Enable/Disable printer queue from command line
Kurt Pfeifle
kpfeifle at danka.de
Thu Jun 15 13:19:32 PDT 2006
Sean McBrien <smcbrien at bfsec.bt.co.uk> wrote (Thursday 15 June 2006 17:54):
> Folks,
>
> When I try to disable a printer via the command line:
>
> /usr/bin/disable <printer>
>
> I get the following error:
>
> disable: Forbidden
Which version of CUPS are you using? 1.1.x or 1.2.x? A distro package
or a self-compiled one?
Are you running the command as user or as root?
> This also happens with 'enable', any ideas?
Yes.
CUPS 1.2 introduced the concept of "Policy". Different OpPolicies can
be assigned to different printers. (By default, the DefaultPolicy
named "default" is assigned). See
http://localhost:631/help/ref-cupsd-conf.html?TOPIC=References&QUERY=#Policy
It may be the case that the printer's assigned "OpPolicy" does not
support its disabling/enabling by the user you impersonated. You
can see all "operations" that can be covered by a policy here:
http://localhost:631/help/ref-cupsd-conf.html?TOPIC=References&QUERY=#LimitIPP
You have to choose (or define) a policy that covers the operation names
Enable-Printer
Disable-Printer
for your impersonated user to execute.
> The reason I'm doing this is that there is a physical issue with a printer
> in that it needs rebooted often to get it to print, everytime it is
> rebooted the CUPS web pages say that the socket has failed ( i assume
> because it cant find it on the network) if i restart the queues via the
> web interface it will work fine again so i want to able to start the
> queues again from the command line rather than throwing xterms etc.
>
> Also, is there a way to configure cupsd.conf to allow remote computers to
> access the admin web interface rather than just http://localhost:631 on
> the machine itself?
Yes. It can be derived from the documentation at
http://localhost:631/help/ # CUPS 1.2.x
http://localhost:631/sam.html/ # CUPS 1.1.x
To give you 2 examples (should work for CUPS 1.1 as well as 1.2),
which may serve you to guide you your way through the documentation:
1. very open, very unsecure:
----------------------------
You could try to put this in your cupsd.conf if want to throw your
CUPS system open to *everyone* who is able to connect:
<Location /admin>
AuthType None
Order Deny,Allow
Allow from all
Deny from none
</Location>
2. fairly secure:
-----------------
To make it more secure, use s.th. like this (assuming you have 2
remote hosts you what to allow admin access, IP 192.168.1.101 and
adminworkstation.yourdomain.com):
<Location /admin>
AuthType Digest
Require user root sean
Order Allow,Deny
Allow from localhost
Allow from 192.168.1.101
Allow from adminworkstation.yourdomain.com
Deny from all
</Location>
If you use "AuthType Digest". Don't forget to run "lppasswd -a
root" and "lppasswd -a sean" to add users root and sean to the
/etc/cups/passwd.md5 file.
Cheers,
Kurt
More information about the cups
mailing list