HPE Community
Operating System - HP-UX
1837218 Members
1909 Online
110115 Solutions
New Discussion

Re: LP Administrators

 
kevin Keegan
New Member

‎06-21-2000 01:58 AM

‎06-21-2000 01:58 AM

LP Administrators

How can I make a user an LP Administrator ? i.e. - so the user can run lpshut and lpsched commands.

Thank you.
I love HPUX.
0 Kudos
Reply
5 REPLIES 5
Alex Glennie
Honored Contributor

‎06-21-2000 03:11 AM

‎06-21-2000 03:11 AM

Re: LP Administrators

when executing the command "lpsched" the following error occurs:

LP: Administrator not in password file ..... is this your problem ? If so :

This error can be caused by any of the following:

1. No entry in /etc/passwd for lp. To correct this problem
insert the following line into /etc/passwd:

lp:*:9:2: LP spooler :/usr/spool/lp:/bin/csh

2. A corrupt /usr/lib/lpsched file. To correct this problem
retrieve the /usr/lib/lpsched file off a valid backup
tape or the HP-UX installation tape.

3. The permission on the file /etc/passwd. To correct this
problem execute the command:

chmod 444 /etc/passwd

PS Has last nights poor performance in Euro 2000 caused you to take up Unix Admin and give up managing the English football team ? ;)
0 Kudos
Reply
Andreas Voss
Honored Contributor

‎06-21-2000 03:13 AM

‎06-21-2000 03:13 AM

Re: LP Administrators

Hi,

if you want to provide lpshut/lpsched rights to normal users you have to make a setuid program which starts lpshut/lpshed with the sufficient rights.
Here my solution:
Write a little c program:
main(argc, argv)
int argc;
char **argv;
{
setuid(9); /* lp user */
setgid(2); /* bin group */
if(strstr(argv[0], "lpshut"))
execlp("/usr/sbin/lpshut", "lpshut", 0);
if(strstr(argv[0], "lpsched"))
execlp("/usr/sbin/lpsched", "lpsched", 0);
}

Compile the c source and put the executable for e. g. in /usr/local/bin/mylpshut
make a hard link to mylpsched:
ln /usr/local/bin/mylpshut /usr/local/bin/mylpsched
Change the owner to root:
chown root /usr/local/bin/mylpshut
Set the suid bit:
chmod 4111 /usr/local/bin/mylpshut

Now everybody can lpshut/lpsched with the new mylpshut/mylpsched.

The c program is quick and dirty:
no optional arguments are given to the original lpshut/lpsched.
It's free for you to add more features to it.

Greetings

Andrew
0 Kudos
Reply
Alex Glennie
Honored Contributor

‎06-21-2000 03:14 AM

‎06-21-2000 03:14 AM

Re: LP Administrators

my mistake for 10.20 I have the following entry in /etc/passwd :

lp:*:9:7::/var/spool/lp:/sbin/sh

good luck !
0 Kudos
Reply
Rick Garland
Honored Contributor

‎06-21-2000 05:52 AM

‎06-21-2000 05:52 AM

Re: LP Administrators

As an option, check into sudo.
This will give the specified user(s) the rights to run specified programs as root.

Can be obtained from the porting archive.
0 Kudos
Reply
melvyn burnard
Honored Contributor

‎06-21-2000 07:26 AM

‎06-21-2000 07:26 AM

Re: LP Administrators

why not take a look at the Restricted SAM faciility?
This allows you to set up a restricted verion of SAM, based on the user, and you configure what they can and cannot do.
sam -r is used to set this up for you.
man sam will also explain it for you.
My house is the bank's, my money the wife's, But my opinions belong to me, not HP!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.