[FreeNX-kNX] FreeNX 0.6.0.99 snapshot with full printing support and some bugs fixed
Fabian Franz
FabianFranz at gmx.de
Thu Jan 25 19:13:21 UTC 2007
> > * Note: You might need to do: chmod 755
> /usr/lib/cups/backend/{ipp,http}
> >
> > -> This is just in general. While testing I found out that debian set
> > /usr/lib/cups/backend/ipp and http to 700 with no reason whatsforever.
> > I guess this is just a bug and the chmod did fix it for me.
>
> No. It's part of a feature. CUPS will automatically run backends that
> are set to 700 as root, and will run all other backends as user "lp"
> (or whatever the user is). {So for example if you are using a CUPS
> "pdf:/"-backend as a PDF distiller server for the network, that backend
> should be able to write its results to users' homedirs, it must have
> extended privileges.) The ipp:// backend needs access to the certs
> files/dirs. The lpdf:// backend needs access to source ports 721-731,
> because RFC "standard" for LPD expects its clients to come from these
> ports, otherwise it refuses connections/printing.
Kurt as always you are a mine of gold when it comes to CUPS knowledge.
> chmod-ing {http,ipp} takes away the ability for those backends to
> run as root. This may be fine for all FreeNX-related tasks, but may
> meet occasions where it disturbs other purposes...
Yes, sure. But why can't the mask be: 744 this way one could copy the ipp and http files. I guess just the executing part is the problem or not?
Either way I find that this method is quite a hack - to rely on the mask of the file to depend which user to run on. However I can see that a config file is not as flexible.
I therefore propose to just cp the file (as root) to a regular file named ipp_nx and add a config option: CUPS_IPP_BACKEND=ipp_nx. Would this pose a problem?
cu
Fabian
More information about the FreeNX-kNX
mailing list