HPE Community
Operating System - HP-UX
1827256 Members
2677 Online
109716 Solutions
New Discussion

Running lpsched as non-root user

 
Johnny2009
Occasional Contributor

‎10-05-2009 02:41 AM

‎10-05-2009 02:41 AM

Running lpsched as non-root user

Hi,

I wanted to try allowing users other than root, ability to run lpsched & lpshut.
If I change the persmissions on those executables, & run them as a different user, I get the message: "/usr/sbin/lpsched: this command for use only by LP Administrators".
Why is this? Is there something hardcoded in those programs that only allows root to run them?
I will probably use SUDO, to get round this. Just curious to know the mechanics of these programs refusing to run by other users.

TIA

Johnny
0 Kudos
Reply
5 REPLIES 5
Pete Randall
Outstanding Contributor

‎10-05-2009 02:51 AM

‎10-05-2009 02:51 AM

Re: Running lpsched as non-root user

You can also use restricted SAM (sam -r) to assign certain privileges, like lp administration, to individual users.


Pete

Pete
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎10-05-2009 04:02 AM

‎10-05-2009 04:02 AM

Re: Running lpsched as non-root user

The print queues must be protected so that one user can neither view nor modify any print jobs that belong to other users.

On the other hand, lpsched must be able to access all the print jobs. It must also be able to access all printers, which can mean direct serial/parallel port access for local printers, and access to low-numbered network ports for (some) remote printers.

Some lpd servers will refuse the print job unless the source-side port number is less than 1024: this is a historical artifact that makes sense only in Unix-only networks where all servers are under the same administration.

In a large central print server, shutting down the print scheduler can stop many print jobs. When it restarts, any interrupted print jobs are restarted from beginning: with a large print job, this can mean a lot of unneeded duplicate pages.

At least in USA, a company may have some printers dedicated to printing paychecks. A regular Joe User cannot be allowed to interfere with those jobs in any way.

The LP administrator is expected to be aware of the "big picture" and not stop and restart the scheduler for everyone just because one user's printout of the day's Dilbert seems to be hung.

As Pete said, HP-UX includes the tools to allow regular users to stop and start lpsched if you wish to do so.
MK
0 Kudos
Reply
Johnny2009
Occasional Contributor

‎10-05-2009 05:01 AM

‎10-05-2009 05:01 AM

Re: Running lpsched as non-root user

Thanks for both your replies.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎10-05-2009 05:16 AM

‎10-05-2009 05:16 AM

Re: Running lpsched as non-root user

Shalom,

sam -r is good, and will work normally, probably even on 11.31 systems where sam was "replaced" by smh. Even there much of whats under the hood is still sam.

Another solution is sudo.

Search http://software.hp.com for Internet Express and you can click in and download sudo.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Tim Nelson
Honored Contributor

‎10-05-2009 10:44 AM

‎10-05-2009 10:44 AM

Re: Running lpsched as non-root user

I third the motion for restricted SAM.

another choice could be sudo, but the SAM is the easiest to configure...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.