#
-# "$Id: cupsd.conf.in 6268 2007-02-12 02:46:11Z mike $"
+# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
+# complete description of this file.
#
-# Sample configuration file for the Common UNIX Printing System (CUPS)
-# scheduler. See "man cupsd.conf" for a complete description of this
-# file.
-#
-
-# Log general information in error_log - change "info" to "debug" for
-# troubleshooting...
-LogLevel info
-# Administrator user group...
-SystemGroup @CUPS_SYSTEM_GROUPS@
-@CUPS_SYSTEM_AUTHKEY@
+# Log general information in error_log - change "@CUPS_LOG_LEVEL@" to "debug"
+# for troubleshooting...
+LogLevel @CUPS_LOG_LEVEL@
+@CUPS_PAGE_LOG_FORMAT@
# Only listen for connections from the local machine.
Listen localhost:@DEFAULT_IPP_PORT@
# Show shared printers on the local network.
Browsing On
-BrowseOrder allow,deny
-BrowseAllow all
+BrowseLocalProtocols @CUPS_BROWSE_LOCAL_PROTOCOLS@
# Default authentication type, when authentication is required...
DefaultAuthType Basic
+# Web interface setting...
+WebInterface @CUPS_WEBIF@
+
# Restrict access to the server...
<Location />
Order allow,deny
- Allow localhost
</Location>
# Restrict access to the admin pages...
<Location /admin>
-@ENCRYPTION_REQUIRED@
Order allow,deny
- Allow localhost
</Location>
# Restrict access to configuration files...
<Location /admin/conf>
- AuthType Basic
+ AuthType Default
+ Require user @SYSTEM
+ Order allow,deny
+</Location>
+
+# Restrict access to log files...
+<Location /admin/log>
+ AuthType Default
Require user @SYSTEM
Order allow,deny
- Allow localhost
</Location>
# Set the default printer/job policies...
<Policy default>
- # Job-related operations must be done by the owner or an adminstrator...
- <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
+ # Job/subscription privacy...
+ JobPrivateAccess default
+ JobPrivateValues default
+ SubscriptionPrivateAccess default
+ SubscriptionPrivateValues default
+
+ # Job-related operations must be done by the owner or an administrator...
+ <Limit Create-Job Print-Job Print-URI Validate-Job>
+ Order deny,allow
+ </Limit>
+
+ <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
- # All administration operations require an adminstrator to authenticate...
- <Limit Pause-Printer Resume-Printer Set-Printer-Attributes Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Add-Printer CUPS-Delete-Printer CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default>
- AuthType Basic
+ # All administration operations require an administrator to authenticate...
+ <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
+ AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
+ # All printer operations require a printer operator to authenticate...
+ <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
+ AuthType Default
+ Require user @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
+ Order deny,allow
+ </Limit>
+
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
+ Require user @OWNER @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
+ Order deny,allow
+ </Limit>
+
+ <Limit All>
+ Order deny,allow
+ </Limit>
+</Policy>
+
+# Set the authenticated printer/job policies...
+<Policy authenticated>
+ # Job/subscription privacy...
+ JobPrivateAccess default
+ JobPrivateValues default
+ SubscriptionPrivateAccess default
+ SubscriptionPrivateValues default
+
+ # Job-related operations must be done by the owner or an administrator...
+ <Limit Create-Job Print-Job Print-URI Validate-Job>
+ AuthType Default
+ Order deny,allow
+ </Limit>
+
+ <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
+ AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
+ # All administration operations require an administrator to authenticate...
+ <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
+ AuthType Default
+ Require user @SYSTEM
+ Order deny,allow
+ </Limit>
+
+ # All printer operations require a printer operator to authenticate...
+ <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
+ AuthType Default
+ Require user @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
+ Order deny,allow
+ </Limit>
+
+ # Only the owner or an administrator can cancel or authenticate a job...
+ <Limit Cancel-Job CUPS-Authenticate-Job>
+ AuthType Default
+ Require user @OWNER @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
+ Order deny,allow
+ </Limit>
+
<Limit All>
Order deny,allow
</Limit>
</Policy>
-#
-# End of "$Id: cupsd.conf.in 6268 2007-02-12 02:46:11Z mike $".
-#
+# Set the kerberized printer/job policies...
+<Policy kerberos>
+ # Job/subscription privacy...
+ JobPrivateAccess default
+ JobPrivateValues default
+ SubscriptionPrivateAccess default
+ SubscriptionPrivateValues default
+
+ # Job-related operations must be done by the owner or an administrator...
+ <Limit Create-Job Print-Job Print-URI Validate-Job>
+ AuthType Negotiate
+ Order deny,allow
+ </Limit>
+
+ <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
+ AuthType Negotiate
+ Require user @OWNER @SYSTEM
+ Order deny,allow
+ </Limit>
+
+ # All administration operations require an administrator to authenticate...
+ <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
+ AuthType Default
+ Require user @SYSTEM
+ Order deny,allow
+ </Limit>
+
+ # All printer operations require a printer operator to authenticate...
+ <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
+ AuthType Default
+ Require user @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
+ Order deny,allow
+ </Limit>
+
+ # Only the owner or an administrator can cancel or authenticate a job...
+ <Limit Cancel-Job CUPS-Authenticate-Job>
+ AuthType Negotiate
+ Require user @OWNER @CUPS_DEFAULT_PRINTOPERATOR_AUTH@
+ Order deny,allow
+ </Limit>
+
+ <Limit All>
+ Order deny,allow
+ </Limit>
+</Policy>
projects / thirdparty / cups.git / blobdiff