lprm command

gymnart · 06-09-2006, 08:18 AM

Can I set up the command, lprm so that I don't have to su root everytime I use it?
I would like to allow my daughters to use my Linux computer for word processing and they would need a way to stop the printer quickly if it starts printing weird characters or a whole page of color rather than what they expected. I don't want to have to give them the root password nor have to be standing over their shoulder everytime they want to print something from my Linux computer.

It would be great if all they had to do was to click on the terminal icon, type lprm and stop the printer in such an emergency.

marozsas · 06-09-2006, 09:10 AM

If you are using cups, there is a nice web based user interface to the printers: http://localhost:631/printers

You can add a bookmark to your browser or even create a icon on desktop to open your browser in that place.

gymnart · 06-09-2006, 09:17 AM

I did try that once and it couldn't stop the printer. Some sort of client-error or permission denied message.
Previously, "RunAsUser" was set to "yes" but now I have it set to "no". I'll experiment again to see what happens.

gymnart · 06-09-2006, 12:59 PM

ok, I just tried it. While I was able to stop the printer, I was not able to clear the queue. When I clicked on "Cancel Job" it said, client-error-forbidden. Also, I still needed the root password. I don't want to have to do that, or should I say, I don't want my daughters to have to do that.

marozsas · 06-09-2006, 01:36 PM

I am using SuSE 10.1 here, and on the jobs page, clicking on the Cancel button (the black one) I am able to cancel the job.
This works even when I access the printer server from a remote windows machine, using the ip of the server in IE.

What SuSE are you running ?

This kind of access control is done on the file /etc/cups/cupsd.conf.

The job control is regulated by commands Allow/Deny inside the jobs section in this file.
Mine is all commented. You may try to check yours. After any change, restart cups.

Code:

#<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
#</Location>

marozsas · 06-09-2006, 02:35 PM

As an additional info, on a working 9.3 SuSE, the jobs section looks like:

Code:

<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
Allow From @LOCAL
AuthType None
</Location>

This allows connection for any host in my local LAN and allows any user to cancel jobs, even if he/she isn't the owner. In my case, this is not a desired situation, and I am going to fix, thanks to researching a answer for your question

gymnart · 06-13-2006, 03:09 PM

Mine is just blank as in your first example.
Thanks! I'll try this and let you know.

P.S. I'm running SuSE 10.0

gymnart · 06-13-2006, 03:29 PM

I just tried it with the edited cups config file and did: rccups restart and then printed a small job just to see if I could cancel it and I was given the same error: client-error-forbidden. So, in order to clear the queue, I had to resort to the lprm command.
I just wish there were a way to make it so that all I had to do was to type, lprm, in a terminal without having to su root all the time [just for that one command].

marozsas · 06-14-2006, 06:35 AM

I don't have a SuSE 10.0 here to try/inspect the cupsd.conf file.
But I have seen this file is not the only file involved in grant/deny access to the printer spooler. In some distros, the "AuthType None" works, and others not. May be there is something to do with the owner of cupsd process, or PAM authentication, I don't know.

In distros where "AuthType None" does not work, the group based autentication always works. For example, in a RHEL3:

Code:

<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
AuthClass Group
AuthGroupName lpjobs
Allow From @LOCAL
</Location>

and you need to create a group named lpjobs and put everyone who you want to cancel jobs in this group:

Code:

sulfer:~ # cat /etc/group | grep lpjobs
lpjobs:x:1000:miguel,fabio,vicente,adhemar,nakano,felicio,ronaldo,marcos,omar,venancio
sulfer:~ #

The user must authenticate yourself to be able to remove jobs, using he/she own login/password, not root's password.

gymnart · 06-16-2006, 12:04 PM

marozsas,
If I sent you a copy of my cupsd.conf file, could you look it over and see what I'd need to do?
could you pm me here and give me your e-mail address so I could send it?

marozsas · 06-19-2006, 07:55 AM

Hi gymnart,

I think what you propose is not the way here in this forum.
The idea is that others can learn with the problems that was presented here.
If you don't mind, please, post your cupsd.conf here and I will be glad in assist you.

Before you do that, I have an alternate setup to you. This I got from a SuSE 10.0 from a friend of mine. It allows everyone to cancel jobs. Try it !

Code:


<Location /jobs>
#
# You may wish to limit access to job operations, either with Allow
# and Deny lines, or by requiring a username and password.
#
AuthType None
AuthClass User
Allow From @LOCAL
</Location>

gymnart · 06-19-2006, 10:04 AM

Thank you marozsas! It worked! I'm feeling a lot more comfortable with printing now. It even lets me cancel the job using my username + password now too. I have added a shortcut to my desktop for the CUPS user interface to manage my printer more easily.

gymnart · 06-20-2006, 10:28 AM

Now I have a question out of curiousity:
Near the <Location /jobs> area is a <Location /printer> area. What would happen if I put the same settings (AuthType None, AuthClass User, Allow From @LOCAL) there as well?

marozsas · 06-20-2006, 10:55 AM

You will be able to manage (add/remove) printers and classes. Try it ! It is harmless to add those settings to your cupsd.conf. Just make a backup copy of the working configuration so you can go back in any trouble.

Code:

$ cp /etc/cups/cupsd.conf /etc/cups/cupsd.conf.working

and to restore the backup copy:

Code:

$ cp /etc/cups/cupsd.conf.working /etc/cups/cupsd.conf
$ rccupsd restart

My personal opinion is you should not enable wide access to this area. It is not a good idea. Any user can remove the printer, assign the default printer to other you setup, change the model and driver, etc.

gymnart · 06-21-2006, 01:29 PM

I don't mind that too much because this is just at home and that is the way it's set up with my windows machine. The kids don't mess with my settings anyway. I'm the one that's "dangerous", LOL.

---
Now, how much do you know about sharing the printer? I suppose I'll have to switch to another thread for that?