petervc@wn3.sci.kun.nl (Peter van Campen) (11/12/90)
geoff@bodleian.East.Sun.COM (Geoff Arnold@Sun BOS-R.H. coast near the top)writes: > PCNFSD invokes setreuid() and setregid() in order to make sure that > any print files are owned by the correct user, and (depending on > how your spooler works - I don't know DOMAIN/OS) have the correct > banner on them. I assume that you need what X/Open calls "appropriate > privileges" to execute these calls. This usually means running as > root. If you ever want to check on the return-codes of the setreuid/setregid, watch out! The combination will always fail, as the order of the calls in the source is: setreuid(pw->pw_uid, pw->pw_uid); setregid(pw->pw_gid, pw->pw_gid); and the scheme is: the setreuid will succeed, but then pcnfsd is not longer running as root, so the setregid will always fail. If you do not want 'nobody' to print (as root) on your (accounted?) printers, you could use the modification of the source code supplied below (if you do not define KUN, you get the pcnfsd as distributed by Geoff Arnold). While I'm at it, I have a few questions about the pcnfsd source. 1) Wouldn't it be much nicer if all 'fprintf(STDERR, ...)' were replaced by 'syslog(LOG_INFO, ...)'? (We now #define these in the header). 2) Is there a reason why there is no 'password adjunct file' support in the pcnfsd source (but there is shadow password support)? 3) It would be nice if the next source update of pcnfsd were supplied as a uuecoded file, now I have to repair those 'too long' lines that were split in the mail. (probably a few lines of the source below will also be split). ----------------------------------------------------------------------------- Peter van Campen, petervc@sci.kun.nl, Computer and Communications Department Faculty of Science, University of Nijmegen 6525 ED NIJMEGEN, The Netherlands ----------------------------------------------------------------------------- if (pw) { if (buggit) syslog(LOG_INFO, "uid is %d\ngid is %d\n", pw->pw_uid, pw->pw_gid); /* * PC-NFS doesn't pass us any filename to show on * the banner page, so we blank this field out. * That's batter than showing the pseudo-random * temporary file name used internally (or the * UNIX-ism "(stdin)"). */ #ifdef KUN /* 20-01-89 PVC KUN-modification * Put in the check on the return value * of setreuid and setregid * We do not want 'nobody' to print on accounted * printers. */ if( (setregid (pw -> pw_gid, pw -> pw_gid) != 0) || (setreuid (pw -> pw_uid, pw -> pw_uid) != 0) ){ sprintf (printer_opt, "-P%s", ps_arg->psa_printer name); sprintf (jobname_opt, "-J%s", ps_arg -> psa_usern ame); sprintf (clientname_opt, "-C%s", ps_arg->psa_clie nt); syslog(LOG_INFO, "rpc.pcnfsd.c: setuid failed. %m Thus print-file removed\n"); syslog(LOG_INFO, "printer %s, job %s, client %s\n ", printer_opt, jobname_opt, clientname_opt); unlink(new_pathname); closelog(); exit(0); } #else setreuid(pw->pw_uid, pw->pw_uid); setregid(pw->pw_gid, pw->pw_gid); #endif KUN sprintf(printer_opt, "-P%s", ps_arg->psa_printername); sprintf(jobname_opt, "-J "); sprintf(clientname_opt, "-C%s", ps_arg->psa_client); } else { /* * We don't know the user's identity, so the * printout will end up being enqueued by root. * We do want the user's name to appear on the * banner page, so we slip it in via the -J * option. */ #ifdef KUN /* * 20-01-89 PVC KUN-modification: we do not want * this user to print as 'root' on (accounted) printers */ if(buggit){ sprintf (printer_opt, "-P%s", ps_arg->psa_printername); sprintf (jobname_opt, "-J%s", ps_arg -> psa_username); sprintf (clientname_opt, "-C%s", ps_arg->psa_client); syslog(LOG_INFO, "print-job by unknown user killed\n"); syslog(LOG_INFO, "printer %s, job %s, client %s\n", printer_opt, jobname_opt, clientname_opt); } unlink(new_pathname); closelog(); exit(0); #else sprintf(printer_opt, "-P%s", ps_arg->psa_printername); sprintf(jobname_opt, "-J%s", ps_arg->psa_username); sprintf(clientname_opt, "-C%s", ps_arg->psa_client); #endif KUN } #ifdef HACK_FOR_ROTATED_TRANSCRIPT