KDE printer settings need root password to change paper size

Is there any way to change paper sizes on my Oki c330dn without root password? Any help will be appreciated.:slight_smile:

On 2013-06-26 12:56, anika200 wrote:
>
> Is there any way to change paper sizes on my Oki c330dn without root
> password? Any help will be appreciated.:slight_smile:

Ok. First thing is to know who (what) presents that dialog. KDE? Gnome?
LibreOffice?

Alternatively, you can set the page size in the CUPS local web page.
Point any browser to


http://localhost:631/printers/

It will require your login/pass, and your user pass should suffice. If
you click on a printer, you get two drop lists. One is “maintenance”,
and the other “administration”. It is the second one that is more
strict, but I can access “modify printer” as user. In “set default
options for ‘printer name’” I see a tab named “general” where I can set
the default page size and tray.

If you can’t access any of this as user, the settings are done via
“/etc/cups/cupsd.conf”. There are a lot of settings there to configure
who can access what.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

I am using KDE and searching with the kickstart menu for “printer” gets me to the “Printer - KDE Control Module”. When selected the first thing it does is pop up a dialog to enter the root password (the username is already listed as root when the dialog opens). I then have to enter my root password again when I change the paper size and hit apply via the dialog in the screenshot.

Maybe this behavior can be changed via /etc/cups/cupsd.conf? Maybe I can change some setting in policy kit or add myself to some printing group?

http://paste.opensuse.org/view/download/9802144

On 2013-06-26 14:46, anika200 wrote:
>
> robin_listas;2567430 Wrote:

> I am using KDE and searching with the kickstart menu for “printer” gets
> me to the “Printer - KDE Control Module”. When selected the first thing
> it does is pop up a dialog to enter the root password (the username is
> already listed as root when the dialog opens). I then have to enter my
> root password again when I change the paper size and hit apply via the
> dialog in the screenshot.

Mmm.

Run this and post here inside code tags:


grep PERMISSION_SECURITY /etc/sysconfig/security

You should have “easy local”. If you have “secure”, that’s your problem.

> Maybe this behavior can be changed via /etc/cups/cupsd.conf?

If you use cups native tools, yes. With the kde printer module, I’m not
sure. Are you sure it asks for root’s password, not the user password?


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

My guess is if the op follow the first advice of carlos it will allow the user to modify the paper size.

On 2013-06-26 18:46, conram wrote:
>
> My guess is if the op follow the first advice of carlos it will allow
> the user to modify the paper size.

Another possibility is choosing paper size in the application that is
going to print, like libreoffice.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

Yes, these things all work. Thanks for the help.
Using CUPS web interface I do not seem to even need a password after I modify the last section of /etc/cupsd.conf by adding “Allow all”, still testing this though and it probably would not survive an upgrade.

As far as the security I have this


lee@linux-aa3c:~> grep PERMISSION_SECURITY /etc/sysconfig/securityPERMISSION_SECURITY="easy local"
# PERMISSION_SECURITY. If PERMISSION_SECURITY contains 'secure' or
lee@linux-aa3c:~> 

Still puzzles me why the KDE printer control module would need the root password twice. Yes it asks for root password not just the user, at least the word “root” is already filled into the username box when the dialog is opened.

On 06/26/2013 08:16 PM, anika200 wrote:
> Still puzzles me why the KDE printer control module would need the root
> password twice. Yes it asks for root password not just the user, at
> least the word “root” is already filled into the username box when the
> dialog is opened.

while apparently the easy way to do the job is NOT to get KDE
involved, at all…

but if one does use the KDE tool i guess it asks for the password
since the config file is owned by root, and lives in a system folder
which is owned by root, so KDE ‘knows’ that to make a change root
must be involved–that is what KDE tools typically do…

but, why you got asked twice i have no idea…and, my guess is the
asked twice part is worthy of a bugzilla…

please file it and return to here with a URL so we can follow it…tia!


dd

No one else ever indicated if they have the same results of twice for the password?
Anyway, I filed a bug report here https://bugs.kde.org/show_bug.cgi?id=321650

On 2013-06-26 21:46, anika200 wrote:
>
> No one else ever indicated if they have the same results of twice for
> the password?
> Anyway, I filed a bug report here
> https://bugs.kde.org/show_bug.cgi?id=321650

Don’t, you have a misconfiguration.

Please edit “/etc/sysconfig/security” and make sure you have a line
containing:


PERMISSION_SECURITY="easy local"

It is not clear from your CODE section if you have it or not.

And anyway, bugs have to be reported against openSUSE first; only report
upstream if you see the bug across distros or you use the latest version
from upstream.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

On 2013-06-26 20:16, anika200 wrote:

> Yes, these things all work. Thanks for the help.
> Using CUPS web interface I do not seem to even need a password after I
> modify the last section of /etc/cupsd.conf by adding “Allow all”, still
> testing this though and it probably would not survive an upgrade.

Allow all maybe excessive. You could try “allow local”. I think it is
“Allow from @LOCAL”.

> As far as the security I have this
>
> Code:
> --------------------
>
> lee@linux-aa3c:~> grep PERMISSION_SECURITY /etc/sysconfig/securityPERMISSION_SECURITY=“easy local”
> # PERMISSION_SECURITY. If PERMISSION_SECURITY contains ‘secure’ or
> lee@linux-aa3c:~>
>
> --------------------

This segment is not clear. Make sure you don’t change the lines or wrap
them. Instructions here:
Posting in
Code Tags - A Guide

> Still puzzles me why the KDE printer control module would need the root
> password twice. Yes it asks for root password not just the user, at
> least the word “root” is already filled into the username box when the
> dialog is opened.

Did you try to change root to your username?


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

openSUSE bug report https://bugzilla.novell.com/show_bug.cgi?id=827196

On 2013-06-28 06:36, anika200 wrote:
>
> openSUSE bug report https://bugzilla.novell.com/show_bug.cgi?id=827196

I just hit this problem using XFCE in 12.3. Adding to bugzilla.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

Not sure whether this is off-topic, but I am on a large network with 40+ printers administrated centrally. When I want to print, I get this long list, and I would want that one printer is the default there for me. I try to select this through KDE | Configure your printers, am presented with all the detailed information, but as soon as I change anything, it requests a password, without saying whether it is a password for the print server or for my own system. I tried both my user password and my root password, and none of them works. After multiple attempts, all it says is “Failed to perform request: Unauthorized”.

This is extremely inconvenient.

Just a note on the grep part, to make it more precise and not print

# PERMISSION_SECURITY. If PERMISSION_SECURITY contains 'secure' or

It should be something like.

grep '^PERMISSION_SECURITY' /etc/sysconfig/security

The ^ means starting or beginning in regrexp. Just saying :slight_smile:

It should be the system’s root password I suppose. But I’m not sure in the case of a remote print server.
Anyway, as mentioned in this thread, the KDE settigns module has a bug that you actually cannot enter the password at all.

Try to run KDE’s settings as root, you won’t need the root password then for changing the configuration.

Or use CUPS’s interface directly, by entering this as address into your web browser:
http://localhost:631

Linus Torvalds had a rant about these very issues a couple of years ago:

http://news.techworld.com/security/3343323/linux-creator-linus-torvalds-blasts-opensuse-security-developers/