Bug#291777: gnome-cups-manager: users in lpadmin group cannot add/remove printers

Cameron Patrick Cameron Patrick <cameron@patrick.wattle.id.au>, 291777@bugs.debian.org
Sun, 23 Jan 2005 11:18:50 +0800 

This is a multi-part MIME message sent by reportbug.

--===============1264144532==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Package: gnome-cups-manager
Version: 0.25-2
Severity: normal
Tags: patch

Users who are members of the lpadmin group can (at least on Debian
systems) modify the CUPS configuration without requiring a root
password.  However gnome-cups-manager still prompts for the root
password to add printers and the "remove" option is greyed out.  The
attached patch fixes this behaviour.

Cheers,

Cameron.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-ck4-cjp-kant
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)

Versions of packages gnome-cups-manager depends on:
ii  libart-2.0-2          2.3.16-6           Library of functions for 2D graphi
ii  libatk1.0-0           1.8.0-3            The ATK accessibility toolkit
ii  libbonobo2-0          2.8.0-3            Bonobo CORBA interfaces library
ii  libbonoboui2-0        2.8.0-2            The Bonobo UI library
ii  libc6                 2.3.2.ds1-18       GNU C Library: Shared libraries an
ii  libcupsys2-gnutls10   1.1.20final+rc1-10 Common UNIX Printing System(tm) - 
ii  libgconf2-4           2.8.1-4            GNOME configuration database syste
ii  libglade2-0           1:2.4.0-1          Library to load .glade files at ru
ii  libglib2.0-0          2.4.7-1            The GLib library of C routines
ii  libgnome-keyring0     0.4.0-2            GNOME keyring services library
ii  libgnome2-0           2.8.0-5            The GNOME 2 library - runtime file
ii  libgnomecanvas2-0     2.8.0-1            A powerful object-oriented display
ii  libgnomecups1.0-1     0.1.13-1           GNOME library for CUPS interaction
ii  libgnomecupsui1.0-1   0.25-2             UI extensions to libgnomecups
ii  libgnomeui-0          2.8.0-3            The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0        2.8.3-8            The GNOME virtual file-system libr
ii  libgtk2.0-0           2.4.13-1           The GTK+ graphical user interface 
ii  libice6               4.3.0.dfsg.1-8     Inter-Client Exchange library
ii  liborbit2             1:2.10.2-1.1       libraries for ORBit2 - a CORBA ORB
ii  libpango1.0-0         1.6.0-3            Layout and rendering of internatio
ii  libpopt0              1.7-5              lib for parsing cmdline parameters
ii  libsm6                4.3.0.dfsg.1-8     X Window System Session Management
ii  libx11-6              4.3.0.dfsg.1-8     X Window System protocol client li
ii  libxml2               2.6.11-5           GNOME XML library
ii  xlibs                 4.3.0.dfsg.1-8     X Window System client libraries m
ii  zlib1g                1:1.2.2-3          compression library - runtime

-- no debconf information

--===============1264144532==
Content-Type: text/x-c; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="can-admin.patch"

--- gnome-cups-manager-0.25/libgnomecups/gnome-cups-permission.c.orig	2005-01-22 17:01:16.000000000 +0800
+++ gnome-cups-manager-0.25/libgnomecups/gnome-cups-permission.c	2005-01-22 16:59:39.000000000 +0800
@@ -27,6 +27,7 @@
 #include <glib/gi18n.h>
 #include <unistd.h>
 #include <sys/types.h>
+#include <grp.h>
 #include <string.h>
 
 static char *gnome_cups_app_path = NULL;
@@ -34,7 +35,50 @@
 gboolean
 gnome_cups_can_admin ()
 {
-	return (geteuid () == 0);
+	struct group *groupbuf = NULL, *lpadmin_group = NULL;
+	gid_t lpadmin_gid;
+	char *buf = NULL;
+	int bufsize;
+	gboolean can_admin = 0;
+	gid_t *gid_list;
+	int ngids, ngids_used;
+	int i;
+
+	/* root can do anything */
+	if (geteuid () == 0)
+		return 1;
+
+	/* check for lpadmin group access */
+	groupbuf = (struct group *)g_malloc(sizeof(struct group));
+	bufsize = sysconf(_SC_GETGR_R_SIZE_MAX) + 1;
+	buf = (char *)g_malloc(bufsize * sizeof(char));
+	if (getgrnam_r("lpadmin", groupbuf, buf, bufsize, &lpadmin_group) != 0)
+		goto finish;
+	lpadmin_gid = lpadmin_group->gr_gid;
+	
+	/* see what groups we're members of */
+	if (getgid() == lpadmin_gid || getegid() == lpadmin_gid) {
+		can_admin = 1;
+		goto finish;
+	}
+
+	ngids = sysconf(_SC_NGROUPS_MAX) + 1;
+	gid_list = g_malloc(ngids * sizeof(gid_t));
+	ngids_used = getgroups(ngids, gid_list);
+	if (ngids_used < 0) goto finish;
+	
+	for (i=0; i<ngids_used; i++) {
+		if (gid_list[i] == lpadmin_gid) {
+			can_admin = 1;
+			goto finish;
+		}
+	}
+
+finish:
+	if (buf) g_free(buf);
+	if (groupbuf) g_free(groupbuf);
+	if (gid_list) g_free(gid_list);
+	return can_admin;
 }
 
 void

--===============1264144532==--