On Tue, 08 Mar 2016, Karl Forner wrote:
On an ubuntu 14.04 box, freeIPA enrolled, I am no longer authorized to
administer cups via the web UI.
It used to work before the freeIPA enrollment and it works with a local
account, so I strongly suspect that it is related to freeIPA.
Steps to reproduce:
click on "Add Printer"
a popup opens asking for CUPS credentials.
If I type my credentials (freeIPA user), it fails.
From the /var/log/auth.log:
Mar 8 15:14:58 pyro cupsd: pam_unix(cups:auth): authentication failure;
logname= uid=0 euid=0 tty=cups ruser= rhost=localhost user=karl
Mar 8 15:14:58 pyro cupsd: pam_sss(cups:auth): Request to sssd failed.
I added many local groups to my freeIPA user:
If I enter the credentials of a local account (non managed by freeIPA), it
What's wrong ?
Just an idea:
You probably have AppArmor running and its default policy might prevent
cupsd to talk to sssd socket.
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project