Accepting request 17099 from Printing

Copy from Printing/hplip based on submit request 17099 from user jsmeix

OBS-URL: https://build.opensuse.org/request/show/17099
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/hplip?expand=0&rev=41

change-udev-rules.diff

@@ -1,21 +1,53 @@
---- data/rules/55-hpmud.rules.orig	2009-04-29 22:38:31.000000000 +0200
-+++ data/rules/55-hpmud.rules	2009-05-05 16:08:32.000000000 +0200
-@@ -14,134 +14,136 @@
+--- data/rules/55-hpmud.rules.orig	2009-08-04 23:36:57.000000000 +0200
++++ data/rules/55-hpmud.rules	2009-08-06 12:35:13.000000000 +0200
+@@ -12,136 +12,180 @@
+ #   3. This rules file is an attempt at being compatable with all distros. Feel free to make your own changes and if you feel your
+ #      changes are not distro specific please send your patch to us. 2/11/2009, D Suffield
  #
++# Novell/Suse changed:
++#
++# OWNER="lp" to OWNER="root"
++# because OWNER="lp" is insecure because print job are processed by the user lp
++# so that a malicious print job might be able to change owner and permissions
++# of the device nodes and also a user who is allowed to set up a print queue
++# can set up a special queue with his selfmade driver which changes the
++# owner and permissions for all device nodes where in contrast OWNER="root"
++# is more secure because then only root itself can change owner and permissions.
++#
++# MODE="0660" to MODE="0664"
++# because it is sufficiently secure to let any user read the device nodes
++# because HPLIP opens the device nodes exclusively so that sniffing
++# of print jobs or scanner image data should not be possible and
++# read permissions for any user is required in particular for USB devices
++# so that any user can see the USB devices when he runs the command "lsusb".
++#
++# SYSFS{idVendor} to ATTR{idVendor} and
++# SYSFS{idProduct to ATTR{idProduct}
++# because SYSFS is deprecated and ATTR works for openSUSE.
++#
++# Added ENV{sane_hpaio}="yes" to all entries for USB devices
++# to get the SANE driver "hpaio" automatically activated in any case
++# (only scanners in HP parallel port all-in-one devices are ignored)
++# because not only "AiO products (0x03f0xx11)" can have scanner units
++# but also Photosmart products, inkjet printers, and laser printers
++# (e.g. the LaserJet 1220 03f0:0417 has a scanner unit).
++# An activated SANE driver does not cause continuous system load because
++# it is only run when the user launches a scanning frontend (e.g. xsane)
++# and then all what the driver does is to scan the USB device information
++# to find devices which belong to the driver and if nothing found it exits.
++# Additionally see https://bugzilla.novell.com/show_bug.cgi?id=469721#c9
  
  ACTION!="add", GOTO="hpmud_rules_end"
 -SUBSYSTEM=="ppdev", OWNER="lp", GROUP="lp", MODE="0660"
--SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", GOTO="pid_test"
 +SUBSYSTEM=="ppdev", OWNER="root", GROUP="lp", MODE="0664"
-+SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", GOTO="hpmud_pid_test"
+ SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", GOTO="hplip_pid_test"
  SUBSYSTEM!="usb_device", GOTO="hpmud_rules_end"
  
--LABEL="pid_test"
-+LABEL="hpmud_pid_test"
+ LABEL="hplip_pid_test"
  
  # Check for AiO products (0x03f0xx11).
 -SYSFS{idVendor}=="03f0", SYSFS{idProduct}=="??11", OWNER="lp", GROUP="lp", MODE="660"
-+ATTR{idVendor}=="03f0", ATTR{idProduct}=="??11", OWNER="root", GROUP="lp", MODE="664"
++ATTR{idVendor}=="03f0", ATTR{idProduct}=="??11", OWNER="root", GROUP="lp", MODE="664", ENV{sane_hpaio}="yes"
  
  # Check for Photosmart products without wildcard since cameras and scanners also used (0x03f0xx02). 
  # The xx02 pid has been retired so this explicit list should not change.
@@ -191,10 +223,20 @@
  # Removed the following rule because FHS states that /etc should be reserved for static files only. This
  # functionality should be done in a deb/rpm post install script.  2/11/2009, D Suffield
  #
-+# Re-enabled the following rule because changing /etc/sane.d/dll.conf is just how it works with SANE.
++# Novell/Suse re-enabled it
++# because it is just how it works with SANE regardless what
++# the gods of the FHS may think how it should work.
++# Files in /etc/ are config files which exist there
++# to be adapted as needed during runtime of the system.
++# Adapting /etc/sane.d/dll.conf only during package install time is insufficient
++# because a device may be not connected by the admin during package install time
++# but later during runtime by the system's end-user (e.g. on a company workstation).
++# In contrast e.g. files in /usr/ are not to be changed during
++# runtime of the system (because /usr/ could be mounted read-only).
 +#
  # If sane-bankends is installed add hpaio backend support to dll.conf if needed.
 -# ENV{sane_hpaio}=="yes", RUN+="/bin/sh -c 'grep -q ^#hpaio /etc/sane.d/dll.conf;if [ $$? -eq 0 ];then sed -i -e s/^#hpaio/hpaio/ /etc/sane.d/dll.conf;else grep -q ^hpaio /etc/sane.d/dll.conf;if [ $$? -ne 0 ];then echo hpaio >>/etc/sane.d/dll.conf;fi;fi'"
 +ENV{sane_hpaio}=="yes", RUN+="/bin/sh -c 'grep -q ^#hpaio /etc/sane.d/dll.conf;if [ $$? -eq 0 ];then sed -i -e s/^#hpaio/hpaio/ /etc/sane.d/dll.conf;else grep -q ^hpaio /etc/sane.d/dll.conf;if [ $$? -ne 0 ];then echo hpaio >>/etc/sane.d/dll.conf;fi;fi'"
  
  LABEL="hpmud_rules_end"
++

hplip-3.9.6b.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:27fb7e8ec5fe31dc166a51077ac53b9f96dbda28fcfe1e6163069f461345e30f
-size 13851373

hplip-3.9.8.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e68f9b8e68393e3bbf93ecb2e441278efda9ba502bdeaa3ecb49a380dd79d164
+size 13956971

hplip.SuSEfirewall2

@@ -0,0 +1,18 @@
+## Name: mDNS/Bonjour support for HPLIP
+## Description: Firewall Configuration file for mDNS/Bonjour support for HPLIP
+
+# space separated list of allowed TCP ports
+TCP=""
+
+# space separated list of allowed UDP ports
+UDP="mdns svrloc"
+
+# space separated list of allowed RPC services
+RPC=""
+
+# space separated list of allowed IP protocols
+IP=""
+
+# space separated list of allowed UDP ports for UDP broadcasts
+BROADCAST="mdns svrloc"
+

hplip.changes

@@ -1,3 +1,28 @@
+-------------------------------------------------------------------
+Thu Aug  6 10:48:36 CEST 2009 - jsmeix@suse.de
+
+- The hplip.SuSEfirewall2 source file provides support
+  to open UDP ports 5353(mdns) and 427(svrloc) for mDNS support
+  according to the init-suse-firewall in the tar ball
+  (compare also Novell/Suse Bugzilla bnc#498429).
+- Updated to version 3.9.8:
+  Added mDNS/Bonjour support.
+  Enabled mDNS as the default network search mechanism.
+  Added front-end support for mDNS/Bonjour in setup.
+  Added hpmud support for mDNS.
+  The tar ball provides a init-suse-firewall init script 
+  for mDNS support which is not included in the RPM.
+  Fixed wificonfig associate issue when called from hp-setup.
+  Added 40-hplip.rules to the tar ball for distros with
+  udev ACL support. Use configure option --enable-udev-acl-rules
+  to install 40-hplip.rules instead of 55-hpmud.rules.
+  Fixed Normal Grayscale on DJ8xx and DJ8x5 for HPCUPS.
+  Added -lsane link option for libsane-hpaio in Makefile.
+  Many more supported printers and all-in-one devices.
+  Many bug fixies (no Suse bugs).
+  For details see
+  http://hplipopensource.com/hplip-web/release_notes.html
+
 -------------------------------------------------------------------
 Wed Jul  1 10:28:04 CEST 2009 - jsmeix@suse.de
 

hplip.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package hplip (Version 3.9.6b)
+# spec file for package hplip (Version 3.9.8)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -24,13 +24,13 @@ Summary:        HP's Printing, Scanning, and Faxing Software
 # HPLIP has reached 1.0 status. With this release a date encoded revision number is used:
 # x.y.m : x = major release number, y = year (eg: 6 = 2006), m = month (eg: 6a = second release in June)
 # Official releases have a 3 digit number and release candidates have a 4 digit number: x.y.m.rc
-Version:        3.9.6b
+Version:        3.9.8
 Release:        1
 Group:          Hardware/Printing
 License:        BSD 3-clause (or similar) ; GPL v2 or later ; MIT License (or similar)
 Url:            http://hplipopensource.com
 # Source0...Source9 is for sources from HP:
-# URL for Source0: http://surfnet.dl.sourceforge.net/sourceforge/hplip/hplip-3.9.6b.tar.gz
+# URL for Source0: http://surfnet.dl.sourceforge.net/sourceforge/hplip/hplip-3.9.8.tar.gz
 Source0:        %{name}-%{version}.tar.bz2
 # Patch0...Patch9 is for patches from HP:
 # Patch10...Patch99 is for Suse patches for the sources from HP:
@@ -50,6 +50,11 @@ Source102:      hpijs.1.gz
 # Source104 is a script which outputs a global HAL fdi file
 # for all HP USB devices which belong to HPLIP:
 Source104:      create_hal_global_fdi_from_hpmud_rules
+# Source105 hplip.SuSEfirewall2 provides support
+# to open UDP ports 5353(mdns) and 427(svrloc) for mDNS support
+# according to the init-suse-firewall in the tar ball
+# (compare also Novell/Suse Bugzilla bnc#498429):
+Source105:      hplip.SuSEfirewall2
 # Patch100... is for special Suse patches:
 # Patch101 changes in the udev rules file the mode from "0666" to "0664"
 # and for parallel port devices the owner from "lp" to "root" to avoid
@@ -361,6 +366,10 @@ rm %{buildroot}%{_datadir}/applications/%{name}*.desktop
 # Install the man page for /usr/bin/hpijs:
 install -d %{buildroot}%{_mandir}/man1
 install -m 644 %{SOURCE102} %{buildroot}%{_mandir}/man1/
+# Source105 hplip.SuSEfirewall2 provides support
+# to open UDP ports 5353(mdns) and 427(svrloc) for mDNS support:
+install -d %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/
+install -m 644 %{SOURCE105} %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/hplip
 # Find duplicate files:
 %fdupes -s %{buildroot}
 
@@ -429,6 +438,7 @@ exit 0
 %dir %{_sysconfdir}/udev/rules.d
 %config %{_sysconfdir}/udev/rules.d/55-hpmud.rules
 %config %{_sysconfdir}/udev/rules.d/56-hpmud_support.rules
+%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/hplip
 %dir %{_datadir}/hal
 %dir %{_datadir}/hal/fdi
 %dir %{_datadir}/hal/fdi/information