termux
[Bug]: CUPS shows "Not Found" in web page and does not work
Problem description
I was trying to add a wifi printer to CUPS which I am not sure whether this works in Termux. The CUPS config webpage does not seem to work (showiing only Not Found).
What steps will reproduce the bug?
- run
cupsd -fafter install cups withpkg install cups - Go to localhost:8631 in web browser. It only shows "Not Found" and nothing else.
What is the expected behavior?
No response
System information
termux-info:
Termux Variables:
TERMUX_API_VERSION=0.50.1
TERMUX_APK_RELEASE=GITHUB
TERMUX_APP_PACKAGE_MANAGER=apt
TERMUX_APP_PID=17457
TERMUX_IS_DEBUGGABLE_BUILD=1
TERMUX_MAIN_PACKAGE_FORMAT=debian
TERMUX_VERSION=0.118.0
TERMUX__USER_ID=0
Packages CPU architecture:
aarch64
Subscribed repositories:
# sources.list
deb https://mirrors.sdu.edu.cn/termux/termux-main stable main
# x11-repo (sources.list.d/x11.list)
deb https://mirrors.sdu.edu.cn/termux/termux-x11 x11 main
# tur-repo (sources.list.d/tur.list)
deb https://tur.kcubeterm.com tur-packages tur tur-on-device tur-continuous tur-multilib
Updatable packages:
babl/stable 0.1.108 aarch64 [upgradable from: 0.1.106]
bash-completion/stable 2.12.0 all [upgradable from: 2.11-2]
c-ares/stable 1.27.0 aarch64 [upgradable from: 1.26.0]
chromium/tur-packages 121.0.6167.184 aarch64 [upgradable from: 121.0.6167.85]
command-not-found/stable 2.4.0-13 aarch64 [upgradable from: 2.4.0-12]
curl/stable 8.6.0-1 aarch64 [upgradable from: 8.6.0]
gimp-data/x11 2.10.36-3 all [upgradable from: 2.10.36-2]
gimp/x11 2.10.36-3 aarch64 [upgradable from: 2.10.36-2]
git/stable 2.44.0 aarch64 [upgradable from: 2.43.2]
glib-networking/stable 2.78.1 aarch64 [upgradable from: 2.78.0]
imlib2/stable 1.12.2-1 aarch64 [upgradable from: 1.12.2]
libcurl/stable 8.6.0-1 aarch64 [upgradable from: 8.6.0]
libexpat/stable 2.6.1 aarch64 [upgradable from: 2.6.0]
libjasper/stable 4.2.1 aarch64 [upgradable from: 4.2.0]
libjxl/stable 0.10.1 aarch64 [upgradable from: 0.9.2]
libksba/stable 1.6.6 aarch64 [upgradable from: 1.6.5-1]
liblzma/stable 5.6.0-1 aarch64 [upgradable from: 5.4.6]
libnghttp2/stable 1.60.0 aarch64 [upgradable from: 1.59.0]
libpng/stable 1.6.43 aarch64 [upgradable from: 1.6.42]
libsecret/stable 0.21.4 aarch64 [upgradable from: 0.21.3]
libsmartcols/stable 2.39.3-4 aarch64 [upgradable from: 2.39.3-3]
libuuid/stable 2.39.3-4 aarch64 [upgradable from: 2.39.3-3]
mpg123/stable 1.32.5 aarch64 [upgradable from: 1.32.4]
openjpeg/stable 2.5.2 aarch64 [upgradable from: 2.5.0-1]
openssl/stable 1:3.2.1-1 aarch64 [upgradable from: 1:3.2.1]
python-pandas/tur-packages 2.2.1 aarch64 [upgradable from: 2.2.0]
python-scipy/tur-packages 1:1.12.0 aarch64 [upgradable from: 1:1.11.4]
util-linux/stable 2.39.3-4 aarch64 [upgradable from: 2.39.3-3]
vim-runtime/stable 9.1.0100 all [upgradable from: 9.0.2000]
vim/stable 9.1.0100 aarch64 [upgradable from: 9.0.2000]
xfce4-panel/x11 4.18.6 aarch64 [upgradable from: 4.18.5]
xfce4-terminal/x11 1.1.3 aarch64 [upgradable from: 1.1.2]
xz-utils/stable 5.6.0-1 aarch64 [upgradable from: 5.4.6]
zziplib/stable 0.13.73 aarch64 [upgradable from: 0.13.72-1]
termux-tools version:
1.40.6
Android version:
14
Kernel build information:
Linux localhost 5.15.94-android13-8-27940245-abF9460ZSS1BWL7 #1 SMP PREEMPT Wed Dec 27 04:25:58 UTC 2023 aarch64 Android
Device manufacturer:
samsung
Device model:
SM-F9460
LD Variables:
LD_LIBRARY_PATH=
LD_PRELOAD=/data/data/com.termux/files/usr/lib/libtermux-exec.so
Installed termux plugins:
com.termux.widget versionCode:13
com.termux.x11 versionCode:14
com.termux.api versionCode:51
It appears to complain about files/directories that must be world readable. Termux normally strips group and others permissions for all files. CUPS needs to be patched to disable assumptions based on missing world-readable permissions, this is relevant only to multi-user systems.
For now try this:
find $PREFIX/share/doc/cups -type d -print0 | xargs -0 chmod 755
find $PREFIX/share/doc/cups -type f -print0 | xargs -0 chmod 644
It started to display pages after changing access modes.
May need to create directories $PREFIX/var/cache/cups and $PREFIX/var/spool/cups.
As a stopgap, we could run:
find $PREFIX/share/doc/cups -type d -exec chmod 755 "{}" \;
find $PREFIX/share/doc/cups -type f -exec chmod 644 "{}" \;
As a post_install script. (This issue just came up in discussion in the Discord, so I was looking through existing discussions/issues on the topic)
Alright that worked.
Couple observations.
The Help page takes a long time to open the first time.
I'm guessing it needs to generate/render some stuff.
And it appears this patch doesn't work to make the Administration page available
https://github.com/termux/termux-packages/blob/7fcba28bf0f74f15a3479c470bac11d534adc5dd/packages/cups/defconfig-fixes.patch#L29-L37
It only throws this error.
Thank sylirre and TomJo2000.
The admin page can be accessible by commenting out Require user @SYSTEM (not a good security practice though) in the config file $PREFIX/etc/cups/cupsd.conf for the sections of <Location /admin> and <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>.
I suspect that the problem lies on the identification of user, as replacing that line by Require user my_user_id_here also won't work.
Even though I managed to add my printer in the CUPS page, I still could not print anything as I tried with Chromium (package from TUR). The CUPS page does not seem to receive any job from Chromium, and Chromium does not output any error message in the terminal. I can confirm that I can print document using Android apps with the same phone.
The steps reported here allowed me to get to the admin page, however, as soon as I clicked on "add printer", I got an error in the terminal:
FORTIFY: fcntl(F_SETFD) passed non-FD_CLOEXEC flag: 0xffffffff
The server crashed and the browser reported a "Request Entity Too Large" error (for whatever reason).
Unfortunately, I cannot rely on the Android printing service on this particular device.
It looks like we never did ship that workaround above. I can take a look at the issue you are getting, but I'm not sure I have the time to get to it today. Already have three plates spinning right now. If somebody else can look into this more quickly the help would definitely be appreciated.
No rush @TomJo2000, for me at least, this is more of a toy project than anything.
Some context: I am tring to achieve an "office setup" on a VR headset. This includes also printing, ideally. The Android version the device comes with restricts the native printing service (although it seems to be installed).
I can gladly volunteer for testing or providing more info.
All the best.
PS: https://github.com/termux/termux-packages/issues/14119#issuecomment-2002361694 seems to also report the problem.
Not found
This can be worked around for me by:
find $PREFIX/share/doc/cups -type d -print0 | xargs -0 chmod 755
find $PREFIX/share/doc/cups -type f -print0 | xargs -0 chmod 644
add printer
Request Entity Too Large
This command was able to work around that error for me, and I reached the "Add Printer" Web Interface page:
mkdir -p $PREFIX/var/spool/cups
FORTIFY: fcntl(F_SETFD) passed non-FD_CLOEXEC flag: 0xffffffff
I have not been able to reproduce this error, even on my Selinux-enabled Android 13 device and my Selinux-disabled Android 14 device. However, this issue in another project suggests that if there is a way to reproduce this error, it is probably only reproducible in some way on Android 14 or newer.
- https://github.com/FirebirdSQL/firebird/issues/8110
I don't have any printers conveniently available to me currently that I could use to perform a full test of CUPS, but please try what I have described and let me know if you are able to progress any more beyond that.
[!CAUTION]
Insecure CUPS configuration `$PREFIX/etc/cups/cupsd.conf` for bypassing authentication to shortcut to troubleshooting non-authentication-related issues
# # Configuration file for the CUPS scheduler. See "man cupsd.conf" for a # complete description of this file. # # Log general information in error_log - change "warn" to "debug" # for troubleshooting... LogLevel warn PageLogFormat # Specifies the maximum size of the log files before they are rotated. The value "0" disables log rotation. MaxLogSize 1m # Default error policy for printers ErrorPolicy stop-printer Listen 0.0.0.0:8631 Listen /data/data/com.termux/files/usr/var/run/cups/cups.sock # Show shared printers on the local network. Browsing Yes BrowseLocalProtocols # Default authentication type, when authentication is required... DefaultAuthType None # Web interface setting... WebInterface Yes # Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l) IdleExitTimeout 60 DefaultEncryption Never # Restrict access to the server... <Location /> Order allow,deny Allow 192.168.12.1 </Location> # Restrict access to the admin pages... <Location /admin> AuthType Default Order allow,deny Allow 192.168.12.1 </Location> # Restrict access to configuration files... <Location /admin/conf> AuthType Default Order allow,deny Allow 192.168.12.1 </Location> # Restrict access to log files... <Location /admin/log> AuthType Default Order allow,deny Allow 192.168.12.1 </Location> # Set the default printer/job policies... <Policy default> # Job/subscription privacy... JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default # Job-related operations must be done by the owner or an administrator... <Limit Create-Job Print-Job Print-URI Validate-Job> Order deny,allow Allow 192.168.12.1 </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job> Order deny,allow Allow 192.168.12.1 </Limit> <Limit CUPS-Get-Document> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # All administration operations require an administrator to authenticate... <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # All printer operations require a printer operator to authenticate... <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # Only the owner or an administrator can cancel or authenticate a job... <Limit Cancel-Job> Order deny,allow Allow 192.168.12.1 </Limit> <Limit CUPS-Authenticate-Job> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> <Limit All> Order deny,allow Allow 192.168.12.1 </Limit> </Policy> # Set the authenticated printer/job policies... <Policy authenticated> # Job/subscription privacy... JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default # Job-related operations must be done by the owner or an administrator... <Limit Create-Job Print-Job Print-URI Validate-Job> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # All administration operations require an administrator to authenticate... <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # All printer operations require a printer operator to authenticate... <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # Only the owner or an administrator can cancel or authenticate a job... <Limit Cancel-Job CUPS-Authenticate-Job> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> <Limit All> Order deny,allow Allow 192.168.12.1 </Limit> </Policy> # Set the kerberized printer/job policies... <Policy kerberos> # Job/subscription privacy... JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default # Job-related operations must be done by the owner or an administrator... <Limit Create-Job Print-Job Print-URI Validate-Job> AuthType Negotiate Order deny,allow Allow 192.168.12.1 </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> AuthType Negotiate Order deny,allow Allow 192.168.12.1 </Limit> # All administration operations require an administrator to authenticate... <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # All printer operations require a printer operator to authenticate... <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Order deny,allow Allow 192.168.12.1 </Limit> # Only the owner or an administrator can cancel or authenticate a job... <Limit Cancel-Job CUPS-Authenticate-Job> AuthType Negotiate Order deny,allow Allow 192.168.12.1 </Limit> <Limit All> Order deny,allow Allow 192.168.12.1 </Limit> </Policy>My web browser device's IP address is 192.168.12.1.
Thanks @robertkirkman , creating the spool folder and adapting your config took me further. I could add the printer, but then new struggle began.
It is an Epson-ET2750, the driver is open source and could compile it https://download-center.epson.com/softwares/?device_id=ET-2750+SeriesDEBARM64
however I realized it depends on cups-filters if you do not want to compute the rasters by yourself. Unfortunately these are not packaged for termux. This kept branching as a task, because there are a couple of dependencies...
This is the stuff one has to compile, in rough dependency order.
https://github.com/OpenPrinting/libppd https://github.com/michaelrsweet/pdfio https://github.com/OpenPrinting/libcupsfilters https://github.com/OpenPrinting/cups-filters
...but even then, I do not seem to be able to print. The job starts and then fails claiming that the pdf cannot be resized.
I think I am done for today. I leave my cupsd.conf, which is yours + a couple of changes.
Next time I will try to use the cups package from the proot linux distribution to see if there I have better luck.
All the best
Antonio