|
 |
ddd55f2 |
--- cups-1.2.2-8/config.h.in 2006-08-10 11:42:42.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/config.h.in 2006-08-07 06:19:33.000000000 -0400
|
|
|
21b0f25 |
@@ -443,6 +443,13 @@
|
|
|
21b0f25 |
#undef HAVE_APPLETALK_AT_PROTO_H
|
|
|
21b0f25 |
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+/*
|
|
|
21b0f25 |
+ * Are we trying to meet LSPP requirements?
|
|
|
21b0f25 |
+ */
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+#undef WITH_LSPP
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
#endif /* !_CUPS_CONFIG_H_ */
|
|
|
21b0f25 |
|
|
|
21b0f25 |
/*
|
|
|
ddd55f2 |
--- cups-1.2.2-8/configure.in 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/configure.in 2006-08-07 06:19:33.000000000 -0400
|
|
|
45f372e |
@@ -47,6 +47,8 @@
|
|
|
45f372e |
sinclude(config-scripts/cups-pdf.m4)
|
|
|
45f372e |
sinclude(config-scripts/cups-scripting.m4)
|
|
|
45f372e |
|
|
|
45f372e |
+sinclude(config-scripts/cups-lspp.m4)
|
|
|
45f372e |
+
|
|
|
45f372e |
INSTALL_LANGUAGES=""
|
|
|
45f372e |
UNINSTALL_LANGUAGES=""
|
|
|
45f372e |
LANGFILES=""
|
|
|
ddd55f2 |
--- cups-1.2.2-8/config-scripts/cups-lspp.m4 1969-12-31 19:00:00.000000000 -0500
|
|
|
ddd55f2 |
+++ cups-1.2.2/config-scripts/cups-lspp.m4 2006-08-07 06:19:33.000000000 -0400
|
|
|
ddd55f2 |
@@ -0,0 +1,36 @@
|
|
|
ddd55f2 |
+dnl
|
|
|
ddd55f2 |
+dnl LSPP code for the Common UNIX Printing System (CUPS).
|
|
|
ddd55f2 |
+dnl
|
|
|
ddd55f2 |
+dnl Copyright 2005-2006 by Hewlett-Packard Development Company, L.P.
|
|
|
ddd55f2 |
+dnl
|
|
|
ddd55f2 |
+dnl This program is free software; you can redistribute it and/or modify
|
|
|
ddd55f2 |
+dnl it under the terms of the GNU General Public License as published by
|
|
|
ddd55f2 |
+dnl the Free Software Foundation; version 2.
|
|
|
ddd55f2 |
+dnl
|
|
|
ddd55f2 |
+dnl This program is distributed in the hope that it will be useful, but
|
|
|
ddd55f2 |
+dnl WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
ddd55f2 |
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
ddd55f2 |
+dnl General Public License for more details.
|
|
|
ddd55f2 |
+dnl
|
|
|
ddd55f2 |
+dnl You should have received a copy of the GNU General Public License
|
|
|
ddd55f2 |
+dnl along with this program; if not, write to the Free Software Foundation,
|
|
|
ddd55f2 |
+dnl Inc., 51 Franklin Street, Fifth Floor Boston, MA 02110-1301 USA
|
|
|
ddd55f2 |
+dnl
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+dnl Are we trying to meet LSPP requirements
|
|
|
ddd55f2 |
+AC_ARG_ENABLE(lspp, [ --enable-lspp turn on auditing and label support, default=no])
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+if test x"$enable_lspp" != xno; then
|
|
|
ddd55f2 |
+ case "$uname" in
|
|
|
ddd55f2 |
+ Linux)
|
|
|
ddd55f2 |
+ AC_CHECK_LIB(audit,audit_log_user_message, [LIBAUDIT="-laudit" AC_SUBST(LIBAUDIT)])
|
|
|
ddd55f2 |
+ AC_CHECK_HEADER(libaudit.h)
|
|
|
ddd55f2 |
+ AC_CHECK_LIB(selinux,getpeercon, [LIBSELINUX="-lselinux" AC_SUBST(LIBSELINUX)])
|
|
|
ddd55f2 |
+ AC_CHECK_HEADER(selinux/selinux.h)
|
|
|
ddd55f2 |
+ AC_DEFINE(WITH_LSPP)
|
|
|
ddd55f2 |
+ ;;
|
|
|
ddd55f2 |
+ *)
|
|
|
ddd55f2 |
+ # All others
|
|
|
ddd55f2 |
+ ;;
|
|
|
ddd55f2 |
+ esac
|
|
|
ddd55f2 |
+fi
|
|
|
ddd55f2 |
--- cups-1.2.2-8/cups/cups.h 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/cups/cups.h 2006-08-07 06:19:33.000000000 -0400
|
|
|
21b0f25 |
@@ -24,6 +24,8 @@
|
|
|
21b0f25 |
* This file is subject to the Apple OS-Developed Software exception.
|
|
|
21b0f25 |
*/
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
#ifndef _CUPS_CUPS_H_
|
|
|
21b0f25 |
# define _CUPS_CUPS_H_
|
|
|
21b0f25 |
|
|
|
21b0f25 |
@@ -68,6 +70,12 @@
|
|
|
21b0f25 |
# define CUPS_DATE_ANY -1
|
|
|
21b0f25 |
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+# ifdef WITH_LSPP
|
|
|
21b0f25 |
+# define MLS_CONFIG "mls"
|
|
|
21b0f25 |
+# define TE_CONFIG "te"
|
|
|
21b0f25 |
+# define SELINUX_CONFIG "SELinux"
|
|
|
21b0f25 |
+# define UNKNOWN_SL "UNKNOWN SL"
|
|
|
21b0f25 |
+# endif /* WITH_LSPP */
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Types and structures...
|
|
|
21b0f25 |
*/
|
|
|
ddd55f2 |
--- cups-1.2.2-8/data/Makefile 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/data/Makefile 2006-08-07 06:19:33.000000000 -0400
|
|
|
21b0f25 |
@@ -34,7 +34,10 @@
|
|
|
21b0f25 |
secret \
|
|
|
21b0f25 |
standard \
|
|
|
21b0f25 |
topsecret \
|
|
|
21b0f25 |
- unclassified
|
|
|
21b0f25 |
+ unclassified \
|
|
|
21b0f25 |
+ selinux \
|
|
|
21b0f25 |
+ mls \
|
|
|
21b0f25 |
+ te
|
|
|
21b0f25 |
|
|
|
21b0f25 |
CHARMAPS = \
|
|
|
21b0f25 |
euc-cn.txt \
|
|
|
ddd55f2 |
--- cups-1.2.2-8/data/mls 1969-12-31 19:00:00.000000000 -0500
|
|
|
ddd55f2 |
+++ cups-1.2.2/data/mls 2006-08-07 06:19:33.000000000 -0400
|
|
|
45f372e |
@@ -0,0 +1,277 @@
|
|
|
45f372e |
+%!PS-Adobe-3.0
|
|
|
45f372e |
+%%BoundingBox: 0 0 612 792
|
|
|
45f372e |
+%%Pages: 1
|
|
|
45f372e |
+%%LanguageLevel: 1
|
|
|
45f372e |
+%%DocumentData: Clean7Bit
|
|
|
45f372e |
+%%DocumentSuppliedResources: procset bannerprint/1.0
|
|
|
45f372e |
+%%DocumentNeededResources: font Helvetica Helvetica-Bold Times-Roman
|
|
|
45f372e |
+%%Creator: Michael Sweet, Easy Software Products
|
|
|
45f372e |
+%%CreationDate: May 10, 2000
|
|
|
45f372e |
+%%Title: Test Page
|
|
|
45f372e |
+%%EndComments
|
|
|
45f372e |
+%%BeginProlog
|
|
|
45f372e |
+%%BeginResource procset bannerprint 1.1 0
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% PostScript banner page for the Common UNIX Printing System ("CUPS").
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Copyright 1993-2005 by Easy Software Products
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% These coded instructions, statements, and computer programs are the
|
|
|
45f372e |
+% property of Easy Software Products and are protected by Federal
|
|
|
45f372e |
+% copyright law. Distribution and use rights are outlined in the file
|
|
|
45f372e |
+% "LICENSE.txt" which should have been included with this file. If this
|
|
|
45f372e |
+% file is missing or damaged please contact Easy Software Products
|
|
|
45f372e |
+% at:
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Attn: CUPS Licensing Information
|
|
|
45f372e |
+% Easy Software Products
|
|
|
45f372e |
+% 44141 Airport View Drive, Suite 204
|
|
|
45f372e |
+% Hollywood, Maryland 20636 USA
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Voice: (301) 373-9600
|
|
|
45f372e |
+% EMail: cups-info@cups.org
|
|
|
45f372e |
+% WWW: http://www.cups.org
|
|
|
45f372e |
+%
|
|
|
45f372e |
+/CENTER { % Draw centered text
|
|
|
45f372e |
+ % (name) CENTER -
|
|
|
45f372e |
+ dup stringwidth pop % Get the width of the string
|
|
|
45f372e |
+ 0.5 mul neg 0 rmoveto % Shift left 1/2 of the distance
|
|
|
45f372e |
+ show % Show the string
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/RIGHT { % Draw right-justified text
|
|
|
45f372e |
+ % (name) RIGHT -
|
|
|
45f372e |
+ dup stringwidth pop % Get the width of the string
|
|
|
45f372e |
+ neg 0 rmoveto % Shift left the entire distance
|
|
|
45f372e |
+ show % Show the string
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/NUMBER { % Draw a number
|
|
|
45f372e |
+ % power n NUMBER -
|
|
|
45f372e |
+ 1 index 1 eq { % power == 1?
|
|
|
45f372e |
+ round cvi exch pop % Convert "n" to integer
|
|
|
45f372e |
+ } {
|
|
|
45f372e |
+ 1 index mul round exch div % Truncate extra decimal places
|
|
|
45f372e |
+ } ifelse
|
|
|
45f372e |
+ 100 string cvs show % Convert to a string and show it...
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/CUPSLOGO { % Draw the CUPS logo
|
|
|
45f372e |
+ % height CUPSLOGO
|
|
|
45f372e |
+ % Start with a big C...
|
|
|
45f372e |
+ /Helvetica findfont 1 index scalefont setfont
|
|
|
45f372e |
+ 0 setgray
|
|
|
45f372e |
+ 0 0 moveto
|
|
|
45f372e |
+ (C) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Then "UNIX Printing System" much smaller...
|
|
|
45f372e |
+ /Helvetica-Bold findfont 1 index 9 div scalefont setfont
|
|
|
45f372e |
+ 0.25 mul
|
|
|
45f372e |
+ dup dup 2.0 mul moveto
|
|
|
45f372e |
+ (UNIX) show
|
|
|
45f372e |
+ dup dup 1.6 mul moveto
|
|
|
45f372e |
+ (Printing) show
|
|
|
45f372e |
+ dup 1.2 mul moveto
|
|
|
45f372e |
+ (System) show
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/ESPLOGO { % Draw the ESP logo
|
|
|
45f372e |
+ % height ESPLOGO
|
|
|
45f372e |
+ % Compute the size of the logo...
|
|
|
45f372e |
+ 0 0
|
|
|
45f372e |
+ 2 index 1.5 mul 3 index
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Do the "metallic" fill from 10% black to 40% black...
|
|
|
45f372e |
+ 1 -0.001 0 {
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ -0.15 mul % loopval * -0.15
|
|
|
45f372e |
+ 0.9 add % 0.9 - loopval * 0.15
|
|
|
45f372e |
+ setgray % set gray shade
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 % x
|
|
|
45f372e |
+ 1 index neg % loopval
|
|
|
45f372e |
+ 1 add % 1 - loopval
|
|
|
45f372e |
+ 3 index % height
|
|
|
45f372e |
+ mul % height * (1 - loopval)
|
|
|
45f372e |
+ moveto % starting point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ 3 index % width
|
|
|
45f372e |
+ mul % loopval * width
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 % x
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ closepath
|
|
|
45f372e |
+ fill
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ 0.15 mul % loopval * 0.15
|
|
|
45f372e |
+ 0.6 add % 0.6 + loopval * 0.15
|
|
|
45f372e |
+ setgray
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ neg 1 add % 1 - loopval
|
|
|
45f372e |
+ 3 index % width
|
|
|
45f372e |
+ mul % (1 - loopval) * width
|
|
|
45f372e |
+ 0 % y
|
|
|
45f372e |
+ moveto % Starting point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 2 index % width
|
|
|
45f372e |
+ exch % loopval
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ mul % loopval * height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 1 index % width
|
|
|
45f372e |
+ 0 % y
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ closepath
|
|
|
45f372e |
+ fill
|
|
|
45f372e |
+ } for
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 setgray rectstroke
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /Helvetica-BoldOblique findfont 1 index 3 div scalefont setfont
|
|
|
45f372e |
+ dup 40 div
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup 4 mul 1 index 25 mul moveto (E) show
|
|
|
45f372e |
+ dup 10 mul 1 index 15 mul moveto (S) show
|
|
|
45f372e |
+ dup 16 mul 1 index 5 mul moveto (P) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /Helvetica-BoldOblique findfont 2 index 5 div scalefont setfont
|
|
|
45f372e |
+ dup 14 mul 1 index 29 mul moveto (asy) show
|
|
|
45f372e |
+ dup 20 mul 1 index 19 mul moveto (oftware) show
|
|
|
45f372e |
+ dup 26 mul 1 index 9 mul moveto (roducts) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pop
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+%%EndResource
|
|
|
45f372e |
+%%EndProlog
|
|
|
45f372e |
+%%Page: 1 1
|
|
|
45f372e |
+gsave
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Determine the imageable area and device resolution...
|
|
|
45f372e |
+ initclip newpath clippath pathbbox % Get bounding rectangle
|
|
|
45f372e |
+ 72 div /pageTop exch def % Get top margin in inches
|
|
|
45f372e |
+ 72 div /pageRight exch def % Get right margin in inches
|
|
|
45f372e |
+ 72 div /pageBottom exch def % Get bottom margin in inches
|
|
|
45f372e |
+ 72 div /pageLeft exch def % Get left margin in inches
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /pageWidth pageRight pageLeft sub def % pageWidth = pageRight - pageLeft
|
|
|
45f372e |
+ /pageHeight pageTop pageBottom sub def% pageHeight = pageTop - pageBottom
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /boxWidth % width of text box
|
|
|
45f372e |
+ pageWidth pageHeight lt
|
|
|
45f372e |
+ { pageWidth 54 mul }
|
|
|
45f372e |
+ { pageHeight 42 mul }
|
|
|
45f372e |
+ ifelse def
|
|
|
45f372e |
+
|
|
|
45f372e |
+ newpath % Clear bounding path
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Create fonts...
|
|
|
45f372e |
+ /bigFont /Helvetica-Bold findfont % bigFont = Helvetica-Bold
|
|
|
45f372e |
+ pageHeight 3 mul scalefont def % size = pageHeight * 3 (nominally 33)
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /mediumFont /Helvetica findfont % mediumFont = Helvetica
|
|
|
45f372e |
+ pageHeight 1.5 mul scalefont def % size = pageHeight * 1.5 (nominally 16.5)
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Offset page to account for lower-left margin...
|
|
|
45f372e |
+ pageLeft 72 mul
|
|
|
45f372e |
+ pageBottom 72 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Draw the label at the top and bottom...
|
|
|
45f372e |
+ 0 setgray % Color
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % Center of page
|
|
|
45f372e |
+ pageHeight 72 mul % Top of page
|
|
|
45f372e |
+ pageWidth -7 mul add % - 2 lines
|
|
|
45f372e |
+ moveto % Position text
|
|
|
45f372e |
+ bigFont setfont % Font
|
|
|
45f372e |
+ ({mls-label}) CENTER % Show text centered
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % Center of page
|
|
|
45f372e |
+ pageHeight 6 mul % Bottom of page
|
|
|
45f372e |
+ moveto % Position text
|
|
|
45f372e |
+ bigFont setfont % Font
|
|
|
45f372e |
+ ({mls-label}) CENTER % Show text centered
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Job information box...
|
|
|
45f372e |
+ pageWidth 36 mul 9 add % x = pageWidth * 1/2 * 72 + 9
|
|
|
45f372e |
+ boxWidth 0.5 mul sub % x-= 1/2 box width
|
|
|
45f372e |
+ pageHeight 30 mul 9 sub % y = pageHeight * 1/2 * 72 - 9
|
|
|
45f372e |
+ boxWidth % w = box width
|
|
|
45f372e |
+ pageHeight 14 mul % h = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ 0.5 setgray rectfill % Draw a shadow
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ boxWidth 0.5 mul sub % x-= 1/2 box width
|
|
|
45f372e |
+ pageHeight 30 mul % y = pageHeight * 1/4 * 72
|
|
|
45f372e |
+ boxWidth % w = box width
|
|
|
45f372e |
+ pageHeight 14 mul % h = pageHeight * 1/2 * 72
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 4 copy 1 setgray rectfill % Clear the box to white
|
|
|
45f372e |
+ 0 setgray rectstroke % Draw a black box around it...
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Job information text...
|
|
|
45f372e |
+ mediumFont setfont % Medium sized font
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 5 mul add % y += 2 lines
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Job ID: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({printer-name}-{job-id}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 2 mul add % y += 1 line
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Title: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({job-name}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight -1 mul add % y -= 1 line
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Requesting User: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({job-originating-user-name}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight -4 mul add % y -= 2 lines
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Billing Info: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({?job-billing}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Then the CUPS logo....
|
|
|
45f372e |
+ gsave
|
|
|
45f372e |
+ pageWidth 4 mul
|
|
|
45f372e |
+ pageWidth 6 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+ pageWidth 9 mul CUPSLOGO
|
|
|
45f372e |
+ grestore
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % And the ESP logo....
|
|
|
45f372e |
+ gsave
|
|
|
45f372e |
+ pageWidth 59 mul
|
|
|
45f372e |
+ pageWidth 6 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+ pageWidth 6 mul ESPLOGO
|
|
|
45f372e |
+ grestore
|
|
|
45f372e |
+% Show the page...
|
|
|
45f372e |
+grestore
|
|
|
45f372e |
+showpage
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% End of "$Id: mls_template,v 1.1 2005/06/27 18:44:46 colmo Exp $".
|
|
|
45f372e |
+%
|
|
|
45f372e |
+%%EOF
|
|
|
ddd55f2 |
--- cups-1.2.2-8/data/selinux 1969-12-31 19:00:00.000000000 -0500
|
|
|
ddd55f2 |
+++ cups-1.2.2/data/selinux 2006-08-07 06:19:33.000000000 -0400
|
|
|
45f372e |
@@ -0,0 +1,277 @@
|
|
|
45f372e |
+%!PS-Adobe-3.0
|
|
|
45f372e |
+%%BoundingBox: 0 0 612 792
|
|
|
45f372e |
+%%Pages: 1
|
|
|
45f372e |
+%%LanguageLevel: 1
|
|
|
45f372e |
+%%DocumentData: Clean7Bit
|
|
|
45f372e |
+%%DocumentSuppliedResources: procset bannerprint/1.0
|
|
|
45f372e |
+%%DocumentNeededResources: font Helvetica Helvetica-Bold Times-Roman
|
|
|
45f372e |
+%%Creator: Michael Sweet, Easy Software Products
|
|
|
45f372e |
+%%CreationDate: May 10, 2000
|
|
|
45f372e |
+%%Title: Test Page
|
|
|
45f372e |
+%%EndComments
|
|
|
45f372e |
+%%BeginProlog
|
|
|
45f372e |
+%%BeginResource procset bannerprint 1.1 0
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% PostScript banner page for the Common UNIX Printing System ("CUPS").
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Copyright 1993-2005 by Easy Software Products
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% These coded instructions, statements, and computer programs are the
|
|
|
45f372e |
+% property of Easy Software Products and are protected by Federal
|
|
|
45f372e |
+% copyright law. Distribution and use rights are outlined in the file
|
|
|
45f372e |
+% "LICENSE.txt" which should have been included with this file. If this
|
|
|
45f372e |
+% file is missing or damaged please contact Easy Software Products
|
|
|
45f372e |
+% at:
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Attn: CUPS Licensing Information
|
|
|
45f372e |
+% Easy Software Products
|
|
|
45f372e |
+% 44141 Airport View Drive, Suite 204
|
|
|
45f372e |
+% Hollywood, Maryland 20636 USA
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Voice: (301) 373-9600
|
|
|
45f372e |
+% EMail: cups-info@cups.org
|
|
|
45f372e |
+% WWW: http://www.cups.org
|
|
|
45f372e |
+%
|
|
|
45f372e |
+/CENTER { % Draw centered text
|
|
|
45f372e |
+ % (name) CENTER -
|
|
|
45f372e |
+ dup stringwidth pop % Get the width of the string
|
|
|
45f372e |
+ 0.5 mul neg 0 rmoveto % Shift left 1/2 of the distance
|
|
|
45f372e |
+ show % Show the string
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/RIGHT { % Draw right-justified text
|
|
|
45f372e |
+ % (name) RIGHT -
|
|
|
45f372e |
+ dup stringwidth pop % Get the width of the string
|
|
|
45f372e |
+ neg 0 rmoveto % Shift left the entire distance
|
|
|
45f372e |
+ show % Show the string
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/NUMBER { % Draw a number
|
|
|
45f372e |
+ % power n NUMBER -
|
|
|
45f372e |
+ 1 index 1 eq { % power == 1?
|
|
|
45f372e |
+ round cvi exch pop % Convert "n" to integer
|
|
|
45f372e |
+ } {
|
|
|
45f372e |
+ 1 index mul round exch div % Truncate extra decimal places
|
|
|
45f372e |
+ } ifelse
|
|
|
45f372e |
+ 100 string cvs show % Convert to a string and show it...
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/CUPSLOGO { % Draw the CUPS logo
|
|
|
45f372e |
+ % height CUPSLOGO
|
|
|
45f372e |
+ % Start with a big C...
|
|
|
45f372e |
+ /Helvetica findfont 1 index scalefont setfont
|
|
|
45f372e |
+ 0 setgray
|
|
|
45f372e |
+ 0 0 moveto
|
|
|
45f372e |
+ (C) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Then "UNIX Printing System" much smaller...
|
|
|
45f372e |
+ /Helvetica-Bold findfont 1 index 9 div scalefont setfont
|
|
|
45f372e |
+ 0.25 mul
|
|
|
45f372e |
+ dup dup 2.0 mul moveto
|
|
|
45f372e |
+ (UNIX) show
|
|
|
45f372e |
+ dup dup 1.6 mul moveto
|
|
|
45f372e |
+ (Printing) show
|
|
|
45f372e |
+ dup 1.2 mul moveto
|
|
|
45f372e |
+ (System) show
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/ESPLOGO { % Draw the ESP logo
|
|
|
45f372e |
+ % height ESPLOGO
|
|
|
45f372e |
+ % Compute the size of the logo...
|
|
|
45f372e |
+ 0 0
|
|
|
45f372e |
+ 2 index 1.5 mul 3 index
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Do the "metallic" fill from 10% black to 40% black...
|
|
|
45f372e |
+ 1 -0.001 0 {
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ -0.15 mul % loopval * -0.15
|
|
|
45f372e |
+ 0.9 add % 0.9 - loopval * 0.15
|
|
|
45f372e |
+ setgray % set gray shade
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 % x
|
|
|
45f372e |
+ 1 index neg % loopval
|
|
|
45f372e |
+ 1 add % 1 - loopval
|
|
|
45f372e |
+ 3 index % height
|
|
|
45f372e |
+ mul % height * (1 - loopval)
|
|
|
45f372e |
+ moveto % starting point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ 3 index % width
|
|
|
45f372e |
+ mul % loopval * width
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 % x
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ closepath
|
|
|
45f372e |
+ fill
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ 0.15 mul % loopval * 0.15
|
|
|
45f372e |
+ 0.6 add % 0.6 + loopval * 0.15
|
|
|
45f372e |
+ setgray
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ neg 1 add % 1 - loopval
|
|
|
45f372e |
+ 3 index % width
|
|
|
45f372e |
+ mul % (1 - loopval) * width
|
|
|
45f372e |
+ 0 % y
|
|
|
45f372e |
+ moveto % Starting point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 2 index % width
|
|
|
45f372e |
+ exch % loopval
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ mul % loopval * height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 1 index % width
|
|
|
45f372e |
+ 0 % y
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ closepath
|
|
|
45f372e |
+ fill
|
|
|
45f372e |
+ } for
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 setgray rectstroke
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /Helvetica-BoldOblique findfont 1 index 3 div scalefont setfont
|
|
|
45f372e |
+ dup 40 div
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup 4 mul 1 index 25 mul moveto (E) show
|
|
|
45f372e |
+ dup 10 mul 1 index 15 mul moveto (S) show
|
|
|
45f372e |
+ dup 16 mul 1 index 5 mul moveto (P) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /Helvetica-BoldOblique findfont 2 index 5 div scalefont setfont
|
|
|
45f372e |
+ dup 14 mul 1 index 29 mul moveto (asy) show
|
|
|
45f372e |
+ dup 20 mul 1 index 19 mul moveto (oftware) show
|
|
|
45f372e |
+ dup 26 mul 1 index 9 mul moveto (roducts) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pop
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+%%EndResource
|
|
|
45f372e |
+%%EndProlog
|
|
|
45f372e |
+%%Page: 1 1
|
|
|
45f372e |
+gsave
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Determine the imageable area and device resolution...
|
|
|
45f372e |
+ initclip newpath clippath pathbbox % Get bounding rectangle
|
|
|
45f372e |
+ 72 div /pageTop exch def % Get top margin in inches
|
|
|
45f372e |
+ 72 div /pageRight exch def % Get right margin in inches
|
|
|
45f372e |
+ 72 div /pageBottom exch def % Get bottom margin in inches
|
|
|
45f372e |
+ 72 div /pageLeft exch def % Get left margin in inches
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /pageWidth pageRight pageLeft sub def % pageWidth = pageRight - pageLeft
|
|
|
45f372e |
+ /pageHeight pageTop pageBottom sub def% pageHeight = pageTop - pageBottom
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /boxWidth % width of text box
|
|
|
45f372e |
+ pageWidth pageHeight lt
|
|
|
45f372e |
+ { pageWidth 54 mul }
|
|
|
45f372e |
+ { pageHeight 42 mul }
|
|
|
45f372e |
+ ifelse def
|
|
|
45f372e |
+
|
|
|
45f372e |
+ newpath % Clear bounding path
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Create fonts...
|
|
|
45f372e |
+ /bigFont /Helvetica-Bold findfont % bigFont = Helvetica-Bold
|
|
|
45f372e |
+ pageHeight 3 mul scalefont def % size = pageHeight * 3 (nominally 33)
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /mediumFont /Helvetica findfont % mediumFont = Helvetica
|
|
|
45f372e |
+ pageHeight 1.5 mul scalefont def % size = pageHeight * 1.5 (nominally 16.5)
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Offset page to account for lower-left margin...
|
|
|
45f372e |
+ pageLeft 72 mul
|
|
|
45f372e |
+ pageBottom 72 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Draw the label at the top and bottom...
|
|
|
45f372e |
+ 0 setgray % Color
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % Center of page
|
|
|
45f372e |
+ pageHeight 72 mul % Top of page
|
|
|
45f372e |
+ pageWidth -7 mul add % - 2 lines
|
|
|
45f372e |
+ moveto % Position text
|
|
|
45f372e |
+ bigFont setfont % Font
|
|
|
45f372e |
+ ({mls-label}) CENTER % Show text centered
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % Center of page
|
|
|
45f372e |
+ pageHeight 6 mul % Bottom of page
|
|
|
45f372e |
+ moveto % Position text
|
|
|
45f372e |
+ bigFont setfont % Font
|
|
|
45f372e |
+ ({mls-label}) CENTER % Show text centered
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Job information box...
|
|
|
45f372e |
+ pageWidth 36 mul 9 add % x = pageWidth * 1/2 * 72 + 9
|
|
|
45f372e |
+ boxWidth 0.5 mul sub % x-= 1/2 box width
|
|
|
45f372e |
+ pageHeight 30 mul 9 sub % y = pageHeight * 1/2 * 72 - 9
|
|
|
45f372e |
+ boxWidth % w = box width
|
|
|
45f372e |
+ pageHeight 14 mul % h = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ 0.5 setgray rectfill % Draw a shadow
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ boxWidth 0.5 mul sub % x-= 1/2 box width
|
|
|
45f372e |
+ pageHeight 30 mul % y = pageHeight * 1/4 * 72
|
|
|
45f372e |
+ boxWidth % w = box width
|
|
|
45f372e |
+ pageHeight 14 mul % h = pageHeight * 1/2 * 72
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 4 copy 1 setgray rectfill % Clear the box to white
|
|
|
45f372e |
+ 0 setgray rectstroke % Draw a black box around it...
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Job information text...
|
|
|
45f372e |
+ mediumFont setfont % Medium sized font
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 5 mul add % y += 2 lines
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Job ID: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({printer-name}-{job-id}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 2 mul add % y += 1 line
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Title: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({job-name}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight -1 mul add % y -= 1 line
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Requesting User: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({job-originating-user-name}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight -4 mul add % y -= 2 lines
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Billing Info: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({?job-billing}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Then the CUPS logo....
|
|
|
45f372e |
+ gsave
|
|
|
45f372e |
+ pageWidth 4 mul
|
|
|
45f372e |
+ pageWidth 6 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+ pageWidth 9 mul CUPSLOGO
|
|
|
45f372e |
+ grestore
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % And the ESP logo....
|
|
|
45f372e |
+ gsave
|
|
|
45f372e |
+ pageWidth 59 mul
|
|
|
45f372e |
+ pageWidth 6 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+ pageWidth 6 mul ESPLOGO
|
|
|
45f372e |
+ grestore
|
|
|
45f372e |
+% Show the page...
|
|
|
45f372e |
+grestore
|
|
|
45f372e |
+showpage
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% End of "$Id: mls_template,v 1.1 2005/06/27 18:44:46 colmo Exp $".
|
|
|
45f372e |
+%
|
|
|
45f372e |
+%%EOF
|
|
|
ddd55f2 |
--- cups-1.2.2-8/data/te 1969-12-31 19:00:00.000000000 -0500
|
|
|
ddd55f2 |
+++ cups-1.2.2/data/te 2006-08-07 06:19:33.000000000 -0400
|
|
|
45f372e |
@@ -0,0 +1,277 @@
|
|
|
45f372e |
+%!PS-Adobe-3.0
|
|
|
45f372e |
+%%BoundingBox: 0 0 612 792
|
|
|
45f372e |
+%%Pages: 1
|
|
|
45f372e |
+%%LanguageLevel: 1
|
|
|
45f372e |
+%%DocumentData: Clean7Bit
|
|
|
45f372e |
+%%DocumentSuppliedResources: procset bannerprint/1.0
|
|
|
45f372e |
+%%DocumentNeededResources: font Helvetica Helvetica-Bold Times-Roman
|
|
|
45f372e |
+%%Creator: Michael Sweet, Easy Software Products
|
|
|
45f372e |
+%%CreationDate: May 10, 2000
|
|
|
45f372e |
+%%Title: Test Page
|
|
|
45f372e |
+%%EndComments
|
|
|
45f372e |
+%%BeginProlog
|
|
|
45f372e |
+%%BeginResource procset bannerprint 1.1 0
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% PostScript banner page for the Common UNIX Printing System ("CUPS").
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Copyright 1993-2005 by Easy Software Products
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% These coded instructions, statements, and computer programs are the
|
|
|
45f372e |
+% property of Easy Software Products and are protected by Federal
|
|
|
45f372e |
+% copyright law. Distribution and use rights are outlined in the file
|
|
|
45f372e |
+% "LICENSE.txt" which should have been included with this file. If this
|
|
|
45f372e |
+% file is missing or damaged please contact Easy Software Products
|
|
|
45f372e |
+% at:
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Attn: CUPS Licensing Information
|
|
|
45f372e |
+% Easy Software Products
|
|
|
45f372e |
+% 44141 Airport View Drive, Suite 204
|
|
|
45f372e |
+% Hollywood, Maryland 20636 USA
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% Voice: (301) 373-9600
|
|
|
45f372e |
+% EMail: cups-info@cups.org
|
|
|
45f372e |
+% WWW: http://www.cups.org
|
|
|
45f372e |
+%
|
|
|
45f372e |
+/CENTER { % Draw centered text
|
|
|
45f372e |
+ % (name) CENTER -
|
|
|
45f372e |
+ dup stringwidth pop % Get the width of the string
|
|
|
45f372e |
+ 0.5 mul neg 0 rmoveto % Shift left 1/2 of the distance
|
|
|
45f372e |
+ show % Show the string
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/RIGHT { % Draw right-justified text
|
|
|
45f372e |
+ % (name) RIGHT -
|
|
|
45f372e |
+ dup stringwidth pop % Get the width of the string
|
|
|
45f372e |
+ neg 0 rmoveto % Shift left the entire distance
|
|
|
45f372e |
+ show % Show the string
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/NUMBER { % Draw a number
|
|
|
45f372e |
+ % power n NUMBER -
|
|
|
45f372e |
+ 1 index 1 eq { % power == 1?
|
|
|
45f372e |
+ round cvi exch pop % Convert "n" to integer
|
|
|
45f372e |
+ } {
|
|
|
45f372e |
+ 1 index mul round exch div % Truncate extra decimal places
|
|
|
45f372e |
+ } ifelse
|
|
|
45f372e |
+ 100 string cvs show % Convert to a string and show it...
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/CUPSLOGO { % Draw the CUPS logo
|
|
|
45f372e |
+ % height CUPSLOGO
|
|
|
45f372e |
+ % Start with a big C...
|
|
|
45f372e |
+ /Helvetica findfont 1 index scalefont setfont
|
|
|
45f372e |
+ 0 setgray
|
|
|
45f372e |
+ 0 0 moveto
|
|
|
45f372e |
+ (C) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Then "UNIX Printing System" much smaller...
|
|
|
45f372e |
+ /Helvetica-Bold findfont 1 index 9 div scalefont setfont
|
|
|
45f372e |
+ 0.25 mul
|
|
|
45f372e |
+ dup dup 2.0 mul moveto
|
|
|
45f372e |
+ (UNIX) show
|
|
|
45f372e |
+ dup dup 1.6 mul moveto
|
|
|
45f372e |
+ (Printing) show
|
|
|
45f372e |
+ dup 1.2 mul moveto
|
|
|
45f372e |
+ (System) show
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+/ESPLOGO { % Draw the ESP logo
|
|
|
45f372e |
+ % height ESPLOGO
|
|
|
45f372e |
+ % Compute the size of the logo...
|
|
|
45f372e |
+ 0 0
|
|
|
45f372e |
+ 2 index 1.5 mul 3 index
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Do the "metallic" fill from 10% black to 40% black...
|
|
|
45f372e |
+ 1 -0.001 0 {
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ -0.15 mul % loopval * -0.15
|
|
|
45f372e |
+ 0.9 add % 0.9 - loopval * 0.15
|
|
|
45f372e |
+ setgray % set gray shade
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 % x
|
|
|
45f372e |
+ 1 index neg % loopval
|
|
|
45f372e |
+ 1 add % 1 - loopval
|
|
|
45f372e |
+ 3 index % height
|
|
|
45f372e |
+ mul % height * (1 - loopval)
|
|
|
45f372e |
+ moveto % starting point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ 3 index % width
|
|
|
45f372e |
+ mul % loopval * width
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 % x
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ closepath
|
|
|
45f372e |
+ fill
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ 0.15 mul % loopval * 0.15
|
|
|
45f372e |
+ 0.6 add % 0.6 + loopval * 0.15
|
|
|
45f372e |
+ setgray
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup % loopval
|
|
|
45f372e |
+ neg 1 add % 1 - loopval
|
|
|
45f372e |
+ 3 index % width
|
|
|
45f372e |
+ mul % (1 - loopval) * width
|
|
|
45f372e |
+ 0 % y
|
|
|
45f372e |
+ moveto % Starting point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 2 index % width
|
|
|
45f372e |
+ exch % loopval
|
|
|
45f372e |
+ 2 index % height
|
|
|
45f372e |
+ mul % loopval * height
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 1 index % width
|
|
|
45f372e |
+ 0 % y
|
|
|
45f372e |
+ lineto % Next point
|
|
|
45f372e |
+
|
|
|
45f372e |
+ closepath
|
|
|
45f372e |
+ fill
|
|
|
45f372e |
+ } for
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 0 setgray rectstroke
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /Helvetica-BoldOblique findfont 1 index 3 div scalefont setfont
|
|
|
45f372e |
+ dup 40 div
|
|
|
45f372e |
+
|
|
|
45f372e |
+ dup 4 mul 1 index 25 mul moveto (E) show
|
|
|
45f372e |
+ dup 10 mul 1 index 15 mul moveto (S) show
|
|
|
45f372e |
+ dup 16 mul 1 index 5 mul moveto (P) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /Helvetica-BoldOblique findfont 2 index 5 div scalefont setfont
|
|
|
45f372e |
+ dup 14 mul 1 index 29 mul moveto (asy) show
|
|
|
45f372e |
+ dup 20 mul 1 index 19 mul moveto (oftware) show
|
|
|
45f372e |
+ dup 26 mul 1 index 9 mul moveto (roducts) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pop
|
|
|
45f372e |
+} bind def
|
|
|
45f372e |
+%%EndResource
|
|
|
45f372e |
+%%EndProlog
|
|
|
45f372e |
+%%Page: 1 1
|
|
|
45f372e |
+gsave
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Determine the imageable area and device resolution...
|
|
|
45f372e |
+ initclip newpath clippath pathbbox % Get bounding rectangle
|
|
|
45f372e |
+ 72 div /pageTop exch def % Get top margin in inches
|
|
|
45f372e |
+ 72 div /pageRight exch def % Get right margin in inches
|
|
|
45f372e |
+ 72 div /pageBottom exch def % Get bottom margin in inches
|
|
|
45f372e |
+ 72 div /pageLeft exch def % Get left margin in inches
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /pageWidth pageRight pageLeft sub def % pageWidth = pageRight - pageLeft
|
|
|
45f372e |
+ /pageHeight pageTop pageBottom sub def% pageHeight = pageTop - pageBottom
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /boxWidth % width of text box
|
|
|
45f372e |
+ pageWidth pageHeight lt
|
|
|
45f372e |
+ { pageWidth 54 mul }
|
|
|
45f372e |
+ { pageHeight 42 mul }
|
|
|
45f372e |
+ ifelse def
|
|
|
45f372e |
+
|
|
|
45f372e |
+ newpath % Clear bounding path
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Create fonts...
|
|
|
45f372e |
+ /bigFont /Helvetica-Bold findfont % bigFont = Helvetica-Bold
|
|
|
45f372e |
+ pageHeight 3 mul scalefont def % size = pageHeight * 3 (nominally 33)
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /mediumFont /Helvetica findfont % mediumFont = Helvetica
|
|
|
45f372e |
+ pageHeight 1.5 mul scalefont def % size = pageHeight * 1.5 (nominally 16.5)
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Offset page to account for lower-left margin...
|
|
|
45f372e |
+ pageLeft 72 mul
|
|
|
45f372e |
+ pageBottom 72 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Draw the label at the top and bottom...
|
|
|
45f372e |
+ 0 setgray % Color
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % Center of page
|
|
|
45f372e |
+ pageHeight 72 mul % Top of page
|
|
|
45f372e |
+ pageWidth -7 mul add % - 2 lines
|
|
|
45f372e |
+ moveto % Position text
|
|
|
45f372e |
+ bigFont setfont % Font
|
|
|
45f372e |
+ ({mls-label}) CENTER % Show text centered
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % Center of page
|
|
|
45f372e |
+ pageHeight 6 mul % Bottom of page
|
|
|
45f372e |
+ moveto % Position text
|
|
|
45f372e |
+ bigFont setfont % Font
|
|
|
45f372e |
+ ({mls-label}) CENTER % Show text centered
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Job information box...
|
|
|
45f372e |
+ pageWidth 36 mul 9 add % x = pageWidth * 1/2 * 72 + 9
|
|
|
45f372e |
+ boxWidth 0.5 mul sub % x-= 1/2 box width
|
|
|
45f372e |
+ pageHeight 30 mul 9 sub % y = pageHeight * 1/2 * 72 - 9
|
|
|
45f372e |
+ boxWidth % w = box width
|
|
|
45f372e |
+ pageHeight 14 mul % h = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ 0.5 setgray rectfill % Draw a shadow
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ boxWidth 0.5 mul sub % x-= 1/2 box width
|
|
|
45f372e |
+ pageHeight 30 mul % y = pageHeight * 1/4 * 72
|
|
|
45f372e |
+ boxWidth % w = box width
|
|
|
45f372e |
+ pageHeight 14 mul % h = pageHeight * 1/2 * 72
|
|
|
45f372e |
+
|
|
|
45f372e |
+ 4 copy 1 setgray rectfill % Clear the box to white
|
|
|
45f372e |
+ 0 setgray rectstroke % Draw a black box around it...
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Job information text...
|
|
|
45f372e |
+ mediumFont setfont % Medium sized font
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 5 mul add % y += 2 lines
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Job ID: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({printer-name}-{job-id}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 2 mul add % y += 1 line
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Title: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({job-name}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight -1 mul add % y -= 1 line
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Requesting User: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({job-originating-user-name}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ pageWidth 36 mul % x = pageWidth * 1/2 * 72
|
|
|
45f372e |
+ pageHeight 36 mul % y = pageHeight * 1/2 * 72
|
|
|
45f372e |
+ pageHeight -4 mul add % y -= 2 lines
|
|
|
45f372e |
+ 2 copy % Copy X & Y
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ (Billing Info: ) RIGHT
|
|
|
45f372e |
+ moveto
|
|
|
45f372e |
+ ({?job-billing}) show
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % Then the CUPS logo....
|
|
|
45f372e |
+ gsave
|
|
|
45f372e |
+ pageWidth 4 mul
|
|
|
45f372e |
+ pageWidth 6 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+ pageWidth 9 mul CUPSLOGO
|
|
|
45f372e |
+ grestore
|
|
|
45f372e |
+
|
|
|
45f372e |
+ % And the ESP logo....
|
|
|
45f372e |
+ gsave
|
|
|
45f372e |
+ pageWidth 59 mul
|
|
|
45f372e |
+ pageWidth 6 mul
|
|
|
45f372e |
+ translate
|
|
|
45f372e |
+ pageWidth 6 mul ESPLOGO
|
|
|
45f372e |
+ grestore
|
|
|
45f372e |
+% Show the page...
|
|
|
45f372e |
+grestore
|
|
|
45f372e |
+showpage
|
|
|
45f372e |
+%
|
|
|
45f372e |
+% End of "$Id: mls_template,v 1.1 2005/06/27 18:44:46 colmo Exp $".
|
|
|
45f372e |
+%
|
|
|
45f372e |
+%%EOF
|
|
|
ddd55f2 |
--- cups-1.2.2-8/Makedefs.in 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/Makedefs.in 2006-08-07 06:19:33.000000000 -0400
|
|
|
21b0f25 |
@@ -135,7 +135,7 @@
|
|
|
21b0f25 |
@LDFLAGS@ @RELROFLAG@ @PIEFLAGS@ $(OPTIM)
|
|
|
21b0f25 |
LINKCUPS = @LINKCUPS@ $(SSLLIBS)
|
|
|
21b0f25 |
LINKCUPSIMAGE = @LINKCUPSIMAGE@
|
|
|
21b0f25 |
-LIBS = $(LINKCUPS) $(COMMONLIBS)
|
|
|
21b0f25 |
+LIBS = $(LINKCUPS) $(COMMONLIBS) @LIBAUDIT@ @LIBSELINUX@
|
|
|
21b0f25 |
OPTIM = @OPTIM@
|
|
|
21b0f25 |
OPTIONS =
|
|
|
21b0f25 |
PAMLIBS = @PAMLIBS@
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/client.c 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/client.c 2006-08-07 06:19:33.000000000 -0400
|
|
|
21b0f25 |
@@ -43,12 +43,17 @@
|
|
|
21b0f25 |
* make_certificate() - Make a self-signed SSL/TLS certificate.
|
|
|
21b0f25 |
* pipe_command() - Pipe the output of a command to the remote client.
|
|
|
21b0f25 |
* write_file() - Send a file via HTTP.
|
|
|
21b0f25 |
+ * client_pid_to_auid() - Get the audit login uid of the client.
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
21b0f25 |
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
|
|
45f372e |
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
|
|
45f372e |
+
|
|
|
45f372e |
/*
|
|
|
45f372e |
* Include necessary headers...
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
21b0f25 |
+#define _GNU_SOURCE
|
|
|
21b0f25 |
#include <cups/http-private.h>
|
|
|
21b0f25 |
#include "cupsd.h"
|
|
|
45f372e |
|
|
|
21b0f25 |
@@ -64,6 +69,11 @@
|
|
|
21b0f25 |
# include <gnutls/x509.h>
|
|
|
21b0f25 |
#endif /* HAVE_GNUTLS */
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+#include <selinux/selinux.h>
|
|
|
21b0f25 |
+#include <fcntl.h>
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+
|
|
|
45f372e |
|
|
|
45f372e |
/*
|
|
|
21b0f25 |
* Local functions...
|
|
|
21b0f25 |
@@ -380,6 +390,53 @@
|
|
|
21b0f25 |
"cupsdAcceptClient: %d connected to server on %s:%d",
|
|
|
21b0f25 |
con->http.fd, con->servername, con->serverport);
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ if (is_lspp_config())
|
|
|
45f372e |
+ {
|
|
|
21b0f25 |
+ struct ucred cr;
|
|
|
21b0f25 |
+ unsigned int cl=sizeof(cr);
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+ if (getsockopt(con->http.fd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) == 0)
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ /*
|
|
|
21b0f25 |
+ * client_pid_to_auid() can be racey
|
|
|
21b0f25 |
+ * In this case the pid is based on a socket connected to the client
|
|
|
21b0f25 |
+ */
|
|
|
21b0f25 |
+ if ((con->auid = client_pid_to_auid(cr.pid)) == -1)
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ close(con->http.fd);
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: unable to determine client auid");
|
|
|
21b0f25 |
+ return (cupsdCloseClient(con));
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_INFO, "cupsdAcceptClient: peer's pid=%d, uid=%d, gid=%d, auid=%d",
|
|
|
21b0f25 |
+ cr.pid, cr.uid, cr.gid, con->auid);
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ else
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ close(con->http.fd);
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: getsockopt() failed");
|
|
|
21b0f25 |
+ return (cupsdCloseClient(con));
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+
|
|
|
45f372e |
+ /*
|
|
|
21b0f25 |
+ * get the context of the peer connection
|
|
|
45f372e |
+ */
|
|
|
21b0f25 |
+ if (getpeercon(con->http.fd, &con->scon))
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: getpeercon() failed");
|
|
|
21b0f25 |
+ cupsdSetString(&con->scon, UNKNOWN_SL);
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_INFO, "cupsdAcceptClient: client context=%s", con->scon);
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ else
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdAcceptClient: skipping getpeercon()");
|
|
|
21b0f25 |
+ cupsdSetString(&con->scon, UNKNOWN_SL);
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Using TCP_NODELAY improves responsiveness, especially on systems
|
|
|
21b0f25 |
* with a slow loopback interface... Since we write large buffers
|
|
|
21b0f25 |
@@ -3465,7 +3522,6 @@
|
|
|
21b0f25 |
time_t curtime; /* Current time */
|
|
|
21b0f25 |
int result; /* Result of GNU TLS calls */
|
|
|
45f372e |
|
|
|
21b0f25 |
-
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Create the encryption key...
|
|
|
21b0f25 |
*/
|
|
|
21b0f25 |
@@ -3664,6 +3720,49 @@
|
|
|
21b0f25 |
#endif /* HAVE_SSL */
|
|
|
45f372e |
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+/*
|
|
|
21b0f25 |
+ * 'client_pid_to_auid()' - Using the client's pid, read /proc and determine the loginuid.
|
|
|
21b0f25 |
+ */
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+uid_t client_pid_to_auid(pid_t clipid)
|
|
|
21b0f25 |
+{
|
|
|
21b0f25 |
+ uid_t uid;
|
|
|
21b0f25 |
+ int len, in;
|
|
|
21b0f25 |
+ char buf[16] = {0};
|
|
|
21b0f25 |
+ char fname[32] = {0};
|
|
|
45f372e |
+
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ /*
|
|
|
21b0f25 |
+ * Hopefully this pid is still the one we are interested in.
|
|
|
21b0f25 |
+ */
|
|
|
21b0f25 |
+ snprintf(fname, 32, "/proc/%d/loginuid", clipid);
|
|
|
21b0f25 |
+ in = open(fname, O_NOFOLLOW|O_RDONLY);
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ if (in < 0)
|
|
|
21b0f25 |
+ return -1;
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ errno = 0;
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ do {
|
|
|
21b0f25 |
+ len = read(in, buf, sizeof(buf));
|
|
|
21b0f25 |
+ } while (len < 0 && errno == EINTR);
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ close(in);
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ if (len < 0 || len >= sizeof(buf))
|
|
|
21b0f25 |
+ return -1;
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+ buf[len] = 0;
|
|
|
21b0f25 |
+ uid = strtol(buf, 0, 10);
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+ if (errno != 0)
|
|
|
21b0f25 |
+ return -1;
|
|
|
21b0f25 |
+ else
|
|
|
21b0f25 |
+ return uid;
|
|
|
21b0f25 |
+}
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* 'pipe_command()' - Pipe the output of a command to the remote client.
|
|
|
21b0f25 |
*/
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/client.h 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/client.h 2006-08-07 06:19:33.000000000 -0400
|
|
|
45f372e |
@@ -22,6 +22,13 @@
|
|
|
45f372e |
* WWW: http://www.cups.org
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
45f372e |
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
|
|
45f372e |
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
|
|
45f372e |
+
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+#include <selinux/selinux.h>
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
45f372e |
/*
|
|
|
45f372e |
* HTTP client structure...
|
|
|
45f372e |
*/
|
|
|
45f372e |
@@ -55,6 +62,10 @@
|
|
|
45f372e |
http_addr_t clientaddr; /* Client address */
|
|
|
45f372e |
char servername[256];/* Server name for connection */
|
|
|
45f372e |
int serverport; /* Server port for connection */
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ security_context_t scon; /* Security context of connection */
|
|
|
45f372e |
+ uid_t auid; /* Audit loginuid of the client */
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
};
|
|
|
45f372e |
|
|
|
45f372e |
#define HTTP(con) &((con)->http)
|
|
|
45f372e |
@@ -118,6 +129,9 @@
|
|
|
45f372e |
extern void cupsdStopListening(void);
|
|
|
45f372e |
extern void cupsdUpdateCGI(void);
|
|
|
45f372e |
extern int cupsdWriteClient(cupsd_client_t *con);
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+extern uid_t client_pid_to_auid(pid_t clipid);
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
|
|
|
45f372e |
/*
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/conf.c 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/conf.c 2006-08-14 06:09:33.000000000 -0400
|
|
|
21b0f25 |
@@ -35,6 +35,7 @@
|
|
|
21b0f25 |
* read_configuration() - Read a configuration file.
|
|
|
21b0f25 |
* read_location() - Read a <Location path> definition.
|
|
|
21b0f25 |
* read_policy() - Read a <Policy name> definition.
|
|
|
21b0f25 |
+ * is_lspp_config() - Is the system configured for LSPP
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
45f372e |
/*
|
|
|
21b0f25 |
@@ -60,6 +61,9 @@
|
|
|
21b0f25 |
# define INADDR_NONE 0xffffffff
|
|
|
21b0f25 |
#endif /* !INADDR_NONE */
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+# include <libaudit.h>
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
/*
|
|
|
21b0f25 |
* Configuration variable structure...
|
|
|
21b0f25 |
@@ -161,6 +165,9 @@
|
|
|
21b0f25 |
{ "ServerKey", &ServerKey, CUPSD_VARTYPE_STRING },
|
|
|
21b0f25 |
# endif /* HAVE_LIBSSL || HAVE_GNUTLS */
|
|
|
21b0f25 |
#endif /* HAVE_SSL */
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ { "AuditLog", &AuditLog, CUPSD_VARTYPE_INTEGER },
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
#ifdef HAVE_LAUNCHD
|
|
|
21b0f25 |
{ "LaunchdTimeout", &LaunchdTimeout, CUPSD_VARTYPE_INTEGER },
|
|
|
21b0f25 |
{ "LaunchdConf", &LaunchdConf, CUPSD_VARTYPE_STRING },
|
|
|
21b0f25 |
@@ -223,6 +230,9 @@
|
|
|
21b0f25 |
*old_requestroot; /* Old RequestRoot */
|
|
|
21b0f25 |
const char *tmpdir; /* TMPDIR environment variable */
|
|
|
21b0f25 |
struct stat tmpinfo; /* Temporary directory info */
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ char *audit_message; /* Audit message string */
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
|
|
|
21b0f25 |
|
|
|
21b0f25 |
/*
|
|
|
ddd55f2 |
@@ -377,6 +387,7 @@
|
|
|
21b0f25 |
}
|
|
|
45f372e |
}
|
|
|
45f372e |
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
/*
|
|
|
ddd55f2 |
* Numeric options...
|
|
|
ddd55f2 |
*/
|
|
|
ddd55f2 |
@@ -470,6 +481,16 @@
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
RunUser = getuid();
|
|
|
ddd55f2 |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ /*
|
|
|
21b0f25 |
+ * ClassifyOverride is set during read_configuration, if its on, report it now
|
|
|
21b0f25 |
+ */
|
|
|
ddd55f2 |
+ if (ClassifyOverride && AuditLog != -1)
|
|
|
21b0f25 |
+ audit_log_user_message(AuditLog, AUDIT_USYS_CONFIG,
|
|
|
21b0f25 |
+ "[Config] ClassifyOverride=enabled Users can override print banners",
|
|
|
21b0f25 |
+ ServerName, NULL, NULL, 1);
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
45f372e |
/*
|
|
|
ddd55f2 |
* See if the ServerName is an IP address...
|
|
|
45f372e |
*/
|
|
|
ddd55f2 |
@@ -779,7 +800,19 @@
|
|
|
21b0f25 |
cupsdClearString(&Classification);
|
|
|
45f372e |
|
|
|
21b0f25 |
if (Classification)
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
cupsdLogMessage(CUPSD_LOG_INFO, "Security set to \"%s\"", Classification);
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ if (AuditLog != -1)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ audit_message = NULL;
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "[Config] Security level=%s", Classification);
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_LABEL_LEVEL_CHANGE, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 1);
|
|
|
ddd55f2 |
+ free(audit_message);
|
|
|
ddd55f2 |
+ }
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+ }
|
|
|
45f372e |
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Update the MaxClientsPerHost value, as needed...
|
|
|
ddd55f2 |
@@ -2233,7 +2266,6 @@
|
|
|
21b0f25 |
|
|
|
21b0f25 |
cupsd_dirsvc_addr_t *dira; /* New browse address array */
|
|
|
21b0f25 |
|
|
|
21b0f25 |
-
|
|
|
21b0f25 |
if (NumBrowsers == 0)
|
|
|
21b0f25 |
dira = malloc(sizeof(cupsd_dirsvc_addr_t));
|
|
|
21b0f25 |
else
|
|
|
ddd55f2 |
@@ -3286,6 +3318,18 @@
|
|
|
21b0f25 |
return (0);
|
|
|
21b0f25 |
}
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+int is_lspp_config()
|
|
|
21b0f25 |
+{
|
|
|
21b0f25 |
+ if (Classification != NULL)
|
|
|
21b0f25 |
+ return ((strcasecmp(Classification, MLS_CONFIG) == 0)
|
|
|
21b0f25 |
+ || (strcasecmp(Classification, TE_CONFIG) == 0)
|
|
|
21b0f25 |
+ || (strcasecmp(Classification, SELINUX_CONFIG) == 0));
|
|
|
21b0f25 |
+ else
|
|
|
21b0f25 |
+ return 0;
|
|
|
21b0f25 |
+}
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* End of "$Id: conf.c 5736 2006-07-13 19:59:36Z mike $".
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/conf.h 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/conf.h 2006-08-07 06:19:33.000000000 -0400
|
|
|
21b0f25 |
@@ -182,7 +182,6 @@
|
|
|
21b0f25 |
/* Number of MIME types */
|
|
|
21b0f25 |
VAR const char **MimeTypes VALUE(NULL);
|
|
|
21b0f25 |
/* Array of MIME types */
|
|
|
21b0f25 |
-
|
|
|
21b0f25 |
#ifdef HAVE_SSL
|
|
|
21b0f25 |
VAR char *ServerCertificate VALUE(NULL);
|
|
|
21b0f25 |
/* Server certificate file */
|
|
|
21b0f25 |
@@ -191,6 +190,10 @@
|
|
|
21b0f25 |
/* Server key file */
|
|
|
21b0f25 |
# endif /* HAVE_LIBSSL || HAVE_GNUTLS */
|
|
|
21b0f25 |
#endif /* HAVE_SSL */
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+VAR int AuditLog VALUE(-1);
|
|
|
21b0f25 |
+ /* File descriptor for audit */
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
|
|
|
21b0f25 |
#ifdef HAVE_LAUNCHD
|
|
|
21b0f25 |
VAR int LaunchdTimeout VALUE(DEFAULT_TIMEOUT);
|
|
|
21b0f25 |
@@ -213,6 +216,9 @@
|
|
|
21b0f25 |
;
|
|
|
21b0f25 |
extern int cupsdLogPage(cupsd_job_t *job, const char *page);
|
|
|
45f372e |
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+extern int is_lspp_config(void);
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* End of "$Id: conf.h 5696 2006-06-26 18:34:20Z mike $".
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/ipp.c 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/ipp.c 2006-08-21 06:57:47.000000000 -0400
|
|
|
45f372e |
@@ -96,6 +96,9 @@
|
|
|
45f372e |
* validate_user() - Validate the user for the request.
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
45f372e |
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
|
|
45f372e |
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
|
|
45f372e |
+
|
|
|
45f372e |
/*
|
|
|
45f372e |
* Include necessary headers...
|
|
|
45f372e |
*/
|
|
|
45f372e |
@@ -106,6 +109,14 @@
|
|
|
45f372e |
# include <paper.h>
|
|
|
45f372e |
#endif /* HAVE_LIBPAPER */
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+#include <libaudit.h>
|
|
|
45f372e |
+#include <selinux/selinux.h>
|
|
|
45f372e |
+#include <selinux/context.h>
|
|
|
45f372e |
+#include <selinux/avc.h>
|
|
|
45f372e |
+#include <selinux/flask.h>
|
|
|
45f372e |
+#include <selinux/av_permissions.h>
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
/*
|
|
|
45f372e |
* PPD default choice structure...
|
|
|
ddd55f2 |
@@ -1166,6 +1177,18 @@
|
|
|
45f372e |
int kbytes; /* Size of print file */
|
|
|
45f372e |
int i; /* Looping var */
|
|
|
45f372e |
int lowerpagerange; /* Page range bound */
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ char *argv[3]; /* Command line args */
|
|
|
45f372e |
+ char *envp[MAX_ENV]; /* Environment */
|
|
|
45f372e |
+ char *audit_message; /* Audit message string */
|
|
|
45f372e |
+ char buffer[1024] = {0}; /* argv[0] buffer */
|
|
|
45f372e |
+ int acstatus; /* return value of the access check */
|
|
|
45f372e |
+ pid_t acpid; /* pid for the access check */
|
|
|
45f372e |
+ char *printerfile; /* device file pointed to by the printer */
|
|
|
ddd55f2 |
+ char *userheader = NULL; /* User supplied job-sheets[0] */
|
|
|
ddd55f2 |
+ char *userfooter = NULL; /* User supplied job-sheets[1] */
|
|
|
ddd55f2 |
+ int override = 0; /* Was a banner overrode on a job */
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
|
|
|
45f372e |
cupsdLogMessage(CUPSD_LOG_DEBUG2, "add_job(%p[%d], %s)", con,
|
|
|
ddd55f2 |
@@ -1342,6 +1365,90 @@
|
|
|
45f372e |
return (NULL);
|
|
|
45f372e |
}
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ if (is_lspp_config())
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ if (!con->scon || strlen(con->scon) == 0)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "add_job: missing classification for connection \'%s\'!", dest);
|
|
|
45f372e |
+ send_ipp_status(con, IPP_INTERNAL_ERROR, _("Missing required secuirty attributes."));
|
|
|
45f372e |
+ return (NULL);
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ else
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ /*
|
|
|
45f372e |
+ * duplicate the security context and auid of the connection into the job structure
|
|
|
45f372e |
+ */
|
|
|
45f372e |
+ job->scon = strdup(con->scon);
|
|
|
45f372e |
+ job->auid = con->auid;
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /*
|
|
|
45f372e |
+ * add the security context to the request so that on a restart the security
|
|
|
45f372e |
+ * attributes will be able to be restored
|
|
|
45f372e |
+ */
|
|
|
45f372e |
+ ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "security-context",
|
|
|
45f372e |
+ NULL, job->scon);
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+
|
|
|
45f372e |
+ /*
|
|
|
45f372e |
+ * Perform an access check so that if the user gets feedback at enqueue time
|
|
|
45f372e |
+ */
|
|
|
45f372e |
+
|
|
|
ddd55f2 |
+ printerfile = strstr(printer->device_uri, "/dev/");
|
|
|
ddd55f2 |
+ if (printerfile != NULL)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_DEBUG, "add_job: Attempting an access check on printer device %s",
|
|
|
45f372e |
+ printerfile);
|
|
|
45f372e |
+
|
|
|
45f372e |
+ if (setexeccon(job->scon) != 0)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "add_job: Unable to setexeccon to %s", job->scon);
|
|
|
45f372e |
+ send_ipp_status(con, IPP_INTERNAL_ERROR, _("Internal SELinux error"));
|
|
|
45f372e |
+ return (NULL);
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ snprintf(buffer, sizeof(buffer), "%s/daemon/lspp-access", ServerBin);
|
|
|
ddd55f2 |
+ argv[0] = "lspp-access";
|
|
|
45f372e |
+ argv[1] = printerfile;
|
|
|
45f372e |
+ argv[2] = NULL;
|
|
|
45f372e |
+
|
|
|
45f372e |
+ cupsdLoadEnv(envp, (int)(sizeof(envp) / sizeof(envp[0])));
|
|
|
45f372e |
+
|
|
|
45f372e |
+ if (!cupsdStartProcess(buffer, argv, envp, -1, -1, -1, -1, 0, &acpid))
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ waitpid(acpid, &acstatus, 0);
|
|
|
45f372e |
+ if (WIFEXITED(acstatus))
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ if (WEXITSTATUS(acstatus) != 0)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ /*
|
|
|
45f372e |
+ * The access check failed, so cancel the job and send an audit message
|
|
|
45f372e |
+ */
|
|
|
ddd55f2 |
+ if (AuditLog != -1)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ audit_message = NULL;
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "job=%d auid=%u acct=%s obj=%s refused,"
|
|
|
ddd55f2 |
+ "unable to access printer=%s", job->id, con->auid,
|
|
|
ddd55f2 |
+ con->username, con->scon, printer->name);
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_USER_LABELED_EXPORT, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 0);
|
|
|
ddd55f2 |
+ free(audit_message);
|
|
|
ddd55f2 |
+ }
|
|
|
45f372e |
+
|
|
|
45f372e |
+ send_ipp_status(con, IPP_NOT_AUTHORIZED, _("SELinux prohibits access to the printer"));
|
|
|
45f372e |
+ return (NULL);
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ else
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_DEBUG, "add_job: access check succeeded (returned %d)",
|
|
|
45f372e |
+ WEXITSTATUS(acstatus));
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
45f372e |
job->dtype = dtype;
|
|
|
45f372e |
job->attrs = con->request;
|
|
|
45f372e |
con->request = NULL;
|
|
|
ddd55f2 |
@@ -1537,6 +1644,29 @@
|
|
|
ddd55f2 |
attr->values[0].string.text = _cupsStrAlloc(printer->job_sheets[0]);
|
|
|
ddd55f2 |
attr->values[1].string.text = _cupsStrAlloc(printer->job_sheets[1]);
|
|
|
ddd55f2 |
}
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ else
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ /*
|
|
|
ddd55f2 |
+ * The option was present, so capture the user supplied strings
|
|
|
ddd55f2 |
+ */
|
|
|
ddd55f2 |
+ userheader = strdup(attr->values[0].string.text);
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if (attr->num_values > 1)
|
|
|
ddd55f2 |
+ userfooter = strdup(attr->values[1].string.text);
|
|
|
ddd55f2 |
+
|
|
|
c202f8b |
+ if (Classification != NULL && (strcmp(userheader, Classification) == 0)
|
|
|
95944ec |
+ && userfooter &&(strcmp(userfooter, Classification) == 0))
|
|
|
ddd55f2 |
+ {
|
|
|
45f372e |
+ /*
|
|
|
ddd55f2 |
+ * Since both values are Classification, the user is not trying to Override
|
|
|
45f372e |
+ */
|
|
|
ddd55f2 |
+ free(userheader);
|
|
|
95944ec |
+ if (userfooter) free(userfooter);
|
|
|
ddd55f2 |
+ userheader = userfooter = NULL;
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
job->job_sheets = attr;
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
@@ -1567,6 +1697,9 @@
|
|
|
ddd55f2 |
"job-sheets=\"%s,none\", "
|
|
|
ddd55f2 |
"job-originating-user-name=\"%s\"",
|
|
|
ddd55f2 |
job->id, Classification, job->username);
|
|
|
ddd55f2 |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ override = 1;
|
|
|
ddd55f2 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
else if (attr->num_values == 2 &&
|
|
|
ddd55f2 |
strcmp(attr->values[0].string.text,
|
|
|
ddd55f2 |
@@ -1585,6 +1718,9 @@
|
|
|
ddd55f2 |
"job-originating-user-name=\"%s\"",
|
|
|
ddd55f2 |
job->id, attr->values[0].string.text,
|
|
|
ddd55f2 |
attr->values[1].string.text, job->username);
|
|
|
ddd55f2 |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ override = 1;
|
|
|
ddd55f2 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
else if (strcmp(attr->values[0].string.text, Classification) &&
|
|
|
ddd55f2 |
strcmp(attr->values[0].string.text, "none") &&
|
|
|
ddd55f2 |
@@ -1605,6 +1741,9 @@
|
|
|
ddd55f2 |
"job-originating-user-name=\"%s\"",
|
|
|
ddd55f2 |
job->id, attr->values[0].string.text,
|
|
|
ddd55f2 |
attr->values[1].string.text, job->username);
|
|
|
ddd55f2 |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ override = 1;
|
|
|
ddd55f2 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
else if (strcmp(attr->values[0].string.text, Classification) &&
|
|
|
ddd55f2 |
@@ -1645,9 +1784,52 @@
|
|
|
ddd55f2 |
"job-sheets=\"%s\", "
|
|
|
ddd55f2 |
"job-originating-user-name=\"%s\"",
|
|
|
ddd55f2 |
job->id, Classification, job->username);
|
|
|
ddd55f2 |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ override = 1;
|
|
|
ddd55f2 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ if (is_lspp_config() && AuditLog != -1)
|
|
|
ddd55f2 |
+ {
|
|
|
45f372e |
+ audit_message = NULL;
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if (userheader || userfooter)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ if (!override)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ /*
|
|
|
ddd55f2 |
+ * The user overrode the banner, so audit it
|
|
|
ddd55f2 |
+ */
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "job=%d user supplied classification \"%s\" \"%s\""
|
|
|
ddd55f2 |
+ " using \"%s\" \"%s\"", job->id, userheader,
|
|
|
ddd55f2 |
+ userfooter, attr->values[0].string.text,
|
|
|
ddd55f2 |
+ (attr->num_values > 1) ? attr->values[1].string.text : "(null)");
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_LABEL_OVERRIDE, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 1);
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ else
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ /*
|
|
|
ddd55f2 |
+ * The user tried to override the banner, audit the failure
|
|
|
ddd55f2 |
+ */
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "job=%d user supplied classification \"%s\" \"%s\""
|
|
|
ddd55f2 |
+ ", ignored using \"%s\" \"%s\"", job->id, userheader,
|
|
|
ddd55f2 |
+ userfooter, attr->values[0].string.text,
|
|
|
ddd55f2 |
+ (attr->num_values > 1) ? attr->values[1].string.text : "(null)");
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_LABEL_OVERRIDE, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 0);
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ free(audit_message);
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
+ if (userheader)
|
|
|
ddd55f2 |
+ free(userheader);
|
|
|
ddd55f2 |
+ if (userfooter)
|
|
|
ddd55f2 |
+ free(userfooter);
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
/*
|
|
|
ddd55f2 |
* See if we need to add the starting sheet...
|
|
|
ddd55f2 |
*/
|
|
|
ddd55f2 |
@@ -3501,6 +3683,11 @@
|
|
|
45f372e |
char attrname[255], /* Name of attribute */
|
|
|
45f372e |
*s; /* Pointer into name */
|
|
|
45f372e |
ipp_attribute_t *attr; /* Attribute */
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ const char *mls_label = NULL; /* SL of print job */
|
|
|
45f372e |
+ context_t job_context; /* SELinux context of the job */
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
45f372e |
|
|
|
45f372e |
|
|
|
45f372e |
cupsdLogMessage(CUPSD_LOG_DEBUG2, "copy_banner(%p[%d], %p[%d], %s)",
|
|
|
ddd55f2 |
@@ -3628,6 +3815,24 @@
|
|
|
45f372e |
else
|
|
|
45f372e |
s = attrname;
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ if (strcmp(s, "mls-label") == 0)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ if (con->scon != NULL && strcmp(con->scon, UNKNOWN_SL) != 0)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ job_context = context_new(con->scon);
|
|
|
45f372e |
+ if (strcasecmp(name, MLS_CONFIG) == 0)
|
|
|
45f372e |
+ mls_label = context_range_get(job_context);
|
|
|
45f372e |
+ else if (strcasecmp(name, TE_CONFIG) == 0)
|
|
|
45f372e |
+ mls_label = context_type_get(job_context);
|
|
|
45f372e |
+ else // default to using the whole context string
|
|
|
45f372e |
+ mls_label = context_str(job_context);
|
|
|
45f372e |
+ cupsFilePuts(out, mls_label);
|
|
|
45f372e |
+ context_free(job_context);
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ continue;
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
if (!strcmp(s, "printer-name"))
|
|
|
45f372e |
{
|
|
|
45f372e |
cupsFilePuts(out, job->dest);
|
|
|
ddd55f2 |
@@ -5353,6 +5558,15 @@
|
|
|
45f372e |
cupsd_printer_t *printer; /* Printer */
|
|
|
45f372e |
cups_array_t *list; /* Which job list... */
|
|
|
45f372e |
cups_array_t *ra; /* Requested attributes array */
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ int selinuxcheck; /* perform the SELinux access check? */
|
|
|
45f372e |
+ security_id_t clisid; /* SELinux SID of the client */
|
|
|
45f372e |
+ security_id_t jobsid; /* SELinux SID of the job */
|
|
|
45f372e |
+ struct av_decision avd; /* SELinux decision stuct */
|
|
|
45f372e |
+ struct avc_entry_ref avcref; /* AVC entry cache pointer */
|
|
|
45f372e |
+ security_class_t tclass; /* SELinux security class */
|
|
|
45f372e |
+ access_vector_t avr; /* SELinux access being queried */
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
|
|
|
45f372e |
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs(%p[%d], %s)", con, con->http.fd,
|
|
|
ddd55f2 |
@@ -5470,6 +5684,40 @@
|
|
|
45f372e |
|
|
|
45f372e |
ra = create_requested_array(con->request);
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ /*
|
|
|
45f372e |
+ * Determine outside the loop if we are concerned about SELinux
|
|
|
45f372e |
+ */
|
|
|
45f372e |
+ selinuxcheck = is_lspp_config();
|
|
|
45f372e |
+ if (selinuxcheck)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ selinuxcheck = security_getenforce();
|
|
|
45f372e |
+ if (selinuxcheck == -1)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "get_jobs: unable to determine SELinux enforcement");
|
|
|
45f372e |
+ send_ipp_status(con, IPP_INTERNAL_ERROR, _("Internal SELinux error (getenforce)."));
|
|
|
45f372e |
+ return;
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ if (avc_init("cups", NULL, NULL, NULL, NULL) < 0)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "get_jobs: unable avc_init");
|
|
|
45f372e |
+ send_ipp_status(con, IPP_INTERNAL_ERROR, _("Internal SELinux error (avc_init)."));
|
|
|
45f372e |
+ return;
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ if (avc_context_to_sid(con->scon, &clisid) != 0)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "get_jobs: unable to convert %s to SELinux sid", con->scon);
|
|
|
45f372e |
+ send_ipp_status(con, IPP_INTERNAL_ERROR, _("Internal SELinux error (avc_context_to_sid)."));
|
|
|
45f372e |
+ return;
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_DEBUG, "get_jobs: client context %s", con->scon);
|
|
|
45f372e |
+
|
|
|
45f372e |
+ avr = FILE__READ;
|
|
|
45f372e |
+ tclass = SECCLASS_FILE;
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
45f372e |
+
|
|
|
45f372e |
/*
|
|
|
45f372e |
* OK, build a list of jobs for this printer...
|
|
|
45f372e |
*/
|
|
|
ddd55f2 |
@@ -5507,6 +5755,19 @@
|
|
|
45f372e |
if (count > 0)
|
|
|
45f372e |
ippAddSeparator(con->response);
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ if (selinuxcheck)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+ cupsdLogMessage(CUPSD_LOG_DEBUG, "get_jobs: job context %s", job->scon);
|
|
|
45f372e |
+
|
|
|
45f372e |
+ avc_context_to_sid(job->scon, &jobsid);
|
|
|
45f372e |
+ avc_entry_ref_init(&avcref);
|
|
|
45f372e |
+
|
|
|
45f372e |
+ if (avc_has_perm_noaudit(clisid, jobsid, tclass, avr, &avcref, &avd) != 0)
|
|
|
45f372e |
+ continue;
|
|
|
45f372e |
+ }
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
45f372e |
count ++;
|
|
|
45f372e |
|
|
|
45f372e |
cupsdLogMessage(CUPSD_LOG_DEBUG2, "get_jobs: count = %d", count);
|
|
|
ddd55f2 |
@@ -7935,12 +8196,22 @@
|
|
|
45f372e |
* See if we need to add the ending sheet...
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
45f372e |
+ if (printer &&
|
|
|
45f372e |
+ ( is_lspp_config() ||
|
|
|
45f372e |
+ !(printer->type & (CUPS_PRINTER_REMOTE | CUPS_PRINTER_IMPLICIT)) ) &&
|
|
|
45f372e |
+ (attr = ippFindAttribute(job->attrs, "job-sheets",
|
|
|
45f372e |
+ IPP_TAG_ZERO)) != NULL &&
|
|
|
45f372e |
+ attr->num_values > 1)
|
|
|
45f372e |
+ {
|
|
|
45f372e |
+#else /* !WITH_LSPP */
|
|
|
45f372e |
if (printer &&
|
|
|
45f372e |
!(printer->type & (CUPS_PRINTER_REMOTE | CUPS_PRINTER_IMPLICIT)) &&
|
|
|
45f372e |
(attr = ippFindAttribute(job->attrs, "job-sheets",
|
|
|
45f372e |
IPP_TAG_ZERO)) != NULL &&
|
|
|
45f372e |
attr->num_values > 1)
|
|
|
45f372e |
{
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
/*
|
|
|
45f372e |
* Yes...
|
|
|
45f372e |
*/
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/job.c 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/job.c 2006-08-17 10:38:41.000000000 -0400
|
|
|
21b0f25 |
@@ -68,6 +68,9 @@
|
|
|
21b0f25 |
* unload_job() - Unload a job from memory.
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
21b0f25 |
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
|
|
21b0f25 |
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
|
|
21b0f25 |
+
|
|
|
45f372e |
/*
|
|
|
21b0f25 |
* Include necessary headers...
|
|
|
21b0f25 |
*/
|
|
|
21b0f25 |
@@ -77,6 +80,11 @@
|
|
|
21b0f25 |
#include <cups/backend.h>
|
|
|
21b0f25 |
#include <cups/dir.h>
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+#include <selinux/selinux.h>
|
|
|
21b0f25 |
+#include <selinux/context.h>
|
|
|
21b0f25 |
+#include <libaudit.h>
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
/*
|
|
|
21b0f25 |
* Local globals...
|
|
|
21b0f25 |
@@ -985,6 +993,23 @@
|
|
|
21b0f25 |
cupsdSetString(&job->dest, dest);
|
|
|
45f372e |
}
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ if ((attr = ippFindAttribute(job->attrs, "security-context", IPP_TAG_NAME)) != NULL)
|
|
|
21b0f25 |
+ cupsdSetString(&job->scon, attr->values[0].string.text);
|
|
|
21b0f25 |
+ else if (is_lspp_config())
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ /*
|
|
|
21b0f25 |
+ * There was no security context so delete the job
|
|
|
21b0f25 |
+ */
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "LoadAllJobs: Missing or bad security-context attribute in control file \"%s\"!",
|
|
|
21b0f25 |
+ jobfile);
|
|
|
21b0f25 |
+ ippDelete(job->attrs);
|
|
|
21b0f25 |
+ job->attrs = NULL;
|
|
|
21b0f25 |
+ unlink(jobfile);
|
|
|
21b0f25 |
+ return;
|
|
|
21b0f25 |
+ }
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
+
|
|
|
21b0f25 |
job->sheets = ippFindAttribute(job->attrs, "job-media-sheets-completed",
|
|
|
21b0f25 |
IPP_TAG_INTEGER);
|
|
|
21b0f25 |
job->job_sheets = ippFindAttribute(job->attrs, "job-sheets", IPP_TAG_NAME);
|
|
|
ddd55f2 |
@@ -2428,6 +2453,18 @@
|
|
|
21b0f25 |
int remote_job; /* Remote print job? */
|
|
|
21b0f25 |
static char *options = NULL;/* Full list of options */
|
|
|
21b0f25 |
static int optlength = 0; /* Length of option buffer */
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ int acstatus = 0; /* return value of the access check */
|
|
|
21b0f25 |
+ pid_t acpid = -1; /* pid for the access check */
|
|
|
21b0f25 |
+ const char *mls_label = NULL; /* SL to put in classification env var */
|
|
|
ddd55f2 |
+ char *label_template = NULL; /* SL to put in classification env var */
|
|
|
21b0f25 |
+ char *audit_message = NULL; /* Audit message string */
|
|
|
21b0f25 |
+ char *printerfile = NULL; /* Device file pointed to by the printer */
|
|
|
21b0f25 |
+ char *acargv[3]; /* Command line args */
|
|
|
21b0f25 |
+ char buffer[1024] = {0}; /* argv[0] buffer */
|
|
|
21b0f25 |
+ char *acenvp[MAX_ENV]; /* Environment */
|
|
|
21b0f25 |
+ context_t job_context; /* SELinux context of the job */
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
|
|
|
21b0f25 |
cupsdLogMessage(CUPSD_LOG_DEBUG2, "start_job: id = %d, file = %d/%d",
|
|
|
ddd55f2 |
@@ -2709,6 +2746,69 @@
|
|
|
45f372e |
|
|
|
21b0f25 |
cupsdLogMessage(CUPSD_LOG_DEBUG, "banner_page = %d", banner_page);
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ if (is_lspp_config())
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ /*
|
|
|
21b0f25 |
+ * Perform an access check before printing, but only if the printer starts with /dev/
|
|
|
21b0f25 |
+ */
|
|
|
ddd55f2 |
+ printerfile = strstr(printer->device_uri, "/dev/");
|
|
|
45f372e |
+
|
|
|
ddd55f2 |
+ if (printerfile != NULL)
|
|
|
21b0f25 |
+ {
|
|
|
ddd55f2 |
+ cupsdLogMessage(CUPSD_LOG_DEBUG, "StartJob: Attempting to check access on printer device %s",
|
|
|
ddd55f2 |
+ printerfile);
|
|
|
ddd55f2 |
+
|
|
|
21b0f25 |
+ if (setexeccon(job->scon) != 0)
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "StartJob: Unable to setexeccon to %s", job->scon);
|
|
|
21b0f25 |
+ cupsdCancelJob(job, 0);
|
|
|
21b0f25 |
+ return;
|
|
|
21b0f25 |
+ }
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ snprintf(buffer, sizeof(buffer), "%s/daemon/lspp-access", ServerBin);
|
|
|
ddd55f2 |
+ acargv[0] = "lspp-access";
|
|
|
21b0f25 |
+ acargv[1] = printerfile;
|
|
|
21b0f25 |
+ acargv[2] = NULL;
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ cupsdLoadEnv(acenvp, (int)(sizeof(acenvp) / sizeof(acenvp[0])));
|
|
|
45f372e |
+
|
|
|
21b0f25 |
+ if (!cupsdStartProcess(buffer, acargv, acenvp, -1, -1, -1, -1, 0, &acpid))
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ waitpid(acpid, &acstatus, 0);
|
|
|
21b0f25 |
+ if (WIFEXITED(acstatus))
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ if (WEXITSTATUS(acstatus) != 0)
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ /*
|
|
|
21b0f25 |
+ * The access check failed, so cancel the job and send an audit message
|
|
|
21b0f25 |
+ */
|
|
|
ddd55f2 |
+ if (AuditLog != -1)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ audit_message = NULL;
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "job=%d auid=%u acct=%s obj=%s cancelled,"
|
|
|
ddd55f2 |
+ " unable to access printer=%s",
|
|
|
ddd55f2 |
+ job->id, job->auid, job->username, job->scon, printer->name);
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_USER_LABELED_EXPORT, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 0);
|
|
|
ddd55f2 |
+ free(audit_message);
|
|
|
ddd55f2 |
+ }
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+ cupsdCancelJob(job, 0);
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+ return;
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ else
|
|
|
21b0f25 |
+ {
|
|
|
21b0f25 |
+ cupsdLogMessage(CUPSD_LOG_DEBUG, "StartJob: access check succeeded (returned %d)",
|
|
|
21b0f25 |
+ WEXITSTATUS(acstatus));
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ }
|
|
|
45f372e |
+ }
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Building the options string is harder than it needs to be, but
|
|
|
21b0f25 |
* for the moment we need to pass strings for command-line args and
|
|
|
ddd55f2 |
@@ -3041,6 +3141,61 @@
|
|
|
ddd55f2 |
snprintf(classification, sizeof(classification), "CLASSIFICATION=%s",
|
|
|
ddd55f2 |
attr->values[0].string.text);
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ if (is_lspp_config())
|
|
|
21b0f25 |
+ {
|
|
|
ddd55f2 |
+ if (job->scon == NULL)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ if (AuditLog != -1)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ audit_message = NULL;
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "job=%d auid=%u acct=%s printer=%s title=%s",
|
|
|
ddd55f2 |
+ job->id, job->auid, job->username, printer->name, title);
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_USER_UNLABELED_EXPORT, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 1);
|
|
|
ddd55f2 |
+ free(audit_message);
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ else
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ job_context = context_new(job->scon);
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if ((attr = ippFindAttribute(job->attrs, "job-sheets", IPP_TAG_NAME)) == NULL)
|
|
|
ddd55f2 |
+ label_template = strdup(Classification);
|
|
|
ddd55f2 |
+ else if (attr->num_values > 1 &&
|
|
|
ddd55f2 |
+ strcmp(attr->values[1].string.text, "none") != 0)
|
|
|
ddd55f2 |
+ label_template = strdup(attr->values[1].string.text);
|
|
|
ddd55f2 |
+ else
|
|
|
ddd55f2 |
+ label_template = strdup(attr->values[0].string.text);
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if (strcasecmp(label_template, MLS_CONFIG) == 0)
|
|
|
ddd55f2 |
+ mls_label = context_range_get(job_context);
|
|
|
ddd55f2 |
+ else if (strcasecmp(label_template, TE_CONFIG) == 0)
|
|
|
ddd55f2 |
+ mls_label = context_type_get(job_context);
|
|
|
ddd55f2 |
+ else if (strcasecmp(label_template, SELINUX_CONFIG) == 0)
|
|
|
ddd55f2 |
+ mls_label = context_str(job_context);
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if (!mls_label)
|
|
|
ddd55f2 |
+ mls_label = label_template;
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ snprintf(classification, sizeof(classification), "CLASSIFICATION=%s", mls_label);
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if (AuditLog != -1)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ audit_message = NULL;
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "job=%d auid=%u acct=%s printer=%s title=%s"
|
|
|
ddd55f2 |
+ " obj=%s label=%s", job->id, job->auid, job->username,
|
|
|
ddd55f2 |
+ printer->name, title, job->scon, mls_label);
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_USER_LABELED_EXPORT, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 1);
|
|
|
ddd55f2 |
+ free(audit_message);
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ context_free(job_context);
|
|
|
ddd55f2 |
+ free(label_template);
|
|
|
ddd55f2 |
+ }
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
envp[envc ++] = classification;
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/job.h 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/job.h 2006-08-07 06:19:33.000000000 -0400
|
|
|
21b0f25 |
@@ -22,6 +22,13 @@
|
|
|
21b0f25 |
* WWW: http://www.cups.org
|
|
|
21b0f25 |
*/
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+/* Copyright (C) 2005 Trusted Computer Solutions, Inc. */
|
|
|
21b0f25 |
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+#include <selinux/selinux.h>
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Job request structure...
|
|
|
21b0f25 |
*/
|
|
|
21b0f25 |
@@ -55,6 +62,10 @@
|
|
|
21b0f25 |
int status; /* Status code from filters */
|
|
|
21b0f25 |
cupsd_printer_t *printer; /* Printer this job is assigned to */
|
|
|
21b0f25 |
int tries; /* Number of tries for this job */
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ security_context_t scon; /* Security context of job */
|
|
|
21b0f25 |
+ uid_t auid; /* Audit loginuid for this job */
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
} cupsd_job_t;
|
|
|
21b0f25 |
|
|
|
21b0f25 |
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/lspp-access.c 1969-12-31 19:00:00.000000000 -0500
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/lspp-access.c 2006-08-07 06:19:33.000000000 -0400
|
|
|
ddd55f2 |
@@ -0,0 +1,56 @@
|
|
|
ddd55f2 |
+/*
|
|
|
ddd55f2 |
+ * Copyright (C) Hewlett-Packard Development Company, L.P., 2006
|
|
|
ddd55f2 |
+ *
|
|
|
ddd55f2 |
+ * This program is free software; you can redistribute it and/or modify
|
|
|
ddd55f2 |
+ * it under the terms of the GNU General Public License as published by
|
|
|
ddd55f2 |
+ * the Free Software Foundation; either version 2 of the License, or
|
|
|
ddd55f2 |
+ * (at your option) any later version.
|
|
|
ddd55f2 |
+ *
|
|
|
ddd55f2 |
+ * This program is distributed in the hope that it will be useful,
|
|
|
ddd55f2 |
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
ddd55f2 |
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
|
|
|
ddd55f2 |
+ * the GNU General Public License for more details.
|
|
|
ddd55f2 |
+ *
|
|
|
ddd55f2 |
+ * You should have received a copy of the GNU General Public License
|
|
|
ddd55f2 |
+ * along with this program; if not, write to the Free Software
|
|
|
ddd55f2 |
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
ddd55f2 |
+ *
|
|
|
ddd55f2 |
+ * Contents:
|
|
|
ddd55f2 |
+ *
|
|
|
ddd55f2 |
+ * main() - Main entry for the access checker.
|
|
|
ddd55f2 |
+ */
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+#include <stdio.h>
|
|
|
ddd55f2 |
+#include <unistd.h>
|
|
|
ddd55f2 |
+#include <string.h>
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+int main(int argc, char *argv[]) {
|
|
|
ddd55f2 |
+ int status = -1;
|
|
|
ddd55f2 |
+ char filename[FILENAME_MAX+1] = {0};
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if (argc < 2)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ printf("Check for access to which file? ");
|
|
|
ddd55f2 |
+ scanf("%s", (char *)&filename);
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ else
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ strncpy(filename, argv[1], FILENAME_MAX);
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ status = access(filename, R_OK|W_OK);
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ if (argc < 2)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ /*
|
|
|
ddd55f2 |
+ * Assume the user would like to hear the answer on the terminal
|
|
|
ddd55f2 |
+ * since the filename was received interactively.
|
|
|
ddd55f2 |
+ */
|
|
|
ddd55f2 |
+ if (status != 0)
|
|
|
ddd55f2 |
+ printf("Unable to access that file.\n");
|
|
|
ddd55f2 |
+ else
|
|
|
ddd55f2 |
+ printf("Access Granted\n");
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+
|
|
|
ddd55f2 |
+ return status;
|
|
|
ddd55f2 |
+}
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/main.c 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/main.c 2006-08-15 09:15:28.000000000 -0400
|
|
|
21b0f25 |
@@ -47,6 +47,8 @@
|
|
|
21b0f25 |
* usage() - Show scheduler usage.
|
|
|
21b0f25 |
*/
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Include necessary headers...
|
|
|
21b0f25 |
*/
|
|
|
21b0f25 |
@@ -69,6 +71,9 @@
|
|
|
21b0f25 |
# include <notify.h>
|
|
|
21b0f25 |
#endif /* HAVE_NOTIFY_H */
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+# include <libaudit.h>
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Local functions...
|
|
|
ddd55f2 |
@@ -141,6 +146,9 @@
|
|
|
ddd55f2 |
int launchd_idle_exit;
|
|
|
ddd55f2 |
/* Idle exit on select timeout? */
|
|
|
ddd55f2 |
#endif /* HAVE_LAUNCHD */
|
|
|
ddd55f2 |
+#if WITH_LSPP
|
|
|
ddd55f2 |
+ auditfail_t failmode; /* Action for audit_open failure */
|
|
|
ddd55f2 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
/*
|
|
|
ddd55f2 |
@@ -351,6 +359,25 @@
|
|
|
21b0f25 |
#endif /* DEBUG */
|
|
|
21b0f25 |
}
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ if ((AuditLog = audit_open()) < 0 )
|
|
|
21b0f25 |
+ {
|
|
|
ddd55f2 |
+ if (get_auditfail_action(&failmode) == 0)
|
|
|
21b0f25 |
+ {
|
|
|
ddd55f2 |
+ if (failmode == FAIL_LOG)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to connect to audit subsystem.");
|
|
|
ddd55f2 |
+ AuditLog = -1;
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+ else if (failmode == FAIL_TERMINATE)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ fprintf(stderr, "cupsd: unable to start auditing, terminating");
|
|
|
ddd55f2 |
+ return -1;
|
|
|
ddd55f2 |
+ }
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+ }
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
/*
|
|
|
21b0f25 |
* Set the timezone info...
|
|
|
21b0f25 |
*/
|
|
|
ddd55f2 |
@@ -1115,6 +1142,11 @@
|
|
|
21b0f25 |
free(input);
|
|
|
21b0f25 |
free(output);
|
|
|
21b0f25 |
|
|
|
21b0f25 |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ if (AuditLog != -1)
|
|
|
ddd55f2 |
+ audit_close(AuditLog);
|
|
|
21b0f25 |
+#endif /* WITH_LSPP */
|
|
|
21b0f25 |
+
|
|
|
21b0f25 |
return (!stop_scheduler);
|
|
|
21b0f25 |
}
|
|
|
21b0f25 |
|
|
|
ddd55f2 |
--- cups-1.2.2-8/scheduler/Makefile 2006-08-10 11:43:02.000000000 -0400
|
|
|
ddd55f2 |
+++ cups-1.2.2/scheduler/Makefile 2006-08-07 06:19:33.000000000 -0400
|
|
|
45f372e |
@@ -54,6 +54,7 @@
|
|
|
45f372e |
OBJS = \
|
|
|
45f372e |
$(CUPSDOBJS) \
|
|
|
45f372e |
$(MIMEOBJS) \
|
|
|
21b0f25 |
+ lspp-access.o \
|
|
|
45f372e |
cups-deviced.o \
|
|
|
45f372e |
cups-driverd.o \
|
|
|
45f372e |
cups-lpd.o \
|
|
|
45f372e |
@@ -63,6 +64,7 @@
|
|
|
45f372e |
testspeed.o \
|
|
|
45f372e |
util.o
|
|
|
45f372e |
TARGETS = \
|
|
|
21b0f25 |
+ lspp-access \
|
|
|
45f372e |
cupsd \
|
|
|
45f372e |
cups-deviced \
|
|
|
45f372e |
cups-driverd \
|
|
|
21b0f25 |
@@ -111,11 +113,12 @@
|
|
|
45f372e |
$(INSTALL_DIR) -m 755 $(SERVERBIN)
|
|
|
45f372e |
echo Creating $(SERVERBIN)/daemon...
|
|
|
45f372e |
$(INSTALL_DIR) -m 755 $(SERVERBIN)/daemon
|
|
|
45f372e |
- echo Installing cups-deviced, cups-driverd, cups-lpd, and cups-polld in $(SERVERBIN)/daemon...
|
|
|
21b0f25 |
+ echo Installing cups-deviced, cups-driverd, cups-lpd, cups-polld, and lspp-access in $(SERVERBIN)/daemon...
|
|
|
45f372e |
$(INSTALL_BIN) cups-deviced $(SERVERBIN)/daemon
|
|
|
45f372e |
$(INSTALL_BIN) cups-driverd $(SERVERBIN)/daemon
|
|
|
45f372e |
$(INSTALL_BIN) cups-lpd $(SERVERBIN)/daemon
|
|
|
21b0f25 |
$(INSTALL_BIN) cups-polld $(SERVERBIN)/daemon
|
|
|
21b0f25 |
+ $(INSTALL_BIN) lspp-access $(SERVERBIN)/daemon
|
|
|
21b0f25 |
echo Creating $(SERVERBIN)/driver...
|
|
|
21b0f25 |
$(INSTALL_DIR) -m 755 $(SERVERBIN)/driver
|
|
|
21b0f25 |
echo Creating $(SERVERROOT)...
|
|
|
21b0f25 |
@@ -161,6 +164,7 @@
|
|
|
45f372e |
$(RM) $(SERVERBIN)/daemon/cups-driverd
|
|
|
45f372e |
$(RM) $(SERVERBIN)/daemon/cups-lpd
|
|
|
21b0f25 |
$(RM) $(SERVERBIN)/daemon/cups-polld
|
|
|
21b0f25 |
+ $(RM) $(SERVERBIN)/daemon/lspp-access
|
|
|
21b0f25 |
-$(RMDIR) $(STATEDIR)/certs
|
|
|
21b0f25 |
-$(RMDIR) $(STATEDIR)
|
|
|
21b0f25 |
-$(RMDIR) $(SERVERROOT)/ppd
|
|
|
56d3bb9 |
--- cups-1.2.2/scheduler/printers.c.lspp 2006-08-24 12:28:38.000000000 +0100
|
|
|
56d3bb9 |
+++ cups-1.2.2/scheduler/printers.c 2006-08-24 12:30:49.000000000 +0100
|
|
|
21b0f25 |
@@ -57,6 +57,8 @@
|
|
|
21b0f25 |
* printing desktop tools.
|
|
|
45f372e |
*/
|
|
|
45f372e |
|
|
|
45f372e |
+/* (c) Copyright 2005-2006 Hewlett-Packard Development Company, L.P. */
|
|
|
45f372e |
+
|
|
|
45f372e |
/*
|
|
|
45f372e |
* Include necessary headers...
|
|
|
45f372e |
*/
|
|
|
ddd55f2 |
@@ -79,6 +81,10 @@
|
|
|
21b0f25 |
static void write_irix_state(cupsd_printer_t *p);
|
|
|
21b0f25 |
#endif /* __sgi */
|
|
|
45f372e |
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+# include <libaudit.h>
|
|
|
ddd55f2 |
+# include <selinux/context.h>
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
/*
|
|
|
21b0f25 |
* 'cupsdAddPrinter()' - Add a printer to the system.
|
|
|
ddd55f2 |
@@ -1472,6 +1478,13 @@
|
|
|
21b0f25 |
"two-sided-long-edge",
|
|
|
21b0f25 |
"two-sided-short-edge"
|
|
|
21b0f25 |
};
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
21b0f25 |
+ char *audit_message; /* Audit message string */
|
|
|
ddd55f2 |
+ char *printerfile; /* Path to a local printer dev */
|
|
|
ddd55f2 |
+ char *rangestr; /* Printer's range if its available */
|
|
|
ddd55f2 |
+ security_context_t devcon; /* Printer SELinux context */
|
|
|
ddd55f2 |
+ context_t printercon; /* context_t for the printer */
|
|
|
45f372e |
+#endif /* WITH_LSPP */
|
|
|
45f372e |
|
|
|
45f372e |
|
|
|
21b0f25 |
DEBUG_printf(("cupsdSetPrinterAttrs: entering name = %s, type = %x\n", p->name,
|
|
|
56d3bb9 |
@@ -1579,6 +1592,37 @@
|
|
|
21b0f25 |
attr->values[1].string.text = _cupsStrAlloc(Classification ?
|
|
|
21b0f25 |
Classification : p->job_sheets[1]);
|
|
|
21b0f25 |
}
|
|
|
45f372e |
+#ifdef WITH_LSPP
|
|
|
ddd55f2 |
+ if (AuditLog != -1)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ audit_message = NULL;
|
|
|
ddd55f2 |
+ rangestr = NULL;
|
|
|
ddd55f2 |
+ printercon = 0;
|
|
|
ddd55f2 |
+ printerfile = strstr(p->device_uri, "/dev/");
|
|
|
45f372e |
+
|
|
|
ddd55f2 |
+ if (printerfile != NULL)
|
|
|
ddd55f2 |
+ {
|
|
|
ddd55f2 |
+ if (getfilecon(printerfile, &devcon) == -1)
|
|
|
ddd55f2 |
+ cupsdLogMessage(CUPSD_LOG_ERROR, "cupsdSetPrinterAttrs: Unable to get printer context");
|
|
|
ddd55f2 |
+ else
|
|
|
ddd55f2 |
+ printercon = context_new(devcon);
|
|
|
ddd55f2 |
+ }
|
|
|
45f372e |
+
|
|
|
56d3bb9 |
+ if (printercon && context_range_get(printercon))
|
|
|
56d3bb9 |
+ rangestr = strdup(context_range_get(printercon));
|
|
|
56d3bb9 |
+ else
|
|
|
ddd55f2 |
+ rangestr = strdup("unknown");
|
|
|
45f372e |
+
|
|
|
ddd55f2 |
+ cupsdSetStringf(&audit_message, "[Config] printer=%s uri=%s banners set to %s %s has range %s",
|
|
|
ddd55f2 |
+ p->name, p->device_uri, p->job_sheets[0], p->job_sheets[1], rangestr);
|
|
|
ddd55f2 |
+ audit_log_user_message(AuditLog, AUDIT_LABEL_LEVEL_CHANGE, audit_message,
|
|
|
ddd55f2 |
+ ServerName, NULL, NULL, 1);
|
|
|
ddd55f2 |
+ if (printercon)
|
|
|
ddd55f2 |
+ context_free(printercon);
|
|
|
ddd55f2 |
+ free(rangestr);
|
|
|
ddd55f2 |
+ free(audit_message);
|
|
|
ddd55f2 |
+ }
|
|
|
ddd55f2 |
+#endif /* WITH_LSPP */
|
|
|
ddd55f2 |
}
|
|
|
ddd55f2 |
|
|
|
ddd55f2 |
printer_type = p->type;
|