Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added the functionality of Preserved Comments in cupsd.conf when cups… #640

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 10 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 14 additions & 6 deletions conf/cupsd.conf.in
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@
# complete description of this file.
#

# Log general information in error_log - change "@CUPS_LOG_LEVEL@" to "debug"
# for troubleshooting...
# Set LogLevel to debug for turning on troubleshooting
LogLevel @CUPS_LOG_LEVEL@
@CUPS_PAGE_LOG_FORMAT@

Expand All @@ -31,26 +30,35 @@ WebInterface @CUPS_WEBIF@
# Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)
IdleExitTimeout @EXIT_TIMEOUT@

# Restrict access to the server...
# Access to the server root (/):
# - default action defined by 'Order', see 'man cupsd.conf'
# - use 'Allow'/'Deny' for configuring access
# - allowing access is required for printer sharing or remote administration
<Location />
Order allow,deny
</Location>

# Restrict access to the admin pages...
# Access to the admin pages:
# - default action defined by Order', see 'man cupsd.conf'
# - use 'Allow'/'Deny' for configuring access
<Location /admin>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>

# Restrict access to configuration files...
# Access to the configuration files:
# - default action defined by Order', see 'man cupsd.conf'
# - use 'Allow'/'Deny' for configuring access
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>

# Restrict access to log files...
# Access to the log files:
# - default action defined by Order', see 'man cupsd.conf'
# - use 'Allow'/'Deny' for configuring access
<Location /admin/log>
AuthType Default
Require user @SYSTEM
Expand Down
93 changes: 4 additions & 89 deletions cups/adminutil.c
Original file line number Diff line number Diff line change
Expand Up @@ -698,7 +698,7 @@ cupsAdminSetServerSettings(
if (server_port <= 0)
server_port = IPP_PORT;

while (cupsFileGetConf(cupsd, line, sizeof(line), &value, &linenum))
while (_cupsFileGetConfAndComments(cupsd, line, sizeof(line), &value, &linenum))
{
if ((!_cups_strcasecmp(line, "Port") || !_cups_strcasecmp(line, "Listen")) &&
(remote_admin >= 0 || remote_any >= 0 || share_printers >= 0))
Expand All @@ -709,13 +709,10 @@ cupsAdminSetServerSettings(

if (remote_admin > 0 || remote_any > 0 || share_printers > 0)
{
cupsFilePuts(temp, "# Allow remote access\n");
cupsFilePrintf(temp, "Port %d\n", server_port);
}
else
{
cupsFilePuts(temp, "# Only listen for connections from the local "
"machine.\n");
cupsFilePrintf(temp, "Listen localhost:%d\n", server_port);
}

Expand Down Expand Up @@ -749,7 +746,6 @@ cupsAdminSetServerSettings(
localp = cupsGetOption("BrowseLocalProtocols", cupsd_num_settings,
cupsd_settings);

cupsFilePuts(temp, "# Share local printers on the local network.\n");
cupsFilePuts(temp, "Browsing On\n");

if (!localp)
Expand All @@ -763,7 +759,6 @@ cupsAdminSetServerSettings(
}
else
{
cupsFilePuts(temp, "# Disable printer sharing.\n");
cupsFilePuts(temp, "Browsing Off\n");
}
}
Expand All @@ -774,13 +769,10 @@ cupsAdminSetServerSettings(

if (debug_logging)
{
cupsFilePuts(temp,
"# Show troubleshooting information in error_log.\n");
cupsFilePuts(temp, "LogLevel debug\n");
}
else
{
cupsFilePuts(temp, "# Show general information in error_log.\n");
cupsFilePuts(temp, "LogLevel " CUPS_DEFAULT_LOG_LEVEL "\n");
}
}
Expand All @@ -800,9 +792,7 @@ cupsAdminSetServerSettings(
wrote_policy = 1;

if (!user_cancel_any)
cupsFilePuts(temp, " # Only the owner or an administrator can "
"cancel a job...\n"
" <Limit Cancel-Job>\n"
cupsFilePuts(temp, " <Limit Cancel-Job>\n"
" Order deny,allow\n"
" Require user @OWNER "
CUPS_DEFAULT_PRINTOPERATOR_AUTH "\n"
Expand Down Expand Up @@ -837,11 +827,6 @@ cupsAdminSetServerSettings(
{
wrote_admin_location = 1;

if (remote_admin)
cupsFilePuts(temp, " # Allow remote administration...\n");
else
cupsFilePuts(temp, " # Restrict access to the admin pages...\n");

cupsFilePuts(temp, " Order allow,deny\n");

if (remote_admin)
Expand All @@ -856,13 +841,6 @@ cupsAdminSetServerSettings(
{
wrote_conf_location = 1;

if (remote_admin)
cupsFilePuts(temp, " # Allow remote access to the configuration "
"files...\n");
else
cupsFilePuts(temp, " # Restrict access to the configuration "
"files...\n");

cupsFilePuts(temp, " Order allow,deny\n");

if (remote_admin)
Expand All @@ -877,13 +855,6 @@ cupsAdminSetServerSettings(
{
wrote_log_location = 1;

if (remote_admin)
cupsFilePuts(temp, " # Allow remote access to the log "
"files...\n");
else
cupsFilePuts(temp, " # Restrict access to the log "
"files...\n");

cupsFilePuts(temp, " Order allow,deny\n");

if (remote_admin)
Expand All @@ -899,18 +870,6 @@ cupsAdminSetServerSettings(
{
wrote_root_location = 1;

if (remote_admin > 0 && share_printers > 0)
cupsFilePuts(temp, " # Allow shared printing and remote "
"administration...\n");
else if (remote_admin > 0)
cupsFilePuts(temp, " # Allow remote administration...\n");
else if (share_printers > 0)
cupsFilePuts(temp, " # Allow shared printing...\n");
else if (remote_any > 0)
cupsFilePuts(temp, " # Allow remote access...\n");
else
cupsFilePuts(temp, " # Restrict access to the server...\n");

cupsFilePuts(temp, " Order allow,deny\n");

if (remote_admin > 0 || remote_any > 0 || share_printers > 0)
Expand Down Expand Up @@ -991,9 +950,7 @@ cupsAdminSetServerSettings(
wrote_policy = 1;

if (!user_cancel_any)
cupsFilePuts(temp, " # Only the owner or an administrator can cancel "
"a job...\n"
" <Limit Cancel-Job>\n"
cupsFilePuts(temp, " <Limit Cancel-Job>\n"
" Order deny,allow\n"
" Require user @OWNER "
CUPS_DEFAULT_PRINTOPERATOR_AUTH "\n"
Expand Down Expand Up @@ -1069,12 +1026,10 @@ cupsAdminSetServerSettings(
{
if (share_printers > 0)
{
cupsFilePuts(temp, "# Share local printers on the local network.\n");
cupsFilePuts(temp, "Browsing On\n");
}
else
{
cupsFilePuts(temp, "# Disable printer sharing and shared printers.\n");
cupsFilePuts(temp, "Browsing Off\n");
}
}
Expand All @@ -1083,12 +1038,10 @@ cupsAdminSetServerSettings(
{
if (debug_logging)
{
cupsFilePuts(temp, "# Show troubleshooting information in error_log.\n");
cupsFilePuts(temp, "LogLevel debug\n");
}
else
{
cupsFilePuts(temp, "# Show general information in error_log.\n");
cupsFilePuts(temp, "LogLevel " CUPS_DEFAULT_LOG_LEVEL "\n");
}
}
Expand All @@ -1098,13 +1051,10 @@ cupsAdminSetServerSettings(
{
if (remote_admin > 0 || remote_any > 0 || share_printers > 0)
{
cupsFilePuts(temp, "# Allow remote access\n");
cupsFilePrintf(temp, "Port %d\n", ippPort());
}
else
{
cupsFilePuts(temp,
"# Only listen for connections from the local machine.\n");
cupsFilePrintf(temp, "Listen localhost:%d\n", ippPort());
}

Expand All @@ -1117,18 +1067,6 @@ cupsAdminSetServerSettings(
if (!wrote_root_location &&
(remote_admin >= 0 || remote_any >= 0 || share_printers >= 0))
{
if (remote_admin > 0 && share_printers > 0)
cupsFilePuts(temp,
"# Allow shared printing and remote administration...\n");
else if (remote_admin > 0)
cupsFilePuts(temp, "# Allow remote administration...\n");
else if (share_printers > 0)
cupsFilePuts(temp, "# Allow shared printing...\n");
else if (remote_any > 0)
cupsFilePuts(temp, "# Allow remote access...\n");
else
cupsFilePuts(temp, "# Restrict access to the server...\n");

cupsFilePuts(temp, "<Location />\n"
" Order allow,deny\n");

Expand All @@ -1140,11 +1078,6 @@ cupsAdminSetServerSettings(

if (!wrote_admin_location && remote_admin >= 0)
{
if (remote_admin)
cupsFilePuts(temp, "# Allow remote administration...\n");
else
cupsFilePuts(temp, "# Restrict access to the admin pages...\n");

cupsFilePuts(temp, "<Location /admin>\n"
" Order allow,deny\n");

Expand All @@ -1156,12 +1089,6 @@ cupsAdminSetServerSettings(

if (!wrote_conf_location && remote_admin >= 0)
{
if (remote_admin)
cupsFilePuts(temp,
"# Allow remote access to the configuration files...\n");
else
cupsFilePuts(temp, "# Restrict access to the configuration files...\n");

cupsFilePuts(temp, "<Location /admin/conf>\n"
" AuthType Default\n"
" Require user @SYSTEM\n"
Expand All @@ -1175,12 +1102,6 @@ cupsAdminSetServerSettings(

if (!wrote_log_location && remote_admin >= 0)
{
if (remote_admin)
cupsFilePuts(temp,
"# Allow remote access to the log files...\n");
else
cupsFilePuts(temp, "# Restrict access to the log files...\n");

cupsFilePuts(temp, "<Location /admin/log>\n"
" AuthType Default\n"
" Require user @SYSTEM\n"
Expand All @@ -1195,8 +1116,6 @@ cupsAdminSetServerSettings(
if (!wrote_policy && user_cancel_any >= 0)
{
cupsFilePuts(temp, "<Policy default>\n"
" # Job-related operations must be done by the owner "
"or an administrator...\n"
" <Limit Send-Document Send-URI Hold-Job Release-Job "
"Restart-Job Purge-Jobs Set-Job-Attributes "
"Create-Job-Subscription Renew-Subscription "
Expand All @@ -1206,8 +1125,6 @@ cupsAdminSetServerSettings(
" Require user @OWNER @SYSTEM\n"
" Order deny,allow\n"
" </Limit>\n"
" # All administration operations require an "
"administrator to authenticate...\n"
" <Limit Pause-Printer Resume-Printer "
"Set-Printer-Attributes Enable-Printer "
"Disable-Printer Pause-Printer-After-Current-Job "
Expand All @@ -1224,9 +1141,7 @@ cupsAdminSetServerSettings(
"</Limit>\n");

if (!user_cancel_any)
cupsFilePuts(temp, " # Only the owner or an administrator can cancel "
"a job...\n"
" <Limit Cancel-Job>\n"
cupsFilePuts(temp, " <Limit Cancel-Job>\n"
" Order deny,allow\n"
" Require user @OWNER "
CUPS_DEFAULT_PRINTOPERATOR_AUTH "\n"
Expand Down
Loading