Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
The new samba_krb5_wrapper that allows CUPS to use Kerberos to
authenticate with printers doesn't list SMB devices when called with
no arguments. As a result, the SMB protocol isn't listed as a
possible printer connection mechanism.
Version-Release number of selected component (if applicable):
samba-4.4.4-9
How reproducible:
100%
Steps to Reproduce:
run "lpinfo -v"
or
run "/usr/lib/cups/backend/smb"
Actual results:
# lpinfo -v
serial serial:/dev/ttyS0?baud=115200
network ipps
network lpd
network socket
network https
network http
network ipp
# /usr/lib/cups/backend/smb
DEBUG: SMBSPOOL_KRB5 - Started with uid=0
DEBUG: SMBSPOOL_KRB5 - AUTH_INFO_REQUIRED is not set
ATTR: auth-info-required=negotiate
Expected results:
# lpinfo -v
serial serial:/dev/ttyS0?baud=115200
network ipps
network lpd
network socket
network https
network http
network ipp
network smb
(Last entry "network smb" should be included)
# /usr/lib/cups/backend/smb
network smb "Unknown" "Windows Printer via SAMBA"
Additional info:
When the "lpinfo -v" command is used, cupsd calls
/usr/lib/cups/daemon/cups-deviced to execute all the backends in
/usr/lib/cups/backend with no arguments. When a backend is called
with no arguments, it should list all the devices that are accessible
via that backend.
This mechanism is also used by the Web UI and system-config-printer to
enumerate possible print devices. If samba_krb5_wrapper doesn't
provide the proper out put, SMB will not be listed as an option in the
GUI when installing new printers.
Proposed patch forthcoming...
Created attachment 1248878[details]
Another possible patch
This patch falls back to the smbspool command if AUTH_INFO_REQUIRED is not set or is not set to "negotiate". Because cups-deviced doesn't set AUTH_INFO_REQUIRED when searching for devices, this allows the wrapper to call smbspool to send the line
network smb "Unknown" "Windows Printer via SAMBA"
back to cups-deviced/cupsd when enumerating devices.
I believe this patch will also allow the backend to be used both with SMB printers that use Kerberos as well as SMB printers that use other authentication methods (username,password for example).
Comment 5Andreas Schneider
2017-02-10 10:31:06 UTC
I think I prefer the patch from comment #4.
Could you please apply this to the Samba git master branch. And send a git-format patch with your sign-off to samba-technical mailing list or attach it here. However you need to sign the CoO that your patch can be added, see
https://git.samba.org/?p=samba.git;a=blob;f=README.contributing
Comment 6Andreas Schneider
2017-02-10 10:32:00 UTC
Created attachment 1250789[details]
New patch
As requested, a patch created using "git format-patch" with BUG: and Signed-off-by: headers. I also sent this to samba-technical.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2017:1950