杯子取消作业给出禁止的错误
Cups cancle jobs gives forbidden error
我想取消网络打印机上的所有打印作业
cupsenable [printername]
cancel -a [printername]
cancel: purge-jobs failed: Forbidden
用户是 "lp" 组的成员
我还在 /etc/cups/cupsd.conf 文件的限制中添加了@OWNER,其中清除作业和取消作业是
之后我关闭会话并再次尝试,再次出现同样的错误。
之后我明确添加了我想取消作业的用户
关闭我打开的会话并重试 -> 没有
也许我遗漏了什么?
这是我的 cupsd.conf:
Listen /var/run/cups/cups.sock
Browsing On
BrowseLocalProtocols dnssd
DefaultAuthType Basic
WebInterface Yes
<Location />
# Allow remote access...
Order allow,deny
Allow all
</Location>
<Location /admin>
</Location>
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
</Location>
<Policy default>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel- Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get- Document>
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM sonex
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
<Policy authenticated>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get- Document>
AuthType Default
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate- Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM sonex
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
也许我错过了某种前提条件?
我不能让用户成为超级用户,因为客户正在使用这个帐户,他不应该是服务器上的超级用户。
通过将带有取消命令的用户添加到 sudoers 文件中解决
sonex ALL=(ALL) NOPASSWD: /etc/bin/cancel -a *
似乎没有办法通过配置文件清除整个打印作业只针对单个作业
我通过谷歌搜索来到这里:
取消:取消作业失败:禁止
我的解决方法是向 lp
组授予 运行 cups 命令的权限,然后将用户添加到 lp
组。
首先,将 lp
添加到 /etc/cups-files.conf
中的系统组...
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
SystemGroup sys root lp
重启杯子...
systemctl restart cups
将用户添加到 lp
组。
usermod -a -G lp user1
user1 现在可以 运行
cancel PRINTER-12345
并使用 cups 站点上的 [取消作业] 按钮(将提示登录)。
Require user {user-name|@group-name} ...
Specifies that an authenticated user must match one of the named users
or be a member of one of the named groups. The group name "@SYSTEM"
corresponds to the list of groups defined by the SystemGroup directive
in the cups-files.conf(5) file.
tldr;
/etc/cupsd.conf
授予@SYSTEM 权限。
/etc/cups-files.conf
系统组定义@SYSTEM。
我想取消网络打印机上的所有打印作业
cupsenable [printername]
cancel -a [printername]
cancel: purge-jobs failed: Forbidden
用户是 "lp" 组的成员
我还在 /etc/cups/cupsd.conf 文件的限制中添加了@OWNER,其中清除作业和取消作业是
之后我关闭会话并再次尝试,再次出现同样的错误。
之后我明确添加了我想取消作业的用户
关闭我打开的会话并重试 -> 没有
也许我遗漏了什么?
这是我的 cupsd.conf:
Listen /var/run/cups/cups.sock
Browsing On
BrowseLocalProtocols dnssd
DefaultAuthType Basic
WebInterface Yes
<Location />
# Allow remote access...
Order allow,deny
Allow all
</Location>
<Location /admin>
</Location>
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
</Location>
<Policy default>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel- Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get- Document>
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM sonex
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
<Policy authenticated>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get- Document>
AuthType Default
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate- Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM sonex
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM sonex
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
也许我错过了某种前提条件?
我不能让用户成为超级用户,因为客户正在使用这个帐户,他不应该是服务器上的超级用户。
通过将带有取消命令的用户添加到 sudoers 文件中解决
sonex ALL=(ALL) NOPASSWD: /etc/bin/cancel -a *
似乎没有办法通过配置文件清除整个打印作业只针对单个作业
我通过谷歌搜索来到这里:
取消:取消作业失败:禁止
我的解决方法是向 lp
组授予 运行 cups 命令的权限,然后将用户添加到 lp
组。
首先,将 lp
添加到 /etc/cups-files.conf
中的系统组...
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
SystemGroup sys root lp
重启杯子...
systemctl restart cups
将用户添加到 lp
组。
usermod -a -G lp user1
user1 现在可以 运行
cancel PRINTER-12345
并使用 cups 站点上的 [取消作业] 按钮(将提示登录)。
Require user {user-name|@group-name} ...
Specifies that an authenticated user must match one of the named users or be a member of one of the named groups. The group name "@SYSTEM" corresponds to the list of groups defined by the SystemGroup directive in the cups-files.conf(5) file.
tldr;
/etc/cupsd.conf
授予@SYSTEM 权限。
/etc/cups-files.conf
系统组定义@SYSTEM。