Re: CUPS problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Aaron Konstam wrote:

On Thu, 2007-08-23 at 11:00 +0200, PerAntonRønning wrote:

PerAntonRønning wrote:

Mikkel L. Ellertson wrote:

PerAntonRønning wrote:

Hi Andy
a minor extract of the error_log shows this:
I [22/Aug/2007:12:42:00 +0200] Full reload is required.
I [22/Aug/2007:12:42:00 +0200] Loaded MIME database from '/etc/cups': 33 
types, 38 filters...
I [22/Aug/2007:12:42:01 +0200] Loading job cache file
"/var/cache/cups/job.cache"...
I [22/Aug/2007:12:42:01 +0200] Full reload complete.
I [22/Aug/2007:12:42:01 +0200] Listening to 127.0.0.1:631 on fd 0...
E [22/Aug/2007:12:42:01 +0200] Unable to set ACLs on root certificate
"/var/run/cups/certs/0" - Operation not supported

It seems to listen to 127.0.0.1:631, which should be lo. The last
message tough "operation not supported" does not explain itself, at
least not to me.
ps -Af | grep cupsd shows that the daemon is up and running.
So I'm scratching my head a bit on this.

Brgs
PAR


The "operation not supported" is an indication that selinux is not
enabled. So CUPS could not set the Access Control List values. This
will not stop CUPS from running. The "Listening to 127.0.0.1:631"
says that the CUPS web interface is only available to the local
machine, on port 631. You can not connect to it from another machine
on the network. (This does not affect connecting to printers on your
machine - that is another setting.)

Mikkel
I don't have a real network, just a backup PC connected through an eth card. I do not need to print from other PC's, so what you say may imply that this should work 
by the look of it?
Regarding SElinux - /etc/selinux/config contains:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#    enforcing - SELinux security policy is enforced.
#    permissive - SELinux prints warnings instead of enforcing.
#    disabled - SELinux is fully disabled.
SELINUX=enforcing
# SELINUXTYPE= type of policy in use. Possible values are:
#    targeted - Only targeted network daemons are protected.
#    strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
As to checking if SElinux is enabled the command (listed in my FC5 "bible") 
$/usr/sbin/sestatus -v
gives as output:

SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 21
Policy from config file:        targeted

Process contexts:
Current context:                user_u:system_r:unconfined_t
Init context:                   system_u:system_r:init_t
/sbin/mingetty                  system_u:system_r:getty_t

File contexts:
Controlling term:               user_u:object_r:devpts_t
/etc/passwd                     system_u:object_r:etc_t
/etc/shadow                     system_u:object_r:shadow_t
/bin/bash                       system_u:object_r:shell_exec_t
/bin/login                      system_u:object_r:login_exec_t
/bin/sh system_u:object_r:bin_t -> system_u:object_r:shell_exec_t 
/sbin/agetty                    system_u:object_r:getty_exec_t
/sbin/init                      system_u:object_r:init_exec_t
/sbin/mingetty                  system_u:object_r:getty_exec_t
/usr/sbin/sshd                  system_u:object_r:sshd_exec_t
/lib/libc.so.6 system_u:object_r:lib_t -> system_u:object_r:lib_t /lib/ld-linux.so.2 system_u:object_r:lib_t -> system_u:object_r:ld_so_t 

... so SElinux seems to be enabled.
BUT: In my security level configuration I don't find an entry for "printer" or "printing", 
should I expect such an entry?
--- OPPPS! It must have been too late in the evening. I was referring to the firewall section (tab) of the config screen not the SElinux tab. Printing appears under SELinux. 
So, this seems to be a real puzzle, perhaps I have to reinstall FC5.
(I am a bit conservative when it comes to new versions, I want them to be tested out a bit first, 
so I wait with FC7. Anyone thinking this is too conservative?)


I do. How about disabling selinux and see if printing starts working.
In the environment you describe I don't see that selinux is doing that
much for you.

As to the error below it is really mysterious.

E [22/Aug/2007:12:42:01 +0200] Unable to set ACLs on root certificate

"/var/run/cups/certs/0" - Operation not supported


/var/run/cups/certs/0 is r--r---- on my machine. Setting the ACL on such
a file seems hard to say the least.
I did disable selinux, rebooted the machine, but nothing changed. So, this may be due to some CUPS problem. This is something I have never done before - should I remove and then download and reinstall the whole thing? Next thing may be to reinstall FC5 from the bottom and up. THAT I've done before :-) 


Brgds
PAR
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux