Bug 17225

Summary: Ordinary user can't print: Permission denied
Product: [Retired] Red Hat Raw Hide Reporter: Matthew Saltzman <mjs>
Component: LPRngAssignee: Crutcher Dunnavant <crutcher>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-09-11 16:53:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matthew Saltzman 2000-09-04 01:50:31 UTC
This is LPRng-3.6.22-3 rebuilt for RH6.2.  When a normal user attempts
to print a file, he gets the message:

	Warning - Cannot open file 'xxx.txt', Permission denied
	lp: nothing to print

xxx.txt has permissions -rw-rw-r--, and has the user as owner and group.

Root can print the same file with no problems.

Comment 1 Crutcher Dunnavant 2000-09-11 16:13:34 UTC
can you send me the result of the following commands?

ls -l `which lpr`
ls -ld .

thanks, but yes, there were some, ah, issues, that are probably fixed in the
coming version.

Comment 2 Matthew Saltzman 2000-09-11 16:53:02 UTC
[mjs@yankee ~]: ls -l `which lpr`
-rwsr-xr-x    1 lp       lp         462344 Sep  3 18:55 /usr/bin/lpr*
[mjs@yankee ~]: ls -ld .
drwx------   95 mjs      mjs          6144 Sep 11 12:46 ./

Possibly related: On reboot, lpd complained:
	cannot open lp device '/dev/lp0' - Permission denied

[mjs@yankee ~]: ls -l /dev/lp0
crw-rw----    1 root     daemon     6,   0 May  5  1998 /dev/lp0


Comment 3 Crutcher Dunnavant 2000-09-18 16:50:16 UTC
Hmm, /dev/lp* should look like this, so make that owner change
crw-rw----    1 root     lp         6,   0 Aug 24 05:00 /dev/lp0

and you should also chmod all the user tools (lpr, lpstat, lpq, lpc) to 0755,
they should NOT be setuid.

These are already address in-house, so there is no fix.