Hallo Sauerland
ich poste
Code:
cat /etc/cups/cupsd.conf
#
# Conf.iguration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#
# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
PageLogFormat
# Only listen for connections from the local machine.
Listen localhost:631
Listen 192.168.178.5:631
Listen /run/cups/cups.sock
# Show shared printers on the local network.
Browsing On
# BrowseLocalProtocols dnssd
BrowseLocalProtocols ipp
# Default authentication type, when authentication is required...
DefaultAuthType Basic
# Web interface setting...
WebInterface Yes
# Restrict access to the server...
<Location />
Allow @LOCAL
Allow papa
Order allow,deny
Allow 127.0.0.2
Allow 192.168.178.5
Allow 192.168.178.23
</Location>
# Restrict access to the admin pages...
<Location /admin>
Order allow,deny
Allow 192.168.178.5
Allow 192.168.178.23
Allow papa
Allow papa@192.168.178.23
</Location>
# Restrict access to configuration files...
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
Allow 192.168.178.23
Allow papa
Allow papa@192.168.178.23
</Location>
# Restrict access to log files...
<Location /admin/log>
AuthType Default
Require user @SYSTEM
Order allow,deny
Allow 192.168.178.23
Allow papa
Allow papa@192.168.178.23
</Location>
# Set the default printer/job policies...
<Policy default>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notificati
ons Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer
Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# Set the authenticated printer/job policies...
<Policy authenticated>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notificati
ons Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer
Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# Set the kerberized printer/job policies...
<Policy kerberos>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Negotiate
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notificati
ons Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer
Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# The policy below is added by SUSE during build of our cups package.
# The policy 'allowallforanybody' is totally open and insecure and therefore
# it can only be used within an internal network where only trused users exist
# and where the cupsd is not accessible at all from any external host, see
# http://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings
# Have in mind that any user who is allowed to do printer admin tasks
# can change the print queues as he likes - e.g. send copies of confidental
# print jobs from an internal network to any external destination, see
# http://en.opensuse.org/SDB:CUPS_in_a_Nutshell
# For documentation regarding 'Managing Operation Policies' see
# http://www.cups.org/documentation.php/doc-1.7/policies.html
<Policy allowallforanybody>
# Allow anybody to access job's private values:
JobPrivateAccess all
# Make none of the job values to be private:
JobPrivateValues none
# Allow anybody to access subscription's private values:
SubscriptionPrivateAccess all
# Make none of the subscription values to be private:
SubscriptionPrivateValues none
# Allow anybody to do all IPP operations:
# Currently the IPP operations Validate-Job Cancel-Jobs Cancel-My-Jobs Close-Job CUPS-Get-Document
# must be additionally exlicitly specified because those IPP operations are not included
# in the "All" wildcard value - otherwise cupsd prints error messages of the form
# "No limit for Validate-Job defined in policy allowallforanybody and no suitable template found."
<Limit Validate-Job Cancel-Jobs Cancel-My-Jobs Close-Job CUPS-Get-Document>
Order deny,allow
Allow from all
</Limit>
# Since CUPS > 1.5.4 the "All" wildcard value must be specified separately,
# otherwise clients like "lpstat -p" just hang up,
# see https://bugzilla.opensuse.org/show_bug.cgi?id=936309
# and https://www.cups.org/str.php?L4659
<Limit All>
Order deny,allow
Allow from all
</Limit>
</Policy>
# Explicitly set the CUPS 'default' policy to be used by default:
DefaultPolicy allowallforanybody
# 2022-05-13,21:19:22 modify_cupsd_conf Allow @LOCAL
# 2022-05-13,21:19:23 modify_cupsd_conf Browsing On
# 2022-05-13,21:19:24 modify_cupsd_conf Listen all
# 2022-05-13,21:20:01 modify_cupsd_conf DefaultPolicy allowallforanybody
Wenn Du noch was brauchst, einfach melden. Bin stets zu Diensten.
Lesezeichen