I don't know PAM very well, I have to admit. Locking the root account seems in this instance to have decreased security: previously, libcups would have handled the authentication for us (using PAM) -- but now we have to run the whole application as root.
How do you currently use the http://localhost:631/ interface in that environment? Basically it comes down to your policy choice: who precisely do you want to be able to perform administrative functions? Console users? Any users logged into the machine? Only users in particular groups? etc. Once we know the answer to that question, we can work out what the real solution is. I don't believe that gksu or consolehelper (usermode) is the way to go long-term. Perhaps the answer will be some special handling of the root certificate in /etc/cups/certs/0 or something. -- Lack support to gksu https://bugs.launchpad.net/bugs/114714 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
