[cups.general] setting access

Andre Kerstens kerstens at scripps.edu
Tue May 25 18:10:17 PDT 2004


Hi Jerome,

I've got a Redhat 8 system running cups 1.1.17. Following is the 
contents of the file /etc/pam.d/cups:

#auth   required        pam_pwdb.so nullok shadow
auth    sufficient      /lib/security/pam_rootok.so
auth    required        /lib/security/pam_stack.so service=system-auth
#account        required        pam_pwdb.so
account required        /lib/security/pam_stack.so service=system-auth

As you can see cups should use system-auth to get it's users and 
passwd's so here's the contents of /etc/pam.d/system-auth:

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_ldap.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok 
use_first_pass
auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so
account     [default=bad success=ok user_unknown=ignore 
service_err=ignore system_err=ignore] /lib/security/pam_ldap.so

password    required      /lib/security/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/pam_unix.so nullok use_authtok 
md5 shadow
password    sufficient    /lib/security/pam_ldap.so use_authtok
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so
session     optional      /lib/security/pam_ldap.so

I would expect that cups uses PAM for users and groups and PAM has been 
configured for ldap (all my other apps like samba work). It's also weird 
that the -u allow switch works with the separate users, but not with 
groups. Anybody else has a clue why?

Thanks

Andre

Jerome Alet wrote:
> On Tue, May 25, 2004 at 12:04:09PM -0700, Andre Kerstens wrote:
> 
>>Hi Daniel,
>>
>>I have exactly the same problem. My users and groups are coming from an 
>>openldap server and cups doesn't seem to reqocnize groups from anything 
>>else then /etc/group. It works with users though, so that's what I'm 
>>doing as a workaround right now: listing all of my users after 'lpadmin 
>>-p printer -u allow:user1,user2,user3
> 
> 
> could you check if your PAM /etc/pam.d/cupsys configuration file
> is correct (this is Debian's location, may be different on your system)
> 
> maybe this could explain your problem
> 
> hth
> 
> Jerome Alet
> 
> _______________________________________________
> cups mailing list
> cups at easysw.com
> http://lists.easysw.com/mailman/listinfo/cups

-- 
------------------------------------------------
Andre Kerstens
Laboratory for Computational Cell Biology
Department of Cell Biology, CB167
The Scripps Research Institute
10550 N. Torrey Pines Road
La Jolla, CA   92037

Phone    +1 858 784 7098
Fax      +1 858 784 7103
Email    kerstens at scripps.edu
WWW      http://cimbio.scripps.edu/groups/Danuser

Administrative Assistant:
-------------------------
Miriam Berba
phone    +1 858 784 2473
email    mirberba at scripps.edu
-------------------------------------------------





More information about the cups mailing list