The Line Printer Daemon (lpd) provides printer services for local and remote users. lpd manages the printer spool area and the print queues. lpd is started at boot time from a startup script. It is generally included in the startup of Linux and BSD systems by default, so you might not need to add it to your startup script. For example, it is started by the /etc/rc.d/rc.inet2 script on a Slackware Linux system.
When lpd starts, it reads the /etc/printcap file to find out about the printers available for its use. The printcap file defines the printers and their characteristics. Configuring a printcap file is the scariest part of setting up a UNIX print server. It scares system administrators because the parser that reads the file is very finicky, and the syntax of the parameters in the file is terse and arcane. Most parser problems can be avoided by following these rules:
Start each entry with a printer name that begins in the first column. No white-space should precede the first printer name. Multiple printer names can be used if they are separated by pipe characters (|). One entry must have the printer name lp. If you have more than one printer on the server, assign lp to the "default" printer.
Continue printer entries across multiple lines by escaping the newline character at the end of the line with a backslash (\), and by beginning the following line with a tab. Take care that no blank space comes after the backslash. The character after the backslash must be the newline character.
Every field, other than the printer name, begins and ends with a colon. The character before the backslash on a continued line is a colon and the first character after the tab on the continuation line is a colon.
The configuration parameters used in a printcap file describe the characteristics of the printer. These characteristics are called "capabilities" in the printcap documentation, but really they are the printer characteristics that lpd needs to know in order to communicate with the printer. Parameters are identified by names that are two characters long and are usually assigned a value. The syntax of the parameters varies slightly depending on the type of value they are assigned. Parameters come in three different flavors:
All printcap Boolean values default to "false." Specifying a Boolean enables its function. Booleans are specified simply by entering the two-character parameter name in the file. For example, :rs: enables security for remote users.
A glance at the manpage shows that there are many printcap parameters. Thankfully, you'll never need to use most of them. Most printer definitions are fairly simple, and most printcap files are small. Writing a printcap from scratch is often unnecessary. Ask the other system administrators on the newsgroup for your system. You'll be surprised how often others have already solved the problem and how willing they are to help.
Print servers usually have only one or two directly attached printers; any other printers defined in the printcap are probably remote printers. Most, if not all, of the printers defined in a client's printcap are remote printers.
# # Remote LaserWriter # lw:\ :lf=/var/adm/lpd-errs:\ :lp=:rm=pecan:rp=lw:\ :sd=/var/spool/lpd-lw:
The lw printer in this sample printcap file is a remote printer. The remote machine to which the printer is attached is defined by the :rm=pecan: parameter and the name of the remote printer on that machine is defined by the :rp=lw: parameter. The lf parameter points to the log file used to log status and error messages. Multiple printers can use the same log file. The final parameter, sd, defines the spool directory. Each printer has its own unique spool directory. Defining the remote printer in the client's printcap file is all that is needed to configure an LPD client.
The line printer daemon uses trusted host security, and it can use the same security file (hosts.equiv) as the r commands.  All of the users on a host listed in the server's hosts.equiv file are permitted to use the server's printers. To restrict access to only those remote users who have accounts on the server, include the :rs: Boolean in the printer description in the printcap file. When :rs: is specified, only users who are logged into "like-named" accounts on a trusted host are granted access to the printer. This parameter is applied on a printer-by-printer basis, so it is possible to restrict access to a special printer while permitting broader access to the other printers on the system.
 See Chapter 12 for more information about the r commands and trusted host security.
A problem with using the hosts.equiv file for printer access is that the file also grants "password-free" login access. It is common to want to share a printer without wanting to grant any other access to the print server. To accommodate this, lpd also uses the /etc/hosts.lpd file for security. A trusted host defined in that file is given access only to printers, and the :rs: parameter works with this host just as it does with a host defined in the hosts.equiv file.
The syntax of the hosts.lpd file is exactly the same as the syntax of the hosts.equiv file. A hosts.lpd file might contain:
This example shows a file that restricts printer access to the users who are logged into brazil and acorn.
Print jobs are sent to the line printer daemon using the Line Printer Remote (lpr) program. The lpr program creates a control file and sends it and the print file to lpd. There are many possible lpr command-line arguments, but in general the command simply identifies the printer and the file to be printed, as in:
% lpr -Plj ch09
This command sends a file called ch09 to a printer called lj. The printer can be local or remote. It doesn't matter as long as the printer is defined in the printcap file and therefore known to lpd.
The client software provides commands to allow the user to check the status of the print job. Table 9.2 lists these commands, their syntax, and their meaning.
|lpc restart [printer]||Starts a new printer daemon.|
|lpc status [printer]||Displays printer and queue status.|
|lpq -Pprinter [user] [job]||Lists the jobs in the printer's queue.|
|lprm -Pprinter job||Removes a print job from the queue.|
In this syntax printer is the name of the printer as defined in the /etc/printcap file, user is the username of the owner of a print job, and job is the job number associated with the print job while it is waiting in the queue. The keyword all can be used in place of a printer name in any lpc command to refer to all printers.
While lpc is primarily for the system administrator, the status and restart commands can be used by anyone. All of the commands shown in Table 9.2 are available to users.
The lpq command displays a list of jobs queued for a printer. Command-line arguments permit the user to select which printer queue is displayed and to limit the display from that queue to a specific user's jobs or even to a specific job. Here's an example of displaying the queue for the printer laser:
% lpq -Plaser Rank Owner Job Files Total Size 1st tyler 405 ... 5876 bytes 2nd daniel 401 ... 12118 bytes 3rd daniel 404 ... 12118 bytes
A queued print job can be removed by the owner of the job with the lprm command. Assume that daniel wants to remove print job number 404 shown in the example above. He enters the following command:
% lprm -Plaser 404 dfA404acorn dequeued cfA404acorn dequeued
Along with the r commands, lpd and lpr were among the first commands created for UNIX to exploit the power of TCP/IP networking. Managing printers is primarily a system administration task. Only those aspects of LPD related to remote printing and network security are covered here.
The LP configuration files are located in the /etc/lp directory. These files perform the same basic function as the /etc/printcap file does for LPD. However, the /etc/lp files are not directly edited by the system administrator. On a Solaris system, printers are configured through administrative commands or through the Printer Manager window of the admintool. Figure 9.1 shows the Printer Manager window.
Clients select Add, the Access to Printer from the Add Printer sub-menu of the Edit menu, and enter the name of the remote printer and its server in the window that appears. Servers share printers simply by selecting Add Local Printer in the same menu and configuring a local printer. By default, Solaris shares all local printers.
+:x:-:s5:-:n:10:-:-:Allow all connections
As the comment at its end makes clear, this entry grants all remote systems access to the local printers. The first field defines the name of the host being granted access. When a plus (+) is used in this field, it means all hosts.
The fourth field identifies the type of operating system used on the
remote client. It contains either
s5 for System V computers
that use LP to print jobs, or
bsd for BSD systems that use
n in the sixth field indicates that this "connection"
should never be timed out and removed from the system. A timeout
period in minutes could be entered in this field, but this is not usually
done. Keep the connection available as long as the local server is
10 is a related value. It indicates that if a
connection to a remote system fails, it should be retried after 10
minutes. This is a good value. It is long enough to give the remote
system a chance to restart after a crash. Both
10 are the defaults and don't usually need to be changed.
Don't directly edit the /etc/lp/Systems file. Modify it with the lpsystem command. To remove a system from the Systems file, use lpsystem with the -r hostname command-line argument, where hostname is the value in the first field of the entry you wish to delete. For example, to remove the plus sign (+) entry from the default /etc/lp/Systems file, type:
# lpsystem -r +
To add an entry to the Systems file, use the lpsystem command without the -r option. For example, to add a BSD system named macadamia, enter:
# lpsystem -t bsd -y "Linux PC in room 820" macadamia
The command adds the following entry to the Systems file:
macadamia:x:-:bsd:-:n:10:-:-:Linux PC in room 820
The -t command-line option defines the operating system type. The -y option defines the comment; macadamia is, of course, the hostname. We accepted the default values for the timeout and the retry intervals. These could have been modified from the command line using the -T timeout and the -R retry options. See the manpage for lpsystem for more information.