1 |
I've been running cups happily on this box for a couple of years. It serves |
2 |
print requests from two other computers I have, one running Ubuntu (also |
3 |
running cups), and the other running WinXP. |
4 |
|
5 |
With the upgrade to 1.2.1-r2 from 1.1.23, some probelms arose: |
6 |
1) neither of the other machines can print through this server any more. |
7 |
2) When either of the other machines is running at all, requests to print |
8 |
on this gentoo server lock up for just under 2 minutes before they |
9 |
get to printing. If I shut down the other machines, printing returns |
10 |
to normal locally. |
11 |
|
12 |
The error logs show a repeated error that doesn't ring a bell with me: |
13 |
|
14 |
E [15/Jul/2006:14:20:18 -0700] encrypt_client: Unable to encrypt |
15 |
connection from 64.166.164.53! |
16 |
|
17 |
The config files changed a bit on the upgrade, and I did my best. The last |
18 |
go 'round was through the web interface (once I got that working) so they've |
19 |
all been rewritten by cups. I cannot claim to understand them completely. |
20 |
Can anyone explain the @OWNER @SYSTEM things -- they sound good, |
21 |
but I'm not truly clear on exactly what they do in cups. |
22 |
I want to allow ports 631 (normal cups stuff from the Ubuntu machine) and |
23 |
515 (LPD things for WinXP). |
24 |
|
25 |
I've looked at the config files, and nothing jumps out at me. The one mention |
26 |
of encryption is in the /auth section, which I don't use remotely |
27 |
anyway. Here's |
28 |
cupsd.conf: |
29 |
|
30 |
# Show general information in error_log. |
31 |
LogLevel info |
32 |
SystemGroup lpadmin |
33 |
# Allow remote access |
34 |
Port 631 |
35 |
Listen *:printer |
36 |
Listen /var/run/cups/cups.sock |
37 |
# Enable printer sharing and shared printers. |
38 |
Browsing On |
39 |
BrowseOrder allow,deny |
40 |
BrowseAllow @LOCAL |
41 |
BrowseAddress @LOCAL |
42 |
DefaultAuthType Basic |
43 |
<Location /> |
44 |
# Allow shared printing... |
45 |
Order allow,deny |
46 |
Allow @LOCAL |
47 |
</Location> |
48 |
<Location /admin> |
49 |
Encryption Required |
50 |
# Restrict access to the admin pages... |
51 |
Order allow,deny |
52 |
Allow localhost |
53 |
</Location> |
54 |
<Location /admin/conf> |
55 |
AuthType Basic |
56 |
Require user @SYSTEM |
57 |
# Restrict access to the configuration files... |
58 |
Order allow,deny |
59 |
Allow localhost |
60 |
</Location> |
61 |
<Policy default> |
62 |
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job |
63 |
Purge-Jobs Set-Job-Attributes Create-Job-Subscription |
64 |
Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job |
65 |
Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job> |
66 |
Require user @OWNER @SYSTEM |
67 |
Order deny,allow |
68 |
</Limit> |
69 |
<Limit Pause-Printer Resume-Printer Set-Printer-Attributes |
70 |
Enable-Printer Disable-Printer Pause-Printer-After-Current-Job |
71 |
Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer |
72 |
Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer |
73 |
Promote-Job Schedule-Job-After CUPS-Add-Printer CUPS-Delete-Printer |
74 |
CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Jobs |
75 |
CUPS-Set-Default> |
76 |
AuthType Basic |
77 |
Require user @SYSTEM |
78 |
Order deny,allow |
79 |
</Limit> |
80 |
<Limit CUPS-Authenticate-Job> |
81 |
Require user @OWNER @SYSTEM |
82 |
Order deny,allow |
83 |
</Limit> |
84 |
<Limit All> |
85 |
Order deny,allow |
86 |
</Limit> |
87 |
</Policy> |
88 |
|
89 |
|
90 |
|
91 |
-- |
92 |
Kevin O'Gorman, PhD |
93 |
-- |
94 |
gentoo-user@g.o mailing list |