SYNOPSIS
gspl-uchange [ -options ] [ users ]DESCRIPTION
gspl-uchange may be used to update the user permissions file giving the user profiles of various users and the operations which they may be permitted to perform within the GNUspool system, together with the default permissions which are assigned by default to new GNUspool users.Further options allow for a ``password dump'' file to be maintained. This is for the benefit of NIS-type environments where reading through most of the password database can take an unacceptably long time, the user name and userid hash table is maintained in a file and updated as necessary.
The invoking user must have edit admin file permission.
OPTIONS
Note that the order of treatment, letters and keywords described below may be modified by editing the file rest.help - see spsyntax(5). The environment variable on which options are supplied is "GSPL-UCHANGE" and the environment variable to specify the help file is "SPRESTCONF".- -? or +explain
- causes a summary of the other options to be displayed without taking further action.
- -A or +copy-defaults
-
copy the default profile to all users before setting other
permissions on the named users (with the -u option) or after
setting the defaults (with the -D option).
The privileges of the invoking user are not changed by this operation.
- -c classcode or +class classcode
- set the class code of the user(s) as specified by the argument.
- -D or +set-defaults
- indicate that the other options are to apply to the default profile for new users.
- -d num or +default-priority num
- set the default job priority to num, which must be between 1 and 255.
- -F pattern or +form-allowed pattern
- set the permitted form types to match pattern.
- -f formtype or +default-form formtype
- set the default form type to formtype.
- -l num or +min-priority num
- set the minimum job priority to num, which must be between 1 and 255.
- -m num or +max-priority num
- set the maximum job priority to num, which must be between 1 and 255.
- -N or +no-rebuild
- cancel the -R option.
- -n num or +max-copies num
- set the maximum number of copies to num, which must be between 1 and 255.
- -O pattern or +ptr-allowed pattern
- set the permitted printers to match pattern.
- -o printer or +default-ptr printer
- set the default printer to printer.
- -p privileges or +privileges privileges
- set the privileges of the user(s) as specified by the argument.
- -R or +rebuild-file
- rebuild the user permissions file spufile0 incorporating any changes in the password list.
- -s or +no-copy-defaults
- cancel the effect of the -A option
- -u or +set-users
- indicate that the other options are to apply to the users specified on the rest of the command line.
- -X or +dump-passwd
- dump out the hash table of the password file to avoid re-reading the password file within the other programs.
- -Y or +default-passwd
- default handling of password hash file dump - rebuild if it is already present and -R specified, otherwise not.
- -Z or +kill-dump-passwd
- delete any existing dumped password hash file.
- +freeze-current
- Save all the current options in a .gnuspool file in the current directory.
- +freeze-home
- Save all the current options in a .gnuspool file in the user's home directory.
Users or default
In one operation gspl-uchange either adjusts the default permissions, to be applied to new users, if -D is specified, or specified users, if nothing or -u is specified. So first set the required defaults:
gspl-uchange -D -n 20 -p Form,Prinq,Hgo,Cdef -A
Then set named users
gspl-uchange -p ALL jmc root spooler
Rebuilding the user control file
After adding new users to the system, you should rebuild the user control file by running
gspl-uchange -R
On a system with a large number of users, this can take a long time, so the previous method of adding new users as they were encountered meant that various hold-ups occurred in standard utilities or the scheduler, whichever was the first to ``notice'' the changes, which might, in the event, be half-complete.
We suggest that this command be added to the ``add new user'' procedure for your installation.
Dumping the password file
When any of the GNUspool programs which may require to map numeric user ids to names and vice versa start, one of the first operations is to build the appropriate hash tables. This may take some time if there are a large number of user names, especially if NIS (a.k.a. yellow pages) is in use.A short cut is to dump out the password file into a hash table file, by default pwdump0, which may be quickly read in by the relevant programs instead of rebuilding the hash table each time.
You may opt to create the dumped password file by running
gspl-uchange -X
This should only be done when all GNUspool programs are stopped.
Afterwards, each time the user control file is rebuilt using the -R option (or equivalents in other programs such as gspl-user(1)), this file will also be rebuilt. -X does not have to be specified again.
If you ever decide you want to dispense with this file, run gspl-uchange with the -Z option.
For completeness, the -Y option is provided to cancel -X or -Z in case they are provided in the environment or a .gnuspool file, an extremely bad idea.
Privileges
The following may be specified as the argument to -p, as one or more (comma-separated) of the following codes, optionally preceded by a minus to turn off the corresponding privilege. These codes are the same as those displayed by gspl-ulist(1).Gspl-uchange disregards the case of the codes entered.
- Adm
- edit admin file
- Stp
- stop scheduler
- Form
- select forms other than restriction pattern
- Otherp
- select printers other than restriction pattern
- Cpri
- change priority once queued
- Otherj
- edit other users' jobs.
- Prinq
- select printer list
- Hgo
- stop and start printers
- Anyp
- select any priority once queued
- Cdef
- change own default priority within range
- Addp
- add and delete printers
- Cover
- override class
- Unq
- unqueue jobs
- Votj
- view (but not change) other users' jobs
- Remj
- access remote jobs
- Remp
- access remote printers
- Accessj
- access non-displayed job attributes
- Freeze
- freeze parameters from display
"ALL" may be used to denote all of the permissions. For example:
-p Otherj,Otherp -p ALL,-Adm
Notice how "ALL" is set first and then "Adm" taken away in the second example.
A hexadecimal value is also accepted, but this is intended only for the benefit of the installation routines.
FILES
~/.gnuspool configuration file (home directory).gnuspool configuration file (current directory)
rest.help message file
pwdump0 dumped password hash file
spufile0 user permissions file
ENVIRONMENT
- GSPL_UCHANGE
- space-separated options to override defaults.
- SPRESTCONF
- location of alternative help file.
DIAGNOSTICS
Various diagnostics are read and printed as required from the message file, by default rest.help.COPYRIGHT
Copyright (c) 2009 Free Software Foundation, Inc. This is free software. You may redistribute copies of it under the terms of the GNU General Public License <http://www.gnu.org/licenses/gpl.html>. There is NO WARRANTY, to the extent permitted by law.AUTHOR
John M Collins, Xi Software Ltd.