[Samba] "CREATOR OWNER" with samba

[Joris De Pooter]

Joris De Pooter a écrit :
> Gerald (Jerry) Carter a écrit :
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Joris De Pooter wrote:
>>
>>> Hi all,
>>>
>>> I just saw that my users don't have the right to manage their own
>>> printing job (pausing, deleting...) .  I saw that a "CREATOR OWNER" 
>>> token seems to do this job, but i'm not sure how I can implement
>>> it with my Samba box.
>>>
>>> Because "CREATOR OWNER" doesn't seem to be a regular NT4 group.
>>>
>>> Has somebody any advice with it ?
>>
>>
>>
>> The current print security checks for removing jobs is based
>> on matching the requesting client's user name against the
>> owner of the job (sort of a built in creator owner) and
>> then falling back to the manage documents permission in
>> the security descriptor.   Pausing a job requires interaction
>> with the underlying print system.  To you have an lppause
>> command defined in smb.conf?
>>
>>
>>
>>
>> cheers, jerry
> 
> 
> Hello Jerry,
> 
> I didn't setup lppause/lpresume commands, my bad.
> But, thanks for your explanation anyway, it's good to know how it works 
> behind.
> 
> Cheers :)
> 

It's me again,

Today, I saw one of my user couldn't delete its own print job.
I think there's a problem with unix access rights, because from 
my linux box as root I was able to delete that job with lprm command.

Here's a truncated listing of my /var/spool/cups directory :

-rw-------  1 root lp   630 Aug  1 17:26 c13354
-rw-r-----  1 root lp 38346 Aug  1 17:22 d13352-001

As you can see, the job d13352-001 is owned by root:lp although 
my user is logged (with winbind) as tartenpion.
Is this the reason why my user tartenpion can't delete his own 
job ? I think this is strange, and moreover Cups is setup to run 
as lp:lp

What's the good way to fix this ?
Thanks for any help, cheers !


-- 
Joris De Pooter
Tél.: +33(0)164868319