Bug 442345 - New print queue unavailable to network
Summary: New print queue unavailable to network
Alias: None
Product: Fedora
Classification: Fedora
Component: anaconda   
(Show other bugs)
Version: rawhide
Hardware: All Linux
Target Milestone: ---
Assignee: Anaconda Maintenance Team
QA Contact: Fedora Extras Quality Assurance
: 436266 446828 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2008-04-14 14:42 UTC by Tom Cross
Modified: 2008-07-22 14:56 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-07-22 14:56:22 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Tom Cross 2008-04-14 14:42:37 UTC
Description of problem:
F9/rawhide, recently updated.  I created a new print queue for my printer.  I
made sure the "Server Settings" say "Share published printers connected to this
system".  Then I setup on queue on my RHEL4 to connect to my new printer.  RHEL4
says "Network host 'hostname' is busy".

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:
1. setup print queue
2. allow it to be connected to from network
3. doesn't work
Additional info:

Firewall is off
selinux is in permissive mode

Comment 1 Tim Waugh 2008-04-14 15:00:56 UTC
What does 'iptables -n -L' say (as root) on the F9 machine?

Comment 2 Tom Cross 2008-04-14 15:11:01 UTC
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --             state
ACCEPT     icmp --             
ACCEPT     all  --             
ACCEPT     tcp  --             state NEW tcp dpt:22 
REJECT     all  --             reject-with

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --             reject-with

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination  

Comment 3 Tim Waugh 2008-04-14 15:25:37 UTC
You need to unblock TCP port IPP (631).

Did you use system-config-printer (i.e. System->Administration->Printing) to set
up the queue, or the CUPS web interface (or some other method)?

Comment 4 Tom Cross 2008-04-14 15:57:56 UTC
I used system-config-firewall to disable the firewall (at least, I thought it
disabled the firewall).  I used system-config-printer to setup the print queue
and turn on "Share published printers connected to this system".

Comment 5 Tom Cross 2008-04-14 18:07:45 UTC
Ok, I had to "enable" the firewall, allow CUPS/631, then it worked.

Either the firewall isn't off when its "disabled" or there is something else I'm

Comment 6 Tim Waugh 2008-04-14 21:19:15 UTC
OK, sounds like it might be a system-config-firewall issue of some sort. 
Changing component and reassigning.

Comment 7 Bug Zapper 2008-05-14 09:23:58 UTC
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:

Comment 8 Thomas Woerner 2008-05-26 16:35:53 UTC
Please have a look at system-config-firewall-1.2.8 in testing. There is a new
client service for cups. Please test if this is working for you.

The initial firewall configuration is done in anaconda, therefore this bug
should be assigned to anaconda afterwards, it should enable the desktop defaults
for the firewall.

Comment 9 Thomas Woerner 2008-07-22 12:24:43 UTC
Please enable the desktop defaults for a desktop system and the server defaults
for a server system at installation time: --default=desktop or --default=server

BTW: Please also use the service option for ssh instead of the port option:

Reassigning to anaconda.

Comment 10 Thomas Woerner 2008-07-22 13:10:27 UTC
*** Bug 446828 has been marked as a duplicate of this bug. ***

Comment 11 Thomas Woerner 2008-07-22 13:10:59 UTC
*** Bug 436266 has been marked as a duplicate of this bug. ***

Comment 12 Chris Lumens 2008-07-22 14:56:22 UTC
Our general plan in anaconda is to make the default firewall/security setting as
strict as possible, then have the user make whatever settings they want to
afterwards with system-config-firewall.  Right now, the most strict useful
settings we can come up with are SELinux enforcing and the firewall with ssh
open.  People get pretty angry when new holes are opened by default in the
installed firewall - in fact, we get occasional bug reports saying ssh shouldn't
even be allowed.

We don't have anywhere in anaconda to allow the user to decide whether server or
desktop makes sense for them, so we can't really make a determination there as
to which setting to pass to s-c-firewall.

Note You need to log in before you can comment on or make changes to this bug.