GNU bug report logs - #63198
cups-service-type uses PAM-enabled 'cups' by default which prevents authentication

Previous Next

Package: guix;

Reported by: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Date: Mon, 1 May 2023 03:09:01 UTC

Severity: normal

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: bug-guix <bug-guix <at> gnu.org>
Subject: cups-service-type uses PAM-enabled 'cups' by default which prevents
 authentication
Date: Sun, 30 Apr 2023 23:08:13 -0400

Hi,

Today I encountered an issue where after re-installing a Guix System, I
couldn't add a new printer anymore.  Any CUPS client (including the
trusty localhost:631 HTTP page) would loop on authenticating my user.

After consulting the logs and finding this kind of line:

--8<---------------cut here---------------start------------->8---
pam_authenticate() returned 7 (Authentication failure)
--8<---------------cut here---------------end--------------->8---

I started looking at our PAM configuration for CUPS, but we currently
have none, which is probably the issue.  Using 'cups-minimal' instead of
cups (which is built with linux-pam) solves the issue, as the 'cups'
value provided to the <cups-configuration> record.

We should probably make cups-minimal the default, or extend our
pam-service-type with the relevant PAM entries.

Thoughts/takers?

-- 
Thanks,
Maxim

This bug report was last modified 2 years ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #63198 cups-service-type uses PAM-enabled 'cups' by default which prevents authentication

GNU bug report logs - #63198
cups-service-type uses PAM-enabled 'cups' by default which prevents authentication