cups Can't create temporary file or stopped "Filter failed"

  • Open
  • quality assurance status badge
Details
3 participants
  • Efraim Flashner
  • Oleg Pykhalov
  • Ludovic Courtès
Owner
unassigned
Submitted by
Oleg Pykhalov
Severity
normal
O
O
Oleg Pykhalov wrote on 20 Oct 2018 20:36
(name . bug-guix)(address . bug-guix@gnu.org)
87woqcea7q.fsf@gmail.com
Hello Guix,

I've spotted a bug in CUPS service “Can't create temporary file”. If I
gave ‘765’ permissions to ‘/var/spool/cups/tmp/’ directory then an error
is “stopped "Filter failed"”. ‘777’ for /var/spool/cups/tmp/ is
required to print a test page via CUPS WEB interface.


I read gnu/services/cups.scm and found that the /var/spool/cups/
directory should be owned by ‘lp’ user:
Toggle snippet (19 lines)
(define %cups-activation
;; Activation gexp.
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
(define (mkdir-p/perms directory owner perms)
(mkdir-p directory)
(chown "/var/run/cups" (passwd:uid owner) (passwd:gid owner))
;; ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
(chmod directory perms))
;; …
(let ((user (getpwnam "lp")))
;; …
(mkdir-p/perms "/var/spool/cups/tmp" user #o755) ; <----------
;; …
))))


Maybe we should make /var/spool/cups/tmp directory owned by ‘lp’ user,
too? WDYT?

Test page was printed successfully with:
Toggle snippet (5 lines)
$ sudo ls -ld /var/spool/cups/tmp
drwxr-xr-x 2 lp lp 4096 Oct 20 21:20 /var/spool/cups/tmp


From cups-files.conf(5) man page:

TempDir directory
Specifies the directory where short-term temporary files are
stored. The default is "/var/spool/cups/tmp".

User username
Specifies the user name or ID that is used when running external
programs. The default is "lp".


Oleg.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEc+OyAXw1EaDPCmAPckbhHGm3lWkFAlvLdckACgkQckbhHGm3
lWnP5hAAkX/am+yKTOKUJagZnW1LhDN5PUr46ONAx25Te71/uFTWdwtCLC/dqrU5
SBZlqsFacohnNPpyGbPI0PJGeghe8f3dE1u7o/MKf0wk6/rJ37nAfy3wawAipKbF
N8WzOpOMFlt8HzTFAena1F68zKOvFJfxvtcgYSU7SKi4DvXUizF77lTuyvkOXv0i
lPuzP9iO8+8ki/iB5bantqB7Nz1BujGZxLvMpxg5XDZfWh24cQEKsXLhuWAvFd6x
bLGYjTdiOgfXJVGKJWA9OueV1lNu6Z1PuEYAxCvjWiUOED5sF1NJGWDZto5vHJJs
MTZRBkmQ9+qkIJgzJria5/45iJTHEcoh5YkpmgjnR0bgv6uZVRcC1YQmNlAOw1oF
R3Y0v+v7DS0CXZrAfeOWFTH5e4Az40bcCHzIkRQuMQbFZ3hEmCcCGP/sux4qZpB8
05acpj+D7QzEf8aMRdf6Azhawvn7NqBigcsTOofAccOUfdtOoXioYskQCc5q3/ve
AX1GEMnn8TLElqEWVa/IThrYGOoCZzVWtlljeVQqhOgEbgSGR8hFcN3RBsfbGrqF
qUcslGAFo2rffFPwi1Dm8PJIERmWf3GaPZL18Zo2TSsQI5AoNcDbgtAwkIsqzzwW
P5WMw6NWERei0PoGJrufZV/Pie2ykkCw7BP6ORHTGDnW2+Ttzt8=
=IhwM
-----END PGP SIGNATURE-----

E
E
Efraim Flashner wrote on 21 Oct 2018 08:53
(name . Oleg Pykhalov)(address . go.wigust@gmail.com)(address . 33105@debbugs.gnu.org)
20181021065325.GD1102@macbook41
On Sat, Oct 20, 2018 at 09:36:57PM +0300, Oleg Pykhalov wrote:
Toggle quote (33 lines)
> Hello Guix,
>
> I've spotted a bug in CUPS service “Can't create temporary file”. If I
> gave ‘765’ permissions to ‘/var/spool/cups/tmp/’ directory then an error
> is “stopped "Filter failed"”. ‘777’ for /var/spool/cups/tmp/ is
> required to print a test page via CUPS WEB interface.
>
>
> I read gnu/services/cups.scm and found that the /var/spool/cups/
> directory should be owned by ‘lp’ user:
> --8<---------------cut here---------------start------------->8---
> (define %cups-activation
> ;; Activation gexp.
> (with-imported-modules '((guix build utils))
> #~(begin
> (use-modules (guix build utils))
> (define (mkdir-p/perms directory owner perms)
> (mkdir-p directory)
> (chown "/var/run/cups" (passwd:uid owner) (passwd:gid owner))
> ;; ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> (chmod directory perms))
> ;; …
> (let ((user (getpwnam "lp")))
> ;; …
> (mkdir-p/perms "/var/spool/cups/tmp" user #o755) ; <----------
> ;; …
> ))))
> --8<---------------cut here---------------end--------------->8---
>
>
> Maybe we should make /var/spool/cups/tmp directory owned by ‘lp’ user,
> too? WDYT?

currently /var/spool/cups is root:lp, my first thought is to change it
to lp:lpadmin (not sure where I got lpadmin from) and make it 775.

Toggle quote (23 lines)
>
> Test page was printed successfully with:
> --8<---------------cut here---------------start------------->8---
> $ sudo ls -ld /var/spool/cups/tmp
> drwxr-xr-x 2 lp lp 4096 Oct 20 21:20 /var/spool/cups/tmp
> --8<---------------cut here---------------end--------------->8---
>
>
> From cups-files.conf(5) man page:
>
> TempDir directory
> Specifies the directory where short-term temporary files are
> stored. The default is "/var/spool/cups/tmp".
>
> User username
> Specifies the user name or ID that is used when running external
> programs. The default is "lp".
>
>
> Oleg.



--
Efraim Flashner <efraim@flashner.co.il> ????? ?????
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAlvMImEACgkQQarn3Mo9
g1EkyhAAuXY7ObMZltDWHC9ybKhy+33GMB+4jl+qtMPzS1Pz/G8p7HWU2KD43AoC
lffo4wWtZifKLvIpQAntK5t8OltvwFNfnWwpm2VRqaBuRNOWYj/lD4pXwKLbWoAo
sGEOTvwVmqwsw6wZlXXiQjinIIl6GvTjMO2UCg3vvAhEfLlKgGjCXsrVKuKsZlni
BOJI8DXo8an0FfYSEZEA6fqhojR7pnuQqP84wO81y3KkygptE/LdhDWcFfXaPvbw
pnsV1Hfc51S3SyRwuF8xHJlkeMW6BXD9awCnL7pgDUI/p+GRfSGyadl24qgmLYoz
t+9PqjJAkamQDZrcSIyMvKHD4cdN61uKWFu5opGFPsEIXNLCk+hCkz7N1FV26Cz1
kBhAaQf6+Hd/qHpF1lBL0yvSwcGsqbre5CWAzLXoN7Io1V6K7X6w2TSHacQ+eHWY
m/4MEDZzEXhJ0UASl7ijLs/D81hKezdTHEYhmQ/bDqK13uWcxDsJ/nw+Qt/OKyDR
iZ2dCJihWE09+/mC8JgTW73fTDVQgdjVjR08/6SXCc8R1AXFwAs9xnvhbMp9VjD2
S79WiRSQWqFjVO2jQBxG5fNEQY0ZHJqC9YTSW3sDmwkQG1JxIwE5jfbRRRxP4Azp
CxhjmvFz7T2lB9o7s4zMEPQD9w8cpVDaqIwK08OHjFWmwwuMrzA=
=I8ls
-----END PGP SIGNATURE-----


L
L
Ludovic Courtès wrote on 24 Oct 2018 14:52
(name . Oleg Pykhalov)(address . go.wigust@gmail.com)(address . 33105@debbugs.gnu.org)
877ei75wxl.fsf@gnu.org
Hi Oleg,

Oleg Pykhalov <go.wigust@gmail.com> skribis:

Toggle quote (30 lines)
> I read gnu/services/cups.scm and found that the /var/spool/cups/
> directory should be owned by ‘lp’ user:
>
> (define %cups-activation
> ;; Activation gexp.
> (with-imported-modules '((guix build utils))
> #~(begin
> (use-modules (guix build utils))
> (define (mkdir-p/perms directory owner perms)
> (mkdir-p directory)
> (chown "/var/run/cups" (passwd:uid owner) (passwd:gid owner))
> ;; ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> (chmod directory perms))
> ;; …
> (let ((user (getpwnam "lp")))
> ;; …
> (mkdir-p/perms "/var/spool/cups/tmp" user #o755) ; <----------
> ;; …
> ))))
>
>
>
> Maybe we should make /var/spool/cups/tmp directory owned by ‘lp’ user,
> too? WDYT?
>
> Test page was printed successfully with:
>
> $ sudo ls -ld /var/spool/cups/tmp
> drwxr-xr-x 2 lp lp 4096 Oct 20 21:20 /var/spool/cups/tmp

I don’t know the answer :-), but from what you’re saying, it looks like
making /var/spool/cups/tmp ‘lp’-owned is the right thing.

If it works for you, I guess you can go ahead!

Ludo’.
?