Limiting list of printers seen by user?

Michael Sweet mike at
Wed Sep 28 05:06:13 PDT 2005

Erik Forsberg wrote:
> ...
> Will configuring permissions on one of the CUPS clients work? I.e., if
> I run lpadmin -u deny:joe on one of the clients, will joe be
> disallowed to print to that printer from that client, or from all
> clients? Or must I configure permission on the master CUPS for this to
> work well? 

Setting -u deny:joe on the client will only affect that client and
will essentially be temporary for the life of the remote printer; you
need to point at the server to affect all clients.

> On the same matter - what permissions do I need to have to configure
> allow/deny lists for a printer? Can I do it remotely with a
> non-root-user?

You'll need administrator permissions - internally it uses the
CUPS-Add-Printer operation to set the printer attributes, although
we'll likely add support for Set-Printer-Attributes in CUPS 1.2 as
well since it has similar semantics...

In CUPS 1.1.x, you just open up /admin (typically by adding
"allow @LOCAL" to that location) to allow for remote administration.

In CUPS 1.2.x, you'll also want to look at the policy - the
defaults work just like CUPS 1.1.x, but you have a lot more
control over individual operations.  For example, you can allow
normal users to start/stop printers, but limit other admin ops to

Michael Sweet, Easy Software Products           mike at easysw dot com
Internet Printing and Publishing Software

More information about the cups mailing list