From a5b27e9cea2e7c89cabcfe44b89b269bc2c8ff48 Mon Sep 17 00:00:00 2001 From: David O'Neill Date: Fri, 19 Jan 2001 16:57:39 +0000 Subject: Changes from APPLIANCE_HEAD: source/printing/nt_printing.c - use se_create_child_secdesc() to create appropriate security descriptor when performing print job admin security checks. source/printing/printing.c - Use JOB_ACCESS_ADMINISTER instead of PRINTER_ACCESS_ADMINISTER in print_job_{delete,pause,resume}() - If stat'ing the job file fails, delete the job from printing.tdb - In print_job_end() check lpq cache time and do a print_queue_update() This prevents printing.tdb from growing when using NT/2K clients, and there isn't someone pressing F5 in a port monitor window. - In print_queue_resume() check lpq cache time and do a print_queue_update() Probably should do it for print_job_resume() too. (This used to be commit 0068b7741fd54706ef36ddbbc3092389d281e684) --- source3/printing/nt_printing.c | 32 ++++++++++++++++++++++++++------ source3/printing/printing.c | 33 +++++++++++++++++++-------------- 2 files changed, 45 insertions(+), 20 deletions(-) (limited to 'source3/printing') diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 7b84f95161..9eb7dc12ed 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -3003,9 +3003,9 @@ void map_printer_permissions(SEC_DESC *sd) } /**************************************************************************** - Check a user has permissions to perform the given operation. We use some - constants defined in include/rpc_spoolss.h that look relevant to check - the various actions we perform when checking printer access. + Check a user has permissions to perform the given operation. We use the + permission constants defined in include/rpc_spoolss.h to check the various + actions we perform when checking printer access. PRINTER_ACCESS_ADMINISTER: print_queue_pause, print_queue_resume, update_printer_sec, @@ -3015,7 +3015,7 @@ void map_printer_permissions(SEC_DESC *sd) PRINTER_ACCESS_USE: print_job_start - PRINTER_ACCESS_ADMINISTER (should really be JOB_ACCESS_ADMINISTER): + JOB_ACCESS_ADMINISTER: print_job_delete, print_job_pause, print_job_resume, print_queue_purge @@ -3051,14 +3051,34 @@ BOOL print_access_check(struct current_user *user, int snum, int access_type) /* Get printer security descriptor */ nt_printing_getsec(pname, &secdesc); + + if (access_type == JOB_ACCESS_ADMINISTER) { + SEC_DESC_BUF *parent_secdesc = secdesc; + + /* Create a child security descriptor to check permissions + against. This is because print jobs are child objects + objects of a printer. */ + + secdesc = se_create_child_secdesc(parent_secdesc->sec, False); + + free_sec_desc_buf(&parent_secdesc); + + /* Now this is the bit that really confuses me. The access + type needs to be changed from JOB_ACCESS_ADMINISTER to + PRINTER_ACCESS_ADMINISTER for this to work. Something + to do with the child (job) object becoming like a + printer?? -tpot */ + + access_type = PRINTER_ACCESS_ADMINISTER; + } + + /* Check access */ map_printer_permissions(secdesc->sec); result = se_access_check(secdesc->sec, user, access_type, &access_granted, &status); - /* Check access */ - DEBUG(4, ("access check was %s\n", result ? "SUCCESS" : "FAILURE")); /* Free mallocated memory */ diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 3ce58b5b78..a22c8b749a 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -580,7 +580,7 @@ BOOL print_job_delete(struct current_user *user, int jobid, int *errcode) owns their job. */ if (!owner && - !print_access_check(user, snum, PRINTER_ACCESS_ADMINISTER)) { + !print_access_check(user, snum, JOB_ACCESS_ADMINISTER)) { DEBUG(3, ("delete denied by security descriptor\n")); *errcode = ERROR_ACCESS_DENIED; return False; @@ -622,7 +622,7 @@ BOOL print_job_pause(struct current_user *user, int jobid, int *errcode) owner = is_owner(user, jobid); if (!owner && - !print_access_check(user, snum, PRINTER_ACCESS_ADMINISTER)) { + !print_access_check(user, snum, JOB_ACCESS_ADMINISTER)) { DEBUG(3, ("pause denied by security descriptor\n")); *errcode = ERROR_ACCESS_DENIED; return False; @@ -673,7 +673,7 @@ BOOL print_job_resume(struct current_user *user, int jobid, int *errcode) owner = is_owner(user, jobid); if (!is_owner(user, jobid) && - !print_access_check(user, snum, PRINTER_ACCESS_ADMINISTER)) { + !print_access_check(user, snum, JOB_ACCESS_ADMINISTER)) { DEBUG(3, ("resume denied by security descriptor\n")); *errcode = ERROR_ACCESS_DENIED; return False; @@ -921,12 +921,17 @@ BOOL print_job_end(int jobid) snum = print_job_snum(jobid); - if (sys_fstat(pjob->fd, &sbuf) == 0) + if (sys_fstat(pjob->fd, &sbuf) == 0) { pjob->size = sbuf.st_size; - - close(pjob->fd); - pjob->fd = -1; - + close(pjob->fd); + pjob->fd = -1; + } else { + /* Couldn't stat the job file, so something has gone wrong. Cleanup */ + unlink(pjob->filename); + tdb_delete(tdb, print_key(jobid)); + return False; + } + if (pjob->size == 0) { /* don't bother spooling empty files */ unlink(pjob->filename); @@ -965,9 +970,9 @@ BOOL print_job_end(int jobid) pjob->spooled = True; print_job_store(jobid, pjob); - /* force update the database */ - print_cache_flush(snum); - + /* make sure the database is up to date */ + if (print_cache_expired(snum)) print_queue_update(snum); + /* Send a printer notify message */ printer_name = PRINTERNAME(snum); @@ -1186,8 +1191,8 @@ BOOL print_queue_resume(struct current_user *user, int snum, int *errcode) return False; } - /* force update the database */ - print_cache_flush(snum); + /* make sure the database is up to date */ + if (print_cache_expired(snum)) print_queue_update(snum); /* Send a printer notify message */ @@ -1216,7 +1221,7 @@ BOOL print_queue_purge(struct current_user *user, int snum, int *errcode) } } - print_cache_flush(snum); + print_queue_update(snum); safe_free(queue); /* Send a printer notify message */ -- cgit