cups-pdf PostProcessing script to get users from pGina

diff --git a/cups-pdf-find-owner.pl b/cups-pdf-find-owner.pl
new file mode 100755 (executable)
index 0000000..54fafcc
--- /dev/null
+++ b/cups-pdf-find-owner.pl
@@ -0,0 +1,56 @@
+#!/usr/bin/perl
+use warnings;
+use strict;
+use autodie;
+
+use Data::Dump qw(dump);
+use File::Slurp;
+use DBI;
+
+my ($file, $local_user, $remote_user) = @ARGV;
+
+my $job_id = $1 if ( $file =~ m/job_(\d+)/ );
+
+die "can't find job_id in [$file]" unless $job_id;
+
+my $c_file = sprintf "/var/spool/cups/c%05d", $job_id;
+
+my $blob = read_file $c_file;
+
+my (undef,$ip) = split(/job-originating-host-name\x00/, $blob, 2);
+my $len = ord(substr($ip,0,1));
+$ip = substr($ip,1,$len);
+
+my $database = 'pGinaDB';
+my $hostname = '10.60.4.9';
+my $port     = 3306;
+my $user     = 'pGina';
+my $password = 'secret';
+
+my $dsn = "DBI:mysql:database=$database;host=$hostname;port=$port";
+my $dbh = DBI->connect($dsn, $user, $password);
+
+my $sth = $dbh->prepare(qq{
+       select * from pGinaSession where ipaddress = ? and logoutstamp is null order by loginstamp desc
+}) or die "prepare statement failed: $dbh->errstr()";
+$sth->execute($ip) or die "execution failed: $dbh->errstr()";
+if ( $sth->rows < 1 ) {
+       die "can't find IP for job $job_id";
+} elsif ( $sth->rows > 1 ) {
+       warn "ERROR: found $sth->rows() rows for $job_id, usng first one\n";
+}
+my $row = $sth->fetchrow_hashref();
+warn "## row = ",dump($row);
+
+$sth->finish;
+
+my $username = $row->{username} || die "no username in row = ",dump($row);
+
+my $spool = '/var/spool/cups-pdf/';
+mkdir "$spool/$username" if ( ! -e "$spool/$username" );
+my $filename_only = $file;
+$filename_only =~ s/^.*\///; # basename
+
+rename $file, "$spool/$username/$filename_only";
+
+exit 0;

diff --git a/debian-install.sh b/debian-install.sh
index 672a471..56b2d23 100755 (executable)
--- a/debian-install.sh
+++ b/debian-install.sh
@@ -3,6 +3,7 @@
 test `id -u` -ne 0 && exec sudo $0
 
 apt-get install curl libdata-dump-perl cups printer-driver-fujixerox cups-ipp-utils printer-driver-cups-pdf snmp snmp-mibs-downloader
+# ntp samba smbclient
 
 # enable mibs
 grep -i '^mibs :' /etc/snmp/snmp.conf && perl -p -i -n -e 's/^mibs :.*/mibs +ALL/' /etc/snmp/snmp.conf

diff --git a/doc/cups-pdf.txt b/doc/cups-pdf.txt
new file mode 100644 (file)
index 0000000..19dd752
--- /dev/null
+++ b/doc/cups-pdf.txt
@@ -0,0 +1,25 @@
+We are using cups-pdf to create printer which is shared on windows using ipp.
+
+Since we are not getting users from windows in our setup, we need cups-pdf
+PostProcessing hook to look find user from pGinaSessions.
+
+
+sudo vi /etc/cups/cups-pdf.conf
+
+PostProcessing /srv/safeq/cups-pdf-find-owner.pl
+
+
+To make this work, you also have to edit apparmor:
+
+sudo vi /etc/apparmor.d/usr.sbin.cupsd
+
+edit end of file, under /usr/lib/cups/backend/cups-pdf {
+add permission for script execution:
+...
+  /var/spool/cups/** r,
+  /var/spool/cups-pdf/** rw,
+
+  # safeq ffzg -- added to allow execution of PostProcessing
+  /srv/safeq/cups-pdf-find-owner.pl uxr,
+}
+