Bug 16687 - LPR does not work over NFS
LPR does not work over NFS
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: lpr (Show other bugs)
6.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Crutcher Dunnavant
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-08-21 13:45 EDT by Christopher Wong
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-08-21 15:10:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Christopher Wong 2000-08-21 13:45:58 EDT
Hi there. I have a diskless Linux box that mounts its root filesystem
over NFS from another Linux box. I recently spent some time getting
lpr working locally on the diskless box. The main problem I
encountered was that the lpr client -- when not run as root -- kept
getting permission errors writing files. I am using lpr-0.50-4 from
RedHat 6.2. Looking at lpr.c, I found that there is a number of places
where the code goes like this (paraphrased):

seteuid(euid); // set suid privileges
setegid(egid);
// create/open file
seteuid(uid); // revert to caller's privileges
setegid(gid);
// do stuff with opened file descriptor

This is fine for locally mounted filesystems, where permissions are
apparently applied only when the file is created. This does not work
over NFS, however, as permissions are checked with every access. And
on my diskless box, /var/spool/lpd is mounted over NFS.

To make lpr work, I have hacked lpr.c to not drop suid privileges
after opening the spool and control files, but I know this is a risky
thing to do with an SUID executable. I realize that lpr will eventually be replaced by 
lprng, but it might be a good idea to check if lprng may have similar 
problems (lprng's lpr may no longer write spool files, but its version
lpd might have similar issues).
Comment 1 Bernhard Rosenkraenzer 2000-08-21 13:51:21 EDT
Having /var NFS mounted without no_root_squash is a bad thing(tm)
in the first place, some applications insist on lock files/pid files
in /var/run etc.
Comment 2 Christopher Wong 2000-08-21 15:10:24 EDT
Additional clarification on bero's comments: this problem occurs on an
NFS-mounted filesystem that is mounted WITH no_root_squash. The lpr problem
comes not from NFS squashing root privileges, but from the client 
surrendering root privileges using seteuid/setegid.
Comment 3 Bill Nottingham 2000-08-22 12:05:32 EDT
This is fixed in a later lpr package.

Note You need to log in before you can comment on or make changes to this bug.