Re: LPRng: lpd.perms problem
Hi again, So, I run d3 in debugging mode - there is no error/failure on /etc/lpd/ok. Could it be problem, that checkpc -f makes spooling directories with mode 700. == drwx-- 2 daemon daemon 512 Mar 18 14:18 d3 == From Unix point of view there is no way for anyone other than daemon/root to manipulate files in d3 directory... best Longina -- Longina Przybyszewska, system programmer Dept. of Math. Comp. Sci. - IMADA University of Southern Denmark, Odense Campusvej 55,DK-5230 Odense M, Denmark tel: +45 6550 2359 - http://www.imada.sdu.dk email: [EMAIL PROTECTED] -- On Mon, 15 Mar 2004, Patrick Powell wrote: On Fri, 12 Mar 2004, Patrick Powell wrote: My changes don't work - users listed in /etc/lpd/ok file cannot remove jobs from the server On Fri, Mar 12, 2004 at 02:21:24PM +0100, Longina Przybyszewska wrote: hi, can anyone tell me why the following setting in lpd.perms doesn't work? It is LPRng-3.8.21. The server controls 2 printers, for one of them I would like to allow other persons than root to remove jobs fra queue. My changes don't work (the rest is default). WHat is wrong? # allow same user on originating host to remove a job ACCEPT SERVICE=M SAMEHOST SAMEUSER # allow root (and persons listed in /etc/lpd/ok)on server to remove jobs # from printer d3 ACCEPT SERVICE=M SERVER PRINTER=d3 REMOTEUSER=root,/etc/lpd/ok ACCEPT SERVICE=M SERVER REMOTEUSER=root REJECT SERVICE=M # all other operations allowed DEFAULT ACCEPT OK, try the following: d3:db=lprm+2,database+2:... # enable LPRM debugging Now do: lpc reread lpc -Pd3 stop lpr -Pd3 lprm -Pd3 Now look in /var/spool/lpd/d3/log and look for lines with /etc/lpd/ok in them. Error or failure should be clear from this. Patrick - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. - - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
Re: LPRng: lpd.perms problem
From [EMAIL PROTECTED] Sat Mar 13 14:35:48 2004 Date: Sat, 13 Mar 2004 22:48:37 +0100 (CET) From: Longina Przybyszewska [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: LPRng: lpd.perms problem On Fri, 12 Mar 2004, Patrick Powell wrote: My changes don't work - users listed in /etc/lpd/ok file cannot remove jobs from the server On Fri, Mar 12, 2004 at 02:21:24PM +0100, Longina Przybyszewska wrote: hi, can anyone tell me why the following setting in lpd.perms doesn't work? It is LPRng-3.8.21. The server controls 2 printers, for one of them I would like to allow other persons than root to remove jobs fra queue. My changes don't work (the rest is default). WHat is wrong? # allow same user on originating host to remove a job ACCEPT SERVICE=M SAMEHOST SAMEUSER # allow root (and persons listed in /etc/lpd/ok)on server to remove jobs # from printer d3 ACCEPT SERVICE=M SERVER PRINTER=d3 REMOTEUSER=root,/etc/lpd/ok ACCEPT SERVICE=M SERVER REMOTEUSER=root REJECT SERVICE=M # all other operations allowed DEFAULT ACCEPT OK, try the following: d3:db=lprm+2,database+2:... # enable LPRM debugging Now do: lpc reread lpc -Pd3 stop lpr -Pd3 lprm -Pd3 Now look in /var/spool/lpd/d3/log and look for lines with /etc/lpd/ok in them. Error or failure should be clear from this. Patrick - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
LPRng: lpd.perms problem
hi, can anyone tell me why the following setting in lpd.perms doesn't work? It is LPRng-3.8.21. The server controls 2 printers, for one of them I would like to allow other persons than root to remove jobs fra queue. My changes don't work (the rest is default). WHat is wrong? # allow same user on originating host to remove a job ACCEPT SERVICE=M SAMEHOST SAMEUSER # allow root (and persons listed in /etc/lpd/ok)on server to remove jobs # from printer d3 ACCEPT SERVICE=M SERVER PRINTER=d3 REMOTEUSER=root,/etc/lpd/ok ACCEPT SERVICE=M SERVER REMOTEUSER=root REJECT SERVICE=M # all other operations allowed DEFAULT ACCEPT thanks in advance! Longina -- Longina Przybyszewska, system programmer Dept. of Math. Comp. Sci. - IMADA University of Southern Denmark, Odense Campusvej 55,DK-5230 Odense M, Denmark tel: +45 6550 2359 - http://www.imada.sdu.dk email: [EMAIL PROTECTED] -- - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
Re: LPRng: lpd.perms problem
On Fri, Mar 12, 2004 at 02:21:24PM +0100, Longina Przybyszewska wrote: hi, can anyone tell me why the following setting in lpd.perms doesn't work? It is LPRng-3.8.21. The server controls 2 printers, for one of them I would like to allow other persons than root to remove jobs fra queue. My changes don't work (the rest is default). WHat is wrong? # allow same user on originating host to remove a job ACCEPT SERVICE=M SAMEHOST SAMEUSER # allow root (and persons listed in /etc/lpd/ok)on server to remove jobs # from printer d3 ACCEPT SERVICE=M SERVER PRINTER=d3 REMOTEUSER=root,/etc/lpd/ok ACCEPT SERVICE=M SERVER REMOTEUSER=root REJECT SERVICE=M # all other operations allowed DEFAULT ACCEPT thanks in advance! Longina -- Longina Przybyszewska, system programmer Dept. of Math. Comp. Sci. - IMADA University of Southern Denmark, Odense Campusvej 55,DK-5230 Odense M, Denmark tel: +45 6550 2359 - http://www.imada.sdu.dk email: [EMAIL PROTECTED] -- When you say 'does not work' do you mean that users CAN remove jobs or users CANNOT remove jobs. Note: I recommend using: # all other operations allowed DEFAULT REJECT i.e. - deny any operation unless specifically allowed. -- Patrick Powell Astart Technologies [EMAIL PROTECTED]6741 Convoy Court Network and System San Diego, CA 92111 Consulting 858-874-6543 FAX 858-751-2435 LPRng - Print Spooler (http://www.lprng.com) - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
Re: Re: LPRng: lpd.perms problem
Thies Meincke [EMAIL PROTECTED] schrieb am 19.12.2002, 16:33:02: Hi, maybe the DEFAULT REJECT should be at the beginning, before you allow printing for certain printers, however I have not tested it so far. Regards, Thies Meincke I will try that, however an older message on this list made me come up with another theory: Could it be that I'm having trouble because I'm using an unusual netmask for my network? (10.0.0.0 uses 255.0.0.0 per default, however I'm using 255.255.255.0) -Stefan - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
Re: Re: LPRng: lpd.perms problem
Joel Hammer [EMAIL PROTECTED] wrote: Would you consider setting up a samba server to share your printers? There are numerous ways to manipulate access to a shared resource with samba. lpd.perms is very hard for me to understand. Sorry to say it, but Samba is not an option :-/ -Stefan - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
LPRng: lpd.perms problem
Hi all, I have seen messages on this list claiming it is possible to have different ACLs per printer. However, for me, some combinations work, while others don't. What I'd like to do is: -ACCEPT/REJECT print jobs depending on the requested printer name and the originating IP -In case of a REJECT, let the client know that it was rejected (preferably the same way the old LPR/LPD did this when a client wasn't listed in hosts.lpd) - what I don't want is the behavior that the print job gets accepted, then discarded. What I've tried so far: REJECT REMOTEIP=10.0.0.2 PRINTER=pr1 ACCEPT REMOTEIP=10.0.0.2 PRINTER=pr2 DEFAULT REJECT This denies printing from 10.0.0.2 to pr1, however, it does not tell the client about it, it just discards the job after it has arrived. REJECT SERVICE=X PRINTER=pr1 REMOTEIP=10.0.0.2 ACCEPT SERVICE=X PRINTER=pr2 REMOTEIP=10.0.0.2 DEFAULT REJECT This denies printing (or rather: connecting) to 10.0.0.2, regardless of the selected printer. Not quite the result I expected or needed. Is there anyone who could shed some light on this issue, and who could tell me what I can do to solve the problem? Kind Regards, Stefan - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
Re: LPRng: lpd.perms problem
Hi, maybe the DEFAULT REJECT should be at the beginning, before you allow printing for certain printers, however I have not tested it so far. Regards, Thies Meincke On Thu, 19 Dec 2002 [EMAIL PROTECTED] wrote: Hi all, I have seen messages on this list claiming it is possible to have different ACLs per printer. However, for me, some combinations work, while others don't. What I'd like to do is: -ACCEPT/REJECT print jobs depending on the requested printer name and the originating IP -In case of a REJECT, let the client know that it was rejected (preferably the same way the old LPR/LPD did this when a client wasn't listed in hosts.lpd) - what I don't want is the behavior that the print job gets accepted, then discarded. What I've tried so far: REJECT REMOTEIP=10.0.0.2 PRINTER=pr1 ACCEPT REMOTEIP=10.0.0.2 PRINTER=pr2 DEFAULT REJECT This denies printing from 10.0.0.2 to pr1, however, it does not tell the client about it, it just discards the job after it has arrived. REJECT SERVICE=X PRINTER=pr1 REMOTEIP=10.0.0.2 ACCEPT SERVICE=X PRINTER=pr2 REMOTEIP=10.0.0.2 DEFAULT REJECT This denies printing (or rather: connecting) to 10.0.0.2, regardless of the selected printer. Not quite the result I expected or needed. Is there anyone who could shed some light on this issue, and who could tell me what I can do to solve the problem? Kind Regards, Stefan - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. - ++---+ | Thies Meincke | Tel. : 040/42838-6355 (BN: 0.42838-6355) | | Universitaet Hamburg | Fax : 040/42838-6270 (BN: 0.42838-6270) | | Regionales Rechenzentrum | E-mail: [EMAIL PROTECTED]| | Schlueterstr. 70 | URL : http://www.rrz.uni-hamburg.de/| | 20146 Hamburg | RRZ/Personal/TMeincke.html| ++---+ - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -
Re: LPRng: lpd.perms problem
Would you consider setting up a samba server to share your printers? There are numerous ways to manipulate access to a shared resource with samba. lpd.perms is very hard for me to understand. Joel On Thu, Dec 19, 2002 at 04:33:02PM +0100, Thies Meincke wrote: Hi, maybe the DEFAULT REJECT should be at the beginning, before you allow printing for certain printers, however I have not tested it so far. Regards, Thies Meincke On Thu, 19 Dec 2002 [EMAIL PROTECTED] wrote: Hi all, I have seen messages on this list claiming it is possible to have different ACLs per printer. However, for me, some combinations work, while others don't. What I'd like to do is: -ACCEPT/REJECT print jobs depending on the requested printer name and the originating IP -In case of a REJECT, let the client know that it was rejected (preferably the same way the old LPR/LPD did this when a client wasn't listed in hosts.lpd) - what I don't want is the behavior that the print job gets accepted, then discarded. What I've tried so far: REJECT REMOTEIP=10.0.0.2 PRINTER=pr1 ACCEPT REMOTEIP=10.0.0.2 PRINTER=pr2 DEFAULT REJECT This denies printing from 10.0.0.2 to pr1, however, it does not tell the client about it, it just discards the job after it has arrived. REJECT SERVICE=X PRINTER=pr1 REMOTEIP=10.0.0.2 ACCEPT SERVICE=X PRINTER=pr2 REMOTEIP=10.0.0.2 DEFAULT REJECT This denies printing (or rather: connecting) to 10.0.0.2, regardless of the selected printer. Not quite the result I expected or needed. Is there anyone who could shed some light on this issue, and who could tell me what I can do to solve the problem? Kind Regards, Stefan - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. - ++---+ | Thies Meincke | Tel. : 040/42838-6355 (BN: 0.42838-6355) | | Universitaet Hamburg | Fax : 040/42838-6270 (BN: 0.42838-6270) | | Regionales Rechenzentrum | E-mail: [EMAIL PROTECTED]| | Schlueterstr. 70 | URL : http://www.rrz.uni-hamburg.de/| | 20146 Hamburg | RRZ/Personal/TMeincke.html| ++---+ - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. - - YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST The address you post from MUST be your subscription address If you need help, send email to [EMAIL PROTECTED] (or lprng-requests or lprng-digest-requests) with the word 'help' in the body. For the impatient, to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED] with: | example: subscribe LIST mailaddr | subscribe lprng-digest [EMAIL PROTECTED] unsubscribe LIST mailaddr | unsubscribe lprng [EMAIL PROTECTED] If you have major problems, send email to [EMAIL PROTECTED] with the word LPRNGLIST in the SUBJECT line. -