"Main Switch" to turn off CUPS totally when we use systemd as PID 1
Hi all,
all major distros are using systemd or will end up with it very soon.
under systemd on-demand use of CUPS is supported and for most users it
is a nice feature, especially to save battery and resources on laptops
and mobile devices.
But on SUSE there are complaints which have lead to long discussion
making SUSE use a configuration without on-demand facility:
https://bugzilla.novell.com/show_bug.cgi?id=864894
https://bugzilla.novell.com/show_bug.cgi?id=857372
Especially Johannes Meixner told me that the current systemd
configuration is missing a "Master Switch" to not only stop cupsd but
also to tell that it should not be started on-demand. Currently you have
only the possibility to stop the daemon butt systemd is still listening
on the sockets and therefore CUPS gets started as soon as someone
accesses port 631 or connects a USB printer. This is a security hole as
a normal user can trigger the start of a program which runs as root.
The master switch has ideally three states:
Off: cupsd does not get started also if a user tries to access printing
services (port 631, ...).
On-demand: As we have it now, cupsd does not run if it has no jobs or
shared printers and is triggered by accessing port 631, a domain socket, ...
On: cupsd is permanently running (for servers).
Can such a thing be introduced? This would be great.
Till
Reply to: