Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Port 631" binds to localhost only (systemd regression) #4497

Closed
michaelrsweet opened this issue Oct 6, 2014 · 9 comments
Closed

"Port 631" binds to localhost only (systemd regression) #4497

michaelrsweet opened this issue Oct 6, 2014 · 9 comments
Labels
Milestone

Comments

@michaelrsweet
Copy link
Collaborator

@michaelrsweet michaelrsweet commented Oct 6, 2014

Version: 2.0.0
CUPS.org User: foutrelis

Moving from CUPS 1.7.5 to 2.0.0, I noticed that the "Port 631" directive in cupsd.conf no longer makes the print server accessible from the network.

cupsd appears to be binding to localhost only, which I don't believe should be the case.

This is happening on Arch Linux x86_64, running systemd 216 and CUPS 2.0.0.

$ sudo ss -tlnp | grep 631
LISTEN 0 128 127.0.0.1:631 : users:(("cupsd",pid=1558,fd=5),("systemd",pid=1,fd=37))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",pid=1558,fd=4),("systemd",pid=1,fd=36))

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 8, 2014

CUPS.org User: mike

Can you enable debug logging (cupsctl --debug-logging) and attach a copy of the /var/log/cups/error_log file?

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 8, 2014

CUPS.org User: foutrelis

Please find the requested log file attached.

The following lines seem to be of interest:

I [08/Oct/2014:19:29:09 +0300] Listening to [v1.::1]:631 on fd 4...
I [08/Oct/2014:19:29:09 +0300] Listening to 127.0.0.1:631 on fd 5...
E [08/Oct/2014:19:29:09 +0300] Unable to open listen socket for address 0.0.0.0:631 - Address already in use.
E [08/Oct/2014:19:29:09 +0300] Unable to open listen socket for address [v1.::]:631 - Address already in use.

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 8, 2014

CUPS.org User: foutrelis

Attachment didn't go through due to lack of an extension; trying again.

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 8, 2014

CUPS.org User: mike

OK, the error messages indicate that the systemd-supplied localhost sockets are preventing cupsd from creating the "any" address sockets.

Need to research this... I wish systemd's documentation was better... :/

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 8, 2014

CUPS.org User: mike

Bumping priority...

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 14, 2014

CUPS.org User: lnussel

You could omit listening on the tcp sockets and only put the unix domain socket in the service file. That will make cupsd listen on the configured ports once it starts. Disadvantage is that you can't go to localhost:631 anymore to auto launch cupsd.

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 20, 2014

CUPS.org User: mike

The consensus on the printing-architecture list is to remove the IP sockets from the .socket file and keep cupsd running if the web interface is enabled, just as it does now when there are pending jobs or printer sharing is enabled.

Running "lpstat" is enough to start cupsd otherwise...

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 20, 2014

CUPS.org User: mike

Fixed in Subversion repository.

@michaelrsweet
Copy link
Collaborator Author

@michaelrsweet michaelrsweet commented Oct 20, 2014

"str4497.patch":

Index: scheduler/main.c

--- scheduler/main.c (revision 12213)
+++ scheduler/main.c (working copy)
@@ -763,6 +763,9 @@

 if (timeout == 86400 && OnDemand && IdleExitTimeout &&
     !cupsArrayCount(ActiveJobs) &&

+# ifdef HAVE_SYSTEMD

  •    !WebInterface &&
    

    +# endif /* HAVE_SYSTEMD */
    (!Browsing || !BrowseLocalProtocols || !cupsArrayCount(Printers)))
    {
    timeout = IdleExitTimeout;
    @@ -2114,8 +2117,12 @@

    • jobs or shared printers to advertise...
      */
  • if (cupsArrayCount(ActiveJobs) ||

  • if (cupsArrayCount(ActiveJobs) || /* Active jobs */
    +# ifdef HAVE_SYSTEMD

  •  WebInterface ||          /\* Web interface enabled _/
    

    +# endif /_ HAVE_SYSTEMD */
    (Browsing && BrowseLocalProtocols && cupsArrayCount(Printers)))

  •               /\* Printers being shared */
    

    {
    cupsdLogMessage(CUPSD_LOG_DEBUG, "Creating keep-alive file "" CUPS_KEEPALIVE "".");

Index: scheduler/org.cups.cupsd.socket.in

--- scheduler/org.cups.cupsd.socket.in (revision 12213)
+++ scheduler/org.cups.cupsd.socket.in (working copy)
@@ -3,10 +3,6 @@

[Socket]
ListenStream=@CUPS_DEFAULT_DOMAINSOCKET@
-ListenStream=[::1]:631
-ListenStream=127.0.0.1:631
-BindIPv6Only=ipv6-only
-ReusePort=true

[Install]
WantedBy=sockets.target

@michaelrsweet michaelrsweet added this to the Stable milestone Mar 17, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.