netcat, rlpr, Net printer interface script - SCO

This is a discussion on netcat, rlpr, Net printer interface script - SCO ; Well I just discovered a horrifyingly embarrasing problem with the Net interface script I posted a few weeks ago. The interface script aims to replace hand editing interface scripts that use netcat and rlpr (and later smbclient and any number ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: netcat, rlpr, Net printer interface script

  1. netcat, rlpr, Net printer interface script

    Well I just discovered a horrifyingly embarrasing problem with the Net
    interface script I posted a few weeks ago.

    The interface script aims to replace hand editing interface scripts that use
    netcat and rlpr (and later smbclient and any number of other things)
    with a single interface script that looks to /etc/printers for not only the
    address and tcp port or lpd queue of print servers, but also the model,
    that is, the 'normal' printer interface script to use.

    Normally if you want the HPLaserJet interface script, but want to use
    netcat, you create a printer with model HPLaserJet and then edit
    /usr/spool/lp/admins/lp/interfaces/ to hack in the netcat
    stuff. Namely some stuff near the top to read the command line and look for
    the matching line in /etc/printers and get the details about the print
    server, then a set of braces around most of the rest of the (large) script,
    then the pipe to netcat at the end.

    The idea of the new script was instead of all that, just have one little
    script that has nothing but the /etc/printers reader and the pipe to netcat
    (or other util like rlpr) and the script would just directly run one of the
    stock interface scripts right out of the /usr/spool/lp/model directory. And
    you would never have to edit any interface script directly. All you would do
    is edit one line in /etc/printers for each printer that used the Net
    interface.

    This all works fine. ... As Root.

    I only just now discovered that the scripts in the model directory are chmod
    550, and when a user tries to print, the Net script can't read or execute
    the requested model script.

    I have no slick answer for this off the top of my head.

    For years I've been using a tar I made that has hacked copies of HPLaserJet
    and epson named *.nc and *.rlpr in the model directory and I create printers
    by selecting for example "HPLaserJet.nc" from the model list and that gets
    copied by scoadmin into interfaces and given the right permissions and that
    script does all the work itself and it works fine for everyone.
    When I too that well proven scheme and just reworked it a little to avoid
    having to include redundant, slightly modified copies of scripts sco
    authored, I'm afraid I rushed it out. I tested it a few times on one of my
    own boxes but only as root.

    Maybe I'll have the script make a copy of the real model script with user
    friendly permissions on the fly the first time it gets run by root and make
    that part of the directions, to send a small test job as root so that the
    script gets a chance to set up the copy of the desired interface script.
    Something like what the hpnp setup does.

    In the mean time. The quick & dirty hack to make your printers work for
    users is just
    chmod 555 /opt/K/SCO/Unix/*/usr/spool/lp/model/*
    But scoadmin/fixmog/verify-software/installing patches etc.. may come along
    and fix the permissions back to 550 any time so it's probably no permanent
    fix.

    Too bad. It was so clean and neat if it would have worked.

    I'm extremely sorry if anyone tried to use this and wasted time trying to
    figure out why it didn't work.

    Brian K. White -- brian@aljex.com -- http://www.aljex.com/bkw/
    +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
    filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!


  2. Re: netcat, rlpr, Net printer interface script


    ----- Original Message -----
    From: "Brian K. White"
    Newsgroups: comp.unix.sco.misc
    To:
    Sent: Tuesday, August 08, 2006 6:01 PM
    Subject: netcat, rlpr, Net printer interface script


    > Well I just discovered a horrifyingly embarrasing problem with the Net
    > interface script I posted a few weeks ago.



    Oh and please feel free to print this picture, write Brian K. White under
    it, and then pin it to your dart board.

    http://echosphere.net/star_trek_insp/insp_captkirk.png

    Brian K. White -- brian@aljex.com -- http://www.aljex.com/bkw/
    +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
    filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!


  3. Re: netcat, rlpr, Net printer interface script

    Brian K. White wrote:
    > Well I just discovered a horrifyingly embarrasing problem with the Net
    > interface script I posted a few weeks ago.
    >
    > The interface script aims to replace hand editing interface scripts that use
    > netcat and rlpr (and later smbclient and any number of other things)
    > with a single interface script that looks to /etc/printers for not only the
    > address and tcp port or lpd queue of print servers, but also the model,
    > that is, the 'normal' printer interface script to use.
    >
    > Normally if you want the HPLaserJet interface script, but want to use
    > netcat, you create a printer with model HPLaserJet and then edit
    > /usr/spool/lp/admins/lp/interfaces/ to hack in the netcat
    > stuff. Namely some stuff near the top to read the command line and look for
    > the matching line in /etc/printers and get the details about the print
    > server, then a set of braces around most of the rest of the (large) script,
    > then the pipe to netcat at the end.
    >
    > The idea of the new script was instead of all that, just have one little
    > script that has nothing but the /etc/printers reader and the pipe to netcat
    > (or other util like rlpr) and the script would just directly run one of the
    > stock interface scripts right out of the /usr/spool/lp/model directory. And
    > you would never have to edit any interface script directly. All you would do
    > is edit one line in /etc/printers for each printer that used the Net
    > interface.
    >
    > This all works fine. ... As Root.
    >
    > I only just now discovered that the scripts in the model directory are chmod
    > 550, and when a user tries to print, the Net script can't read or execute
    > the requested model script.
    >
    > I have no slick answer for this off the top of my head.
    >
    > For years I've been using a tar I made that has hacked copies of HPLaserJet
    > and epson named *.nc and *.rlpr in the model directory and I create printers
    > by selecting for example "HPLaserJet.nc" from the model list and that gets
    > copied by scoadmin into interfaces and given the right permissions and that
    > script does all the work itself and it works fine for everyone.
    > When I too that well proven scheme and just reworked it a little to avoid
    > having to include redundant, slightly modified copies of scripts sco
    > authored, I'm afraid I rushed it out. I tested it a few times on one of my
    > own boxes but only as root.
    >
    > Maybe I'll have the script make a copy of the real model script with user
    > friendly permissions on the fly the first time it gets run by root and make
    > that part of the directions, to send a small test job as root so that the
    > script gets a chance to set up the copy of the desired interface script.
    > Something like what the hpnp setup does.
    >
    > In the mean time. The quick & dirty hack to make your printers work for
    > users is just
    > chmod 555 /opt/K/SCO/Unix/*/usr/spool/lp/model/*
    > But scoadmin/fixmog/verify-software/installing patches etc.. may come along
    > and fix the permissions back to 550 any time so it's probably no permanent
    > fix.
    >
    > Too bad. It was so clean and neat if it would have worked.
    >
    > I'm extremely sorry if anyone tried to use this and wasted time trying to
    > figure out why it didn't work.
    >
    > Brian K. White -- brian@aljex.com -- http://www.aljex.com/bkw/
    > +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
    > filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!
    >


    Hi, Bryan.

    Have you thought about compiling a C program that just runs your script,
    after setting SUID to root? Or setting up the script with asroot?

    --
    ----------------------------------------------------
    Pat Welch, UBB Computer Services, a WCS Affiliate
    SCO Authorized Partner
    Unix/Linux/Windows/Hardware Sales/Support
    (209) 745-1401 Cell: (209) 251-9120
    E-mail: patubb@inreach.com
    ----------------------------------------------------

  4. Re: netcat, rlpr, Net printer interface script

    Brian K. White wrote:

    > Well I just discovered a horrifyingly embarrasing problem with the Net
    > interface script I posted a few weeks ago.
    >
    > The interface script aims to replace hand editing interface scripts that use
    > netcat and rlpr (and later smbclient and any number of other things)
    > with a single interface script that looks to /etc/printers for not only the
    > address and tcp port or lpd queue of print servers, but also the model,
    > that is, the 'normal' printer interface script to use.
    >
    > Normally if you want the HPLaserJet interface script, but want to use
    > netcat, you create a printer with model HPLaserJet and then edit
    > /usr/spool/lp/admins/lp/interfaces/ to hack in the netcat
    > stuff. Namely some stuff near the top to read the command line and look for
    > the matching line in /etc/printers and get the details about the print
    > server, then a set of braces around most of the rest of the (large) script,
    > then the pipe to netcat at the end.
    >
    > The idea of the new script was instead of all that, just have one little
    > script that has nothing but the /etc/printers reader and the pipe to netcat
    > (or other util like rlpr) and the script would just directly run one of the
    > stock interface scripts right out of the /usr/spool/lp/model directory. And
    > you would never have to edit any interface script directly. All you would do
    > is edit one line in /etc/printers for each printer that used the Net
    > interface.
    >
    > This all works fine. ... As Root.
    >
    > I only just now discovered that the scripts in the model directory are chmod
    > 550, and when a user tries to print, the Net script can't read or execute
    > the requested model script.
    >
    > I have no slick answer for this off the top of my head.
    >
    > For years I've been using a tar I made that has hacked copies of HPLaserJet
    > and epson named *.nc and *.rlpr in the model directory and I create printers
    > by selecting for example "HPLaserJet.nc" from the model list and that gets
    > copied by scoadmin into interfaces and given the right permissions and that
    > script does all the work itself and it works fine for everyone.
    > When I too that well proven scheme and just reworked it a little to avoid
    > having to include redundant, slightly modified copies of scripts sco
    > authored, I'm afraid I rushed it out. I tested it a few times on one of my
    > own boxes but only as root.
    >
    > Maybe I'll have the script make a copy of the real model script with user
    > friendly permissions on the fly the first time it gets run by root and make
    > that part of the directions, to send a small test job as root so that the
    > script gets a chance to set up the copy of the desired interface script.
    > Something like what the hpnp setup does.
    >
    > In the mean time. The quick & dirty hack to make your printers work for
    > users is just
    > chmod 555 /opt/K/SCO/Unix/*/usr/spool/lp/model/*
    > But scoadmin/fixmog/verify-software/installing patches etc.. may come along
    > and fix the permissions back to 550 any time so it's probably no permanent
    > fix.
    >
    > Too bad. It was so clean and neat if it would have worked.
    >
    > I'm extremely sorry if anyone tried to use this and wasted time trying to
    > figure out why it didn't work.


    I'm trying to figure out why it _wouldn't_ work.

    The interface scripts, /usr/spool/lp/model/*, are mode 550 root:lp --
    they are read-and-executable by group "lp". When the SysV spooler runs
    an interface script, it does so under effective group "lp", or it
    wouldn't be able to access the regular interface scripts.

    As I understand it, your master multiplexor interface script is given
    to the spooler as a regular interface script, so it should be getting
    invoked with the right effective group ID. It should be able to run any
    of the original interface scripts just fine.

    >Bela<


+ Reply to Thread