Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Clean up temporary directories by the run-cupsd script
CUPS cleans up its temporary directory right after starting, but it does a simple recursive deletion of all files and directories as root, which works fine in a classic installation of CUPS. In the Snap CUPS has no CAP_DAC_OVERRIDE capability and so has to obey the permissions and ownerships of each file or directory it removes, even as root. Therefore we already clean in the run-cupsd script but with an enhanced algorithm, doing recursive chown to root, recursive chmod for the owner (now root) be have full access and the we recursively delete the temporary directory. As sometimes the recursive chown does reach the full depth due to file permissions we repeat this sequence to get deepr with chown after a recursive chmod, until we reach the end and succeed to delete the whole directory. We also initialize new temp directories after that and set correct ownerships and permissions. After that CUPS does not need to clean up any more and so does not cause any DENIED syslog messages on the CAP_DAC_OVERRIDE/dac_override capability.
- Loading branch information