On Mon, Oct 19, 2015 at 05:21:06PM +0100, Rainer Weikusat wrote:
> Hendrik Boom <[email protected]> writes:
>
> [...]
>
>
> >> Since group has no permission and owner has all, only the owner
> >> should matter. But the group s bit, AFAIR is something which
> >> disallows overwriting a file owned by someone else. Maybe try to
> >> make daemon the owner of /usr/bin/lpr, just to see what happens
> >>
> >> Didier
> >>
> >> _______________________________________________
> >
> > Did that. It didn't help. I even did the lpr command as root. Might
> > root be excluded from printing for some reason? Might it try
> > writing to the directory as the user that invoked the lpr command
> > instead of as the suid'd user? Might I have to add
> > users, one by one, to group lp?
> >
> > I added blank lines for readability:
> >
> > root@notlookedfor:/home/hendrik# ls -l /usr/bin/lpr
> > -rwsr-sr-x 1 root lp 26536 Nov 20 2014 /usr/bin/lpr
> >
> > root@notlookedfor:/home/hendrik# chown daemon /usr/bin/lpr
> >
> > root@notlookedfor:/home/hendrik# ls -l /usr/bin/lpr
> > -rwxr-xr-x 1 daemon lp 26536 Nov 20 2014 /usr/bin/lpr
> >
> > root@notlookedfor:/home/hendrik# /usr/bin/lpr -h -PHL3170CDW
> > Documents/math/Librationism=1407.3877v3.ps
> > lpr: cannot open /var/spool/lpd/hl3170cdw/.seq: Permission denied
>
> JFTR^2: I'm using lprng with a Brother printer and my lpr is
>
> -rwxr-xr-x 2 root root 361728 Jun 11 2012 /usr/bin/lpr
>
> which works find (/var/spool/lpd permissions are identical) because lpr
> really just talk to lpd (the 'line printer daemon') which runs as user
> daemon and hence, can write to the spool directory.
>
> Changing the owner of the lpr binary just means some 'user daemon' can
> now overwrite the file aka 'open it for writing'. You could try running
> the lpr command via strace -f which ought to provide more information
> about the 'permission denied' error.
Before I tried this, I set ownership of /usr/bin/lpr back to root,
since setting it to daemon didn't seem to help any:
root@notlookedfor:/home/hendrik# ls -l /usr/bin/lpr
-rwxr-xr-x 1 root lp 26536 Nov 20 2014 /usr/bin/lpr
root@notlookedfor:/home/hendrik#
Now for strace:
root@notlookedfor:/home/hendrik# strace -f / /usr/bin/lpr -h -PHL3170CDW
Documents/math/Librationism=1407.3877v3.ps
execve("/", ["/", "/usr/bin/lpr", "-h", "-PHL3170CDW",
"Documents/math/Librationism=1407"...], [/* 37 vars */]) = -1 EACCES
(Permission denied)
write(2, "strace: exec: Permission denied\n", 32strace: exec: Permission denied
) = 32
exit_group(1) = ?
+++ exited with 1 +++
root@notlookedfor:/home/hendrik#
-- hendrik
_______________________________________________
Dng mailing list
[email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
