Can't remote admin CUPS even with Allow from ALL
Yang Xiao
yxiao2004 at gmail.com
Mon Aug 23 16:49:15 UTC 2004
On Sun, 22 Aug 2004 11:38:19 -0400, sean darcy <seandarcy at hotmail.com> wrote:
> I have a cups server on 10.10.8.252. It's set up as a raw printer, and
> works, mostly. I can telnet into the server.
>
> But, when I try to remotely admin the server by browsing to 10.10.8.252:631
> I get:
>
> I get 403 Forbidden.
>
> I've tried all sorts of changes to <Location/admin> in cupsd.conf. Here's
> all the uncommented lines in cupsd.conf:
>
> LogLevel error
>
> MaxLogSize 0
>
> MaxCopies 1
>
> Printcap /etc/printcap
>
> FilterLimit 200
>
> <Location /jobs>
> #
> # You may wish to limit access to job operations, either with Allow
> # and Deny lines, or by requiring a username and password.
> #
> Order Deny,Allow
> Deny From All
> Allow From 127.0.0.1
> Allow From 10.10.8.*
> </Location>
>
> <Location /printers>
> #
> # You may wish to limit access to printers and classes, either with Allow
> # and Deny lines, or by requiring a username and password.
> #
> Order Deny,Allow
> Deny From All
> Allow From 127.0.0.1
> Allow From 10.10.8.*
> </Location>
>
> #<Location /printers/name>
> #
> # You may wish to limit access to printers and classes, either with Allow
> # and Deny lines, or by requiring a username and password.
> #
>
> ## Anonymous access (default)
> #AuthType None
>
> ## Require a username and password (Basic authentication)
> #AuthType Basic
> #AuthClass User
>
> ## Require a username and password (Digest/MD5 authentication)
> #AuthType Digest
> #AuthClass User
>
> ## Restrict access to local domain
> #Order Deny,Allow
> #Deny From All
> #Allow From .mydomain.com
> #</Location>
>
> <Location /admin>
> #
>
> AuthType Basic
> AuthClass System
>
> ## Restrict access to local domain
> # Order Deny,Allow
> # Deny From All
> # Allow From 127.0.0.1
> # Allow From 10.10.*
> #Encryption Required
> </Location>
>
> #
> # End of "$Id: cupsd.conf.in,v 1.13 2003/04/10 20:14:04 mike Exp $".
> #
> # Lines below are automatically generated - DO NOT EDIT
> <Location /printers/mfc8600>
> Order Deny,Allow
> Deny From All
> Allow From 127.0.0.1
> AuthType None
> Allow from All
> </Location>
> <Location /printers/rawprinter>
> Order Deny,Allow
> Deny From All
> Allow From 127.0.0.1
> AuthType None
> Allow from All
> </Location>
> <Location />
> Order Deny,Allow
> Deny From All
> Allow From 127.0.0.1
> </Location>
> Browsing On
> BrowseProtocols cups
> BrowseOrder Deny,Allow
> BrowseAllow from @LOCAL
> BrowseAddress 255.255.255.255
> Listen *:631
>
> netstat shows all the sockets are CLOSE_WAIT:
>
> netstat -anp | grep cups
> tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN
> 2070/cupsd
> tcp 1 0 10.10.8.252:631 10.10.8.1:60378
> CLOSE_WAIT 2070/cupsd
> tcp 1 0 10.10.8.252:631 10.10.8.1:60379
> CLOSE_WAIT 2070/cupsd
> tcp 0 0 10.10.8.252:631 10.10.8.1:60382
> ESTABLISHED 2070/cupsd
> udp 0 0 0.0.0.0:631 0.0.0.0:*
> 2070/cupsd
> unix 3 [ ] STREAM CONNECTED 11590 2070/cupsd
>
> I've flushed iptables.
>
> Any help appreciated.
>
> sean
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
Hi,
check the directory permissions. Does the Apache user have access to it?
Yang
More information about the fedora-list
mailing list