From: Michael R Sweet Date: Wed, 6 Oct 2021 12:13:11 +0000 (-0400) Subject: Save work on simplifying snap support. X-Git-Tag: v2.4b1~23^2~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9968d013215891afe23c581539ef895a0d9add40;p=thirdparty%2Fcups.git Save work on simplifying snap support. --- diff --git a/Makedefs.in b/Makedefs.in index 70ee0e9a0c..07010f0656 100644 --- a/Makedefs.in +++ b/Makedefs.in @@ -172,8 +172,6 @@ DSOFLAGS = @DSOFLAGS@ DNSSDLIBS = @DNSSDLIBS@ IPPFIND_BIN = @IPPFIND_BIN@ IPPFIND_MAN = @IPPFIND_MAN@ -APPARMORLIBS = @APPARMORLIBS@ -SNAPDGLIBLIBS = @SNAPDGLIBLIBS@ LDFLAGS = @LDFLAGS@ LINKCUPS = @LINKCUPS@ LINKCUPSSTATIC = ../cups/$(LIBCUPSSTATIC) $(LIBS) @@ -183,7 +181,7 @@ ONDEMANDLIBS = @ONDEMANDLIBS@ OPTIM = @OPTIM@ OPTIONS = @WARNING_OPTIONS@ PAMLIBS = @PAMLIBS@ -SERVERLIBS = @SERVERLIBS@ +SERVERLIBS = @SERVERLIBS@ @APPARMORLIBS@ @SNAPDGLIBLIBS@ TLSFLAGS = @TLSFLAGS@ TLSLIBS = @TLSLIBS@ UNITTESTS = @UNITTESTS@ diff --git a/config-scripts/cups-container.m4 b/config-scripts/cups-container.m4 index 2d865b99c8..2190103fdd 100644 --- a/config-scripts/cups-container.m4 +++ b/config-scripts/cups-container.m4 @@ -7,114 +7,52 @@ dnl Licensed under Apache License v2.0. See the file "LICENSE" for more dnl information. dnl -AC_ARG_WITH([container], AS_HELP_STRING([--with-container=...], [configure to use in container ('none', 'snap')])) -AC_ARG_WITH([container_name], AS_HELP_STRING([--with-container-name=...], [specify the container name (default='cups')])) +dnl Specify a container mode +CONTAINER="none" - - - -AC_ARG_ENABLE([snapped_cupsd], AS_HELP_STRING([--enable-snapped-cupsd], [enable support for packaging CUPS in a Snap])) -AC_ARG_ENABLE([snapped_clients], AS_HELP_STRING([--enable-snapped-clients], [enable support for CUPS controlling admin access from snapped clients])) -AC_ARG_WITH([our-snap-name], AS_HELP_STRING([--with-our-snap-name], [Set name of the Snap we are snapped in, only needed with --enable-snapped-cupsd, default=cups]), [ - OUR_SNAP_NAME="$withval" -], [ - OUR_SNAP_NAME="cups" +AC_ARG_WITH([container], AS_HELP_STRING([--with-container=...], [configure to use in container ('none', 'snap')]), [ + CONTAINER="$withval" ]) -AC_DEFINE_UNQUOTED([OUR_SNAP_NAME], ["$OUR_SNAP_NAME"], [Name of the Snap we are snapped in.]) -AC_ARG_WITH([snapctl], AS_HELP_STRING([--with-snapctl], [Set path for snapctl, only needed with --enable-snapped-cupsd, default=/usr/bin/snapctl]), [ - SNAPCTL="$withval" -], [ - SNAPCTL="/usr/bin/snapctl" -]) -AC_DEFINE_UNQUOTED([SNAPCTL], ["$SNAPCTL"], [Location of snapctl program.]) -AC_ARG_WITH([cups_control_slot], AS_HELP_STRING([--with-cups-control-slot], [Name for cups-control slot as defined in snapcraft.yaml, only needed with --enable-snapped-cupsd, default=cups-control]), [ - CUPS_CONTROL_SLOT="$withval" -], [ - CUPS_CONTROL_SLOT="cups-control" + +AS_CASE(["$CONTAINER"], [none], [ + # No container in use +], [snap], [ + # Building as a snap + AC_DEFINE([CUPS_SNAP], [1], [Building as a snap (snapcraft.io)?]) +], [*], [ + AC_MSG_ERROR([Unsupported container '$CONTAINER' specified.]) ]) -AC_DEFINE_UNQUOTED([CUPS_CONTROL_SLOT], ["$CUPS_CONTROL_SLOT"], ["cups-control" slot name for snap.]) + +dnl Supporting libraries for different containers... APPARMORLIBS="" SNAPDGLIBLIBS="" -ENABLE_SNAPPED_CUPSD="NO" -ENABLE_SNAPPED_CLIENTS="NO" - -dnl Both --enable-snapped-cupsd and --enable-snapped-clients are about -dnl additional access control for clients, allowing clients which are confined -dnl Snaps only to do adminstrative tasks (create queues, delete someone else's -dnl jobs, ...) if they plug the "cups-control" interface, so -dnl --enable-snapped-cupsd implies --enable-snapped-clients. The difference is -dnl only the method how to determine whether a client Snap is confined and plugs -dnl "cups-control". -AS_IF([test x$enable_snapped_cupsd = xyes], [ - enable_snapped_clients="yes" -]) +AC_SUBST([APPARMORLIBS]) +AC_SUBST([SNAPDGLIBLIBS]) -AS_IF([test "x$PKGCONFIG" != x -a x$enable_snapped_clients = xyes], [ +AS_IF(["x$PKGCONFIG" != x], [ AC_MSG_CHECKING([for libapparmor]) AS_IF([$PKGCONFIG --exists libapparmor], [ AC_MSG_RESULT([yes]) - CFLAGS="$CFLAGS $($PKGCONFIG --cflags libapparmor)" - APPARMORLIBS="$($PKGCONFIG --libs libapparmor)" - AC_DEFINE([HAVE_APPARMOR], [1], [Have the apparmor library?]) + CFLAGS="$CFLAGS $($PKGCONFIG --cflags libapparmor)" + APPARMORLIBS="$($PKGCONFIG --libs libapparmor)" + AC_DEFINE([HAVE_LIBAPPARMOR], [1], [Have the apparmor library?]) AC_MSG_CHECKING([for libsnapd-glib]) - AS_IF([$PKGCONFIG --exists snapd-glib glib-2.0 gio-2.0], [ AC_MSG_RESULT([yes]) CFLAGS="$CFLAGS $($PKGCONFIG --cflags snapd-glib glib-2.0 gio-2.0)" SNAPDGLIBLIBS="$($PKGCONFIG --libs snapd-glib glib-2.0 gio-2.0)" - AC_DEFINE([HAVE_SNAPDGLIB], [1], [Have the snapd-glib library?]) - ], [ - AC_MSG_RESULT([no]) - ]) - - AS_IF([test x$enable_snapped_cupsd = xyes], [ - AC_CHECK_LIB([snapd-glib], [snapd_client_run_snapctl2_sync], [ - AC_DEFINE([HAVE_SNAPD_CLIENT_RUN_SNAPCTL2_SYNC], [1], [Have snapd_client_run_snapctl2_sync function?]) - AC_DEFINE([SUPPORT_SNAPPED_CUPSD], [1], [Support snapped cupsd?]) - AC_DEFINE([SUPPORT_SNAPPED_CLIENTS], [1], [Support snapped CUPS clients?]) - ENABLE_SNAPPED_CUPSD="YES" - ENABLE_SNAPPED_CLIENTS="YES" - ], [ - AS_IF([test "x$SNAPDGLIBLIBS" != "x"], [ - SNAPDGLIBLIBS="" - ]) - AC_PATH_TOOL([SNAPCTL], [snapctl]) - AC_MSG_CHECKING([for snapctl is-connected support]) - AS_IF([test "x$SNAPCTL" != x && $SNAPCTL is-connected --help >/dev/null 2>&1], [ - AC_MSG_RESULT([yes]) - AC_DEFINE([HAVE_SNAPCTL_IS_CONNECTED], [1], [Have snapctl is-connected command?]) - AC_DEFINE([SUPPORT_SNAPPED_CUPSD], [1], [Support snapped cupsd?]) - AC_DEFINE([SUPPORT_SNAPPED_CLIENTS], [1], [Support snapped CUPS clients?]) - ENABLE_SNAPPED_CUPSD="YES" - ENABLE_SNAPPED_CLIENTS="YES" - ], [ - AC_MSG_RESULT([no]) - ]) + AC_DEFINE([HAVE_LIBSNAPDGLIB], [1], [Have the snapd-glib library?]) + SAVELIBS="$LIBS" + LIBS="$SNAPDGLIBLIBS $LIBS" + AC_CHECK_FUNC([snapd_client_run_snapctl2_sync], [ + AC_DEFINE([HAVE_SNAPD_CLIENT_RUN_SNAPCTL2_SYNC], [1], [Have the snapd_client_run_snapctl2_sync function?]) ]) + LIBS="$SAVELIBS" ], [ - AS_IF([test "x$SNAPDGLIBLIBS" != "x"], [ - AC_DEFINE([SUPPORT_SNAPPED_CLIENTS], [1], [Support snapped CUPS clients?]) - ENABLE_SNAPPED_CLIENTS="YES" - ]) + AC_MSG_RESULT([no]) ]) - ], [ - AC_MSG_RESULT([no]) ]) ]) - -AC_MSG_CHECKING([for Snap support]) -AS_IF([test "x$ENABLE_SNAPPED_CLIENTS" != "xNO"], [ - AS_IF([test "x$ENABLE_SNAPPED_CUPSD" != "xNO"], [ - AC_MSG_RESULT([yes: cupsd + clients]) - ], [ - AC_MSG_RESULT([yes: clients only]) - ]) -], [ - AC_MSG_RESULT([no]) -]) - -AC_SUBST([APPARMORLIBS]) -AC_SUBST([SNAPDGLIBLIBS]) diff --git a/config.h.in b/config.h.in index c9879ddba3..41ec7fa220 100644 --- a/config.h.in +++ b/config.h.in @@ -684,19 +684,31 @@ static __inline int _cups_abs(int i) { return (i < 0 ? -i : i); } /* - * Do we have snap container support enabled? + * Building as a snap (snapcraft.io)? */ -#undef CUPS_SNAP_NAME -#undef CUPS_SNAP_CONTROL_SLOT +#undef CUPS_SNAP + + +/* + * Have the apparmor library? + */ + +#undef HAVE_LIBAPPARMOR + + +/* + * Have the snapd-glib library? + */ + +#undef HAVE_LIBSNAPDGLIB + + +/* + * Have the snapd_client_run_snapctl2_sync function? + */ -#undef HAVE_APPARMOR -#undef HAVE_SNAPDGLIB #undef HAVE_SNAPD_CLIENT_RUN_SNAPCTL2_SYNC -#undef HAVE_SNAPCTL_IS_CONNECTED -#undef SNAPCTL -#undef SUPPORT_SNAPPED_CUPSD -#undef SUPPORT_SNAPPED_CLIENTS #endif /* !_CUPS_CONFIG_H_ */ diff --git a/scheduler/Makefile b/scheduler/Makefile index 3d5ed065df..41b45390fa 100644 --- a/scheduler/Makefile +++ b/scheduler/Makefile @@ -318,15 +318,14 @@ cupsd: $(CUPSDOBJS) libcupsmime.a ../cups/$(LIBCUPS) echo Linking $@... $(LD_CC) $(ALL_LDFLAGS) -o cupsd $(CUPSDOBJS) libcupsmime.a \ $(PAMLIBS) $(LIBPAPER) $(LIBMALLOC) $(DNSSDLIBS) $(SERVERLIBS) \ - $(ONDEMANDLIBS) $(LIBWRAP) $(LIBGSSAPI) $(COMMONLIBS) $(LINKCUPS) \ - $(APPARMORLIBS) $(SNAPDGLIBLIBS) + $(ONDEMANDLIBS) $(LIBWRAP) $(LIBGSSAPI) $(COMMONLIBS) $(LINKCUPS) $(CODE_SIGN) -s "$(CODE_SIGN_IDENTITY)" $@ cupsd-static: $(CUPSDOBJS) libcupsmime.a ../cups/$(LIBCUPSSTATIC) echo Linking $@... $(LD_CC) $(ALL_LDFLAGS) -o cupsd-static $(CUPSDOBJS) libcupsmime.a \ $(PAMLIBS) $(LIBPAPER) $(LIBMALLOC) $(SERVERLIBS) $(ONDEMANDLIBS) \ - $(LIBWRAP) $(APPARMORLIBS) $(SNAPDGLIBLIBS) $(LINKCUPSSTATIC) + $(LIBWRAP) $(LINKCUPSSTATIC) $(CODE_SIGN) -s "$(CODE_SIGN_IDENTITY)" $@ diff --git a/scheduler/auth.c b/scheduler/auth.c index f29ceb497d..d124bfd1d5 100644 --- a/scheduler/auth.c +++ b/scheduler/auth.c @@ -52,15 +52,13 @@ typedef struct sockpeercred cupsd_ucred_t; # endif # define CUPSD_UCRED_UID(c) (c).uid #endif /* HAVE_SYS_UCRED_H */ -#ifdef SUPPORT_SNAPPED_CLIENTS -# ifdef HAVE_APPARMOR -# include -# endif -# ifdef HAVE_SNAPDGLIB -# include -# include -# endif -#endif /* SUPPORT_SNAPPED_CLIENTS */ +#ifdef HAVE_LIBAPPARMOR +# include +#endif /* HAVE_LIBAPPARMOR */ +#ifdef HAVE_LIBSNAPDGLIB +# include +# include +#endif /* HAVE_LIBSNAPDGLIB */ /*