CUPS forbidding me access to web interface
Hi all, I'm trying to set up CUPS on a Debian Sid system. I have the latest CUPS available via apt-get (1.7.1-6). When I try to browse to the web interface (http://192.168.1.4:631 and https://192.168.1.4:631), I'm getting a HTTP 403 Forbidden error. I am having trouble finding anything which explain how to fix this. Everything I've found so far seems to assume that the web interface will "just work". The server running CUPS has no GUI, so I can't test to see if the web interface works there or not. The changes to the default Debian configuration file: LogLevel debug #Listen localhost:631 #Listen /var/run/cups/cups.sock Port 631 #<Location /admin> # Order allow,deny #</Location> Any assistance will be greatly appreciated. Regards, Tim Lyth
Tim Lyth <tim@timlyth.com> wrote:
When I try to browse to the web interface (http://192.168.1.4:631 and https://192.168.1.4:631), I'm getting a HTTP 403 Forbidden error.
Perhaps there's an access control list in place in the default configuration. Have you looked at the log files on the machine that is running cupsd?
The server running CUPS has no GUI, so I can't test to see if the web interface works there or not.
Of course you can test it. sudo apt-get install lynx-cur && lynx http://localhost:631
On 28/02/14 10:32, Tim Lyth wrote:
The server running CUPS has no GUI, so I can't test to see if the web interface works there or not.
$ ssh -L6631:127.0.0.1:631 root@printserver $ firefox http://127.0.0.1:6631/
Hi Tim, Some config ideas. - Remove "Listen localhost:631" if it exists. - Insert "ServerAlias *" to allow any hostname. - Allow connections from anywhere to test (obviously unsafe). e.g. Port 631 ServerAlias * Listen /var/run/cups/cups.sock <Location /> # Allow shared printing and remote administration... Order allow,deny Allow all </Location> <Location /admin> # Allow remote administration... Order allow,deny Allow all </Location> Cheers, Rob. On 28/02/14 10:32, Tim Lyth wrote:
Hi all,
I'm trying to set up CUPS on a Debian Sid system. I have the latest CUPS available via apt-get (1.7.1-6).
When I try to browse to the web interface (http://192.168.1.4:631 and https://192.168.1.4:631), I'm getting a HTTP 403 Forbidden error. I am having trouble finding anything which explain how to fix this. Everything I've found so far seems to assume that the web interface will "just work".
The server running CUPS has no GUI, so I can't test to see if the web interface works there or not.
The changes to the default Debian configuration file: LogLevel debug
#Listen localhost:631 #Listen /var/run/cups/cups.sock Port 631
#<Location /admin> # Order allow,deny #</Location>
Any assistance will be greatly appreciated.
Regards, Tim Lyth _______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main
Tim Lyth <tim@timlyth.com> writes:
I'm trying to set up CUPS on a Debian Sid system. I have the latest CUPS available via apt-get (1.7.1-6).
You should not run sid if you have to ask these questions.[0] As others noted, cupsd probably binds only to lo by default. I looked for a README.Debian; there wasn't one. IIRC cupsd.conf is copiously documented, however. I have these settings, they match Robert's suggestion. /etc/cups# grep ^ cupsd.conf cups-files.conf cupsd.conf:# Hey, Emacs! This is like an -*- apache -*- config file. cupsd.conf:# Ref. /usr/share/doc/cups/online-docs/help/ref-cupsd-conf.html cupsd.conf:Port 631 cupsd.conf:ServerAlias * # Workaround http://bugs.debian.org/530027 cupsd.conf:Browsing Off # Don't probe for OTHER cupsds cupsd.conf:#LogLevel info # Uncomment while debugging. cupsd.conf: cupsd.conf:# Access Control: everyone can print, nobody can administer. cupsd.conf:# Administration is done by editing config files and restarting cupsd. cupsd.conf:# Locking out the internet et al is done by alpha's firewall. cupsd.conf:# NOTE: unlike apache, you can't say <Location path1 path2 ... pathn>. cupsd.conf:<Location /> cupsd.conf: Allow From All cupsd.conf:</Location> cupsd.conf:<Location /admin> cupsd.conf: Deny From All cupsd.conf:</Location> cups-files.conf:ErrorLog syslog # Use syslog for all logging cups-files.conf:AccessLog syslog cups-files.conf:PageLog syslog cups-files.conf:SystemGroup lpadmin [0] From the IRC bot. Apologies for the length; I haven't time to make it shorter. dpkg> Unstable is the status of a Debian release when packages can be dpkg> added at any time, that can disrupt the integrity of the whole dpkg> system! If you have to ask whether you should use it or how, you dpkg> shouldn't. http://www.debian.org/releases/unstable/ dpkg> http://wiki.debian.org/DebianUnstable . dpkg> http://deb.li/sidfaq ; it doesn't hurt to read the FAQ, even if dpkg> you are using <testing>. See also dpkg> http://lists.debian.org/debian-devel/2009/08/msg00041.html and dpkg> <sid upgrade test>. dpkg> If you can't work out how to upgrade your machine to testing (or dpkg> unstable), then this is probably a good indication that you (a) dpkg> don't know enough about Debian to be able to solve the inevitable dpkg> problems you will face and (b) you don't know how to use google or dpkg> documentation to answer really easy questions. If either of these dpkg> apply, you shouldn't be using unstable (or even testing) and we're dpkg> not going to help you do so. dpkg> Testing is a continuously updated release between <stable> and dpkg> <unstable>, currently codenamed <jessie>. See dpkg> http://wiki.debian.org/DebianTesting and [...]. You should have a dpkg> sound knowledge of Debian packaging and be prepared for a bumpy dpkg> ride at times. Don't use it on things that are critical or on dpkg> servers. dpkg> testing faq is probably an _unofficial_ FAQ for the <testing> dpkg> branch of Debian: http://www.linuxmafia.com/debian/testingfaq.html dpkg> Jessie is unlikely to receive full security support for some time dpkg> -- don't run Jessie on things where good security support and dpkg> stability are important. dpkg> Sure, testing might be shinier than stable, but are you prepared dpkg> to be continually updating your system? Things that worked today dpkg> will break tomorrow. Configuration file formats will change and dpkg> you'll have to fold your changes in yet again. Testing is a dpkg> moving target and if you'd rather work *with* your computer than dpkg> working *on* your computer, you might not want that. dpkg> debian-devel-announce is an announcement list to which major dpkg> Debian developments are posted. If you are running releases dpkg> beyond <stable>, then YOU are part of the development process; it dpkg> is your responsibility to read it (no excuses!) or risk missing dpkg> important announcements. dpkg> http://lists.debian.org/debian-devel-announce/ dpkg> apt-listchanges is a tool that displays NEWS.Debian file contents dpkg> (default) and/or the changelogs of Debian packages before dpkg> upgrading them (dpkg-reconfigure apt-listchanges). It is dpkg> recommended for users of stable to install the apt-listchanges dpkg> package, to see what is happening to their systems as security dpkg> fixes are applied; it should be made _mandatory_ for users of dpkg> testing and unstable. dpkg> apt-listbugs (aptitude install apt-listbugs) is available since dpkg> Debian 3.1 "Sarge". When installed, it will fetch the list of dpkg> critical <BTS> bugs that pertain to any packages being installed. dpkg> It also allows you to <pin> a version to prevent upgrades to any dpkg> packages you discover to be too risky.
participants (5)
-
Jason White -
Jeremy Visser -
Robert Shelton -
Tim Lyth -
trentbuck@gmail.com