Context Navigation

NetworkPrintingCUPS

Timestamp:: 01/15/24 11:10:44 (22 months ago)
Author:: Don Wilson
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

Docs/825gen2/Dev/Networking/NetworkPrintingCUPS

-              v6
+              v7
 {{{
+card825gen2:/mnt/nfs/arm825_nand/bin$ /usr/sbin/lpinfo --include-schemes dnssd -v
+}}}
+card825gen2:~$ /usr/sbin/lpinfo --include-schemes dnssd -v
+network dnssd://Canon%20TX-3000._ipp._tcp.local/?uuid=00000000-0000-1000-8000-001832104e5a
+network dnssd://Canon%20iPR%20Svr%20G250%20V2.1%20US(64%3A59%3AA5)._printer._tcp.local/
+network dnssd://HP%20Designjet%20T520%2024in%20%5BD50233%5D._ipp._tcp.local/?uuid=abcd9e8e-4886-85c2-2167-b143d1c2344a
+network dnssd://HP%20LaserJet%20P2055dn%20%5B82FCF4%5D._pdl-datastream._tcp.local/
+network dnssd://Lexmark%20C2240._ipp._tcp.local/?uuid=584bdd81-d230-49f3-a210-d39ac56492d0
+network dnssd://Lexmark%20C2240%20(3)._ipp._tcp.local/?uuid=925cc9ab-7f13-479a-9a82-d9d01aea2472
+network dnssd://Lexmark%20C2240%20(4)._ipp._tcp.local/?uuid=1fb63094-a36c-42e5-885e-ce8ebf5c7e0d
+network dnssd://Lexmark%20C2240%20(5)._ipp._tcp.local/?uuid=1cf2ae75-abe6-4bf3-b009-375e604a00a2
+network dnssd://Lexmark%20C2240%20(6)._ipp._tcp.local/?uuid=04698d71-023d-4da8-a3f5-97d428aea12b
+network dnssd://Lexmark%20C2240%20(7)._ipp._tcp.local/?uuid=1b72d98c-8ea0-4b33-a08d-78a89dc256e3
+network dnssd://Lexmark%20M3150%20(2)._ipp._tcp.local/?uuid=4b9218da-71a9-42cb-858c-e478817ceb19
+network dnssd://Lexmark%20M3250._ipp._tcp.local/?uuid=d672042b-7909-47a2-9077-968f58ad923b
+network dnssd://Lexmark%20M3250%20(10)._ipp._tcp.local/?uuid=29fa91fd-eada-4cbe-bd5d-87fdb24dd92d
+network dnssd://Lexmark%20M3250%20(14)._ipp._tcp.local/?uuid=67390cc9-aad3-4041-b32d-d5a235d89a39
+network dnssd://Lexmark%20M3250%20(2)._ipp._tcp.local/?uuid=876e7e06-54ab-4ca6-a4a6-a80e70f602b5
+network dnssd://Lexmark%20M3250%20(3)._ipp._tcp.local/?uuid=50249be5-e50d-4f1a-8739-38ee1f618bd8
+network dnssd://Lexmark%20M3250%20(34)._ipp._tcp.local/?uuid=fd53b6a6-3442-4613-921c-2e439ce37d33
+network dnssd://Lexmark%20M3250%20(4)._ipp._tcp.local/?uuid=86020859-dbe1-45ad-bdf7-e82dc489e1d5
+network dnssd://Lexmark%20M3250%20(5)._ipp._tcp.local/?uuid=e9bc03ef-9a4c-4d84-ad46-8c627e414175
+network dnssd://Lexmark%20M3250%20(6)._ipp._tcp.local/?uuid=802f250b-fa5b-43a3-a843-1e8ba23189fa
+network dnssd://Lexmark%20M3250%20(8)._ipp._tcp.local/?uuid=b56cbbbe-2d78-4ef3-9b7a-297a6237f84d
+network dnssd://Lexmark%20MS510dn._ipp._tcp.local/?uuid=badd5f81-578d-4e6e-8aa0-715bf8e224b3
+network dnssd://Lexmark%20MS510dn%20(10)._ipp._tcp.local/?uuid=588460cb-d756-4d87-9239-9d8e910784e2
+network dnssd://Lexmark%20MS510dn%20(12)._ipp._tcp.local/?uuid=22ef395a-2897-4d8d-87de-061f52436e50
+network dnssd://Lexmark%20MS510dn%20(13)._ipp._tcp.local/?uuid=127f7806-f38e-497d-b053-f4e3137d11e0
+network dnssd://Lexmark%20MS510dn%20(5)._ipp._tcp.local/?uuid=7736e5dc-2015-417e-a637-7bc3c023ebb5
+network dnssd://Lexmark%20MS510dn%20(8)._ipp._tcp.local/?uuid=279c0534-9d92-4a33-afb5-8df038e3aa63
+network dnssd://Lexmark%20MX811._ipp._tcp.local/?uuid=13ffc623-6864-4b67-8ab0-c8e8d827ebd8
+network dnssd://Lexmark%20MX811%20(2)._ipp._tcp.local/?uuid=c9b81317-aa68-45b6-a702-09fab9d329d0
+network dnssd://Lexmark%20XM3250%20(2)._ipp._tcp.local/?uuid=641a82cd-4fcf-4b91-9a7a-de09460059f7
+network dnssd://Lexmark%20XM3250%20(3)._ipp._tcp.local/?uuid=c0bf69ec-fc3e-43e8-9b9c-61711fecbd34
+network dnssd://Lexmark%20XM5365._ipp._tcp.local/?uuid=d0c8af1e-9fd8-4c37-8ba1-b9419d1087d0
+network dnssd://SERVER-59A5._ipp._tcp.local/
+network dnssd://SHARP%20MX-C304W%20(9300735300)._printer._tcp.local/
+network dnssd://VS-300i%40RDG7F157A%20(92)._printer._tcp.local/
+}}}
+CUPS management web pages.
+To allow access to the management pages on local network the cupsd.conf file must be edited.
+{{{
+nano /etc/cups/cupsd.conf
+}}}
+{{{
+#
+# Configuration file for the CUPS scheduler.  See "man cupsd.conf" for a
+# complete description of this file.
+#
+# Log general information in error_log - change "warn" to "debug"
+# for troubleshooting...
+LogLevel warn
+PageLogFormat
+# Specifies the maximum size of the log files before they are rotated.  The value "0" disables log rotation.
+MaxLogSize 1m
+# Default error policy for printers
+ErrorPolicy stop-printer
+# Only listen for connections from the local machine.
+#Listen localhost:631
+Port 631
+Listen /run/cups/cups.sock
+# Show shared printers on the local network.
+Browsing Yes
+BrowseLocalProtocols dnssd
+# Default authentication type, when authentication is required...
+DefaultAuthType Basic
+# Web interface setting...
+WebInterface Yes
+# Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)
+IdleExitTimeout 60
+# Restrict access to the server...
+<Location />
+  Order allow,deny
+  Allow @local
+</Location>
+# Restrict access to the admin pages...
+<Location /admin>
+  Order allow,deny
+  Allow @local
+</Location>
+# Restrict access to configuration files...
+<Location /admin/conf>
+  AuthType Default
+  Require user @SYSTEM
+  Order allow,deny
+  Allow @local
+</Location>
+# Restrict access to log files...
+<Location /admin/log>
+  AuthType Default
+  Require user @SYSTEM
+  Order allow,deny
+  Allow @local
+</Location>
+# Set the default printer/job policies...
+<Policy default>
+  # Job/subscription privacy...
+  JobPrivateAccess default
+  JobPrivateValues default
+  SubscriptionPrivateAccess default
+  SubscriptionPrivateValues default
+  # Job-related operations must be done by the owner or an administrator...
+  <Limit Create-Job Print-Job Print-URI Validate-Job>
+    Order deny,allow
+  </Limit>
+  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+  # All administration operations require an administrator to authenticate...
+  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
+    AuthType Default
+    Require user @SYSTEM
+    Order deny,allow
+  </Limit>
+  # All printer operations require a printer operator to authenticate...
+  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
+    AuthType Default
+    Require user @SYSTEM
+    Order deny,allow
+  </Limit>
+  # Only the owner or an administrator can cancel or authenticate a job...
+  <Limit Cancel-Job CUPS-Authenticate-Job>
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+  <Limit All>
+    Order deny,allow
+  </Limit>
+</Policy>
+# Set the authenticated printer/job policies...
+<Policy authenticated>
+  # Job/subscription privacy...
+  JobPrivateAccess default
+  JobPrivateValues default
+  SubscriptionPrivateAccess default
+  SubscriptionPrivateValues default
+  # Job-related operations must be done by the owner or an administrator...
+  <Limit Create-Job Print-Job Print-URI Validate-Job>
+    AuthType Default
+    Order deny,allow
+  </Limit>
+  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
+    AuthType Default
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+  # All administration operations require an administrator to authenticate...
+  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
+    AuthType Default
+    Require user @SYSTEM
+    Order deny,allow
+  </Limit>
+  # All printer operations require a printer operator to authenticate...
+  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
+    AuthType Default
+    Require user @SYSTEM
+    Order deny,allow
+  </Limit>
+  # Only the owner or an administrator can cancel or authenticate a job...
+  <Limit Cancel-Job CUPS-Authenticate-Job>
+    AuthType Default
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+  <Limit All>
+    Order deny,allow
+  </Limit>
+</Policy>
+# Set the kerberized printer/job policies...
+<Policy kerberos>
+  # Job/subscription privacy...
+  JobPrivateAccess default
+  JobPrivateValues default
+  SubscriptionPrivateAccess default
+  SubscriptionPrivateValues default
+  # Job-related operations must be done by the owner or an administrator...
+  <Limit Create-Job Print-Job Print-URI Validate-Job>
+    AuthType Negotiate
+    Order deny,allow
+  </Limit>
+  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
+    AuthType Negotiate
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+  # All administration operations require an administrator to authenticate...
+  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
+    AuthType Default
+    Require user @SYSTEM
+    Order deny,allow
+  </Limit>
+  # All printer operations require a printer operator to authenticate...
+  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
+    AuthType Default
+    Require user @SYSTEM
+    Order deny,allow
+  </Limit>
+  # Only the owner or an administrator can cancel or authenticate a job...
+  <Limit Cancel-Job CUPS-Authenticate-Job>
+    AuthType Negotiate
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+  <Limit All>
+    Order deny,allow
+  </Limit>
+</Policy>
+}}}
+The line localhost:631 limits access so that only the page could only be accessed from the 825 itself. Commented this out be placing # in front and added line Port 631 below it.
+Added Allow @local just above each of the four </Location> lines.
+Then restart the cups service
+{{{
+sudo systemctl restart cups
+}}}