[cups.general] Configurate roles in CUPS 1.3.7
Michael Sweet
msweet at apple.com
Tue May 24 14:53:43 PDT 2011
You want to use policies to control this; see:
http://www.cups.org/documentation.php/policies.html
On May 24, 2011, at 9:23 AM, Jim wrote:
> Hello,
> I'm starting with CUPS 1.3.7 configuration and can't see any option to create or modify roles into cupsd.conf file.
> I'm modifying the configuration file (cupsd.conf ) but I can't separate roles into Web Service Administration site (http://<localhost>:631). I'd like to know if this is possible to create a role only for administrator whom can do administrator tasks (create printer, clases, etc) and another role with operation roles (stop and start printers, cancel jobs,etc).
> I've created some groups, but it didn't work.
> Please, let me know if this is possible with CUPS 1.3.7 or I have to migrate to newest version.
> This is part of my configuration file:
>
> LogLevel info
> # Administrator user group...
> SystemGroup cups1
> ServerName 10.1.3.31
>
> MaxJobs 0
>
> Printcap /etc/printcap
>
> Listen 10.1.3.31:631
> Listen localhost:631
> Listen /var/run/cups/cups.sock
>
> Browsing On
>
> Timeout 3600
>
> BrowseAddress 10.1.3.255
> BrowseAllow @LOCAL
> BrowseLocalProtocols CUPS
>
> BrowseInterval 180
>
> BrowseOrder allow,deny
>
> BrowseTimeout 3600
>
> ImplicitClasses On
>
> RootCertDuration 3600
>
> <Location />
> AuthType Basic
> Order Allow,Deny
> Deny from none
> Allow from All
> </Location>
>
>
> ############################################################
> ############################################################
> # AUTH
> ############################################################
> ############################################################
>
>
> # Default authentication type, when authentication is required...
> DefaultAuthType Basic
> DefaultEncryption IfRequested
>
> # Restrict access to the server...
> <Location />
> Order allow,deny
> Allow @LOCAL
> </Location>
>
> # Restrict access to the admin pages...
> <Location /admin>
> AuthType Basic
> AuthClass System
> Order deny,allow
> Allow @LOCAL
> </Location>
>
> # Restrict access to configuration files...
> <Location /admin/conf>
> AuthType Default
> Require user @SYSTEM
> Order allow,deny
> </Location>
>
>
>
> DefaultPolicy mypolicy
>
> # Set the default printer/job policies...
> <Policy mypolicy>
> # Job-related operations must be done by the owner or an administrator...
> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
> Require user @OWNER @SYSTEM
> Order allow,deny
> allow from 10.1.3.0/24
> </Limit>
>
> # All administration operations require an administrator to authenticate...
> <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
> # AuthType Basic
> Require group cups2
> Order deny,allow
> </Limit>
>
> # All printer operations require a printer operator to authenticate...
> <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
> # AuthType Basic
> Require user @SYSTEM
> Order deny,allow
> Allow from all
> </Limit>
>
> # Only the owner or an administrator can cancel or authenticate a job...
> <Limit Cancel-Job CUPS-Authenticate-Job>
> Require user @OWNER @SYSTEM
> Order deny,allow
> </Limit>
>
> <Limit All>
> Order allow,deny
> # Allow from @LOCAL
> </Limit>
> </Policy>
>
>
>
> ----------------------------------------
>
> Thanks in advance.
> Jim
> _______________________________________________
> cups mailing list
> cups at easysw.com
> http://lists.easysw.com/mailman/listinfo/cups
________________________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair
More information about the cups
mailing list