8511e67
diff -up cups-1.3.10/config.h.in.str2536 cups-1.3.10/config.h.in
8511e67
--- cups-1.3.10/config.h.in.str2536	2009-03-12 21:34:21.000000000 +0000
8511e67
+++ cups-1.3.10/config.h.in	2009-04-20 17:27:31.000000000 +0100
828e329
@@ -43,6 +43,13 @@
828e329
 
828e329
 
828e329
 /*
828e329
+ * Default fatal error settings...
828e329
+ */
828e329
+
828e329
+#define CUPS_DEFAULT_FATAL_ERRORS	"config"
828e329
+
828e329
+
828e329
+/*
828e329
  * Default browsing settings...
828e329
  */
828e329
 
8511e67
diff -up cups-1.3.10/config-scripts/cups-defaults.m4.str2536 cups-1.3.10/config-scripts/cups-defaults.m4
8511e67
--- cups-1.3.10/config-scripts/cups-defaults.m4.str2536	2008-04-14 19:10:27.000000000 +0100
8511e67
+++ cups-1.3.10/config-scripts/cups-defaults.m4	2009-04-20 17:27:31.000000000 +0100
828e329
@@ -43,6 +43,14 @@ AC_ARG_WITH(log_file_perm, [  --with-log
828e329
 AC_SUBST(CUPS_LOG_FILE_PERM)
828e329
 AC_DEFINE_UNQUOTED(CUPS_DEFAULT_LOG_FILE_PERM, 0$CUPS_LOG_FILE_PERM)
828e329
 
828e329
+dnl Default FatalErrors
828e329
+AC_ARG_WITH(fatal_errors, [  --with-fatal-errors     set default FatalErrors value, default=config],
828e329
+	CUPS_FATAL_ERRORS="$withval",
828e329
+	CUPS_FATAL_ERRORS="config")
828e329
+AC_SUBST(CUPS_FATAL_ERRORS)
828e329
+AC_DEFINE_UNQUOTED(CUPS_DEFAULT_FATAL_ERRORS, "$CUPS_FATAL_ERRORS")
828e329
+
828e329
+
828e329
 dnl Default Browsing
828e329
 AC_ARG_ENABLE(browsing, [  --enable-browsing       enable Browsing by default, default=yes])
828e329
 if test "x$enable_browsing" = xno; then
8511e67
diff -up cups-1.3.10/configure.str2536 cups-1.3.10/configure
8511e67
--- cups-1.3.10/configure.str2536	2009-04-20 17:27:31.000000000 +0100
8511e67
+++ cups-1.3.10/configure	2009-04-20 17:27:56.000000000 +0100
828e329
@@ -782,6 +782,7 @@ LAUNCHDLIBS
828e329
 LANGUAGES
828e329
 CUPS_CONFIG_FILE_PERM
828e329
 CUPS_LOG_FILE_PERM
828e329
+CUPS_FATAL_ERRORS
828e329
 CUPS_BROWSING
828e329
 CUPS_BROWSE_LOCAL_PROTOCOLS
828e329
 CUPS_BROWSE_REMOTE_PROTOCOLS
8511e67
@@ -1474,6 +1475,7 @@ Optional Packages:
828e329
   --with-languages        set installed languages, default=all
828e329
   --with-config-file-perm set default ConfigFilePerm value, default=0640
828e329
   --with-log-file-perm    set default LogFilePerm value, default=0644
828e329
+  --with-fatal-errors     set default FatalErrors value, default=config
828e329
   --with-local-protocols  set default BrowseLocalProtocols, default="CUPS"
828e329
   --with-remote-protocols set default BrowseRemoteProtocols, default="CUPS"
828e329
   --with-cups-user        set default user for CUPS
8511e67
@@ -17929,6 +17931,21 @@ cat >>confdefs.h <<_ACEOF
828e329
 _ACEOF
828e329
 
828e329
 
828e329
+
828e329
+# Check whether --with-fatal_errors was given.
828e329
+if test "${with_fatal_errors+set}" = set; then
828e329
+  withval=$with_fatal_errors; CUPS_FATAL_ERRORS="$withval"
828e329
+else
828e329
+  CUPS_FATAL_ERRORS="config"
828e329
+fi
828e329
+
828e329
+
828e329
+cat >>confdefs.h <<_ACEOF
828e329
+#define CUPS_DEFAULT_FATAL_ERRORS "$CUPS_FATAL_ERRORS"
828e329
+_ACEOF
828e329
+
828e329
+
828e329
+
828e329
 # Check whether --enable-browsing was given.
828e329
 if test "${enable_browsing+set}" = set; then
828e329
   enableval=$enable_browsing;
8511e67
@@ -20067,6 +20084,7 @@ LAUNCHDLIBS!$LAUNCHDLIBS$ac_delim
828e329
 LANGUAGES!$LANGUAGES$ac_delim
828e329
 CUPS_CONFIG_FILE_PERM!$CUPS_CONFIG_FILE_PERM$ac_delim
828e329
 CUPS_LOG_FILE_PERM!$CUPS_LOG_FILE_PERM$ac_delim
828e329
+CUPS_FATAL_ERRORS!$CUPS_FATAL_ERRORS$ac_delim
828e329
 CUPS_BROWSING!$CUPS_BROWSING$ac_delim
828e329
 CUPS_BROWSE_LOCAL_PROTOCOLS!$CUPS_BROWSE_LOCAL_PROTOCOLS$ac_delim
828e329
 CUPS_BROWSE_REMOTE_PROTOCOLS!$CUPS_BROWSE_REMOTE_PROTOCOLS$ac_delim
8511e67
@@ -20095,7 +20113,7 @@ PHPDIR!$PHPDIR$ac_delim
828e329
 PYTHON!$PYTHON$ac_delim
828e329
 _ACEOF
828e329
 
8511e67
-  if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
8511e67
+  if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 98; then
828e329
     break
828e329
   elif $ac_last_try; then
828e329
     { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
8511e67
diff -up cups-1.3.10/doc/help/ref-cupsd-conf.html.in.str2536 cups-1.3.10/doc/help/ref-cupsd-conf.html.in
8511e67
--- cups-1.3.10/doc/help/ref-cupsd-conf.html.in.str2536	2009-04-16 20:32:04.000000000 +0100
8511e67
+++ cups-1.3.10/doc/help/ref-cupsd-conf.html.in	2009-04-20 17:27:31.000000000 +0100
828e329
@@ -1115,6 +1115,57 @@ printer.

828e329
 
828e329
 
828e329
 
828e329
+
828e329
+

CUPS 1.4FatalErrors

828e329
+
828e329
+

Examples

828e329
+
828e329
+
828e329
+FatalErrors none
828e329
+FatalErrors all
828e329
+FatalErrors browse
828e329
+FatalErrors config
828e329
+FatalErrors listen
828e329
+FatalErrors log
828e329
+FatalErrors permissions
828e329
+FatalErrors all -permissions
828e329
+FatalErrors config permissions log
828e329
+
828e329
+
828e329
+

Description

828e329
+
828e329
+

The FatalErrors directive determines whether certain kinds of

828e329
+errors are fatal. The following kinds of errors are currently recognized:

828e329
+
828e329
+
    828e329
    +
    828e329
    +	
  • none - No errors are fatal
  • 828e329
    +
    828e329
    +	
  • all - All of the errors below are fatal
  • 828e329
    +
    828e329
    +	
  • browse - Browsing initialization errors are fatal,
  • 828e329
    +	for example failed binding to the CUPS browse port or failed connections
    828e329
    +	to LDAP servers
    828e329
    +
    828e329
    +	
  • config - Configuration file syntax errors are
  • 828e329
    +	fatal
    828e329
    +
    828e329
    +	
  • listen - Listen or Port errors are fatal, except for
  • 828e329
    +	IPv6 failures on the loopback or "any" addresses
    828e329
    +
    828e329
    +	
  • log - Log file creation or write errors are fatal
  • 828e329
    +
    828e329
    +	
  • permissions - Bad startup file permissions are
  • 828e329
    +	fatal, for example shared SSL certificate and key files with world-
    828e329
    +	read permissions
    828e329
    +
    828e329
    +
    828e329
    +
    828e329
    +

    Multiple errors can be listed, and the form "-kind" can be used with

    828e329
    +all to remove specific kinds of errors. The default setting is
    828e329
    +@CUPS_FATAL_ERRORS@.

    828e329
    +
    828e329
    +
    828e329
     

    CUPS 1.1.18FileDevice

    828e329
     
    828e329
     

    Examples

    8511e67
    diff -up cups-1.3.10/man/cupsd.conf.man.in.str2536 cups-1.3.10/man/cupsd.conf.man.in
    8511e67
    --- cups-1.3.10/man/cupsd.conf.man.in.str2536	2009-04-16 20:32:04.000000000 +0100
    8511e67
    +++ cups-1.3.10/man/cupsd.conf.man.in	2009-04-20 17:27:31.000000000 +0100
    828e329
    @@ -275,6 +275,15 @@ ErrorLog syslog
    828e329
     .br
    828e329
     Specifies the error log filename.
    828e329
     .TP 5
    828e329
    +FatalErrors none
    828e329
    +.TP 5
    828e329
    +FatalErrors all -kind [... -kind]
    828e329
    +.TP 5
    828e329
    +FatalErrors kind [... kind]
    828e329
    +.br
    828e329
    +Specifies which errors are fatal, causing the scheduler to exit. "Kind" is
    828e329
    +"browse", "config", "listen", "log", or "permissions".
    828e329
    +.TP 5
    828e329
     FileDevice Yes
    828e329
     .TP 5
    828e329
     FileDevice No
    8511e67
    diff -up cups-1.3.10/scheduler/conf.c.str2536 cups-1.3.10/scheduler/conf.c
    8511e67
    --- cups-1.3.10/scheduler/conf.c.str2536	2009-04-20 17:27:31.000000000 +0100
    8511e67
    +++ cups-1.3.10/scheduler/conf.c	2009-04-20 17:27:31.000000000 +0100
    8511e67
    @@ -23,6 +23,7 @@
    828e329
      *   get_addr_and_mask()      - Get an IP address and netmask.
    8511e67
      *   parse_aaa()              - Parse authentication, authorization, and access
    8511e67
      *                              control lines.
    828e329
    + *   parse_fatal_errors()     - Parse FatalErrors values in a string.
    828e329
      *   parse_groups()           - Parse system group names in a string.
    828e329
      *   parse_protocols()        - Parse browse protocols in a string.
    828e329
      *   read_configuration()     - Read a configuration file.
    8511e67
    @@ -197,6 +198,7 @@ static int		get_addr_and_mask(const char
    828e329
     			                  unsigned *mask);
    828e329
     static int		parse_aaa(cupsd_location_t *loc, char *line,
    828e329
     			          char *value, int linenum);
    828e329
    +static int		parse_fatal_errors(const char *s);
    828e329
     static int		parse_groups(const char *s);
    828e329
     static int		parse_protocols(const char *s);
    828e329
     static int		read_configuration(cups_file_t *fp);
    8511e67
    @@ -540,6 +542,7 @@ cupsdReadConfiguration(void)
    828e329
       */
    828e329
     
    828e329
       ConfigFilePerm        = CUPS_DEFAULT_CONFIG_FILE_PERM;
    828e329
    +  FatalErrors           = parse_fatal_errors(CUPS_DEFAULT_FATAL_ERRORS);
    828e329
       DefaultAuthType       = CUPSD_AUTH_BASIC;
    828e329
     #ifdef HAVE_SSL
    828e329
       DefaultEncryption     = HTTP_ENCRYPT_REQUIRED;
    8511e67
    @@ -861,30 +864,31 @@ cupsdReadConfiguration(void)
    828e329
     
    828e329
       snprintf(temp, sizeof(temp), "%s/rss", CacheDir);
    828e329
     
    828e329
    -  if (cupsdCheckPermissions(RequestRoot, NULL, 0710, RunUser,
    828e329
    -			    Group, 1, 1) < 0 ||
    828e329
    -      cupsdCheckPermissions(CacheDir, NULL, 0775, RunUser,
    828e329
    -			    Group, 1, 1) < 0 ||
    828e329
    -      cupsdCheckPermissions(temp, NULL, 0775, RunUser,
    828e329
    -			    Group, 1, 1) < 0 ||
    828e329
    -      cupsdCheckPermissions(StateDir, NULL, 0755, RunUser,
    828e329
    -			    Group, 1, 1) < 0 ||
    828e329
    -      cupsdCheckPermissions(StateDir, "certs", RunUser ? 0711 : 0511, User,
    828e329
    -			    SystemGroupIDs[0], 1, 1) < 0 ||
    828e329
    -      cupsdCheckPermissions(ServerRoot, NULL, 0755, RunUser, 
    828e329
    -			    Group, 1, 0) < 0 ||
    828e329
    -      cupsdCheckPermissions(ServerRoot, "ppd", 0755, RunUser,
    828e329
    -			    Group, 1, 1) < 0 ||
    828e329
    -      cupsdCheckPermissions(ServerRoot, "ssl", 0700, RunUser,
    828e329
    -			    Group, 1, 0) < 0 ||
    828e329
    -      cupsdCheckPermissions(ServerRoot, "cupsd.conf", ConfigFilePerm, RunUser,
    828e329
    -			    Group, 0, 0) < 0 ||
    828e329
    -      cupsdCheckPermissions(ServerRoot, "classes.conf", 0600, RunUser,
    828e329
    -			    Group, 0, 0) < 0 ||
    828e329
    -      cupsdCheckPermissions(ServerRoot, "printers.conf", 0600, RunUser,
    828e329
    -			    Group, 0, 0) < 0 ||
    828e329
    -      cupsdCheckPermissions(ServerRoot, "passwd.md5", 0600, User,
    828e329
    -			    Group, 0, 0) < 0)
    828e329
    +  if ((cupsdCheckPermissions(RequestRoot, NULL, 0710, RunUser,
    828e329
    +			     Group, 1, 1) < 0 ||
    828e329
    +       cupsdCheckPermissions(CacheDir, NULL, 0775, RunUser,
    828e329
    +			     Group, 1, 1) < 0 ||
    828e329
    +       cupsdCheckPermissions(temp, NULL, 0775, RunUser,
    828e329
    +			     Group, 1, 1) < 0 ||
    828e329
    +       cupsdCheckPermissions(StateDir, NULL, 0755, RunUser,
    828e329
    +			     Group, 1, 1) < 0 ||
    828e329
    +       cupsdCheckPermissions(StateDir, "certs", RunUser ? 0711 : 0511, User,
    828e329
    +			     SystemGroupIDs[0], 1, 1) < 0 ||
    828e329
    +       cupsdCheckPermissions(ServerRoot, NULL, 0755, RunUser, 
    828e329
    +			     Group, 1, 0) < 0 ||
    828e329
    +       cupsdCheckPermissions(ServerRoot, "ppd", 0755, RunUser,
    828e329
    +			     Group, 1, 1) < 0 ||
    828e329
    +       cupsdCheckPermissions(ServerRoot, "ssl", 0700, RunUser,
    828e329
    +			     Group, 1, 0) < 0 ||
    828e329
    +       cupsdCheckPermissions(ServerRoot, "cupsd.conf", ConfigFilePerm, RunUser,
    828e329
    +			     Group, 0, 0) < 0 ||
    828e329
    +       cupsdCheckPermissions(ServerRoot, "classes.conf", 0600, RunUser,
    828e329
    +			     Group, 0, 0) < 0 ||
    828e329
    +       cupsdCheckPermissions(ServerRoot, "printers.conf", 0600, RunUser,
    828e329
    +			     Group, 0, 0) < 0 ||
    828e329
    +       cupsdCheckPermissions(ServerRoot, "passwd.md5", 0600, User,
    828e329
    +			     Group, 0, 0) < 0) &&
    828e329
    +      FatalErrors & CUPSD_FATAL_PERMISSIONS)
    828e329
         return (0);
    828e329
     
    828e329
      /*
    8511e67
    @@ -934,7 +938,8 @@ cupsdReadConfiguration(void)
    828e329
         * is under the spool directory or does not exist...
    828e329
         */
    828e329
     
    828e329
    -    if (cupsdCheckPermissions(TempDir, NULL, 01770, RunUser, Group, 1, 1) < 0)
    828e329
    +    if (cupsdCheckPermissions(TempDir, NULL, 01770, RunUser, Group, 1, 1) < 0 &&
    828e329
    +	(FatalErrors & CUPSD_FATAL_PERMISSIONS))
    828e329
           return (0);
    828e329
       }
    828e329
     
    8511e67
    @@ -951,8 +956,10 @@ cupsdReadConfiguration(void)
    828e329
       if (MaxClients > (MaxFDs / 3) || MaxClients <= 0)
    828e329
       {
    828e329
         if (MaxClients > 0)
    828e329
    -      cupsdLogMessage(CUPSD_LOG_INFO, "MaxClients limited to 1/3 (%d) of the file descriptor limit (%d)...",
    828e329
    -                 MaxFDs / 3, MaxFDs);
    828e329
    +      cupsdLogMessage(CUPSD_LOG_INFO,
    828e329
    +                      "MaxClients limited to 1/3 (%d) of the file descriptor "
    828e329
    +		      "limit (%d)...",
    828e329
    +                      MaxFDs / 3, MaxFDs);
    828e329
     
    828e329
         MaxClients = MaxFDs / 3;
    828e329
       }
    8511e67
    @@ -1194,7 +1201,8 @@ cupsdReadConfiguration(void)
    828e329
         {
    828e329
           cupsdLogMessage(CUPSD_LOG_EMERG,
    828e329
                           "Unable to load MIME database from \'%s\'!", ServerRoot);
    828e329
    -      exit(errno);
    828e329
    +      if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	return (0);
    828e329
         }
    828e329
     
    828e329
         cupsdLogMessage(CUPSD_LOG_INFO,
    8511e67
    @@ -2037,6 +2045,86 @@ parse_aaa(cupsd_location_t *loc,	/* I - 
    828e329
     
    828e329
     
    828e329
     /*
    828e329
    + * 'parse_fatal_errors()' - Parse FatalErrors values in a string.
    828e329
    + */
    828e329
    +
    828e329
    +static int				/* O - FatalErrors bits */
    828e329
    +parse_fatal_errors(const char *s)	/* I - FatalErrors string */
    828e329
    +{
    828e329
    +  int	fatal;				/* FatalErrors bits */
    828e329
    +  char	value[1024],			/* Value string */
    828e329
    +	*valstart,			/* Pointer into value */
    828e329
    +	*valend;			/* End of value */
    828e329
    +
    828e329
    +
    828e329
    + /*
    828e329
    +  * Empty FatalErrors line yields NULL pointer...
    828e329
    +  */
    828e329
    +
    828e329
    +  if (!s)
    828e329
    +    return (CUPSD_FATAL_NONE);
    828e329
    +
    828e329
    + /*
    828e329
    +  * Loop through the value string,...
    828e329
    +  */
    828e329
    +
    828e329
    +  strlcpy(value, s, sizeof(value));
    828e329
    +
    828e329
    +  fatal = CUPSD_FATAL_NONE;
    828e329
    +
    828e329
    +  for (valstart = value; *valstart;)
    828e329
    +  {
    828e329
    +   /*
    828e329
    +    * Get the current space/comma-delimited kind name...
    828e329
    +    */
    828e329
    +
    828e329
    +    for (valend = valstart; *valend; valend ++)
    828e329
    +      if (isspace(*valend & 255) || *valend == ',')
    828e329
    +	break;
    828e329
    +
    828e329
    +    if (*valend)
    828e329
    +      *valend++ = '\0';
    828e329
    +
    828e329
    +   /*
    828e329
    +    * Add the error to the bitmask...
    828e329
    +    */
    828e329
    +
    828e329
    +    if (!strcasecmp(valstart, "all"))
    828e329
    +      fatal = CUPSD_FATAL_ALL;
    828e329
    +    else if (!strcasecmp(valstart, "browse"))
    828e329
    +      fatal |= CUPSD_FATAL_BROWSE;
    828e329
    +    else if (!strcasecmp(valstart, "-browse"))
    828e329
    +      fatal &= ~CUPSD_FATAL_BROWSE;
    828e329
    +    else if (!strcasecmp(valstart, "config"))
    828e329
    +      fatal |= CUPSD_FATAL_CONFIG;
    828e329
    +    else if (!strcasecmp(valstart, "-config"))
    828e329
    +      fatal &= ~CUPSD_FATAL_CONFIG;
    828e329
    +    else if (!strcasecmp(valstart, "listen"))
    828e329
    +      fatal |= CUPSD_FATAL_LISTEN;
    828e329
    +    else if (!strcasecmp(valstart, "-listen"))
    828e329
    +      fatal &= ~CUPSD_FATAL_LISTEN;
    828e329
    +    else if (!strcasecmp(valstart, "log"))
    828e329
    +      fatal |= CUPSD_FATAL_LOG;
    828e329
    +    else if (!strcasecmp(valstart, "-log"))
    828e329
    +      fatal &= ~CUPSD_FATAL_LOG;
    828e329
    +    else if (!strcasecmp(valstart, "permissions"))
    828e329
    +      fatal |= CUPSD_FATAL_PERMISSIONS;
    828e329
    +    else if (!strcasecmp(valstart, "-permissions"))
    828e329
    +      fatal &= ~CUPSD_FATAL_PERMISSIONS;
    828e329
    +    else if (strcasecmp(valstart, "none"))
    828e329
    +      cupsdLogMessage(CUPSD_LOG_ERROR,
    828e329
    +                      "Unknown FatalErrors kind \"%s\" ignored!", valstart);
    828e329
    +
    828e329
    +    for (valstart = valend; *valstart; valstart ++)
    828e329
    +      if (!isspace(*valstart & 255) || *valstart != ',')
    828e329
    +	break;
    828e329
    +  }
    828e329
    +
    828e329
    +  return (fatal);
    828e329
    +}
    828e329
    +
    828e329
    +
    828e329
    +/*
    828e329
      * 'parse_groups()' - Parse system group names in a string.
    828e329
      */
    828e329
     
    8511e67
    @@ -2868,7 +2956,8 @@ read_configuration(cups_file_t *fp)	/* I
    828e329
     	cupsdLogMessage(CUPSD_LOG_WARN,
    828e329
     	                "Unknown default authorization type %s on line %d.",
    828e329
     	                value, linenum);
    828e329
    -	return (0);
    828e329
    +	if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	  return (0);
    828e329
           }
    828e329
         }
    828e329
     #ifdef HAVE_SSL
    8511e67
    @@ -2889,7 +2978,8 @@ read_configuration(cups_file_t *fp)	/* I
    828e329
     	cupsdLogMessage(CUPSD_LOG_WARN,
    828e329
     	                "Unknown default encryption %s on line %d.",
    828e329
     	                value, linenum);
    828e329
    -	return (0);
    828e329
    +	if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	  return (0);
    828e329
           }
    828e329
         }
    828e329
     #endif /* HAVE_SSL */
    8511e67
    @@ -3278,7 +3368,8 @@ read_location(cups_file_t *fp,		/* I - C
    828e329
           if (!value)
    828e329
           {
    828e329
             cupsdLogMessage(CUPSD_LOG_ERROR, "Syntax error on line %d.", linenum);
    828e329
    -        return (0);
    828e329
    +        if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	  return (0);
    828e329
           }
    828e329
           
    828e329
           if ((loc = cupsdCopyLocation(&parent)) == NULL)
    8511e67
    @@ -3326,7 +3417,8 @@ read_location(cups_file_t *fp,		/* I - C
    828e329
           cupsdLogMessage(CUPSD_LOG_ERROR,
    828e329
                           "Unknown Location directive %s on line %d.",
    828e329
     	              line, linenum);
    828e329
    -      return (0);
    828e329
    +      if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	return (0);
    828e329
         }
    828e329
       }
    828e329
     
    8511e67
    @@ -3334,7 +3426,7 @@ read_location(cups_file_t *fp,		/* I - C
    828e329
                       "Unexpected end-of-file at line %d while reading location!",
    828e329
                       linenum);
    828e329
     
    828e329
    -  return (0);
    828e329
    +  return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
    828e329
     }
    828e329
     
    828e329
     
    8511e67
    @@ -3392,7 +3484,8 @@ read_policy(cups_file_t *fp,		/* I - Con
    828e329
           if (!value)
    828e329
           {
    828e329
             cupsdLogMessage(CUPSD_LOG_ERROR, "Syntax error on line %d.", linenum);
    828e329
    -        return (0);
    828e329
    +        if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	  return (0);
    828e329
           }
    828e329
           
    828e329
          /*
    8511e67
    @@ -3466,7 +3559,8 @@ read_policy(cups_file_t *fp,		/* I - Con
    828e329
           cupsdLogMessage(CUPSD_LOG_ERROR,
    828e329
                           "Missing <Limit ops> directive before %s on line %d.",
    828e329
                           line, linenum);
    828e329
    -      return (0);
    828e329
    +      if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	return (0);
    828e329
         }
    828e329
         else if (!parse_aaa(op, line, value, linenum))
    828e329
         {
    8511e67
    @@ -3479,7 +3573,8 @@ read_policy(cups_file_t *fp,		/* I - Con
    828e329
     	                "Unknown Policy directive %s on line %d.",
    828e329
     	                line, linenum);
    828e329
     
    828e329
    -      return (0);
    828e329
    +      if (FatalErrors & CUPSD_FATAL_CONFIG)
    828e329
    +	return (0);
    828e329
         }
    828e329
       }
    828e329
     
    8511e67
    @@ -3487,7 +3582,7 @@ read_policy(cups_file_t *fp,		/* I - Con
    828e329
                       "Unexpected end-of-file at line %d while reading policy \"%s\"!",
    828e329
                       linenum, policy);
    828e329
     
    828e329
    -  return (0);
    828e329
    +  return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum);
    828e329
     }
    828e329
     
    828e329
     
    8511e67
    diff -up cups-1.3.10/scheduler/conf.h.str2536 cups-1.3.10/scheduler/conf.h
    8511e67
    --- cups-1.3.10/scheduler/conf.h.str2536	2009-04-20 17:27:31.000000000 +0100
    8511e67
    +++ cups-1.3.10/scheduler/conf.h	2009-04-20 17:27:31.000000000 +0100
    828e329
    @@ -38,6 +38,19 @@ typedef enum
    828e329
     
    828e329
     
    828e329
     /*
    828e329
    + * FatalErrors flags...
    828e329
    + */
    828e329
    +
    828e329
    +#define CUPSD_FATAL_NONE	0	/* No errors are fatal */
    828e329
    +#define CUPSD_FATAL_BROWSE	1	/* Browse bind errors are fatal */
    828e329
    +#define CUPSD_FATAL_CONFIG	2	/* Config file syntax errors are fatal */
    828e329
    +#define CUPSD_FATAL_LISTEN	4	/* Listen/Port bind errors are fatal */
    828e329
    +#define CUPSD_FATAL_LOG		8	/* Log file errors are fatal */
    828e329
    +#define CUPSD_FATAL_PERMISSIONS	16	/* File permission errors are fatal */
    828e329
    +#define CUPSD_FATAL_ALL		~0	/* All errors are fatal */
    828e329
    +
    828e329
    +
    828e329
    +/*
    828e329
      * Printcap formats...
    828e329
      */
    828e329
     
    8511e67
    @@ -140,6 +153,8 @@ VAR int			ClassifyOverride	VALUE(0),
    828e329
     					/* Allow overrides? */
    828e329
     			ConfigFilePerm		VALUE(0640),
    828e329
     					/* Permissions for config files */
    828e329
    +			FatalErrors		VALUE(CUPSD_FATAL_CONFIG),
    828e329
    +					/* Which errors are fatal? */
    828e329
     			LogFilePerm		VALUE(0644),
    828e329
     					/* Permissions for log files */
    828e329
     			LogLevel		VALUE(CUPSD_LOG_ERROR),
    8511e67
    diff -up cups-1.3.10/scheduler/dirsvc.c.str2536 cups-1.3.10/scheduler/dirsvc.c
    8511e67
    --- cups-1.3.10/scheduler/dirsvc.c.str2536	2009-02-12 22:23:31.000000000 +0000
    8511e67
    +++ cups-1.3.10/scheduler/dirsvc.c	2009-04-20 17:27:31.000000000 +0100
    828e329
    @@ -954,9 +954,14 @@ cupsdStartBrowsing(void)
    828e329
     			strerror(errno));
    828e329
     	BrowseLocalProtocols &= ~BROWSE_CUPS;
    828e329
     	BrowseRemoteProtocols &= ~BROWSE_CUPS;
    828e329
    -	return;
    828e329
    +
    828e329
    +	if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
           }
    828e329
    +    }
    828e329
     
    828e329
    +    if (BrowseSocket >= 0)
    828e329
    +    {
    828e329
          /*
    828e329
           * Bind the socket to browse port...
    828e329
           */
    828e329
    @@ -981,50 +986,60 @@ cupsdStartBrowsing(void)
    828e329
     	BrowseSocket = -1;
    828e329
     	BrowseLocalProtocols &= ~BROWSE_CUPS;
    828e329
     	BrowseRemoteProtocols &= ~BROWSE_CUPS;
    828e329
    -	return;
    828e329
    +
    828e329
    +	if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
           }
    828e329
         }
    828e329
     
    828e329
    -   /*
    828e329
    -    * Set the "broadcast" flag...
    828e329
    -    */
    828e329
    -
    828e329
    -    val = 1;
    828e329
    -    if (setsockopt(BrowseSocket, SOL_SOCKET, SO_BROADCAST, &val, sizeof(val)))
    828e329
    +    if (BrowseSocket >= 0)
    828e329
         {
    828e329
    -      cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to set broadcast mode - %s.",
    828e329
    -        	      strerror(errno));
    828e329
    +     /*
    828e329
    +      * Set the "broadcast" flag...
    828e329
    +      */
    828e329
    +
    828e329
    +      val = 1;
    828e329
    +      if (setsockopt(BrowseSocket, SOL_SOCKET, SO_BROADCAST, &val, sizeof(val)))
    828e329
    +      {
    828e329
    +	cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to set broadcast mode - %s.",
    828e329
    +			strerror(errno));
    828e329
     
    828e329
     #ifdef WIN32
    828e329
    -      closesocket(BrowseSocket);
    828e329
    +	closesocket(BrowseSocket);
    828e329
     #else
    828e329
    -      close(BrowseSocket);
    828e329
    +	close(BrowseSocket);
    828e329
     #endif /* WIN32 */
    828e329
     
    828e329
    -      BrowseSocket = -1;
    828e329
    -      BrowseLocalProtocols &= ~BROWSE_CUPS;
    828e329
    -      BrowseRemoteProtocols &= ~BROWSE_CUPS;
    828e329
    -      return;
    828e329
    -    }
    828e329
    +	BrowseSocket = -1;
    828e329
    +	BrowseLocalProtocols &= ~BROWSE_CUPS;
    828e329
    +	BrowseRemoteProtocols &= ~BROWSE_CUPS;
    828e329
     
    828e329
    -   /*
    828e329
    -    * Close the socket on exec...
    828e329
    -    */
    828e329
    +	if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
    +      }
    828e329
    +    }
    828e329
     
    828e329
    -    fcntl(BrowseSocket, F_SETFD, fcntl(BrowseSocket, F_GETFD) | FD_CLOEXEC);
    828e329
    +    if (BrowseSocket >= 0)
    828e329
    +    {
    828e329
    +     /*
    828e329
    +      * Close the socket on exec...
    828e329
    +      */
    828e329
     
    828e329
    -   /*
    828e329
    -    * Finally, add the socket to the input selection set as needed...
    828e329
    -    */
    828e329
    +      fcntl(BrowseSocket, F_SETFD, fcntl(BrowseSocket, F_GETFD) | FD_CLOEXEC);
    828e329
     
    828e329
    -    if (BrowseRemoteProtocols & BROWSE_CUPS)
    828e329
    -    {
    828e329
          /*
    828e329
    -      * We only listen if we want remote printers...
    828e329
    +      * Finally, add the socket to the input selection set as needed...
    828e329
           */
    828e329
     
    828e329
    -      cupsdAddSelect(BrowseSocket, (cupsd_selfunc_t)update_cups_browse,
    828e329
    -                     NULL, NULL);
    828e329
    +      if (BrowseRemoteProtocols & BROWSE_CUPS)
    828e329
    +      {
    828e329
    +       /*
    828e329
    +	* We only listen if we want remote printers...
    828e329
    +	*/
    828e329
    +
    828e329
    +	cupsdAddSelect(BrowseSocket, (cupsd_selfunc_t)update_cups_browse,
    828e329
    +		       NULL, NULL);
    828e329
    +      }
    828e329
         }
    828e329
       }
    828e329
       else
    828e329
    @@ -1043,6 +1058,10 @@ cupsdStartBrowsing(void)
    828e329
                           "Unable to open an SLP handle; disabling SLP browsing!");
    828e329
           BrowseLocalProtocols &= ~BROWSE_SLP;
    828e329
           BrowseRemoteProtocols &= ~BROWSE_SLP;
    828e329
    +      BrowseSLPHandle = NULL;
    828e329
    +
    828e329
    +      if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	cupsdEndProcess(getpid(), 0);
    828e329
         }
    828e329
     
    828e329
         BrowseSLPRefresh = 0;
    828e329
    @@ -1060,6 +1079,9 @@ cupsdStartBrowsing(void)
    828e329
                           "Need to set BrowseLDAPDN to use LDAP browsing!");
    828e329
           BrowseLocalProtocols &= ~BROWSE_LDAP;
    828e329
           BrowseRemoteProtocols &= ~BROWSE_LDAP;
    828e329
    +
    828e329
    +      if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	cupsdEndProcess(getpid(), 0);
    828e329
         }
    828e329
         else
    828e329
         {
    828e329
    @@ -1105,6 +1127,9 @@ cupsdStartBrowsing(void)
    828e329
     	                "Unable to initialize LDAP; disabling LDAP browsing!");
    828e329
     	BrowseLocalProtocols &= ~BROWSE_LDAP;
    828e329
     	BrowseRemoteProtocols &= ~BROWSE_LDAP;
    828e329
    +
    828e329
    +	if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
           }
    828e329
           else if (ldap_set_option(BrowseLDAPHandle, LDAP_OPT_PROTOCOL_VERSION,
    828e329
                                    (const void *)&version) != LDAP_SUCCESS)
    828e329
    @@ -1116,6 +1141,9 @@ cupsdStartBrowsing(void)
    828e329
     			"disabling LDAP browsing!");
    828e329
     	BrowseLocalProtocols &= ~BROWSE_LDAP;
    828e329
     	BrowseRemoteProtocols &= ~BROWSE_LDAP;
    828e329
    +
    828e329
    +	if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
           }
    828e329
           else
    828e329
           {
    828e329
    @@ -1134,6 +1162,9 @@ cupsdStartBrowsing(void)
    828e329
     	  ldap_unbind_ext(BrowseLDAPHandle, NULL, NULL);
    828e329
     	  BrowseLocalProtocols &= ~BROWSE_LDAP;
    828e329
     	  BrowseRemoteProtocols &= ~BROWSE_LDAP;
    828e329
    +
    828e329
    +	  if (FatalErrors & CUPSD_FATAL_BROWSE)
    828e329
    +	    cupsdEndProcess(getpid(), 0);
    828e329
     	}
    828e329
           }
    828e329
         }
    8511e67
    diff -up cups-1.3.10/scheduler/listen.c.str2536 cups-1.3.10/scheduler/listen.c
    8511e67
    --- cups-1.3.10/scheduler/listen.c.str2536	2009-01-15 19:12:15.000000000 +0000
    8511e67
    +++ cups-1.3.10/scheduler/listen.c	2009-04-20 17:27:31.000000000 +0100
    8511e67
    @@ -182,6 +182,20 @@ cupsdStartListening(void)
    828e329
     	cupsdLogMessage(CUPSD_LOG_ERROR,
    828e329
     			"Unable to open listen socket for address %s:%d - %s.",
    828e329
     			s, p, strerror(errno));
    828e329
    +
    828e329
    +#ifdef AF_INET6
    828e329
    +       /*
    828e329
    +        * IPv6 is often disabled while DNS returns IPv6 addresses...
    828e329
    +	*/
    828e329
    +
    828e329
    +	if (lis->address.addr.sa_family != AF_INET6 &&
    828e329
    +	    (FatalErrors & CUPSD_FATAL_LISTEN))
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
    +#else
    828e329
    +	if (FatalErrors & CUPSD_FATAL_LISTEN)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
    +#endif /* AF_INET6 */
    828e329
    +
    828e329
     	continue;
    828e329
           }
    828e329
     
    8511e67
    @@ -266,6 +280,10 @@ cupsdStartListening(void)
    828e329
     			s, p, strerror(errno));
    828e329
     	close(lis->fd);
    828e329
     	lis->fd = -1;
    828e329
    +
    828e329
    +	if (FatalErrors & CUPSD_FATAL_LISTEN)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
    +
    828e329
     	continue;
    828e329
           }
    828e329
     
    8511e67
    @@ -278,7 +296,14 @@ cupsdStartListening(void)
    828e329
     	cupsdLogMessage(CUPSD_LOG_ERROR,
    828e329
     			"Unable to listen for clients on address %s:%d - %s.",
    828e329
     			s, p, strerror(errno));
    828e329
    -	exit(errno);
    828e329
    +
    828e329
    +	close(lis->fd);
    828e329
    +	lis->fd = -1;
    828e329
    +
    828e329
    +	if (FatalErrors & CUPSD_FATAL_LISTEN)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
    +
    828e329
    +        continue;
    828e329
           }
    828e329
         }
    828e329
     
    8511e67
    @@ -327,11 +352,8 @@ cupsdStartListening(void)
    828e329
                         "No Listen or Port lines were found to allow access via "
    828e329
     		    "localhost!");
    828e329
     
    828e329
    -   /*
    828e329
    -    * Commit suicide...
    828e329
    -    */
    828e329
    -
    828e329
    -    cupsdEndProcess(getpid(), 0);
    828e329
    +    if (FatalErrors & (CUPSD_FATAL_CONFIG | CUPSD_FATAL_LISTEN))
    828e329
    +      cupsdEndProcess(getpid(), 0);
    828e329
       }
    828e329
     
    828e329
      /*
    8511e67
    diff -up cups-1.3.10/scheduler/log.c.str2536 cups-1.3.10/scheduler/log.c
    8511e67
    --- cups-1.3.10/scheduler/log.c.str2536	2009-04-20 17:27:31.000000000 +0100
    8511e67
    +++ cups-1.3.10/scheduler/log.c	2009-04-20 17:27:31.000000000 +0100
    828e329
    @@ -546,7 +546,20 @@ check_log_file(cups_file_t **lf,	/* IO -
    828e329
     
    828e329
           if (!strncmp(filename, CUPS_LOGDIR, strlen(CUPS_LOGDIR)))
    828e329
           {
    828e329
    -        cupsdCheckPermissions(CUPS_LOGDIR, NULL, 0755, RunUser, Group, 1, -1);
    828e329
    +       /*
    828e329
    +        * Try updating the permissions of the containing log directory, using
    828e329
    +	* the log file permissions as a basis...
    828e329
    +	*/
    828e329
    +
    828e329
    +        int log_dir_perm = 0300 | LogFilePerm;
    828e329
    +					/* LogFilePerm + owner write/search */
    828e329
    +	if (log_dir_perm & 0040)
    828e329
    +	  log_dir_perm |= 0010;		/* Add group search */
    828e329
    +	if (log_dir_perm & 0004)
    828e329
    +	  log_dir_perm |= 0001;		/* Add other search */
    828e329
    +
    828e329
    +        cupsdCheckPermissions(CUPS_LOGDIR, NULL, log_dir_perm, RunUser, Group,
    828e329
    +	                      1, -1);
    828e329
     
    828e329
             *lf = cupsFileOpen(filename, "a");
    828e329
           }
    828e329
    @@ -555,6 +568,10 @@ check_log_file(cups_file_t **lf,	/* IO -
    828e329
           {
    828e329
     	syslog(LOG_ERR, "Unable to open log file \"%s\" - %s", filename,
    828e329
     	       strerror(errno));
    828e329
    +
    828e329
    +        if (FatalErrors & CUPSD_FATAL_LOG)
    828e329
    +	  cupsdEndProcess(getpid(), 0);
    828e329
    +
    828e329
     	return (0);
    828e329
           }
    828e329
         }
    828e329
    @@ -622,6 +639,9 @@ check_log_file(cups_file_t **lf,	/* IO -
    828e329
           syslog(LOG_ERR, "Unable to open log file \"%s\" - %s", filename,
    828e329
                  strerror(errno));
    828e329
     
    828e329
    +      if (FatalErrors & CUPSD_FATAL_LOG)
    828e329
    +	cupsdEndProcess(getpid(), 0);
    828e329
    +
    828e329
           return (0);
    828e329
         }
    828e329