Re: Haven't seen this lp problem before
- From: Tony Lawrence <pcunix@xxxxxxxxx>
- Date: Sat, 16 Aug 2008 06:17:44 -0700 (PDT)
On Aug 15, 6:19 pm, Tony Lawrence <pcu...@xxxxxxxxx> wrote:
On Aug 15, 1:17 pm, Jean-Pierre Radley <j...@xxxxxxx> wrote:
Bill Campbell typed (on Fri, Aug 15, 2008 at 09:45:52AM -0700):
| On Fri, Aug 15, 2008, Tony Lawrence wrote:
| >I'm baffled at the moment.
| >
| >Symptoms are that root can print, other users cannot. That's usually
| >perms , and sure enough, it looked like someone had done a chmod 777
| >where they shouldn't have, but I fixed all that and lp etc all have
| >setuid where they should now.
| >
| >I've run custom for strict database compliance, integrity, and double
| >checked everything I can think of but still get
| >
| >UX:lp: ERROR: Can't establish contact with the LP print service.
| > TO FIX: Either the LP print service has stopped,
| > or all message channels are busy. If the
| > problem continues, get help from your
| > system administrator.
| >
| >
| >It's not rlp either.. don't have "trace" on this box so can't see
| >where it really dies, nothing in logs.. I'm brain stopped right now..
|
| Is /usr/lib/lpsched running?
If it weren't, then root couldn't print either.
--
JP
Correct. And root can print.
Perms all seem fine for /usr/spool/lp and below.. very puzzling..
OK, I turned on auditing for the user I'm testing with.
It is perms, and it is failing to write the FIFO
But.. it should be setgid lp when it doers that, and that shouldn't
fail (FIFO is correct p-w--w-- bin lp )
It's been a long time since I looked at an audit report, but shouldn't
the egid have changed after the exec here??
Process ID: 873 Date/Time: Sat Aug 16 08:33:47 2008
Luid: tonylaw Euid: tonylaw Ruid: tonylaw Egid: group Rgid: group
Supp groups: (*NONE*)
Event type: Map object to subject
System call: Exece
Object: /usr/lpd/local/lp
Result: Successful
.. (library reads deleted)
lp is:
---x--s--x 1 bin lp 2600 Aug 5 10:12 /var/opt/K/SCO/
Unix/5.0.5Eb/usr/bin/lp
Luid: tonylaw Euid: tonylaw Ruid: tonylaw Egid: group Rgid: group
Supp groups: (*NONE*)
Event type: Modify process
System call: Proctl
Pid: 51 Commands: PRNORMEX
Result: Successful
Process ID: 873 Date/Time: Sat Aug 16 08:33:47 2008
Luid: tonylaw Euid: tonylaw Ruid: tonylaw Egid: group Rgid: group
Supp groups: (*NONE*)
Event type: Modify process
System call: Setgid
Result: Successful
Process ID: 873 Date/Time: Sat Aug 16 08:33:47 2008
Luid: tonylaw Euid: tonylaw Ruid: tonylaw Egid: group Rgid: group
Supp groups: (*NONE*)
Event type: Modify process
System call: Setgid
Result: Successful
Process ID: 873 Date/Time: Sat Aug 16 08:33:47 2008
Luid: tonylaw Euid: tonylaw Ruid: tonylaw Egid: group Rgid: group
Supp groups: (*NONE*)
Event type: Make object unavailable
System call: Close
File Access-Read: No Written: No
Object: /usr/spool/lp/SCHEDLOCK
Result: Successful
Process ID: 873 Date/Time: Sat Aug 16 08:33:47 2008
Luid: tonylaw Euid: tonylaw Ruid: tonylaw Egid: group Rgid: group
Supp groups: (*NONE*)
Event type: Access denial
System call: Open Mode: Write
Object: /usr/spool/lp/fifos/FIFO
Result: Failed-EACCES (Permission denied): 13
Security policy: discretionary
drwxrwx--- 4 bin lp 512 Aug 16 08:52 fifos
p-w--w---- 1 root lp 0 Aug 16 08:27 FIFO
So it looks like the setgid is not taking.. but it didn't fail, so
that makes no sense..
Still baffled..
.
- Follow-Ups:
- Re: Haven't seen this lp problem before
- From: Tony Lawrence
- Re: Haven't seen this lp problem before
- References:
- Haven't seen this lp problem before
- From: Tony Lawrence
- Re: Haven't seen this lp problem before
- From: Bill Campbell
- Re: Haven't seen this lp problem before
- From: Jean-Pierre Radley
- Re: Haven't seen this lp problem before
- From: Tony Lawrence
- Haven't seen this lp problem before
- Prev by Date: Re: Password History
- Next by Date: Re: Haven't seen this lp problem before
- Previous by thread: Re: Haven't seen this lp problem before
- Next by thread: Re: Haven't seen this lp problem before
- Index(es):
Relevant Pages
|
