to migrate
it to a non-Debian distro).

Moreover, while you introduced these changes (amounting to a de-facto
fork from upstream IMHO), you did not sufficiently document these. In
fact, the CUPS documentation you ship is still suggesting to the user
that his cupsd runs as root.

The way you introduced these changes in effect completely takes away
users' freedom to run cupsd unchanged in its behavior from upstream's
version; and I'm very doubtful if you even added any substantial gain in
security with these modifications.

If you think you need to protect users from security breeches your way
(by adding a non-standard, now old feature back to your current CUPS (a
feature that was dropped by the CUPS developers themselves), then please
at least do it in a way that still allows to configure away your default
(by also re-enabling the "RunAsUser No" directive in cupsd.conf).

Hence, my feature requests:

  -- either return to the same setup as upstream CUPS sources,
  -- or do re-enable the "RunAsUser No" option in cupsd.conf
  -- and please do at least make it un-mistakenly clear in the CUPS
     docu at localhost:631/help what you changed and how the user can
     return to upstream's CUPS behavior for its scheduler and backends.


-- 
Kurt Pfeifle
System & Network Printing Consultant ---- Linux/Unix/Windows/Samba/CUPS
Infotec Deutschland GmbH  .....................  Hedelfinger Strasse 58
A RICOH Company  ...........................  D-70327 Stuttgart/Germany 
---
Infotec Deutschland GmbH
Hedelfingerstrasse 58
D-70327 Stuttgart
Telefon +49 711 4017-0, Fax +49 711 4017-5752
www.infotec.com
Geschaeftsfuehrer: Elmar Karl Josef Wanderer, Frank Grosch, Heinz-Josef Jansen
Sitz der Gesellschaft: Stuttgart, Handelsregister HRB Stuttgart 20398

Der Inhalt dieser E-Mail ist vertraulich und ist nur für den Empfänger bestimmt. Falls Sie nicht der angegebene Empfänger sind oder falls diese E-Mail irrtümlich an Sie adressiert wurde, verständigen Sie bitte den Absender sofort und löschen Sie die E-Mail sodann. Das unerlaubte Veröffentlichen, Kopieren sowie die unbefugte Übermittlung komplett oder in Teilen sind nicht gestattet.Private Ansichten und Meinungen sind, wenn nicht ausdrücklich erklärt, die des Autors und nicht die der Infotec Deutschland GmbH oder deren verantwortliche Direktoren und Angestellte. Eine Haftung für Schäden oder Verlust von Daten durch den Gebrauch dieser Email oder deren Anhänge wird ausgeschlossen.
Weitere Informationen erhalten Sie im Internet unter www.infotec.com oder in jeder Infotec Niederlassung.
This E-Mail is for the exclusive use of the recipient and may contain information which is confidential. Any disclosure, distribution or copying of this communication, in whole or in part, is not permitted. Any views or opinions presented are those of the author and (unless otherwise specifically stated) do not represent those of Infotec Deutschland GmbH or their directors or officers; none of whom are responsible for any reliance placed on the information contained herein. Although reasonable precautions have been taken to ensure that no viruses are present, all liability is excluded for any loss or damage arising from the use of this email or attachments.
For further information please see our website at www.infotec.com or refer to any Infotec office.

--- End Message ---

--- Begin Message ---

To: 427559-close@bugs.debian.org
Subject: Bug#427559: fixed in cupsys 1.2.11-3
From: Martin Pitt <mpitt@debian.org>
Date: Fri, 08 Jun 2007 09:47:03 +0000
Message-id: <E1Hwb3f-0003CB-O1@ries.debian.org>

Source: cupsys
Source-Version: 1.2.11-3

We believe that the bug you reported is fixed in the latest version of
cupsys, which is due to be installed in the Debian FTP archive:

cupsys-bsd_1.2.11-3_i386.deb
  to pool/main/c/cupsys/cupsys-bsd_1.2.11-3_i386.deb
cupsys-client_1.2.11-3_i386.deb
  to pool/main/c/cupsys/cupsys-client_1.2.11-3_i386.deb
cupsys-common_1.2.11-3_all.deb
  to pool/main/c/cupsys/cupsys-common_1.2.11-3_all.deb
cupsys-dbg_1.2.11-3_i386.deb
  to pool/main/c/cupsys/cupsys-dbg_1.2.11-3_i386.deb
cupsys_1.2.11-3.diff.gz
  to pool/main/c/cupsys/cupsys_1.2.11-3.diff.gz
cupsys_1.2.11-3.dsc
  to pool/main/c/cupsys/cupsys_1.2.11-3.dsc
cupsys_1.2.11-3_i386.deb
  to pool/main/c/cupsys/cupsys_1.2.11-3_i386.deb
libcupsimage2-dev_1.2.11-3_i386.deb
  to pool/main/c/cupsys/libcupsimage2-dev_1.2.11-3_i386.deb
libcupsimage2_1.2.11-3_i386.deb
  to pool/main/c/cupsys/libcupsimage2_1.2.11-3_i386.deb
libcupsys2-dev_1.2.11-3_i386.deb
  to pool/main/c/cupsys/libcupsys2-dev_1.2.11-3_i386.deb
libcupsys2_1.2.11-3_i386.deb
  to pool/main/c/cupsys/libcupsys2_1.2.11-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 427559@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Martin Pitt <mpitt@debian.org> (supplier of updated cupsys package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 08 Jun 2007 11:15:12 +0200
Source: cupsys
Binary: libcupsys2-dev cupsys libcupsys2 libcupsimage2 cupsys-common cupsys-client cupsys-dbg cupsys-bsd libcupsimage2-dev
Architecture: source i386 all
Version: 1.2.11-3
Distribution: unstable
Urgency: medium
Maintainer: Debian CUPS Maintainers <pkg-cups-devel@lists.alioth.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 cupsys     - Common UNIX Printing System(tm) - server
 cupsys-bsd - Common UNIX Printing System(tm) - BSD commands
 cupsys-client - Common UNIX Printing System(tm) - client programs (SysV)
 cupsys-common - Common UNIX Printing System(tm) - common files
 cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols
 libcupsimage2 - Common UNIX Printing System(tm) - image libs
 libcupsimage2-dev - Common UNIX Printing System(tm) - image development files
 libcupsys2 - Common UNIX Printing System(tm) - libs
 libcupsys2-dev - Common UNIX Printing System(tm) - development files
Closes: 427559
Changes: 
 cupsys (1.2.11-3) unstable; urgency=medium
 .
   * debian/rules: Disable privilege dropping for now until we fixed the
     backend invocation to become compatible to upstream's behaviour again.
     This unbreaks third-party backends again for now. (Closes: #427559)
Files: 
 a8e0609cc503f8adf225180746e1e5e9 1088 net optional cupsys_1.2.11-3.dsc
 8c6702e08f21299cadf8dfd053ca4b1d 100376 net optional cupsys_1.2.11-3.diff.gz
 9298850ac2273362526ad3b11e3686a6 935346 net optional cupsys-common_1.2.11-3_all.deb
 a9508d9c20a8eb5ecc626ddbebc92f30 165736 libs optional libcupsys2_1.2.11-3_i386.deb
 4759a24b71d5fda31c90433f9d488798 92388 libs optional libcupsimage2_1.2.11-3_i386.deb
 4c6f2ff63b0a1a7d8a6292f27ee5479c 1672980 net optional cupsys_1.2.11-3_i386.deb
 093196e56e515af743285f530e68471a 81808 net optional cupsys-client_1.2.11-3_i386.deb
 7a5c49852b805a626643f5f9a51b45a4 137608 libdevel optional libcupsys2-dev_1.2.11-3_i386.deb
 5e0b8a780fec965c5de087c349ab171b 54902 libdevel optional libcupsimage2-dev_1.2.11-3_i386.deb
 cacffec932cdd749a3f96d530d2e6f80 36244 net extra cupsys-bsd_1.2.11-3_i386.deb
 01564ed1425008a6010f027fa447a63c 996364 libdevel extra cupsys-dbg_1.2.11-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGaSMoDecnbV4Fd/IRAnkqAKC0zLD3t8iOeGWF/uwuKLhMR6KdGACg8LdF
6r+3rJx8WAS3BaLv2//1zEE=
=0wQH
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

References:
- Bug#427559: cupsd "run as user" changes in 1.2.11-2 breaks existing installations (no printing)
  - From: "Kurt Pfeifle" <kurt.pfeifle@infotec.com>

Prev by Date: Accepted cupsys 1.2.11-3 (source i386 all)
Next by Date: Bug#428055: gs-gpl: gs segfaults on ia64
Previous by thread: Bug#427559: cupsd "run as user" changes in 1.2.11-2 breaks existing installations (no printing)
Next by thread: Bug#259774: this bug report can be closed
Index(es):
- Date
- Thread