# Cupsd.conf vom 12.04.2006
# Eintraege Cups-Server
########
######## Server Identity
########

#
# ServerName: the hostname of your server, as advertised to the world.
# By default CUPS will use the hostname of the system.
#
# To set the default server used by clients, see the client.conf file.
#
ServerName pematlinux

#
# ServerAdmin: the email address to send all complaints/problems to.
# By default CUPS will use "root@hostname".
#
# ServerAdmin jfock@abas-projektierung.de
########
######## Server Options
########

#
# AccessLog: the access log file; if this does not start with a leading /
# then it is assumed to be relative to ServerRoot.  By default set to
# "/var/log/cups/access_log"
#
# You can also use the special name "syslog" to send the output to the
# syslog file or daemon.
#
# AccessLog /var/log/cups/access_log
#
# Classification: the classification level of the server.  If set, this
# classification is displayed on all pages, and raw printing is disabled.
# The default is the empty string.
#

#Classification classified
#Classification confidential
#Classification secret
#Classification topsecret
#Classification unclassified

#
# ClassifyOverride: whether to allow users to override the classification
# on printouts. If enabled, users can limit banner pages to before or
# after the job, and can change the classification of a job, but cannot
# completely eliminate the classification or banners.
#
# The default is off.
#

#ClassifyOverride off
#
# DataDir: the root directory for the CUPS data files.
# By default "/usr/share/cups".
#
# DataDir /usr/share/cups

#
# DefaultCharset: the default character set to use. If not specified,
# defaults to "utf-8".  Note that this can also be overridden in
# HTML documents...
# DefaultCharset utf-8
#
# DefaultLanguage: the default language if not specified by the browser.
# If not specified, the current locale is used.
#
DefaultLanguage de
#
# DocumentRoot: the root directory for HTTP documents that are served.
# By default "/usr/share/doc/cups-1.1.17".
#
DocumentRoot /usr/share/doc/cups
#
# ErrorLog: the error log file; if this does not start with a leading /
# then it is assumed to be relative to ServerRoot.  By default set to
# "/var/log/cups/error_log"
#
# You can also use the special name "syslog" to send the output to the
# syslog file or daemon.
#
ErrorLog /var/log/cups/error_log

# Fontpath: the path to locate all font files (currently only for pstoraster)
# By default "/usr/share/cups/fonts".
#
# Path /usr/share/cups/fonts

#
# PreserveJobHistory: whether or not to preserve the job history after a
# job is completed, cancelled, or stopped.  Default is Yes.
#

PreserveJobHistory Yes
#
# PreserveJobFiles: whether or not to preserve the job files after a
# job is completed, cancelled, or stopped.  Default is No.
#

PreserveJobFiles No
#
# AutoPurgeJobs: automatically purge jobs when not needed for quotas.
# Default is No.
#

AutoPurgeJobs No
#
# MaxCopies: maximum number of copies that a user can request. Default is
# 100.
#
#
# MaxJobs: maximum number of jobs to keep in memory (active and completed.)
# Default is 500; the value 0 is used for no limit.
#

MaxJobs 0

Printcap /etc/princap
# Log general information in error_log - change "info" to "debug" for
# troubleshooting...
LogLevel debug
#
#
#
# Administrator user group...
SystemGroup sys root users


# Only listen for connections from the local machine.
Listen 127.0.0.1:631
Listen 192.168.101.3:631
Listen 192.168.101.2:631
Listen 6.7.8.1:631
Listen /var/run/cups/cups.sock


# Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow @LOCAL
BrowseAllow localhost


# Authenticate against system accounts by default...
DefaultAuthType Basic

# Restrict access to the server...
<Location />
  Order allow,deny
  Allow localhost
  Allow 192.168.101.0/24
  Allow 6.7.8.0/24
</Location>

# Restrict access to the admin pages...
<Location /admin>
  Order allow,deny
  Allow localhost
  Allow 192.168.101.0/24
  Allow 6.7.8.0/24
</Location>

# Restrict access to configuration files...
<Location /admin/conf>
  AuthType Basic
  Require user @SYSTEM
  Order allow,deny
  Allow localhost
  Allow 192.168.101.0/24
  Allow 6.7.8.0/24
</Location>

# Set the default printer/job policies...
<Policy default>
  # Job-related operations must be done by the owner or an adminstrator...
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
    Allow localhost
    Allow 192.168.101.0/24
    Allow 6.7.8.0/24
  </Limit>

  # All administration operations require an adminstrator to authenticate...
  <Limit Pause-Printer Resume-Printer Set-Printer-Attributes Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Add-Printer CUPS-Delete-Printer CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default>
    AuthType Basic
    Require user @SYSTEM
    Order deny,allow
    Allow localhost
    Allow 192.168.101.0/24
    Allow 6.7.8.0/24
  </Limit>

  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
    Allow localhost
    Allow 192.168.101.0/24
    Allow 6.7.8.0/24
  </Limit>

  <Limit All>
    Order deny,allow
    Allow localhost
    Allow 192.168.101.0/24
    Allow 6.7.8.0/24
  </Limit>
</Policy>