[cups.development] [RFE] STR #1266: URI rewrite for nodomain hosts

Rafal rafal at poczta.homelinux.com
Fri Sep 9 13:30:33 PDT 2005 

[STR New]

with the following configuration:
===========================================================
------------------/etc/cups/cupsd.conf----------------
ServerName model.home.net
------------------bash---------------------------
anonymous at model:~$ hostname
model
anonymous at model:~$ dnsdomainname
home.net
anonyous at model:~$ host model
model.home.net has address 192.168.1.111
-------------/etc/cups/cupsd.conf-------------
| <Location /admin> is:
| Order Deny,Allow
| Deny From All
| Allow From 127.0.0.1
+----------------------------------------------
--------------test.c------------
main() {
        if (getdomainname(buff, BSIZE) == 0) {
                printf("%s\n", buff);
        }
}
-----------------------bash------------
anonymous at model:~/work/tmp$ ./a.out
(none)
----------------t.c------------------
main() {
        if (gethostname(buff, BSIZE) == 0) {
                printf("%s\n", buff);
        }
}
------------------------------------
anonymous at model:~/work/tmp$ ./a.out
model
-----------------------------------
=============================================================

It is NOT possible (due to the above "Deny From All" ACL) to access
</admin> locations (and thus do administrative tasks) on model's local
printers, since {admin_uri} substitution on </printers> page provide FQDN
of "model.home.net" for those printers. CUPSD assumes those printers are
remote to it because gethostname() on model returns none-FQDN.
Consequently CUPSD puts complete URI for those printers and this break the
above ACL. 

Still, the quoted above ACL is security-correct and thus is the default
for Debian installations - it should not be adjusted to contain host's
local interfaces (like 192.168.1.111 in case of "model" above). 

So, I'd like to request that: "When {*_uri} substitution gets none-FQDN
hostname from gethostname(), it should proceede with resolver functions to
get FQDN of the server host.". Such implementation is suggested in
`hostname` command manpage.

Some more elaborated diagnostic and reasoning may be found on CUPS
newsgroup thread containing message:
  http://www.cups.org/newsgroups.php?gcups.bugs+v:2651

Link: http://www.cups.org/str.php?L1266
Version: 1.2-feature

More information about the cups mailing list