> From [EMAIL PROTECTED] Fri Mar 29 08:11:18 2002
> Date: Thu, 28 Mar 2002 09:45:39 -0800 (PST)
> From: Patrick Powell <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: LPRng: LPRng 3.8.9
>
> > From [EMAIL PROTECTED] Tue Mar 12 08:09:14 2002
> > Date: Tue, 12 Mar 2002 15:15:29 GMT
> > From: Toby Blake <[EMAIL PROTECTED]>
> > Subject: Re: LPRng: LPRng 3.8.9
> > To: [EMAIL PROTECTED]
> >
> > > > Thanks for fixing this Patrick. However, would you be able to
> > > > change things so that the other AUTH* data is also stored and used
> > > > later (i.e. authtype and authfrom):
> > > >
> > > > 2002-03-07-12:15:19.325 host1 [29066] RCVSEC lp: authtype
> > > > 'kerberos', authfrom '[EMAIL PROTECTED]', authuser '[EMAIL PROTECTED]'
> > > > ...
> > > > 2002-03-07-12:15:19.347 host1 [29066] (Server) lp: authtype
> > > > '<NULL>', authfrom '<NULL>', authuser '[EMAIL PROTECTED]'
> > > >
> > > > Thanks
> > > > Toby
> > >
> > > Just use the 'R' check and drop the 'P' check.
> >
> > This isn't particularly feasible as I prefer to have a permissions
> > setup where everything is rejected by default and I specify what is
> > allowed. Therefore I need to include permissions for the 'P' service
> > as sending a job via lpr results in a permissions check for the 'P'
> > service, which I currently cannot validate against the AUTHTYPE and
> > AUTHFROM values.
> >
> > Cheers
> > Toby
>
> OK, it is on the list and may be done for the next release.
>
> Patrick
It was pretty simple, so it is now done.
Version LPRng-3.8.10 - Sun Mar 31 11:31:19 PST 2002
printcap.5 had :as and :ae examples reversed
(Spotted by the guy with the red pen and the eagle eyes:
Craig Small <[EMAIL PROTECTED]>)
The authentication and connection information for permissions
checking is now recorded so it can be used for permissions checking.
and a couple of new fields have been added.
The following permission tags now have the indicated values
UNIXSOCKET - true (match or 1) if connection was over a UNIX socket,
i.e. - the local host.
When SERVICE=P
REMOTEHOST - the original remotehost from which the job was sent
(previously was the HOST value)
REMOTEPORT - the original port from which the job was sent
(previously was undefined )
AUTH - true (match or 1) if job sent using authentication
AUTHTYPE - authentication type
AUTHUSER - value of authentication key for user who originated
job. For example, for kerberos this is the user's principle value
AUTHFROM - value of authentication key for sender of job. For example,
if the job was from the LPR program, this would have the same
value as AUTHUSER. However, if it was forwarded from a server,
it would have the server's authentication name or value.
lpd.perms.in update to match the new entries
(Requested by: Toby Blake <[EMAIL PROTECTED]>)
-----------------------------------------------------------------------------
YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST
The address you post from MUST be your subscription address
If you need help, send email to [EMAIL PROTECTED] (or lprng-requests
or lprng-digest-requests) with the word 'help' in the body. For the impatient,
to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED]
with: | example:
subscribe LIST <mailaddr> | subscribe lprng-digest [EMAIL PROTECTED]
unsubscribe LIST <mailaddr> | unsubscribe lprng [EMAIL PROTECTED]
If you have major problems, send email to [EMAIL PROTECTED] with the word
LPRNGLIST in the SUBJECT line.
-----------------------------------------------------------------------------
