[FreeNX-kNX] FreeNX snapshot with full printing support and some bugs fixed

Fabian Franz FabianFranz at gmx.de
Thu Jan 25 19:13:21 UTC 2007

> >  * Note: You might need to do: chmod 755
> /usr/lib/cups/backend/{ipp,http}
> > 
> > -> This is just in general. While testing I found out that debian set 
> > /usr/lib/cups/backend/ipp and http to 700 with no reason whatsforever. 
> > I guess this is just a bug and the chmod did fix it for me.  
> No. It's part of a feature. CUPS will automatically run backends that 
> are set to 700 as root, and will run all other backends as user "lp"
> (or whatever the user is). {So for example if you are using a CUPS 
> "pdf:/"-backend as a PDF distiller server for the network, that backend 
> should be able to write its results to users' homedirs, it must have 
> extended privileges.) The ipp:// backend needs access to the certs
> files/dirs. The lpdf:// backend needs access to source ports 721-731,
> because RFC "standard" for LPD expects its clients to come from these
> ports, otherwise it refuses connections/printing.

Kurt as always you are a mine of gold when it comes to CUPS knowledge.

> chmod-ing {http,ipp} takes away the ability for those backends to
> run as root. This may be fine for all FreeNX-related tasks, but may
> meet occasions where it disturbs other purposes...

Yes, sure. But why can't the mask be: 744 this way one could copy the ipp and http files. I guess just the executing part is the problem or not?

Either way I find that this method is quite a hack - to rely on the mask of the file to depend which user to run on. However I can see that a config file is not as flexible.

I therefore propose to just cp the file (as root) to a regular file named ipp_nx and add a config option: CUPS_IPP_BACKEND=ipp_nx. Would this pose a problem?



More information about the FreeNX-kNX mailing list