John Perkins wrote: > > > Thanks for your reply, in effect after the restart the HP LaserJet 8000, we can >print again, but in the status we got these lines ... > > > > ric2: Check_for_missing files: ric2: no permission to print at >2002-03-27-15:01:30.905 ## A=<NULL> number=0 process=245 > > Without seeing your printcap, I don't think anyone is going to be able to help > you. Forward on your lpd.perms, too, for good measure. > > Also, you should check in the spool directory on ric2 and see if there are > remnants of any old jobs that have been processed (cf*, df* and hf* > files)...it would be best to clear those out before restarting lpd. Make sure > the lpd user is able to write to the spool directories. > > -- After your email, i've stopped lpd, erased all files in the spool area and then restarted the lpd... istantly the message appear....
R-pianeta<4721>#more status.pr ric2: Check_for_missing files: ric2: no permission to print at 2002-03-27-18:11:24.488 ## A=<NULL> number=0 process=16048 ric2: Check_for_missing files: ric2: no permission to print at 2002-03-27-18:12:25.004 ## A=<NULL> number=0 process=16085 ric2: Check_for_missing files: ric2: no permission to print at 2002-03-27-18:13:25.471 ## A=<NULL> number=0 process=16237 note that checkpc -f return no errors at all, and i've checked that lp user can write in the spool area as stated below: drwx------ 2 lp lp 512 Mar 27 18:15 ric2 -rw------- 1 lp lp 0 Mar 5 11:56 ric2.errs This is a very mistery for me, because anyone has changed anything in LPRng from 14 days, but the error appear 3 days ago... very strange, or i'm in a big big mistake .... :-) Thanks. Ps. now i'll go in holiday for the Easter, but i'm not alone in my office, so if you find something, post it ! -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603
# lpd.conf # VERSION=3.8.8 # lpd.conf generated from on Fri Mar 1 17:52:15 MET 2002 # The values in this file are the default values. # If you modify the file, set the value to something other than the default # For example, # # default force_localhost # means the 'force_localhost' option default value is on or 1 # To set it to OFF or 0, change this to read: # force_localhost@ # Purpose: always print banner, ignore lpr -h option # default ab@ (FLAG off) # Purpose: query accounting server when connected # default achk@ (FLAG off) # Purpose: accounting at end (see also af, la, ar, as) # default ae=jobend $H $n $P $k $b $t $'C $'J $'M (STRING) # Purpose: name of accounting file (see also la, ar) # default af=acct (STRING) # Purpose: automatically hold all jobs # default ah@ (FLAG off) # Purpose: Allow use of LPD_CONF environment variable # default allow_getenv@ (FLAG off) # Purpose: allow users to request logging info using lpr -mhost%port # default allow_user_logging@ (FLAG off) # Purpose: allow these users or UIDs to set owner of job. For Samba front ending # default allow_user_setting= (STRING) # Purpose: append these -Z options to end of options list on outgoing or filters # default append_z= (STRING) # Purpose: write remote transfer accounting (if af is set) # default ar (FLAG on) # Purpose: host architecture # default architecture=sparc (STRING) # Purpose: accounting at start (see also af, la, ar) # default as=jobstart $H $n $P $k $b $t $'C $'J $'M (STRING) # Purpose: authentication type for client to server # default auth= (STRING) # Purpose: client to server authentication filter # default auth_forward= (STRING) # Purpose: end banner printing program overides bp # default be= (STRING) # Purpose: Berkeley LPD: job file strictly RFC-compliant # default bk@ (FLAG off) # Purpose: Berkeley LPD filter options # default bk_filter_options=$P $w $l $x $y $F $c $L $i $J $C $0n $0h $-a (STRING) # Purpose: Berkeley LPD OF filter options # default bk_of_filter_options=$w $l $x $y (STRING) # Purpose: backwards-compatible filters: use simple paramters # default bkf@ (FLAG off) # Purpose: short banner line sent to banner printer # default bl=$-C:$-n Job: $-J Date: $-t (STRING) # Purpose: banner printing program (see bs, be) # default bp= (STRING) # Purpose: format for bounce queue output # default bq_format=f (STRING) # Purpose: if lp is a tty, set the baud rate (see ty) # default br=0 (INTEGER) # Purpose: do not set priority from class name # default break_classname_priority_link@ (FLAG off) # Purpose: banner printing program overrides bp # default bs= (STRING) # Purpose: check for nonprintable file # default check_for_nonprintable@ (FLAG off) # Purpose: check for RFC1179 protocol violations # default check_for_protocol_violations@ (FLAG off) # Purpose: filter selects the destination for a load balance queue # default chooser= (STRING) # Purpose: interval between checks for available destination for load balance queue # default chooser_interval=10 (INTEGER) # Purpose: user provided routine selects the destination for a load balance queue # default chooser_routine@ (FLAG off) # Purpose: show classname in status display # default class_in_status@ (FLAG off) # Purpose: client flag set in printcap entry # default client@ (FLAG off) # Purpose: comment identifying printer (LPQ) # default cm= (STRING) # Purpose: configuration file default config_file= /opt/LPRng/etc/lpd.conf # Purpose: minimum interval between connections and jobs # default connect_grace=0 (INTEGER) # Purpose: interval between connection or open attempts # default connect_interval=10 (INTEGER) # Purpose: connection timeout for remote printers # default connect_timeout=10 (INTEGER) # Purpose: control file line order # default control_file_line_order= (STRING) # Purpose: control file filter # default control_filter= (STRING) # Purpose: create files in spool directory # default create_files@ (FLAG off) # Purpose: debug level set for queue handler # default db= (STRING) # Purpose: default job format # default default_format=f (STRING) # Purpose: default permission for files default_permission=ACCEPT # Purpose: default printer # default default_printer=missingprinter (STRING) # Purpose: default job priority # default default_priority=A (STRING) # Purpose: default remote host # default default_remote_host=localhost (STRING) # Purpose: default temp directory for temp files # default default_tmp_dir=/tmp (STRING) # Purpose: printers that we should query for status information # default destinations= (STRING) # Purpose: allow LPR to make direct socket connection to printer # default direct@ (FLAG off) # Purpose: keep the last NN done jobs for status purposes done_jobs= 0 # Purpose: keep done jobs for at most max age seconds done_jobs_max_age= 0 # Purpose: drop root permissions after binding to listening port # default drop_root@ (FLAG off) # Purpose: exit linger timeout to wait for socket to close # default exit_linger_timeout=600 (INTEGER) # Purpose: use this size (in Kbytes) when sending 'unknown' size files to a spooler # default fakelargefile=0 (INTEGER) # Purpose: string to send for a form feed # default ff=\\f (STRING) # Purpose: default filter # default filter= (STRING) # Purpose: filter LD_LIBRARY_PATH value # default filter_ld_path= /lib:/usr/lib:/usr/local/lib (STRING) # Purpose: filter options # default filter_options=$A $B $C $D $E $F $G $H $I $J $K $L $M $N $O $P $Q $R $S $T $U $V $W $X $Y $Z $a $b $c $d $e $f $g $h $i $j $k $l $m $n $o $p $q $r $s $t $u $v $w $x $y $z $-a (STRING) # Purpose: filter PATH environment variable # default filter_path= /bin:/usr/bin:/usr/local/bin (STRING) # Purpose: interval at which to check OF filter for error status # default filter_poll_interval=30 (INTEGER) # Purpose: write filter errors to the :ps=status file if there is one # default filter_stderr_to_status_file@ (FLAG off) # Purpose: print a form feed when device is opened # default fo@ (FLAG off) # Purpose: force FQDN HOST value in control file # default force_fqdn_hostname@ (FLAG off) # Purpose: force IPADDR of Originating host for host value in control file # default force_ipaddr_hostname@ (FLAG off) # Purpose: force clients to send all requests to localhost # default force_localhost (FLAG on) # Purpose: force lpq status format for specified hostnames # default force_lpq_status= (STRING) # Purpose: force use of this queuename if none provided # default force_queuename= (STRING) # Purpose: print a form feed when device is closed # default fq@ (FLAG off) # Purpose: full or complete time format # default full_time@ (FLAG off) # Purpose: valid output filter formats # default fx= (STRING) # Purpose: generate a banner when forwarding job # default generate_banner@ (FLAG off) # Purpose: group to run SUID ROOT programs group=lp # Purpose: do a 'half close' on socket when sending job to remote printer # default half_close (FLAG on) # Purpose: print banner after job instead of before # default hl@ (FLAG off) # Purpose: filter command, run on a per-file basis # default if= (STRING) # Purpose: ignore requested user priority # default ignore_requested_user_priority@ (FLAG off) # Purpose: incoming job control file filter # default incoming_control_filter= (STRING) # Purpose: Running IPV6 # default ipv6@ (FLAG off) # Purpose: TCP keepalive enabled # default keepalive (FLAG on) # Purpose: remote server principal for server to server forwarding # default kerberos_forward_principal= (STRING) # Purpose: keytab file location for kerberos, used by server # default kerberos_keytab=/etc/lpd.keytab (STRING) # Purpose: key lifetime for kerberos, used by server # default kerberos_life= (STRING) # Purpose: key renewal time for kerberos, used by server # default kerberos_renew= (STRING) # Purpose: remote server principle, overides default # default kerberos_server_principal= (STRING) # Purpose: default service # default kerberos_service=lpr (STRING) # Purpose: write local printer accounting (if af is set) # default la (FLAG on) # Purpose: leader string printed on printer open # default ld= (STRING) # Purpose: error log file (servers, filters and prefilters) lf=/var/spool/lpd/lpd.log.%h # Purpose: lock the IO device # default lk@ (FLAG off) # Purpose: lpd lock file lockfile= /var/spool/lpd/lpd.lock # Purpose: where to send status information for logging # default logger_destination= (STRING) # Purpose: maximum size in K of logger file # default logger_max_size=0 (INTEGER) # Purpose: path of file to hold logger information # default logger_path= (STRING) # Purpose: timeout between connection attempts to remote logger # default logger_timeout=0 (INTEGER) # Purpose: use long job number (0 - 999999) when a job is submitted # default longnumber@ (FLAG off) # Purpose: device name or lp-pipe command to send output to # default lp= (STRING) # Purpose: force lpd to filter jobs (bounce) before sending to remote queue # default lpd_bounce@ (FLAG off) # Purpose: force a poll operation # default lpd_force_poll@ (FLAG off) # Purpose: lpd pathname for server use # default lpd_path= (STRING) # Purpose: interval in secs between starting up all servers # default lpd_poll_time=600 (INTEGER) # Purpose: lpd port # default lpd_port=515 (STRING) # Purpose: lpd printcap path lpd_printcap_path= /opt/LPRng/etc/printcap # Purpose: maximum number of lpq status queries kept in cache lpq_status_cached=1 # Purpose: cached lpq status file # default lpq_status_file=lpq (STRING) # Purpose: minimum interval between updates # default lpq_status_interval=2 (INTEGER) # Purpose: cached lpq status timeout - refresh after this time # default lpq_status_stale=3600 (INTEGER) # Purpose: Additional options for LPR # default lpr= (STRING) # Purpose: lpr will run job through filters and send single file # default lpr_bounce@ (FLAG off) # Purpose: BSD LPR -m flag, does not require mail address # default lpr_bsd@ (FLAG off) # Purpose: from address to use in mail messages mail_from=PrintService # Purpose: mail to this operator on error # default mail_operator_on_error= (STRING) # Purpose: maximum accounting file size in Kbytes # default max_accounting_file_size=1000 (INTEGER) # Purpose: maximum interval between connection attempts # default max_connect_interval=60 (INTEGER) # Purpose: maximum number of datafiles # default max_datafiles=52 (INTEGER) # Purpose: maximum log file size in Kbytes # default max_log_file_size=1000 (INTEGER) # Purpose: maximum number of servers that can be active # default max_servers_active=0 (INTEGER) # Purpose: maximum length of status line max_status_line=79 # Purpose: maximum size (in K) of status file max_status_size=10 # Purpose: maximum copies allowed mc=10 # Purpose: minimum accounting file size in Kbytes # default min_accounting_file_size=0 (INTEGER) # Purpose: minimum log file size in Kbytes # default min_log_file_size=0 (INTEGER) # Purpose: minimum status file size in Kbytes # default min_status_size=0 (INTEGER) # Purpose: minimum amount of free space needed in K bytes # default minfree=0 (INTEGER) # Purpose: minimum number of printable characters for printable check # default ml=0 (INTEGER) # Purpose: millisecond time resolution # default ms_time_resolution (FLAG on) # Purpose: maximum job size (1Kb blocks, 0 = unlimited) # default mx=0 (INTEGER) # Purpose: use nonblocking open # default nb@ (FLAG off) # Purpose: connection control for remote network printers # default network_connect_grace=0 (INTEGER) # Purpose: N line after cfA000... line in control file # default nline_after_file@ (FLAG off) # Purpose: output filter, run once for all output # default of= (STRING) # Purpose: OF filter options # default of_filter_options= (STRING) # Purpose: use user supplied queue order routine # default order_routine@ (FLAG off) # Purpose: orginate connections from these ports # default originate_port=512 1023 (STRING) # Purpose: pass these environment variables to filters (clients and lpd) # default pass_env=PGPPASS,PGPPATH,PGPPASSFD,LANG,LC_CTYPE,LC_NUMERIC,LC_TIME,LC_COLLATE,LC_MONETARY,LC_MESSAGES,LC_PAPER,LC_NAME,LC_ADDRESS,LC_TELEPHONE,LC_MEASUREMENT,LC_IDENTIFICATION,LC_ALL (STRING) # Purpose: lpd.perms files perms_path= /opt/LPRng/etc/lpd.perms # Purpose: page length (in lines) # default pl=66 (INTEGER) # Purpose: pr program for p format # default pr=/bin/pr (STRING) # Purpose: prefix control file line to line, "Z O" -> Z to O, "OS Z" does O and S to Z # default prefix_option_to_option= (STRING) # Purpose: prefix these -Z options to start of options list on outgoing or filters # default prefix_z= (STRING) # Purpose: /etc/printcap files # default printcap_path= /opt/LPRng/etc/printcap (STRING) # Purpose: printer status file name # default ps=status (STRING) # Purpose: page width (in characters) # default pw=80 (INTEGER) # Purpose: page width in pixels (horizontal) # default px=0 (INTEGER) # Purpose: page length in pixels (vertical) # default py=0 (INTEGER) # Purpose: put queue name in control file # default qq (FLAG on) # Purpose: print queue control file name # default queue_control_file=control.pr (STRING) # Purpose: print queue lock file name # default queue_lock_file=lock.pr (STRING) # Purpose: print queue status file name # default queue_status_file=status.pr (STRING) # Purpose: print queue unspooler pid file name # default queue_unspooler_file=unspooler.pr (STRING) # Purpose: operations allowed to remote host # default remote_support=RMQVC (STRING) # Purpose: remove these -Z options from options list on outgoing or filters # default remove_z= (STRING) # Purpose: report server as this value for LPQ status # default report_server_as= (STRING) # Purpose: client requires lpd.conf, printcap # default require_configfiles (FLAG on) # Purpose: require default queue to be explicitly set # default require_explicit_q@ (FLAG off) # Purpose: retry on ECONNREFUSED error # default retry_econnrefused (FLAG on) # Purpose: retry making connection even when link is down # default retry_nolink (FLAG on) # Purpose: return short status when specified remotehost return_short_status=*.di.unito.it,130.192.239.0 # Purpose: set SO_REUSEADDR on outgoing ports # default reuse_addr@ (FLAG off) # Purpose: reverse LPQ status format when specified remotehost reverse_lpq_status=*.di.unito.it,130.192.239.0 # Purpose: reverse priority order, z-aZ-A, i.e.- A is highest, z is lowest # default reverse_priority_order@ (FLAG off) # Purpose: restrict queue use to members of specified user groups # default rg= (STRING) # Purpose: remote-queue machine (hostname) (with rp) # default rm= (STRING) # Purpose: routing filter, returns destinations # default router= (STRING) # Purpose: remote-queue printer name (with rp) # default rp= (STRING) # Purpose: open the printer for reading and writing # default rw@ (FLAG off) # Purpose: additional safe characters to use in control files # default safe_chars= (STRING) # Purpose: save job when an error # default save_on_error@ (FLAG off) # Purpose: save job when done # default save_when_done@ (FLAG off) # Purpose: short banner (one line only) # default sb@ (FLAG off) # Purpose: spool directory (only ONE printer per directory!) # default sd= (STRING) # Purpose: send block of data, rather than individual files # default send_block_format@ (FLAG off) # Purpose: send data files first, then control file # default send_data_first@ (FLAG off) # Purpose: failure action to take after send_try attempts failed # default send_failure_action=remove (STRING) # Purpose: timeout for read/write lpr IO operatons # default send_job_rw_timeout=6000 (INTEGER) # Purpose: timeout for read/write status or control operatons # default send_query_rw_timeout=30 (INTEGER) # Purpose: numbers of times to try sending job - 0 is infinite # default send_try=3 (INTEGER) # Purpose: sendmail program sendmail=/usr/lib/sendmail -oi -t # Purpose: allow mail to user using the sendmail program sendmail_to_user # Purpose: server flag set in printcap entry # default server@ (FLAG off) # Purpose: server temporary file directory server_tmp_dir=/tmp # Purpose: no form feed separator between job files # default sf (FLAG on) # Purpose: suppress headers and/or banner page # default sh@ (FLAG off) # Purpose: SHELL enviornment variable value for filters # default shell=/bin/sh (STRING) # Purpose: short status length in lines # default short_status_length=3 (INTEGER) # Purpose: set the SO_LINGER socket option # default socket_linger=10 (INTEGER) # Purpose: spool directory permissions # default spool_dir_perms=000700 (INTEGER) # Purpose: spool file permissions # default spool_file_perms=000600 (INTEGER) # Purpose: name of queue that server serves (with sv) # default ss= (STRING) # Purpose: stalled job timeout # default stalled_time=120 (INTEGER) # Purpose: stop processing queue on filter abort # default stop_on_abort@ (FLAG off) # Purpose: stty commands to set output line characteristics # default stty= (STRING) # Purpose: suspend the OF filter rather than suspending # default suspend_of_filter (FLAG on) # Purpose: names of servers for queue (with ss) # default sv= (STRING) # Purpose: name of syslog device # default syslog_device=/dev/console (STRING) # Purpose: trailer string to print when queue empties # default tr= (STRING) # Purpose: translate outgoing job file formats - similar to tr(1) utility # default translate_format= (STRING) # Purpose: translate incoming job file formats - similar to tr(1) utility # default translate_incoming_format= (STRING) # Purpose: use UNIX socket for localhost connections OFF # unix_socket@ # Purpose: path for UNIX socket for localhost connections unix_socket_path= off # Purpose: read and cache information # default use_info_cache (FLAG on) # Purpose: put queue name in control file # default use_shorthost@ (FLAG off) # Purpose: server user for SUID purposes user= lp # default /* allow users to use local $HOME/.printcap */@ (FLAG off) # default user_printcap=.printcap (STRING)
########################################################################### # Printer permissions data base ## # ## ## VERSION=3.8.8 ## ## Access control to the LPRng facilities is controlled by entries ## in a set of lpd.perms files. The common location for these files ## are: /etc/lpd.perms, /usr/etc/lpd.perms, and /var/spool/lpd/lpd.perms. ## The locations of these files are set by the perms_path entry ## in the lpd.conf file or by compile time defaults in the ## src/common/defaults.c file. ## ## Each time the lpd server is given a user request or carries out an ## operation, it searches to the perms files to determine if the action ## is ACCEPT or REJECT. The first ACCEPT or REJECT found terminates the search. ## If none is found, then the last DEFAULT action is used. ## ## Permissions are checked by the use of 'keys' and matches. For each of ## the following LPR activities, the following keys have a value. ## ## Key Match Connect Job Job LPQ LPRM LPC ## Spool Print ## SERVICE S 'X' 'R' 'P' 'Q' 'M' 'C' ## USER S - JUSR JUSR JUSR JUSR JUSR ## HOST S RH JH JH JH JH JH ## GROUP S - JUSR JUSR JUSR JUSR JUSR ## IP IP RIP JIP JIP RIP JIP JIP ## PORT N PORT PORT - PORT PORT PORT ## REMOTEUSER S - JUSR JUSR JUSR CUSR CUSR ## REMOTEHOST S RH RH JH RH RH RH ## REMOTEGROUP S - JUSR JUSR JUSR CUSR CUSR ## REMOTEIP IP RIP RIP JIP RIP RIP RIP ## CONTROLLINE S - CL CL CL CL CL ## PRINTER S - PR PR PR PR PR ## FORWARD V - SA - - SA SA ## SAMEHOST V - SA - SA SA SA ## SAMEUSER V - - - SU SU SU ## SERVER V - SV - SV SV SV ## LPC S - - - - - LPC ## AUTH V - AU AU AU AU AU ## AUTHTYPE S - AU AU AU AU AU ## AUTHUSER S - AU AU AU AU AU ## AUTHFROM S - AU AU AU AU AU ## AUTHSAMEUSER S - AU AU AU AU AU ## ## KEY: ## JH = HOST host in control file ## RH = REMOTEHOST connecting host name ## JUSR = USER user in control file ## CUSR = REMOTEUSER user from control request ## JIP= IP IP address of host in control file ## RIP= REMOTEIP IP address of requesting host ## PORT= connecting host origination port ## CONTROLLINE= pattern match of control line in control file ## FW= IP of source of request = IP of host in control file ## SA= IP of source of request = IP of host in control file ## SU= user from request = user in control file ## SA= IP of source of request = IP of host in control file FROM info ## SV= IP of source of request = IP of server host or server Localhost ## LPC= lpc command globmatched against values ## AU= Authorization check on transfer ## AUTH will be true (match) if authenticated request ## AUTHTYPE will match authentication type of request to pattern ## AUTHUSER will match client authentication id to pattern ## AUTHFROM will match request originator authentication id to pattern ## AUTHSAMEUSER will match requestor authentication id ## to authentication id in job ## ## Match: S = globmatch, IP = IPaddress[/netmask], ## N = low[-high] number range, V= matching or compatible values ## SERVICE: 'X' - Connection request; 'R' - lpr request from remote host; ## 'P' - print job in queue; 'Q' - lpq request, 'M' - lprm request; ## 'C' - lpc spool control request; ## NOTE: when printing (P action), the remote and job check values ## (i.e. - RUSR, JUSR) are identical. ## NOTE: the HOST, USER, SAMEUSER and SAMEHOST checks always succeed ## when checking permissions for a spool queue; they are active only when ## checking permissions of a spooled job. ## ## The SAMEHOST match checks to see that one (or more) of the ## IP addresses of the host originating the request are the ## same as one or more of the IP addresses of the host whose ## hostname appears in the control file. ## The SERVER match checks to see if one (or more) of the ## IP addresses of the host originating the request are the ## same as one or more of the IP addresses of the server or ## match the localhost's IP address. Note that in IPV6, there may ## be multiple IP addresses for a single host. ## The FORWARD checks to see that all of the IP addresses of the ## IP addresses of the host originating the request are not the ## same as one or more of the IP addresses of the host whose ## hostname appears in the control file. This is equivalent to ## NOT SAMEHOST ## ## The special key letter=patterns searches the control file ## line starting with the (upper case) letter, and is usually ## used with printing and spooling checks. For example, ## C=A*,B* would check that the class information (i.e.- line ## in the control file starting with C) had a value starting ## with A or B. ## ## A permission line consists of list of tests and an a result value ## If all of the tests succeed, then a match has been found and the ## permission testing completes with the result value. You use the ## DEFAULT reserved word to set the default ACCEPT/DENY result. ## The NOT keyword will reverse the sense of a test. ## ## Each test can have one or more optional values separated by ## commas. For example USER=john,paul,mark has 3 test values. ## ## The Match type specifies how the matching is done. ## S = glob type string match OR </path ## Format: string with wildcards (*) and ranges ## * matches 0 or more chars ## [a-d] matches a or b or c or d ## Character comparison is case insensitive. ## For example - USER=th*s matches uTHS, This, This, Theses ## USER=[d-f]x matches dx, ex, fx ## If the match is </path then the specified file is ## opened and read, and the file contents are treated like ## S type entries separated by whitespace ## ## ## IP = IP address and submask. IP address must be in dotted form. ## OR </path ## Format: x.x.x.x[/y.y.y.y] x.x.x.x is IP address ## y.y.y.y is optional submask, default is 255.255.255.255 ## Match is done by converting to 32 bit x, y, and IP value and using: ## success = ((x ^ IP ) & y) == 0 (C language notation) ## i.e.- only bits where mask is non-zero are used in comparison. ## For example - REMOTEIP=130.191.0.0/255.255.0.0 matches all address 130.191.X.X ## If the match is </path then the specified file is ## opened and read, and the file contents are treated like ## S type entries separated by whitespace ## ## N = numerical range - low-high integer range. ## Format: low[-high] ## Example: PORT=0-1023 matches a port in range 0 - 1023 (privileged) ## ## The SAMEUSER and SAMEHOST are options that form values from information ## in control files or connections. The GROUP entry searches the user group ## database for group names matching the pattern, and then searches these ## for the user name. If the name is found, the search is successful. ## The SERVER entry is successful if the request originated from the current ## lpd server host. ## ## Note carefully that the USER, HOST, and IP values are based on values found ## in the control file currently being checked for permissions. The ## REMOTEUSER, REMOTEHOST, and REMOTEIP are based on values supplied as part ## of a connection to the LPD server, or on the actual TCP/IP connection. ## ## The LPC entry matches an LPC command. For example LPC=topq would match ## when an lpc topq command is being executed. You must still have the ## SERVICE=C entry to trigger this action. ## ## Note: the SERVICE=R and SERVICE=P both check the LPR actions ## of sending a job. However, SERVICE=R does it when the job is being ## sent to the LPD server. Some LPD (and LPR) implementations cannot ## handle a job being rejected due to lack of permissions, and sit in ## an endless loop trying to resend the job. This is the reason for ## the SERVICE=P check. You can accept the job for printing, and then ## have the SERVICE=P check remove the job. ## ## NOTE: if you do not have an explicit ACCEPT SERVICE=P or ## DEFAULT ACCEPT action then your print jobs will be accepted ## and then quietly discarded. ## ## Example Permissions ## ## You can make sure that connections come from a privileged port. ## Default is to allow them from any port so that non-setuid programs # can do printing. # Totally RFC1179 #REJECT SERVICE=X NOT PORT=1-1023 #REJECT SERVICE=X NOT PORT=1-1023 # Privileged #REJECT SERVICE=X NOT PORT=721-731 # # Check IP on connect # # allow our 239 LAN ACCEPT SERVICE=X REMOTEIP=130.192.239.0/255.255.255.0 # allow our server (maybe localhost ?) ACCEPT SERVICE=X SERVER # reject all others REJECT SERVICE=X # # allow root on server to control jobs ACCEPT SERVICE=C SERVER REMOTEUSER=root # allow anybody to get server, status, and printcap ACCEPT SERVICE=C LPC=lpd,status,printcap # reject all others REJECT SERVICE=C # # allow same user on originating host to remove a job ACCEPT SERVICE=M SAMEUSER # allow root on server to remove a job ACCEPT SERVICE=M SERVER SAMEUSER ACCEPT SERVICE=M SERVER REMOTEUSER=root REJECT SERVICE=M # # Only root on server can print ... # ACCEPT SERVICE=R SERVER USER=root # reject all others if root REJECT SERVICE=R USER=root # all other operations allowed DEFAULT ACCEPT
# /etc/printcap # # This printer configuration file was created with lprngtool v.1.2.2 # Any changes made here manually may be lost if lprngtool # is run later on. # # It is NOT advisable to modify this file by hand. To add, modify, or # remove printers, please use 'lprngtool' to avoid corruption. ##LPRNGTOOL## SOCKET ascii_to_ps=NO color= color_choice=Default crlf_trans= desired_to= eof= extra_gs_options= extra_pager_options= filtertype=IFHP gsdevice= ifhp_options=status nup=1 pager= papersize= printerdb_entry=hp5simx ps_send_eof=NO resolution= reverse_order= rtlft_margin=18 sendeof=NO texteof=NO topbot_margin=18 ric1 :cm=HP LaserJet 5Si/MX PS (ex jet) :db=network+3,print+1,receive+1 :filter=/opt/LPRng/libexec/filters/ifhp :ifhp=model=hp5simx,status :lp=jet%9100 :lprngtooloptions=ASCII_TO_PS="NO" COLOR="" COLOR_CHOICE="Default" CRLF_TRANS="" :DESIRED_TO="" EOF="" EXTRA_GS_OPTIONS="" EXTRA_PAGER_OPTIONS="" FILTERTYPE="IFHP" :GSDEVICE="" IFHP_OPTIONS="status" NUP="1" PAGER="" PAPERSIZE="" :PRINTERDB_ENTRY="hp5simx" PS_SEND_EOF="NO" RESOLUTION="" REVERSE_ORDER="" :RTLFT_MARGIN="18" SENDEOF="NO" TEXTEOF="NO" TOPBOT_MARGIN="18" :mx=0 :prefix_z=600,a4,duplex,portrait :sd=/var/spool/lpd/%P :sh ##LPRNGTOOL## SOCKET ascii_to_ps=NO color= color_choice=Default crlf_trans= desired_to= eof= extra_gs_options= extra_pager_options= filtertype=IFHP gsdevice= ifhp_options=status nup=1 pager= papersize= printerdb_entry=hp5simx ps_send_eof=NO resolution= reverse_order= rtlft_margin=18 sendeof=NO texteof=NO topbot_margin=18 dida1 :cm=HP LaserJet 5Si/MX PS (ex jet) :db=network+3,print+1,receive+1 :filter=/opt/LPRng/libexec/filters/ifhp :ifhp=model=hp5simx,status :lp=jet%9100 :lprngtooloptions=ASCII_TO_PS="NO" COLOR="" COLOR_CHOICE="Default" CRLF_TRANS="" :DESIRED_TO="" EOF="" EXTRA_GS_OPTIONS="" EXTRA_PAGER_OPTIONS="" FILTERTYPE="IFHP" :GSDEVICE="" IFHP_OPTIONS="status" NUP="1" PAGER="" PAPERSIZE="" :PRINTERDB_ENTRY="hp5simx" PS_SEND_EOF="NO" RESOLUTION="" REVERSE_ORDER="" :RTLFT_MARGIN="18" SENDEOF="NO" TEXTEOF="NO" TOPBOT_MARGIN="18" :mx=0 :prefix_z=600,a4,duplex,portrait :sd=/var/spool/lpd/%P :sh ##LPRNGTOOL## SOCKET ascii_to_ps=NO color= color_choice=Default crlf_trans= desired_to= eof= extra_gs_options= extra_pager_options= filtertype=IFHP gsdevice= ifhp_options=status nup=1 pager= papersize= printerdb_entry=hp8000 ps_send_eof=NO resolution= reverse_order= rtlft_margin=18 sendeof=NO texteof=NO topbot_margin=18 ric2 :cm=HP LaserJet 8000DN (ex jet2) :filter=/opt/LPRng/libexec/filters/ifhp :ifhp=model=hp8000,status :lp=jet2%9100 :lprngtooloptions=ASCII_TO_PS="NO" COLOR="" COLOR_CHOICE="Default" CRLF_TRANS="" :DESIRED_TO="" EOF="" EXTRA_GS_OPTIONS="" EXTRA_PAGER_OPTIONS="" FILTERTYPE="IFHP" :GSDEVICE="" IFHP_OPTIONS="status" NUP="1" PAGER="" PAPERSIZE="" :PRINTERDB_ENTRY="hp8000" PS_SEND_EOF="NO" RESOLUTION="" REVERSE_ORDER="" :RTLFT_MARGIN="18" SENDEOF="NO" TEXTEOF="NO" TOPBOT_MARGIN="18" :mx=0 :prefix_z=600,a4,duplex,portrait :sd=/var/spool/lpd/%P :sh ##LPRNGTOOL## SOCKET ascii_to_ps=NO color= color_choice=Default crlf_trans= desired_to= eof= extra_gs_options= extra_pager_options= filtertype=IFHP gsdevice= ifhp_options=status nup=1 pager= papersize= printerdb_entry=hp8000 ps_send_eof=NO resolution= reverse_order= rtlft_margin=18 sendeof=NO texteof=NO topbot_margin=18 dida2 :cm=HP LaserJet 8000DN (ex jet2) :filter=/opt/LPRng/libexec/filters/ifhp :ifhp=model=hp8000,status :lp=jet2%9100 :lprngtooloptions=ASCII_TO_PS="NO" COLOR="" COLOR_CHOICE="Default" CRLF_TRANS="" :DESIRED_TO="" EOF="" EXTRA_GS_OPTIONS="" EXTRA_PAGER_OPTIONS="" FILTERTYPE="IFHP" :GSDEVICE="" IFHP_OPTIONS="status" NUP="1" PAGER="" PAPERSIZE="" :PRINTERDB_ENTRY="hp8000" PS_SEND_EOF="NO" RESOLUTION="" REVERSE_ORDER="" :RTLFT_MARGIN="18" SENDEOF="NO" TEXTEOF="NO" TOPBOT_MARGIN="18" :mx=0 :prefix_z=600,a4,duplex,portrait :sd=/var/spool/lpd/%P :sh ##LPRNGTOOL## QUEUE ascii_to_ps=NO color= color_choice=Default crlf_trans= desired_to= eof= extra_gs_options= extra_pager_options= filtertype=IFHP gsdevice= ifhp_options=status@,sync@,pagecount@,waitend@ nup=1 pager= papersize= printerdb_entry=apple ps_send_eof=NO resolution= reverse_order= rtlft_margin=18 sendeof=NO texteof=NO topbot_margin=18 ric3 :server :cm=Apple LaserWriter 12/640 :filter=/opt/LPRng/libexec/filters/ifhp :ifhp=model=apple,status=ps,sync=ps,pagecount=ps,waitend=ps :lp=raw@laserdip :lprngtooloptions=ASCII_TO_PS="NO" COLOR="" COLOR_CHOICE="Default" CRLF_TRANS="" :DESIRED_TO="" EOF="" EXTRA_GS_OPTIONS="" EXTRA_PAGER_OPTIONS="" FILTERTYPE="IFHP" :GSDEVICE="" IFHP_OPTIONS="status@,sync@,pagecount@,waitend@" NUP="1" PAGER="" :PAPERSIZE="" PRINTERDB_ENTRY="apple" PS_SEND_EOF="NO" RESOLUTION="" REVERSE_ORDER="" :RTLFT_MARGIN="18" SENDEOF="NO" TEXTEOF="NO" TOPBOT_MARGIN="18" :mx=0 :prefix_z=600,a4,portrait,simplex :ps=status :sd=/var/spool/lpd/%P :sh :db=network+3,print+1,receive+1 ##LPRNGTOOL## QUEUE ascii_to_ps=NO color= color_choice=Default crlf_trans= desired_to= eof= extra_gs_options= extra_pager_options= filtertype=IFHP gsdevice= ifhp_options=status@,sync@,pagecount@,waitend@ nup=1 pager= papersize= printerdb_entry=apple ps_send_eof=NO resolution= reverse_order= rtlft_margin=18 sendeof=NO texteof=NO topbot_margin=18 dida3 :server :cm=Apple LaserWriter 12/640 :filter=/opt/LPRng/libexec/filters/ifhp :ifhp=model=apple,status,sync,pagecount,waitend :lp=raw@laserdip :lprngtooloptions=ASCII_TO_PS="NO" COLOR="" COLOR_CHOICE="Default" CRLF_TRANS="" :DESIRED_TO="" EOF="" EXTRA_GS_OPTIONS="" EXTRA_PAGER_OPTIONS="" FILTERTYPE="IFHP" :GSDEVICE="" IFHP_OPTIONS="status@,sync@,pagecount@,waitend@" NUP="1" PAGER="" :PAPERSIZE="" PRINTERDB_ENTRY="apple" PS_SEND_EOF="NO" RESOLUTION="" REVERSE_ORDER="" :RTLFT_MARGIN="18" SENDEOF="NO" TEXTEOF="NO" TOPBOT_MARGIN="18" :mx=0 :prefix_z=600,a4,portrait,simplex :ps=status :sd=/var/spool/lpd/%P :sh :db=network+3,print+1,receive+1
