CUPS requer Autenticação [RESOLVIDO]

1. CUPS requer Autenticação [RESOLVIDO]

Adriano Langaro
adrianolangaro

(usa openSUSE)

Enviado em 29/12/2011 - 11:40h

Boa dia gente. Tenho um problema e creio que poderei encontrar ajuda por aqui. Seguinte, tenho um servidor com Ubuntu Server 10.04, nele está instalado o SAMBA (que está funcionando pois consigo acessar as pastas compartilhadas e tudo mais). Levantamos a necessidade de utilizar o CUPS em nossa rede e estou implantando-o. Ele está isntalado e consigo acessar por ipdoserver:631. O problema é que quando necessito de algo administrativo, como Adicionar uma Impressora por exemplo, o CUPS pede autenticação assim:

"401 Não autorizado

Digite o seu nome de usuário e a sua senha ou o nome de usuário e a senha de root para acessar esta página. Se estiver usando a autenticação Kerberos, certifique-se de possuir uma entrada Kerberos válida."

E não sei o que por, clicanco em cancelar, tenho isso:

"401 Não autorizado

Digite o seu nome de usuário e a sua senha ou o nome de usuário e a senha de root para acessar esta página. Se estiver usando a autenticação Kerberos, certifique-se de possuir uma entrada Kerberos válida."

O que será que pode ser? O que é o tal do Kerberos?

Grato pela ajuda! :D

--------------EDIT----------------

O arquivo de configuração do CUPS é esse:

#
#
# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#

# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn

# Deactivate CUPS' internal logrotating, as we provide a better one, especially
# LogLevel debug2 gets usable now
MaxLogSize 0

# Administrator user group...
SystemGroup lpadmin


# Only listen for connections from the local machine.
Listen 631
Listen /var/run/cups/cups.sock

# Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow all
BrowseLocalProtocols CUPS dnssd
BrowseAddress @LOCAL

# Default authentication type, when authentication is required...
DefaultAuthType Basic

# Restrict access to the server...
<Location />
Allow From 192.168.10.161
Allow All
</Location>

# Restrict access to the admin pages...
<Location /admin>
Allow From 192.160.10.161
Allow All
</Location>

# Restrict access to configuration files...
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>

# Set the default printer/job policies...
<Policy default>
# Job-related operations must be done by the owner or an administrator...
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

<Limit All>
Order deny,allow
</Limit>
</Policy>

# Set the authenticated printer/job policies...
<Policy authenticated>
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI>
AuthType Default
Order deny,allow
</Limit>

<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

<Limit All>
Order deny,allow
</Limit>
</Policy>

#
#

--------------EDIT----------------


  


2. Re: CUPS requer Autenticação

Ednilton Santos de Oliveira
ednilton_so

(usa KUbuntu)

Enviado em 29/12/2011 - 14:43h

Olá,

Tente editar o arquivo /etc/cups/cupsd.conf adicionando o seguinte ao fim do arquivo:

<Location /admin>
Require group printer-admins
Order Deny,Allow
Deny From All
Allow From 127.0.0.1
Allow From XXX.XXX.XXX.XXX
</Location>

sendo XXX.XXX.XXX.XXX o IP da máquina de onde você está tentando configurar o CUPS. Para esse configuração surtir efeito, você tem que reiniciar o CUPS:
service cups restart 


Boa sorte.


3. Estamos perto, mas nem tanto!

Adriano Langaro
adrianolangaro

(usa openSUSE)

Enviado em 29/12/2011 - 15:14h

ednilton_so escreveu:

Olá,

Tente editar o arquivo /etc/cups/cupsd.conf adicionando o seguinte ao fim do arquivo:

<Location /admin>
Require group printer-admins
Order Deny,Allow
Deny From All
Allow From 127.0.0.1
Allow From XXX.XXX.XXX.XXX
</Location>

sendo XXX.XXX.XXX.XXX o IP da máquina de onde você está tentando configurar o CUPS. Para esse configuração surtir efeito, você tem que reiniciar o CUPS:
service cups restart 


Boa sorte.


Cara, obrigado. Mas continuo com o "problema" =P
Aproveitei e adicionei o que vc me disse e ainda adicionei Allow From xxx.xxx.xxx.xxx abaixo de cada order deny,allow, ficanco o arquivo de configuração assim:

#
#
# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#

# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn

# Deactivate CUPS' internal logrotating, as we provide a better one, especially
# LogLevel debug2 gets usable now
MaxLogSize 0

# Administrator user group...
SystemGroup lpadmin


# Only listen for connections from the local machine.
Listen 631
Listen /var/run/cups/cups.sock

# Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow all
BrowseLocalProtocols CUPS dnssd
BrowseAddress @LOCAL

# Default authentication type, when authentication is required...
DefaultAuthType Basic

# Restrict access to the server...
<Location />
Allow From 192.168.10.161
Allow All
</Location>

# Restrict access to the admin pages...
<Location /admin>
Allow From 192.160.10.161
Allow All
</Location>

# Restrict access to configuration files...
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
Allow From 192.168.10.161
</Location>

# Set the default printer/job policies...
<Policy default>
# Job-related operations must be done by the owner or an administrator...
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

<Limit All>
Order deny,allow
Allow From 192.168.10.161
</Limit>
</Policy>

# Set the authenticated printer/job policies...
<Policy authenticated>
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI>
AuthType Default
Order deny,allow
Allow From 192.168.10.161
</Limit>

<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
Allow From 192.168.10.161
</Limit>

<Limit All>
Order deny,allow
Allow From 192.168.10.161
</Limit>
</Policy>

<Location /admin>
Require group printer-admins
Order Deny,allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.10.161
Allow From 192.168.10.180
</Location>

#
#


Como funciona isso? digo, o Deny, Allow...

Aguardo a resposta e Obrigado :D

P.s.: Em todos os tutoriaios em que vi a intalação do CUPS, todos eles necessitaram instalar o SAMBA tambem. NEste servidor, tenho o SAMBA instalado e rodando, será que há algo errado?


4. Re: CUPS requer Autenticação

Ednilton Santos de Oliveira
ednilton_so

(usa KUbuntu)

Enviado em 29/12/2011 - 16:36h

Olá,

Primeiro, em vez de
Listen localhost:631 

coloque
Port 631 

e adicione "Allow All" (sem aspas) à seção "# Restrict access to configuration files...".

Referência: http://thismightbehelpful.blogspot.com/2008/09/remote-access-to-cups-web-interface.html

Acabei de testar aqui com um servidor Debian.

Boa sorte.


5. Re: CUPS requer Autenticação [RESOLVIDO]

Adriano Langaro
adrianolangaro

(usa openSUSE)

Enviado em 30/12/2011 - 07:58h

Cara, fiz o que você falou mas nada.
Soh que então no improviso, digitei o username e senha de root do ubuntu server e acessou :D
Não sei se é o certo a fazer, vou testar e posto aqui os comentários.

Obrigado :D






Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts