AUTH: two Requires and Satisfy all does not work


**Description**
The given config for <Location /admin> does not work.
It **grants access** to /admin for user joe, although joe is **forbidden** as admin.


Here is the config for "joe" on the cups server:

```
# joe is part of department_i
$ grep joe /etc/group
dep_i:x:813:joe

# joe is not part of printadmin
$ cat /etc/group | grep printadmin
printadmin:x:995:
```

```
# but joe is part of the group @SYSTEM
$ grep dep_i /etc/cups/cups-files.conf
SystemGroup sys root dep_i
```

**To Reproduce**
With this setup 

```
<Location /admin>
  # Specifies that all Allow, AuthType, Deny, Order, and Require conditions must be satisfied to allow access.
  Satisfy all

  Encryption Required
  Order allow,deny
  AuthType Basic
  Require user @SYSTEM
  Require group printadmin
  Allow 10.136.17.0/24
</Location>

```
joe has access to /admin. (Rest is untouched from the default cupsd.conf)


**Expected behavior**
joe has no access to /admin because he is not listed in the group printadmin.


**System Information:**
 - OS and its version: RedHat 9.6 
 - CUPS version 2.3.3op2



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

AUTH: two Requires and Satisfy all does not work #1304

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

AUTH: two Requires and Satisfy all does not work #1304

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions