Xauth running in an interactive CUPS shell
Helge Blischke
h.blischke at acm.org
Wed Mar 2 06:53:25 PST 2011
Cups Seg wrote:
> Hello,
>
> I have written a cups backend that uses a tool to send a printing job to
> an X Client. The way it works is simple, the tool checks for which display
> that client is connected to and then executes the tool with two switches,
> display names and filename.
>
> In order to achieve this, with xauth in use, I have had to inject the
> MIT-COOKIE into the lp users .Xauthoirty file. I'm doing this with an ugly
> method of sudo, not very secure, but working. I dont mind to much as it's
> an segregated environemtn.
>
> However, when I execute the util, after doing su - lp (Yes, I changed the
> shell to a working one), I am able to run the utility and it uses the
> MIT-COOKIE. However, when I try to run "lp filename" as another user, and
> execute the backend script, I get the following error message :
>
> D [02/Mar/2011:13:19:24 +0000] [Job 6] elpr - Exceed Remote Print Utility,
> Version 13.7 D [02/Mar/2011:13:19:24 +0000] [Job 6]
> D [02/Mar/2011:13:19:24 +0000] [Job 6] Successful socket connection to
> app01.wa.vs.jepphost.com:11 D [02/Mar/2011:13:19:24 +0000] [Job 6]
> XOpenDisplay Failed reason: "No protocol specified D [02/Mar/2011:13:19:24
> +0000] [Job 6] " D [02/Mar/2011:13:19:24 +0000] [Job 6] Could not open
> display: "hostname.domain.tld:11"
>
> This per say doesn't mean that the tool doesn't work, but that the lp user
> doesn't pick up it's .Xauthority file before sending of the job.
>
> Does anyone know how I can get the lp user to use the .Xauthority file?
Wouldn't it be easier for the backend to become the requesting-user and
connect to the (remote) display as that?
Helge
More information about the cups
mailing list