[Pkg-samba-maint] [printers] path=/var/spool/samba - another but bad /var/tmp ?

[Michael Tokarev]

Hi!

In debian, samba is shipping with smb.conf having a [printers]
section which points to /var/spool/samba/ directory which is
created with mode 1777, - the same as /tmp and /var/tmp.

So anyone can create files in there, just like in /var/tmp/.
And sometimes, samba does not remove printer jobs from there,
for whatever reason.  I had it not once when /var/spool/samba
filled up /var completely with many gigs of files being there.

But unlike /var/tmp/, there's no process on the system which
takes care of the old files in there.

So there are 2 questions.

1. why do we ship it this way, instead of using /var/tmp ?
There's no difference wrt the security part, since the two
directories has exactly the same permissions.

2. how can we move it from /var/spool/samba/ to /var/tmp/?
For new installs it is easy, but for already running installs
it is not. I don't think we can just drop /var/spool/samba dir
out of the samba package, - because if, at the time of upgrade,
this directory is empty, it will be deleted by dpkg, and if
smb.conf still have this path configured, printing wont work.

Maybe it's okay to check if there are any shares defined in
smb.conf that points to /var/spool/samba and if yes, re-create
it in postinst (or create an empty file in there before upgrade)?
But even there it's interesting: if smb.conf didn't change,
the preinst script will see the old config which points to this
dir, but after the package upgrade, new config will not anymore.
I guess the solution is to always create a file in there before
upgrade, and after the upgrade check if we still have a share
pointing there, and remove both the file and the directory
(non-recursively) if not.

(The prob here is to preserve permissions of this dir).

What do you think?

Thanks,

/mjt