--- cupsd.conf.good 2007-10-31 15:55:23.000000000 -0400 +++ cupsd.conf.fucked 2007-10-31 15:55:23.000000000 -0400 @@ -1,119 +1,72 @@ -# -# -# Sample configuration file for the Common UNIX Printing System (CUPS) -# scheduler. See "man cupsd.conf" for a complete description of this -# file. -# - -# Log general information in error_log - change "info" to "debug" for -# troubleshooting... -LogLevel warning - -# Administrator user group... +# Show troubleshooting information in error_log. +LogLevel debug SystemGroup root - - -# Listen for connections on any address since we have many IPs -Listen 0.0.0.0:631 +# Allow remote access +Port 631 Listen /var/run/cups/cups.sock - -# Show shared printers on the local network. +# Disable printer sharing and shared printers. Browsing Off -BrowseOrder allow,deny -BrowseAllow all -BrowseAddress @LOCAL - -# Default authentication type, when authentication is required... DefaultAuthType Basic - -# Restrict access to the server... + # Allow remote administration... Order allow,deny - Allow localhost - Allow 10.0.0.0/8 Allow @LOCAL - -# Restrict access to the admin pages... + # Allow remote administration... Order allow,deny - Allow localhost - Allow 10.0.0.0/8 + Allow @LOCAL - -# Restrict access to configuration files... AuthType Default Require user @SYSTEM + # Allow remote access to the configuration files... Order allow,deny - Allow localhost - Allow 10.0.0.0/8 + Allow @LOCAL - -# Set the default printer/job policies... - # Job-related operations must be done by the owner or an administrator... Require user @OWNER @SYSTEM @lpadmin Order deny,allow - - # All administration operations require an administrator to authenticate... AuthType Default Require user @SYSTEM @lpadmin Order deny,allow - - # All printer operations require a printer operator to authenticate... AuthType Default Require user @SYSTEM @lpadmin Order deny,allow - - # Only the owner or an administrator can cancel or authenticate a job... Require user @OWNER @SYSTEM @lpadmin Order deny,allow - Order deny,allow - -#Give job access to LDAP group "employes", administration to LDAP group "lpadmin" -#http://cups.org/documentation.php/policies.html - # Job-related operations must be done by the owner or an administrator... - Require user @OWNER @SYSTEM @employes @lpadmin - Order deny,allow - - - # All administration operations require an administrator to authenticate... + Require user @OWNER @SYSTEM @employes @lpadmin + Order deny,allow + - AuthType Default - Require user @SYSTEM @lpadmin - Order deny,allow +AuthType Default +Require user @SYSTEM @lpadmin +Order deny,allow - - # All printer operations require a printer operator to authenticate... - AuthType Default - Require user @SYSTEM @employes @lpadmin - Order deny,allow - - - # Only the owner or an administrator can cancel or authenticate a job... + AuthType Default + Require user @SYSTEM @employes @lpadmin + Order deny,allow + Require user @OWNER @SYSTEM @employes @lpadmin Order deny,allow - - + - Order deny,allow - + Order deny,allow + -