[arch-commits] Commit in cups/trunk (PKGBUILD guid.patch)
Andreas Radke
andyrtr at archlinux.org
Sat Jan 27 09:30:20 UTC 2018
Date: Saturday, January 27, 2018 @ 09:30:19
Author: andyrtr
Revision: 315486
upgpkg: cups 2.2.6-4
always use cups user/group - FS#56818
Added:
cups/trunk/guid.patch
Modified:
cups/trunk/PKGBUILD
------------+
PKGBUILD | 8 ++++++--
guid.patch | 42 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 48 insertions(+), 2 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-01-27 06:18:18 UTC (rev 315485)
+++ PKGBUILD 2018-01-27 09:30:19 UTC (rev 315486)
@@ -4,7 +4,7 @@
pkgbase="cups"
pkgname=('libcups' 'cups')
pkgver=2.2.6
-pkgrel=3
+pkgrel=4
arch=('x86_64')
license=('GPL')
url="https://www.cups.org/"
@@ -13,7 +13,7 @@
'avahi' 'hicolor-icon-theme' 'systemd' 'inetutils' 'libpaper' 'valgrind')
source=(https://github.com/apple/cups/releases/download/v${pkgver}/cups-${pkgver}-source.tar.gz{,.sig}
cups.logrotate cups.pam
- cups.sysusers
+ cups.sysusers guid.patch
# improve build and linking
cups-no-export-ssllibs.patch
cups-no-gzip-man.patch
@@ -25,6 +25,7 @@
'd87fa0f0b5ec677aae34668f260333db17ce303aa1a752cba5f8e72623d9acf9'
'57dfd072fd7ef0018c6b0a798367aac1abb5979060ff3f9df22d1048bb71c0d5'
'06173dfaea37bdd9b39b3e09aba98c34ae7112a2f521db45a688907d8848caa2'
+ 'd4537526c1e075866ae22ad263da000fc2a592d36c26b79a459a1cfdade2bb2d'
'ff3eb0782af0405f5dafe89e04b1b4ea7a49afc5496860d724343bd04f375832'
'b8fc2e3bc603495f0278410350ea8f0161d9d83719feb64f573b63430cb4800b'
'23349c96f2f7aeb7d48e3bcd35a969f5d5ac8f55a032b0cfaa0a03d7e37ea9af'
@@ -47,6 +48,9 @@
# make sure network is up when starting and notify systemd - FC
patch -Np1 -i ${srcdir}/cups-systemd-socket.patch
+ # FS#56818 - https://github.com/apple/cups/issues/5236
+ patch -Np1 -i ${srcdir}/guid.patch
+
# set MaxLogSize to 0 to prevent using cups internal log rotation
sed -i -e '5i\ ' conf/cupsd.conf.in
sed -i -e '6i# Disable cups internal logging - use logrotate instead' conf/cupsd.conf.in
Added: guid.patch
===================================================================
--- guid.patch (rev 0)
+++ guid.patch 2018-01-27 09:30:19 UTC (rev 315486)
@@ -0,0 +1,42 @@
+diff --git a/scheduler/cups-exec.c b/scheduler/cups-exec.c
+index aab43a797..46c549075 100644
+--- a/scheduler/cups-exec.c
++++ b/scheduler/cups-exec.c
+@@ -133,8 +133,13 @@ main(int argc, /* I - Number of command-line args */
+ if (setgid(gid))
+ exit(errno + 100);
+
+- if (setgroups(1, &gid))
++#include <pwd.h>
++ struct passwd * pwd = getpwuid(uid);
++ if(initgroups(pwd->pw_name,pwd->pw_gid))
++ {
++ fprintf(stderr, "DEBUG: initgroups failed\n");
+ exit(errno + 100);
++ }
+
+ if (uid && setuid(uid))
+ exit(errno + 100);
+diff --git a/scheduler/util.c b/scheduler/util.c
+index 19ebf069b..4638562bd 100644
+--- a/scheduler/util.c
++++ b/scheduler/util.c
+@@ -300,7 +300,16 @@ cupsdPipeCommand(int *pid, /* O - Process ID or 0 on error */
+ */
+
+ if (!getuid() && user)
+- setuid(user); /* Run as restricted user */
++ {
++#include <pwd.h>
++ struct passwd * pwd = getpwuid(user);
++ if(initgroups(pwd->pw_name,pwd->pw_gid))
++ {
++ fprintf(stderr, "DEBUG: initgroups failed\n");
++ exit(errno + 100);
++ }
++ setuid(user); /* Run as restricted user */
++ }
+
+ if ((fd = open("/dev/null", O_RDONLY)) > 0)
+ {
+
More information about the arch-commits
mailing list