Bug 507633 - fails if password > 32 chars
fails if password > 32 chars
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: cups (Show other bugs)
11
All Linux
low Severity medium
: ---
: ---
Assigned To: Tim Waugh
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 507629
  Show dependency treegraph
 
Reported: 2009-06-23 10:57 EDT by Ian Weller
Modified: 2013-01-14 15:13 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-03 08:21:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
cupsd.conf (4.00 KB, text/plain)
2009-06-23 13:07 EDT, Ian Weller
no flags Details
pam.d/cups (65 bytes, text/plain)
2009-06-23 13:08 EDT, Ian Weller
no flags Details
pam.d/system-auth (931 bytes, text/plain)
2009-06-23 13:09 EDT, Ian Weller
no flags Details
/var/log/cups/error_log (5.48 KB, text/plain)
2009-06-24 12:13 EDT, Ian Weller
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
CUPS Bugs and Features 2856 None None None Never
CUPS Bugs and Features 3249 None None None Never

  None (edit)
Description Ian Weller 2009-06-23 10:57:45 EDT
Description of problem:
Can't log into CUPS as root user

Version-Release number of selected component (if applicable):
cups-1.4-0.b2.18.fc11.x86_64

How reproducible:
Every time

Steps to Reproduce:
1. Attempt to add printer
2. Log in with correct password (and I've verified it's correct)

Actual results:
No CUPS love.

Expected results:
Magic!

Additional info:
I also can't add a printer with system-config-printer when running as root (with sudo).
Comment 1 Tim Waugh 2009-06-23 11:08:25 EDT
Try the updates:

yum --enablerepo=updates-testing update 'cups*' 'system-config-printer*'

PS. Would be useful to know the actual results in terms of which error message or behaviour you are actually seeing...
Comment 2 Ian Weller 2009-06-23 11:35:10 EDT
1. Attempted to click "Cancel RSS subscription" in http://localhost:631/admin.
2. Password dialog, entered 'root' and root password.
3. Rejects password, hit escape, error:
"401 Unauthorized

Enter your username and password or the root username and password to access this page. If you are using Kerberos authentication, make sure you have a valid Kerberos ticket."
Comment 3 Ian Weller 2009-06-23 11:38:40 EDT
system-config-printer reads
"Unauthorized request (addPrinter)

You are not authorized to carry out the requested action."

Both cups and system-config-printer updated from updates-testing.
Comment 4 Tim Waugh 2009-06-23 12:06:42 EDT
Is this a fresh install, or an upgrade?

What's in /var/log/cups/error_log?
Comment 5 Ian Weller 2009-06-23 12:17:57 EDT
Fresh install. But this also occurs on my upgraded F11 laptop.

"E [23/Jun/2009:11:17:33 -0500] cupsdAuthorize: pam_authenticate() returned 7 (Authentication failure)!" comes up on that login attempt.
Comment 6 Tim Waugh 2009-06-23 12:34:06 EDT
Please humour me and triple-check that you have the correct password.

Can you also please try this as a non-root user?:

/usr/sbin/lpadmin -U root -p foo -E -v /dev/null

Everything's working for me (and others)...
Comment 7 Ian Weller 2009-06-23 12:50:07 EDT
(In reply to comment #6)
> Please humour me and triple-check that you have the correct password.
> 
Have done. Typed in plain text in a terminal, copied, ran "su -", pasted, logged in as root. Went to localhost:631, did adminy stuff, password failed.

> Can you also please try this as a non-root user?:
> 
> /usr/sbin/lpadmin -U root -p foo -E -v /dev/null
> 
That also failed.
Comment 8 Tim Waugh 2009-06-23 13:02:24 EDT
Please attach /etc/cups/cupsd.conf, /etc/pam.d/cups, and /etc/pam.d/system-auth.
Comment 9 Ian Weller 2009-06-23 13:07:58 EDT
Created attachment 349116 [details]
cupsd.conf
Comment 10 Ian Weller 2009-06-23 13:08:44 EDT
Created attachment 349118 [details]
pam.d/cups
Comment 11 Ian Weller 2009-06-23 13:09:28 EDT
Created attachment 349119 [details]
pam.d/system-auth
Comment 12 Tim Waugh 2009-06-23 13:24:52 EDT
Same here.

OK, next:
1. Run 'service cups restartlog' as root
2. Try the lpadmin command from comment #6
3. Attach /var/log/cups/error_log here, as well as any messages logged to /var/log/messages at the time you ran lpadmin
Comment 13 Ian Weller 2009-06-23 21:55:29 EDT
[root@deathray ~]# cat /var/log/cups/error_log 
E [23/Jun/2009:20:54:32 -0500] cupsdAuthorize: pam_authenticate() returned 7 (Authentication failure)!
E [23/Jun/2009:20:54:34 -0500] cupsdAuthorize: pam_authenticate() returned 7 (Authentication failure)!

/var/log/messages says nothing new as the cause of this.
Comment 14 Tim Waugh 2009-06-24 03:15:34 EDT
'cupsctl --debug-logging' and try again.
Comment 15 Tim Waugh 2009-06-24 03:27:33 EDT
(In reply to comment #0)
> Additional info:
> I also can't add a printer with system-config-printer when running as root
> (with sudo).  

(That part is bug #447266.)
Comment 16 Ian Weller 2009-06-24 12:13:17 EDT
Created attachment 349269 [details]
/var/log/cups/error_log

/var/log/messages still said nothing.
Comment 17 Tim Waugh 2009-06-25 05:00:47 EDT
Is your root password longer than 32 characters?  Can you try changing it to something simpler, temporarily, to see if it is something about that particular password?
Comment 18 Ian Weller 2009-06-26 18:27:08 EDT
It is longer than 32 characters. Making it shorter fixes this bug. :/
Comment 19 Tim Waugh 2009-07-02 08:19:45 EDT
It currently has this:

#if HAVE_LIBPAM
typedef struct cupsd_authdata_s         /**** Authentication data ****/
{
  char  username[33],                   /* Username string */
        password[33];                   /* Password string */
} cupsd_authdata_t;
#endif /* HAVE_LIBPAM */

Probably that should be:

#if HAVE_LIBPAM
typedef struct cupsd_authdata_s         /**** Authentication data ****/
{
  char  *username,                   /* Username string */
        *password;                   /* Password string */
} cupsd_authdata_t;
#endif /* HAVE_LIBPAM */

with allocators/deallocators for storage sizes of sysconf(_SC_LOGIN_NAME_MAX) and sysconf(_SC_PASS_MAX) respectively.
Comment 20 Tim Waugh 2009-07-03 08:21:21 EDT
Reported upstream.  Closing this bug report as it has an easy work-around.
Comment 21 Leho Kraav 2013-01-14 15:09:22 EST
Wonderful, this is still an issue with cups-1.5.2
Comment 22 Leho Kraav 2013-01-14 15:13:29 EST
For anyone googling, https://www.cups.org/str.php?L2856

mike: 20:57 Feb 15, 2012
Fixed in Subversion repository.

1.6-feature

Note You need to log in before you can comment on or make changes to this bug.