static int /* O - 0 on success, -1 on error */
start_backend(const char *name, /* I - Backend to run */
int root) /* I - Run as root? */
{
const char *server_bin; /* CUPS_SERVERBIN environment variable */
char program[1024]; /* Full path to backend */
cupsd_backend_t *backend; /* Current backend */
char *argv[2]; /* Command-line arguments */
if (num_backends >= MAX_BACKENDS)
{
fprintf(stderr, "ERROR: Too many backends (%d)!\n", num_backends);
return (-1);
}
if ((server_bin = getenv("CUPS_SERVERBIN")) == NULL)
server_bin = CUPS_SERVERBIN;
snprintf(program, sizeof(program), "%s/backend/%s", server_bin, name);
if (_cupsFileCheck(program, _CUPS_FILE_CHECK_PROGRAM, !geteuid(),
_cupsFileCheckFilter, NULL))
return (-1);
backend = backends + num_backends;
argv[0] = (char *)name;
argv[1] = NULL;
if ((backend->pipe = cupsdPipeCommand(&(backend->pid), program, argv,
root ? 0 : normal_user)) == NULL)
{
fprintf(stderr, "ERROR: [cups-deviced] Unable to execute \"%s\" - %s\n",
program, strerror(errno));
return (-1);
}
/*
* Fill in the rest of the backend information...
*/
fprintf(stderr, "DEBUG: [cups-deviced] Started backend %s (PID %d)\n",
program, backend->pid);
backend_fds[num_backends].fd = cupsFileNumber(backend->pipe);
backend_fds[num_backends].events = POLLIN;
backend->name = strdup(name);
backend->status = 0;
backend->count = 0;
active_backends ++;
num_backends ++;
return (0);
}
int /* O - -1 on error, 0 on success */
httpSaveCredentials(
const char *path, /* I - Keychain/PKCS#12 path */
cups_array_t *credentials, /* I - Credentials */
const char *common_name) /* I - Common name for credentials */
{
cups_file_t *fp; /* Certificate file */
char filename[1024], /* filename.crt */
nfilename[1024],/* filename.crt.N */
temp[1024], /* Temporary string */
line[256]; /* Base64-encoded line */
const unsigned char *ptr; /* Pointer into certificate */
ssize_t remaining; /* Bytes left */
http_credential_t *cred; /* Current credential */
if (!credentials || !common_name)
return (-1);
if (!path)
path = http_gnutls_default_path(temp, sizeof(temp));
if (!path)
return (-1);
http_gnutls_make_path(filename, sizeof(filename), path, common_name, "crt");
snprintf(nfilename, sizeof(nfilename), "%s.N", filename);
if ((fp = cupsFileOpen(nfilename, "w")) == NULL)
return (-1);
fchmod(cupsFileNumber(fp), 0600);
for (cred = (http_credential_t *)cupsArrayFirst(credentials);
cred;
cred = (http_credential_t *)cupsArrayNext(credentials))
{
cupsFilePuts(fp, "-----BEGIN CERTIFICATE-----\n");
for (ptr = cred->data, remaining = (ssize_t)cred->datalen; remaining > 0; remaining -= 45, ptr += 45)
{
httpEncode64_2(line, sizeof(line), (char *)ptr, remaining > 45 ? 45 : remaining);
cupsFilePrintf(fp, "%s\n", line);
}
cupsFilePuts(fp, "-----END CERTIFICATE-----\n");
}
cupsFileClose(fp);
return (rename(nfilename, filename));
}
int /* O - Exit status */
main(int argc, /* I - Number of command-line args */
char *argv[]) /* I - Command-line arguments */
{
int i; /* Looping var */
char *opt; /* Option character */
int fg; /* Run in the foreground */
int fds; /* Number of ready descriptors */
cupsd_client_t *con; /* Current client */
cupsd_job_t *job; /* Current job */
cupsd_listener_t *lis; /* Current listener */
time_t current_time, /* Current time */
activity, /* Client activity timer */
senddoc_time, /* Send-Document time */
expire_time, /* Subscription expire time */
report_time, /* Malloc/client/job report time */
event_time; /* Last event notification time */
long timeout; /* Timeout for cupsdDoSelect() */
struct rlimit limit; /* Runtime limit */
#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
struct sigaction action; /* Actions for POSIX signals */
#endif /* HAVE_SIGACTION && !HAVE_SIGSET */
#ifdef __sgi
cups_file_t *fp; /* Fake lpsched lock file */
struct stat statbuf; /* Needed for checking lpsched FIFO */
#endif /* __sgi */
int run_as_child = 0;
/* Needed for background fork/exec */
#ifdef __APPLE__
int use_sysman = !getuid();
/* Use system management functions? */
#else
time_t netif_time = 0; /* Time since last network update */
#endif /* __APPLE__ */
#if HAVE_LAUNCHD
int launchd_idle_exit;
/* Idle exit on select timeout? */
#endif /* HAVE_LAUNCHD */
#ifdef HAVE_GETEUID
/*
* Check for setuid invocation, which we do not support!
*/
if (getuid() != geteuid())
{
fputs("cupsd: Cannot run as a setuid program\n", stderr);
return (1);
}
#endif /* HAVE_GETEUID */
/*
* Check for command-line arguments...
*/
fg = 0;
#ifdef HAVE_LAUNCHD
if (getenv("CUPSD_LAUNCHD"))
{
Launchd = 1;
fg = 1;
}
#endif /* HAVE_LAUNCHD */
for (i = 1; i < argc; i ++)
if (argv[i][0] == '-')
for (opt = argv[i] + 1; *opt != '\0'; opt ++)
switch (*opt)
{
case 'C' : /* Run as child with config file */
run_as_child = 1;
fg = -1;
case 'c' : /* Configuration file */
i ++;
if (i >= argc)
{
_cupsLangPuts(stderr, _("cupsd: Expected config filename "
"after \"-c\" option."));
usage(1);
}
if (argv[i][0] == '/')
{
/*
* Absolute directory...
*/
cupsdSetString(&ConfigurationFile, argv[i]);
}
else
{
/*
* Relative directory...
*/
char *current; /* Current directory */
/*
* Allocate a buffer for the current working directory to
* reduce run-time stack usage; this approximates the
* behavior of some implementations of getcwd() when they
* are passed a NULL pointer.
*/
if ((current = malloc(1024)) == NULL)
{
_cupsLangPuts(stderr,
_("cupsd: Unable to get current directory."));
return (1);
}
if (!getcwd(current, 1024))
{
_cupsLangPuts(stderr,
_("cupsd: Unable to get current directory."));
free(current);
return (1);
}
cupsdSetStringf(&ConfigurationFile, "%s/%s", current, argv[i]);
free(current);
}
break;
case 'f' : /* Run in foreground... */
fg = 1;
break;
case 'F' : /* Run in foreground, but disconnect from terminal... */
fg = -1;
break;
case 'h' : /* Show usage/help */
usage(0);
break;
case 'l' : /* Started by launchd... */
#ifdef HAVE_LAUNCHD
Launchd = 1;
fg = 1;
#else
_cupsLangPuts(stderr, _("cupsd: launchd(8) support not compiled "
"in, running in normal mode."));
fg = 0;
#endif /* HAVE_LAUNCHD */
break;
case 'p' : /* Stop immediately for profiling */
fputs("cupsd: -p (startup profiling) is for internal testing "
"use only!\n", stderr);
stop_scheduler = 1;
fg = 1;
break;
case 'P' : /* Disable security profiles */
fputs("cupsd: -P (disable security profiles) is for internal "
"testing use only!\n", stderr);
UseProfiles = 0;
break;
#ifdef __APPLE__
case 'S' : /* Disable system management functions */
fputs("cupsd: -S (disable system management) for internal "
"testing use only!\n", stderr);
use_sysman = 0;
break;
#endif /* __APPLE__ */
case 't' : /* Test the cupsd.conf file... */
TestConfigFile = 1;
fg = 1;
break;
default : /* Unknown option */
_cupsLangPrintf(stderr, _("cupsd: Unknown option \"%c\" - "
"aborting."), *opt);
usage(1);
break;
}
else
{
_cupsLangPrintf(stderr, _("cupsd: Unknown argument \"%s\" - aborting."),
argv[i]);
usage(1);
}
if (!ConfigurationFile)
cupsdSetString(&ConfigurationFile, CUPS_SERVERROOT "/cupsd.conf");
/*
* If the user hasn't specified "-f", run in the background...
*/
if (!fg)
{
/*
* Setup signal handlers for the parent...
*/
#ifdef HAVE_SIGSET /* Use System V signals over POSIX to avoid bugs */
sigset(SIGUSR1, parent_handler);
sigset(SIGCHLD, parent_handler);
sigset(SIGHUP, SIG_IGN);
#elif defined(HAVE_SIGACTION)
memset(&action, 0, sizeof(action));
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGUSR1);
action.sa_handler = parent_handler;
sigaction(SIGUSR1, &action, NULL);
sigaction(SIGCHLD, &action, NULL);
sigemptyset(&action.sa_mask);
action.sa_handler = SIG_IGN;
sigaction(SIGHUP, &action, NULL);
#else
signal(SIGUSR1, parent_handler);
signal(SIGCLD, parent_handler);
signal(SIGHUP, SIG_IGN);
#endif /* HAVE_SIGSET */
if (fork() > 0)
{
/*
* OK, wait for the child to startup and send us SIGUSR1 or to crash
* and the OS send us SIGCHLD... We also need to ignore SIGHUP which
* might be sent by the init script to restart the scheduler...
*/
for (; parent_signal == 0;)
sleep(1);
if (parent_signal == SIGUSR1)
return (0);
if (wait(&i) < 0)
{
perror("cupsd");
return (1);
}
else if (WIFEXITED(i))
{
fprintf(stderr, "cupsd: Child exited with status %d\n",
WEXITSTATUS(i));
return (2);
}
else
{
fprintf(stderr, "cupsd: Child exited on signal %d\n", WTERMSIG(i));
return (3);
}
}
#ifdef __OpenBSD__
/*
* Call _thread_sys_closefrom() so the child process doesn't reset the
* parent's file descriptors to be blocking. This is a workaround for a
* limitation of userland libpthread on OpenBSD.
*/
_thread_sys_closefrom(0);
#endif /* __OpenBSD__ */
/*
* Since CoreFoundation and DBUS both create fork-unsafe data on execution of
* a program, and since this kind of really unfriendly behavior seems to be
* more common these days in system libraries, we need to re-execute the
* background cupsd with the "-C" option to avoid problems. Unfortunately,
* we also have to assume that argv[0] contains the name of the cupsd
* executable - there is no portable way to get the real pathname...
*/
execlp(argv[0], argv[0], "-C", ConfigurationFile, (char *)0);
exit(errno);
}
if (fg < 1)
{
/*
* Make sure we aren't tying up any filesystems...
*/
chdir("/");
#ifndef DEBUG
/*
* Disable core dumps...
*/
getrlimit(RLIMIT_CORE, &limit);
limit.rlim_cur = 0;
setrlimit(RLIMIT_CORE, &limit);
/*
* Disconnect from the controlling terminal...
*/
setsid();
/*
* Close all open files...
*/
getrlimit(RLIMIT_NOFILE, &limit);
for (i = 0; i < limit.rlim_cur && i < 1024; i ++)
close(i);
/*
* Redirect stdin/out/err to /dev/null...
*/
if ((i = open("/dev/null", O_RDONLY)) != 0)
{
dup2(i, 0);
close(i);
}
if ((i = open("/dev/null", O_WRONLY)) != 1)
{
dup2(i, 1);
close(i);
}
if ((i = open("/dev/null", O_WRONLY)) != 2)
{
dup2(i, 2);
close(i);
}
#endif /* DEBUG */
}
/*
* Set the timezone info...
*/
tzset();
#ifdef LC_TIME
setlocale(LC_TIME, "");
#endif /* LC_TIME */
/*
* Set the maximum number of files...
*/
getrlimit(RLIMIT_NOFILE, &limit);
#if !defined(HAVE_POLL) && !defined(HAVE_EPOLL) && !defined(HAVE_KQUEUE)
if (limit.rlim_max > FD_SETSIZE)
MaxFDs = FD_SETSIZE;
else
#endif /* !HAVE_POLL && !HAVE_EPOLL && !HAVE_KQUEUE */
#ifdef RLIM_INFINITY
if (limit.rlim_max == RLIM_INFINITY)
MaxFDs = 16384;
else
#endif /* RLIM_INFINITY */
MaxFDs = limit.rlim_max;
limit.rlim_cur = MaxFDs;
setrlimit(RLIMIT_NOFILE, &limit);
cupsdStartSelect();
/*
* Read configuration...
*/
if (!cupsdReadConfiguration())
{
if (TestConfigFile)
printf("%s contains errors\n", ConfigurationFile);
else
syslog(LOG_LPR, "Unable to read configuration file \'%s\' - exiting!",
ConfigurationFile);
return (1);
}
else if (TestConfigFile)
{
printf("%s is OK\n", ConfigurationFile);
return (0);
}
/*
* Clean out old temp files and printer cache data.
*/
if (!strncmp(TempDir, RequestRoot, strlen(RequestRoot)))
cupsdCleanFiles(TempDir, NULL);
cupsdCleanFiles(CacheDir, "*.ipp");
#if HAVE_LAUNCHD
if (Launchd)
{
/*
* If we were started by launchd get the listen sockets file descriptors...
*/
launchd_checkin();
launchd_checkout();
}
#endif /* HAVE_LAUNCHD */
/*
* Startup the server...
*/
httpInitialize();
cupsdStartServer();
/*
* Catch hangup and child signals and ignore broken pipes...
*/
#ifdef HAVE_SIGSET /* Use System V signals over POSIX to avoid bugs */
sigset(SIGCHLD, sigchld_handler);
sigset(SIGHUP, sighup_handler);
sigset(SIGPIPE, SIG_IGN);
sigset(SIGTERM, sigterm_handler);
#elif defined(HAVE_SIGACTION)
memset(&action, 0, sizeof(action));
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGTERM);
sigaddset(&action.sa_mask, SIGCHLD);
action.sa_handler = sigchld_handler;
sigaction(SIGCHLD, &action, NULL);
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGHUP);
action.sa_handler = sighup_handler;
sigaction(SIGHUP, &action, NULL);
sigemptyset(&action.sa_mask);
action.sa_handler = SIG_IGN;
sigaction(SIGPIPE, &action, NULL);
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGTERM);
sigaddset(&action.sa_mask, SIGCHLD);
action.sa_handler = sigterm_handler;
sigaction(SIGTERM, &action, NULL);
#else
signal(SIGCLD, sigchld_handler); /* No, SIGCLD isn't a typo... */
signal(SIGHUP, sighup_handler);
signal(SIGPIPE, SIG_IGN);
signal(SIGTERM, sigterm_handler);
#endif /* HAVE_SIGSET */
#ifdef __sgi
/*
* Try to create a fake lpsched lock file if one is not already there.
* Some Adobe applications need it under IRIX in order to enable
* printing...
*/
if ((fp = cupsFileOpen("/var/spool/lp/SCHEDLOCK", "w")) == NULL)
{
syslog(LOG_LPR, "Unable to create fake lpsched lock file "
"\"/var/spool/lp/SCHEDLOCK\"\' - %s!",
strerror(errno));
}
else
{
fchmod(cupsFileNumber(fp), 0644);
fchown(cupsFileNumber(fp), User, Group);
cupsFileClose(fp);
}
#endif /* __sgi */
/*
* Initialize authentication certificates...
*/
cupsdInitCerts();
/*
* If we are running in the background, signal the parent process that
* we are up and running...
*/
if (!fg || run_as_child)
{
/*
* Send a signal to the parent process, but only if the parent is
* not PID 1 (init). This avoids accidentally shutting down the
* system on OpenBSD if you CTRL-C the server before it is up...
*/
i = getppid(); /* Save parent PID to avoid race condition */
if (i != 1)
kill(i, SIGUSR1);
}
#ifdef __APPLE__
/*
* Start power management framework...
*/
if (use_sysman)
cupsdStartSystemMonitor();
#endif /* __APPLE__ */
/*
* Send server-started event...
*/
#ifdef HAVE_LAUNCHD
if (Launchd)
cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL,
"Scheduler started via launchd.");
else
#endif /* HAVE_LAUNCHD */
if (fg)
cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL,
"Scheduler started in foreground.");
else
cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL,
"Scheduler started in background.");
/*
* Start any pending print jobs...
*/
cupsdCheckJobs();
/*
* Loop forever...
*/
current_time = time(NULL);
event_time = current_time;
expire_time = current_time;
fds = 1;
report_time = 0;
senddoc_time = current_time;
while (!stop_scheduler)
{
/*
* Check if there are dead children to handle...
*/
if (dead_children)
process_children();
/*
* Check if we need to load the server configuration file...
*/
if (NeedReload)
{
/*
* Close any idle clients...
*/
if (cupsArrayCount(Clients) > 0)
{
for (con = (cupsd_client_t *)cupsArrayFirst(Clients);
con;
con = (cupsd_client_t *)cupsArrayNext(Clients))
if (con->http.state == HTTP_WAITING)
cupsdCloseClient(con);
else
con->http.keep_alive = HTTP_KEEPALIVE_OFF;
cupsdPauseListening();
}
/*
* Restart if all clients are closed and all jobs finished, or
* if the reload timeout has elapsed...
*/
if ((cupsArrayCount(Clients) == 0 &&
(cupsArrayCount(PrintingJobs) == 0 || NeedReload != RELOAD_ALL)) ||
(time(NULL) - ReloadTime) >= ReloadTimeout)
{
/*
* Shutdown the server...
*/
DoingShutdown = 1;
cupsdStopServer();
/*
* Read configuration...
*/
if (!cupsdReadConfiguration())
{
syslog(LOG_LPR, "Unable to read configuration file \'%s\' - exiting!",
ConfigurationFile);
break;
}
#if HAVE_LAUNCHD
if (Launchd)
{
/*
* If we were started by launchd, get the listen socket file
* descriptors...
*/
launchd_checkin();
launchd_checkout();
}
#endif /* HAVE_LAUNCHD */
/*
* Startup the server...
*/
DoingShutdown = 0;
cupsdStartServer();
/*
* Send a server-restarted event...
*/
cupsdAddEvent(CUPSD_EVENT_SERVER_RESTARTED, NULL, NULL,
"Scheduler restarted.");
}
}
/*
* Check for available input or ready output. If cupsdDoSelect()
* returns 0 or -1, something bad happened and we should exit
* immediately.
*
* Note that we at least have one listening socket open at all
* times.
*/
if ((timeout = select_timeout(fds)) > 1 && LastEvent)
timeout = 1;
#if HAVE_LAUNCHD
/*
* If no other work is scheduled and we're being controlled by
* launchd then timeout after 'LaunchdTimeout' seconds of
* inactivity...
*/
if (timeout == 86400 && Launchd && LaunchdTimeout &&
!cupsArrayCount(ActiveJobs) &&
(!Browsing || !BrowseLocalProtocols || !cupsArrayCount(Printers)))
{
timeout = LaunchdTimeout;
launchd_idle_exit = 1;
}
else
launchd_idle_exit = 0;
#endif /* HAVE_LAUNCHD */
if ((fds = cupsdDoSelect(timeout)) < 0)
{
/*
* Got an error from select!
*/
#ifdef HAVE_DNSSD
cupsd_printer_t *p; /* Current printer */
#endif /* HAVE_DNSSD */
if (errno == EINTR) /* Just interrupted by a signal */
continue;
/*
* Log all sorts of debug info to help track down the problem.
*/
cupsdLogMessage(CUPSD_LOG_EMERG, "cupsdDoSelect() failed - %s!",
strerror(errno));
for (i = 0, con = (cupsd_client_t *)cupsArrayFirst(Clients);
con;
i ++, con = (cupsd_client_t *)cupsArrayNext(Clients))
cupsdLogMessage(CUPSD_LOG_EMERG,
"Clients[%d] = %d, file = %d, state = %d",
i, con->http.fd, con->file, con->http.state);
for (i = 0, lis = (cupsd_listener_t *)cupsArrayFirst(Listeners);
lis;
i ++, lis = (cupsd_listener_t *)cupsArrayNext(Listeners))
cupsdLogMessage(CUPSD_LOG_EMERG, "Listeners[%d] = %d", i, lis->fd);
cupsdLogMessage(CUPSD_LOG_EMERG, "CGIPipes[0] = %d", CGIPipes[0]);
#ifdef __APPLE__
cupsdLogMessage(CUPSD_LOG_EMERG, "SysEventPipes[0] = %d",
SysEventPipes[0]);
#endif /* __APPLE__ */
for (job = (cupsd_job_t *)cupsArrayFirst(ActiveJobs);
job;
job = (cupsd_job_t *)cupsArrayNext(ActiveJobs))
cupsdLogMessage(CUPSD_LOG_EMERG, "Jobs[%d] = %d < [%d %d] > [%d %d]",
job->id,
job->status_buffer ? job->status_buffer->fd : -1,
job->print_pipes[0], job->print_pipes[1],
job->back_pipes[0], job->back_pipes[1]);
#ifdef HAVE_DNSSD
for (p = (cupsd_printer_t *)cupsArrayFirst(Printers);
p;
p = (cupsd_printer_t *)cupsArrayNext(Printers))
cupsdLogMessage(CUPSD_LOG_EMERG, "printer[%s] reg_name=\"%s\"", p->name,
p->reg_name ? p->reg_name : "(null)");
#endif /* HAVE_DNSSD */
break;
}
current_time = time(NULL);
/*
* Write dirty config/state files...
*/
if (DirtyCleanTime && current_time >= DirtyCleanTime)
cupsdCleanDirty();
#ifdef __APPLE__
/*
* If we are going to sleep and still have pending jobs, stop them after
* a period of time...
*/
if (SleepJobs > 0 && current_time >= SleepJobs &&
cupsArrayCount(PrintingJobs) > 0)
{
SleepJobs = 0;
cupsdStopAllJobs(CUPSD_JOB_DEFAULT, 5);
}
#endif /* __APPLE__ */
#ifndef __APPLE__
/*
* Update the network interfaces once a minute...
*/
if ((current_time - netif_time) >= 60)
{
netif_time = current_time;
NetIFUpdate = 1;
}
#endif /* !__APPLE__ */
#if HAVE_LAUNCHD
/*
* If no other work was scheduled and we're being controlled by launchd
* then timeout after 'LaunchdTimeout' seconds of inactivity...
*/
if (!fds && launchd_idle_exit)
{
cupsdLogMessage(CUPSD_LOG_INFO,
"Printer sharing is off and there are no jobs pending, "
"will restart on demand.");
stop_scheduler = 1;
break;
}
#endif /* HAVE_LAUNCHD */
/*
* Resume listening for new connections as needed...
*/
if (ListeningPaused && ListeningPaused <= current_time &&
cupsArrayCount(Clients) < MaxClients)
cupsdResumeListening();
/*
* Expire subscriptions and unload completed jobs as needed...
*/
if (current_time > expire_time)
{
if (cupsArrayCount(Subscriptions) > 0)
cupsdExpireSubscriptions(NULL, NULL);
cupsdUnloadCompletedJobs();
expire_time = current_time;
}
#ifndef HAVE_AUTHORIZATION_H
/*
* Update the root certificate once every 5 minutes if we have client
* connections...
*/
if ((current_time - RootCertTime) >= RootCertDuration && RootCertDuration &&
!RunUser && cupsArrayCount(Clients))
{
/*
* Update the root certificate...
*/
cupsdDeleteCert(0);
cupsdAddCert(0, "root", NULL);
}
#endif /* !HAVE_AUTHORIZATION_H */
/*
* Check for new data on the client sockets...
*/
for (con = (cupsd_client_t *)cupsArrayFirst(Clients);
con;
con = (cupsd_client_t *)cupsArrayNext(Clients))
{
/*
* Process pending data in the input buffer...
*/
if (con->http.used)
{
cupsdReadClient(con);
continue;
}
/*
* Check the activity and close old clients...
*/
activity = current_time - Timeout;
if (con->http.activity < activity && !con->pipe_pid)
{
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Closing client %d after %d seconds of inactivity...",
con->http.fd, Timeout);
cupsdCloseClient(con);
continue;
}
}
/*
* Update any pending multi-file documents...
*/
if ((current_time - senddoc_time) >= 10)
{
cupsdCheckJobs();
senddoc_time = current_time;
}
/*
* Clean job history...
*/
if (JobHistoryUpdate && current_time >= JobHistoryUpdate)
cupsdCleanJobs();
/*
* Log statistics at most once a minute when in debug mode...
*/
if ((current_time - report_time) >= 60 && LogLevel >= CUPSD_LOG_DEBUG)
{
size_t string_count, /* String count */
alloc_bytes, /* Allocated string bytes */
total_bytes; /* Total string bytes */
#ifdef HAVE_MALLINFO
struct mallinfo mem; /* Malloc information */
mem = mallinfo();
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: malloc-arena=%lu", mem.arena);
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: malloc-used=%lu",
mem.usmblks + mem.uordblks);
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: malloc-free=%lu",
mem.fsmblks + mem.fordblks);
#endif /* HAVE_MALLINFO */
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: clients=%d",
cupsArrayCount(Clients));
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: jobs=%d",
cupsArrayCount(Jobs));
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: jobs-active=%d",
cupsArrayCount(ActiveJobs));
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: printers=%d",
cupsArrayCount(Printers));
string_count = _cupsStrStatistics(&alloc_bytes, &total_bytes);
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Report: stringpool-string-count=" CUPS_LLFMT,
CUPS_LLCAST string_count);
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Report: stringpool-alloc-bytes=" CUPS_LLFMT,
CUPS_LLCAST alloc_bytes);
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Report: stringpool-total-bytes=" CUPS_LLFMT,
CUPS_LLCAST total_bytes);
report_time = current_time;
}
/*
* Handle OS-specific event notification for any events that have
* accumulated. Don't send these more than once a second...
*/
if (LastEvent && (current_time - event_time) >= 1)
{
#ifdef HAVE_NOTIFY_POST
if (LastEvent & (CUPSD_EVENT_PRINTER_ADDED |
CUPSD_EVENT_PRINTER_DELETED |
CUPSD_EVENT_PRINTER_MODIFIED))
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"notify_post(\"com.apple.printerListChange\")");
notify_post("com.apple.printerListChange");
}
if (LastEvent & CUPSD_EVENT_PRINTER_STATE_CHANGED)
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"notify_post(\"com.apple.printerHistoryChange\")");
notify_post("com.apple.printerHistoryChange");
}
if (LastEvent & (CUPSD_EVENT_JOB_STATE_CHANGED |
CUPSD_EVENT_JOB_CONFIG_CHANGED |
CUPSD_EVENT_JOB_PROGRESS))
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"notify_post(\"com.apple.jobChange\")");
notify_post("com.apple.jobChange");
}
#endif /* HAVE_NOTIFY_POST */
/*
* Reset the accumulated events...
*/
LastEvent = CUPSD_EVENT_NONE;
event_time = current_time;
}
}
/*
* Log a message based on what happened...
*/
if (stop_scheduler)
{
cupsdLogMessage(CUPSD_LOG_INFO, "Scheduler shutting down normally.");
cupsdAddEvent(CUPSD_EVENT_SERVER_STOPPED, NULL, NULL,
"Scheduler shutting down normally.");
}
else
{
cupsdLogMessage(CUPSD_LOG_ERROR,
"Scheduler shutting down due to program error.");
cupsdAddEvent(CUPSD_EVENT_SERVER_STOPPED, NULL, NULL,
"Scheduler shutting down due to program error.");
}
/*
* Close all network clients...
*/
DoingShutdown = 1;
cupsdStopServer();
#ifdef HAVE_LAUNCHD
/*
* Update the launchd KeepAlive file as needed...
*/
if (Launchd)
launchd_checkout();
#endif /* HAVE_LAUNCHD */
/*
* Stop all jobs...
*/
cupsdFreeAllJobs();
#ifdef __APPLE__
/*
* Stop monitoring system event monitoring...
*/
if (use_sysman)
cupsdStopSystemMonitor();
#endif /* __APPLE__ */
#ifdef HAVE_GSSAPI
/*
* Free the scheduler's Kerberos context...
*/
# ifdef __APPLE__
/*
* If the weak-linked GSSAPI/Kerberos library is not present, don't try
* to use it...
*/
if (krb5_init_context != NULL)
# endif /* __APPLE__ */
if (KerberosContext)
krb5_free_context(KerberosContext);
#endif /* HAVE_GSSAPI */
#ifdef __sgi
/*
* Remove the fake IRIX lpsched lock file, but only if the existing
* file is not a FIFO which indicates that the real IRIX lpsched is
* running...
*/
if (!stat("/var/spool/lp/FIFO", &statbuf))
if (!S_ISFIFO(statbuf.st_mode))
unlink("/var/spool/lp/SCHEDLOCK");
#endif /* __sgi */
cupsdStopSelect();
return (!stop_scheduler);
}
void * /* O - Profile or NULL on error */
cupsdCreateProfile(int job_id, /* I - Job ID or 0 for none */
int allow_networking)/* I - Allow networking off machine? */
{
#ifdef HAVE_SANDBOX_H
cups_file_t *fp; /* File pointer */
char profile[1024], /* File containing the profile */
bin[1024], /* Quoted ServerBin */
cache[1024], /* Quoted CacheDir */
domain[1024], /* Domain socket, if any */
request[1024], /* Quoted RequestRoot */
root[1024], /* Quoted ServerRoot */
state[1024], /* Quoted StateDir */
temp[1024]; /* Quoted TempDir */
const char *nodebug; /* " (with no-log)" for no debug */
cupsd_listener_t *lis; /* Current listening socket */
if (!UseSandboxing || Sandboxing == CUPSD_SANDBOXING_OFF)
{
/*
* Only use sandbox profiles as root...
*/
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking);
return (NULL);
}
if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL)
{
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking);
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s",
strerror(errno));
return (NULL);
}
fchown(cupsFileNumber(fp), RunUser, Group);
fchmod(cupsFileNumber(fp), 0640);
cupsd_requote(bin, ServerBin, sizeof(bin));
cupsd_requote(cache, CacheDir, sizeof(cache));
cupsd_requote(request, RequestRoot, sizeof(request));
cupsd_requote(root, ServerRoot, sizeof(root));
cupsd_requote(state, StateDir, sizeof(state));
cupsd_requote(temp, TempDir, sizeof(temp));
nodebug = LogLevel < CUPSD_LOG_DEBUG ? " (with no-log)" : "";
cupsFilePuts(fp, "(version 1)\n");
if (Sandboxing == CUPSD_SANDBOXING_STRICT)
cupsFilePuts(fp, "(deny default)\n");
else
cupsFilePuts(fp, "(allow default)\n");
if (LogLevel >= CUPSD_LOG_DEBUG)
cupsFilePuts(fp, "(debug deny)\n");
cupsFilePuts(fp, "(import \"system.sb\")\n");
cupsFilePuts(fp, "(system-network)\n");
cupsFilePuts(fp, "(allow mach-per-user-lookup)\n");
cupsFilePuts(fp, "(allow ipc-posix-sem)\n");
cupsFilePuts(fp, "(allow ipc-posix-shm)\n");
cupsFilePuts(fp, "(allow ipc-sysv-shm)\n");
cupsFilePuts(fp, "(allow mach-lookup)\n");
if (!RunUser)
cupsFilePrintf(fp,
"(deny file-write* file-read-data file-read-metadata\n"
" (regex"
" #\"^/Users$\""
" #\"^/Users/\""
")%s)\n", nodebug);
cupsFilePrintf(fp,
"(deny file-write*\n"
" (regex"
" #\"^%s$\"" /* ServerRoot */
" #\"^%s/\"" /* ServerRoot/... */
" #\"^/private/etc$\""
" #\"^/private/etc/\""
" #\"^/usr/local/etc$\""
" #\"^/usr/local/etc/\""
" #\"^/Library$\""
" #\"^/Library/\""
" #\"^/System$\""
" #\"^/System/\""
")%s)\n",
root, root, nodebug);
/* Specifically allow applications to stat RequestRoot and some other system folders */
cupsFilePrintf(fp,
"(allow file-read-metadata\n"
" (regex"
" #\"^/$\"" /* / */
" #\"^/usr$\"" /* /usr */
" #\"^/Library$\"" /* /Library */
" #\"^/Library/Printers$\"" /* /Library/Printers */
" #\"^%s$\"" /* RequestRoot */
"))\n",
request);
/* Read and write TempDir, CacheDir, and other common folders */
cupsFilePuts(fp,
"(allow file-write* file-read-data file-read-metadata\n"
" (regex"
" #\"^/private/var/db/\""
" #\"^/private/var/folders/\""
" #\"^/private/var/lib/\""
" #\"^/private/var/log/\""
" #\"^/private/var/mysql/\""
" #\"^/private/var/run/\""
" #\"^/private/var/spool/\""
" #\"^/Library/Application Support/\""
" #\"^/Library/Caches/\""
" #\"^/Library/Logs/\""
" #\"^/Library/Preferences/\""
" #\"^/Library/WebServer/\""
" #\"^/Users/Shared/\""
"))\n");
cupsFilePrintf(fp,
"(deny file-write*\n"
" (regex #\"^%s$\")%s)\n",
request, nodebug);
cupsFilePrintf(fp,
"(deny file-write* file-read-data file-read-metadata\n"
" (regex #\"^%s/\")%s)\n",
request, nodebug);
cupsFilePrintf(fp,
"(allow file-write* file-read-data file-read-metadata\n"
" (regex"
" #\"^%s$\"" /* TempDir */
" #\"^%s/\"" /* TempDir/... */
" #\"^%s$\"" /* CacheDir */
" #\"^%s/\"" /* CacheDir/... */
" #\"^%s$\"" /* StateDir */
" #\"^%s/\"" /* StateDir/... */
"))\n",
temp, temp, cache, cache, state, state);
/* Read common folders */
cupsFilePrintf(fp,
"(allow file-read-data file-read-metadata\n"
" (regex"
" #\"^/AppleInternal$\""
" #\"^/AppleInternal/\""
" #\"^/bin$\"" /* /bin */
" #\"^/bin/\"" /* /bin/... */
" #\"^/private$\""
" #\"^/private/etc$\""
" #\"^/private/etc/\""
" #\"^/private/tmp$\""
" #\"^/private/tmp/\""
" #\"^/private/var$\""
" #\"^/private/var/db$\""
" #\"^/private/var/folders$\""
" #\"^/private/var/lib$\""
" #\"^/private/var/log$\""
" #\"^/private/var/mysql$\""
" #\"^/private/var/run$\""
" #\"^/private/var/spool$\""
" #\"^/private/var/tmp$\""
" #\"^/private/var/tmp/\""
" #\"^/usr/bin$\"" /* /usr/bin */
" #\"^/usr/bin/\"" /* /usr/bin/... */
" #\"^/usr/libexec/cups$\"" /* /usr/libexec/cups */
" #\"^/usr/libexec/cups/\"" /* /usr/libexec/cups/... */
" #\"^/usr/libexec/fax$\"" /* /usr/libexec/fax */
" #\"^/usr/libexec/fax/\"" /* /usr/libexec/fax/... */
" #\"^/usr/sbin$\"" /* /usr/sbin */
" #\"^/usr/sbin/\"" /* /usr/sbin/... */
" #\"^/Library$\"" /* /Library */
" #\"^/Library/\"" /* /Library/... */
" #\"^/System$\"" /* /System */
" #\"^/System/\"" /* /System/... */
" #\"^%s/Library$\"" /* RequestRoot/Library */
" #\"^%s/Library/\"" /* RequestRoot/Library/... */
" #\"^%s$\"" /* ServerBin */
" #\"^%s/\"" /* ServerBin/... */
" #\"^%s$\"" /* ServerRoot */
" #\"^%s/\"" /* ServerRoot/... */
"))\n",
request, request, bin, bin, root, root);
if (Sandboxing == CUPSD_SANDBOXING_RELAXED)
{
/* Limited write access to /Library/Printers/... */
cupsFilePuts(fp,
"(allow file-write*\n"
" (regex"
" #\"^/Library/Printers/.*/\""
"))\n");
cupsFilePrintf(fp,
"(deny file-write*\n"
" (regex"
" #\"^/Library/Printers/PPDs$\""
" #\"^/Library/Printers/PPDs/\""
" #\"^/Library/Printers/PPD Plugins$\""
" #\"^/Library/Printers/PPD Plugins/\""
")%s)\n", nodebug);
}
/* Allow execution of child processes as long as the programs are not in a user directory */
cupsFilePuts(fp, "(allow process*)\n");
cupsFilePuts(fp, "(deny process-exec (regex #\"^/Users/\"))\n");
if (RunUser && getenv("CUPS_TESTROOT"))
{
/* Allow source directory access in "make test" environment */
char testroot[1024]; /* Root directory of test files */
cupsd_requote(testroot, getenv("CUPS_TESTROOT"), sizeof(testroot));
cupsFilePrintf(fp,
"(allow file-write* file-read-data file-read-metadata\n"
" (regex"
" #\"^%s$\"" /* CUPS_TESTROOT */
" #\"^%s/\"" /* CUPS_TESTROOT/... */
"))\n",
testroot, testroot);
cupsFilePrintf(fp,
"(allow process-exec\n"
" (regex"
" #\"^%s/\"" /* CUPS_TESTROOT/... */
"))\n",
testroot);
cupsFilePrintf(fp, "(allow sysctl*)\n");
}
if (job_id)
{
/* Allow job filters to read the current job files... */
cupsFilePrintf(fp,
"(allow file-read-data file-read-metadata\n"
" (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n",
request, job_id, job_id);
}
else
{
/* Allow email notifications from notifiers... */
cupsFilePuts(fp,
"(allow process-exec\n"
" (literal \"/usr/sbin/sendmail\")\n"
" (with no-sandbox))\n");
}
/* Allow access to Bluetooth, USB, and notify_post. */
cupsFilePuts(fp, "(allow iokit*)\n");
cupsFilePuts(fp, "(allow distributed-notification-post)\n");
/* Allow outbound networking to local services */
cupsFilePuts(fp, "(allow network-outbound"
"\n (regex #\"^/private/var/run/\" #\"^/private/tmp/\" #\"^/private/var/tmp/\")");
for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners);
lis;
lis = (cupsd_listener_t *)cupsArrayNext(Listeners))
{
if (httpAddrFamily(&(lis->address)) == AF_LOCAL)
{
httpAddrString(&(lis->address), domain, sizeof(domain));
cupsFilePrintf(fp, "\n (literal \"%s\")", domain);
}
}
if (allow_networking)
{
/* Allow TCP and UDP networking off the machine... */
cupsFilePuts(fp, "\n (remote tcp))\n");
cupsFilePuts(fp, "(allow network-bind)\n"); /* for LPD resvport */
cupsFilePuts(fp, "(allow network*\n"
" (local udp \"*:*\")\n"
" (remote udp \"*:*\"))\n");
/* Also allow access to device files... */
cupsFilePuts(fp, "(allow file-write* file-read-data file-read-metadata file-ioctl\n"
" (regex #\"^/dev/\"))\n");
/* And allow kernel extensions to be loaded, e.g., SMB */
cupsFilePuts(fp, "(allow system-kext-load)\n");
}
else
{
/* Only allow SNMP (UDP) and LPD (TCP) off the machine... */
cupsFilePuts(fp, ")\n");
cupsFilePuts(fp, "(allow network-outbound\n"
" (remote udp \"*:161\")\n"
" (remote tcp \"*:515\"))\n");
cupsFilePuts(fp, "(allow network-inbound\n"
" (local udp \"localhost:*\"))\n");
}
cupsFileClose(fp);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d,allow_networking=%d) = \"%s\"", job_id, allow_networking, profile);
return ((void *)strdup(profile));
#else
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking);
return (NULL);
#endif /* HAVE_SANDBOX_H */
}
int /* O - 1 if log file open */
cupsdCheckLogFile(cups_file_t **lf, /* IO - Log file */
const char *logname) /* I - Log filename */
{
char backname[1024], /* Backup log filename */
filename[1024], /* Formatted log filename */
*ptr; /* Pointer into filename */
const char *logptr; /* Pointer into log filename */
/*
* See if we have a log file to check...
*/
if (!lf || !logname || !logname[0])
return (1);
/*
* Handle logging to stderr...
*/
if (!strcmp(logname, "stderr"))
{
*lf = LogStderr;
return (1);
}
/*
* Format the filename as needed...
*/
if (!*lf ||
(strncmp(logname, "/dev/", 5) && cupsFileTell(*lf) > MaxLogSize &&
MaxLogSize > 0))
{
/*
* Handle format strings...
*/
filename[sizeof(filename) - 1] = '\0';
if (logname[0] != '/')
{
strlcpy(filename, ServerRoot, sizeof(filename));
strlcat(filename, "/", sizeof(filename));
}
else
filename[0] = '\0';
for (logptr = logname, ptr = filename + strlen(filename);
*logptr && ptr < (filename + sizeof(filename) - 1);
logptr ++)
if (*logptr == '%')
{
/*
* Format spec...
*/
logptr ++;
if (*logptr == 's')
{
/*
* Insert the server name...
*/
strlcpy(ptr, ServerName, sizeof(filename) - (size_t)(ptr - filename));
ptr += strlen(ptr);
}
else
{
/*
* Otherwise just insert the character...
*/
*ptr++ = *logptr;
}
}
else
*ptr++ = *logptr;
*ptr = '\0';
}
/*
* See if the log file is open...
*/
if (!*lf)
{
/*
* Nope, open the log file...
*/
if ((*lf = cupsFileOpen(filename, "a")) == NULL)
{
/*
* If the file is in CUPS_LOGDIR then try to create a missing directory...
*/
if (!strncmp(filename, CUPS_LOGDIR, strlen(CUPS_LOGDIR)))
{
/*
* Try updating the permissions of the containing log directory, using
* the log file permissions as a basis...
*/
mode_t log_dir_perm = (mode_t)(0300 | LogFilePerm);
/* LogFilePerm + owner write/search */
if (log_dir_perm & 0040)
log_dir_perm |= 0010; /* Add group search */
if (log_dir_perm & 0004)
log_dir_perm |= 0001; /* Add other search */
cupsdCheckPermissions(CUPS_LOGDIR, NULL, log_dir_perm, RunUser, Group, 1, -1);
*lf = cupsFileOpen(filename, "a");
}
if (*lf == NULL)
{
#ifdef HAVE_SYSTEMD_SD_JOURNAL_H
sd_journal_print(LOG_ERR, "Unable to open log file \"%s\" - %s", filename, strerror(errno));
#else
syslog(LOG_ERR, "Unable to open log file \"%s\" - %s", filename, strerror(errno));
#endif /* HAVE_SYSTEMD_SD_JOURNAL_H */
if (FatalErrors & CUPSD_FATAL_LOG)
cupsdEndProcess(getpid(), 0);
return (0);
}
}
if (strncmp(filename, "/dev/", 5))
{
/*
* Change ownership and permissions of non-device logs...
*/
fchown(cupsFileNumber(*lf), RunUser, Group);
fchmod(cupsFileNumber(*lf), LogFilePerm);
}
}
/*
* Do we need to rotate the log?
*/
if (strncmp(logname, "/dev/", 5) && cupsFileTell(*lf) > MaxLogSize &&
MaxLogSize > 0)
{
/*
* Rotate log file...
*/
cupsFileClose(*lf);
strlcpy(backname, filename, sizeof(backname));
strlcat(backname, ".O", sizeof(backname));
unlink(backname);
rename(filename, backname);
if ((*lf = cupsFileOpen(filename, "a")) == NULL)
{
#ifdef HAVE_SYSTEMD_SD_JOURNAL_H
sd_journal_print(LOG_ERR, "Unable to open log file \"%s\" - %s", filename, strerror(errno));
#else
syslog(LOG_ERR, "Unable to open log file \"%s\" - %s", filename, strerror(errno));
#endif /* HAVE_SYSTEMD_SD_JOURNAL_H */
if (FatalErrors & CUPSD_FATAL_LOG)
cupsdEndProcess(getpid(), 0);
return (0);
}
/*
* Change ownership and permissions of non-device logs...
*/
fchown(cupsFileNumber(*lf), RunUser, Group);
fchmod(cupsFileNumber(*lf), LogFilePerm);
}
return (1);
}
static void
cups_create_localizations(
http_t *http, /* I - Connection to destination */
cups_dinfo_t *dinfo) /* I - Destination informations */
{
http_t *http2; /* Connection for strings file */
http_status_t status; /* Request status */
ipp_attribute_t *attr; /* "printer-strings-uri" attribute */
char scheme[32], /* URI scheme */
userpass[256], /* Username/password info */
hostname[256], /* Hostname */
resource[1024], /* Resource */
http_hostname[256],
/* Hostname of connection */
tempfile[1024]; /* Temporary filename */
int port; /* Port number */
http_encryption_t encryption; /* Encryption to use */
cups_file_t *temp; /* Temporary file */
/*
* Create an empty message catalog...
*/
dinfo->localizations = _cupsMessageNew(NULL);
/*
* See if there are any localizations...
*/
if ((attr = ippFindAttribute(dinfo->attrs, "printer-strings-uri",
IPP_TAG_URI)) == NULL)
{
/*
* Nope...
*/
DEBUG_puts("4cups_create_localizations: No printer-strings-uri (uri) "
"value.");
return; /* Nope */
}
/*
* Pull apart the URI and determine whether we need to try a different
* server...
*/
if (httpSeparateURI(HTTP_URI_CODING_ALL, attr->values[0].string.text,
scheme, sizeof(scheme), userpass, sizeof(userpass),
hostname, sizeof(hostname), &port, resource,
sizeof(resource)) < HTTP_URI_OK)
{
DEBUG_printf(("4cups_create_localizations: Bad printer-strings-uri value "
"\"%s\".", attr->values[0].string.text));
return;
}
httpGetHostname(http, http_hostname, sizeof(http_hostname));
if (!_cups_strcasecmp(http_hostname, hostname) &&
port == _httpAddrPort(http->hostaddr))
{
/*
* Use the same connection...
*/
http2 = http;
}
else
{
/*
* Connect to the alternate host...
*/
if (!strcmp(scheme, "https"))
encryption = HTTP_ENCRYPT_ALWAYS;
else
encryption = HTTP_ENCRYPT_IF_REQUESTED;
if ((http2 = httpConnectEncrypt(hostname, port, encryption)) == NULL)
{
DEBUG_printf(("4cups_create_localizations: Unable to connect to "
"%s:%d: %s", hostname, port, cupsLastErrorString()));
return;
}
}
/*
* Get a temporary file...
*/
if ((temp = cupsTempFile2(tempfile, sizeof(tempfile))) == NULL)
{
DEBUG_printf(("4cups_create_localizations: Unable to create temporary "
"file: %s", cupsLastErrorString()));
if (http2 != http)
httpClose(http2);
return;
}
status = cupsGetFd(http2, resource, cupsFileNumber(temp));
DEBUG_printf(("4cups_create_localizations: GET %s = %s", resource,
httpStatus(status)));
if (status == HTTP_OK)
{
/*
* Got the file, read it...
*/
char buffer[8192], /* Message buffer */
*id, /* ID string */
*str; /* Translated message */
_cups_message_t *m; /* Current message */
lseek(cupsFileNumber(temp), 0, SEEK_SET);
while (cups_read_strings(temp, buffer, sizeof(buffer), &id, &str))
{
if ((m = malloc(sizeof(_cups_message_t))) == NULL)
break;
m->id = strdup(id);
m->str = strdup(str);
if (m->id && m->str)
cupsArrayAdd(dinfo->localizations, m);
else
{
if (m->id)
free(m->id);
if (m->str)
free(m->str);
free(m);
break;
}
}
}
DEBUG_printf(("4cups_create_localizations: %d messages loaded.",
cupsArrayCount(dinfo->localizations)));
/*
* Cleanup...
*/
unlink(tempfile);
cupsFileClose(temp);
if (http2 != http)
httpClose(http2);
}
int /* O - Exit status */
main(int argc, /* I - Number of command-line args */
char *argv[] /* I - Command-line arguments */
#ifdef PRINT_AUXV
,
char* envp[]
#endif
)
{
int i; /* Looping var */
char *opt; /* Option character */
int fg; /* Run in the foreground */
int fds; /* Number of ready descriptors */
cupsd_client_t *con; /* Current client */
cupsd_job_t *job; /* Current job */
cupsd_listener_t *lis; /* Current listener */
time_t current_time, /* Current time */
activity, /* Client activity timer */
browse_time, /* Next browse send time */
senddoc_time, /* Send-Document time */
expire_time, /* Subscription expire time */
report_time, /* Malloc/client/job report time */
event_time; /* Last time an event notification was done */
long timeout; /* Timeout for cupsdDoSelect() */
struct rlimit limit; /* Runtime limit */
#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
struct sigaction action; /* Actions for POSIX signals */
#endif /* HAVE_SIGACTION && !HAVE_SIGSET */
#ifdef __sgi
cups_file_t *fp; /* Fake lpsched lock file */
struct stat statbuf; /* Needed for checking lpsched FIFO */
#endif /* __sgi */
#ifdef __APPLE__
int run_as_child = 0;
/* Needed for Mac OS X fork/exec */
#else
time_t netif_time = 0; /* Time since last network update */
#endif /* __APPLE__ */
#if HAVE_LAUNCHD
int launchd_idle_exit;
/* Idle exit on select timeout? */
#endif /* HAVE_LAUNCHD */
#ifdef PRINT_AUXV
Elf32_auxv_t *auxv;
while(*envp++ != NULL);
for (auxv = (Elf32_auxv_t *)envp; auxv->a_type != AT_NULL; auxv++)
{
if (auxv->a_type == AT_SYSINFO)
{
printf("AT_RANDOM is 0x%x\n", auxv->a_un.a_val);
}
}
#endif
#if UNDERSTAND_CUPS
printf("[main.c::main()] cups has just started in main()\n");
#endif
int count = 0;
int loops_desired = -1; // loop forever unless this is set
#ifdef HAVE_GETEUID
/*
* Check for setuid invocation, which we do not support!
*/
if (getuid() != geteuid())
{
fputs("cupsd: Cannot run as a setuid program!\n", stderr);
return (1);
}
#if UNDERSTAND_CUPS
printf("[main.c::main()] uid = %d, euid = %d\n", getuid(), geteuid());
#endif
#endif /* HAVE_GETEUID */
/*
* Check for command-line arguments...
*/
#if UNDERSTAND_CUPS
printf("[main.c::main()] parsing command line arguments \n");
#endif
fg = 0;
#ifdef HAVE_LAUNCHD
if (getenv("CUPSD_LAUNCHD"))
{
Launchd = 1;
fg = 1;
}
#endif /* HAVE_LAUNCHD */
for (i = 1; i < argc; i ++)
if (argv[i][0] == '-')
for (opt = argv[i] + 1; *opt != '\0'; opt ++)
switch (*opt)
{
#ifdef __APPLE__
case 'C' : /* Run as child with config file */
run_as_child = 1;
fg = -1;
#endif /* __APPLE__ */
case 'c' : /* Configuration file */
i ++;
if (i >= argc)
{
_cupsLangPuts(stderr, _("cupsd: Expected config filename "
"after \"-c\" option!\n"));
usage(1);
}
if (argv[i][0] == '/')
{
/*
* Absolute directory...
*/
cupsdSetString(&ConfigurationFile, argv[i]);
}
else
{
/*
* Relative directory...
*/
char *current; /* Current directory */
/*
* Allocate a buffer for the current working directory to
* reduce run-time stack usage; this approximates the
* behavior of some implementations of getcwd() when they
* are passed a NULL pointer.
*/
if ((current = malloc(1024)) == NULL)
{
_cupsLangPuts(stderr,
_("cupsd: Unable to get current directory!\n"));
return (1);
}
if (!getcwd(current, 1024))
{
_cupsLangPuts(stderr,
_("cupsd: Unable to get current directory!\n"));
free(current);
return (1);
}
cupsdSetStringf(&ConfigurationFile, "%s/%s", current, argv[i]);
free(current);
}
break;
case 'f' : /* Run in foreground... */
fg = 1;
break;
case 'F' : /* Run in foreground, but disconnect from terminal... */
fg = -1;
break;
case 'h' : /* Show usage/help */
usage(0);
break;
case 'l' : /* Started by launchd... */
#ifdef HAVE_LAUNCHD
Launchd = 1;
fg = 1;
#else
_cupsLangPuts(stderr, _("cupsd: launchd(8) support not compiled "
"in, running in normal mode.\n"));
fg = 0;
#endif /* HAVE_LAUNCHD */
break;
case 'p' : /* Stop immediately for profiling */
puts("Warning: -p option is for internal testing use only!");
stop_scheduler = 1;
fg = 1;
break;
/// XXX RAZA
case 'x' : /* Number of Iterations to Perform */
i ++;
loops_desired = atoi(argv[i]);
break;
default : /* Unknown option */
_cupsLangPrintf(stderr, _("cupsd: Unknown option \"%c\" - "
"aborting!\n"), *opt);
usage(1);
break;
}
else
{
_cupsLangPrintf(stderr, _("cupsd: Unknown argument \"%s\" - aborting!\n"),
argv[i]);
usage(1);
}
#if UNDERSTAND_CUPS
printf("[main.c::main()] done parsing command line arguments \n");
printf("[main.c::main()] num_loops = %d, foreground = %d\n", loops_desired, fg);
#endif
if (!ConfigurationFile)
cupsdSetString(&ConfigurationFile, CUPS_SERVERROOT "/cupsd.conf");
printf("[main.c::main()] configuration file = %s\n", ConfigurationFile);
/*
* If the user hasn't specified "-f", run in the background...
*/
if (!fg)
{
/*
* Setup signal handlers for the parent...
*/
#ifdef HAVE_SIGSET /* Use System V signals over POSIX to avoid bugs */
sigset(SIGUSR1, parent_handler);
sigset(SIGCHLD, parent_handler);
sigset(SIGHUP, SIG_IGN);
#elif defined(HAVE_SIGACTION)
memset(&action, 0, sizeof(action));
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGUSR1);
action.sa_handler = parent_handler;
sigaction(SIGUSR1, &action, NULL);
sigaction(SIGCHLD, &action, NULL);
sigemptyset(&action.sa_mask);
action.sa_handler = SIG_IGN;
sigaction(SIGHUP, &action, NULL);
#else
signal(SIGUSR1, parent_handler);
signal(SIGCLD, parent_handler);
signal(SIGHUP, SIG_IGN);
#endif /* HAVE_SIGSET */
if (fork() > 0)
{
/*
* OK, wait for the child to startup and send us SIGUSR1 or to crash
* and the OS send us SIGCHLD... We also need to ignore SIGHUP which
* might be sent by the init script to restart the scheduler...
*/
for (; parent_signal == 0;)
sleep(1);
if (parent_signal == SIGUSR1)
return (0);
if (wait(&i) < 0)
{
perror("cupsd");
return (1);
}
else if (WIFEXITED(i))
{
fprintf(stderr, "cupsd: Child exited with status %d!\n",
WEXITSTATUS(i));
return (2);
}
else
{
fprintf(stderr, "cupsd: Child exited on signal %d!\n", WTERMSIG(i));
return (3);
}
}
#ifdef __APPLE__
/*
* Since CoreFoundation has an overly-agressive check for whether a
* process has forked but not exec'd (whether CF has been called or
* not...), we now have to exec ourselves with the "-f" option to
* eliminate their bogus warning messages.
*/
execlp(argv[0], argv[0], "-C", ConfigurationFile, (char *)0);
exit(errno);
#endif /* __APPLE__ */
}
if (fg < 1)
{
/*
* Make sure we aren't tying up any filesystems...
*/
chdir("/");
#ifndef DEBUG
/*
* Disable core dumps...
*/
getrlimit(RLIMIT_CORE, &limit);
limit.rlim_cur = 0;
setrlimit(RLIMIT_CORE, &limit);
/*
* Disconnect from the controlling terminal...
*/
setsid();
/*
* Close all open files...
*/
getrlimit(RLIMIT_NOFILE, &limit);
for (i = 0; i < limit.rlim_cur && i < 1024; i ++)
close(i);
#endif /* DEBUG */
}
/*
* Set the timezone info...
*/
#if UNDERSTAND_CUPS
printf("[main.c::main()] setting timezone info, tzset()\n");
#endif
tzset();
#ifdef LC_TIME
setlocale(LC_TIME, "");
#if UNDERSTAND_CUPS
printf("[main.c::main()] setting locale info, setlocale()\n");
#endif
#endif /* LC_TIME */
/*
* Set the maximum number of files...
*/
getrlimit(RLIMIT_NOFILE, &limit);
#if !defined(HAVE_POLL) && !defined(HAVE_EPOLL) && !defined(HAVE_KQUEUE)
if (limit.rlim_max > FD_SETSIZE)
MaxFDs = FD_SETSIZE;
else
#endif /* !HAVE_POLL && !HAVE_EPOLL && !HAVE_KQUEUE */
#ifdef RLIM_INFINITY
if (limit.rlim_max == RLIM_INFINITY)
MaxFDs = 16384;
else
#endif /* RLIM_INFINITY */
MaxFDs = limit.rlim_max;
limit.rlim_cur = MaxFDs;
setrlimit(RLIMIT_NOFILE, &limit);
#if UNDERSTAND_CUPS
printf("[main.c::main()] set the maximum nuber of files = %d\n", MaxFDs);
#endif
cupsdStartSelect();
#if UNDERSTAND_CUPS
printf("[main.c::main()] done with cupsdStartSelect() i.e. polling engine\n");
#endif
/*
* Read configuration...
*/
if (!cupsdReadConfiguration())
{
syslog(LOG_LPR, "Unable to read configuration file \'%s\' - exiting!",
ConfigurationFile);
return (1);
}
printf("[main.c::main()] done with cupsdReadConfiguration\n");
if (!strncmp(TempDir, RequestRoot, strlen(RequestRoot)))
{
/*
* Clean out the temporary directory...
*/
cups_dir_t *dir; /* Temporary directory */
cups_dentry_t *dent; /* Directory entry */
char tempfile[1024]; /* Temporary filename */
printf("[main.c::main()] cleaning temp dir = %s\n", TempDir);
if ((dir = cupsDirOpen(TempDir)) != NULL)
{
cupsdLogMessage(CUPSD_LOG_INFO,
"Cleaning out old temporary files in \"%s\"...", TempDir);
while ((dent = cupsDirRead(dir)) != NULL)
{
snprintf(tempfile, sizeof(tempfile), "%s/%s", TempDir, dent->filename);
printf("[main.c::main()] deleting temp file = %s\n", tempfile);
if (cupsdRemoveFile(tempfile)) {
cupsdLogMessage(CUPSD_LOG_ERROR,
"Unable to remove temporary file \"%s\" - %s",
tempfile, strerror(errno));
printf("[main.c::main()] failed in deleting temp file = %s\n", tempfile);
}
else {
cupsdLogMessage(CUPSD_LOG_DEBUG, "Removed temporary file \"%s\"...",
tempfile);
printf("[main.c::main()] deleted temp file = %s\n", tempfile);
}
}
cupsDirClose(dir);
}
else {
cupsdLogMessage(CUPSD_LOG_ERROR,
"Unable to open temporary directory \"%s\" - %s",
TempDir, strerror(errno));
printf("[main.c::main()] couldn't open temp dir = %s\n", TempDir);
}
printf("[main.c::main()] DONE cleaning temp dir = %s\n", TempDir);
}
#if HAVE_LAUNCHD
if (Launchd)
{
/*
* If we were started by launchd get the listen sockets file descriptors...
*/
printf("[main.c::main()] launchd check in \n");
launchd_checkin();
}
#endif /* HAVE_LAUNCHD */
#if defined(__APPLE__) && defined(HAVE_DLFCN_H)
/*
* Load Print Service quota enforcement library (X Server only)
*/
PSQLibRef = dlopen(PSQLibPath, RTLD_LAZY);
if (PSQLibRef)
PSQUpdateQuotaProc = dlsym(PSQLibRef, PSQLibFuncName);
#endif /* __APPLE__ && HAVE_DLFCN_H */
#ifdef HAVE_GSSAPI
# ifdef __APPLE__
/*
* If the weak-linked GSSAPI/Kerberos library is not present, don't try
* to use it...
*/
if (krb5_init_context != NULL)
# endif /* __APPLE__ */
/*
* Setup a Kerberos context for the scheduler to use...
*/
if (krb5_init_context(&KerberosContext))
{
KerberosContext = NULL;
printf("[main.c::main()] unable to use krb5_init_context() \n");
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to initialize Kerberos context");
}
else
{
printf("[main.c::main()] used krb5_init_context() \n");
}
#endif /* HAVE_GSSAPI */
/*
* Startup the server...
*/
cupsdStartServer();
/*
* Catch hangup and child signals and ignore broken pipes...
*/
#ifdef HAVE_SIGSET /* Use System V signals over POSIX to avoid bugs */
sigset(SIGCHLD, sigchld_handler);
sigset(SIGHUP, sighup_handler);
sigset(SIGPIPE, SIG_IGN);
sigset(SIGTERM, sigterm_handler);
printf("[main.c::main()] used system V signals over POSIX\n");
#elif defined(HAVE_SIGACTION)
printf("[main.c::main()] used HAVE_SIGACTION\n");
memset(&action, 0, sizeof(action));
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGTERM);
sigaddset(&action.sa_mask, SIGCHLD);
action.sa_handler = sigchld_handler;
sigaction(SIGCHLD, &action, NULL);
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGHUP);
action.sa_handler = sighup_handler;
sigaction(SIGHUP, &action, NULL);
sigemptyset(&action.sa_mask);
action.sa_handler = SIG_IGN;
sigaction(SIGPIPE, &action, NULL);
sigemptyset(&action.sa_mask);
sigaddset(&action.sa_mask, SIGTERM);
sigaddset(&action.sa_mask, SIGCHLD);
action.sa_handler = sigterm_handler;
sigaction(SIGTERM, &action, NULL);
#else
printf("[main.c::main()]last signal options\n");
signal(SIGCLD, sigchld_handler); /* No, SIGCLD isn't a typo... */
signal(SIGHUP, sighup_handler);
signal(SIGPIPE, SIG_IGN);
signal(SIGTERM, sigterm_handler);
#endif /* HAVE_SIGSET */
#ifdef __sgi
/*
* Try to create a fake lpsched lock file if one is not already there.
* Some Adobe applications need it under IRIX in order to enable
* printing...
*/
printf("[main.c::main()] creating fake lpsched lock file \n");
if ((fp = cupsFileOpen("/var/spool/lp/SCHEDLOCK", "w")) == NULL)
{
syslog(LOG_LPR, "Unable to create fake lpsched lock file "
"\"/var/spool/lp/SCHEDLOCK\"\' - %s!",
strerror(errno));
}
else
{
fchmod(cupsFileNumber(fp), 0644);
fchown(cupsFileNumber(fp), User, Group);
cupsFileClose(fp);
}
#endif /* __sgi */
/*
* Initialize authentication certificates...
*/
cupsdInitCerts();
/*
* If we are running in the background, signal the parent process that
* we are up and running...
*/
#ifdef __APPLE__
if (!fg || run_as_child)
#else
if (!fg)
#endif /* __APPLE__ */
{
/*
* Send a signal to the parent process, but only if the parent is
* not PID 1 (init). This avoids accidentally shutting down the
* system on OpenBSD if you CTRL-C the server before it is up...
*/
i = getppid(); /* Save parent PID to avoid race condition */
if (i != 1)
kill(i, SIGUSR1);
}
#ifdef __APPLE__
/*
* Start power management framework...
*/
printf("[main.c::main()] starting system monitor (power management) \n");
cupsdStartSystemMonitor();
#endif /* __APPLE__ */
/*
* Start any pending print jobs...
*/
printf("[main.c::main()] starting any pending print jobs \n");
cupsdCheckJobs();
/*
* Loop forever...
*/
current_time = time(NULL);
browse_time = current_time;
event_time = current_time;
expire_time = current_time;
fds = 1;
report_time = 0;
senddoc_time = current_time;
while (!stop_scheduler)
{
// XXX RAZA
printf("[main.c::main()] scheduler loop # %d\n", count);
if (count++ == loops_desired)
{
printf("[main.c::main()] stopping scheduler loop\n");
stop_scheduler = 1;
continue;
}
printf("[main.c::main()] Top of loop, dead_children=%d, NeedReload=%d\n",
dead_children, NeedReload);
#ifdef DEBUG
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"main: Top of loop, dead_children=%d, NeedReload=%d",
dead_children, NeedReload);
#endif /* DEBUG */
/*
* Check if there are dead children to handle...
*/
if (dead_children)
process_children();
/*
* Check if we need to load the server configuration file...
*/
if (NeedReload)
{
/*
* Close any idle clients...
*/
if (cupsArrayCount(Clients) > 0)
{
for (con = (cupsd_client_t *)cupsArrayFirst(Clients);
con;
con = (cupsd_client_t *)cupsArrayNext(Clients))
if (con->http.state == HTTP_WAITING)
cupsdCloseClient(con);
else
con->http.keep_alive = HTTP_KEEPALIVE_OFF;
cupsdPauseListening();
}
/*
* Check for any active jobs...
*/
for (job = (cupsd_job_t *)cupsArrayFirst(ActiveJobs);
job;
job = (cupsd_job_t *)cupsArrayNext(ActiveJobs))
if (job->state_value == IPP_JOB_PROCESSING)
break;
/*
* Restart if all clients are closed and all jobs finished, or
* if the reload timeout has elapsed...
*/
if ((cupsArrayCount(Clients) == 0 &&
(!job || NeedReload != RELOAD_ALL)) ||
(time(NULL) - ReloadTime) >= ReloadTimeout)
{
/*
* Shutdown the server...
*/
cupsdStopServer();
/*
* Read configuration...
*/
if (!cupsdReadConfiguration())
{
syslog(LOG_LPR, "Unable to read configuration file \'%s\' - exiting!",
ConfigurationFile);
break;
}
#if HAVE_LAUNCHD
if (Launchd)
{
/*
* If we were started by launchd get the listen sockets file descriptors...
*/
launchd_checkin();
}
#endif /* HAVE_LAUNCHD */
/*
* Startup the server...
*/
cupsdStartServer();
}
}
/*
* Check for available input or ready output. If cupsdDoSelect()
* returns 0 or -1, something bad happened and we should exit
* immediately.
*
* Note that we at least have one listening socket open at all
* times.
*/
if ((timeout = select_timeout(fds)) > 1 && LastEvent)
timeout = 1;
#if HAVE_LAUNCHD
/*
* If no other work is scheduled and we're being controlled by
* launchd then timeout after 'LaunchdTimeout' seconds of
* inactivity...
*/
if (timeout == 86400 && Launchd && LaunchdTimeout && !NumPolled &&
!cupsArrayCount(ActiveJobs) &&
(!Browsing ||
(!BrowseRemoteProtocols &&
(!NumBrowsers || !BrowseLocalProtocols ||
cupsArrayCount(Printers) == 0))))
{
timeout = LaunchdTimeout;
launchd_idle_exit = 1;
}
else
launchd_idle_exit = 0;
#endif /* HAVE_LAUNCHD */
if ((fds = cupsdDoSelect(timeout)) < 0)
{
/*
* Got an error from select!
*/
#ifdef HAVE_DNSSD
cupsd_printer_t *p; /* Current printer */
#endif /* HAVE_DNSSD */
if (errno == EINTR) /* Just interrupted by a signal */
continue;
/*
* Log all sorts of debug info to help track down the problem.
*/
cupsdLogMessage(CUPSD_LOG_EMERG, "cupsdDoSelect() failed - %s!",
strerror(errno));
for (i = 0, con = (cupsd_client_t *)cupsArrayFirst(Clients);
con;
i ++, con = (cupsd_client_t *)cupsArrayNext(Clients))
cupsdLogMessage(CUPSD_LOG_EMERG,
"Clients[%d] = %d, file = %d, state = %d",
i, con->http.fd, con->file, con->http.state);
for (i = 0, lis = (cupsd_listener_t *)cupsArrayFirst(Listeners);
lis;
i ++, lis = (cupsd_listener_t *)cupsArrayNext(Listeners))
cupsdLogMessage(CUPSD_LOG_EMERG, "Listeners[%d] = %d", i, lis->fd);
cupsdLogMessage(CUPSD_LOG_EMERG, "BrowseSocket = %d", BrowseSocket);
cupsdLogMessage(CUPSD_LOG_EMERG, "CGIPipes[0] = %d", CGIPipes[0]);
#ifdef __APPLE__
cupsdLogMessage(CUPSD_LOG_EMERG, "SysEventPipes[0] = %d",
SysEventPipes[0]);
#endif /* __APPLE__ */
for (job = (cupsd_job_t *)cupsArrayFirst(ActiveJobs);
job;
job = (cupsd_job_t *)cupsArrayNext(ActiveJobs))
cupsdLogMessage(CUPSD_LOG_EMERG, "Jobs[%d] = %d < [%d %d] > [%d %d]",
job->id,
job->status_buffer ? job->status_buffer->fd : -1,
job->print_pipes[0], job->print_pipes[1],
job->back_pipes[0], job->back_pipes[1]);
#ifdef HAVE_DNSSD
for (p = (cupsd_printer_t *)cupsArrayFirst(Printers);
p;
p = (cupsd_printer_t *)cupsArrayNext(Printers))
cupsdLogMessage(CUPSD_LOG_EMERG, "printer[%s] %d", p->name,
p->dnssd_ipp_fd);
#endif /* HAVE_DNSSD */
break;
}
current_time = time(NULL);
#ifndef __APPLE__
/*
* Update the network interfaces once a minute...
*/
if ((current_time - netif_time) >= 60)
{
netif_time = current_time;
NetIFUpdate = 1;
}
#endif /* !__APPLE__ */
#if HAVE_LAUNCHD
/*
* If no other work was scheduled and we're being controlled by launchd
* then timeout after 'LaunchdTimeout' seconds of inactivity...
*/
if (!fds && launchd_idle_exit)
{
cupsdLogMessage(CUPSD_LOG_INFO,
"Printer sharing is off and there are no jobs pending, "
"will restart on demand.");
stop_scheduler = 1;
break;
}
#endif /* HAVE_LAUNCHD */
/*
* Resume listening for new connections as needed...
*/
if (ListeningPaused && ListeningPaused <= current_time &&
cupsArrayCount(Clients) < MaxClients)
cupsdResumeListening();
/*
* Expire subscriptions and unload completed jobs as needed...
*/
if (current_time > expire_time)
{
if (cupsArrayCount(Subscriptions) > 0)
cupsdExpireSubscriptions(NULL, NULL);
cupsdUnloadCompletedJobs();
expire_time = current_time;
}
/*
* Update the browse list as needed...
*/
if (Browsing)
{
#ifdef HAVE_LIBSLP
if ((BrowseRemoteProtocols & BROWSE_SLP) &&
BrowseSLPRefresh <= current_time)
cupsdUpdateSLPBrowse();
#endif /* HAVE_LIBSLP */
#ifdef HAVE_LDAP
if ((BrowseRemoteProtocols & BROWSE_LDAP) &&
BrowseLDAPRefresh <= current_time)
cupsdUpdateLDAPBrowse();
#endif /* HAVE_LDAP */
}
if (Browsing && current_time > browse_time)
{
cupsdSendBrowseList();
browse_time = current_time;
}
/*
* Update the root certificate once every 5 minutes if we have client
* connections...
*/
if ((current_time - RootCertTime) >= RootCertDuration && RootCertDuration &&
!RunUser && cupsArrayCount(Clients))
{
/*
* Update the root certificate...
*/
cupsdDeleteCert(0);
cupsdAddCert(0, "root", NULL);
}
/*
* Check for new data on the client sockets...
*/
for (con = (cupsd_client_t *)cupsArrayFirst(Clients);
con;
con = (cupsd_client_t *)cupsArrayNext(Clients))
{
/*
* Process pending data in the input buffer...
*/
if (con->http.used)
{
cupsdReadClient(con);
continue;
}
/*
* Check the activity and close old clients...
*/
activity = current_time - Timeout;
if (con->http.activity < activity && !con->pipe_pid)
{
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Closing client %d after %d seconds of inactivity...",
con->http.fd, Timeout);
cupsdCloseClient(con);
continue;
}
}
/*
* Update any pending multi-file documents...
*/
if ((current_time - senddoc_time) >= 10)
{
cupsdCheckJobs();
senddoc_time = current_time;
}
/*
* Log statistics at most once a minute when in debug mode...
*/
if ((current_time - report_time) >= 60 && LogLevel >= CUPSD_LOG_DEBUG)
{
size_t string_count, /* String count */
alloc_bytes, /* Allocated string bytes */
total_bytes; /* Total string bytes */
#ifdef HAVE_MALLINFO
struct mallinfo mem; /* Malloc information */
mem = mallinfo();
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: malloc-arena=%lu", mem.arena);
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: malloc-used=%lu",
mem.usmblks + mem.uordblks);
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: malloc-free=%lu",
mem.fsmblks + mem.fordblks);
#endif /* HAVE_MALLINFO */
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: clients=%d",
cupsArrayCount(Clients));
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: jobs=%d",
cupsArrayCount(Jobs));
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: jobs-active=%d",
cupsArrayCount(ActiveJobs));
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: printers=%d",
cupsArrayCount(Printers));
cupsdLogMessage(CUPSD_LOG_DEBUG, "Report: printers-implicit=%d",
cupsArrayCount(ImplicitPrinters));
string_count = _cupsStrStatistics(&alloc_bytes, &total_bytes);
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Report: stringpool-string-count=" CUPS_LLFMT,
CUPS_LLCAST string_count);
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Report: stringpool-alloc-bytes=" CUPS_LLFMT,
CUPS_LLCAST alloc_bytes);
cupsdLogMessage(CUPSD_LOG_DEBUG,
"Report: stringpool-total-bytes=" CUPS_LLFMT,
CUPS_LLCAST total_bytes);
report_time = current_time;
}
/*
* Handle OS-specific event notification for any events that have
* accumulated. Don't send these more than once a second...
*/
if (LastEvent && (current_time - event_time) >= 1)
{
#ifdef HAVE_NOTIFY_POST
if (LastEvent & (CUPSD_EVENT_PRINTER_ADDED |
CUPSD_EVENT_PRINTER_DELETED |
CUPSD_EVENT_PRINTER_MODIFIED))
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"notify_post(\"com.apple.printerListChange\")");
notify_post("com.apple.printerListChange");
}
if (LastEvent & CUPSD_EVENT_PRINTER_STATE_CHANGED)
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"notify_post(\"com.apple.printerHistoryChange\")");
notify_post("com.apple.printerHistoryChange");
}
if (LastEvent & (CUPSD_EVENT_JOB_STATE_CHANGED |
CUPSD_EVENT_JOB_CONFIG_CHANGED |
CUPSD_EVENT_JOB_PROGRESS))
{
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"notify_post(\"com.apple.jobChange\")");
notify_post("com.apple.jobChange");
}
#endif /* HAVE_NOTIFY_POST */
/*
* Reset the accumulated events...
*/
LastEvent = CUPSD_EVENT_NONE;
event_time = current_time;
}
}
/*
* Log a message based on what happened...
*/
if (stop_scheduler)
cupsdLogMessage(CUPSD_LOG_INFO, "Scheduler shutting down normally.");
else
cupsdLogMessage(CUPSD_LOG_ERROR,
"Scheduler shutting down due to program error.");
/*
* Close all network clients...
*/
cupsdStopServer();
#ifdef HAVE_LAUNCHD
/*
* Update the launchd KeepAlive file as needed...
*/
if (Launchd)
launchd_checkout();
#endif /* HAVE_LAUNCHD */
/*
* Stop all jobs...
*/
cupsdFreeAllJobs();
#ifdef __APPLE__
/*
* Stop monitoring system event monitoring...
*/
cupsdStopSystemMonitor();
#endif /* __APPLE__ */
#ifdef HAVE_GSSAPI
/*
* Free the scheduler's Kerberos context...
*/
# ifdef __APPLE__
/*
* If the weak-linked GSSAPI/Kerberos library is not present, don't try
* to use it...
*/
if (krb5_init_context != NULL)
# endif /* __APPLE__ */
if (KerberosContext)
krb5_free_context(KerberosContext);
#endif /* HAVE_GSSAPI */
#ifdef __APPLE__
#ifdef HAVE_DLFCN_H
/*
* Unload Print Service quota enforcement library (X Server only)
*/
PSQUpdateQuotaProc = NULL;
if (PSQLibRef)
{
dlclose(PSQLibRef);
PSQLibRef = NULL;
}
#endif /* HAVE_DLFCN_H */
#endif /* __APPLE__ */
#ifdef __sgi
/*
* Remove the fake IRIX lpsched lock file, but only if the existing
* file is not a FIFO which indicates that the real IRIX lpsched is
* running...
*/
if (!stat("/var/spool/lp/FIFO", &statbuf))
if (!S_ISFIFO(statbuf.st_mode))
unlink("/var/spool/lp/SCHEDLOCK");
#endif /* __sgi */
cupsdStopSelect();
return (!stop_scheduler);
}
void * /* O - Profile or NULL on error */
cupsdCreateProfile(int job_id) /* I - Job ID or 0 for none */
{
#ifdef HAVE_SANDBOX_H
cups_file_t *fp; /* File pointer */
char profile[1024], /* File containing the profile */
cache[1024], /* Quoted CacheDir */
request[1024], /* Quoted RequestRoot */
root[1024], /* Quoted ServerRoot */
temp[1024]; /* Quoted TempDir */
const char *nodebug; /* " (with no-log)" for no debug */
if (!UseProfiles)
{
/*
* Only use sandbox profiles as root...
*/
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL",
job_id);
return (NULL);
}
if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL)
{
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL",
job_id);
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s",
strerror(errno));
return (NULL);
}
fchown(cupsFileNumber(fp), RunUser, Group);
fchmod(cupsFileNumber(fp), 0640);
cupsd_requote(cache, CacheDir, sizeof(cache));
cupsd_requote(request, RequestRoot, sizeof(request));
cupsd_requote(root, ServerRoot, sizeof(root));
cupsd_requote(temp, TempDir, sizeof(temp));
nodebug = LogLevel < CUPSD_LOG_DEBUG ? " (with no-log)" : "";
cupsFilePuts(fp, "(version 1)\n");
cupsFilePuts(fp, "(allow default)\n");
cupsFilePrintf(fp,
"(deny file-write* file-read-data file-read-metadata\n"
" (regex"
" #\"^%s$\"" /* RequestRoot */
" #\"^%s/\"" /* RequestRoot/... */
")%s)\n",
request, request, nodebug);
if (!RunUser)
cupsFilePrintf(fp,
"(deny file-write* file-read-data file-read-metadata\n"
" (regex"
" #\"^/Users$\""
" #\"^/Users/\""
")%s)\n", nodebug);
cupsFilePrintf(fp,
"(deny file-write*\n"
" (regex"
" #\"^%s$\"" /* ServerRoot */
" #\"^%s/\"" /* ServerRoot/... */
" #\"^/private/etc$\""
" #\"^/private/etc/\""
" #\"^/usr/local/etc$\""
" #\"^/usr/local/etc/\""
" #\"^/Library$\""
" #\"^/Library/\""
" #\"^/System$\""
" #\"^/System/\""
")%s)\n",
root, root, nodebug);
/* Specifically allow applications to stat RequestRoot */
cupsFilePrintf(fp,
"(allow file-read-metadata\n"
" (regex"
" #\"^%s$\"" /* RequestRoot */
"))\n",
request);
cupsFilePrintf(fp,
"(allow file-write* file-read-data file-read-metadata\n"
" (regex"
" #\"^%s$\"" /* TempDir */
" #\"^%s/\"" /* TempDir/... */
" #\"^%s$\"" /* CacheDir */
" #\"^%s/\"" /* CacheDir/... */
" #\"^%s/Library$\"" /* RequestRoot/Library */
" #\"^%s/Library/\"" /* RequestRoot/Library/... */
" #\"^/Library/Application Support/\""
" #\"^/Library/Caches/\""
" #\"^/Library/Preferences/\""
" #\"^/Library/Printers/.*/\""
" #\"^/Users/Shared/\""
"))\n",
temp, temp, cache, cache, request, request);
cupsFilePrintf(fp,
"(deny file-write*\n"
" (regex"
" #\"^/Library/Printers/PPDs$\""
" #\"^/Library/Printers/PPDs/\""
" #\"^/Library/Printers/PPD Plugins$\""
" #\"^/Library/Printers/PPD Plugins/\""
")%s)\n", nodebug);
if (job_id)
{
/*
* Allow job filters to read the spool file(s)...
*/
cupsFilePrintf(fp,
"(allow file-read-data file-read-metadata\n"
" (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n",
request, job_id, job_id);
}
else
{
/*
* Allow email notifications from notifiers...
*/
cupsFilePuts(fp,
"(allow process-exec\n"
" (literal \"/usr/sbin/sendmail\")\n"
" (with no-sandbox)\n"
")\n");
}
cupsFileClose(fp);
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = \"%s\"",
job_id, profile);
return ((void *)strdup(profile));
#else
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL",
job_id);
return (NULL);
#endif /* HAVE_SANDBOX_H */
}
void
cupsdSaveAllClasses(void)
{
cups_file_t *fp; /* classes.conf file */
char temp[1024], /* Temporary string */
backup[1024], /* printers.conf.O file */
value[2048]; /* Value string */
cupsd_printer_t *pclass; /* Current printer class */
int i; /* Looping var */
time_t curtime; /* Current time */
struct tm *curdate; /* Current date */
cups_option_t *option; /* Current option */
/*
* Create the classes.conf file...
*/
snprintf(temp, sizeof(temp), "%s/classes.conf", ServerRoot);
snprintf(backup, sizeof(backup), "%s/classes.conf.O", ServerRoot);
if (rename(temp, backup))
{
if (errno != ENOENT)
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to backup classes.conf - %s",
strerror(errno));
}
if ((fp = cupsFileOpen(temp, "w")) == NULL)
{
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to save classes.conf - %s",
strerror(errno));
if (rename(backup, temp))
cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to restore classes.conf - %s",
strerror(errno));
return;
}
else
cupsdLogMessage(CUPSD_LOG_INFO, "Saving classes.conf...");
/*
* Restrict access to the file...
*/
fchown(cupsFileNumber(fp), RunUser, Group);
fchmod(cupsFileNumber(fp), 0600);
/*
* Write a small header to the file...
*/
curtime = time(NULL);
curdate = localtime(&curtime);
strftime(temp, sizeof(temp) - 1, "%Y-%m-%d %H:%M", curdate);
cupsFilePuts(fp, "# Class configuration file for " CUPS_SVERSION "\n");
cupsFilePrintf(fp, "# Written by cupsd on %s\n", temp);
cupsFilePuts(fp, "# DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING\n");
/*
* Write each local class known to the system...
*/
for (pclass = (cupsd_printer_t *)cupsArrayFirst(Printers);
pclass;
pclass = (cupsd_printer_t *)cupsArrayNext(Printers))
{
/*
* Skip remote destinations and regular printers...
*/
if ((pclass->type & CUPS_PRINTER_REMOTE) ||
(pclass->type & CUPS_PRINTER_IMPLICIT) ||
!(pclass->type & CUPS_PRINTER_CLASS))
continue;
/*
* Write printers as needed...
*/
if (pclass == DefaultPrinter)
cupsFilePrintf(fp, "<DefaultClass %s>\n", pclass->name);
else
cupsFilePrintf(fp, "<Class %s>\n", pclass->name);
if (pclass->num_auth_info_required > 0)
{
switch (pclass->num_auth_info_required)
{
case 1 :
strlcpy(value, pclass->auth_info_required[0], sizeof(value));
break;
case 2 :
snprintf(value, sizeof(value), "%s,%s",
pclass->auth_info_required[0],
pclass->auth_info_required[1]);
break;
case 3 :
default :
snprintf(value, sizeof(value), "%s,%s,%s",
pclass->auth_info_required[0],
pclass->auth_info_required[1],
pclass->auth_info_required[2]);
break;
}
cupsFilePutConf(fp, "AuthInfoRequired", value);
}
if (pclass->info)
cupsFilePutConf(fp, "Info", pclass->info);
if (pclass->location)
cupsFilePutConf(fp, "Location", pclass->location);
if (pclass->state == IPP_PRINTER_STOPPED)
cupsFilePuts(fp, "State Stopped\n");
else
cupsFilePuts(fp, "State Idle\n");
cupsFilePrintf(fp, "StateTime %d\n", (int)pclass->state_time);
if (pclass->accepting)
cupsFilePuts(fp, "Accepting Yes\n");
else
cupsFilePuts(fp, "Accepting No\n");
if (pclass->shared)
cupsFilePuts(fp, "Shared Yes\n");
else
cupsFilePuts(fp, "Shared No\n");
snprintf(value, sizeof(value), "%s %s", pclass->job_sheets[0],
pclass->job_sheets[1]);
cupsFilePutConf(fp, "JobSheets", value);
for (i = 0; i < pclass->num_printers; i ++)
cupsFilePrintf(fp, "Printer %s\n", pclass->printers[i]->name);
cupsFilePrintf(fp, "QuotaPeriod %d\n", pclass->quota_period);
cupsFilePrintf(fp, "PageLimit %d\n", pclass->page_limit);
cupsFilePrintf(fp, "KLimit %d\n", pclass->k_limit);
for (i = 0; i < pclass->num_users; i ++)
cupsFilePutConf(fp, pclass->deny_users ? "DenyUser" : "AllowUser",
pclass->users[i]);
if (pclass->op_policy)
cupsFilePutConf(fp, "OpPolicy", pclass->op_policy);
if (pclass->error_policy)
cupsFilePutConf(fp, "ErrorPolicy", pclass->error_policy);
for (i = pclass->num_options, option = pclass->options;
i > 0;
i --, option ++)
{
snprintf(value, sizeof(value), "%s %s", option->name, option->value);
cupsFilePutConf(fp, "Option", value);
}
cupsFilePuts(fp, "</Class>\n");
}
cupsFileClose(fp);
}