[Samba] force user statement ignored, BUG in 2.2.8?

[Alexandros Gougousoudis]

Hi,

I have trouble with the "force user" statement in 2.2.8. I'am using a small
perl script to print into a PDF file via a printerdriver on a Win-client.
It's basically a ps2pdf. This script must run as root, or it'll crash (don't
know why, looks like a Ghostscript error, but thats not the point). Therefor
I inserted a force user = root in my conf. Then I have a strange behaviour,
that it prints from Win9x clients, but not from NT/2000/XP clients. The
server is configured as a PDC (no probs with that). I inserted a small
whoami in the script to print out the user. If I start it from a Win9x the
user is always root. If it is a NT/2000/XP Client the calling user is the
login of the client, "force user" is ignored. After RTFM this is not normal,
"foce user" overrides all. Looks like a bug.
What can I do? suid doesn't work and sudo is no option (because I can not
put every client user in the sudoers file). All worked fine, when I had
security=share.

You may want a look on a part of my smb.conf:

[global]
         workgroup = ALOHA
         netbios name = PARADISE
         server string = PDC Aloha-Systeme GmbH
         interfaces = eth0 ippp1
         encrypt passwords = Yes
         update encrypted = Yes
         passwd program = /usr/bin/passwd %u
         unix password sync = Yes
         log level = 1
         name resolve order = host wins bcast
         time server = Yes
         character set = ISO8859-1
         domain admin group = @root
         add user script = /usr/sbin/useradd -d /dev/null -g nogroup -s
/bin/false %m$
         logon script = %U_logon.bat
         logon path = \\%N\profiles\%U
         logon drive = H:
         logon home = \\%N\%U\.profiles
         domain logons = Yes
         os level = 64
         preferred master = Yes
         domain master = Yes
         wins support = Yes
printer admin = @users, @root
         dos filetimes = Yes
         dos filetime resolution = Yes



[printers]
         comment = Netzwerkdrucker
         path = /var/tmp
         read only = No
         guest ok = Yes
         force user = root
         printable = Yes
         browseable = Yes


[pdf-exports]
         path = /usr/exports/pdf
         force user = nobody
         read only = No
         guest ok = Yes

[pdf-printer]
         comment = PDF-Drucker
         path = /tmp
         guest ok = Yes
         force user = root
         printable = Yes
         print command = /usr/local/bin/pdfprint.pl %s %U
         lpq command =
         lprm command =

Please help
 TIA
 Alex

--

------------------------------------------------------------
Aloha-Systeme GmbH *  Tel: 030 / 627 08 630
Wilmersdorfer Str. 79 * 10629 Berlin * Fax: 030 / 627 08 639

Alexandros Gougousoudis *  Mobil:  0172 / 310 64 63
** Netzwerke und Linux **  Email:  ag at aloha-systeme.de

Offizielle Homepage: http://www.aloha-systeme.de/