[moira.git] / gen / print.pc

/* $Id$
 *
 * This generates printcaps and other files for Athena print servers
 *
 * Copyright (C) 1992-1998 by the Massachusetts Institute of Technology.
 * For copying and distribution information, please see the file
 * <mit-copyright.h>.
 */

#include <mit-copyright.h>
#include <moira.h>
#include <moira_site.h>

#include <sys/stat.h>
#include <sys/types.h>

#include <ctype.h>
#include <stdio.h>
#include <string.h>

#include "util.h"

EXEC SQL INCLUDE sqlca;

RCSID("$Header$");

char *whoami = "print.gen";
char *db = "moira/moira";

void do_host(char *host);
void sqlerr(void);
#ifndef MAX
#define MAX(a, b) ( (a) > (b) ? (a) : (b) )
#endif

int main(int argc, char **argv)
{
  EXEC SQL BEGIN DECLARE SECTION;
  char name[MACHINE_NAME_SIZE];
  EXEC SQL END DECLARE SECTION;

  init_acls();

  EXEC SQL CONNECT :db;

  EXEC SQL WHENEVER SQLERROR DO sqlerr();

  EXEC SQL DECLARE csr_hosts CURSOR FOR
    SELECT m.name FROM machine m, serverhosts sh
    WHERE m.mach_id = sh.mach_id AND sh.service = 'PRINT' AND sh.enable = 1;
  EXEC SQL OPEN csr_hosts;
  while (1)
    {
      EXEC SQL FETCH csr_hosts INTO :name;
      if (sqlca.sqlcode)
	break;

      strtrim(name);
      do_host(name);
    }
  EXEC SQL CLOSE csr_hosts;

  exit(MR_SUCCESS);
}

void do_host(char *host)
{
  EXEC SQL BEGIN DECLARE SECTION;
  char rp[PRINTERS_RP_SIZE], name[PRINTERS_NAME_SIZE];
  char duplexname[PRINTERS_DUPLEXNAME_SIZE], location[PRINTERS_LOCATION_SIZE];
  char hwtype[PRINTERS_HWTYPE_SIZE], lowerhwtype[PRINTERS_HWTYPE_SIZE];
  char modtime[PRINTERS_MODTIME_SIZE], lmodtime[LIST_MODTIME_SIZE];
  char contact[PRINTERS_CONTACT_SIZE], hostname[MACHINE_NAME_SIZE];
  char *spoolhost = host, *unixtime_fmt = UNIXTIME_FMT, *p;
  int ka, pc, ac, lpc_acl, banner, rm;
  EXEC SQL END DECLARE SECTION;
  TARFILE *tf;
  FILE *out;
  char filename[MAXPATHLEN], *duptc;
  time_t mtime, now = time(NULL);

  EXEC SQL SELECT mach_id INTO :rm FROM machine
    WHERE name = :spoolhost;

  sprintf(filename, "%s/print/%s", DCM_DIR, host);
  tf = tarfile_open(filename);

  /* printcap */
  out = tarfile_start(tf, "/etc/printcap.moira", 0644, 0, 0,
		      "root", "root", now);

  EXEC SQL DECLARE csr_printcap CURSOR FOR
    SELECT pr.rp, pr.name, pr.duplexname, pr.hwtype,
    m.name, pr.banner, pr.location, pr.contact
    FROM printers pr, machine m
    WHERE pr.rm = :rm AND m.mach_id = pr.mach_id
    AND pr.type != 'ALIAS'
    AND ( pr.hwtype LIKE 'HP%' OR pr.hwtype LIKE 'LPR%' );
  EXEC SQL OPEN csr_printcap;
  while (1)
    {
      EXEC SQL FETCH csr_printcap INTO :rp, :name, :duplexname,
	:hwtype, :hostname, :banner, :location, :contact;
      if (sqlca.sqlcode)
	break;

      strtrim(rp);
      strtrim(name);
      strtrim(duplexname);
      strtrim(hwtype);
      strtrim(hostname);
      strtrim(location);
      strtrim(contact);
      strcpy(lowerhwtype, hwtype);
      for (p = lowerhwtype; *p; p++)
	*p = tolower(*p);

      if (location[0])
	fprintf(out, "# %s: %s\n", name, location);
      else
	fprintf(out, "# %s\n", name);
      if (strcmp(location, contact))
	fprintf(out, "# contact: %s\n", contact);

      fprintf(out, "%s\n\t:server:cm=%s %s\n\t", rp, hwtype, location);
      if (banner == PRN_BANNER_NONE)
	fprintf(out, ":sh");
      else if (banner == PRN_BANNER_LAST)
	fprintf(out, ":hl");

      if (!strncmp(hwtype, "HP", 2))
	{
	  fprintf(out, ":lp=%s%%9100:ifhp=model=%s:tc=.hp\n\n",
		  hostname, lowerhwtype);
	  duptc = ".hp2";
	}
      else if (!strncmp(hwtype, "LPR", 3))
	{
	  fprintf(out, ":lp=raw@%s:tc=.apple\n\n", hostname);
	  duptc = ".apple2";
	}

      if (*duplexname)
	{
	  fprintf(out, "%s\n\t:server:bq=%s:cm=%s duplex queue\n\t", 
		  duplexname, rp, rp);
	  if (!strncmp(hwtype, "HP", 2))
	    fprintf(out, ":ifhp=model=%s", lowerhwtype);
	  fprintf(out, ":tc=%s\n\n", duptc);
	}
    }
  EXEC SQL CLOSE csr_printcap;
  tarfile_end(tf);

  /* lpd.perms */
  out = tarfile_start(tf, "/etc/lpd.perms", 0755, 1, 1,
		      "daemon", "daemon", now);
  fprintf(out, "# Allow anybody to connect, get status, list queue, or "
	  "print (once a\n# job is spooled)\n");
  fprintf(out, "ACCEPT SERVICE=X,S,Q,P\nACCEPT LPC=status,lpq,printcap\n\n");

  fprintf(out, "# Only trust certain host keys to forward jobs/commands\n");
  fprintf(out, "REJECT SERVICE=R AUTHFROM=?* "
	  "PRINTER=</var/spool/printer/queues.secure "
	  "NOT AUTHFROM=</var/spool/printer/hostkeys.allow FORWARD\n");
  fprintf(out, "REJECT SERVICE=R AUTHFROM=?* AUTHJOB "
	  "NOT AUTHFROM=</var/spool/printer/hostkeys.allow FORWARD\n\n");

  fprintf(out, "# Allow root to control and remove jobs\n");
  fprintf(out, "ACCEPT SERVICE=C,R SERVER REMOTEUSER=root\n\n");

  fprintf(out, "# Allow admins to control and remove jobs\n");
  fprintf(out, "ACCEPT SERVICE=C,R AUTH=USER AUTHUSER=</var/spool/printer/lpcaccess.top\n\n");

  fprintf(out, "# Printer-specific LPC ACLs\n");
  EXEC SQL DECLARE csr_lpc CURSOR FOR
    SELECT rp, duplexname FROM printers
    WHERE rm = :rm AND lpc_acl != 0;
  EXEC SQL OPEN csr_lpc;
  while (1)
    {
      EXEC SQL FETCH csr_lpc INTO :name, :duplexname;
      if (sqlca.sqlcode)
	break;

      strtrim(name);
      strtrim(duplexname);
      fprintf(out, "ACCEPT SERVICE=C,R PRINTER=%s%s%s AUTH=USER "
	      "AUTHUSER=</var/spool/printer/%s/lpcaccess\n",
	      name, *duplexname ? "," : "", duplexname, name);
    }
  EXEC SQL CLOSE csr_lpc;
  fprintf(out, "\n");

  fprintf(out, "# Reject jobs from unauthorized users to restricted queues\n");
  EXEC SQL DECLARE csr_ac CURSOR FOR
    SELECT rp, duplexname, ka FROM printers
    WHERE rm = :rm AND ac != 0;
  EXEC SQL OPEN csr_ac;
  while (1)
    {
      EXEC SQL FETCH csr_ac INTO :name, :duplexname, ka;
      if (sqlca.sqlcode)
	break;

      strtrim(name);
      strtrim(duplexname);
      fprintf(out, "REJECT SERVICE=R PRINTER=%s%s%s NOT "
	      "%sUSER=</var/spool/printer/%s/restrict.list\n",
	      name, *duplexname ? "," : "", duplexname,
	      ka ? "AUTH" : "", name);
    }
  EXEC SQL CLOSE csr_ac;
  fprintf(out, "\n");

  fprintf(out, "# Allow us to lock out users\n");
  fprintf(out, "REJECT SERVICE=R USER=</var/spool/printer/users.deny\n");
  fprintf(out, "# Accept authenticated jobs to all other printers\n");
  fprintf(out, "ACCEPT SERVICE=R AUTH=USER,FWD\n");
  fprintf(out, "# Allow authenticated users to lprm their jobs\n");
  fprintf(out, "ACCEPT SERVICE=M AUTH=USER,FWD AUTHJOB AUTHSAMEUSER\n\n");

  fprintf(out, "# Reject unauthentic print/lprm requests to authenticated queues\n");
  fprintf(out, "REJECT SERVICE=R,M NOT AUTH "
	  "PRINTER=</var/spool/printer/queues.secure\n\n");

  fprintf(out, "# Reject unauthentic print requests from off MITnet\n");
  fprintf(out, "REJECT SERVICE=R NOT REMOTEIP=</var/spool/printer/masks.allow\n\n\n");

  fprintf(out, "# Accept unauthentic print requests if same user and on MITnet\n");
  fprintf(out, "ACCEPT SERVICE=M NOT AUTHJOB SAMEUSER REMOTEIP=</var/spool/printer/masks.allow\n\n");
  
  fprintf(out, "# Reject any other lpc, or lprm. Accept all else\n");
  fprintf(out, "REJECT SERVICE=C,M\n");
  fprintf(out, "DEFAULT ACCEPT\n");
  tarfile_end(tf);

  /* list of kerberized queues */
  out = tarfile_start(tf, "/var/spool/printer/queues.secure", 0755, 1, 1,
		     "daemon", "daemon", now);
  EXEC SQL DECLARE csr_kq CURSOR FOR
    SELECT rp, duplexname FROM printers
    WHERE rm = :rm AND ka = 1;
  EXEC SQL OPEN csr_kq;
  while (1)
    {
      EXEC SQL FETCH csr_kq INTO :name, :duplexname;
      if (sqlca.sqlcode)
	break;

      strtrim(name);
      strtrim(duplexname);
      fprintf(out, "%s\n", name);
      if (*duplexname)
	fprintf(out, "%s\n", duplexname);
    }
  tarfile_end(tf);

  /* restrict lists and lpcaccess files */
  EXEC SQL DECLARE csr_spool CURSOR FOR
    SELECT UNIQUE rp, ka, ac, lpc_acl
    FROM printers
    WHERE rm = :rm AND ( ac != 0 OR lpc_acl != 0);
  EXEC SQL OPEN csr_spool;
  while (1)
    {
      EXEC SQL FETCH csr_spool INTO :name, :ka, :ac, :lpc_acl;
      if (sqlca.sqlcode)
	break;

      strtrim(name);

      sprintf(filename, "/var/spool/printer/%s", name);
      tarfile_mkdir(tf, filename, 0755, 1, 1, "daemon", "daemon", now);

      /* The ac and lpc_acl lists may have sublists, and changes to those
       * won't affect the superlist's modtime. So we just set the modtime
       * to now.
       */

      /* Access-control list. */
      if (ac)
	{
	  sprintf(filename, "/var/spool/printer/%s/restrict.list", name);
	  out = tarfile_start(tf, filename, 0755, 1, 1, "daemon", "daemon",
			      now);
	  if (ka)
	    dump_krb_acl(out, "LIST", ac, 5);
	  else
	    dump_user_list(out, "LIST", ac);
	  tarfile_end(tf);
	}

      /* printer-specific lpc access. */
      if (lpc_acl)
	{
	  sprintf(filename, "/var/spool/printer/%s/lpcaccess", name);
	  out = tarfile_start(tf, filename, 0755, 1, 1, "daemon", "daemon",
			      now);
	  dump_krb_acl(out, "LIST", lpc_acl, 5);
	  tarfile_end(tf);
	}
    }

  /* lpcaccess.top */
  EXEC SQL SELECT ps.lpc_acl INTO :lpc_acl
    FROM printservers ps, machine m
    WHERE m.name = :spoolhost AND m.mach_id = ps.mach_id;
  if (!sqlca.sqlcode && lpc_acl)
    {
      out = tarfile_start(tf, "/var/spool/printer/lpcaccess.top",
			  0755, 1, 1, "daemon", "daemon", now);
      dump_krb_acl(out, "LIST", lpc_acl, 5);
      tarfile_end(tf);
    }

  EXEC SQL CLOSE csr_spool;

  tarfile_close(tf);
}

void sqlerr(void)
{
  db_error(sqlca.sqlcode);
}
Commit	Line	Data
bc275f50	1	/* $Id$
	2	*
	3	* This generates printcaps and other files for Athena print servers
	4	*
	5	* Copyright (C) 1992-1998 by the Massachusetts Institute of Technology.
	6	* For copying and distribution information, please see the file
	7	* <mit-copyright.h>.
	8	*/
	9
	10	#include <mit-copyright.h>
	11	#include <moira.h>
	12	#include <moira_site.h>
	13
	14	#include <sys/stat.h>
	15	#include <sys/types.h>
	16
	17	#include <ctype.h>
	18	#include <stdio.h>
	19	#include <string.h>
	20
	21	#include "util.h"
	22
	23	EXEC SQL INCLUDE sqlca;
	24
	25	RCSID("$Header$");
	26
	27	char *whoami = "print.gen";
	28	char *db = "moira/moira";
	29
	30	void do_host(char *host);
bc275f50	31	void sqlerr(void);
	32	#ifndef MAX
	33	#define MAX(a, b) ( (a) > (b) ? (a) : (b) )
	34	#endif
	35
	36	int main(int argc, char **argv)
	37	{
	38	EXEC SQL BEGIN DECLARE SECTION;
	39	char name[MACHINE_NAME_SIZE];
	40	EXEC SQL END DECLARE SECTION;
	41
5647f157	42	init_acls();
5647f157	43
bc275f50	44	EXEC SQL CONNECT :db;
	45
	46	EXEC SQL WHENEVER SQLERROR DO sqlerr();
	47
	48	EXEC SQL DECLARE csr_hosts CURSOR FOR
	49	SELECT m.name FROM machine m, serverhosts sh
	50	WHERE m.mach_id = sh.mach_id AND sh.service = 'PRINT' AND sh.enable = 1;
	51	EXEC SQL OPEN csr_hosts;
	52	while (1)
	53	{
	54	EXEC SQL FETCH csr_hosts INTO :name;
	55	if (sqlca.sqlcode)
	56	break;
	57
	58	strtrim(name);
	59	do_host(name);
	60	}
	61	EXEC SQL CLOSE csr_hosts;
	62
	63	exit(MR_SUCCESS);
	64	}
	65
	66	void do_host(char *host)
	67	{
	68	EXEC SQL BEGIN DECLARE SECTION;
	69	char rp[PRINTERS_RP_SIZE], name[PRINTERS_NAME_SIZE];
	70	char duplexname[PRINTERS_DUPLEXNAME_SIZE], location[PRINTERS_LOCATION_SIZE];
720fc638	71	char hwtype[PRINTERS_HWTYPE_SIZE], lowerhwtype[PRINTERS_HWTYPE_SIZE];
bc275f50	72	char modtime[PRINTERS_MODTIME_SIZE], lmodtime[LIST_MODTIME_SIZE];
720fc638	73	char contact[PRINTERS_CONTACT_SIZE], hostname[MACHINE_NAME_SIZE];
	74	char spoolhost = host, unixtime_fmt = UNIXTIME_FMT, *p;
	75	int ka, pc, ac, lpc_acl, banner, rm;
bc275f50	76	EXEC SQL END DECLARE SECTION;
	77	TARFILE *tf;
	78	FILE *out;
720fc638	79	char filename[MAXPATHLEN], *duptc;
20e540e7	80	time_t mtime, now = time(NULL);
bc275f50	81
720fc638	82	EXEC SQL SELECT mach_id INTO :rm FROM machine
	83	WHERE name = :spoolhost;
	84
bc275f50	85	sprintf(filename, "%s/print/%s", DCM_DIR, host);
	86	tf = tarfile_open(filename);
	87
720fc638	88	/* printcap */
bc275f50	89	out = tarfile_start(tf, "/etc/printcap.moira", 0644, 0, 0,
	90	"root", "root", now);
	91
	92	EXEC SQL DECLARE csr_printcap CURSOR FOR
	93	SELECT pr.rp, pr.name, pr.duplexname, pr.hwtype,
720fc638	94	m.name, pr.banner, pr.location, pr.contact
	95	FROM printers pr, machine m
	96	WHERE pr.rm = :rm AND m.mach_id = pr.mach_id
	97	AND pr.type != 'ALIAS'
	98	AND ( pr.hwtype LIKE 'HP%' OR pr.hwtype LIKE 'LPR%' );
bc275f50	99	EXEC SQL OPEN csr_printcap;
	100	while (1)
	101	{
	102	EXEC SQL FETCH csr_printcap INTO :rp, :name, :duplexname,
720fc638	103	:hwtype, :hostname, :banner, :location, :contact;
bc275f50	104	if (sqlca.sqlcode)
	105	break;
	106
	107	strtrim(rp);
	108	strtrim(name);
	109	strtrim(duplexname);
	110	strtrim(hwtype);
	111	strtrim(hostname);
bc275f50	112	strtrim(location);
bc275f50	113	strtrim(contact);
720fc638	114	strcpy(lowerhwtype, hwtype);
	115	for (p = lowerhwtype; *p; p++)
	116	p = tolower(p);
bc275f50	117
	118	if (location[0])
	119	fprintf(out, "# %s: %s\n", name, location);
	120	else
	121	fprintf(out, "# %s\n", name);
	122	if (strcmp(location, contact))
	123	fprintf(out, "# contact: %s\n", contact);
	124
720fc638	125	fprintf(out, "%s\n\t:server:cm=%s %s\n\t", rp, hwtype, location);
	126	if (banner == PRN_BANNER_NONE)
	127	fprintf(out, ":sh");
	128	else if (banner == PRN_BANNER_LAST)
	129	fprintf(out, ":hl");
bc275f50	130
a1112064	131	if (!strncmp(hwtype, "HP", 2))
bc275f50	132	{
720fc638	133	fprintf(out, ":lp=%s%%9100:ifhp=model=%s:tc=.hp\n\n",
	134	hostname, lowerhwtype);
	135	duptc = ".hp2";
	136	}
	137	else if (!strncmp(hwtype, "LPR", 3))
	138	{
	139	fprintf(out, ":lp=raw@%s:tc=.apple\n\n", hostname);
	140	duptc = ".apple2";
	141	}
	142
	143	if (*duplexname)
	144	{
	145	fprintf(out, "%s\n\t:server:bq=%s:cm=%s duplex queue\n\t",
	146	duplexname, rp, rp);
	147	if (!strncmp(hwtype, "HP", 2))
	148	fprintf(out, ":ifhp=model=%s", lowerhwtype);
	149	fprintf(out, ":tc=%s\n\n", duptc);
bc275f50	150	}
bc275f50	151	}
	152	EXEC SQL CLOSE csr_printcap;
	153	tarfile_end(tf);
	154
720fc638	155	/* lpd.perms */
	156	out = tarfile_start(tf, "/etc/lpd.perms", 0755, 1, 1,
	157	"daemon", "daemon", now);
	158	fprintf(out, "# Allow anybody to connect, get status, list queue, or "
	159	"print (once a\n# job is spooled)\n");
5647f157	160	fprintf(out, "ACCEPT SERVICE=X,S,Q,P\nACCEPT LPC=status,lpq,printcap\n\n");
720fc638	161
720fc638	162	fprintf(out, "# Only trust certain host keys to forward jobs/commands\n");
2550f93f	163	fprintf(out, "REJECT SERVICE=R AUTHFROM=?* "
	164	"PRINTER=</var/spool/printer/queues.secure "
	165	"NOT AUTHFROM=</var/spool/printer/hostkeys.allow FORWARD\n");
	166	fprintf(out, "REJECT SERVICE=R AUTHFROM=?* AUTHJOB "
	167	"NOT AUTHFROM=</var/spool/printer/hostkeys.allow FORWARD\n\n");
720fc638	168
5647f157	169	fprintf(out, "# Allow root to control and remove jobs\n");
	170	fprintf(out, "ACCEPT SERVICE=C,R SERVER REMOTEUSER=root\n\n");
	171
	172	fprintf(out, "# Allow admins to control and remove jobs\n");
	173	fprintf(out, "ACCEPT SERVICE=C,R AUTH=USER AUTHUSER=</var/spool/printer/lpcaccess.top\n\n");
	174
	175	fprintf(out, "# Printer-specific LPC ACLs\n");
	176	EXEC SQL DECLARE csr_lpc CURSOR FOR
	177	SELECT rp, duplexname FROM printers
	178	WHERE rm = :rm AND lpc_acl != 0;
	179	EXEC SQL OPEN csr_lpc;
	180	while (1)
	181	{
	182	EXEC SQL FETCH csr_lpc INTO :name, :duplexname;
	183	if (sqlca.sqlcode)
	184	break;
	185
	186	strtrim(name);
	187	strtrim(duplexname);
	188	fprintf(out, "ACCEPT SERVICE=C,R PRINTER=%s%s%s AUTH=USER "
	189	"AUTHUSER=</var/spool/printer/%s/lpcaccess\n",
	190	name, *duplexname ? "," : "", duplexname, name);
	191	}
	192	EXEC SQL CLOSE csr_lpc;
	193	fprintf(out, "\n");
	194
720fc638	195	fprintf(out, "# Reject jobs from unauthorized users to restricted queues\n");
	196	EXEC SQL DECLARE csr_ac CURSOR FOR
	197	SELECT rp, duplexname, ka FROM printers
	198	WHERE rm = :rm AND ac != 0;
	199	EXEC SQL OPEN csr_ac;
bc275f50	200	while (1)
bc275f50	201	{
720fc638	202	EXEC SQL FETCH csr_ac INTO :name, :duplexname, ka;
bc275f50	203	if (sqlca.sqlcode)
	204	break;
	205
	206	strtrim(name);
	207	strtrim(duplexname);
720fc638	208	fprintf(out, "REJECT SERVICE=R PRINTER=%s%s%s NOT "
	209	"%sUSER=</var/spool/printer/%s/restrict.list\n",
	210	name, *duplexname ? "," : "", duplexname,
	211	ka ? "AUTH" : "", name);
	212	}
	213	EXEC SQL CLOSE csr_ac;
	214	fprintf(out, "\n");
	215
134f03ec	216	fprintf(out, "# Allow us to lock out users\n");
134f03ec	217	fprintf(out, "REJECT SERVICE=R USER=</var/spool/printer/users.deny\n");
720fc638	218	fprintf(out, "# Accept authenticated jobs to all other printers\n");
	219	fprintf(out, "ACCEPT SERVICE=R AUTH=USER,FWD\n");
	220	fprintf(out, "# Allow authenticated users to lprm their jobs\n");
	221	fprintf(out, "ACCEPT SERVICE=M AUTH=USER,FWD AUTHJOB AUTHSAMEUSER\n\n");
	222
	223	fprintf(out, "# Reject unauthentic print/lprm requests to authenticated queues\n");
0795d237	224	fprintf(out, "REJECT SERVICE=R,M NOT AUTH "
720fc638	225	"PRINTER=</var/spool/printer/queues.secure\n\n");
	226
	227	fprintf(out, "# Reject unauthentic print requests from off MITnet\n");
	228	fprintf(out, "REJECT SERVICE=R NOT REMOTEIP=</var/spool/printer/masks.allow\n\n\n");
	229
	230	fprintf(out, "# Accept unauthentic print requests if same user and on MITnet\n");
	231	fprintf(out, "ACCEPT SERVICE=M NOT AUTHJOB SAMEUSER REMOTEIP=</var/spool/printer/masks.allow\n\n");
	232
720fc638	233	fprintf(out, "# Reject any other lpc, or lprm. Accept all else\n");
720fc638	234	fprintf(out, "REJECT SERVICE=C,M\n");
2550f93f	235	fprintf(out, "DEFAULT ACCEPT\n");
720fc638	236	tarfile_end(tf);
	237
	238	/* list of kerberized queues */
	239	out = tarfile_start(tf, "/var/spool/printer/queues.secure", 0755, 1, 1,
	240	"daemon", "daemon", now);
	241	EXEC SQL DECLARE csr_kq CURSOR FOR
	242	SELECT rp, duplexname FROM printers
	243	WHERE rm = :rm AND ka = 1;
	244	EXEC SQL OPEN csr_kq;
	245	while (1)
	246	{
	247	EXEC SQL FETCH csr_kq INTO :name, :duplexname;
	248	if (sqlca.sqlcode)
	249	break;
bc275f50	250
720fc638	251	strtrim(name);
	252	strtrim(duplexname);
	253	fprintf(out, "%s\n", name);
bc275f50	254	if (*duplexname)
720fc638	255	fprintf(out, "%s\n", duplexname);
	256	}
	257	tarfile_end(tf);
	258
	259	/* restrict lists and lpcaccess files */
	260	EXEC SQL DECLARE csr_spool CURSOR FOR
	261	SELECT UNIQUE rp, ka, ac, lpc_acl
	262	FROM printers
	263	WHERE rm = :rm AND ( ac != 0 OR lpc_acl != 0);
	264	EXEC SQL OPEN csr_spool;
	265	while (1)
	266	{
	267	EXEC SQL FETCH csr_spool INTO :name, :ka, :ac, :lpc_acl;
	268	if (sqlca.sqlcode)
	269	break;
	270
	271	strtrim(name);
	272
	273	sprintf(filename, "/var/spool/printer/%s", name);
	274	tarfile_mkdir(tf, filename, 0755, 1, 1, "daemon", "daemon", now);
bc275f50	275
20e540e7	276	/* The ac and lpc_acl lists may have sublists, and changes to those
	277	* won't affect the superlist's modtime. So we just set the modtime
	278	* to now.
	279	*/
	280
bc275f50	281	/* Access-control list. */
	282	if (ac)
	283	{
bc275f50	284	sprintf(filename, "/var/spool/printer/%s/restrict.list", name);
bc275f50	285	out = tarfile_start(tf, filename, 0755, 1, 1, "daemon", "daemon",
20e540e7	286	now);
883e2e2b	287	if (ka)
	288	dump_krb_acl(out, "LIST", ac, 5);
	289	else
	290	dump_user_list(out, "LIST", ac);
bc275f50	291	tarfile_end(tf);
	292	}
	293
	294	/* printer-specific lpc access. */
	295	if (lpc_acl)
	296	{
720fc638	297	sprintf(filename, "/var/spool/printer/%s/lpcaccess", name);
bc275f50	298	out = tarfile_start(tf, filename, 0755, 1, 1, "daemon", "daemon",
20e540e7	299	now);
883e2e2b	300	dump_krb_acl(out, "LIST", lpc_acl, 5);
bc275f50	301	tarfile_end(tf);
bc275f50	302	}
bc275f50	303	}
720fc638	304
	305	/* lpcaccess.top */
	306	EXEC SQL SELECT ps.lpc_acl INTO :lpc_acl
	307	FROM printservers ps, machine m
	308	WHERE m.name = :spoolhost AND m.mach_id = ps.mach_id;
	309	if (!sqlca.sqlcode && lpc_acl)
	310	{
	311	out = tarfile_start(tf, "/var/spool/printer/lpcaccess.top",
	312	0755, 1, 1, "daemon", "daemon", now);
883e2e2b	313	dump_krb_acl(out, "LIST", lpc_acl, 5);
720fc638	314	tarfile_end(tf);
	315	}
	316
bc275f50	317	EXEC SQL CLOSE csr_spool;
	318
	319	tarfile_close(tf);
	320	}
	321
bc275f50	322	void sqlerr(void)
	323	{
	324	db_error(sqlca.sqlcode);
	325	}