From: Michael R Sweet Date: Sat, 14 Nov 2020 15:04:43 +0000 (-0500) Subject: Add LogFileGroup directive (Issue #34) X-Git-Tag: v2.3.3op1~20 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b112a6712bf60e95f650801dbfef5505cf5ec99a;p=thirdparty%2Fcups.git Add LogFileGroup directive (Issue #34) --- diff --git a/CHANGES-OPENPRINTING.md b/CHANGES-OPENPRINTING.md index 8a7c799727..a70a1fa428 100644 --- a/CHANGES-OPENPRINTING.md +++ b/CHANGES-OPENPRINTING.md @@ -25,6 +25,8 @@ Changes in CUPS v2.3.3op1 (Issue #30, Issue #31) - The scheduler no longer adds the local hostname to the ServerAlias list (Issue #32) +- Added `LogFileGroup` directive in "cups-files.conf" to control the group + owner of log files (Issue #34) - Added `--with-max-log-size` configure option (Issue #35) - Added `--enable-sync-on-close` configure option (Issue #37) - Added `--with-error-policy` configure option (Issue #38) diff --git a/man/cups-files.conf.5 b/man/cups-files.conf.5 index d9b9a63e3c..0bfc211595 100644 --- a/man/cups-files.conf.5 +++ b/man/cups-files.conf.5 @@ -131,6 +131,12 @@ Bad startup file permissions are fatal, for example shared TLS certificate and k \fBGroup \fIgroup-name-or-number\fR Specifies the group name or ID that will be used when executing external programs. The default group is operating system specific but is usually "lp" or "nobody". +.RE +.\"#LogFileGroup +.TP 5 +\fBLogFileGroup \fIgroup-name-or-number\fR +Specifies the group name or ID that will be used for log files. +The default group is operating system specific but is usually "lp" or "nobody". .\"#LogFilePerm .TP 5 \fBLogFilePerm \fImode\fR diff --git a/scheduler/conf.c b/scheduler/conf.c index 8dfebe5467..74531a8c78 100644 --- a/scheduler/conf.c +++ b/scheduler/conf.c @@ -723,6 +723,7 @@ cupsdReadConfiguration(void) ListenBackLog = SOMAXCONN; LogDebugHistory = 200; LogFilePerm = CUPS_DEFAULT_LOG_FILE_PERM; + LogFileGroup = Group; LogLevel = CUPSD_LOG_WARN; LogTimeFormat = CUPSD_TIME_STANDARD; MaxClients = 100; @@ -3511,6 +3512,31 @@ read_cups_files_conf(cups_file_t *fp) /* I - File to read from */ } } } + else if (!_cups_strcasecmp(line, "LogFileGroup") && value) + { + /* + * Group ID to log as... + */ + + if (isdigit(value[0])) + LogFileGroup = (gid_t)atoi(value); + else + { + endgrent(); + group = getgrnam(value); + + if (group != NULL) + LogFileGroup = group->gr_gid; + else + { + cupsdLogMessage(CUPSD_LOG_ERROR, + "Unknown LogFileGroup \"%s\" on line %d of %s.", value, + linenum, CupsFilesFile); + if (FatalErrors & CUPSD_FATAL_CONFIG) + return (0); + } + } + } else if (!_cups_strcasecmp(line, "PassEnv") && value) { /* diff --git a/scheduler/conf.h b/scheduler/conf.h index b4e14eed99..7d5eb4018d 100644 --- a/scheduler/conf.h +++ b/scheduler/conf.h @@ -173,6 +173,8 @@ VAR mode_t ConfigFilePerm VALUE(0640U), /* Permissions for config files */ LogFilePerm VALUE(0644U); /* Permissions for log files */ +VAR gid_t LogFileGroup VALUE(0); + /* Group ID for log files */ VAR cupsd_loglevel_t LogLevel VALUE(CUPSD_LOG_WARN); /* Error log level */ VAR cupsd_time_t LogTimeFormat VALUE(CUPSD_TIME_STANDARD); diff --git a/scheduler/log.c b/scheduler/log.c index 2bd1952f7d..17331ff02e 100644 --- a/scheduler/log.c +++ b/scheduler/log.c @@ -241,7 +241,7 @@ cupsdCheckLogFile(cups_file_t **lf, /* IO - Log file */ * Change ownership and permissions of non-device logs... */ - fchown(cupsFileNumber(*lf), RunUser, Group); + fchown(cupsFileNumber(*lf), RunUser, LogFileGroup); fchmod(cupsFileNumber(*lf), LogFilePerm); } } @@ -284,7 +284,7 @@ cupsdCheckLogFile(cups_file_t **lf, /* IO - Log file */ * Change ownership and permissions of non-device logs... */ - fchown(cupsFileNumber(*lf), RunUser, Group); + fchown(cupsFileNumber(*lf), RunUser, LogFileGroup); fchmod(cupsFileNumber(*lf), LogFilePerm); }