source: trunk/third/lprng/doc/LPRng-HOWTO-4.html @ 14517

Revision 14517, 32.4 KB checked in by mwhitson, 25 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r14516, which included commits to RCS files with non-trunk default branches.
RevLine 
[12499]1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
2<HTML>
3<HEAD>
[13097]4 <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
5 <TITLE> LPRng-HOWTO: Installing the Software</TITLE>
6 <LINK HREF="LPRng-HOWTO-5.html" REL=next>
7 <LINK HREF="LPRng-HOWTO-3.html" REL=previous>
8 <LINK HREF="LPRng-HOWTO.html#toc4" REL=contents>
[12499]9</HEAD>
10<BODY>
11<A HREF="LPRng-HOWTO-5.html">Next</A>
12<A HREF="LPRng-HOWTO-3.html">Previous</A>
13<A HREF="LPRng-HOWTO.html#toc4">Contents</A>
14<HR>
[13097]15<H2><A NAME="installation"></A> <A NAME="installingprograms"></A> <A NAME="s4">4. Installing the Software</A></H2>
[12499]16
17<P>The basic components of the LPRng system are the executables
18and the database files.
19This section deals with generating and installing the executable
20files.
[14516]21<H2><A NAME="ss4.1">4.1 Source Code and Support Programs</A>
[12499]22</H2>
23
[14516]24<P>
25<OL>
26<LI>Obtain the latest version of the LPRng source code from a
27<A HREF="LPRng-HOWTO-1.html#secftp">LPRng FTP Site</A>.</LI>
28<LI>Obtain the GNU Zip (compression) program from one of the many
29<A HREF="http://prep.ai.mit.edu">GNU Software Mirror Sites</A>
30and install it.
31See the directions in the GNU Zip distribution for details.</LI>
32<LI>Obtain the GNU Make program from one of the many
33<A HREF="http://prep.ai.mit.edu">GNU Software Mirror Sites</A>.
34and install it.
35See the directions in the GNU Zip distribution for details.
36This program will be referred to as
37<CODE>gmake</CODE> in the installation instructions.</LI>
38<LI>Obtain an ANSI C compiler.
39The GCC compiler (from the
40<A HREF="http://prep.ai.mit.edu">GNU Software Mirror Sites</A>)
41is strongly recommended.</LI>
42<LI>Solaris Sparc and X86 Binaries for GCC and Make  can be obtained from
43<A HREF="http://smc.vnet.net/">http://smc.vnet.net/</A>.</LI>
44</OL>
45<H2><A NAME="ss4.2">4.2 Configuration</A>
46</H2>
47
48<P>
[13097]49<P>The LPRng package consists of:
50<UL>
51<LI> <EM><CODE>lpd</CODE></EM> - the LPD print server program</LI>
52<LI><EM><CODE>lpr</CODE></EM>,
53<EM><CODE>lpq</CODE></EM>,
54<EM><CODE>lprm</CODE></EM>,
[14516]55<EM><CODE>lpstat</CODE></EM>,
[13097]56and
57<EM><CODE>lpc</CODE></EM> -
58client programs for printing,
59status queries, job removal, and server configuration respectively.</LI>
[14516]60<LI><EM><CODE>printcap</CODE></EM> print queue database file.</LI>
61<LI><EM><CODE>lpd.conf</CODE></EM> LPRng configuration options.</LI>
62<LI><EM><CODE>lpd.perms</CODE></EM> permission information.</LI>
[13097]63</UL>
[14516]64<P>By tradition,
[13097]65UNIX systems have installed printer utilities in
66in widely varied locations such as
67<CODE>/usr/lib</CODE>,
68<CODE>/usr/bin</CODE>,
69<CODE>/usr/libexec</CODE>,
70<CODE>/usr/ucb</CODE>,
71<CODE>/opt</CODE>,
72<CODE>/usr/sbin</CODE>,
73and
74<CODE>/usr/etc/</CODE>.
[14516]75This can lead to a great deal of confusion when installation LPRng.
76To simplify the installation,
77the <CODE>configure</CODE> program is used to specify the exact locations
78of programs.
79It does this by setting the following variables that are
80used during the installation process:
81<BLOCKQUOTE><CODE>
82<PRE>
83Installation directory variables:
84  ${prefix}  (default /usr/local)
85  ${exec_prefix}  (default ${prefix})
86  ${bindir}  is usually ${exec_prefix}/bin, (/usr/local/bin)
87  ${sbindir} is usually ${exec_prefix}/sbin (/usr/local/sbin)
88  ${libexecdir} is usually ${exec_prefix}/libexec (/usr/local/libexec)
89  ${sysconfdir} is usually ${prefix}/etc (/usr/local/etc)
90  ${mandir} is usually ${prefix}/man     (/usr/local/man)
91</PRE>
92</CODE></BLOCKQUOTE>
93<P>These values are used as follows by the LPRng installation
94procedures (* indicates default SETUID root executable):
95<BLOCKQUOTE><CODE>
96<PRE>
97Executables:
98  ${bindir}/   lpr *, lprm *, lpq *, lpstat *
99  ${sbindir}/  lpc *, checkpc, lpd *
100  ${libexecdir}/filters/ lpf, banner, etc
101Configuration:
102  ${sysconfdir}/ lpd.conf, lpd.perms, printcap
103Man Pages
104  ${mandir}/ man pages
105</PRE>
106</CODE></BLOCKQUOTE>
107<P>The <CODE>configure</CODE> program has options which allow us to override and
108specify the new values or exact locations for these files.
109For a complete list of configuration options,
110use the <CODE>configure --help</CODE> option.
111You can set explicit values for the
112<CODE>prefix</CODE>
113<CODE>bindir</CODE>
114<CODE>sbindir</CODE>
115<CODE>libexecdir</CODE>
116and
117<CODE>mandir</CODE> variables using the <CODE>--name=PATH</CODE>
118option.
119For example,
120<CODE>/configure --prefix=/usr</CODE> will set the
121<CODE>${prefix}</CODE> variable to <CODE>/usr</CODE>,
122and files will be installed in
123<CODE>/usr/bin</CODE>,
124<CODE>/usr/sbin</CODE>,
125<CODE>/usr/libexec/filter</CODE>,
126and
127<CODE>/etc</CODE>.
128<P>In addition to these general purpose options,
129the <CODE>configure</CODE> script has the following LPRng specific ones.
130These options allow extremely specific actions to be taken to control
131how and were the various files are copied and used.
132<DL>
133<DT><B><CODE>--disable-setuid</CODE></B><DD><P>Install the executables without setuid ROOT permissions.
134<DT><B><CODE>--disable-strip</CODE></B><DD><P>Do not strip the executables before installing.
135<DT><B><CODE>--enable-priv_ports.</CODE></B><DD><P>Require connections to be made from a privileged port.
136<DT><B><CODE> --disable-force_localhost.  </CODE></B><DD><P>By default,
137the LPRng software is configured to expect to have a server running
138on the local host.
139This option will cause the location of the server to be obtained from the
140<CODE>lpd.conf</CODE> or <CODE>printcap</CODE> information.
141<DT><B><CODE> --with-lpddir=DIR.  </CODE></B><DD><P>lpd executable directory (default ${sbindir}).
142<DT><B><CODE> --with-filterdir=DIR.  </CODE></B><DD><P>Filter directory (default ${libexecdir}/filters).
143<DT><B><CODE> --with-lpd_conf_path=PATH.  </CODE></B><DD><P>Path of <CODE>lpd.conf</CODE> file.
144<DT><B><CODE> --with-lpd_perms_path=PATH </CODE></B><DD><P>Path of <CODE>lpd.perms</CODE> file.
145<DT><B><CODE> --with-printcap_path=PATH </CODE></B><DD><P>Path of <CODE>printcap</CODE> file.
146</DL>
147<H2><A NAME="ss4.3">4.3 Installation</A>
[12499]148</H2>
149
[13097]150<P>Unpack,  configure,
151compile, and install,
152and initialize the distribution using:
153<BLOCKQUOTE><CODE>
[12499]154<PRE>
[13097]155gunzip -c LPRng-&lt;version>.tgz | tar xvf -
156cd LPRng-&lt;version>
[14516]157# see discussion above for configuration options
158# This configuration uses the standard /etc/printcap file
159./configure --with-printcap_path=/etc/printcap
160           [with other options as required]
[13097]161gmake clean all
[12499]162su   # you must do the following commands as root
[13097]163gmake install
[12499]164# if  you have not installed LPRng before,
165# install default lpd.perms and lpd.conf file in /etc
166if [ ! -f /etc/lpd.perms ]; then
167    make default;
168fi;
169# update permissions,  create files needed for LPRng, check
170# /etc/printcap file for problems.  Do as root:
171./src/checkpc -f
172</PRE>
[13097]173</CODE></BLOCKQUOTE>
174<P>
[14516]175<H2><A NAME="ss4.4">4.4 Solving Installation Problems</A>
[13097]176</H2>
177
178<P>The <CODE>configure</CODE>
179script will determine the type of system and establish a set of defaults
180for compilation and installation.
181The <CODE>LPRng/INSTALL</CODE>
182file contains detailed descriptions of the various configuration options and
183capabilities.
184<P>If you have problems compiling the package, you can try these things:
185<OL>
186<LI>Compiler complains about missing files or has a large number of
187errors.<BR>
188Try <CODE>gcc</CODE> instead of your vendor's C compiler.
189This can be done either by setting
190the
191<CODE>CC</CODE> environment variable or using the
192<CODE>--with-cc</CODE> configure option.
193<BLOCKQUOTE><CODE>
[12499]194<PRE>
[13097]195CC=gcc ./configure
196   OR
197configure --with-cc=gcc
[12499]198</PRE>
[13097]199</CODE></BLOCKQUOTE>
200
201</LI>
202<LI>Missing libraries or include files.<BR>
203Usually this is caused when include files are in
204<CODE>/usr/local/include</CODE>
205and libraries are in
206<CODE>/usr/local/include</CODE>
207and these paths are not searched or used by the compiler.
208This can be fixed by setting the
209<CODE>CPPFLAGS</CODE> and <CODE>LDFLAGS</CODE> environment variables,
210or using the
211<CODE>--with-cppopts=</CODE>
212and
213<CODE>--with-ldopts=</CODE>
214configure options.
215<BLOCKQUOTE><CODE>
[12499]216<PRE>
[13097]217CPPFLAGS="-I/usr/local/include -I/usr/include/kerberosIV" \
218  LDFLAGS="-L/usr/local/lib -L/usr/lib/kerberosIV" \
219  ./configure
220   OR
221configure --with-cppopts="-I/usr/local/include -I/usr/include/kerberosIV" \
222  --with-ldopts="-L/usr/local/lib -L/usr/lib/kerberosIV"
[12499]223</PRE>
[13097]224</CODE></BLOCKQUOTE>
225</LI>
226</OL>
227<P>The <CODE>configure</CODE> and <CODE>make</CODE> steps must be run on
[12499]228the target host,
229especially if the target host has a different version of the operating system.
230This is extremely important for SunOS or Solaris,
231where
232there tend to be changes in the system's include files between
233versions
[13097]234as well as support libraries.
[14516]235<P>Read the notes for your OS in section
[13097]236<A HREF="LPRng-HOWTO-5.html#sysdep">System-dependent notes</A>
[12499]237for specific installation help (if any).
[13097]238<H2><A NAME="disablelocalhost"></A> <A NAME="ss4.5">4.5 Advanced Configuration Options</A>
[12499]239</H2>
240
[13097]241<P>While the default LPRng configuration will be suitable for most
242individual users,
243administrators of large sites or which need to support
244<I>lightweight print clients</I>
245will need to use the following configure options.
[12499]246<OL>
[13097]247<LI><CODE>--disable-force_localhost</CODE><BR>
248The default LPRng configuration assumes that all printing will be done
249via a <CODE>lpd</CODE> print spooler running on the local host system.
250However,
251many larger sites prefer that all users do their printing via a
252few central servers,
253and do not run
254<CODE>lpd</CODE> servers on user systems.
255The
256<CODE>--disable-force_localhost</CODE>
[14516]257configuration will simply this type of operation by eliminating the need for a
258<CODE>/etc/lpd.conf</CODE> file to override the <CODE>force_localhost</CODE> option.</LI>
259<LI><CODE>--disable-setuid</CODE><BR>
260This option will install the LPRng executables without SETUID permissions.
261Non-setuid clients and programs are inherently more secure than SETUID programs,
262and system administrators would be well advised to install them without
263SETUID root permissions.
264Please see
265<A HREF="#setuid">Advanced Security Considerations</A>
266for more details about this option.</LI>
267<LI><CODE>--enable-priv_ports</CODE><BR>
268This option will install a default
269<CODE>lpd.perms</CODE> file which disallows connections from non-privileged ports.
270In effect,
271this will require that on UNIX systems the originating user be root or
272the program be SETUID root.
273By default,
274LPRng will allow connections from any port.
275Please see
276<A HREF="#setuid">Advanced Security Considerations</A>
277for more details about this option.</LI>
278<LI><CODE>--disable-require_configfiles</CODE><BR>
279By default, the
280<CODE>lpr</CODE>,
281<CODE>lpq</CODE>,
282<CODE>lpc</CODE>, ...
283clients will require a <CODE>lpd.conf</CODE> file and the <CODE>printcap</CODE>
284to be present.
285The
286<CODE>--disable-require_configfiles</CODE>
287option relaxes this requirement,
288and if the files are missing,
289will not complain.</LI>
[12499]290</OL>
[14516]291<H2><A NAME="requireconfig"></A> <A NAME="ss4.6">4.6 Printcap and lpd.conf files</A>
[12499]292</H2>
293
[14516]294<P>The <CODE>printcap</CODE> file contains the definitions of print queues
[13097]295and other information used by LPRng.
[14516]296The exact location of the file is determined by the
297<CODE>configure</CODE> options and defaults for your system.
298The default used by <CODE>configure</CODE> is <CODE>/usr/local/etc/printcap</CODE>,
299but it is more commonly found in <CODE>/etc/printcap</CODE>.
300If your system does not have an <CODE>printcap</CODE> file,
[13097]301then the following is suitable for initial testing and configuration:
302<BLOCKQUOTE><CODE>
[12499]303<PRE>
[13097]304# test printcap file
305lp:cm=Test Printcap Entry:
306 :lp=/dev/null
307 :sd=/usr/spool/lpd/lp
[12499]308</PRE>
[13097]309</CODE></BLOCKQUOTE>
[14516]310<P>The <CODE>lpd.conf</CODE>
311(default location is <CODE>/usr/local/etc/lpd.conf</CODE>)
[13097]312file contains settings that override the defaults provided at compile time.
[14516]313You will find a prototype or template <CODE>lpd.conf</CODE> file in the LPRng distribution.
314If you do not have an existing <CODE>lpd.conf</CODE> file,
315the default one will be installed.
316You can install this by hand using:
[13097]317<BLOCKQUOTE><CODE>
[12499]318<PRE>
[14516]319astart > cd LPRng/src
[13097]320astart > su
[14516]321ASTART # cp lpd.conf /usr/local/etc/lpd.conf
322ASTART # chmod 644 /usr/local/etc/lpd.conf
[12499]323</PRE>
[13097]324</CODE></BLOCKQUOTE>
[14516]325<P>The various client programs such as
326<CODE>lpr</CODE>,
327<CODE>lpq</CODE>,
328etc. will check for a <CODE>lpd.conf</CODE> and <CODE>printcap</CODE>
329file.
330You can relax this requirement by setting
331the
332<CODE>require_configfile</CODE> option false
333(<CODE>require_configfile@</CODE>)
334by using the configuration option <CODE>--disable-require_configfile</CODE>,
335by setting the <CODE>require_configfile</CODE> option in the
336<CODE>lpd.conf</CODE> file,
337or building the
338executables with <CODE>make REQUIRE_CONFIGILE="1"</CODE>.
[13097]339<H2><A NAME="user"></A> <A NAME="group"></A> <A NAME="ss4.7">4.7 Security, Permissions, and CHECKPC</A>
[12499]340</H2>
341
[13097]342<P>By default,
343the <CODE>lpd</CODE> server is run as a ROOT (user 0)
344process.
345(This is true not only for LPRng,  but also for all
346other system processes which are started at boot time.)
347However,
348normally LPRng will do operations as a non-privileged user and group
349which is defined by the value of the
350<CODE>user</CODE> (default <CODE>daemon</CODE>) and
351<CODE>group</CODE> (default <CODE>daemon</CODE>) option
352in the <CODE>/etc/lpd.conf</CODE> configuration file
353or the compile time defaults in the
354<CODE>LPRng/src/vars.c</CODE> file.
355<P>The following steps must be taken in order to preserve
356system security:
[12499]357<OL>
[13097]358<LI>Create a user and group <CODE>daemon</CODE> on the system.
359This user does not need login privileges,
360but will need a home directory if secure authentication
361such as Kerberos or PGP will be done.</LI>
[14516]362<LI>The <CODE>lpd.conf</CODE>
[13097]363file should be owned by root (user 0),
364and should have read-only (0444) permissions.</LI>
[14516]365<LI>The <CODE>printcap</CODE>
[13097]366file should be owned by root (user 0),
367and should have read-only (0444) permissions.</LI>
368<LI>The spool and working directories used by LPRng should be
369owned by user <CODE>daemon</CODE>,  group <CODE>daemon</CODE>,
370and have 0700 permissions (accessible only by user <CODE>daemon</CODE>).</LI>
[12499]371</OL>
[13097]372<H3>Using CHECKPC</H3>
[12499]373
374<P>The
[13097]375<CODE>checkpc</CODE>
376program is used to make sure that
377the spool directories and files used by LPRng have the correct permissions
378and are in place.
379By default,
380<CODE>checkpc</CODE> will check permissions and report if there are any problems.
381You should run this as <CODE>root</CODE>.
382For example:
383<BLOCKQUOTE><CODE>
[12499]384<PRE>
[13097]385% astart > su
386#>cd LPRng/src
387#>./checkpc
[14516]388Warning - No configuration file '/usr/local/etc/lpd.conf'
389Warning - No lpd only printcap file found in '/usr/local/lpd_printcap'
[13097]390Warning -  ** cannot open '/var/run/lpd.printer' - 'Permission denied'
391Warning -  bad directory - /var/spool/lpd/lp
392Warning -   Printer_DYN 'lp' spool dir '/var/spool/lpd/lp' needs fixing
[12499]393</PRE>
[13097]394</CODE></BLOCKQUOTE>
395<P>In the above example,
[14516]396<CODE>checkpc</CODE> has discovered that the <CODE>lpd.conf</CODE>
[13097]397file is missing.
398This is not a serious problem if the system defaults are to be used,
399but you might want to put the default <CODE>LPRng/lpd.conf</CODE> file from the
400distribution in place.
401<P>The <I>lpd only printcap</I>
402message is usually of concern to administrators who wish to use some of
403LPRng's more exotic configuration options.
[14516]404It is possible to have separate printcap databases for client and server programs.
[13097]405This is useful when printcap files get extremely large and cuts down
406substantially on system management problems.
407<P>The permission denied message for <CODE>/var/run/lpd.printer</CODE> is more serious,
408as the <CODE>lpd</CODE> server uses this as a lock file.
409<P>The <I>bad directory</I> message about the spool directory is usually caused by
410bad permissions or when the directory is missing.
411<P>The <CODE>checkpc -f</CODE> option causes <CODE>checkpc</CODE> to take action to rectify errors.
[14516]412You can see what is happening if you run it with the <CODE>-V</CODE> (verbose) option:
[13097]413<BLOCKQUOTE><CODE>
[12499]414<PRE>
[13097]415% astart > su
416#>cd LPRng/src
417# ./checkpc -f -V
418LPRng version LPRng-3.6.1
419 DaemonUID 1, DaemonGID 12
[14516]420Using Config file '/usr/local/etc/lpd.conf'
421Checking for configuration files '/usr/local/etc/lpd.conf'
422Warning - No configuration file found in '/usr/local/etc/lpd.conf'
423Checking for printcap files '/usr/local/etc/printcap'
424  found '/usr/local/etc/printcap', mod 0100644
[13097]425Checking for lpd only printcap files
[14516]426     '/usr/local/etc/lpd_printcap'
[13097]427Warning - No lpd only printcap file found in
[14516]428     '/usr/local/etc/lpd_printcap'
[13097]429LPD lockfile '/var/run/lpd.printer'
430  checking '/var/run/lpd.printer' file
431Names
432 :lp=lp
433All
434 :lp
435Printcap Information
436lp
437 :force_localhost
438 :lp=lw4@astart4.astart.com
439 :sd=/var/spool/lpd/lp
440Checking printcap info
441Checking printer 'lp'
442 Checking directory: '/var/spool/lpd/lp'
443  file 'control.lp', size 0 K, unchanged in 2 hours
444  file 'status.lp', size 0 K, unchanged in 2 hours
445  file 'status', size 0 K, unchanged in 2 hours
446  file 'log', size 0 K, unchanged in 2 hours
447  checking 'control.lp' file
448  checking 'status.lp' file
449  checking 'status' file
450  cleaning 'status' file, 0 bytes long: no truncation
451  checking 'log' file
452  cleaning 'log' file, 0 bytes long: no truncation
[12499]453</PRE>
[13097]454</CODE></BLOCKQUOTE>
455<P>As you can see, <CODE>checkpc</CODE> can not only print detailed information about your
456printing system,  but it also fixes up the various problems.
[14516]457<H3><A NAME="setuid"></A> Advanced Security Concerns</H3>
[12499]458
[13097]459<P>While <CODE>checkpc</CODE> will set permissions,
460there is always the problem with undetected errors in the LPRng
461software that,
462when exploited,
463could cause severe system problems.
464The most serious concern is that of gaining root (user 0) permissions.
465<P>One way to avoid this is to run
466<I>client</I>
467programs without root permission.
[14516]468This operation is possible for LPRng
[13097]469in contrast to other print spooling software.
[14516]470<P>A serious concern when LPRng runs as a nonprivileged
471user (daemon) is the fact that the RFC protocol specifies
472that connections are made to port 515
473and
474<CODE>lpd</CODE>
475requires root permissions to open and bind to port 515.
[13097]476One option is to have the <CODE>lpd</CODE> server drop root permissions
477soon after binding to this port and before accepting any user
478commands.
479However,
[14516]480in order to fully compatible with RFC1179,
[13097]481<CODE>lpd</CODE> must originate connections from a <I>reserved</I>
482port in the range 721-731,
[14516]483although in practice port 1-1023 seems to be acceptable.
484<P>If inter-operability with non-LPRng print spoolers is not desired,
[13097]485then it is <I>trivial</I>
486to configure LPRng using the <CODE>lpd.conf</CODE>
487file or by modifying the compile time
488<CODE>lpd_port</CODE>
489value in the file or the <CODE>LPRng/src/vars.c</CODE>
490so that all the software will run
491as client programs.
492For example,
493in the <CODE>/etc/lpd.conf</CODE> file,
494you only need to change the indicated lines:
495<BLOCKQUOTE><CODE>
[12499]496<PRE>
[13097]497# Purpose: lpd port
498#   default lpd_port=printer
499lpd_port=2000
[12499]500</PRE>
[13097]501</CODE></BLOCKQUOTE>
502<P>Now all the LPRng software will use port 2000 to transfer jobs and
503commands.
504You can also use this facility to establish a
505<I>private</I> set of print spoolers which can be used for testing.
506<H2><A NAME="ss4.8">4.8 Stopping Existing Spooler Software</A>
[12499]507</H2>
508
[13097]509<P>The next step is to shut down and remove the existing print
510spooler,
511and test the functionality of the LPRng <CODE>lpd</CODE>
512programs.
513Unfortunately,
514this process is fairly system dependent,
515and requires a small amount of system expertise.
516In addition to these general directions,
517you should see the
518<A HREF="LPRng-HOWTO-5.html#sysdep">System specific notes</A> for your system.
519<H3>SunOS and BSD Derived</H3>
[12499]520
[13097]521<P>This section provides instructions for  systems that use the
522<CODE>lpd</CODE> print services,
523such as SunOS,
524BSD derived systems,
525and Linux based systems.
526These systems use an <CODE>lpd</CODE> print server,
527as does LPRng.
528<P>We first kill the currently running <CODE>lpd</CODE> process.
529While there may be a system shutdown script
530in the <CODE>/etc/rc.d/</CODE> directory or other location for this,
531do not bother using it.
532<BLOCKQUOTE><CODE>
[12499]533<PRE>
[13097]534# most BSD Systems
535ps -auxw |grep lpd
536# Kill it twice
537kill (pid of lpd server)
538#  This should report an error - if not then lpd did not terminate
539kill (pid of lpd server)
540#
[12499]541
[13097]542Example:
543astart % ps -axuw |grep lpd
544papowell 23932  0.0  0.3  224  184  p3  S+  10:40AM  0:00.01 grep lpd
545daemon  17763  0.0  0.2  448  120  ??  IWs  29Mar99  0:01.35 (lpd)
546astart % kill 135
547astart % kill 135
548135: No such process
[12499]549</PRE>
[13097]550</CODE></BLOCKQUOTE>
551<P>Next,
552you should remove or rename the existing print system executables.
553The following example shows how to use the
554<CODE>find</CODE> utility to track down candidates.
555<BLOCKQUOTE><CODE>
[12499]556<PRE>
[13097]557astart# find /usr -type f -name lp\*  -print >/tmp/candidates
558astart# find /sbin -type f -name lp\*  -print >>/tmp/candidates
559astart# cat /tmp/candidates
560/usr/bin/lpunlock
561/usr/bin/lpqall.faces
562/usr/bin/lpq             &lt;---- old
563/usr/bin/lpr             &lt;---- old
564/usr/bin/lprm            &lt;---- old
565/usr/bin/lptest
566/usr/doc/samba-1.9.18p10/examples/printer-accounting/lp-acct
567/usr/man/man1/lpq.1
568/usr/man/man1/lpr.1
569/usr/man/man1/lprm.1
570/usr/man/man1/lptest.1
571/usr/man/man4/lp.4
572/usr/man/man8/lpc.8
573/usr/man/man8/lpd.8
574/usr/sbin/lpc            &lt;--- old
575/usr/sbin/lpd            &lt;--- old
576/usr/sbin/lpf            &lt;--- old
577/usr/local/bin/lpc    &lt;-- LPRng
578/usr/local/bin/lpq    &lt;-- LPRng
579/usr/local/bin/lpr    &lt;-- LPRng
580/usr/local/bin/lprm   &lt;-- LPRng
581/usr/local/sbin/lpd   &lt;-- LPRng
582astart # mv /usr/bin/lpq  /usr/bin/lpq.old
583astart # mv /usr/bin/lpr  /usr/bin/lpr.old
584astart # mv /usr/bin/lprm /usr/bin/lprm.old
585astart # mv /usr/sbin/lpc /usr/sbin/lpc.old
586astart # mv /usr/sbin/lpd /usr/sbin/lpd.old
587astart # mv /usr/sbin/lpf /usr/sbin/lpf.old
588...
[12499]589</PRE>
[13097]590</CODE></BLOCKQUOTE>
591<H3>Solaris, HP, AIX, and SysVR4 Derived Systems</H3>
[12499]592
[13097]593<P>The original SysVR4 and other related systems did not have
594any support for RFC1179 network printing (Berkeley LPD).
595Support for this was added by various manufacture specific methods.
596Unfortunately,
597there are a wide range of possibilities.
598<P>The <CODE>lpsched</CODE> process (<CODE>/usr/lib/lp/lpsched/</CODE>)
599process performs many of the functions of the LPRng and BSD
600<CODE>lpd</CODE>
601server.
602On Solaris systems,
603it also stats the
604<CODE>lpNet</CODE>
605server that provides network print services.
606Unfortunately,
607no <I>simple</I> and reliable method of shutting down a running <CODE>lpsched</CODE>
608process
609and the associated network services has been found.
610However,
611it turns out to be very simple to <EM>prevent</EM> the services from
612being started.
613<P>First,
614you will need to locate the <CODE>/etc/rc</CODE> startup files
615that start system services.
616During system startup,
617a set of shell scripts stored in the <CODE>/etc/rc.d</CODE>
[14516]618directories are executed.
[13097]619The individual startupfile files are usually links to a
620common one in the <CODE>/etc/init.d</CODE> directory.
621You first need to find the files containing the startup commands.
622This is done as shown below:
623<BLOCKQUOTE><CODE>
[12499]624<PRE>
[13097]625SUN # cd /
626SUN # grep -l lpsched /etc/rc* /etc/rc*/* init.d/* init.d/*/* >/tmp/files
627SUN # cat /tmp/files
628/etc/rc0.d/K20lp
629/etc/rc2.d/K20lp
630/etc/rc2.d/S80lp
631/etc/init.d/lp
632># ls -l ` cat /tmp/files `
633lrwxrwxr-x 1 root bin 1 Dec 29 23:39 /etc/rc0.d/K20lp -> ../../init.d/lp
634lrwxrwxr-x 1 root bin 1 Dec 29 23:39 /etc/rc2.d/K20lp -> ../../init.d/lp
635lrwxrwxr-x 1 root bin 1 Dec 29 23:39 /etc/rc2.d/S80lp -> ../../init.d/lp
636-rwxr--r-- 5 root sys 460 Sep 1 1998 /etc/rcS.d/K39lp
[12499]637</PRE>
[13097]638</CODE></BLOCKQUOTE>
639<P>Here is the contents of the typical script file,  with the
640indicated modifications that should be made for testing
641<BLOCKQUOTE><CODE>
[12499]642<PRE>
[13097]643#!/sbin/sh
[12499]644
[13097]645#### ADD THE FOLLOWING LINE TO EXIT EARLY
646exit 0
647#### THE REST IS THE USUAL SCRIPT
648case "$1" in
649'start')
650    [ -f /usr/lib/lpsched ] &amp;&amp; /usr/lib/lpsched ;;
651'stop' )
652    [ -f /usr/lib/lpshut ] &amp;&amp; /usr/lib/lpshut ;;
653*)
654    echo "Usage: $0 { start | stop }"
655    exit 1
656esac
657exit 0
[12499]658</PRE>
[13097]659</CODE></BLOCKQUOTE>
660<P>Next,
661as for the BSD installation,
662we will find all of the printing related commands and rename them.
663You can either rename them one by one,
664or use the script method shown below.
665The minimum of the indicated files should be renamed.
666<BLOCKQUOTE><CODE>
[12499]667<PRE>
[13097]668SUN # find /usr -type f -name lp\* -print >/etc/printingfiles
669SUN # cat /tmp/printingfiles
670/usr/bin/lp          &lt;---
671/usr/bin/lpstat      &lt;---
672/usr/lib/lp/bin/lp.cat
673/usr/lib/lp/bin/lp.set
674/usr/lib/lp/bin/lp.tell
675/usr/lib/lp/lpNet    &lt;---
676/usr/lib/lp/lpsched  &lt;---
677/usr/lib/lp/lpdata   &lt;---
678/usr/sbin/lpadmin    &lt;---
679/usr/sbin/lpfilter   &lt;---
680/usr/sbin/lpforms    &lt;---
681/usr/sbin/lpmove     &lt;---
682/usr/sbin/lpshut     &lt;---
683/usr/sbin/lpsystem   &lt;---
684/usr/sbin/lpusers    &lt;---
685/usr/ucb/lpc         &lt;---
686/usr/ucb/lpq         &lt;---
687/usr/ucb/lpr         &lt;---
688/usr/ucb/lprm        &lt;---
689/usr/ucb/lptest
690SUN # for i in ` cat /tmp/printingfiles ` ; do
691>  mv $i $i.old
692>  done
[12499]693</PRE>
[13097]694</CODE></BLOCKQUOTE>
695<P>Next, you find if there is a <I>cron</I> job scheduled
696by the file
697<CODE>/var/spool/cron/crontabs/lp</CODE>
698to periodically update and roll over error logs. 
699If there is, you should
700(after having saved the file)
701remove it.
702<BLOCKQUOTE><CODE>
[12499]703<PRE>
[13097]704cp /var/spool/cron/crontabs/lp /etc/cron.crontabs.lp
[12499]705</PRE>
[13097]706</CODE></BLOCKQUOTE>
707<P>Check the <CODE>/etc/inetd.conf</CODE> file for a line like:
708<BLOCKQUOTE><CODE>
[12499]709<PRE>
[13097]710printer stream tcp nowait root /usr/lib/print/in.lpd in.lpd
[12499]711</PRE>
[13097]712</CODE></BLOCKQUOTE>
713<P>Comment out this line.
714This line is not present on all systems.
715<P>Now we must <EM>reboot</EM>  the machine.  You can use
716<CODE>reboot</CODE> if you are in a rush,
717and <CODE>shutdown</CODE> if you are not.
718<BLOCKQUOTE><CODE>
[12499]719<PRE>
[13097]720SUN # reboot
721or
722SUN # shutdown -y "Whooga! Whooga! Dive! Dive! System going down."
[12499]723</PRE>
[13097]724</CODE></BLOCKQUOTE>
725<P>When the system reboots,
726check to make sure that the
727<CODE>lpd</CODE> server is not listening on port 515.
728<BLOCKQUOTE><CODE>
[12499]729<PRE>
[13097]730SUN # telnet localhost 515
731Trying 127.0.0.1...
732telnet: Unable to connect to remote host: Connection refused
[12499]733</PRE>
[13097]734</CODE></BLOCKQUOTE>
735<P>If you do get a connection established
736then you must use <CODE>nlsadmin</CODE> to force the
737<I>tcpip listener</I> to release the port, as illustrated below.
738<BLOCKQUOTE><CODE>
[12499]739<PRE>
[13097]740SUN # nlsadmin -v tcp
741lpd  \x00020203000000000000000000000000  ENABLED  \
742  NORPC  root  NOMODULES  /var/spool/lp/fifos/listenBSD  #
7430  \x00020ACE000000000000000000000000  ENABLED    \
744  NORPC  root  NOMODULES  /usr/lib/saf/nlps_server  #
745lp  NOADDR  ENABLED  NORPC  root  NOMODULES \
746  /var/spool/lp/fifos/listenS5  #
747SUN # nlsadmin -r lpd tcp
748SUN # nlsadmin -r lp tcp
[12499]749</PRE>
[13097]750</CODE></BLOCKQUOTE>
751<P>Once you disable this,
[14516]752you should try to reconnect to port 515.  If connection fails
[13097]753then you have a problem  and need to reboot once more.
[14516]754<P>You might also want to run
755<CODE>pmadm -l</CODE> and if you see anything other than zsmon stuff (e.g. lp
756stuff is there), then use <CODE>pmadm -r </CODE>to remove it.
757See the man page for details.
[13097]758<H2><A NAME="ss4.9">4.9 Initial System Testing</A>
[12499]759</H2>
760
[13097]761<P>We will now run the <CODE>lpd</CODE> executable in the
762<CODE>foreground</CODE> and <CODE>test</CODE> mode,
763and make sure that our system configuration is
764correct.
765It is best to do this with two screens or windows,
766as you will want to observe the output.
767<BLOCKQUOTE><CODE>
[12499]768<PRE>
[13097]769# > /usr/local/bin/lpd -F
770Fatal error - Another print spooler is using TCP printer port
771# > /usr/local/bin/lpd -F -D1
772...
7731999-04-05-10:02:37.755 astart10 [28903] lpd  Read_file_and_split: \
774  cannot open file '/etc/lpd.perms' - No such file or directory
7751999-04-05-10:02:37.758 astart10 [28903] lpd  Read_file_and_split: \
776  cannot open file '/usr/etc/lpd.perms' - No such file or directory
7771999-04-05-10:02:37.759 astart10 [28903] lpd  Build_printcap_info: \
778  list->count 0, raw->count 3
7791999-04-05-10:02:37.777 astart10 [28903] lpd  lpd: listening socket fd -6
780Fatal error - Another print spooler is using TCP printer port
7811999-04-05-10:02:37.782 astart10 [28903] lpd  Get_max_fd: getrlimit returns 64
7821999-04-05-10:02:37.783 astart10 [28903] lpd  Get_max_fd: returning 64
7831999-04-05-10:02:37.786 astart10 [28903] lpd  cleanup: done, doing killpg \
784   then exit(0)
[12499]785</PRE>
[13097]786</CODE></BLOCKQUOTE>
787<P>If you get the above error message,
788then you have either not killed off other the running <CODE>lpd</CODE> server
789or you are not starting the <CODE>lpd</CODE> server as ROOT.
790This is the most common error during setup.
[14516]791Correct the problem and then restart the server if necessary.
[13097]792You should see the output indicated below:
793<BLOCKQUOTE><CODE>
[12499]794<PRE>
[13097]795# > /usr/local/bin/lpd -F -D1
7961999-04-05-14:35:14.023 astart27 [2667] Waiting  lpd: LOOP START
7971999-04-05-14:35:14.024 astart27 [2667] Waiting  Get_max_servers: getrlimit returns 256
7981999-04-05-14:35:14.024 astart27 [2667] Waiting  Get_max_servers: returning 128
7991999-04-05-14:35:14.025 astart27 [2667] Waiting  lpd: max_servers 128, active 0
8001999-04-05-14:35:14.025 astart27 [2667] Waiting  lpd: starting select timeout 'yes', 600 sec
[12499]801</PRE>
[13097]802</CODE></BLOCKQUOTE>
803<P>Now from another window do the following commands:
804<BLOCKQUOTE><CODE>
[12499]805<PRE>
[13097]806# > lpq -Plp@localhost
807Printer: lp@astart
808 Queue: no printable jobs in queue
809# > lpq
810Printer: lp@astart
811 Queue: no printable jobs in queue
[12499]812</PRE>
[13097]813</CODE></BLOCKQUOTE>
814<P>At this point your LPRng software has been installed and tested.
815You still need to set up
816<I>Startup Scripts</I>
817to automatically start it at boot time,
818and
819<CODE>/etc/printcap</CODE>
820entries for your printers.
821<H2><A NAME="startup"></A> <A NAME="ss4.10">4.10 Startup Scripts</A>
[12499]822</H2>
823
[13097]824<P>The purpose of startup scripts is to automatically start the <CODE>lpd</CODE>
825print server at boot time.
826Again,
827the location and contents of these depend strongly on the
828version of the Operating System, and system vendor.
829<H3>SunOS and BSD Derived</H3>
[12499]830
[13097]831<P>In most of these systems the startup script
832for
833<CODE>lpd</CODE>
834is already present in the
835<CODE>/etc/rc</CODE> files
836and only has to be modified.
837It can be found by using:
838<BLOCKQUOTE><CODE>
[12499]839<PRE>
[13097]840ASTART # grep -l lp /etc/rc* /etc/rc*/* /etc/rc*/*/*
841/etc/rc
842ASTART # more /etc/rc
843...
844if [ -f /etc/printcap ]; then
845    echo -n ' printer';     /usr/sbin/lpd
846fi
[12499]847</PRE>
[13097]848</CODE></BLOCKQUOTE>
849<P> Modify this file so that path is to the LPRng <CODE>lpd</CODE> file.
850<H3>Solaris,  Linux, and SysVR4</H3>
[12499]851
[13097]852<P>These systems have individual startup files for each printing service.
853We need to update the startup files to reference the LPRng executables.
854<BLOCKQUOTE><CODE>
[12499]855<PRE>
[13097]856SUN # grep -l lp /etc/rc* /etc/rc*/* init.d/* init.d/*/* >/tmp/files
857SUN # cat /tmp/files
858/etc/rc0.d/K20lp
859/etc/rc2.d/K20lp
860/etc/rc2.d/S80lp
861/etc/init.d/lp
862># ls -l ` cat /tmp/files `
863lrwxrwxr-x  1 root  bin  1 Dec 29 23:39 /etc/rc0.d/K20lp -> ../../init.d/lp
864lrwxrwxr-x  1 root  bin  1 Dec 29 23:39 /etc/rc2.d/K20lp -> ../../init.d/lp
865lrwxrwxr-x  1 root  bin  1 Dec 29 23:39 /etc/rc2.d/S80lp -> ../../init.d/lp
866-rwxr--r--  5 root  sys  460 Sep 1 1998 /etc/rcS.d/K39lp
[12499]867</PRE>
[13097]868</CODE></BLOCKQUOTE>
869<P>Modify the startup files so that they use the LPRng <CODE>lpd</CODE> executable:
870<BLOCKQUOTE><CODE>
[12499]871<PRE>
[13097]872#!/sbin/sh
873case "$1" in
874'start')
875        [ -f /usr/local/bin/lpd ] &amp;&amp; /usr/local/bin/lpd
876        ;;
877'stop')
878    echo "Shutting down lpd: \c"
879    kill -2 `cat /var/run/lpd*` >/dev/null 2>1;
880        ;;
[12499]881
[13097]882*)
883        echo "Usage: $0 { start | stop }"
884        exit 1
885esac
886exit 0
[12499]887</PRE>
[13097]888</CODE></BLOCKQUOTE>
889<H2><A NAME="lpsimulation"></A> <A NAME="ss4.11">4.11 Replacing UNIX SystemV lp, lpstat Printing Services</A>
[12499]890</H2>
891
[13097]892<P>Many UNIX utilities in the Solaris and HP UNIX environment use the
893UNIX System V <CODE>lp</CODE> and <CODE>lpstat</CODE>
894programs.
895It is almost impossible to modify the programs themselves,
896as many are <EM>vintage</EM> software that is unsupported or which would
897be too costly to update.
898<P>In order to support these applications,
899LPRng provides simulation for the
900<CODE>lp</CODE>,
901<CODE>lpstat</CODE>,
902and
903<CODE>clean</CODE>
904commands.
905<P>The LPRng <CODE>lpstat</CODE> command is a modified version of the
906<CODE>lpq</CODE> command,
907and accepts the <CODE>lpstat</CODE> command line options and tries to return
908status in an <CODE>lpstat</CODE> format.
909<P>If the <CODE>lpr</CODE> program is invoked with the name <CODE>lp</CODE>,
[14516]910it will simulate the <CODE>lp</CODE> options.
[13097]911Finally, if the <CODE>lprm</CODE> program is invoked with the name <CODE>cancel</CODE>,
[14516]912it will simulate the <CODE>lp</CODE> options.
[13097]913This can be done by using symbolic links or copying the programs.
914<P>Note that many of the <CODE>vintage</CODE> applications have fully qualified
915paths to the <CODE>lp</CODE> and <CODE>lpstat</CODE> executables,
[14516]916so it will be necessary to copy them to the original program locations.
[13097]917<BLOCKQUOTE><CODE>
[12499]918<PRE>
[13097]919# original - /usr/bin/lp
920# original - /usr/bin/lpstat
921cd /usr/local/bin
922cp lpr /usr/bin/lp
923cp lpstat /usr/bin/lpstat
924cp lprm /usr/bin/cancel
[12499]925</PRE>
[13097]926</CODE></BLOCKQUOTE>
927<P>See the man pages for lp, lpstat, and cancel in the LPRng/man directory.
928Not all the functions of the original
929programs are supported and
930these man pages should be installed to replace the original
931lp, etc, man pages.
932<HR>
[12499]933<A HREF="LPRng-HOWTO-5.html">Next</A>
934<A HREF="LPRng-HOWTO-3.html">Previous</A>
935<A HREF="LPRng-HOWTO.html#toc4">Contents</A>
936</BODY>
937</HTML>
Note: See TracBrowser for help on using the repository browser.