cups 2.2.1 en Raspberry Pi 3b+ Linux 4.19.66-v7+ #1253 SMP Jue 15 de agosto 11:49:46 BST 2019 armv7l GNU/Linux
Cuando intento autenticarme para realizar funciones administrativas a través de la interfaz web, se me solicita repetidamente que me autentique y no se me permite agregar una impresora. Puedo autenticarme para ver el registro de errores, que genera el siguiente error después de cada intento fallido de iniciar sesión como usuario=pi. pi se convirtió en miembro del grupo lpadmin. (sudo usermod -a -G lpadmin pi)
E [28/Sep/2019:12:08:03 -0400] [Client 10] Local authentication certificate not found.
Anteriormente en el registro, hay otros errores. A continuación se presenta una lista representativa:
E [28/Sep/2019:08:43:57 -0400] Unable to open listen socket for address [v1.::1]:631 - Address already in use.
E [28/Sep/2019:08:43:57 -0400] Unable to open listen socket for address 127.0.0.1:631 - Address already in use.
Se agradecería cualquier ayuda diagnóstica. Gracias.
Mi /etc/cups/cupsd.conf se muestra a continuación.
#
# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#
# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
PageLogFormat
# Deactivate CUPS' internal logrotating, as we provide a better one, especially
# LogLevel debug2 gets usable now
MaxLogSize 0
# Only listen for connections from the local machine.
# Listen localhost:631
Port 631
Listen /var/run/cups/cups.sock
# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols dnssd
# Default authentication type, when authentication is required...
DefaultAuthType Basic
# Web interface setting...
WebInterface Yes
# Restrict access to the server...
<Location />
Order allow,deny
Allow @local
</Location>
# Restrict access to the admin pages...
<Location /admin>
Order allow,deny
Allow @local
</Location>
# Restrict access to configuration files...
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
Allow @local
</Location>
# Restrict access to log files...
<Location /admin/log>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>
# Set the default printer/job policies...
<Policy default>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew- Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# Set the authenticated printer/job policies...
<Policy authenticated>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
Nueva información (29 de septiembre de 2019): las tazas exploradas están en estado CERRADO-ESPERA.
pi@rpi3bp:~ $ sudo ss -lpn | grep -e ":631" -e "Netid"
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 5 *:631 *:* users:(("cupsd",pid=398,fd=9))
tcp LISTEN 0 5 :::631 :::* users:(("cupsd",pid=398,fd=10))
pi@rpi3bp:~ $ ps -ef | grep -e cups -e UID | grep -v grep
UID PID PPID C STIME TTY TIME CMD
root 398 1 0 Sep21 ? 00:00:08 /usr/sbin/cupsd -l
root 15529 1 0 06:25 ? 00:00:00 /usr/sbin/cupsd -l
root 15530 1 0 06:25 ? 00:00:00 /usr/sbin/cups-browsed
lp 15545 15529 0 06:25 ? 00:00:00 /usr/lib/cups/notifier/dbus dbus://
lp 15546 15529 0 06:25 ? 00:00:00 /usr/lib/cups/notifier/dbus dbus://
lp 15547 15529 0 06:25 ? 00:00:00 /usr/lib/cups/notifier/dbus dbus://
pi@rpi3bp:~ $ sudo ss -pn | grep -e "15530" -e "Netid"
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
u_str ESTAB 0 0 * 429953 * 0 users:(("cups-browsed",pid=15530,fd=2),("cups-browsed",pid=15530,fd=1))
u_str ESTAB 0 0 * 430354 * 0 users:(("cups-browsed",pid=15530,fd=6))
u_str ESTAB 0 0 * 430356 * 0 users:(("cups-browsed",pid=15530,fd=8))
tcp CLOSE-WAIT 1 0 ::1:36556 ::1:631 users:(("cups-browsed",pid=15530,fd=4))
tcp CLOSE-WAIT 1 0 ::1:36554 ::1:631 users:(("cups-browsed",pid=15530,fd=3))
Respuesta1
Investigando más profundamente, se estaban ejecutando 2 procesos cupsd. Debería haber visto esto en mi entrada editada (nueva información del 29 de septiembre de 2019) anterior.
pi@rpi3bp:/etc/cups $ ps -ef | grep cups | grep -v grep
root 398 1 0 Sep21 ? 00:00:14 /usr/sbin/cupsd -l
root 28049 1 0 21:14 ? 00:00:00 /usr/sbin/cupsd -l
root 28050 1 0 21:14 ? 00:00:00 /usr/sbin/cups-browsed
lp 28055 28049 0 21:14 ? 00:00:00 /usr/lib/cups/notifier/dbus dbus://
Al revisar /lib/systemd/system se revelaron múltiples entradas para tazas. Eliminar las entradas org.cups.* y aplicar un apagado + reinicio resolvió el problema.
pi@rpi3bp:/lib/systemd/system $ ls -l | grep cups
-rw-r--r-- 1 root root 234 Jun 16 2016 cups-browsed.service
-rw-r--r-- 1 root root 142 Aug 21 03:51 cups.path
-rw-r--r-- 1 root root 175 Aug 21 03:51 cups.service
-rw-r--r-- 1 root root 136 Aug 21 03:51 cups.socket
-r--r--r-- 1 root root 152 Apr 7 08:30 org.cups.cupsd.path
-r--r--r-- 1 root root 214 Apr 7 08:30 org.cups.cupsd.service
-r--r--r-- 1 root root 146 Apr 7 08:30 org.cups.cupsd.socket
-r--r--r-- 1 root root 147 Apr 7 08:30 [email protected]
-r--r--r-- 1 root root 148 Apr 7 08:30 org.cups.cups-lpd.socket
También agreguéPermitir @localal cupsd.conf para < Ubicación /admin/log >