summaryrefslogtreecommitdiff
path: root/usr.sbin/lpr/SMM.doc/2.t
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2002-06-08 01:53:44 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2002-06-08 01:53:44 +0000
commit16c2ffab14daba8ec85369749a7f5da0849d2d55 (patch)
tree913bd4afb3022d2751aea865e7a9a0c6d046fff1 /usr.sbin/lpr/SMM.doc/2.t
parentf1da2a2b8fda92ebc29cd063f882352d44750caf (diff)
Remove setuid root from lp*. lpr needs to be setuid daemon so the
files it creates are not owned by the user spooling them but the others (lpc, lpq, lprm) can get away with setgid daemon. lpd runs as user daemon for most things, only changing its uid to 0 for things that must be done as root. For the time being, don't require connections to come from a reserved port since lpq/lpr/lprm can't acquire that w/o setuid root. In the near future we will have a mechanism for select non-root processes to grab reserved ports. The upshot of this is that spool directories must be writable by group daemon and the files within the spool dirs must be owned by daemon.
Diffstat (limited to 'usr.sbin/lpr/SMM.doc/2.t')
-rw-r--r--usr.sbin/lpr/SMM.doc/2.t6
1 files changed, 3 insertions, 3 deletions
diff --git a/usr.sbin/lpr/SMM.doc/2.t b/usr.sbin/lpr/SMM.doc/2.t
index 9006ed037cf..c093bbc2cec 100644
--- a/usr.sbin/lpr/SMM.doc/2.t
+++ b/usr.sbin/lpr/SMM.doc/2.t
@@ -1,4 +1,4 @@
-.\" $OpenBSD: 2.t,v 1.3 2002/05/18 23:03:04 millert Exp $
+.\" $OpenBSD: 2.t,v 1.4 2002/06/08 01:53:43 millert Exp $
.\"
.\" Copyright (c) 1983, 1993
.\" The Regents of the University of California. All rights reserved.
@@ -51,7 +51,7 @@ database restarting any printers that have jobs.
In normal operation
.I lpd
listens for service requests on multiple sockets,
-one in the UNIX domain (named ``/var/run/printer'') for
+one in the LOCAL domain (named ``/var/run/printer'') for
local requests, and one in the Internet domain
(under the ``printer'' service specification)
for requests for printer access from off machine;
@@ -67,7 +67,7 @@ Clients communicate with
using a simple transaction oriented protocol.
Authentication of remote clients is done based
on the ``privilege port'' scheme employed by
-\fIrshd\fP\|(8C) and \fIrcmd\fP\|(3X).
+\fIrshd\fP\|(8) and \fIrcmd\fP\|(3).
The following table shows the requests
understood by
.IR lpd .