루트 계정이 비활성화된 새 Debian 안정 설치에 프린터를 추가하면 CUPS 웹 인터페이스에 "프린터를 추가할 수 없습니다: 금지됨"이 표시됩니다.

tag-icon tag-icon debian cups
루트 계정이 비활성화된 새 Debian 안정 설치에 프린터를 추가하면 CUPS 웹 인터페이스에 "프린터를 추가할 수 없습니다: 금지됨"이 표시됩니다.

Debian 9(확장/안정)를 새로 설치하여 CUPS 2.2.1을 설치했습니다.이 컴퓨터에서는 루트 계정이 비활성화되었습니다.sudo일반 사용자 계정의 권한을 높이는 데 사용합니다 ma. 파일 /etc/cups/cupsd.conf은 다음과 같습니다

#
# Configuration file for the CUPS scheduler.  See "man cupsd.conf" for a
# complete description of this file.
#
# EDIT: added this line
SystemGroup printadmin

# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
PageLogFormat

# Deactivate CUPS' internal logrotating, as we provide a better one, especially
# LogLevel debug2 gets usable now
MaxLogSize 0

# Only listen for connections from the local machine.
Listen localhost:631
Listen /var/run/cups/cups.sock

# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols dnssd

# Default authentication type, when authentication is required...
# EDIT: changed DefaultAuthType Basic to DefaultAuthType None
DefaultAuthType None

# Web interface setting...
WebInterface Yes

# Restrict access to the server...
<Location />
  Order allow,deny
</Location>

# Restrict access to the admin pages...
# EDIT: added Allow localhost
<Location /admin>
    Order allow,deny
    Allow localhost
</Location>


# Restrict access to configuration files...
<Location /admin/conf>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
</Location>

# Restrict access to log files...
<Location /admin/log>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
</Location>


# Set the default printer/job policies...
<Policy default>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default

  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    Order deny,allow
  </Limit>

  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>

  # All administration operations require an administrator to authenticate...
# EDIT: changed AuthType Default to AuthType None
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
    AuthType None
    Require user @SYSTEM
    Order deny,allow
  </Limit>

  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>

  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>

  <Limit All>
    Order deny,allow
  </Limit>
</Policy>

# Set the authenticated printer/job policies...
<Policy authenticated>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default

  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    AuthType Default
    Order deny,allow
  </Limit>

  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>

  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>

  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>

  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>

  <Limit All>
    Order deny,allow
  </Limit>
</Policy>

그룹 을 만들고 printadmin여기에 나를 추가했습니다.

sudo groupadd printadmin
sudo usermod -a -G printadmin ma

그리고 lp그룹을 위해 같은 일을 했습니다.이 게시물.

그런 다음 재부팅했지만 localhost:631관리 인터페이스( )에서 "프린터 추가"를 클릭했을 때 이전과 동일한 "프린터를 추가할 수 없습니다: 금지됨" 오류가 발생했습니다. 로그 파일에는 /var/log/cups/error_log다음이 포함되어 있습니다.

E [16/Sep/2017:11:34:23 -0500] [Client 24] Returning HTTP Forbidden for CUPS-Get-Devices (no URI) from localhost
E [16/Sep/2017:11:34:23 -0500] [CGI] CUPS-Get-Devices request failed with status 401: Forbidden

이것은 나에게 새로운 것을 말해주지 않습니다. 내가 뭘 잘못했나요?

답변1

내 (페도라) 컵 2.1.3 매뉴얼 페이지에 cupsd.conf다음과 같은 내용이 있습니다.

이전에 cupd.conf 파일에서 허용되었던 파일, 디렉터리 및 사용자 구성 지시문은 이제 cup-files.conf(5) 파일에 저장됩니다.

따라서 귀하의 SystemGroup printadmin라인은 아마도 다음으로 이동되어야 할 것입니다./etc/cups/cups-files.conf

관련 정보