Date: Thu, 4 Jan 1996 01:09:07 +0000 () From: James Raynard <james@parody.tecc.co.uk> To: Sean Kelly <kelly@fsl.noaa.gov> Cc: doc@freebsd.org Subject: Re: Handbook - printer setup Message-ID: <Pine.BSF.3.91.960104000226.3538B-100000@parody.tecc.co.uk> In-Reply-To: <9601032045.AA10768@emu.fsl.noaa.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 3 Jan 1996, Sean Kelly wrote: > >>>>> "James" == James Raynard <james@parody.tecc.co.uk> writes: > > James> The bit that really had me tearing my hair out was when I > James> tried to use the suggested text filter - I kept getting > James> errors 'execv of /usr/local/libexec/hpif failed'. After > James> checking the paths and were correct, checking that the > James> filter was world-readable and executable and successfully > James> piping into and out of the filter by hand I was at a > James> complete loss. > > Is it possible it was world-readable/executable but NOT > owner-readable/executable, and the owner was daemon? (Or NOT > group-readable/executable and the group was daemon?) That would > prevent LPD from executing the filter. (That's an effective way to > exclude a user/group from executing a certain file while enabling > everyone else to do so.) ??? World-readable/executable means readable/executable by user, group and other. At least that's what I've always understood it to mean. > Did you try running the filter script yourself, by hand? As root, by > hand? Yes, as I said I successfully piped a file through the filter to the printer by hand. > James> It did cross my mind that it could be a problem with > James> something being setuid. > > The filter doesn't need to be setuid/setgid. Of course not; in fact it mustn't be (that would be a potential security hole). What I meant was that some systems won't allow setuid scripts to be executed, so I hypothesised that FreeBSD doesn't allow setuid programs to exec shell scripts. > James> However, the Handbook says that the text filter is run by > James> lpd, which is not setuid or setgid on my system, so I > James> assumed it was something else. > > Probably, but I'm not sure what. If the text filter is indeed run by lpd and not one of the setuid lp? programs, my hypothesis is irrelevant. In which case I have no idea either. > James> As I had by now completely run out of ideas, I compiled a C > James> program which did the same as hpif. This worked! > > I think it *has* to be the permissions on the script. Perhaps it was That was the first thing I checked. They were exactly the same as the permissions on the C executable. > something like > > -rw-rw-rwx 1 daemon daemon 1294 hpif > > Instead of > > -r-xr-xr-x 1 daemon daemon 1294 hpif No, in both cases they were -rwxrwxr-x 1 root bin James Segmentation fault (core dumped): cannot find file '.signature'
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960104000226.3538B-100000>