Hello community,
here is the log from the commit of package cups
checked in at Fri Aug 3 17:08:58 CEST 2007.
--------
--- cups/cups.changes 2007-07-30 15:43:33.000000000 +0200
+++ /mounts/work_src_done/STABLE/cups/cups.changes 2007-08-03 16:22:51.659329000 +0200
@@ -1,0 +2,10 @@
+Fri Aug 3 16:20:23 CEST 2007 - crivera@suse.de
+
+- Add cups-conf-relaxed-policy.patch, which defines a relaxed
+ policy in cupsd.conf and makes it the default. This allows
+ normal users to make changes to local printers.
+- Add cups-domain-socket-auth.patch, which has already been
+ accepted upstream, to allow cups to use domain socket
+ authentication for clients on the local machine.
+
+-------------------------------------------------------------------
New:
----
cups-conf-relaxed-policy.patch
cups-domain-socket-auth.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cups.spec ++++++
--- /var/tmp/diff_new_pack.e24297/_old 2007-08-03 17:07:03.000000000 +0200
+++ /var/tmp/diff_new_pack.e24297/_new 2007-08-03 17:07:03.000000000 +0200
@@ -17,7 +17,7 @@
Group: Hardware/Printing
Summary: The Common UNIX Printing System
Version: 1.2.12
-Release: 1
+Release: 2
Requires: cups-libs = %{version}, cups-client = %{version}
Requires: ghostscript_any, ghostscript-fonts-std, foomatic-filters
Requires: util-linux
@@ -52,6 +52,8 @@
Patch15: cups-1.2.11-testppd_filename.patch
Patch16: cups-1.2.5-desktop_file.patch
Patch17: cups-1.2.6-lppasswd_permission.patch
+Patch18: cups-conf-relaxed-policy.patch
+Patch19: cups-domain-socket-auth.patch
Patch100: cups-1.1.23-testpage.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %suse_version >= 801
@@ -144,6 +146,8 @@
%patch15 -p1
%patch16 -p1
%patch17 -p1
+%patch18 -p1
+%patch19 -p1
if [ -f /.buildenv ]; then
. /.buildenv
else
@@ -381,6 +385,13 @@
%{_datadir}/locale/*/cups_*
%changelog
+* Fri Aug 03 2007 - crivera@suse.de
+- Add cups-conf-relaxed-policy.patch, which defines a relaxed
+ policy in cupsd.conf and makes it the default. This allows
+ normal users to make changes to local printers.
+- Add cups-domain-socket-auth.patch, which has already been
+ accepted upstream, to allow cups to use domain socket
+ authentication for clients on the local machine.
* Mon Jul 30 2007 - kssingvo@suse.de
- upgrade to cups-1.2.12:
* The PHP cups_print_file() function crashed if the options array
++++++ cups-conf-relaxed-policy.patch ++++++
diff -ur /usr/src/packages/BUILD/cups-1.2.11/conf/cupsd.conf.in ./conf/cupsd.conf.in
--- /usr/src/packages/BUILD/cups-1.2.11/conf/cupsd.conf.in 2007-07-30 13:56:58.000000000 -0400
+++ ./conf/cupsd.conf.in 2007-07-30 13:52:20.000000000 -0400
@@ -25,6 +25,9 @@
# Default authentication type, when authentication is required...
DefaultAuthType Basic
+# Set the default policy to relaxed...
+DefaultPolicy relaxed
+
# Restrict access to the server...
<Location />
Order allow,deny
@@ -47,6 +50,39 @@
Allow localhost
</Location>
+# relaxed policy
+<Policy relaxed>
+
+# Let local users do reasonable things
+<Limit Pause-Printer Resume-Printer Set-Printer-Attributes Enable-Printer Disable-Printer Deactivate-Printer Activate-Printer CUPS-Delete-Printer CUPS-Add-Printer CUPS-Set-Default>
+Require user @users @SYSTEM
+Order deny,allow
+Allow From localhost
+</Limit>
+
+# Job-related operations must be done by the owner or an adminstrator...
+<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
+Require user @OWNER @SYSTEM
+Order deny,allow
+</Limit>
+<Limit All>
+Order deny,allow
+</Limit>
+
+<Limit Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default>
+AuthType Basic
+Require user @SYSTEM
+Order deny,allow
+</Limit>
+
+# Only the owner or an administrator can cancel or authenticate a job...
+<Limit Cancel-Job CUPS-Authenticate-Job>
+Require user @OWNER @SYSTEM
+Order deny,allow
+</Limit>
+
+</Policy>
+
# Set the default printer/job policies...
<Policy default>
# Job-related operations must be done by the owner or an adminstrator...
++++++ cups-domain-socket-auth.patch ++++++
--- cups-1.2.10/cups/auth.c.af_unix-auth 2007-01-10 16:48:37.000000000 +0000
+++ cups-1.2.10/cups/auth.c 2007-03-29 16:59:51.000000000 +0100
@@ -26,6 +26,8 @@
* Contents:
*
* cupsDoAuthentication() - Authenticate a request.
+ * cups_peercred_auth() - Find out if SO_PEERCRED authentication
+ * is possible
* cups_local_auth() - Get the local authorization certificate if
* available/applicable...
*/
@@ -40,7 +42,9 @@
#include