lppasswd - add, change, or delete digest passwords.


lppasswd [ username ]
lppasswd -a [ -g groupname ] username
lppasswd -x username


lppasswd adds, changes, or deletes passwords in the CUPS digest password file, passwd.md5. When run by a normal user, lppasswd will prompt for the old and new passwords. When run by the super-user, lppasswd can add new accounts (-a username), change existing accounts (username), or delete accounts (-x username) in the digest password file. Digest usernames do not have to match local UNIX usernames.


lppasswd supports the following options:
-g groupname
Specifies a group other than the default system group.

Security Issues

By default, the lppasswd program is not installed to allow ordinary users to change their passwords. To enable this, the lppasswd command must be made setuid to root with the command:
chmod u+s lppasswd
This change will be overridden by further updates of the cups-client package. The following command ensures that it will be preserved:
dpkg-statoverride --add root root 4755 /usr/bin/lppasswd

While every attempt has been made to make lppasswd secure against exploits that could grant super-user privileges to unprivileged users, paranoid system administrators may wish to use Basic authentication with accounts managed by PAM instead.

See Also

lp(1), lpr(1),


Copyright 2007-2013 by Apple Inc.