SUSE / openSUSEThis Forum is for the discussion of Suse Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can I set up the command, lprm so that I don't have to su root everytime I use it?
I would like to allow my daughters to use my Linux computer for word processing and they would need a way to stop the printer quickly if it starts printing weird characters or a whole page of color rather than what they expected. I don't want to have to give them the root password nor have to be standing over their shoulder everytime they want to print something from my Linux computer.
It would be great if all they had to do was to click on the terminal icon, type lprm and stop the printer in such an emergency.
I did try that once and it couldn't stop the printer. Some sort of client-error or permission denied message.
Previously, "RunAsUser" was set to "yes" but now I have it set to "no". I'll experiment again to see what happens.
ok, I just tried it. While I was able to stop the printer, I was not able to clear the queue. When I clicked on "Cancel Job" it said, client-error-forbidden. Also, I still needed the root password. I don't want to have to do that, or should I say, I don't want my daughters to have to do that.
I am using SuSE 10.1 here, and on the jobs page, clicking on the Cancel button (the black one) I am able to cancel the job.
This works even when I access the printer server from a remote windows machine, using the ip of the server in IE.
What SuSE are you running ?
This kind of access control is done on the file /etc/cups/cupsd.conf.
The job control is regulated by commands Allow/Deny inside the jobs section in this file.
Mine is all commented. You may try to check yours. After any change, restart cups.
Code:
#<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
#</Location>
As an additional info, on a working 9.3 SuSE, the jobs section looks like:
Code:
<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
Allow From @LOCAL
AuthType None
</Location>
This allows connection for any host in my local LAN and allows any user to cancel jobs, even if he/she isn't the owner. In my case, this is not a desired situation, and I am going to fix, thanks to researching a answer for your question
I just tried it with the edited cups config file and did: rccups restart and then printed a small job just to see if I could cancel it and I was given the same error: client-error-forbidden. So, in order to clear the queue, I had to resort to the lprm command.
I just wish there were a way to make it so that all I had to do was to type, lprm, in a terminal without having to su root all the time [just for that one command].
I don't have a SuSE 10.0 here to try/inspect the cupsd.conf file.
But I have seen this file is not the only file involved in grant/deny access to the printer spooler. In some distros, the "AuthType None" works, and others not. May be there is something to do with the owner of cupsd process, or PAM authentication, I don't know.
In distros where "AuthType None" does not work, the group based autentication always works. For example, in a RHEL3:
Code:
<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
AuthClass Group
AuthGroupName lpjobs
Allow From @LOCAL
</Location>
and you need to create a group named lpjobs and put everyone who you want to cancel jobs in this group:
marozsas,
If I sent you a copy of my cupsd.conf file, could you look it over and see what I'd need to do?
could you pm me here and give me your e-mail address so I could send it?
I think what you propose is not the way here in this forum.
The idea is that others can learn with the problems that was presented here.
If you don't mind, please, post your cupsd.conf here and I will be glad in assist you.
Before you do that, I have an alternate setup to you. This I got from a SuSE 10.0 from a friend of mine. It allows everyone to cancel jobs. Try it !
Code:
<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
AuthType None
AuthClass User
Allow From @LOCAL
</Location>
Thank you marozsas! It worked! I'm feeling a lot more comfortable with printing now. It even lets me cancel the job using my username + password now too. I have added a shortcut to my desktop for the CUPS user interface to manage my printer more easily.
Now I have a question out of curiousity:
Near the <Location /jobs> area is a <Location /printer> area. What would happen if I put the same settings (AuthType None, AuthClass User, Allow From @LOCAL) there as well?
You will be able to manage (add/remove) printers and classes. Try it ! It is harmless to add those settings to your cupsd.conf. Just make a backup copy of the working configuration so you can go back in any trouble.
My personal opinion is you should not enable wide access to this area. It is not a good idea. Any user can remove the printer, assign the default printer to other you setup, change the model and driver, etc.
I don't mind that too much because this is just at home and that is the way it's set up with my windows machine. The kids don't mess with my settings anyway. I'm the one that's "dangerous", LOL.
---
Now, how much do you know about sharing the printer? I suppose I'll have to switch to another thread for that?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.