Fedora Account System
Red Hat Associate
Red Hat Customer
Description of problem: F9/rawhide, recently updated. I created a new print queue for my printer. I made sure the "Server Settings" say "Share published printers connected to this system". Then I setup on queue on my RHEL4 to connect to my new printer. RHEL4 says "Network host 'hostname' is busy". Version-Release number of selected component (if applicable): cups-1.3.7-1.fc9.i386 cups-libs-1.3.7-1.fc9.i386 How reproducible: everytime Steps to Reproduce: 1. setup print queue 2. allow it to be connected to from network 3. doesn't work Additional info: Firewall is off selinux is in permissive mode
What does 'iptables -n -L' say (as root) on the F9 machine?
Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination
You need to unblock TCP port IPP (631). Did you use system-config-printer (i.e. System->Administration->Printing) to set up the queue, or the CUPS web interface (or some other method)?
I used system-config-firewall to disable the firewall (at least, I thought it disabled the firewall). I used system-config-printer to setup the print queue and turn on "Share published printers connected to this system".
Ok, I had to "enable" the firewall, allow CUPS/631, then it worked. Either the firewall isn't off when its "disabled" or there is something else I'm missing.
OK, sounds like it might be a system-config-firewall issue of some sort. Changing component and reassigning.
Changing version to '9' as part of upcoming Fedora 9 GA. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Please have a look at system-config-firewall-1.2.8 in testing. There is a new client service for cups. Please test if this is working for you. The initial firewall configuration is done in anaconda, therefore this bug should be assigned to anaconda afterwards, it should enable the desktop defaults for the firewall.
Please enable the desktop defaults for a desktop system and the server defaults for a server system at installation time: --default=desktop or --default=server BTW: Please also use the service option for ssh instead of the port option: --service=ssh Reassigning to anaconda.
*** Bug 446828 has been marked as a duplicate of this bug. ***
*** Bug 436266 has been marked as a duplicate of this bug. ***
Our general plan in anaconda is to make the default firewall/security setting as strict as possible, then have the user make whatever settings they want to afterwards with system-config-firewall. Right now, the most strict useful settings we can come up with are SELinux enforcing and the firewall with ssh open. People get pretty angry when new holes are opened by default in the installed firewall - in fact, we get occasional bug reports saying ssh shouldn't even be allowed. We don't have anywhere in anaconda to allow the user to decide whether server or desktop makes sense for them, so we can't really make a determination there as to which setting to pass to s-c-firewall.