remote management of shared network printer on Ubuntu server
Paul Sladen
ubuntu at paul.sladen.org
Mon Sep 12 10:43:48 UTC 2005
On Sun, 11 Sep 2005, Ryan Jacobs wrote:
Hello Ryan,
> -I added "cupsys" to the "shadow" group.
This means that cups can now read the '/etc/shadow' file and check
passwords against the hashes in that file. I think it should really be
using PAM for this as there is an '/etc/pam.d/cupsys' entry.
> in cups, admin access is only allowed to the "SystemGroup" which, by
> default, is "lpadmin". My lpadmin group was empty
Perhaps in Ubuntu, this should be changed to be either 'lpadmin' or 'admin'
(which is the default %group used to give full 'sudo' powers to users).
Could you file this is a bug on:
http://bugzilla.ubuntu.com/
> I had to edit the <Location /> [..] (Allow From 192.168.10.1/24 - my
> whole local domain). [..] "Listen 192.168.10.1:631" statement
Ubuntu has a ''no open/listening ports'' policy by default, so we can't have
cups listening on the other interfaces by default. Perhaps there should be
an easier way of enabling external cupsys access by clicking a box
somewhere.
Could you file this as an enhancement please.
> edit the <Location /admin> directive to comment out the following: #
> Deny From All # Allow From 127.0.0.1
This is related to the previous entry (see the previous '<Location />'
change you made). Given that, by default, cupsys is not listening on
external interfaces, this could perhaps be commented out.
Ideally this would be wrapped up in a GUI with options:
* Allow access from (network-range)
* Allow admin from (network-range)
-Paul
--
The summer is familiar here. Edinburgh, GB
More information about the ubuntu-users
mailing list