Hello, On Jul 5 14:36 russbucket wrote (shortened): > On Thursday July 5 2007 12:45, James Hatridge wrote: > > That worked! ... > > On Thursday 05 July 2007 19:20, Verner Kjærsgaard wrote: > > > lppasswd -a -g sys root (or someone else...) ... > How did you get it to work as user? I finally got mine to work as root.
It seems you are talking about different Suse Linux and openSUSE versions (of course as usual nobody mentiones his particular Suse Linux or openSUSE version) and it seems you are talking about different usage of "http://localhost:631/": Do only normal stuff or do additinally admin stuff. I will not try to guess around to find out who has actually what or what exactly the questions are. Therefore only some general information: Up to Suse Linux 10.1 we had CUPS 1.1 and since openSUSE 10.2 we have CUPS 1.2 which is not fully backward compatible with CUPS 1.1. For example RunAsUser is no longer supported so that since openSUSE 10.2 / CUPS 1.2 the cupsd runs as root and therefore we are back to its default "basic authentication" via system users and system passwords (in /etc/shadow). Therefore http://en.opensuse.org/SDB:Printer_Configuration_from_SUSE_LINUX_9.0_on is partially outdated for openSUSE 10.2 Additionally by default cupsd in CUPS 1.2 listens only on internal ("localhost") network interfaces (and a Unix domain socket) in /etc/cups/cupsd.conf for CUPS 1.2: ------------------------------------------------------------ # Only listen for connections from the local machine. Listen localhost:631 Listen /var/run/cups/cups.sock ------------------------------------------------------------ For a CUPS 1.2 network server you must change it to listen on the outer network too. Either add someting like "Listen IP.of.your.server", see http://localhost:631/help/ref-cupsd-conf.html?TOPIC=References&QUERY=#Listen or use in openSUSE 10.2 YaST via "Other" -> "Change remote access" and make sure that you use the firewall to protect your host if it is accessible from any untrusted network. In case of an update it is recommended not to use an outdated cupsd.conf from a CUPS 1.1 installation before but to start from scratch with the original cupsd.conf from our CUPS 1.2 RPM. When you use openSUSE 10.2 with an original CUPS 1.2 cupsd.conf file you could allow printer admin stuff for a normal user as follows: -------------------------------------------------------------------- <Policy default> ... <Limit ... CUPS-Add-Printer ...> Require user @SYSTEM normal-user -------------------------------------------------------------------- Replace "normal-user" with the system user name (i.e. the user name in /etc/passwd) of the normal user who should be allowed to do printer admin stuff and restart the cupsd. By the way: Regarding firewall: In particular note that port 631 TCP and UDP must be allowed in firewall settings, see http://en.opensuse.org/SDB:CUPS_in_a_Nutshell "The Spooler" In the YaST firewall module there are predefined "services" for IPP (and also for Samba if you use Samba) so that it should be easiest to use the YaST firewall module. Check if a firewall is active for a network zone in which services should be used which require trusted users (nobody lets arbitraty users print on his printer). By default the Suse firewall allows any access via a network interface which belongs to the "internal zone" because this zone is trusted by default. If the CUPS server and the client systems are in an internal network and when you trust all what there is in your internal network, your network interface must be set to be in the "internal zone". It doesn't make sense to have a network setup in a trusted internal network with a network interface which belongs to the untrusted "external zone" (which is the default to be safe). Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany AG Nuernberg, HRB 16746, GF: Markus Rex
