Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
cups.13211
cups.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cups.spec of Package cups.13211
# # spec file for package cups # # Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: cups BuildRequires: dbus-1-devel BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: krb5-devel BuildRequires: libavahi-devel BuildRequires: libjpeg-devel BuildRequires: libpng-devel BuildRequires: libtiff-devel # Have libtool as explicit buildrequirement to no longer depend # on a "hidden" buildrequirement in the OBS project definition: BuildRequires: libtool # See the comment at 'configure' below why on SLE11 (suse_version = 1110) # the 'usb' backend must be built without libusb: %if 0%{?suse_version} > 1110 BuildRequires: libusb-1_0-devel %endif BuildRequires: openssl-devel BuildRequires: pam-devel BuildRequires: pkgconfig # See http://en.opensuse.org/openSUSE:Systemd_packaging_guidelines # that reads as of this writing (Thu Feb 13 12:20:32 CET 2014) # where here the RPM macro percentage sign is replaced with '@' to be safe: # Starting with openSUSE 12.1, several RPM macros # must be used to package systemd services files # Build Requirement # You should add : # @if 0@{?suse_version} >= 1210 # BuildRequires: systemd # @endif # as Build Requires. # Requires # Add # @{?systemd_requires} # to ensure the needed dependencies are added to your package %if 0%{?suse_version} >= 1210 BuildRequires: pkgconfig(libsystemd-daemon) BuildRequires: pkgconfig(systemd) %{?systemd_requires} %define have_systemd 1 # _tmpfilesdir is not defined in systemd macros up to openSUSE 12.3 and # in openSUSE 13.1 "rpm --eval @{_tmpfilesdir}" results /usr/lib/tmpfiles.d # (above the RPM macro percentage sign is replaced with '@' to be safe): %{!?_tmpfilesdir: %global _tmpfilesdir /usr/lib/tmpfiles.d } %endif BuildRequires: update-desktop-files BuildRequires: zlib-devel PreReq: coreutils # /usr/sbin/groupadd is called by the "pre" scriptlet: PreReq: /usr/sbin/groupadd PreReq: %insserv_prereq PreReq: %fillup_prereq # sysvinit(syslog) is first provided in openSUSE 11.4: %if 0%{?suse_version} > 1130 PreReq: sysvinit(syslog) %endif Url: http://www.cups.org/ Summary: The Common UNIX Printing System License: SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.1-only Group: Hardware/Printing # Source0...Source9 is for sources from upstream: # URL for Source0: http://www.cups.org/software/1.7.5/cups-1.7.5-source.tar.bz2 # MD5 sum for Source0 on http://www.cups.org/software.php 5d893edc2957005f78e2b2423fdace2e Version: 1.7.5 Release: 0 Source0: http://www.cups.org/software/%{version}/cups-%{version}-source.tar.bz2 # Require the exact matching version-release of the cups-libs sub-package because # non-matching CUPS libraries may let CUPS software crash (e.g. segfault) # because all CUPS software is built from the one same CUPS source tar ball # so that there are CUPS-internal dependencies via CUPS private API calls # (which do not happen for third-party software which uses only the CUPS public API). # The exact matching version-release of the cups-libs sub-package is available # on the same package repository where the cups package is because # all are built simulaneously from the same cups source package # and all required packages are provided on the same repository: Requires: cups-libs = %{version}-%{release} # Require the exact matching version-release of the cups-client sub-package because # because all CUPS software is built from the one same CUPS source tar ball # so that there could be whatever subtle CUPS-internal dependencies. # The exact matching version-release of the cups-client sub-package is available # on the same package repository where the cups package is because # all are built simulaneously from the same cups source package # and all required packages are provided on the same repository: Requires: cups-client = %{version}-%{release} # Since CUPS 1.6 all all non-Mac filters are dropped # (in particular pdftops, imagetops, imagetoraster, and texttops). # Linux-specific printing filters for CUPS are now provided by the cups-filters package. # But those filters are not strictly required for CUPS # (e.g. on client systems in the network where the filtering hapens on a CUPS server # or on a CUPS server with only "raw" queues) so that a weak Recommends fits better: Recommends: cups-filters # The Ghostscript device "cups" is needed by several CUPS filters # (in particular the "rasterto..." filters) which might justify a RPM Requires. # But a RPM requirement for ghostscript would cause a build dependency cycle because # cups Requires ghostscript which BuildRequires cups-devel which Requires cups-libs # and cups-libs is a sub-package of cups so that there is an implicit build dependency # cycle between the main-packages cups and ghostscript. # Furthermore Ghostscript is not needed on a system where those CUPS filters are not used # (e.g. on client systems in the network where the filtering hapens on a CUPS server # or on a CUPS server with only "raw" queues) so that a weak Recommends fits better: Recommends: ghostscript # Our Source105 PSLEVEL1.PPD.bz2 and Source106 PSLEVEL2.PPD.bz2 need foomatic-rip # but this does not justify a RPM Requires so that a weak Recommends is sufficient: Recommends: foomatic-filters # Conflicts with CUPS < 1.6 versions because CUPS 1.6 has major incompatible changes, # see https://bugzilla.novell.com/show_bug.cgi?id=735404 Conflicts: cups < 1.6 # Conflicts with other print spoolers which provide same binaries like /usr/bin/lp and so on # or which may listen on the same port (e.g. cups-lpd versus traditional lpd on port 515): Conflicts: lprng Conflicts: lprold Conflicts: plp # Patch0...Patch9 is for patches from upstream: # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch10 cups-1.2rc1-template.patch adds 'smb://...' URIs to templates/choose-uri.tmpl: Patch10: cups-1.2rc1-template.patch # Patch11 cups-1.4.3-default-webcontent-path.patch changes the default path whereto the # web content is installed from /usr/share/doc/cups to /usr/share/cups/webcontent # because the files of the CUPS web content are no documentation, see CUPS STR #3578 # and http://bugzilla.novell.com/show_bug.cgi?id=546023#c6 and subsequent comments: Patch11: cups-1.4.3-default-webcontent-path.patch # Patch12 0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch bsc#955432 -- React properly to avahi's ALL_FOR_NOW signal to reduce unneeded delay Patch12: 0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch # Patch13 0002-Save-work-on-Avahi-code.patch bsc#955432 -- React properly to avahi's ALL_FOR_NOW signal to reduce unneeded delay Patch13: 0002-Save-work-on-Avahi-code.patch # Patch14 0003-Avahi-fixes-for-cupsEnumDests.patch bsc#955432 -- React properly to avahi's ALL_FOR_NOW signal to reduce unneeded delay Patch14: 0003-Avahi-fixes-for-cupsEnumDests.patch # Patch15 0004-Fix-authorization-check-for-kerberos-local-connectio.patch # Fix authorization check for clients (like samba) connected through the # local socket when Kerberos authentication is enabled (bsc#1050082) Patch15: 0004-Fix-authorization-check-for-kerberos-local-connectio.patch # Patch16 Fix UTF-8 validation issue (bsc#1118118, Issue #5509) Patch16: issue5509-fix-utf-8-validation-issue.patch # Source100...Source999 is for private sources from SUSE which are not intended for upstream: Source101: cups.init Source102: Postscript.ppd.gz Source103: cups.sysconfig Source104: cups.xinetd Source105: Postscript-level1.ppd.gz Source106: Postscript-level2.ppd.gz Source108: cups-client.conf Source109: baselibs.conf Source110: cups.service # Patch100...Patch999 is for private patches from SUSE which are not intended for upstream: # Patch100 cups-pam.diff adds conf/pam.suse regarding support for PAM for SUSE: Patch100: cups-pam.diff # Patch101 cups-1.7-additional_policies.patch adds the 'allowallforanybody' policy # to cupsd.conf see https://fate.novell.com/303515 Patch101: cups-1.7-additional_policies.patch # Patch102 cups-1.3.9-desktop_file.patch changes desktop/cups.desktop according to what SUSE needs: Patch102: cups-1.3.9-desktop_file.patch # Patch103 cups-1.4-do_not_strip_recommended_from_PPDs.patch # reverts the change which was added by Michael Sweet in Jan 2007 # which strips the word "recommended" from NickName in PPDs because # at least yast2-printer in SUSE needs it, compare the # 'Why not "recommend" PPDs in the NickName?' and the subsequent # 'RFC: New Driver Rating/Information Attributes' mail thread on cups@easysw.com: Patch103: cups-1.4-do_not_strip_recommended_from_PPDs.patch # Patch104 cups-config-libs.patch fixes option --libs in cups-config script: Patch104: cups-config-libs.patch # Patch105 was str4351.patch that fixed STR #4351: cups-lpd hugh jobs (>2G) fail # is obsolete because it is fixed upstream since CUPS 1.7.2 # Patch106 str4551.CVE-2014-9679.CUPS-1.7.5.patch is the upstream patch # https://www.cups.org/strfiles.php/3438/str4551.patch # backported to CUPS-1.7.5 # that fixes a possible buffer overflow in filter/raster.c # (CUPS STR#4551 CVE-2014-9679 bugzilla.suse.com bsc#917799): Patch106: str4551.CVE-2014-9679.CUPS-1.7.5.patch # Patch107 str4609.CERT-VU-810572.CUPS-1.7.5.patch is the upstream patch # https://www.cups.org/strfiles.php/3480/str4609-1.7.patch # adapted to fit exactly for CUPS-1.7.5 # that fixes a possible privilege escalation via cross-site scripting # and bad print job submission used to replace cupsd.conf on server # plus possible bad ld.so interaction via dynamic linker variables # (CUPS STR#4609 CERT-VU-810572 CVE-2015-1158 CVE-2015-1159 bugzilla.suse.com bsc#924208): Patch107: str4609.CERT-VU-810572.CUPS-1.7.5.patch # Patch108 add_gziptoany_filter_when_raw_printing_multiple_files_GitHub4782.patch # is the upstream patch part for scheduler/job.c from # https://github.com/apple/cups/commit/f62664600159820a136a6e726a01a598b9ea292e # adapted to fit exactly for CUPS-1.7.5 # that fixes raw printing multiple files by adding the gziptoany filter see # https://github.com/apple/cups/issues/4782 # (bsc#968706) Patch108: add_gziptoany_filter_when_raw_printing_multiple_files_GitHub4782.patch # Patch109 cups-lpd_remove_adding_docname_GitHub4790.patch # is an excerpt from the upstream patch part for scheduler/cups-lpd.c from # https://github.com/apple/cups/commit/4cc64a80fd01016eb5c3b62b754fc684d87bfb89 # that avoids warnings in error_log of the form # "Unexpected 'document-name' operation attribute in a Create-Job request." see # https://github.com/apple/cups/issues/4790 # (SUSE Service Request 10994025138) Patch109: cups-lpd_remove_adding_docname_GitHub4790.patch # Patch110 cups-scheduler_logs_jobs_at_loglevel_info.patch is based on the upstream patch # https://github.com/apple/cups/commit/75c86da7a721554caea2dcc22a2f84b2fff465e8 # so that the scheduler now also logs messages for jobs at LogLevel "info" see # https://github.com/apple/cups/issues/4815 # and bsc#1021133 and bsc#990045 Patch110: cups-scheduler_logs_jobs_at_loglevel_info.patch # Patch111 CVE-2017-18190.patch removes localhost.localdomain from list # of trustworthy hosts in scheduler/client.c to avoid arbitrary IPP # command execution in conjunction with DNS rebinding (CVE-2017-18190 bsc#1081557). Patch111: CVE-2017-18190.patch # Patch112 Patch113 Patch114 # DBUS-notifications-could-crash-the-scheduler-Issue-5.patch # ipp-The-scheduler-now-substitutes-default-values-for-inv.patch # ipp-additional-changes-for-the-scheduler-to-substitute-d.patch # fix bsc#1061066 # DBUS library aborts caller process in _dbus_check_is_valid_utf8 (in particular that aborts cupsd) # which are the CUPS upstream issues # https://github.com/apple/cups/issues/5143 # Remote DoS attack against cupsd via invalid username and malicious D-Bus library # https://github.com/apple/cups/issues/5186 # squash non-UTF-8 strings into ASCII on plain IPP level # https://github.com/apple/cups/issues/5229 # persistently substitute invalid job attributes with default values - not only in add_job Patch112: DBUS-notifications-could-crash-the-scheduler-Issue-5.patch Patch113: ipp-The-scheduler-now-substitutes-default-values-for-inv.patch Patch114: ipp-additional-changes-for-the-scheduler-to-substitute-d.patch # Patch115 cups-branch-2.2-commit-97cb566568a8c3a9c07c7ccec09f28f5c5015954-for-cups-1.7.5-stripped.diff # is derived from https://github.com/apple/cups/commit/97cb566568a8c3a9c07c7ccec09f28f5c5015954 # and stripped down to only what is needed for CUPS 1.7.5 # that fixes local privilege escalation to root and sandbox bypasses in scheduler # (Apple's internal issues rdar://37836779, rdar://37836995, rdar://37837252, rdar://37837581) # bsc#1096405 CVE-2018-4180: cups: Local Privilege Escalation to Root in dnssd Backend (CUPS_SERVERBIN) # bsc#1096406 CVE-2018-4181: cups: Limited Local File Reads as Root via cupsd.conf Include Directive # bsc#1096407 CVE-2018-4182: cups: cups-exec Sandbox Bypass Due to Insecure Error Handling # bsc#1096408 CVE-2018-4183: cups: cups-exec Sandbox Bypass Due to Profile Misconfiguration Patch115: cups-branch-2.2-commit-97cb566568a8c3a9c07c7ccec09f28f5c5015954-for-cups-1.7.5-stripped.diff # Patch116 cups-2.2.7-CVE-2018-4700.patch from SLE15 also applies to cups-1.7.5 in SLE12 and fixes # CVE-2018-4700: session cookie is extremely predictable, effectively # breaking the CSRF protection of the CUPS web interface # https://bugzilla.suse.com/show_bug.cgi?id=1115750 (bsc#1115750): Patch116: cups-2.2.7-CVE-2018-4700.patch # Patch117 cups-1.7.5-CVE-2019-8675.CVE-2019-8696.patch fixes CVE-2019-8675 and CVE-2019-8696 # bsc#1146358 CVE-2019-8675: cups: stack-buffer-overflow in libcups's asn1_get_type function # bsc#1146359 CVE-2019-8696: cups: stack-buffer-overflow in libcups's asn1_get_packed function # and some other security/disclosure issues in # https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109 # except scheduler/client.c where the cups-1.7.5 code is too different Patch117: cups-1.7.5-CVE-2019-8675.CVE-2019-8696.patch # Install into this non-root directory (required when norootforbuild is used): BuildRoot: %{_tmppath}/%{name}-%{version}-build %description The Common UNIX Printing System (CUPS) is the standards-based, open source printing system. See http://www.cups.org CUPS >= 1.6 has major incompatible changes compared to CUPS 1.5. After a version upgrade to CUPS >= 1.6 printing in the network would no longer work as it did up to CUPS 1.5. For details regarding incompatible changes in CUPS >= 1.6 see https://bugzilla.novell.com/show_bug.cgi?id=735404 and follow the links therein. %package libs Summary: Libraries for CUPS License: SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.1-only Group: Hardware/Printing # Conflicts with CUPS < 1.6 versions because CUPS 1.6 has major incompatible changes, # see https://bugzilla.novell.com/show_bug.cgi?id=735404 Conflicts: cups-libs < 1.6 # Prerequire /sbin/ldconfig which is used in the traditional bash scriptlets for post/postun: PreReq: /sbin/ldconfig # https://bugzilla.novell.com/show_bug.cgi?id=437293 %ifarch ppc64 Obsoletes: cups-libs-64bit %endif %description libs The Common UNIX Printing System (CUPS) is the standards-based, open source printing system. See http://www.cups.org This package contains libraries needed by CUPS and other packages. CUPS >= 1.6 has major incompatible changes compared to CUPS 1.5. After a version upgrade to CUPS >= 1.6 printing in the network would no longer work as it did up to CUPS 1.5. For details regarding incompatible changes in CUPS >= 1.6 see https://bugzilla.novell.com/show_bug.cgi?id=735404 and follow the links therein. %package client Summary: CUPS Client Programs License: SUSE-GPL-2.0-with-openssl-exception Group: Hardware/Printing # Conflicts with CUPS < 1.6 versions because CUPS 1.6 has major incompatible changes, # see https://bugzilla.novell.com/show_bug.cgi?id=735404 Conflicts: cups-client < 1.6 # Conflicts with other print spoolers which provide same binaries like /usr/bin/lp and so on: Conflicts: lprng Conflicts: lprold Conflicts: plp # Require the exact matching version-release of the cups-libs sub-package because # non-matching CUPS libraries may let CUPS software crash (e.g. segfault) # because all CUPS software is built from the one same CUPS source tar ball # so that there are CUPS-internal dependencies via CUPS private API calls # (which do not happen for third-party software which uses only the CUPS public API). # The exact matching version-release of the cups-libs sub-package is available # on the same package repository where the cups package is because # all are built simulaneously from the same cups source package # and all required packages are provided on the same repository: Requires: cups-libs = %{version}-%{release} %description client The Common UNIX Printing System (CUPS) is the standards-based, open source printing system. See http://www.cups.org This package contains all programs needed for running a CUPS client, not a server. CUPS >= 1.6 has major incompatible changes compared to CUPS 1.5. After a version upgrade to CUPS >= 1.6 printing in the network would no longer work as it did up to CUPS 1.5. For details regarding incompatible changes in CUPS >= 1.6 see https://bugzilla.novell.com/show_bug.cgi?id=735404 and follow the links therein. %package devel Summary: Development Environment for CUPS License: SUSE-GPL-2.0-with-openssl-exception Group: Development/Libraries/C and C++ # Conflicts with CUPS < 1.6 versions because CUPS 1.6 has major incompatible changes, # see https://bugzilla.novell.com/show_bug.cgi?id=735404 Conflicts: cups-devel < 1.6 # Do not require the exact matching version-release of cups-libs # but only a cups-libs package with matching version because # for building third-party software which uses only the CUPS public API # there are no CUPS-internal dependencies via CUPS private API calls # (the latter would require the exact matching cups-libs version-release): Requires: cups-libs = %{version} Requires: glibc-devel # https://bugzilla.novell.com/show_bug.cgi?id=437293 %ifarch ppc64 Obsoletes: cups-devel-64bit %endif %description devel The Common UNIX Printing System (CUPS) is the standards-based, open source printing system. See http://www.cups.org This is the development package. CUPS >= 1.6 has major incompatible changes compared to CUPS 1.5. After a version upgrade to CUPS >= 1.6 printing in the network would no longer work as it did up to CUPS 1.5. For details regarding incompatible changes in CUPS >= 1.6 see https://bugzilla.novell.com/show_bug.cgi?id=735404 and follow the links therein. %package ddk Summary: CUPS Driver Development Kit License: SUSE-GPL-2.0-with-openssl-exception Group: Hardware/Printing # Conflicts with CUPS < 1.6 versions because CUPS 1.6 has major incompatible changes, # see https://bugzilla.novell.com/show_bug.cgi?id=735404 Conflicts: cups-ddk < 1.6 Requires: cups = %{version} Requires: cups-devel = %{version} # Since CUPS 1.4 the CUPS Driver Development Kit (DDK) is bundled with CUPS. # For CUPS 1.2.x and 1.3.x, the DDK was separated software # which we provided (up to openSUSE 11.1 / SLE11) in our cupsddk package: Provides: cupsddk = %{version} Obsoletes: cupsddk < %{version} %description ddk The Common UNIX Printing System (CUPS) is the standards-based, open source printing system. See http://www.cups.org The CUPS Driver Development Kit (DDK) provides a suite of standard drivers, a PPD file compiler, and other utilities that can be used to develop printer drivers for CUPS. CUPS >= 1.6 has major incompatible changes compared to CUPS 1.5. After a version upgrade to CUPS >= 1.6 printing in the network would no longer work as it did up to CUPS 1.5. For details regarding incompatible changes in CUPS >= 1.6 see https://bugzilla.novell.com/show_bug.cgi?id=735404 and follow the links therein. %prep # Be quiet when unpacking: %setup -q -n cups-%{version} # Patch0...Patch9 is for patches from upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch10 cups-1.2rc1-template.patch adds 'smb://...' URIs to templates/choose-uri.tmpl: %patch10 -p1 # Patch11 cups-1.4.3-default-webcontent-path.patch changes the default path whereto the # web content is installed from /usr/share/doc/cups to /usr/share/cups/webcontent # because the files of the CUPS web content are no documentation, see CUPS STR #3578 # and http://bugzilla.novell.com/show_bug.cgi?id=546023#c6 and subsequent comments: %patch11 # Patch12 0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch React properly to avahi's ALL_FOR_NOW signal to reduce unneeded delay %patch12 -p1 # Patch13 0002-Save-work-on-Avahi-code.patch React properly to avahi's ALL_FOR_NOW signal to reduce unneeded delay %patch13 -p1 # Patch14 0003-Avahi-fixes-for-cupsEnumDests.patch React properly to avahi's ALL_FOR_NOW signal to reduce unneeded delay %patch14 -p1 # Patch15 0004-Fix-authorization-check-for-kerberos-local-connectio.patch # Fix authorization check for clients (like samba) connected through the # local socket when Kerberos authentication is enabled (bsc#1050082) %patch15 -p1 %patch16 -p1 # Patch100...Patch999 is for private patches from SUSE which are not intended for upstream: # Patch100 cups-pam.diff adds conf/pam.suse regarding support for PAM for SUSE: %patch100 # Patch101 cups-1.7-additional_policies.patch adds the 'allowallforanybody' policy # to cupsd.conf see https://fate.novell.com/303515 %patch101 # Patch102 cups-1.3.9-desktop_file.patch changes desktop/cups.desktop according to what SUSE needs: %patch102 # Patch103 cups-1.4-do_not_strip_recommended_from_PPDs.patch # reverts the change which was added by Michael Sweet in Jan 2007 # which strips the word "recommended" from NickName in PPDs because # at least yast2-printer in SUSE needs it, compare the # 'Why not "recommend" PPDs in the NickName?' and the subsequent # 'RFC: New Driver Rating/Information Attributes' mail thread on cups@easysw.com: %patch103 # Patch104 cups-config-libs.patch fixes option --libs in cups-config script: %patch104 # Patch105 was str4351.patch that fixed STR #4351: cups-lpd hugh jobs (>2G) fail # is obsolete because it is fixed upstream since CUPS 1.7.2 # Patch106 str4551.CVE-2014-9679.CUPS-1.7.5.patch is the upstream patch # https://www.cups.org/strfiles.php/3438/str4551.patch # backported to CUPS-1.7.5 # that fixes a possible buffer overflow in filter/raster.c # (CUPS STR#4551 CVE-2014-9679 bugzilla.suse.com bsc#917799): %patch106 # Patch107 str4609.CERT-VU-810572.CUPS-1.7.5.patch is the upstream patch # https://www.cups.org/strfiles.php/3480/str4609-1.7.patch # adapted to fit exactly for CUPS-1.7.5 # that fixes a possible privilege escalation via cross-site scripting # and bad print job submission used to replace cupsd.conf on server # plus possible bad ld.so interaction via dynamic linker variables # (CUPS STR#4609 CERT-VU-810572 bugzilla.suse.com bsc#924208): %patch107 -p1 # Patch108 add_gziptoany_filter_when_raw_printing_multiple_files_GitHub4782.patch # is the upstream patch part for scheduler/job.c from # https://github.com/apple/cups/commit/f62664600159820a136a6e726a01a598b9ea292e # adapted to fit exactly for CUPS-1.7.5 # that fixes raw printing multiple files by adding the gziptoany filter see # https://github.com/apple/cups/issues/4782 # (bsc#968706) %patch108 # Patch109 cups-lpd_remove_adding_docname_GitHub4790.patch # is an excerpt from the upstream patch part for scheduler/cups-lpd.c from # https://github.com/apple/cups/commit/4cc64a80fd01016eb5c3b62b754fc684d87bfb89 # that avoids warnings in error_log of the form # "Unexpected 'document-name' operation attribute in a Create-Job request." see # https://github.com/apple/cups/issues/4790 # (SUSE Service Request 10994025138) %patch109 # Patch110 cups-scheduler_logs_jobs_at_loglevel_info.patch is based on the upstream patch # https://github.com/apple/cups/commit/75c86da7a721554caea2dcc22a2f84b2fff465e8 # so that the scheduler now also logs messages for jobs at LogLevel "info" see # https://github.com/apple/cups/issues/4815 # and bsc#1021133 and bsc#990045 %patch110 -p1 # Patch111 CVE-2017-18190.patch removes localhost.localdomain from list # of trustworthy hosts in scheduler/client.c to avoid arbitrary IPP # command execution in conjunction with DNS rebinding (CVE-2017-18190 bsc#1081557). %patch111 -p1 # Patch112 Patch113 Patch114 # DBUS-notifications-could-crash-the-scheduler-Issue-5.patch # ipp-The-scheduler-now-substitutes-default-values-for-inv.patch # ipp-additional-changes-for-the-scheduler-to-substitute-d.patch # fix bsc#1061066 # DBUS library aborts caller process in _dbus_check_is_valid_utf8 (in particular that aborts cupsd) # which are the CUPS upstream issues # https://github.com/apple/cups/issues/5143 # Remote DoS attack against cupsd via invalid username and malicious D-Bus library # https://github.com/apple/cups/issues/5186 # squash non-UTF-8 strings into ASCII on plain IPP level # https://github.com/apple/cups/issues/5229 # persistently substitute invalid job attributes with default values - not only in add_job %patch112 -p1 %patch113 -p1 %patch114 -p1 # Patch115 cups-branch-2.2-commit-97cb566568a8c3a9c07c7ccec09f28f5c5015954-for-cups-1.7.5-stripped.diff # is derived from https://github.com/apple/cups/commit/97cb566568a8c3a9c07c7ccec09f28f5c5015954 # and stripped down to only what is needed for CUPS 1.7.5 # that fixes local privilege escalation to root and sandbox bypasses in scheduler # (Apple's internal issues rdar://37836779, rdar://37836995, rdar://37837252, rdar://37837581) # bsc#1096405 CVE-2018-4180: cups: Local Privilege Escalation to Root in dnssd Backend (CUPS_SERVERBIN) # bsc#1096406 CVE-2018-4181: cups: Limited Local File Reads as Root via cupsd.conf Include Directive # bsc#1096407 CVE-2018-4182: cups: cups-exec Sandbox Bypass Due to Insecure Error Handling # bsc#1096408 CVE-2018-4183: cups: cups-exec Sandbox Bypass Due to Profile Misconfiguration %patch115 # Patch116 cups-2.2.7-CVE-2018-4700.patch from SLE15 also applies to cups-1.7.5 in SLE12 and fixes # CVE-2018-4700: session cookie is extremely predictable, effectively # breaking the CSRF protection of the CUPS web interface # https://bugzilla.suse.com/show_bug.cgi?id=1115750 (bsc#1115750): %patch116 # Patch117 cups-1.7.5-CVE-2019-8675.CVE-2019-8696.patch fixes CVE-2019-8675 and CVE-2019-8696 # bsc#1146358 CVE-2019-8675: cups: stack-buffer-overflow in libcups's asn1_get_type function # bsc#1146359 CVE-2019-8696: cups: stack-buffer-overflow in libcups's asn1_get_packed function # and some other security/disclosure issues in # https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109 # except scheduler/client.c where the cups-1.7.5 code is too different %patch117 %build # Disable SILENT run of make so that make runs verbose as usual: sed -i -e 's/^\.SILENT:/# .SILENT:/' Makedefs.in libtoolize --force aclocal autoconf export CXXFLAGS="$CXXFLAGS $RPM_OPT_FLAGS -O2 -fstack-protector" export CFLAGS="$RPM_OPT_FLAGS -fstack-protector -DLDAP_DEPRECATED" export CXX=g++ # As long as cups-1.4.3-default-webcontent-path.patch is applied # configure --with-docdir=... would be no longer needed # because cups-1.4.3-default-webcontent-path.patch changes the # default with-docdir path whereto the web content is installed # from /usr/share/doc/cups to /usr/share/cups/webcontent because the # files of the CUPS web content are no documentation, see CUPS STR #3578 # and http://bugzilla.novell.com/show_bug.cgi?id=546023#c6 and subsequent comments # so that the new default could be used as is but upstream may accept # cups-1.4.3-default-webcontent-path.patch in general but change its default # so that with-docdir is explicitly set here to be future proof. # Regarding --with-rundir and --with-domainsocket # see https://www.cups.org/str.php?L4306 # and the explanation that I got via mail from Robert Milasan (quotation): # the changes are due to systemd. Systemd needs /run and in our case # openSUSE we bind /run to /var/run which at boot time can created # issues, meaning /var/run is used before being binded to /run. # All apps should use /run and /run/lock instead of /var/run and /var/lock. # In other distro's they links /run to /var/run and /run/lock # to /var/lock, but we don't, so it's better to move everything # and yes upstream should do the same. Please also check: # http://lists.opensuse.org/opensuse-factory/2013-01/msg00578.html # Without "BuildRequires: libusb-1_0-devel" the --enable-libusb configure option # silently falls back to building the 'usb' backend without libusb. # Up to SLE11-SP1 building the 'usb' backend with libusb fails with # /usr/src/packages/BUILD/cups-1.7.0/backend/usb-libusb.c:745: undefined reference to `libusb_attach_kernel_driver' # and since SLE11-SP2 building the 'usb' backend with libusb works. # But there is the SUSE rule not to differentiate SP levels. # Quotation from the "If sles_version is not defined or 0 for SLES 12 on IBS" thread # on research@suse.de dated Fri, 7 Feb 2014 22:29:49 +0100: # According to FATE 316290 there will be no rpm macro to differentiate SP levels... # Because major updates and changes are no longer bound to a special SP version. # As far as I understand it this means cups built on SLE11-SP2 must also run on SLE11-SP1 # so that cups on whole SLE11 must be built with "--disable-libusb" to (hopefully) ensure # it is not accidentally built with libusb (e.g. by obscure build system install magic # that may install libusb-1_0-devel plus configure magic that may use "--enable-libusb"). # For the right suse_version value for SLE11 (SLE11 => suse_version = 1110) # see http://en.opensuse.org/openSUSE:Build_Service_cross_distribution_howto ./configure \ --enable-option-checking \ --mandir=%{_mandir} \ --sysconfdir=%{_sysconfdir} \ --libdir=%{_libdir} \ --datadir=%{_datadir} \ --with-docdir=%{_datadir}/cups/webcontent \ --with-cups-user=lp \ --with-cups-group=lp \ --with-system-groups=root \ --enable-debug \ --enable-debug-printfs \ --enable-relro \ --enable-gssapi \ %if 0%{?suse_version} > 1110 --enable-libusb \ %else --disable-libusb \ %endif --disable-static \ --without-rcdir \ --enable-dbus \ --with-cachedir=/var/cache/cups \ %if 0%{?have_systemd} --with-rundir=/run/cups \ --with-domainsocket=/run/cups/cups.sock \ %endif --prefix=/ make %{?_smp_mflags} CXX=g++ %install make BUILDROOT=%{buildroot} install # Remove the CUPS banner files in /usr/share/cups/banners/ and # the CUPS testpage /usr/share/cups/data/testprint (which is also a CUPS banner file type) # because they do no longer work since CUPS >= 1.6, see http://www.cups.org/str.php?L4120 # because there is no longer a filter for Linux that can convert the CUPS banner files. # Since CUPS >= 1.6 only the banner files and testpage in the cups-filters package work # via the cups-filters PDF workflow and the cups-filters package also provides # the matching bannertopdf filter (see https://bugzilla.novell.com/show_bug.cgi?id=873376): rm -r %{buildroot}%{_datadir}/cups/banners rm %{buildroot}%{_datadir}/cups/data/testprint # Use CUPS' own fonts (i.e. make CUPS work again in compliance with upstream). # In ancient times (see the RPM changelog entry dated "Thu Aug 16 17:05:19 CEST 2001") # there was the general opinion it would be a great idea to deviate from CUPS upstream # and save some disk space and do not install CUPS' own fonts in CUPS' own font directory. # Therefore CUPS' own fonts were removed and the CUPS font directory was replaced # by a symbolic link /usr/share/cups/fonts -> ../ghostscript/fonts # because at that times the Ghostscript fonts had been the same as CUPS' own fonts. # In any case such a link is a fragile non-future-proof interference because when either # the Ghostscript fonts or CUPS' own fonts change, linking them as same is wrong. # Meanwhile (I don't know exactly since when but since a long time) the Ghostscript fonts # do no longer work for CUPS' particular needs (CUPS has its own fonts because it needs them). # Nobody noticed it until 2014 via https://bugzilla.novell.com/show_bug.cgi?id=856731 # But it is not possible with RPM to replace a directory by a symbolic link or vice versa # see https://bugzilla.novell.com/show_bug.cgi?id=856731#c7 # and https://bugzilla.novell.com/show_bug.cgi?id=856731#c8 # This means /usr/share/cups/fonts must stay forever as a symbolic link # and the only way out is to move CUPS' own fonts to an artificial # surrogate directory /usr/share/cups/CUPSfonts and have the # symbolic link /usr/share/cups/fonts -> /usr/share/cups/CUPSfonts: pushd %{buildroot}%{_datadir}/cups/ mv fonts CUPSfonts && ln -s CUPSfonts fonts popd # Source103: cups.sysconfig install -d -m755 %{buildroot}/var/adm/fillup-templates install -m 644 %{SOURCE103} %{buildroot}/var/adm/fillup-templates/sysconfig.cups # Make directory for ssl files: mkdir -p %{buildroot}%{_sysconfdir}/cups/ssl # Add a client.conf as template (Source108: cups-client.conf): install -m644 %{SOURCE108} %{buildroot}%{_sysconfdir}/cups/client.conf # Source104: cups.xinetd mkdir -p %{buildroot}%{_sysconfdir}/xinetd.d install -m 644 -D %{SOURCE104} %{buildroot}%{_sysconfdir}/xinetd.d/cups-lpd # Make the libraries accessible also via generic named links: ln -sf libcupsimage.so.2 %{buildroot}%{_libdir}/libcupsimage.so ln -sf libcups.so.2 %{buildroot}%{_libdir}/libcups.so # Add missing usual directories: install -d -m755 %{buildroot}%{_datadir}/cups/drivers install -d -m755 %{buildroot}/var/cache/cups # Add conf/pam.suse regarding support for PAM (see Patch100: cups-pam.diff): install -m 644 -D conf/pam.suse %{buildroot}/etc/pam.d/cups # Add missing usual documentation: install -d -m755 %{buildroot}/%{_defaultdocdir}/cups for f in CHANGES*.txt CREDITS.txt INSTALL.txt LICENSE.txt README.txt do install -m 644 "$f" %{buildroot}%{_defaultdocdir}/cups/ done # Add generic PostScript printer PPDs: # Source102: Postscript.ppd.gz install -m 644 %{SOURCE102} %{buildroot}%{_datadir}/cups/model/Postscript.ppd.gz # Source105: Postscript-level1.ppd,gz install -m 644 %{SOURCE105} %{buildroot}%{_datadir}/cups/model/Postscript-level1.ppd.gz # Source106: Postscript-level2.ppd.gz install -m 644 %{SOURCE106} %{buildroot}%{_datadir}/cups/model/Postscript-level2.ppd.gz # Add files for desktop menu: rm -f %{buildroot}%{_datadir}/applications/cups.desktop %suse_update_desktop_file -i cups PrintingUtility 2>/dev/null mkdir %{buildroot}%{_datadir}/pixmaps install -m 644 %{buildroot}%{_datadir}/icons/hicolor/64x64/apps/cups.png %{buildroot}%{_datadir}/pixmaps rm -rf %{buildroot}%{_datadir}/icons # Save /etc/cups/cupsd.conf and /etc/cups/cupsd.conf.default from becoming hardlinked # via the fdupes run below, see https://bugzilla.novell.com/show_bug.cgi?id=773971 # by making their content different and at the same time fix the misleading comment. # Intentionally let the build fail if 'grep' does not find what 'sed' should change # because if upstream changed it 'sed' would silently no longer change the files: grep -q '^# Sample configuration ' %{buildroot}/%{_sysconfdir}/cups/cupsd.conf sed -i -e 's/^# Sample configuration /# Configuration /' %{buildroot}/%{_sysconfdir}/cups/cupsd.conf grep -q '^# Sample configuration ' %{buildroot}/%{_sysconfdir}/cups/cupsd.conf.default sed -i -e 's/^# Sample configuration /# Default configuration /' %{buildroot}/%{_sysconfdir}/cups/cupsd.conf.default # Begin how cupsd is launched (via SysVinit or systemd): %if 0%{?have_systemd} # Begin launch cupsd via systemd: # See http://en.opensuse.org/openSUSE:Systemd_packaging_guidelines # that reads as of this writing (Thu Feb 13 12:20:32 CET 2014) # where here the RPM macro percentage sign is replaced with '@' to be safe: # Service files # Service files should always be installed in @_unitdir # (ie /usr/lib/systemd/system) and never in /etc/systemd/system # (so they can be overriden by users without conflicting with packaging). # Install Source110: cups.service install -d -m755 %{buildroot}/%{_unitdir} install -m 644 %{SOURCE110} %{buildroot}/%{_unitdir}/cups.service # Install /usr/lib/tmpfiles.d/cups.conf mkdir -p %{buildroot}%{_tmpfilesdir} cat > %{buildroot}%{_tmpfilesdir}/cups.conf <<EOF # See tmpfiles.d(5) for details d /run/cups 0755 root lp - d /run/cups/certs 0511 lp sys - d /var/spool/cups/tmp - - - 30d EOF # Provide SUSE policy symlink /usr/sbin/rcFOO -> /etc/init.d/FOO # /usr/sbin/service exists only since openSUSE 12.3: %if 0%{?suse_version} > 1220 ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rccups %else ln -s /sbin/service %{buildroot}%{_sbindir}/rccups %endif # End launch cupsd via systemd %else # Begin launch cupsd via SysVinit: install -d -m755 $RPM_BUILD_ROOT/etc/init.d # Source101: cups.init install -m755 %{SOURCE101} %{buildroot}/etc/init.d/cups ln -sf ../../etc/init.d/cups %{buildroot}/usr/sbin/rccups # End launch cupsd via SysVinit %endif # End how cupsd is launched (via SysVinit or systemd) # Run fdupes: # The RPM macro fdupes runs /usr/bin/fdupes that links files with identical content. # Never run fdupes carelessly over the whole buildroot directory # because in older openSUSE and SLE11 versions fdupes # links files with different owner, group, or permissions # see https://bugzilla.novell.com/show_bug.cgi?id=784670 # and even in current openSUSE versions fdupes links across sub-package boundaries, # compare https://bugzilla.novell.com/show_bug.cgi?id=784869 # so that fdupes can only run for specific directories where linking files is safe. # Using fdupes -s, which will create symlinks that are easier to grasp for rpm and # rpmlint will give a "dangling symlink" error if the file and link ended up in different packages. # All symlinks created by fdupes are in /usr/share/cups/templates/ # except /usr/share/cups/webcontent/images/cups-icon.png -> /usr/share/cups/webcontent/images/cups.png # but that one must not be a symlink because since CUPS 1.7.4/1.7.5 the cupsd web server does no longer # follow symlink to avoid security issues (see bnc#892587 and bnc#887240 and and the upstream # issues http://www.cups.org/str.php?L4450 and https://www.cups.org/str.php?L4455) # so that fdupes should only create symlinks in /usr/share/cups/templates/: %fdupes -s %{buildroot}/%{_datadir}/cups/templates %pre # Use a real bash script with an explicit "exit 0" at the end to be by default fail safe # an explicit "exit 1" must be use to enforce package install/upgrade/erase failure where needed # see the "Shared_libraries" section in http://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets /usr/sbin/groupadd -g 71 -o -r ntadmin 2>/dev/null || : %if 0%{?have_systemd} # Begin service_add_pre cups.service %service_add_pre cups.service # End service_add_pre cups.service %endif exit 0 %post # Use a real bash script with an explicit "exit 0" at the end to be by default fail safe # an explicit "exit 1" must be use to enforce package install/upgrade/erase failure where needed # see the "Shared_libraries" section in http://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets %if 0%{?have_systemd} # Begin service_add_post cups.service %service_add_post cups.service # End service_add_post cups.service %else # Begin fillup_and_insserv -ny cups cups %{fillup_and_insserv -ny cups cups} # End fillup_and_insserv -ny cups cups %endif exit 0 %preun # Use a real bash script with an explicit "exit 0" at the end to be by default fail safe # an explicit "exit 1" must be use to enforce package install/upgrade/erase failure where needed # see the "Shared_libraries" section in http://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets %if 0%{?have_systemd} # Begin service_del_preun cups.service %service_del_preun cups.service # End service_del_preun cups.service %else # Begin stop_on_removal cups %stop_on_removal cups # End stop_on_removal cups %endif exit 0 %postun # Use a real bash script with an explicit "exit 0" at the end to be by default fail safe # an explicit "exit 1" must be use to enforce package install/upgrade/erase failure where needed # see the "Shared_libraries" section in http://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets %if 0%{?have_systemd} # Begin service_del_postun cups.service %service_del_postun cups.service # End service_del_postun cups.service %else # Begin restart_on_update cups %restart_on_update cups # End restart_on_update cups # Begin insserv_cleanup %{insserv_cleanup} # End insserv_cleanup %endif exit 0 %post libs # Use a real bash script with an explicit "exit 0" at the end to be by default fail safe # an explicit "exit 1" must be use to enforce package install/upgrade/erase failure where needed # see the "Shared_libraries" section in http://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets /sbin/ldconfig exit 0 %postun libs # Use a real bash script with an explicit "exit 0" at the end to be by default fail safe # an explicit "exit 1" must be use to enforce package install/upgrade/erase failure where needed # see the "Shared_libraries" section in http://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets /sbin/ldconfig exit 0 %files # The files sections list all mandatory files explicitly one by one. # In particular all executables are listed explicitly. # This avoids that CUPS' configure magic might silently # not build and install an executable when whatever condition # for configure's automated tests is not fulfilled in the build system. # See https://bugzilla.novell.com/show_bug.cgi?id=526847#c9 # When all mandatory files are explicitly listed, # the build fails intentionally if a mandatory file was not built # which ensures that already existing correctly built binary RPMs # are not overwritten by broken RPMs where mandatory files are missing. %defattr(-,root,root) %config(noreplace) %attr(640,root,lp) %{_sysconfdir}/cups/cups-files.conf %config(noreplace) %attr(640,root,lp) %{_sysconfdir}/cups/cupsd.conf %config(noreplace) %attr(640,root,lp) %{_sysconfdir}/cups/snmp.conf %config(noreplace) %{_sysconfdir}/xinetd.d/cups-lpd %config %{_sysconfdir}/pam.d/cups %config %{_sysconfdir}/dbus-1/system.d/cups.conf %{_sysconfdir}/cups/cupsd.conf.default %dir %attr(755,root,lp) %{_sysconfdir}/cups/interfaces %dir %attr(755,root,lp) %{_sysconfdir}/cups/ppd %dir %attr(700,root,lp) %{_sysconfdir}/cups/ssl /var/adm/fillup-templates/sysconfig.cups %if 0%{?have_systemd} %{_unitdir}/cups.service %{_tmpfilesdir}/cups.conf %else %config %attr(0755,root,root) %{_sysconfdir}/init.d/cups %endif %{_bindir}/cupstestppd %{_sbindir}/cupsaddsmb %{_sbindir}/cupsctl %{_sbindir}/cupsd %{_sbindir}/cupsfilter %{_sbindir}/rccups %dir /usr/lib/cups %dir /usr/lib/cups/backend /usr/lib/cups/backend/dnssd /usr/lib/cups/backend/http /usr/lib/cups/backend/https /usr/lib/cups/backend/ipp /usr/lib/cups/backend/ipps /usr/lib/cups/backend/lpd # Dropped in CUPS 1.6: /usr/lib/cups/backend/parallel # Dropped in CUPS 1.6: /usr/lib/cups/backend/serial /usr/lib/cups/backend/snmp /usr/lib/cups/backend/socket /usr/lib/cups/backend/usb %dir /usr/lib/cups/cgi-bin /usr/lib/cups/cgi-bin/admin.cgi /usr/lib/cups/cgi-bin/classes.cgi /usr/lib/cups/cgi-bin/help.cgi /usr/lib/cups/cgi-bin/jobs.cgi /usr/lib/cups/cgi-bin/printers.cgi %dir /usr/lib/cups/daemon /usr/lib/cups/daemon/cups-deviced /usr/lib/cups/daemon/cups-driverd /usr/lib/cups/daemon/cups-exec /usr/lib/cups/daemon/cups-lpd # Dropped in CUPS 1.6: /usr/lib/cups/daemon/cups-polld %dir /usr/lib/cups/driver %dir /usr/lib/cups/filter # Dropped in CUPS 1.6: /usr/lib/cups/filter/bannertops # Dropped in CUPS 1.6: /usr/lib/cups/filter/commandtoescpx # Dropped in CUPS 1.6: /usr/lib/cups/filter/commandtopclx /usr/lib/cups/filter/commandtops /usr/lib/cups/filter/gziptoany # Dropped in CUPS 1.6: /usr/lib/cups/filter/imagetops # Dropped in CUPS 1.6: /usr/lib/cups/filter/imagetoraster # Dropped in CUPS 1.6: /usr/lib/cups/filter/pdftops /usr/lib/cups/filter/pstops /usr/lib/cups/filter/rastertodymo /usr/lib/cups/filter/rastertoepson # Dropped in CUPS 1.6: /usr/lib/cups/filter/rastertoescpx /usr/lib/cups/filter/rastertohp /usr/lib/cups/filter/rastertolabel # Dropped in CUPS 1.6: /usr/lib/cups/filter/rastertopclx /usr/lib/cups/filter/rastertopwg # Dropped in CUPS 1.6: /usr/lib/cups/filter/texttops %dir /usr/lib/cups/monitor /usr/lib/cups/monitor/bcp /usr/lib/cups/monitor/tbcp %dir /usr/lib/cups/notifier /usr/lib/cups/notifier/dbus /usr/lib/cups/notifier/mailto /usr/lib/cups/notifier/rss %dir %attr(0775,root,ntadmin) %{_datadir}/cups/drivers %{_datadir}/applications/cups.desktop %{_datadir}/pixmaps/cups.png %doc %{_defaultdocdir}/cups %doc %{_mandir}/man1/cupstestppd.1.gz %doc %{_mandir}/man5/classes.conf.5.gz %doc %{_mandir}/man5/client.conf.5.gz %doc %{_mandir}/man5/cups-snmp.conf.5.gz %doc %{_mandir}/man5/cups-files.conf.5.gz %doc %{_mandir}/man5/cupsd.conf.5.gz %doc %{_mandir}/man5/mailto.conf.5.gz %doc %{_mandir}/man5/mime.convs.5.gz %doc %{_mandir}/man5/mime.types.5.gz %doc %{_mandir}/man5/printers.conf.5.gz %doc %{_mandir}/man5/subscriptions.conf.5.gz %doc %{_mandir}/man7/backend.7.gz %doc %{_mandir}/man7/filter.7.gz %doc %{_mandir}/man7/notifier.7.gz %doc %{_mandir}/man8/cups-deviced.8.gz %doc %{_mandir}/man8/cups-driverd.8.gz %doc %{_mandir}/man8/cups-lpd.8.gz # Dropped in CUPS 1.6: doc {_mandir}/man8/cups-polld.8.gz %doc %{_mandir}/man8/cups-snmp.8.gz %doc %{_mandir}/man8/cupsaddsmb.8.gz %doc %{_mandir}/man8/cupsctl.8.gz %doc %{_mandir}/man8/cupsd.8.gz %doc %{_mandir}/man8/cupsfilter.8.gz %{_datadir}/cups/ %exclude %{_datadir}/cups/ppdc/ %files client # Set explicite owner, group, and permissions for lppasswd # to enforce to have the upstream owner, group, and permissions in the RPM # because otherwise our build magic /usr/sbin/Check sets them to lp:lp 2755 # according to /etc/permissions.secure in the build system, # see https://bugzilla.novell.com/show_bug.cgi?id=574336#c12 # and subsequent comments up to comment #17 therein. # Even if /etc/permissions.secure in the openSUSE:Factory build system might be # already fixed, it must also work for build systems for released products. %defattr(-,root,root) %{_bindir}/cancel %{_bindir}/cupstestdsc %{_bindir}/ippfind %{_bindir}/ipptool %{_bindir}/lp %{_bindir}/lpoptions %attr(0555,root,root) %{_bindir}/lppasswd %{_bindir}/lpq %{_bindir}/lpr %{_bindir}/lprm %{_bindir}/lpstat %{_sbindir}/accept %{_sbindir}/cupsaccept %{_sbindir}/cupsdisable %{_sbindir}/cupsenable %{_sbindir}/cupsreject %{_sbindir}/lpadmin %{_sbindir}/lpc %{_sbindir}/lpinfo %{_sbindir}/lpmove %{_sbindir}/reject %doc %{_mandir}/man1/cancel.1.gz %doc %{_mandir}/man1/cupstestdsc.1.gz %doc %{_mandir}/man1/ippfind.1.gz %doc %{_mandir}/man1/ipptool.1.gz %doc %{_mandir}/man1/lp.1.gz %doc %{_mandir}/man1/lpoptions.1.gz %doc %{_mandir}/man1/lppasswd.1.gz %doc %{_mandir}/man1/lpq.1.gz %doc %{_mandir}/man1/lpr.1.gz %doc %{_mandir}/man1/lprm.1.gz %doc %{_mandir}/man1/lpstat.1.gz %doc %{_mandir}/man5/ipptoolfile.5.gz %doc %{_mandir}/man8/accept.8.gz %doc %{_mandir}/man8/cupsaccept.8.gz %doc %{_mandir}/man8/cupsdisable.8.gz %doc %{_mandir}/man8/cupsenable.8.gz %doc %{_mandir}/man8/cupsreject.8.gz %doc %{_mandir}/man8/lpadmin.8.gz %doc %{_mandir}/man8/lpc.8.gz %doc %{_mandir}/man8/lpinfo.8.gz %doc %{_mandir}/man8/lpmove.8.gz %doc %{_mandir}/man8/reject.8.gz %files devel %defattr(-,root,root) %{_includedir}/cups/ %{_libdir}/libcups.so %{_libdir}/libcupsimage.so %{_libdir}/libcupscgi.so # Dropped in CUPS 1.6: {_libdir}/libcupsdriver.so %{_libdir}/libcupsmime.so %{_libdir}/libcupsppdc.so %{_datadir}/cups/ppdc/ %files ddk %defattr(-,root,root) %{_bindir}/ppdc %{_bindir}/ppdhtml %{_bindir}/ppdi %{_bindir}/ppdmerge %{_bindir}/ppdpo %doc %{_mandir}/man1/ppdc.1.gz %doc %{_mandir}/man1/ppdhtml.1.gz %doc %{_mandir}/man1/ppdi.1.gz %doc %{_mandir}/man1/ppdmerge.1.gz %doc %{_mandir}/man1/ppdpo.1.gz %doc %{_mandir}/man5/ppdcfile.5.gz %files libs %defattr(-,root,root) %config(noreplace) %{_sysconfdir}/cups/client.conf %dir %attr(0710,root,lp) %{_var}/spool/cups %dir %attr(1770,root,lp) %{_var}/spool/cups/tmp %dir %attr(0755,lp,lp) %{_var}/log/cups/ %dir %attr(0775,lp,lp) %{_var}/cache/cups %{_bindir}/cups-config %{_libdir}/libcups.so.* %{_libdir}/libcupscgi.so.* # Dropped in CUPS 1.6: {_libdir}/libcupsdriver.so.* %{_libdir}/libcupsimage.so.* %{_libdir}/libcupsmime.so.* %{_libdir}/libcupsppdc.so.* %{_datadir}/locale/*/cups_* %doc %{_mandir}/man1/cups-config.1.gz %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
