The patch (to 3.8.12) below produces the behavior I am looking for.
Perhaps there's a better way to do it.
-Rick
*** lpd_rcvjob.c.orig Mon May 6 12:03:44 2002
--- lpd_rcvjob.c Wed Jun 12 15:09:47 2002
***************
*** 956,961 ****
--- 956,968 ----
}
DEBUG1("Check_for_missing_files: hold file fd '%d'", holdfile_fd
);
+ if( header_info ){
+ char *authuser;
+ authuser =
Find_str_value(header_info,AUTHUSER,Value_sep);
+ Set_str_value(&job->info,LOGNAME,authuser);
+ DEBUG1("Check_for_missing_files: authuser '%s'",
authuser );
+ }
+
if( Create_control( job, error, errlen,
Xlate_incoming_format_DYN ) ){
DEBUG1("Check_for_missing_files: Create_control error
'%s'", error );
status = 1;
Rick Cochran wrote:
> When using kerberos authentication, it seems logical to me that the
> authenticated kerberos principal, rather than the user name, would be
> the only identifier of interest. However, I can find no method, either
> in the documentation or in the mailing list archives, for accessing the
> authenticated kerberos principal.
>
> There is one mention of the problem in the documentation:
>
> -----
> 17.9. Identifiers
>
> When a user logs into a system, they are assigned a user name and a
> corresponding UserID. This user name is used by the LPRng software when
> transferring jobs to identify the user.
>
> When we look into the problem of authentication, we will possibly have a
> more global user identification to deal with, the authentication
> identifier (AuthID). One way to deal with this problem is to give LPRng
> intimate knowledge of the UserID and AuthID relationship. While this is
> possible it is difficult to deal with in a simple and extensible manner.
> An alternate solution is to provide a mapping service, where the
> authentication procedure provides a map between the UserID and AuthID.
> -----
>
> However, I can find no implementation of any "mapping service" in the
> kerberos support.
>
> I would be very happy if there were an option to _replace_ the user name
> with the kerberos ID.
--
|Rick Cochran phone: 607-255-7618|
|Cornell CIT - Systems & Operations - Net-Print FAX: 607-255-8521|
|730 Rhodes Hall, Ithaca, N.Y. 14853 email: [EMAIL PROTECTED]|
-----------------------------------------------------------------------------
YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST
The address you post from MUST be your subscription address
If you need help, send email to [EMAIL PROTECTED] (or lprng-requests
or lprng-digest-requests) with the word 'help' in the body. For the impatient,
to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED]
with: | example:
subscribe LIST <mailaddr> | subscribe lprng-digest [EMAIL PROTECTED]
unsubscribe LIST <mailaddr> | unsubscribe lprng [EMAIL PROTECTED]
If you have major problems, send email to [EMAIL PROTECTED] with the word
LPRNGLIST in the SUBJECT line.
-----------------------------------------------------------------------------
