HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Running lpsched as non-root user

 
Johnny2009
Occasional Contributor

Running lpsched as non-root user

Hi,

I wanted to try allowing users other than root, ability to run lpsched & lpshut.
If I change the persmissions on those executables, & run them as a different user, I get the message: "/usr/sbin/lpsched: this command for use only by LP Administrators".
Why is this? Is there something hardcoded in those programs that only allows root to run them?
I will probably use SUDO, to get round this. Just curious to know the mechanics of these programs refusing to run by other users.

TIA

Johnny
5 REPLIES
Pete Randall
Outstanding Contributor

Re: Running lpsched as non-root user

You can also use restricted SAM (sam -r) to assign certain privileges, like lp administration, to individual users.


Pete

Pete
Matti_Kurkela
Honored Contributor

Re: Running lpsched as non-root user

The print queues must be protected so that one user can neither view nor modify any print jobs that belong to other users.

On the other hand, lpsched must be able to access all the print jobs. It must also be able to access all printers, which can mean direct serial/parallel port access for local printers, and access to low-numbered network ports for (some) remote printers.

Some lpd servers will refuse the print job unless the source-side port number is less than 1024: this is a historical artifact that makes sense only in Unix-only networks where all servers are under the same administration.

In a large central print server, shutting down the print scheduler can stop many print jobs. When it restarts, any interrupted print jobs are restarted from beginning: with a large print job, this can mean a lot of unneeded duplicate pages.

At least in USA, a company may have some printers dedicated to printing paychecks. A regular Joe User cannot be allowed to interfere with those jobs in any way.

The LP administrator is expected to be aware of the "big picture" and not stop and restart the scheduler for everyone just because one user's printout of the day's Dilbert seems to be hung.

As Pete said, HP-UX includes the tools to allow regular users to stop and start lpsched if you wish to do so.
MK
Johnny2009
Occasional Contributor

Re: Running lpsched as non-root user

Thanks for both your replies.
Steven E. Protter
Exalted Contributor

Re: Running lpsched as non-root user

Shalom,

sam -r is good, and will work normally, probably even on 11.31 systems where sam was "replaced" by smh. Even there much of whats under the hood is still sam.

Another solution is sudo.

Search http://software.hp.com for Internet Express and you can click in and download sudo.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Tim Nelson
Honored Contributor

Re: Running lpsched as non-root user

I third the motion for restricted SAM.

another choice could be sudo, but the SAM is the easiest to configure...