# CUPS: Error:
client-error-not-authorized

## daniel5

hi

Ich will meinen Drucker mit dem Mozilla einrichten nach der Einstellung von  Model/Driver für meinen Drucker bekomme ich die Fehlermeldung:

Error:

client-error-not-authorized

Das Problem tritt immer auf, egal welchen Treiber ich auswähle.

die datei cupsd.conf sieht so aus

```

#

# "$Id: cupsd.conf.in,v 1.7 2002/08/22 17:13:39 mike Exp $"

#

#   Sample configuration file for the Common UNIX Printing System (CUPS)

#   scheduler.

#

#   Copyright 1997-2002 by Easy Software Products, all rights reserved.

#

#   These coded instructions, statements, and computer programs are the

#   property of Easy Software Products and are protected by Federal

#   copyright law.  Distribution and use rights are outlined in the file

#   "LICENSE.txt" which should have been included with this file.  If this

#   file is missing or damaged please contact Easy Software Products

#   at:

#

#       Attn: CUPS Licensing Information

#       Easy Software Products

#       44141 Airport View Drive, Suite 204

#       Hollywood, Maryland 20636-3111 USA

#

#       Voice: (301) 373-9603

#       EMail: cups-info@cups.org

#         WWW: http://www.cups.org

#

########################################################################

#                                                                      #

# This is the CUPS configuration file.  If you are familiar with       #

# Apache or any of the other popular web servers, we've followed the   #

# same format.  Any configuration variable used here has the same      #

# semantics as the corresponding variable in Apache.  If we need       #

# different functionality then a different name is used to avoid       #

# confusion...                                                         #

#                                                                      #

########################################################################

########

######## Server Identity

########

#

# ServerName: the hostname of your server, as advertised to the world.

# By default CUPS will use the hostname of the system.

#

# To set the default server used by clients, see the client.conf file.

#

#ServerName myhost.domain.com

#

# ServerAdmin: the email address to send all complaints/problems to.

# By default CUPS will use "root@hostname".

#

#ServerAdmin root@your.domain.com

########

######## Server Options

########

#

# AccessLog: the access log file; if this does not start with a leading /

# then it is assumed to be relative to ServerRoot.  By default set to

# "/var/log/cups/access_log"

#

# You can also use the special name "syslog" to send the output to the

# syslog file or daemon.

#

#AccessLog /var/log/cups/access_log

#

# Classification: the classification level of the server.  If set, this

# classification is displayed on all pages, and raw printing is disabled.

# The default is the empty string.

#

#Classification classified

#Classification confidential

#Classification secret

#Classification topsecret

#Classification unclassified

#

# ClassifyOverride: whether to allow users to override the classification

# on printouts. If enabled, users can limit banner pages to before or

# after the job, and can change the classification of a job, but cannot

# completely eliminate the classification or banners.

#

# The default is off.

#

#ClassifyOverride off

#

# DataDir: the root directory for the CUPS data files.

# By default "/usr/share/cups".

#

#DataDir /usr/share/cups

#

# DefaultCharset: the default character set to use. If not specified,

# defaults to "utf-8".  Note that this can also be overridden in

# HTML documents...

#

#DefaultCharset utf-8

#

# DefaultLanguage: the default language if not specified by the browser.

# If not specified, the current locale is used.

#

#DefaultLanguage en

#

# DocumentRoot: the root directory for HTTP documents that are served.

# By default "/usr/share/doc/cups".

#

DocumentRoot /usr/share/cups/docs

#

# ErrorLog: the error log file; if this does not start with a leading /

# then it is assumed to be relative to ServerRoot.  By default set to

# "/var/log/cups/error_log"

#

# You can also use the special name "syslog" to send the output to the

# syslog file or daemon.

#

#ErrorLog /var/log/cups/error_log

#

# FontPath: the path to locate all font files (currently only for pstoraster)

# By default "/usr/share/cups/fonts".

#

#FontPath /usr/share/cups/fonts

#

# LogLevel: controls the number of messages logged to the ErrorLog

# file and can be one of the following:

#

#     debug2   Log everything.

#     debug   Log almost everything.

#     info      Log all requests and state changes.

#     warn      Log errors and warnings.

#     error     Log only errors.

#     none      Log nothing.

#

LogLevel info

#

# MaxLogSize: controls the maximum size of each log file before they are

# rotated.  Defaults to 1048576 (1MB).  Set to 0 to disable log rotating.

#

#MaxLogSize 0

#

# PageLog: the page log file; if this does not start with a leading /

# then it is assumed to be relative to ServerRoot.  By default set to

# "/var/log/cups/page_log"

#

# You can also use the special name "syslog" to send the output to the

# syslog file or daemon.

#

#PageLog /var/log/cups/page_log

#

# PreserveJobHistory: whether or not to preserve the job history after a

# job is completed, cancelled, or stopped.  Default is Yes.

#

#PreserveJobHistory Yes

#

# PreserveJobFiles: whether or not to preserve the job files after a

# job is completed, cancelled, or stopped.  Default is No.

#

#PreserveJobFiles No

#

# AutoPurgeJobs: automatically purge jobs when not needed for quotas.

# Default is No.

#

#AutoPurgeJobs No

#

# MaxCopies: maximum number of copies that a user can request. Default is

# 100.

#

#MaxCopies 100

#

# MaxJobs: maximum number of jobs to keep in memory (active and completed.)

# Default is 500; the value 0 is used for no limit.

#

#MaxJobs 500

#

# Printcap: the name of the printcap file.  Default is /etc/printcap.

# Leave blank to disable printcap file generation.

#

#Printcap /etc/printcap

#

# PrintcapFormat: the format of the printcap file, currently either

# BSD or Solaris.  The default is "BSD".

#

#PrintcapFormat BSD

#PrintcapFormat Solaris

#

# PrintcapGUI: the name of the GUI options panel program to associate

# with print queues under IRIX.  The default is "/usr/bin/glpoptions"

# from ESP Print Pro.

#

# This option is only used under IRIX; the options panel program

# must accept the "-d printer" and "-o options" options and write

# the selected printer options back to stdout on completion.

#

#PrintcapGUI /usr/bin/glpoptions

#

# RequestRoot: the directory where request files are stored.

# By default "/var/spool/cups".

#

#RequestRoot /var/spool/cups

#

# RemoteRoot: the name of the user assigned to unauthenticated accesses

# from remote systems.  By default "remroot".

#

#RemoteRoot remroot

#

# ServerBin: the root directory for the scheduler executables.

# By default "/usr/lib/cups".

#

#ServerBin /usr/lib/cups

#

# ServerRoot: the root directory for the scheduler.

# By default "/etc/cups".

#

#ServerRoot /etc/cups

########

######## Encryption Support

########

#

# ServerCertificate: the file to read containing the server's certificate.

# Defaults to "/etc/cups/ssl/server.crt".

#

#ServerCertificate /etc/cups/ssl/server.crt

#

# ServerKey: the file to read containing the server's key.

# Defaults to "/etc/cups/ssl/server.key".

#

#ServerKey /etc/cups/ssl/server.key

########

######## Filter Options

########

#

# User/Group: the user and group the server runs under.  Normally this

# must be lp and lp, however you can configure things for another

# user or group as needed.

#

# Note: the server must be run initially as root to support the

# default IPP port of 631.  It changes users whenever an external

# program is run, or if the RunAsUser directive is specified...

#

User lp

Group lp

#

# RIPCache: the amount of memory that each RIP should use to cache

# bitmaps.  The value can be any real number followed by "k" for

# kilobytes, "m" for megabytes, "g" for gigabytes, or "t" for tiles

# (1 tile = 256x256 pixels.)  Defaults to "8m" (8 megabytes).

#

#RIPCache 8m

#

# TempDir: the directory to put temporary files in.  This directory must be

# writable by the user defined above!  Defaults to "/var/spool/cups/tmp" or

# the value of the TMPDIR environment variable.

#

#TempDir /var/spool/cups/tmp

#

# FilterLimit: sets the maximum cost of all job filters that can be run

# at the same time.  A limit of 0 means no limit.  A typical job may need

# a filter limit of at least 200; limits less than the minimum required

# by a job force a single job to be printed at any time.

#

# The default limit is 0 (unlimited).

#

#FilterLimit 0

########

######## Network Options

########

#

# Ports/addresses that we listen to.  The default port 631 is reserved

# for the Internet Printing Protocol (IPP) and is what we use here.

#

# You can have multiple Port/Listen lines to listen to more than one

# port or address, or to restrict access:

#

#    Port 80

#    Port 631

#    Listen hostname

#    Listen hostname:80

#    Listen hostname:631

#    Listen 1.2.3.4

#    Listen 1.2.3.4:631

# 

# NOTE: Unfortunately, most web browsers don't support TLS or HTTP Upgrades

# for encryption.  If you want to support web-based encryption you'll

# probably need to listen on port 443 (the "https" port...)

#

#Port 80

#Port 443

Port 631

#

# HostNameLookups: whether or not to do lookups on IP addresses to get a

# fully-qualified hostname.  This defaults to Off for performance reasons...

#

#HostNameLookups On

#

# KeepAlive: whether or not to support the Keep-Alive connection

# option.  Default is on.

#

#KeepAlive On

#

# KeepAliveTimeout: the timeout before Keep-Alive connections are

# automatically closed.  Default is 60 seconds.

#

#KeepAliveTimeout 60

#

# MaxClients: controls the maximum number of simultaneous clients that

# will be handled.  Defaults to 100.

#

#MaxClients 100

#

# MaxRequestSize: controls the maximum size of HTTP requests and print files.

# Set to 0 to disable this feature (defaults to 0.)

#

#MaxRequestSize 0

#

# Timeout: the timeout before requests time out.  Default is 300 seconds.

#

#Timeout 300

########

######## Browsing Options

########

#

# Browsing: whether or not to broadcast and/or listen for CUPS printer

# information on the network.  Enabled by default.

#

#Browsing On

#

# BrowseProtocols: which protocols to use for browsing.  Can be

# any of the following separated by whitespace and/or commas:

#

#     all  - Use all supported protocols.

#     cups - Use the CUPS browse protocol.

#     slp  - Use the SLPv2 protocol.

#

# The default is "cups".

#

# NOTE: If you choose to use SLPv2, it is *strongly* recommended that

#       you have at least one SLP Directory Agent (DA) on your

#       network.  Otherwise, browse updates can take several seconds,

#       during which the scheduler will not response to client

#       requests.

#

#BrowseProtocols cups

#

# BrowseAddress: specifies a broadcast address to be used.  By

# default browsing information is not sent!

#

# Note: HP-UX does not properly handle broadcast unless you have a

# Class A, B, C, or D netmask (i.e. no CIDR support).

#

# Note: Using the "global" broadcast address (255.255.255.255) will

# activate a Linux demand-dial link with the default configuration.

# If you have a LAN as well as the dial-up link, use the LAN's

# broadcast address.

#

# The @LOCAL address broadcasts to all non point-to-point interfaces.

# For example, if you have a LAN and a dial-up link, @LOCAL would

# send printer updates to the LAN but not to the dial-up link.

# Similarly, the @IF(name) address sends to the named network

# interface, e.g. @IF(eth0) under Linux.  Interfaces are refreshed

# automatically (no more than once every 60 seconds), so they can

# be used on dynamically-configured interfaces, e.g. PPP, 802.11, etc.

#

#BrowseAddress x.y.z.255

#BrowseAddress x.y.255.255

#BrowseAddress x.255.255.255

#BrowseAddress 255.255.255.255

#BrowseAddress @LOCAL

#BrowseAddress @IF(name)

#

# BrowseShortNames: whether or not to use "short" names for remote printers

# when possible (e.g. "printer" instead of "printer@host".)  Enabled by

# default.

#

#BrowseShortNames Yes

#

# BrowseAllow: specifies an address mask to allow for incoming browser

# packets. The default is to allow packets from all addresses.

#

# BrowseDeny: specifies an address mask to deny for incoming browser

# packets. The default is to deny packets from no addresses.

#

# Both "BrowseAllow" and "BrowseDeny" accept the following notations for

# addresses:

#

#     All

#     None

#     *.domain.com

#     .domain.com

#     host.domain.com

#     nnn.*

#     nnn.nnn.*

#     nnn.nnn.nnn.*

#     nnn.nnn.nnn.nnn

#     nnn.nnn.nnn.nnn/mm

#     nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm

#     @LOCAL

#     @IF(name)

#

# The hostname/domainname restrictions only work if you have turned hostname

# lookups on!

#

#BrowseAllow address

#BrowseDeny address

#

# BrowseInterval: the time between browsing updates in seconds.  Default

# is 30 seconds.

#

# Note that browsing information is sent whenever a printer's state changes

# as well, so this represents the maximum time between updates.

#

# Set this to 0 to disable outgoing broadcasts so your local printers are

# not advertised but you can still see printers on other hosts.

#

#BrowseInterval 30

#

# BrowseOrder: specifies the order of BrowseAllow/BrowseDeny comparisons.

#

#BrowseOrder allow,deny

#BrowseOrder deny,allow

#

# BrowsePoll: poll the named server(s) for printers

#

#BrowsePoll address:port

#

# BrowsePort: the port used for UDP broadcasts.  By default this is

# the IPP port; if you change this you need to do it on all servers.

# Only one BrowsePort is recognized.

#

#BrowsePort 631

#

# BrowseRelay: relay browser packets from one address/network to another.

#

#BrowseRelay source-address destination-address

#BrowseRelay @IF(src) @IF(dst)

#

# BrowseTimeout: the timeout for network printers - if we don't

# get an update within this time the printer will be removed

# from the printer list.  This number definitely should not be

# less the BrowseInterval value for obvious reasons.  Defaults

# to 300 seconds.

#

#BrowseTimeout 300

#

# ImplicitClasses: whether or not to use implicit classes.

#

# Printer classes can be specified explicitly in the classes.conf

# file, implicitly based upon the printers available on the LAN, or

# both.

#

# When ImplicitClasses is On, printers on the LAN with the same name

# (e.g. Acme-LaserPrint-1000) will be put into a class with the same

# name. This allows you to setup multiple redundant queues on a LAN

# without a lot of administrative difficulties.  If a user sends a

# job to Acme-LaserPrint-1000, the job will go to the first available

# queue.

#

# Enabled by default.

#

#ImplicitClasses On

#

# ImplicitAnyClasses: whether or not to create "AnyPrinter" implicit

# classes.

#

# When ImplicitAnyClasses is On and a local queue of the same name

# exists, e.g. "printer", "printer@server1", "printer@server1", then

# an implicit class called "Anyprinter" is created instead.

#

# When ImplicitAnyClasses is Off, implicit classes are not created

# when there is a local queue of the same name.

#

# Disabled by default.

#

#ImplicitAnyCLasses Off

#

# HideImplicitMembers: whether or not to show the members of an

# implicit class.

#

# When HideImplicitMembers is On, any remote printers that are

# part of an implicit class are hidden from the user, who will

# then only see a single queue even though many queues will be

# supporting the implicit class.

#

# Enabled by default.

#

#HideImplicitMembers On

########

######## Security Options

########

#

# SystemGroup: the group name for "System" (printer administration)

# access.  The default varies depending on the operating system, but

# will be "sys", "system", or "root" (checked for in that order.)

#

SystemGroup lp

#

# RootCertDuration: How frequently the root certificate is regenerated.

# Defaults to 300 seconds.

#

#RootCertDuration 300

#

# Access permissions for each directory served by the scheduler.

# Locations are relative to DocumentRoot...

#

# AuthType: the authorization to use:

#

#    None   - Perform no authentication

#    Basic  - Perform authentication using the HTTP Basic method.

#    Digest - Perform authentication using the HTTP Digest method.

#

#    (Note: local certificate authentication can be substituted by

#           the client for Basic or Digest when connecting to the

#           localhost interface)

#

# AuthClass: the authorization class; currently only "Anonymous", "User",

# "System" (valid user belonging to group SystemGroup), and "Group"

# (valid user belonging to the specified group) are supported.

#

# AuthGroupName: the group name for "Group" authorization.

#

# Order: the order of Allow/Deny processing.

#

# Allow: allows access from the specified hostname, domain, IP address,

# network, or interface.

#

# Deny: denies access from the specified hostname, domain, IP address,

# network, or interface.

#

# Both "Allow" and "Deny" accept the following notations for addresses:

#

#     All

#     None

#     *.domain.com

#     .domain.com

#     host.domain.com

#     nnn.*

#     nnn.nnn.*

#     nnn.nnn.nnn.*

#     nnn.nnn.nnn.nnn

#     nnn.nnn.nnn.nnn/mm

#     nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm

#     @LOCAL

#     @IF(name)

#

# The host and domain address require that you enable hostname lookups

# with "HostNameLookups On" above.

#

# The @LOCAL address allows or denies from all non point-to-point

# interfaces.  For example, if you have a LAN and a dial-up link,

# @LOCAL could allow connections from the LAN but not from the dial-up

# link.  Similarly, the @IF(name) address allows or denies from the

# named network interface, e.g. @IF(eth0) under Linux.  Interfaces are

# refreshed automatically (no more than once every 60 seconds), so

# they can be used on dynamically-configured interfaces, e.g. PPP,

# 802.11, etc.

#

# Encryption: whether or not to use encryption; this depends on having

# the OpenSSL library linked into the CUPS library and scheduler.

#

# Possible values:

#

#     Always       - Always use encryption (SSL)

#     Never        - Never use encryption

#     Required     - Use TLS encryption upgrade

#     IfRequested  - Use encryption if the server requests it

#

# The default value is "IfRequested".

#

<Location />

Order Deny,Allow

Deny From All

Allow From 127.0.0.1

</Location>

#<Location /classes>

#

# You may wish to limit access to printers and classes, either with Allow

# and Deny lines, or by requiring a username and password.

#

#</Location>

#<Location /classes/name>

#

# You may wish to limit access to printers and classes, either with Allow

# and Deny lines, or by requiring a username and password.

#

#</Location>

#<Location /jobs>

#

# You may wish to limit access to job operations, either with Allow

# and Deny lines, or by requiring a username and password.

#

#</Location>

#<Location /printers>

#

# You may wish to limit access to printers and classes, either with Allow

# and Deny lines, or by requiring a username and password.

#

#</Location>

#<Location /printers/name>

#

# You may wish to limit access to printers and classes, either with Allow

# and Deny lines, or by requiring a username and password.

#

## Anonymous access (default)

#AuthType None

## Require a username and password (Basic authentication)

#AuthType Basic

#AuthClass User

## Require a username and password (Digest/MD5 authentication)

#AuthType Digest

#AuthClass User

## Restrict access to local domain

#Order Deny,Allow

#Deny From All

#Allow From .mydomain.com

#</Location>

<Location /admin>

#

# You definitely will want to limit access to the administration functions.

# The default configuration requires a local connection from a user who

# is a member of the system group to do any admin tasks.  You can change

# the group name using the SystemGroup directive.

#

AuthType Basic

AuthClass System

## Restrict access to local domain

Order Deny,Allow

Deny From All

Allow From 127.0.0.1

#Encryption Required

</Location>

#

# End of "$Id: cupsd.conf.in,v 1.7 2002/08/22 17:13:39 mike Exp $".

#

```

----------

## caoswilli

hi!

hatte eben dat selbe problem. hab dann aufgrund eines hinweises hier im forum cups-1.1.14 installiert und tatsächlich, es funzt, bin gerad am extrem drucking   :Very Happy: 

kurze anleitung:

 ermerge unmerge cups 

 ebuild /usr/portage/net.print/cups/cups-1.1.14-r4.ebuild merge

 /ietc/init.d/cupsd stop

 rc-update del cupsd default

 rc-update add cupsd default

 /etc/init.d/cupsd start

 emerge ghostscript merge  #auch wenn ghostscript schon drauf ist, trotzdem!!! nochmal installieren

 etc-update

und nun im browser cups configurieren, hatte vorher nochmal ein reboot gemacht, sollte aber nicht nötig sein

----------

## daniel5

bash-2.05a# ebuild /usr/portage/net.print/cups/cups-1.1.14-r4.ebuild merge

!!! doebuild: /usr/portage/net.print/cups/cups-1.1.14-r4.ebuild not found.

----------

## caoswilli

hm dann schau mal bitte mit 

ls /usr/portage.../cups

nach, ob nicht ne andere 1.1.14er version vorhanden ist.

----------

## daniel5

sorry war mein fehler

 *Quote:*   

> bash-2.05a# ebuild /usr/portage/net.print/cups/cups-1.1.14-r4.ebuild merge 

 

/usr/portage/net-print/....

dann gehts 

vielen dank   :Wink: 

----------

## caoswilli

naja, eigentlich meiner   :Embarassed: 

funzt der drucker jetzt?

----------

## daniel5

 *caoswilli wrote:*   

> funzt der drucker jetzt?

 

Ja!

----------

## sulu

Hi caoswilli.

Du mich gerettet habe.  :Wink: 

Endlich, mit cups 1.1.14, kann ich den Printer via Web-Interface konfigurieren. Was mich alledings wundert ist, dass das Problem mit cups-1.16 noch nicht im "grossen" Forum aufgetaucht ist.

Gruss

Sulu

----------

## Robert K.

Hallo,

Folgende Probleme traten auch bei mir auf:

1. Nur das Modul  usbcore war geladen, usb-uhci sowie printer mussten per modprobe geladen bzw. in der /etc/modules.autoload eingetragen werden.

2. Eine weitere Ursache war, das Gimp-print 4.2.1 installiert und nicht auf 4.3.0 aktualisiert worden ist (Während der Druckerinstallation über das Web-Interface steht was von "Cups + Gimp-Print 4.3.0) ein emerge search gimp-print-cups ergab 4.2.1 als installierte Version.  Nach einem emerge unmerge gimp-print-cups, emerge rsync, emerge gimp-print-cups passte es wieder.

3. Obwohl über das Web-Interface installiert "USB-Printer #1" stand anschließend in der /etc/cups/printer.conf was von  "DeviceURI usb:/dev/usblp0" eigentlich gehört da sowas wie "DeviceURI usb:/dev/usb/lp0" hin.

Vielleicht hilfts ja ... Meiner Druckt jetzt jedenfalls auch unter cups 1.16

Grüße

Robert

----------

## sulu

Hallo Robert.

Ist das so zu verstehen, dass gimp-print 4.2.1 sich nicht mit cups 1.16 verträgt und dass diese lästigen client-errors auslöst ?

Gruss

Sulu

----------

## Robert K.

Hallo Sulu,

Ich bin auch kein Linux-Crack, mir kam es nur seltsam vor das ich über das Web-Interface von cups "gimp-print-4.3.0-Treiber" auswähle, aber auf dem System nur die ältere Version vorhanden ist.

Ich habe gestern im "englspr. Forum" gesucht und dort las ich das die gegenseitigen Paketabhängigkeiten / die Installationsreihenfolge von "cups/gimp-print/ghostscript ..."  "durcheinandergeraten" sind.

Daraufhin habe ich dann erst einmal  emerge rsync  durchlaufen lassen und die aktuelle gimp-print Version eingespielt.  

Ich habe jetzt noch einmal meine Druckerkonfiguration gelöscht und da ist mir folgendes aufgefallen. Schalte ich den Drucker erst kurz vor der Konfiguration ein, tritt der client-error wieder auf und auch kein Drucker im Menü "Manage-Printers" zu sehen. 

Danach den PC bei eingeschaltetem Drucker neugestartet und den Drucker wieder konfiguriert. Es tritt zwar wieder der client-error auf, aber über "Manage-Printers" kann ich jetzt meinen Printer sehen.

Allerdings steht in meiner /etc/cups/printer.conf 

```

DeviceURI usb://EPSON/Stylus%20COLOR%20740?serial=HÍÿ¿^P<9F 
```

Ändere ich die Zeile nach:

DeviceURI epson:/dev/usb/lp0 druckt er auch wieder.

Der Client-Error tritt nach meiner Meinung daher auf, das cupsd auf den Drucker zugreifen will, ihn aber unter dem fehlerhaft generierten Eintrag vom Web-Interface schlichtweg nicht finden kann.

Hoffentlich ist meine Erklärung halbwegs verständlich geraten ...

Grüße

Robert

----------

