:: Re: [DNG] Printing -- now a permiss…
Top Page
Delete this message
Reply to this message
Author: Rainer Weikusat
Date:  
To: dng
Subject: Re: [DNG] Printing -- now a permissions problem
Hendrik Boom <hendrik@???> writes:
> On Mon, Oct 19, 2015 at 05:47:57PM +0100, Rainer Weikusat wrote:


[...]


> root@notlookedfor:/home/hendrik# strace -f /usr/bin/lpr -h -PHL3170CDW
> Documents/math/Librationism=1407.3877v3.ps
> execve("/usr/bin/lpr", ["/usr/bin/lpr", "-h", "-PHL3170CDW",
> "Documents/math/Librationism=1407"...], [/* 37 vars */]) = 0


[...]

> open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
> _llseek(3, 0, [0], SEEK_CUR)            = 0
> fstat64(3, {st_mode=S_IFREG|0644, st_size=2252, ...}) = 0
> mmap2(NULL, 2252, PROT_READ, MAP_SHARED, 3, 0) = 0xb77ad000
> _llseek(3, 2252, [2252], SEEK_SET)      = 0
> munmap(0xb77ad000, 2252)                = 0
> close(3)                                = 0
> getuid32()                              = 0
> getgid32()                              = 0
> setresgid32(0, 0, 7)                    = 0
> setresuid32(0, 0, 7)                    = 0


[...]

> open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
> _llseek(3, 0, [0], SEEK_CUR)            = 0
> fstat64(3, {st_mode=S_IFREG|0644, st_size=2252, ...}) = 0
> mmap2(NULL, 2252, PROT_READ, MAP_SHARED, 3, 0) = 0xb77ad000
> _llseek(3, 2252, [2252], SEEK_SET)      = 0
> munmap(0xb77ad000, 2252)                = 0
> close(3)                                = 0
> setresuid32(-1, 7, -1)                  = 0
> setresgid32(-1, 7, -1)                  = 0
> open("/var/spool/lpd/hl3170cdw/.seq", 
> O_RDWR|O_CREAT|O_NONBLOCK|O_NOFOLLOW, 0661) = -1 EACCES (Permission 
> denied)
> write(2, "lpr: ", 5lpr: )                    = 5
> write(2, "cannot open /var/spool/lpd/hl317"..., 41cannot open 
> /var/spool/lpd/hl3170cdw/.seq) = 41
> write(2, ": ", 2: )                       = 2
> write(2, "Permission denied\n", 18Permission denied
> )     = 18
> exit_group(1)                           = ?
> +++ exited with 1 +++


You're running the BSD lpr which spools the files by itself and tries to
do as user 'lp' and not 'daemon' (UID 7). Judging from the code, it's
supposed to be installed setuid-0 and it then changes its UID to lp/ 7
to avoid having the binary owned by 'lp'. Since your spool directory
is only writable by user 'daemon' (UID 1), the attempt to spool the job
then fails.

Adjusting the permission accordingly, ie, make lpr owned by root and
setuid 0 and the spool directory owned and writable by lp may work. Or
possibly not as the Brother drivers are (AFAIK) intended to be used with
lprng and not the BSD lpr. In this case, you could try switching to
lprng.