Hello, On Mar 6 14:08 John Hosszu wrote (shortened): > With a fresh install of SUSE, a user cannot access/use the web interface > at localhost:631. It seems the www documented 'work arounds' are to add > a user to the lppasswd system, or edit the cupsd.conf.
This is true since Suse Linux 9.0 up to Suse Linux 10.1 where CUPS 1.1 is used. For background information and details see http://en.opensuse.org/SDB:Printer_Configuration_from_SUSE_LINUX_9.0_on Since openSUSE 10.2 we use CUPS 1.2 where "RunAsUser" is no longer supported so that since openSUSE 10.2 / CUPS 1.2 the cupsd runs as root and therefore we are back to its default "basic authentication" via system users and system passwords (in /etc/shadow). The problem with the missing authentication dialog happened on my openSUSE 10.2 workstaion with CUPS 1.2.7 This is my cupsd.conf on this machine (the too long "<Limit ...>" lines are folded). It is the default cupsd.conf of the cups-1.2.7-3.2 package in openSUSE 10.2: ------------------------------------------------------------------------- LogLevel info SystemGroup sys root Listen localhost:631 Listen /var/run/cups/cups.sock Browsing On BrowseOrder allow,deny BrowseAllow @LOCAL DefaultAuthType Basic <Location /> Order allow,deny Allow localhost Allow 127.0.0.2 </Location> <Location /admin> Encryption Required Order allow,deny Allow localhost </Location> <Location /admin/conf> AuthType Basic Require user @SYSTEM Order allow,deny Allow localhost </Location> <Policy default> # Job-related operations must be done by the owner # or an adminstrator... <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job> Require user @OWNER @SYSTEM Order deny,allow </Limit> # All administration operations require an adminstrator # to authenticate... <Limit Pause-Printer Resume-Printer Set-Printer-Attributes Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Add-Printer CUPS-Delete-Printer CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default> AuthType Basic Require user @SYSTEM Order deny,allow </Limit> # Only the owner or an administrator can cancel or # authenticate a job... <Limit Cancel-Job CUPS-Authenticate-Job> Require user @OWNER @SYSTEM Order deny,allow </Limit> <Limit All> Order deny,allow </Limit> </Policy> ------------------------------------------------------------------------- Note that there is a default policy that "All administration operations require an adminstrator to authenticate..." and as far as I see, this default policy is exactly what there is in the CUPS 1.2.7 sources (therein the file conf/cupsd.conf.in). > While looking through the cupsd.conf file though, I gained some insight > and added my user to the lp group. This resolved what you described. Can you show us your cupsd.conf as follows: egrep -v '^$|^#' /etc/cups/cupsd.conf | fold -s -w60 It does not work for me when a normal user is in the lp group because in my cupsd.conf there is "SystemGroup sys root". Even if I set "SystemGroup sys root lp", I get the request for the password in the terminal from which I started hp-toolbox. The crucial point is that cupsd does an authentication dialog (except for root on localhost) but this dialog is not "forwarded" to the GUI. > We also noticed that YaST was working also normally. YaST runs as root on localhost. Whatever printer setup tool runs as root on localhost would not need any authentication because root on localhost is trusted by the cupsd without explicite authentication. To see the difference do: [EMAIL PROTECTED] lpadmin -p test -v file:/dev/null [EMAIL PROTECTED] lpadmin -h localhost -p test -v file:/dev/null [EMAIL PROTECTED] lpadmin -h $( hostname ) -p test -v file:/dev/null lpadmin: Forbidden Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany AG Nuernberg, HRB 16746, GF: Markus Rex ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ HPLIP-Devel mailing list HPLIP-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/hplip-devel
