[cups] Authenticated and unauthenticated queues
Rick Cochran
rcc2 at cornell.edu
Mon Jul 27 12:27:08 PDT 2015
Michael,
What's your opinion about that? Should I be building my own instead of using
RHEL6's build?
Should I be filing my bug report with Red Hat?
Yours,
-Rick
On 7/27/15, 3:17 PM, Michael Sweet wrote:
> Rick,
>
> No, it'll be 1.4.2 with a bunch of patches for any major issues that have been reported, plus the usual distro sauce.
>
>> On Jul 27, 2015, at 3:05 PM, Rick Cochran <rcc2 at cornell.edu> wrote:
>>
>> I have filed a bug report on this.
>>
>> STR #4682 IPP Basic authentication fails without <Location /printers> stanza
>>
>> I listed the CUPS version as 1.4.2 because that's what RHEL6 says it is. But Red Hat's version system is unhinged from their software packages' systems, so I expect it's really the latest version of CUPS.
>>
>> -Rick
>>
>> On 7/23/15, 12:28 PM, Rick Cochran wrote:
>>> I think I have found the log sections which cover the problem. The first log
>>> excerpt is generated with the <Location printers> stanza in place. The second
>>> has it removed.
>>>
>>> For some reason, the "username" is not getting set.
>>>
>>> Yours,
>>> -Rick
>>>
>>>
>>> On 7/22/15, 6:09 PM, Rick Cochran wrote:
>>>> Michael,
>>>>
>>>> If you check my cupsd.conf you will find that I have a permissive <Location />.
>>>>
>>>> If I do not include the <Location printers> stanza, printing using "Policy
>>>> default" (i.e. authenticated) does not work. I get exactly one "HTTP
>>>> Unauthorized for Send-Document" in the server log.
>>>>
>>>> I have been trying permutations and combinations all day.
>>>>
>>>> Yours,
>>>> -Rick
>>>>
>>>> On 7/22/15, 11:02 AM, Michael Sweet wrote:
>>>>> Rick,
>>>>>
>>>>> You'll need a core <Location /> section for access control to the entire
>>>>> server, and then use the <Policy name> sections to control access to printers.
>>>>>
>>>>> See:
>>>>>
>>>>> http://www.cups.org/documentation.php/policies.html
>>>>>
>>>>>
>>>>>> On Jul 22, 2015, at 10:28 AM, Rick Cochran <rcc2 at cornell.edu> wrote:
>>>>>>
>>>>>> Michael,
>>>>>>
>>>>>> Thanks for your quick response!
>>>>>>
>>>>>> I forgot to mention:
>>>>>>
>>>>>> If I remove the Location stanza below, printing does not work for either
>>>>>> authenticated or unauthenticated queues.
>>>>>>
>>>>>> If I place the Location stanza within a Policy definition, cupsd gives me a
>>>>>> syntax error.
>>>>>>
>>>>>> So basically, I don't know how to do what you suggest.
>>>>>>
>>>>>> Am I missing any elements in my Limit stanzas?
>>>>>>
>>>>>> Yours,
>>>>>> -Rick
>>>>>>
>>>>>>
>>>>>> On 7/22/15, 8:50 AM, Michael Sweet wrote:
>>>>>>> Rick,
>>>>>>>
>>>>>>> Put the AuthType and Require lines in the Policy definition. Putting it on
>>>>>>> /printers applies those requirements to all printers.
>>>>>>>
>>>>>>>
>>>>>>>> On Jul 21, 2015, at 7:03 PM, Rick Cochran <rcc2 at cornell.edu> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I need to have both authenticated and unauthenticated queues. The attached
>>>>>>>> cupsd.conf _almost_ works. The problem is in the following stanza:
>>>>>>>>
>>>>>>>> <Location /printers>
>>>>>>>> AuthType Basic
>>>>>>>> Encryption Required
>>>>>>>> Order deny,allow
>>>>>>>> Allow localhost
>>>>>>>> # Require user @SYSTEM
>>>>>>>> </Location>
>>>>>>>>
>>>>>>>> If I set the AuthType to "Basic" as above, the authenticated queues work
>>>>>>>> and the unauthenticated queues do not work.
>>>>>>>>
>>>>>>>> If I set the AuthType to "None", the unauthenticated queues work and the
>>>>>>>> authenticated queues do not work.
>>>>>>>>
>>>>>>>> By "work", I mean prompt for ID/password (or not) and actually print.
>>>>>>>>
>>>>>>>> By "do not work", I mean the server just sits there and does not fully
>>>>>>>> accept the print job.
>>>>>>>>
>>>>>>>> I use "-op-policy=noauth" when creating the unauthenticated queues.
>>>>>>>>
>>>>>>>> Any help would be appreciated.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> -Rick
>>>>>>>> <cupsd.conf.txt>_______________________________________________
>>>>>>>> cups mailing list
>>>>>>>> cups at cups.org
>>>>>>>> https://www.cups.org/mailman/listinfo/cups
>>>>>>>
>>>>>>> _________________________________________________________
>>>>>>> Michael Sweet, Senior Printing System Engineer, PWG Chair
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cups mailing list
>>>>>>> cups at cups.org
>>>>>>> https://www.cups.org/mailman/listinfo/cups
>>>>>>>
>>>>>> _______________________________________________
>>>>>> cups mailing list
>>>>>> cups at cups.org
>>>>>> https://www.cups.org/mailman/listinfo/cups
>>>>>
>>>>> _________________________________________________________
>>>>> Michael Sweet, Senior Printing System Engineer, PWG Chair
>>>>>
>>>>> _______________________________________________
>>>>> cups mailing list
>>>>> cups at cups.org
>>>>> https://www.cups.org/mailman/listinfo/cups
>>>>>
>>>
>>>
>>> _______________________________________________
>>> cups mailing list
>>> cups at cups.org
>>> https://www.cups.org/mailman/listinfo/cups
>>>
>> _______________________________________________
>> cups mailing list
>> cups at cups.org
>> https://www.cups.org/mailman/listinfo/cups
>
> _________________________________________________________
> Michael Sweet, Senior Printing System Engineer, PWG Chair
>
> _______________________________________________
> cups mailing list
> cups at cups.org
> https://www.cups.org/mailman/listinfo/cups
>
More information about the cups
mailing list