Bug 498884
Summary: | cups rejects access from non-localhost | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Johan Vromans <jvromans> | ||||
Component: | cups | Assignee: | Tim Waugh <twaugh> | ||||
Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 10 | CC: | arckanjo, a.tolle, twaugh | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | 1.3.10-5.fc10 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2009-05-06 10:54:28 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
When you installed 1.3.10-4.fc10 from updates-testing it should have adjusted /etc/cups/cupsd.conf to add "ServerAlias *" at the end. However, your "step 1" above uses the upstream default configuration (i.e. cupsd.conf.default) which does *not* have "ServerAlias *" at the end, but should. Fix coming shortly. Thanks for the info. However, Adding "ServerAlias *" (and restarting CUPS) does not change anything for me. The docs mention "If your CUPS server is accessed using a hostname or hostnames not known to the server itself you must add "ServerAlias hostname" to cupsd.conf for each such name." but I fail to see why CUPS does not know the FQDN of the local system. It's in /etc/hosts and DNS. ... Which precisely turned out to be the problem. The FQDN was stored in /etc/hosts as 127.0.0.1 and apparently CUPS doesn't like 2 IPs for a single FQDN. AFAIC we can close this bug. The question is: should we allow a request intended for a FQDN for this host over the loopback interface? Needs investigation and discussion with upstream. Reported upstream. Intentional behaviour. cups-1.3.10-5.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. cups-1.3.10-5.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. I confirm, that cups-1.3.10-5.fc10 runs well. But cups-1.4-0.b2.18.f11 and 1.4-0.rc1.3.fc11 has the same or similar bug again. Output after the remote access in my /var/log/cups/error_log of the local machine: E [22/Jun/2009:07:51:46 +0200] Request from "77.176.92.21" using invalid Host: field "buero111.homelinux.net" Output on the remote machine in /var/log/cups/error_log: E [22/Jun/2009:07:52:13 +0200] [Job 357] Abfragen des Druckerstatus (Bad Request) nicht möglich! (Translation: Request of printer status not possible) buero111.homelinux.net is my dyn-DNS host name. As mentioned in comment #4, it is intentional behaviour that CUPS rejects requests addressed to the FQDN of the host when received over the local loopback interface. Solution: don't make the FQDN of the host resolve to 127.0.0.1, but instead to the correct external IP address for that FQDN. (In reply to comment #8) I have a dynamic DNS, the IP changes daily. Then use 'localhost' to refer to that machine locally. (In reply to comment #10) I had to rename my host to the dyn-DNS, my machine now calls buero111.homelinux.net and it runs well. ;-) Thank you for your help. Guys! Is very simple to solved this F* nightmare put this line in your cupsd.conf file |||||||||||||--> ServerAlias * <--||||||||||||||||| sample: ____________________________________________________________________________ # Administrator user group... SystemGroup sys root users # Only listen for connections from the local machine. Listen 631 Listen /var/run/cups/cups.sock # Show shared printers on the local network. Browsing On BrowseOrder allow,deny BrowseAllow @LOCAL BrowseAllow All # Default authentication type, when authentication is required... DefaultAuthType Basic DefaultEncryption Never ServerAlias * <-------------------------------------------- #FileDevice No # Restrict access to the server... _____________________________________________________________________________ And Work in Internet access Keywords: 400 bad request // Erro ao Acessar Via Internet // Acesso CUPs // Slackware 13.0.0.0 // Resolvido // Solved // Resolution // Error to access Cups |
Created attachment 342285 [details] CUPS config Description of problem: When CUPS is accessed by host name, not localhost, access is rejected and the message "Request from "localhost" using invalid Host: field "fully.qualified.host.name:631"" This also makes printing from cups-friendly apps impossible. Version-Release number of selected component (if applicable): 1.3.10-4.fc10 (updates-testing) 1.3.10-1.fc10 (updates) How reproducible: Always. Steps to Reproduce (assuming the host has IP 192.168.1.251): 1. Using localhost:631, edit config -> choose default config 2. Enable - Share published printers connected to this system - Allow printing from the Internet - Allow remote administration 3. Save and restart cups 4. Access 127.0.0.1:631 -> works 5. Access 192.168.1.251:631 -> works 6. Access fully.qualified.host.name:631 -> "400 Bad Request" Actual results: 6. Access fully.qualified.host.name:631 -> "400 Bad Request" Expected results: 6. Access fully.qualified.host.name:631 -> works Additional info: cuspd.conf attached.