small progress, no help so far with cups

Gene Heskett gene.heskett at
Thu Sep 28 05:29:24 UTC 2006

On Thursday 28 September 2006 00:56, Daniel Pittman wrote:
>Rob Blomquist <rob.blomquist at> writes:
>> On Wednesday 27 September 2006 03:58, Gene Heskett wrote:
>> I can't find it now, but there was a help page that got me set up
>> right. I had to install Gutenprint and some other utils that were
>> necessry for my printer, but not in the main install. The number one
>> pain I have with Ubuntu is that the web-configuration utility is
>> broken in Ubuntu due to how they do the root less security.
>> You can not use the localhost:631 to configure your printer. It is
>> hopeless!
>> You must use either the command line, or the KDE or Gnome printor
>> tool, and be sure to set administrator privledges.
>Actually, you /can/ use it, but it requires some non-standard settings.
>The quick-start guide is:
>  ] sudo adduser cupsys shadow
>  ] sudo /etc/init.d/cupsys stop
>  ] sudo /etc/init.d/cupsys start
>Now, go for your life with the local HTML administrative tools.

Which is fine with me, its *all* behind a firewall thats behind a router, 
and 3 attempts have made it as far as the log on the firewall box as 
portsentry shut them down dead in the last 3.5 years.  2 got in that far 
because they were known addresses as they were the vz assigned dns servers 
I use.  A nastygram to vz once I'd figured out why I didn't have a dns 
caused a 4 hour shutdown while they re-imaged their *&% windows boxes each 
time.  The last time was some jerk in hangchow.  He didn't get any farther 

>Use a local user login that is a member of lpadmin, of course.
>You should also be aware that you just gave the cupsys code the rights
>to check passwords for everyone, which in turn means that it is a
>potentially remotely exploitable path to guessing your passwords.
>> Why the Ubuntu folks have decided to break some of the better things
>> about certain linux programs, I have no idea. I have been with linux
>> for 6 years, and Ubuntu is partly the easiest, and partly the hardest
>> I have ever worked with.
>Security, in this case, in that it radically reduces the number of
>pieces of software that handle data from arbitrary local (or remote)
>users, and which have access to the password database.
>Also, convenience, because the HTML interface isn't a nice way to
>administer the CUPS system compared to the GUI tools, for most users.

I'll mildly disagree with that, having been using it for several years on 
redhatish systems.  I could have done that with the web server in 1/4 to 
1/2 the time it took kcontrol.  And when its importing lp2 (etc) from a 
server on the network, it should assume the drivers are properly 
configured on the server, and automaticly just ship the raw file over the 
cat5.  I wasted some time on that too...  But the bottom line is that its 
working & thats the important thing.  Many thanks.

>        Daniel
>Digital Infrastructure Solutions -- making IT simple, stable and secure
>Phone: 0401 155 707        email: contact at

Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author) and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.

More information about the kubuntu-users mailing list