** Description changed: As discovered in various recent bug reports (e.g., https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2133207 ), many systems have ancient cupsd.conf with deprecated contents, which will surface as a showstopper when cups now tries to strictly enforce validity of cupsd.conf lines. This current bug report is about the ancient config files. The reason ancient config files exist is because the cups-daemon package isn't upgrading the config. Per https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2133207/comments/42 : cupsd.conf is *not* in cups-daemon.list nor cups-daemon.conffiles; instead, cups-daemon.postinst checks whether cupsd.conf exists, otherwise makes a copy of /usr/share/cups/cupsd.conf.default . This seems to mean the system gets a pristine cupsd.conf only on the initial install, but receives no subsequent changes on subsequent package upgrades. In particular, even if the sys admin has made no changes to their cupsd.conf, their version will remain unchanged even while /usr/share/cups/cupsd.conf.default could be evolving. In particular, if a system started on say Ubuntu 16.04, and was upgraded every two years, the system itself might be on say 24.04 yet its cupsd.conf will be from 16.04. (Compare the behavior to package cups-browsed, wherein cups-browsed.conf is indeed part of cups-browsed.list and cups-browsed.conffiles. During "apt upgrade", when there is a newer cups-browsed.conf but I have modified mine, I get queried to examine the diff and decide what to do. Such a thing does not happen with cupsd.conf. It just stays stuck on the ancient version.) Proposed solution: - Move /usr/share/cups/cupsd.conf.default to /etc/cupsd.conf - Add /etc/cupsd.conf to cups-daemon.list - Add /etc/cupsd.conf to cups-daemon.conffiles (An alternate solution is proposed in https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2133207/comments/44 , but to me the dpkg conffile mechanism is preferable.) Or if this isn't a good idea, I'm curious, is there a reason why - cupsd.conf is isn't part of dpkg conffile mechanism? + cupsd.conf isn't part of dpkg conffile mechanism? [I'm hesitant to mark this a "security" bug, but it kind of is insofar as an earlier version of cups-daemon could have shipped a cupsd.conf.default with poorly chosen values, fixed in a later version but so long as this bug remains those corrections don't properly disseminate.]
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2134262 Title: cupsd.conf should be a conffile in cups-daemon package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2134262/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
