Patch #: 107 Type: operational change Priority: none Modification: allow lwsrv to run lpd jobs as Chooser name (UNIX user) Submitted: Maarten Carels Archived: munnari.OZ.AU mac/cap.patches/cap60.patch107 Application: 'cd cap60; patch -p < cap60.patches/cap60.patch107' Summary: add RUN_AS_USER/USER_REQUIRED compile options WARNING: NO user/password authentication is provided. File: cap60/applications/lwsrv/lwsrv.c File: cap60/extras/lib.cap.macusers File: cap60/extras/lib.cap.refused File: cap60/Configure *** applications/lwsrv/lwsrv.c.orig Tue Jun 23 22:42:20 1992 --- applications/lwsrv/lwsrv.c Tue Jun 30 02:00:33 1992 *************** *** 1,6 **** ! static char rcsid[] = "$Author: djh $ $Date: 1992/06/23 11:28:36 $"; ! static char rcsident[] = "$Header: /mac/src/cap60/applications/lwsrv/RCS/lwsrv.c,v 2.19 1992/06/23 11:28:36 djh Rel djh $"; ! static char revision[] = "$Revision: 2.19 $"; /* * lwsrv - UNIX AppleTalk spooling program: act as a laserwriter --- 1,6 ---- ! static char rcsid[] = "$Author: djh $ $Date: 1992/06/29 16:00:15 $"; ! static char rcsident[] = "$Header: /mac/src/cap60/applications/lwsrv/RCS/lwsrv.c,v 2.20 1992/06/29 16:00:15 djh Rel djh $"; ! static char revision[] = "$Revision: 2.20 $"; /* * lwsrv - UNIX AppleTalk spooling program: act as a laserwriter *************** *** 60,68 **** # include #endif NEEDFCNTLDOTH #include "papstream.h" ! #ifdef LWSRV_AUFS_SECURITY ! #include /* budd */ ! #endif LWSRV_AUFS_SECURITY #ifdef AUTHENTICATE #include #include --- 60,68 ---- # include #endif NEEDFCNTLDOTH #include "papstream.h" ! #if defined (LWSRV_AUFS_SECURITY) | defined (RUN_AS_USER) ! #include ! #endif LWSRV_AUFS_SECURITY | RUN_AS_USER #ifdef AUTHENTICATE #include #include *************** *** 69,74 **** --- 69,85 ---- #include "../../lib/cap/abpap.h" /* urk, puke, etc */ #endif AUTHENTICATE + #ifdef RUN_AS_USER + #ifndef USER_FILE + #define USER_FILE "/usr/local/lib/cap/macusers" + #endif USER_FILE + #ifndef REFUSE_MESSAGE + #define REFUSE_MESSAGE "/usr/local/lib/cap/refused" + #endif REFUSE_MESSAGE + #else RUN_AS_USER + #undef USER_REQUIRED + #endif RUN_AS_USER + private char *tracefile = NULL; private char *fontfile = NULL; private char *logfile = NULL; *************** *** 573,578 **** --- 584,697 ---- } } + #ifdef RUN_AS_USER + /* + * Conversion table, macintosh ascii with diacriticals to plain ascii. + * In addition, an ':' also maps to an underscore for obvious reasons. + * All other junk maps to an underscore. + * + */ + + static unsigned char convert [256] = { + /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ + /* 0 */ '_','_','_','_','_','_','_','_','_','_','_','_','_','_','_','_', + /* 1 */ '_','_','_','_','_','_','_','_','_','_','_','_','_','_','_','_', + /* 2 */ ' ','!','"','#','$','%','&','\'','(',')','*','+',',','-','.','/', + /* 3 */ '0','1','2','3','4','5','6','7','8','9','_',';','<','=','>','?', + /* 4 */ '@','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o', + /* 5 */ 'p','q','r','s','t','u','v','w','x','y','z','[','\\',']','^','_', + /* 6 */ '`','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o', + /* 7 */ 'p','q','r','s','t','u','v','w','x','y','z','{','|','}','~','_', + /* 8 */ 'a','a','c','e','n','o','u','a','a','a','a','a','a','c','e','e', + /* 9 */ 'e','e','i','i','i','i','n','o','o','o','o','o','u','u','u','u', + /* a */ '_','_','c','$','_','*','_','_','r','c','_','_','_','_','_','o', + /* b */ '_','_','_','_','_','m','d','s','p','p','_','a','o','_','_','o', + /* c */ '?','!','_','_','_','_','_','_','_','_','_','a','a','o','_','_', + /* d */ '_','_','_','_','_','_','_','_','y','_','_','_','_','_','_','_', + /* e */ '_','_','_','_','_','_','_','_','_','_','_','_','_','_','_','_', + /* f */ '_','_','_','_','_','_','_','_','_','_','_','_','_','_','_','_' + }; + + static void + unixize(name) + char *name; + { + register unsigned char *p = (unsigned char *)name; + + while (*p) { + *p = convert[*p]; + p += 1; + } + } + + static char * + getmacname(name, line, file) + char *name; /* mac name */ + char *line; /* line buffer to use */ + char *file; /* name of file containing table */ + { + FILE *f; + char *index(); + char *m, *nl; + + if ((f = fopen(file, "r")) == NULL) + return(NULL); + + while (fgets(line, 255, f) != NULL) { + if (*line == '#' || *line == '\n') + continue; /* skip comment line */ + if ((m = index(line, ':')) == NULL ) + continue; /* line in error */ + *m++ = '\0'; + if ((nl = index(m, '\n')) != NULL) + *nl = '\0'; /* take trailing newline */ + unixize(m); + if (strcmp(m, name) == 0) { + fclose(f); + return(line); + } + } + fclose(f); + return(NULL); + } + + /* + * We try to find a unix username to match the name from the mac. + * The approach is simple. We use a simple file to convert mac names + * to unix login names. The file needs only contain mac names that can't + * be resolved into unix names by simple means. The other ones are found + * automaticly. This means that 'Maarten' is resolved into 'maarten' without + * intervention, whereas 'El Gringo' needs to be in the file to be resolved + * to 'dolf'. + * + * Example file: + * #comment line + * dolf:El Gringo + * + */ + + static int + unixuid(macname) + char *macname; + { + struct passwd *pw; + char line[256]; + char name[256]; + char *n; + + strcpy(name, macname); + unixize(name); + + if ((n = getmacname(name, line, USER_FILE)) == NULL) + n = name; + + if ((pw = getpwnam(n)) == NULL) + return(0); + else + return(pw->pw_uid); + } + #endif RUN_AS_USER + export childjob(pf) PFILE *pf; *************** *** 593,598 **** --- 712,720 ---- int waitret; union wait waitstatus; #endif WIFEXITED + #ifdef RUN_AS_USER + int uid; + #endif RUN_AS_USER #ifdef AUTHENTICATE register PAPSOCKET *ps; register unsigned net; *************** *** 644,649 **** --- 766,803 ---- (void) time(&t); + #ifdef RUN_AS_USER + if ((uid = unixuid(username))) { + chown(tname, uid, -1); + setuid(uid); + } + #ifdef USER_REQUIRED + else { + int n; + FILE *infile; + char buffer[BUFSIZ]; + + fprintf(stderr, "lwsrv: Job refused for macuser %s\n", username); + /* NewStatus ("Unknown user, job refused"); */ + unlink(tname); + if ((outfile = fopen(tname, "w+")) != NULL) { + fprintf(outfile, "\n\nMacintosh user name: %s\nJob: %s\n", + username, jobname); + fprintf(outfile, "\nJob refused. "); + fprintf(outfile, + "Can't map Macintosh user name to a Unix user name\n\n"); + if ((infile = fopen(REFUSE_MESSAGE, "r")) != NULL) { + while ((n = fread(buffer, 1, BUFSIZ, infile)) > 0) + fwrite(buffer, 1, n, outfile); + fclose(infile); + } else + fprintf(outfile, "No detailed message available\n"); + fclose(outfile); + } + } + #endif USER_REQUIRED + #endif RUN_AS_USER + if (tracefile != NULL) fprintf(stderr,"lwsrv: Tracing to file: %s; job %s; user %s; on %s\n", tracefile,jobname,username,ctime(&t)); *************** *** 650,662 **** else { if (rflag) fprintf(stderr,"lwsrv: Preserving file in %s\n",tname); - fprintf(stderr,"lwsrv: Printing job: %s; user %s; on %s\n", - jobname,username,ctime(&t)); /* * this way lies madness ... */ argc = 0; #ifdef USESYSVLP childargv[argc++]="lp"; --- 804,825 ---- else { if (rflag) fprintf(stderr,"lwsrv: Preserving file in %s\n",tname); /* * this way lies madness ... */ + #ifdef RUN_AS_USER + if (uid) + #endif RUN_AS_USER + fprintf(stderr,"lwsrv: Printing job: %s; user %s; on %s\n", + jobname,username,ctime(&t)); + #ifdef RUN_AS_USER + else + fprintf(stderr,"lwsrv: Printing notification: %s; user %s; on %s\n", + jobname,username,ctime(&t)); + #endif RUN_AS_USER + argc = 0; #ifdef USESYSVLP childargv[argc++]="lp"; *************** *** 862,867 **** --- 1025,1034 ---- setusername(ts) char *ts; { + #ifdef RUN_AS_USER + if (*username != '\0') + return; + #endif RUN_AS_USER strcpy(username, ts); } *** extras/lib.cap.macusers.orig Tue Jun 30 02:31:23 1992 --- extras/lib.cap.macusers Tue Jun 30 02:29:50 1992 *************** *** 0 **** --- 1,14 ---- + # File to convert those fancy macintosh names into normal unix names + # for the laserwriter server (lwsrv compiled with RUN_AS_USER/USER_REQURED). + + # lines that start with # are comments lines + # no other comments allowed + # all characters are significant + # spaces are mapped onto underscores, as well as all unprintables + # everything is mapped to lowercase and all letters with diacriticals + # are mapped to normal letters before lookup. + + # We map macuser onto something nonexistent to discourage using that name. + nonexisting:macuser + # more names below... + # unixname:macname *** extras/lib.cap.refused.orig Tue Jun 30 02:31:23 1992 --- extras/lib.cap.refused Tue Jun 30 02:30:08 1992 *************** *** 0 **** --- 1,25 ---- + + To use the laserwriters, you must have a login name on one of the Unix + machines. You must set the name of your Macintosh to your Unix login name. + + If you are running System version 6.0.7 or earlier in your Macintosh, + select "Chooser" from the Apple menu and change the name to your Unix + login name. + + If you are using System version 7.0 or later, start "Sharing Setup" from + the "Control Panels" folder and fill in your login name under "Owner Name". + + If you really like to have a special name, you can ask the systems group + to have your special name registered. + + + OzTeX users: + In order to print properly you must add one line to the DVItoPS.ps and + TEXTtoPS.ps files. Be sure that they start with these two lines: + %! + %%For: username + The first line should already be there. Replace username by the name + you have in the Chooser, subject to the same restrictions as above. + + + The SystemsGroup. *** Configure.orig Mon Jun 29 23:51:25 1992 --- Configure Tue Jun 30 02:11:40 1992 *************** *** 1,7 **** #!/bin/sh ! # $Author: djh $ $Date: 1992/06/29 13:50:41 $ ! # $Header: /mac/src/cap60/RCS/Configure,v 2.43 1992/06/29 13:50:41 djh Rel djh $ ! # $Revision: 2.43 $ # CAP configuration shell script. This ain't perfect, but it's a start. # Execute with /bin/sh Configure if your system won't run it (ksh is okay too) # --- 1,7 ---- #!/bin/sh ! # $Author: djh $ $Date: 1992/06/29 16:11:20 $ ! # $Header: /mac/src/cap60/RCS/Configure,v 2.44 1992/06/29 16:11:20 djh Rel djh $ ! # $Revision: 2.44 $ # CAP configuration shell script. This ain't perfect, but it's a start. # Execute with /bin/sh Configure if your system won't run it (ksh is okay too) # *************** *** 678,683 **** --- 678,689 ---- # # + ADOBE_DSC2_CONFORMANT forces Adobe DSC2 conformance # define(`simpleflags',concat(simpleflags,` -DADOBE_DSC2_CONFORMANT')) + # + # + RUN_AS_USER run lpd job as Chooser Name if valid UNIX account (no authent) + # define(`lwflags',concat(lwflags,` -DRUN_AS_USER')) + # + # + USER_REQUIRED (requires RUN_AS_USER) refuse printing if Chsr name invalid + # define(`lwflags',concat(lwflags,` -DUSER_REQUIRED')) # EOT0 result=0 *** lib/cap/abversion.c.orig Mon Jun 29 23:53:11 1992 --- lib/cap/abversion.c Tue Jun 30 02:13:13 1992 *************** *** 1,7 **** /* ! * $Author: djh $ $Date: 1992/06/29 13:53:05 $ ! * $Header: /mac/src/cap60/lib/cap/RCS/abversion.c,v 2.6 1992/06/29 13:53:05 djh Rel djh $ ! * $Revision: 2.6 $ */ /* --- 1,7 ---- /* ! * $Author: djh $ $Date: 1992/06/29 16:13:06 $ ! * $Header: /mac/src/cap60/lib/cap/RCS/abversion.c,v 2.7 1992/06/29 16:13:06 djh Rel djh $ ! * $Revision: 2.7 $ */ /* *************** *** 31,37 **** myversion.cv_name = "CAP"; myversion.cv_version = 6; myversion.cv_subversion = 0; ! myversion.cv_patchlevel = 106; myversion.cv_rmonth = "June"; myversion.cv_ryear = "1992"; switch (lap_proto) { --- 31,37 ---- myversion.cv_name = "CAP"; myversion.cv_version = 6; myversion.cv_subversion = 0; ! myversion.cv_patchlevel = 107; myversion.cv_rmonth = "June"; myversion.cv_ryear = "1992"; switch (lap_proto) { *** README.orig Mon Jun 29 23:54:17 1992 --- README Tue Jun 30 02:14:37 1992 *************** *** 2,8 **** CAP - Columbia AppleTalk Package for UNIX o RELEASE NOTES ! o CAP Distribution 6.0, Patch Level 106, June 1992 Notice ------ --- 2,8 ---- CAP - Columbia AppleTalk Package for UNIX o RELEASE NOTES ! o CAP Distribution 6.0, Patch Level 107, June 1992 Notice ------