The officially official Devuan Forum!

mclien

Member

Registered: 2020-02-29

Posts: 99  

[SOLVED] cups administration denied

I have a server and a client both running daedalus.
until recently I was able to do administration via webinterface.

I can log in via ssh on my server with my user account
I do get the "jobs" page of cups, but every attempt to log in to the admin interface ends with "Your account does not have the necessary privileges."

I did notice that the GID of lpadmin are different on client and server (110 serv, 108 client).

So did go ahead and added a new group cups-admin and added my user to that group and changed
the line in /etc/cups/cups-files.conf  to

SystemGroup root cups-admins

/etc/cups/cupsd.conf seems to be in order, too.

# Only listen for connections from the local machine.
#Listen localhost:631
Listen <serverIP>:631
Listen /run/cups/cups.sock

# Web interface setting...
WebInterface Yes

# Restrict access to the server...
<Location />
  Order allow,deny
  Allow From 127.0.0.1
  Allow From <my internal netork>
</Location>

# Restrict access to the admin pages...
<Location /admin>
  Require group printer-admins
  Order allow,deny
  Allow From 127.0.0.1
  Allow From <my internal netork>
</Location>

# Restrict access to configuration files...
<Location /admin/conf>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
</Location>

# Restrict access to log files...
<Location /admin/log>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
</Location>

I'm running out of ideas.

mclien

Member

Registered: 2020-02-29

Posts: 99  

Re: [SOLVED] cups administration denied

OK, no idea where this setting came from:

# Restrict access to the admin pages...
<Location /admin>
  Require group printer-admins

I never had a group called "printer-admins"

adding "cups-admins" to this does the trick.

I guess putting "lpadmins" there as first action would have done the trick.

Last edited by mclien (2024-07-10 15:09:00)