A few more notes on this:
lpr can no longer be run as the user "lp" with all the printing stuff
owned by the user and suid, or my preferred way everything owned by the
group with sgid. Also, samba-client isn't installed in any default config
so samba printing does not work (the option is there, so i feel
samba-client should be installed with the other samba stuff). The reason
lpd can no longer run as root is because it tries to create the socket
/dev/printer...I suppose this can be gotten around by creating a "devs"
group then putting lp into it but I would prefer seeing the printer socket
in /var/spool or somewhere (not sure what else, if anything, relies on
/dev/printer tho)
Just a few thoughts...
-dwild
On Wed, 16 Feb 2000, James Helferty wrote:
> Date: Wed, 16 Feb 2000 23:58:56 -0500
> From: James Helferty <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: Mandrake Cooker ML <[EMAIL PROTECTED]>
> Subject: [Cooker] lpr still buggy from 7.0---fix please!!
>
> Hi everyone.
>
>
> The lpr rpm in Mandrake 7.0 is buggy; no one but root may print!! (Note
> that this same rpm is in the current Mandrake Cooker release, so I'm not
> totally off-topic here. ;)
>
> In case anyone's interested in the error message (and hasn't read the
> newsgroup alt.os.linux.mandrake recently) it's:
>
> lpr: cannot open printer description file
>
> ..when you type "lpr" on the commandline. I have high security-level
> turned on, but I don't think this should be a problem. (And if it is,
> why isn't it documented..?!?)
>
> My printer is an Epson LQ570+, and has been properly configured from the
> printtool inside control-panel. lpd is running properly.
>
> The current fix that everyone's using is to downgrade to the version of
> lpr that comes with Mandrake 6.1, but if I recall correctly, there are
> some security problems with that version of lpr. (Something about a
> race condition that resulted in the ability of people without enough
> rights to view a file still being able to print it.)
>
> If the maintainer of this rpm isn't on the ml, can someone please pass
> along their e-mail address so I can inform them?
>
>
> Thanks,
>
> James
> --
> http://chat.carleton.ca/~jhelfert
>
--
Joel Boring
Senior Systems Administrator
Bluestone Software, Inc.
Bluestone Consulting, Inc.
1000 Briggs Road
Mt. Laurel, NJ 08054
856-727-4600 x3077
