* Run CUPS' external programs in the "lp" group so that they can

access printer devices in /dev.  Also use a "cups" user instead of
  "nobody".

svn path=/nixos/trunk/; revision=23003
This commit is contained in:
Eelco Dolstra 2010-08-06 14:52:09 +00:00
parent 6c8c1f935a
commit ea49707f85
2 changed files with 19 additions and 4 deletions

View File

@ -54,7 +54,8 @@ in
privoxy = 32;
osgi = 34;
sabnzbd = 33;
tor = 35;
tor = 35;
cups = 36;
# When adding a uid, make sure it doesn't match an existing gid.
nixbld = 30000; # start of range of uids

View File

@ -102,11 +102,18 @@ in
config = mkIf config.services.printing.enable {
environment.systemPackages = [cups];
users.extraUsers = singleton
{ name = "cups";
uid = config.ids.uids.cups;
group = "lp";
description = "CUPS printing services";
};
services.dbus.packages = [cups];
environment.systemPackages = [ cups ];
# cups uses libusb to talk to printers, and does not use the
services.dbus.packages = [ cups ];
# Cups uses libusb to talk to printers, and does not use the
# linux kernel driver. If the driver is not in a black list, it
# gets loaded, and then cups cannot access the printers.
boot.blacklistedKernelModules = [ "usblp" ];
@ -167,6 +174,13 @@ in
TempDir ${cfg.tempDir}
# User and group used to run external programs, including
# those that actually send the job to the printer. Note that
# Udev sets the group of printer devices to `lp', so we want
# these programs to run as `lp' as well.
User cups
Group lp
Browsing On
BrowseOrder allow,deny
BrowseAllow @LOCAL