Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Hello, Printers -> -> Administration -> Set Default Options A workaround to avoid doing this is to have DefaultPolicy in cupsd.conf on the server as "authenticated". Ah, thank you, I found it. Regards Christoph
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
On Fri 21 Jul 2017 at 16:20:41 +0200, Christoph Pleger wrote: > Hello, > > >Isn't it under "Policies"? > > Maybe I am blind, but I even cannot find "Policies", though I have clicked > on many of the links. Maybe me. I should have said this is for setting policies on individual queues. Printers -> -> Administration -> Set Default Options A workaround to avoid doing this is to have DefaultPolicy in cupsd.conf on the server as "authenticated". Regards, Brian.
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Hello, Isn't it under "Policies"? Maybe I am blind, but I even cannot find "Policies", though I have clicked on many of the links. Regards Christoph
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
On Fri 21 Jul 2017 at 10:21:23 +0200, Christoph Pleger wrote: > Hello, > > >cups-browsed now saves a copy of the remote printer's PPD in > >/var/cache/cups. "Operation Policy" is one of the options which > >can set there using the web interface (say). > > I cannot find where to change the operation policy in the web interface. Isn't it under "Policies"? -- Brian.
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Hello, cups-browsed now saves a copy of the remote printer's PPD in /var/cache/cups. "Operation Policy" is one of the options which can set there using the web interface (say). I cannot find where to change the operation policy in the web interface. I wonder whether we really have a bug here if this is the way it is designed to work now. If cups-browsed is designed to take invalid data from a self-created cache, than that is a bug in design. Regards Christoph
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
On Wed 19 Jul 2017 at 09:40:11 +0200, Christoph Pleger wrote: > Hello, > > >But I dug a hole for myself. > > > >4. Reinstall stretch's cups-browsed (no change in cupsd.conf) to go back > > to 2. "OpPolicy authenticated" is what I get! > > > >5. Remove "DefaultPolicy authenticated" from cupsd.conf. Back to 1. Not > > at all! It's still "DefaultPolicy authenticated". > > > >Colour me perplexed (or inept). > > I guess that some information is taken from the files in /var/cache/cups and > that these cache files are not correctly updated ... cups-browsed now saves a copy of the remote printer's PPD in /var/cache/cups. "Operation Policy" is one of the options which can set there using the web interface (say). I wonder whether we really have a bug here if this is the way it is designed to work now. Regards, Brian.
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Hello, But I dug a hole for myself. 4. Reinstall stretch's cups-browsed (no change in cupsd.conf) to go back to 2. "OpPolicy authenticated" is what I get! 5. Remove "DefaultPolicy authenticated" from cupsd.conf. Back to 1. Not at all! It's still "DefaultPolicy authenticated". Colour me perplexed (or inept). I guess that some information is taken from the files in /var/cache/cups and that these cache files are not correctly updated ... Regards Christoph
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Christoph - thank you for your report. On Fri 14 Jul 2017 at 08:54:29 +0200, Christoph Pleger wrote: > Package: cups-browsed > Version: 1.11.6-3 > Severity: critical > > Dear maintainers, > > cups-browsed from Debian stretch ignores the "DefaultPolicy authenticated" > entry in my cupsd.conf, so that all browsed-imported printers in > /etc/cups/printers.conf are listed with "OpPolicy default". That differs > from how it was in older Debian versions and their cups-browseds, and it > allows users to print with another user id than their own without > authentication, critical in an environment like ours where users have to pay > for their print quota. An account of my testing procedure. cups and cups-browsed were restarted after a change to cupsd.conf.. 1. No DefaultPolicy directive in cupsd.conf. All five of my remote printers show as "OpPolicy default". 2. Put "DefaultPolicy authenticated" in cupsd.conf. The printers show as in 1. 3. Install cups-browsed 1.10.0-1 (no change in cupsd.conf). The printers show "OpPolicy authenticated". At this point it appears the data support your contention. I was going to suggest a look at /usr/share/doc/cups-filters/changelog.gz (CHANGES IN V1.11.3) and think on whether the implicitclass backend was involved. But I dug a hole for myself. 4. Reinstall stretch's cups-browsed (no change in cupsd.conf) to go back to 2. "OpPolicy authenticated" is what I get! 5. Remove "DefaultPolicy authenticated" from cupsd.conf. Back to 1. Not at all! It's still "DefaultPolicy authenticated". Colour me perplexed (or inept). -- Brian.
Processed: Re: Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Processing control commands: > severity -1 important Bug #868283 [cups-browsed] cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf Severity set to 'important' from 'critical' -- 868283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868283 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Control: severity -1 important Le vendredi, 14 juillet 2017, 08.54:29 h CEST Christoph Pleger a écrit : > cups-browsed from Debian stretch ignores the "DefaultPolicy > authenticated" entry in my cupsd.conf, so that all browsed-imported > printers in /etc/cups/printers.conf are listed with "OpPolicy default". > That differs from how it was in older Debian versions and their > cups-browseds, and it allows users to print with another user id than > their own without authentication, critical in an environment like ours > where users have to pay for their print quota. Although a bug that needs to be investigated, that certainly doesn't qualify as "critical" in Debian Bug severities [0]. At most 'important'. No time _right now_ to investigate this, but tagging at the correct severity for now. Cheers, OdyX [0] https://www.debian.org/Bugs/Developer#severities signature.asc Description: This is a digitally signed message part.
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Package: cups-browsed Version: 1.11.6-3 Severity: critical Dear maintainers, cups-browsed from Debian stretch ignores the "DefaultPolicy authenticated" entry in my cupsd.conf, so that all browsed-imported printers in /etc/cups/printers.conf are listed with "OpPolicy default". That differs from how it was in older Debian versions and their cups-browseds, and it allows users to print with another user id than their own without authentication, critical in an environment like ours where users have to pay for their print quota. Regards Christoph