1 | /* $Id: cups-print.pc,v 1.14 2009-12-07 20:28:34 zacheiss Exp $ |
---|
2 | * |
---|
3 | * This generates printcaps and other files for Athena print servers |
---|
4 | * |
---|
5 | * Copyright (C) 1992-1998 by the Massachusetts Institute of Technology. |
---|
6 | * For copying and distribution information, please see the file |
---|
7 | * <mit-copyright.h>. |
---|
8 | */ |
---|
9 | |
---|
10 | #include <mit-copyright.h> |
---|
11 | #include <moira.h> |
---|
12 | #include <moira_site.h> |
---|
13 | |
---|
14 | #include <sys/stat.h> |
---|
15 | #include <sys/types.h> |
---|
16 | |
---|
17 | #include <ctype.h> |
---|
18 | #include <stdio.h> |
---|
19 | #include <string.h> |
---|
20 | |
---|
21 | #include <time.h> |
---|
22 | #ifdef HAVE_KRB4 |
---|
23 | #include <krb.h> |
---|
24 | #endif |
---|
25 | #include <krb5.h> |
---|
26 | |
---|
27 | #include "util.h" |
---|
28 | |
---|
29 | EXEC SQL INCLUDE sqlca; |
---|
30 | |
---|
31 | RCSID("$Header: /afs/.athena.mit.edu/astaff/project/moiradev/repository/moira/gen/cups-print.pc,v 1.14 2009-12-07 20:28:34 zacheiss Exp $"); |
---|
32 | |
---|
33 | char *whoami = "cups-print.gen"; |
---|
34 | char *db = "moira/moira"; |
---|
35 | |
---|
36 | const int krbvers = 5; /* use Kerberos 5 */ |
---|
37 | |
---|
38 | /* OMG, I hate this, but it's cleaner, I guess? */ |
---|
39 | |
---|
40 | const char *alterjob = "<Limit Hold-Job Release-Job\ |
---|
41 | Restart-Job Purge-Jobs Reprocess-Job Set-Job-Attributes\ |
---|
42 | Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>"; |
---|
43 | const char *submitjob = "<Limit Create-Job Print-Job Print-URI\ |
---|
44 | Set-Job-Attributes Send-URI Create-Job-Subscription Renew-Subscription\ |
---|
45 | Cancel-Subscription Get-Notifications CUPS-Move-Job CUPS-Authenticate-Job>"; |
---|
46 | const char *alterpntr = "<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer\ |
---|
47 | CUPS-Add-Modify-Class CUPS-Delete-Class>"; |
---|
48 | const char *lpcpntr = "<Limit Pause-Printer Resume-Printer Enable-Printer\ |
---|
49 | Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs\ |
---|
50 | Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer\ |
---|
51 | Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After\ |
---|
52 | CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default>"; |
---|
53 | const char *canceljob = "<Limit Cancel-Job>"; |
---|
54 | const char *catchall = "<Limit All>"; |
---|
55 | const char *phost = "printers.MIT.EDU"; |
---|
56 | const char *svrlist = "cups-servers"; |
---|
57 | |
---|
58 | void do_host(char *host); |
---|
59 | void sqlerr(void); |
---|
60 | #ifndef MAX |
---|
61 | #define MAX(a, b) ( (a) > (b) ? (a) : (b) ) |
---|
62 | #endif |
---|
63 | |
---|
64 | int main(int argc, char **argv) |
---|
65 | { |
---|
66 | EXEC SQL BEGIN DECLARE SECTION; |
---|
67 | char name[MACHINE_NAME_SIZE]; |
---|
68 | EXEC SQL END DECLARE SECTION; |
---|
69 | |
---|
70 | init_acls(); |
---|
71 | |
---|
72 | EXEC SQL CONNECT :db; |
---|
73 | |
---|
74 | EXEC SQL WHENEVER SQLERROR DO sqlerr(); |
---|
75 | |
---|
76 | EXEC SQL DECLARE csr_hosts CURSOR FOR |
---|
77 | SELECT m.name FROM machine m, serverhosts sh |
---|
78 | WHERE m.mach_id = sh.mach_id AND (sh.service = 'CUPS-PRINT' OR sh.service = 'CUPS-CLUSTER') |
---|
79 | AND sh.enable = 1; |
---|
80 | EXEC SQL OPEN csr_hosts; |
---|
81 | while (1) |
---|
82 | { |
---|
83 | EXEC SQL FETCH csr_hosts INTO :name; |
---|
84 | if (sqlca.sqlcode) |
---|
85 | break; |
---|
86 | |
---|
87 | strtrim(name); |
---|
88 | do_host(name); |
---|
89 | } |
---|
90 | EXEC SQL CLOSE csr_hosts; |
---|
91 | |
---|
92 | exit(MR_SUCCESS); |
---|
93 | } |
---|
94 | |
---|
95 | void printer_user_list(FILE *out, char *type, int id, char *str, int striprealm) |
---|
96 | { |
---|
97 | struct save_queue *sq; |
---|
98 | struct imember *m; |
---|
99 | char kbuf[MAX_K_NAME_SZ]; |
---|
100 | char *cp; |
---|
101 | |
---|
102 | sq = get_acl(type, id, NULL); |
---|
103 | while (sq_remove_data(sq, &m)) |
---|
104 | { |
---|
105 | if (m->type != 'S' && m->type != NULL) { |
---|
106 | /* CUPS wants mmanley/root, not mmanley.root@ATHENA.MIT.EDU */ |
---|
107 | canon_krb(m, krbvers, kbuf, sizeof(kbuf)); |
---|
108 | |
---|
109 | /* now, take out all the @realm */ |
---|
110 | if (striprealm) { |
---|
111 | for (cp=kbuf; *cp; cp++) { |
---|
112 | if (*cp == '@') *cp = '\0'; |
---|
113 | } |
---|
114 | } |
---|
115 | fprintf(out, "%s %s\n", str, kbuf); |
---|
116 | } |
---|
117 | freeimember(m); |
---|
118 | } |
---|
119 | sq_destroy(sq); |
---|
120 | } |
---|
121 | |
---|
122 | |
---|
123 | |
---|
124 | void do_host(char *host) |
---|
125 | { |
---|
126 | EXEC SQL BEGIN DECLARE SECTION; |
---|
127 | char rp[PRINTERS_RP_SIZE], name[PRINTERS_NAME_SIZE]; |
---|
128 | char duplexname[PRINTERS_DUPLEXNAME_SIZE], location[PRINTERS_LOCATION_SIZE]; |
---|
129 | char hwtype[PRINTERS_HWTYPE_SIZE], lowerhwtype[PRINTERS_HWTYPE_SIZE]; |
---|
130 | char modtime[PRINTERS_MODTIME_SIZE], lmodtime[LIST_MODTIME_SIZE]; |
---|
131 | char contact[PRINTERS_CONTACT_SIZE], hostname[MACHINE_NAME_SIZE]; |
---|
132 | char cupshosts[MACHINE_NAME_SIZE], prtype [PRINTERS_TYPE_SIZE]; |
---|
133 | char service[SERVERHOSTS_SERVICE_SIZE]; |
---|
134 | char *spoolhost = host, *unixtime_fmt = UNIXTIME_FMT, *p; |
---|
135 | char *lhost; |
---|
136 | int ka, pc, ac, lpc_acl, top_lpc_acl, banner, rm; |
---|
137 | EXEC SQL END DECLARE SECTION; |
---|
138 | TARFILE *tf; |
---|
139 | FILE *out; |
---|
140 | char filename[MAXPATHLEN], *duptc; |
---|
141 | time_t mtime, now = time(NULL); |
---|
142 | |
---|
143 | lhost = (char *) strdup (host); |
---|
144 | for (p = lhost; *p; p++) |
---|
145 | *p = tolower(*p); |
---|
146 | |
---|
147 | EXEC SQL SELECT mach_id INTO :rm FROM machine |
---|
148 | WHERE name = :spoolhost; |
---|
149 | |
---|
150 | sprintf(filename, "%s/cups-print/%s", DCM_DIR, host); |
---|
151 | tf = tarfile_open(filename); |
---|
152 | |
---|
153 | /* printers.conf entries for locally run queues */ |
---|
154 | out = tarfile_start(tf, "/etc/cups/printers.conf", 0644, 0, 0, |
---|
155 | "lp", "lp", now); |
---|
156 | |
---|
157 | EXEC SQL DECLARE csr_printers CURSOR FOR |
---|
158 | SELECT pr.rp, pr.name, pr.duplexname, pr.hwtype, |
---|
159 | m.name, pr.banner, pr.location, pr.contact, pr.ka, |
---|
160 | pr.ac, pr.lpc_acl |
---|
161 | FROM printers pr, machine m |
---|
162 | WHERE pr.rm = :rm AND m.mach_id = pr.mach_id |
---|
163 | AND pr.type != 'ALIAS'; |
---|
164 | EXEC SQL OPEN csr_printers; |
---|
165 | while (1) |
---|
166 | { |
---|
167 | EXEC SQL FETCH csr_printers INTO :rp, :name, :duplexname, |
---|
168 | :hwtype, :hostname, :banner, :location, :contact, :ka, :ac, :lpc_acl; |
---|
169 | if (sqlca.sqlcode) |
---|
170 | break; |
---|
171 | |
---|
172 | strtrim(rp); |
---|
173 | strtrim(name); |
---|
174 | strtrim(duplexname); |
---|
175 | strtrim(hwtype); |
---|
176 | strtrim(hostname); |
---|
177 | strtrim(location); |
---|
178 | strtrim(contact); |
---|
179 | strcpy(lowerhwtype, hwtype); |
---|
180 | for (p = rp; *p; p++) /* Because uppercased printer names suck */ |
---|
181 | *p = tolower(*p); |
---|
182 | for (p = lowerhwtype; *p; p++) |
---|
183 | *p = tolower(*p); |
---|
184 | |
---|
185 | fprintf(out, "<Printer %s>\n",rp); |
---|
186 | fprintf(out, "Info %s:%s\n", rp, hwtype); |
---|
187 | /* Note the use of "beh" to keep the CUPS from disabling print queues |
---|
188 | * should they not respond versus discarding the job. |
---|
189 | * See the "beh" page for details. |
---|
190 | * The 1/0/60 says "don't disable/try 20 times/try every 60s */ |
---|
191 | if (!strncmp(hwtype, "HP", 2)) |
---|
192 | fprintf(out, "DeviceURI beh:/1/20/60/socket://%s:9100\n", hostname); |
---|
193 | else |
---|
194 | fprintf(out, "DeviceURI beh:/1/20/60/socket://%s\n", hostname); |
---|
195 | fprintf(out, "State Idle\n"); // Always with the Idle |
---|
196 | fprintf(out, "StateTime %ld\n", (long)time(NULL)); |
---|
197 | fprintf(out, "Accepting Yes\n"); |
---|
198 | fprintf(out, "Shared Yes\n"); |
---|
199 | fprintf(out, "QuotaPeriod 0\n"); |
---|
200 | fprintf(out, "PageLimit 0\n"); |
---|
201 | fprintf(out, "Klimit 0\n"); |
---|
202 | fprintf(out, "Option sides one-sided\n"); |
---|
203 | fprintf(out, "Filter application/vnd.cups-raw 0 -\n"); |
---|
204 | fprintf(out, "Filter application/vnd.cups-postscript 100 foomatic-rip\n"); |
---|
205 | fprintf(out, "Filter application/vnd.cups-pdf 0 foomatic-rip\n"); |
---|
206 | fprintf(out, "Filter application/vnd.apple-pdf 25 foomatic-rip\n"); |
---|
207 | fprintf(out, "Filter application/vnd.cups-command 0 commandtops\n"); |
---|
208 | if (location[0]) |
---|
209 | fprintf(out, "Location %s\n", location); |
---|
210 | fprintf(out, "ErrorPolicy abort-job\n"); |
---|
211 | if (ka || lpc_acl) |
---|
212 | fprintf(out, "OpPolicy %s-policy\n", rp); |
---|
213 | else |
---|
214 | fprintf(out, "OpPolicy default\n"); |
---|
215 | |
---|
216 | /* Access-control list. */ |
---|
217 | if (ac) |
---|
218 | { |
---|
219 | if (ka) |
---|
220 | fprintf(out, "AuthType Negotiate\n"); |
---|
221 | else |
---|
222 | fprintf(out, "AuthType Default\n"); |
---|
223 | printer_user_list(out, "LIST", ac, "AllowUser", 0); |
---|
224 | } |
---|
225 | |
---|
226 | if (banner == PRN_BANNER_NONE) |
---|
227 | fprintf(out, "JobSheets none none\n"); |
---|
228 | else |
---|
229 | fprintf(out, "JobSheets athena none\n"); |
---|
230 | fprintf(out, "</Printer>\n"); |
---|
231 | |
---|
232 | } |
---|
233 | EXEC SQL CLOSE csr_printers; |
---|
234 | |
---|
235 | /* printers.conf entries for non-local CUPS queues */ |
---|
236 | EXEC SQL DECLARE csr_remote_printers CURSOR FOR |
---|
237 | SELECT pr.rp, pr.name, pr.duplexname, pr.hwtype, |
---|
238 | m.name, pr.banner, pr.location, pr.contact, pr.ka, |
---|
239 | pr.ac, pr.lpc_acl, m.name as cupshosts |
---|
240 | FROM printers pr, machine m, serverhosts sh |
---|
241 | WHERE pr.rm = m.mach_id |
---|
242 | AND pr.type != 'ALIAS' AND m.name <> :spoolhost AND |
---|
243 | m.mach_id = sh.mach_id AND (sh.service = 'CUPS-PRINT' OR sh.service = 'CUPS-CLUSTER') |
---|
244 | AND sh.enable = 1 AND m.mach_id = sh.mach_id; |
---|
245 | |
---|
246 | EXEC SQL OPEN csr_remote_printers; |
---|
247 | while (1) |
---|
248 | { |
---|
249 | EXEC SQL FETCH csr_remote_printers INTO :rp, :name, :duplexname, |
---|
250 | :hwtype, :hostname, :banner, :location, :contact, :ka, :ac, :lpc_acl, :cupshosts; |
---|
251 | if (sqlca.sqlcode) |
---|
252 | break; |
---|
253 | |
---|
254 | strtrim(rp); |
---|
255 | strtrim(name); |
---|
256 | strtrim(duplexname); |
---|
257 | strtrim(hwtype); |
---|
258 | strtrim(hostname); |
---|
259 | strtrim(location); |
---|
260 | strtrim(contact); |
---|
261 | strtrim(cupshosts); |
---|
262 | strcpy(lowerhwtype, hwtype); |
---|
263 | for (p = rp; *p; p++) /* Because uppercased printer names suck */ |
---|
264 | *p = tolower(*p); |
---|
265 | for (p = lowerhwtype; *p; p++) |
---|
266 | *p = tolower(*p); |
---|
267 | |
---|
268 | fprintf(out, "<Printer %s>\n",rp); |
---|
269 | fprintf(out, "Info %s:%s\n", rp, hwtype); |
---|
270 | fprintf(out, "DeviceURI ipp://%s:631/printers/%s\n", cupshosts, rp); |
---|
271 | fprintf(out, "State Idle\n"); // Always with the Idle |
---|
272 | fprintf(out, "StateTime %ld\n", (long)time(NULL)); |
---|
273 | fprintf(out, "Accepting Yes\n"); |
---|
274 | fprintf(out, "Shared Yes\n"); |
---|
275 | fprintf(out, "QuotaPeriod 0\n"); |
---|
276 | fprintf(out, "PageLimit 0\n"); |
---|
277 | fprintf(out, "Klimit 0\n"); |
---|
278 | fprintf(out, "Option sides one-sided\n"); |
---|
279 | fprintf(out, "Filter application/vnd.cups-raw 0 -\n"); |
---|
280 | fprintf(out, "Filter application/vnd.cups-postscript 100 foomatic-rip\n"); |
---|
281 | fprintf(out, "Filter application/vnd.cups-pdf 0 foomatic-rip\n"); |
---|
282 | fprintf(out, "Filter application/vnd.apple-pdf 25 foomatic-rip\n"); |
---|
283 | fprintf(out, "Filter application/vnd.cups-command 0 commandtops\n"); |
---|
284 | if (location[0]) |
---|
285 | fprintf(out, "Location %s\n", location); |
---|
286 | fprintf(out, "ErrorPolicy abort-job\n"); |
---|
287 | if (ka || lpc_acl) |
---|
288 | fprintf(out, "OpPolicy %s-policy\n", rp); |
---|
289 | else |
---|
290 | fprintf(out, "OpPolicy default\n"); |
---|
291 | |
---|
292 | /* Access-control list. */ |
---|
293 | if (ac) |
---|
294 | { |
---|
295 | if (ka) |
---|
296 | fprintf(out, "AuthType Negotiate\n"); |
---|
297 | else |
---|
298 | fprintf(out, "AuthType Default\n"); |
---|
299 | printer_user_list(out, "LIST", ac, "AllowUser", 0); |
---|
300 | } |
---|
301 | |
---|
302 | if (banner == PRN_BANNER_NONE) |
---|
303 | fprintf(out, "JobSheets none none\n"); |
---|
304 | else |
---|
305 | fprintf(out, "JobSheets athena none\n"); |
---|
306 | fprintf(out, "</Printer>\n"); |
---|
307 | |
---|
308 | } |
---|
309 | EXEC SQL CLOSE csr_remote_printers; |
---|
310 | |
---|
311 | /* printers.conf entries for non-local LPRng queues */ |
---|
312 | EXEC SQL DECLARE csr_lprng_printers CURSOR FOR |
---|
313 | SELECT pr.rp, pr.name, pr.duplexname, pr.hwtype, |
---|
314 | m.name, pr.banner, pr.location, pr.contact, pr.ka, |
---|
315 | pr.ac, pr.lpc_acl, m.name as cupshosts |
---|
316 | FROM printers pr, machine m, serverhosts sh |
---|
317 | WHERE pr.rm = m.mach_id |
---|
318 | AND pr.type != 'ALIAS' AND m.name <> :spoolhost AND |
---|
319 | m.mach_id = sh.mach_id AND sh.service = 'PRINT' AND |
---|
320 | sh.enable = 1; |
---|
321 | |
---|
322 | EXEC SQL OPEN csr_lprng_printers; |
---|
323 | while (1) |
---|
324 | { |
---|
325 | EXEC SQL FETCH csr_lprng_printers INTO :rp, :name, :duplexname, |
---|
326 | :hwtype, :hostname, :banner, :location, :contact, :ka, :ac, :lpc_acl, :cupshosts; |
---|
327 | if (sqlca.sqlcode) |
---|
328 | break; |
---|
329 | |
---|
330 | strtrim(rp); |
---|
331 | strtrim(name); |
---|
332 | strtrim(duplexname); |
---|
333 | strtrim(hwtype); |
---|
334 | strtrim(hostname); |
---|
335 | strtrim(location); |
---|
336 | strtrim(contact); |
---|
337 | strtrim(cupshosts); |
---|
338 | strcpy(lowerhwtype, hwtype); |
---|
339 | for (p = rp; *p; p++) /* Because uppercased printer names suck */ |
---|
340 | *p = tolower(*p); |
---|
341 | for (p = lowerhwtype; *p; p++) |
---|
342 | *p = tolower(*p); |
---|
343 | |
---|
344 | fprintf(out, "<Printer %s>\n",rp); |
---|
345 | fprintf(out, "Info %s:LPRng Queue on %s\n", rp, cupshosts); |
---|
346 | fprintf(out, "DeviceURI lpd://%s/%s\n", cupshosts, rp); |
---|
347 | fprintf(out, "State Idle\n"); // Always with the Idle |
---|
348 | fprintf(out, "StateTime %ld\n", (long)time(NULL)); |
---|
349 | fprintf(out, "Accepting Yes\n"); |
---|
350 | fprintf(out, "Shared Yes\n"); |
---|
351 | fprintf(out, "QuotaPeriod 0\n"); |
---|
352 | fprintf(out, "PageLimit 0\n"); |
---|
353 | fprintf(out, "Klimit 0\n"); |
---|
354 | fprintf(out, "Option sides one-sided\n"); |
---|
355 | fprintf(out, "Filter application/vnd.cups-raw 0 -\n"); |
---|
356 | fprintf(out, "Filter application/vnd.cups-postscript 100 foomatic-rip\n"); |
---|
357 | fprintf(out, "Filter application/vnd.cups-pdf 0 foomatic-rip\n"); |
---|
358 | fprintf(out, "Filter application/vnd.apple-pdf 25 foomatic-rip\n"); |
---|
359 | fprintf(out, "Filter application/vnd.cups-command 0 commandtops\n"); |
---|
360 | if (location[0]) |
---|
361 | fprintf(out, "Location %s\n", location); |
---|
362 | fprintf(out, "ErrorPolicy abort-job\n"); |
---|
363 | fprintf(out, "OpPolicy default\n"); |
---|
364 | fprintf(out, "JobSheets none none\n"); |
---|
365 | fprintf(out, "</Printer>\n"); |
---|
366 | |
---|
367 | } |
---|
368 | EXEC SQL CLOSE csr_lprng_printers; |
---|
369 | tarfile_end(tf); |
---|
370 | |
---|
371 | |
---|
372 | /* aliases are in classes.conf */ |
---|
373 | out = tarfile_start(tf, "/etc/cups/classes.conf", 0644, 0, 0, |
---|
374 | "lp", "lp", now); |
---|
375 | EXEC SQL DECLARE csr_duplexqs CURSOR FOR |
---|
376 | SELECT pr.rp, pr.name, pr.duplexname, pr.hwtype, |
---|
377 | m.name, pr.banner, pr.location, pr.contact, pr.ka, |
---|
378 | pr.type as prtype, pr.ac, sh.service |
---|
379 | FROM printers pr, machine m, serverhosts sh |
---|
380 | WHERE pr.rm = m.mach_id |
---|
381 | AND m.mach_id = sh.mach_id AND sh.enable = 1 |
---|
382 | AND (sh.service = 'CUPS-PRINT' OR sh.service = 'PRINT' OR sh.service = 'CUPS-CLUSTER'); |
---|
383 | EXEC SQL OPEN csr_duplexqs; |
---|
384 | while (1) |
---|
385 | { |
---|
386 | EXEC SQL FETCH csr_duplexqs INTO :rp, :name, :duplexname, |
---|
387 | :hwtype, :hostname, :banner, :location, :contact, :ka, :prtype, :ac, :service; |
---|
388 | if (sqlca.sqlcode) |
---|
389 | break; |
---|
390 | |
---|
391 | strtrim(hwtype); |
---|
392 | strtrim(service); |
---|
393 | strtrim(rp); |
---|
394 | strtrim(location); |
---|
395 | strtrim(contact); |
---|
396 | strtrim(prtype); |
---|
397 | |
---|
398 | /* Define alias queues as classes to the regular queues for |
---|
399 | * accounting reasons. Annoyingly, classes don't always inherit |
---|
400 | * their printer definitions. |
---|
401 | */ |
---|
402 | if (!strcmp(prtype,"ALIAS")) |
---|
403 | { |
---|
404 | strtrim(name); |
---|
405 | fprintf(out, "<Class %s>\n",name); |
---|
406 | fprintf(out, "Info Alias Queue to %s:%s\n", rp, hwtype); |
---|
407 | fprintf(out, "Printer %s\n", rp); |
---|
408 | fprintf(out, "Option sides one-sided\n"); |
---|
409 | fprintf(out, "State Idle\n"); // Always with the Idle |
---|
410 | fprintf(out, "StateTime %ld\n", (long)time(NULL)); |
---|
411 | fprintf(out, "Accepting Yes\n"); |
---|
412 | fprintf(out, "Shared Yes\n"); |
---|
413 | fprintf(out, "QuotaPeriod 0\n"); |
---|
414 | fprintf(out, "PageLimit 0\n"); |
---|
415 | if (location[0]) |
---|
416 | fprintf(out, "Location %s\n", location); |
---|
417 | /* do not use custom policies for LPRng printers */ |
---|
418 | if (strcmp(service,"PRINT") && (ka || lpc_acl)) |
---|
419 | fprintf(out, "OpPolicy %s-policy\n", rp); |
---|
420 | else |
---|
421 | fprintf(out, "OpPolicy default\n"); |
---|
422 | |
---|
423 | /* Access-control list. */ |
---|
424 | if (ac) |
---|
425 | printer_user_list(out, "LIST", ac, "AllowUser", 0); |
---|
426 | |
---|
427 | if (banner == PRN_BANNER_NONE) |
---|
428 | fprintf(out, "JobSheets none none\n"); |
---|
429 | else |
---|
430 | fprintf(out, "JobSheets athena none\n"); |
---|
431 | fprintf(out, "</Class>\n"); |
---|
432 | } |
---|
433 | |
---|
434 | /* Define duplex queues as aliases to the regular queues for |
---|
435 | * accounting reasons. Annoyingly, classes don't always inherit |
---|
436 | * their printer definitions. |
---|
437 | */ |
---|
438 | if (*duplexname) |
---|
439 | { |
---|
440 | strtrim(duplexname); |
---|
441 | fprintf(out, "<Class %s>\n",duplexname); |
---|
442 | if (!strcmp(prtype,"ALIAS")) |
---|
443 | fprintf(out, "Info Duplex Alias Queue to %s:%s\n", rp, hwtype); |
---|
444 | else |
---|
445 | fprintf(out, "Info Duplex Queue for %s:%s\n", rp, hwtype); |
---|
446 | fprintf(out, "Option sides two-sided-long-edge\n"); // duplex |
---|
447 | fprintf(out, "Printer %s\n", rp); |
---|
448 | fprintf(out, "State Idle\n"); // Always with the Idle |
---|
449 | fprintf(out, "StateTime %ld\n", (long)time(NULL)); |
---|
450 | fprintf(out, "Accepting Yes\n"); |
---|
451 | fprintf(out, "Shared Yes\n"); |
---|
452 | fprintf(out, "QuotaPeriod 0\n"); |
---|
453 | fprintf(out, "PageLimit 0\n"); |
---|
454 | if (location[0]) |
---|
455 | fprintf(out, "Location %s\n", location); |
---|
456 | if (strcmp(service,"PRINT") && (ka || lpc_acl)) |
---|
457 | fprintf(out, "OpPolicy %s-policy\n", rp); |
---|
458 | else |
---|
459 | fprintf(out, "OpPolicy default\n"); |
---|
460 | |
---|
461 | /* Access-control list. */ |
---|
462 | if (ac) |
---|
463 | printer_user_list(out, "LIST", ac, "AllowUser", 0); |
---|
464 | |
---|
465 | if (banner == PRN_BANNER_NONE) |
---|
466 | fprintf(out, "JobSheets none none\n"); |
---|
467 | else if (banner == PRN_BANNER_LAST) |
---|
468 | fprintf(out, "JobSheets athena none\n"); |
---|
469 | fprintf(out, "</Class>\n"); |
---|
470 | } |
---|
471 | } |
---|
472 | EXEC SQL CLOSE csr_duplexqs; |
---|
473 | tarfile_end(tf); |
---|
474 | |
---|
475 | /* cups.conf */ |
---|
476 | out = tarfile_start(tf, "/etc/cups/cupsd.conf", 0755, 1, 1, |
---|
477 | "root", "lp", now); |
---|
478 | |
---|
479 | fprintf(out, "LogLevel info\n"); |
---|
480 | fprintf(out, "SystemGroup sys root ops-group\n"); |
---|
481 | fprintf(out, "Port 631\n"); |
---|
482 | fprintf(out, "SSLPort 443\n"); |
---|
483 | fprintf(out, "Listen /var/run/cups/cups.sock\n"); |
---|
484 | fprintf(out, "Browsing On\n"); |
---|
485 | fprintf(out, "BrowseOrder allow,deny\n"); |
---|
486 | fprintf(out, "BrowseAllow all\n"); |
---|
487 | fprintf(out, "BrowseAddress @LOCAL\n"); |
---|
488 | fprintf(out, "DefaultAuthType Negotiate\n"); |
---|
489 | fprintf(out, "ServerCertificate /etc/cups/ssl/%s-ipp-crt.pem\n", lhost); |
---|
490 | fprintf(out, "ServerKey /etc/cups/ssl/%s-ipp-key.pem\n", lhost); |
---|
491 | fprintf(out, "ServerName %s\n", lhost); |
---|
492 | fprintf(out, "ServerAlias %s\n", phost); |
---|
493 | /* fprintf(out, "Krb5Keytab /etc/krb5-ipp.keytab\n"); */ |
---|
494 | |
---|
495 | /* The other CUPS servers should be aware of the other hosts' |
---|
496 | queues, so we'll let them browse each other. */ |
---|
497 | fprintf(out, "Include cups.local.conf\n"); |
---|
498 | fprintf(out, "Include cups.locations.conf\n"); |
---|
499 | fprintf(out, "Include cups.policies.conf\n"); |
---|
500 | tarfile_end(tf); |
---|
501 | |
---|
502 | /* cups.hosts.conf */ |
---|
503 | out = tarfile_start(tf, "/etc/cups/cups.hosts.conf", 0755, 1, 1, |
---|
504 | "root", "lp", now); |
---|
505 | EXEC SQL DECLARE csr_cupshosts CURSOR FOR |
---|
506 | SELECT m.name AS cupshosts FROM machine m, printservers ps |
---|
507 | WHERE m.mach_id = ps.mach_id AND ps.kind = 'CUPS'; |
---|
508 | EXEC SQL OPEN csr_cupshosts; |
---|
509 | while (1) |
---|
510 | { |
---|
511 | EXEC SQL FETCH csr_cupshosts INTO :cupshosts; |
---|
512 | if (sqlca.sqlcode) |
---|
513 | break; |
---|
514 | |
---|
515 | strtrim(cupshosts); |
---|
516 | |
---|
517 | /* Don't poll yourself looking for answers! */ |
---|
518 | if (strcmp(cupshosts,host)) |
---|
519 | fprintf(out, "BrowsePoll %s\n", cupshosts); |
---|
520 | } |
---|
521 | EXEC SQL CLOSE csr_cupshosts; |
---|
522 | |
---|
523 | tarfile_end(tf); |
---|
524 | |
---|
525 | /* cups.policies.conf */ |
---|
526 | out = tarfile_start(tf, "/etc/cups/cups.policies.conf", 0755, 1, 1, |
---|
527 | "root", "lp", now); |
---|
528 | fprintf(out, "# Printer-specific LPC and LPR ACLs\n"); |
---|
529 | /* lpcaccess.top */ |
---|
530 | EXEC SQL SELECT ps.lpc_acl INTO :top_lpc_acl |
---|
531 | FROM printservers ps, machine m |
---|
532 | WHERE m.name = :spoolhost AND m.mach_id = ps.mach_id; |
---|
533 | |
---|
534 | /* first, what's our defaults? */ |
---|
535 | fprintf (out, "<Policy default>\n"); |
---|
536 | fprintf (out, "%s\n", alterjob); |
---|
537 | fprintf (out, "AuthType Default\n"); |
---|
538 | fprintf (out, "Require user @OWNER @SYSTEM\n"); |
---|
539 | printer_user_list(out, "LIST", top_lpc_acl, "Require user", 1); |
---|
540 | fprintf (out, "Order deny,allow\n"); |
---|
541 | fprintf (out, "</Limit>\n"); |
---|
542 | fprintf (out, "<Limit Send-Document CUPS-Get-Document>\n"); |
---|
543 | fprintf (out, "AuthType None\n"); |
---|
544 | fprintf (out, "Require user @OWNER @SYSTEM\n"); |
---|
545 | fprintf (out, "Order deny,allow\n"); |
---|
546 | fprintf (out, "Allow from all\n"); |
---|
547 | fprintf (out, "</Limit>\n"); |
---|
548 | fprintf (out, "%s\n", submitjob); |
---|
549 | fprintf (out, "AuthType None\n"); |
---|
550 | fprintf (out, "Order deny,allow\n"); |
---|
551 | fprintf (out, "Allow from all\n"); |
---|
552 | fprintf (out, "</Limit>\n"); |
---|
553 | fprintf (out, "%s\n", alterpntr); |
---|
554 | fprintf (out, "AuthType Default\n"); |
---|
555 | fprintf (out, "Require user @SYSTEM\n"); |
---|
556 | fprintf (out, "Order deny,allow\n"); |
---|
557 | fprintf (out, "</Limit>\n"); |
---|
558 | fprintf (out, "%s\n", lpcpntr); |
---|
559 | fprintf (out, "AuthType Default\n"); |
---|
560 | fprintf (out, "Require user @SYSTEM\n"); |
---|
561 | printer_user_list(out, "LIST", top_lpc_acl, "Require user", 1); |
---|
562 | fprintf (out, "Order deny,allow\n"); |
---|
563 | fprintf (out, "</Limit>\n"); |
---|
564 | fprintf (out, "%s\n", canceljob); |
---|
565 | fprintf (out, "AuthType Default\n"); |
---|
566 | fprintf (out, "Require user @OWNER @SYSTEM\n"); |
---|
567 | printer_user_list(out, "LIST", top_lpc_acl, "Require user", 1); |
---|
568 | fprintf (out, "Order deny,allow\n"); |
---|
569 | fprintf (out, "Allow from all\n"); |
---|
570 | fprintf (out, "</Limit>\n"); |
---|
571 | fprintf (out, "%s\n", catchall); |
---|
572 | fprintf (out, "AuthType None\n"); |
---|
573 | fprintf (out, "Order deny,allow\n"); |
---|
574 | fprintf (out, "Allow from all\n"); |
---|
575 | fprintf (out, "</Limit>\n"); |
---|
576 | fprintf (out, "</Policy>\n"); |
---|
577 | |
---|
578 | /* restrict lists and lpcaccess policies. Sadly, we have to put the |
---|
579 | top level for each new policy since CUPS doesn't have a way of |
---|
580 | doing it otherwise (well, Unix groups, but not moira) */ |
---|
581 | EXEC SQL DECLARE csr_lpc CURSOR FOR |
---|
582 | SELECT UNIQUE rp, ka, ac, lpc_acl |
---|
583 | FROM printers |
---|
584 | WHERE (ac != 0 OR lpc_acl != 0) AND rm in (SELECT m.mach_id FROM machine m, serverhosts sh |
---|
585 | WHERE m.mach_id = sh.mach_id AND (sh.service = 'CUPS-PRINT' OR sh.service = 'CUPS-CLUSTER') |
---|
586 | AND sh.enable = 1); |
---|
587 | EXEC SQL OPEN csr_lpc; |
---|
588 | while (1) |
---|
589 | { |
---|
590 | EXEC SQL FETCH csr_lpc INTO :name, :ka, :ac, :lpc_acl; |
---|
591 | if (sqlca.sqlcode) |
---|
592 | break; |
---|
593 | |
---|
594 | strtrim(name); |
---|
595 | |
---|
596 | fprintf (out, "<Policy %s-policy>\n", name); |
---|
597 | fprintf (out, "%s\n", alterjob); |
---|
598 | fprintf (out, "AuthType Default\n"); |
---|
599 | fprintf (out, "Require user @OWNER @SYSTEM\n"); |
---|
600 | printer_user_list(out, "LIST", lpc_acl, "Require user", 1); |
---|
601 | printer_user_list(out, "LIST", svrlist, "Require user", 1); |
---|
602 | fprintf (out, "Order deny,allow\n"); |
---|
603 | fprintf (out, "Allow from all\n"); |
---|
604 | fprintf (out, "</Limit>\n"); |
---|
605 | fprintf (out, "<Limit Send-Document CUPS-Get-Document>\n"); |
---|
606 | fprintf (out, "AuthType None\n"); |
---|
607 | fprintf (out, "Require user @OWNER @SYSTEM\n"); |
---|
608 | fprintf (out, "Order deny,allow\n"); |
---|
609 | fprintf (out, "Allow from all\n"); |
---|
610 | fprintf (out, "</Limit>\n"); |
---|
611 | fprintf (out, "%s\n", submitjob); |
---|
612 | /* If the printer is Kerberized? */ |
---|
613 | if (ka) |
---|
614 | fprintf (out, "AuthType Negotiate\n"); |
---|
615 | else |
---|
616 | fprintf (out, "AuthType None\n"); |
---|
617 | /* Access-control list. */ |
---|
618 | if (ac) { |
---|
619 | printer_user_list(out, "LIST", ac, "Require user", 1); |
---|
620 | printer_user_list(out, "LIST", svrlist, "Require user", 1); |
---|
621 | } |
---|
622 | else if (ka) |
---|
623 | fprintf (out, "Require valid-user\n"); |
---|
624 | fprintf (out, "Order deny,allow\n"); |
---|
625 | fprintf (out, "Allow from all\n"); |
---|
626 | fprintf (out, "</Limit>\n"); |
---|
627 | fprintf (out, "%s\n", alterpntr); |
---|
628 | fprintf (out, "AuthType Default\n"); |
---|
629 | fprintf (out, "Require user @SYSTEM\n"); |
---|
630 | fprintf (out, "Order deny,allow\n"); |
---|
631 | fprintf (out, "</Limit>\n"); |
---|
632 | fprintf (out, "%s\n", lpcpntr); |
---|
633 | fprintf (out, "AuthType Default\n"); |
---|
634 | fprintf (out, "Require user @SYSTEM\n"); |
---|
635 | /* printer-specific lpc access. */ |
---|
636 | if (lpc_acl) |
---|
637 | printer_user_list(out, "LIST", lpc_acl, "Require user", 1); |
---|
638 | printer_user_list(out, "LIST", top_lpc_acl, "Require user", 1); |
---|
639 | fprintf (out, "Order deny,allow\n"); |
---|
640 | fprintf (out, "</Limit>\n"); |
---|
641 | fprintf (out, "%s\n", canceljob); |
---|
642 | fprintf (out, "AuthType Default\n"); |
---|
643 | fprintf (out, "Require user @OWNER @SYSTEM\n"); |
---|
644 | printer_user_list(out, "LIST", lpc_acl, "Require user", 1); |
---|
645 | printer_user_list(out, "LIST", top_lpc_acl, "Require user", 1); |
---|
646 | fprintf (out, "Order deny,allow\n"); |
---|
647 | fprintf (out, "Allow from all\n"); |
---|
648 | fprintf (out, "</Limit>\n"); |
---|
649 | fprintf (out, "%s\n", catchall); |
---|
650 | fprintf (out, "AuthType None\n"); |
---|
651 | fprintf (out, "Order deny,allow\n"); |
---|
652 | fprintf (out, "Allow from all\n"); |
---|
653 | fprintf (out, "</Limit>\n"); |
---|
654 | fprintf (out, "</Policy>\n"); |
---|
655 | } |
---|
656 | EXEC SQL CLOSE csr_lpc; |
---|
657 | fprintf(out, "\n"); |
---|
658 | tarfile_end(tf); |
---|
659 | tarfile_close(tf); |
---|
660 | } |
---|
661 | |
---|
662 | void sqlerr(void) |
---|
663 | { |
---|
664 | db_error(sqlca.sqlcode); |
---|
665 | } |
---|