'Re: [LPRng] lpd.perms'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       lprng
Subject:    Re: [LPRng] lpd.perms
From:       papowell () astart ! com
Date:       1999-03-31 23:05:31
[Download RAW message or body]

> From majordomo-owner@iona.com Wed Mar 31 14:02:26 1999
> To: lprng@iona.com
> Subject: Re: [LPRng] lpd.perms
> From: Mike Whitson <mwhitson@MIT.EDU>
> Date: 31 Mar 1999 16:48:05 -0500
>
> papowell@astart.com writes:
>
> > > Does lpd.perms do something like short-circuiting?
> > >
> > > i.e. if I have a couple hundred lines like:
> > >
> > > ACCEPT SERVICE=C PRINTER=foo AUTH=USER AUTHUSER=</usr/spool/printer/foo/lpcaccess
> > > ACCEPT SERVICE=C PRINTER=bar AUTH=USER AUTHUSER=</usr/spool/printer/bar/lpcaccess
> > > ... [197 more like those] ...
> > > ACCEPT SERVICE=C PRINTER=nil AUTH=USER AUTHUSER=</usr/spool/printer/nil/lpcaccess
> > >
> > > and I submit an lpc request for nil, will lpd open every single
> > > lpcaccess file and read them before getting to nil?  Or will it fail
> > > to match PRINTER=nil in each line and not check any farther on that
> > > line (thus failing to read each lpcaccess file)?
>
> >  NIL is no longer a null key.  Just out of curiousity, where in the
> >  docs does it say it is?
>
> Uhm, that's not what I was asking.  I wasn't saying 'nil' was a null
> key; I was just using it as an example printer name.  Change all
> occurrences of "nil" to "baz" in my previous mail if it will prevent
> confusion.  (It was "null" which was the null key in 3.5.x, and it's
> undocumented; I discovered that by reading the source after our queue
> named "null" failed to work.  "nil" is, in every version of LPRng I've
> tested, a perfectly normal and acceptable queue name.)
>
> What I was asking was, if I have 200 lines of permission checks in
> lpd.perms, each of which reads a file, will lpd read all 200 of those
> files for every request that comes in, even though, because of the
> "PRINTER=XXX" clauses in each line, lpd can determine that the line is
> not a match and move on.

Yes. First failed match in the list will terminate line search.
First line match in list will terminate search.

>
> (Yes, we really do have print servers with over 200 queues, each of
> which may need its own lpc ACL.  To make our life even more fun, each
> queue may also need a spooling ACL which is *different* from the lpc
> ACL.)
>
> Mike Whitson
> MIT/IS Athena Server Operations
>


Patrick Powell                 Astart Technologies,
papowell@astart.com            9475 Chesapeake Drive, Suite D,
Network and System             San Diego, CA 92123
  Consulting                   619-874-6543 FAX 619-279-8424 
LPRng - Print Spooler (http://www.astart.com)

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic