-
-
Notifications
You must be signed in to change notification settings - Fork 496
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
39 changed files
with
7,003 additions
and
5,941 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,190 @@ | ||
# | ||
# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a | ||
# complete description of this file. | ||
# | ||
|
||
# Log general information in error_log - change "warn" to "debug" | ||
# for troubleshooting... | ||
LogLevel warn | ||
PageLogFormat | ||
|
||
# Deactivate CUPS' internal logrotating, as we provide a better one, especially | ||
# LogLevel debug2 gets usable now | ||
MaxLogSize 0 | ||
|
||
# Listen for connections | ||
Listen 0.0.0.0:631 | ||
Listen /run/cups/cups.sock | ||
|
||
# Show shared printers on the local network. | ||
Browsing On | ||
BrowseLocalProtocols dnssd | ||
|
||
# Default authentication type, when authentication is required... | ||
DefaultAuthType Basic | ||
|
||
# Web interface setting... | ||
WebInterface Yes | ||
|
||
# Restrict access to the server... | ||
<Location /> | ||
Order allow,deny | ||
Allow @LOCAL | ||
</Location> | ||
|
||
# Restrict access to the admin pages... | ||
<Location /admin> | ||
Order allow,deny | ||
Allow @LOCAL | ||
</Location> | ||
|
||
# Restrict access to configuration files... | ||
<Location /admin/conf> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order allow,deny | ||
Allow @LOCAL | ||
</Location> | ||
|
||
# Restrict access to log files... | ||
<Location /admin/log> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order allow,deny | ||
Allow @LOCAL | ||
</Location> | ||
|
||
# Set the default printer/job policies... | ||
<Policy default> | ||
# Job/subscription privacy... | ||
JobPrivateAccess default | ||
JobPrivateValues default | ||
SubscriptionPrivateAccess default | ||
SubscriptionPrivateValues default | ||
|
||
# Job-related operations must be done by the owner or an administrator... | ||
<Limit Create-Job Print-Job Print-URI Validate-Job> | ||
Order deny,allow | ||
</Limit> | ||
|
||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# All administration operations require an administrator to authenticate... | ||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# All printer operations require a printer operator to authenticate... | ||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# Only the owner or an administrator can cancel or authenticate a job... | ||
<Limit Cancel-Job CUPS-Authenticate-Job> | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
<Limit All> | ||
Order deny,allow | ||
</Limit> | ||
</Policy> | ||
|
||
# Set the authenticated printer/job policies... | ||
<Policy authenticated> | ||
# Job/subscription privacy... | ||
JobPrivateAccess default | ||
JobPrivateValues default | ||
SubscriptionPrivateAccess default | ||
SubscriptionPrivateValues default | ||
|
||
# Job-related operations must be done by the owner or an administrator... | ||
<Limit Create-Job Print-Job Print-URI Validate-Job> | ||
AuthType Default | ||
Order deny,allow | ||
</Limit> | ||
|
||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> | ||
AuthType Default | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# All administration operations require an administrator to authenticate... | ||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# All printer operations require a printer operator to authenticate... | ||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# Only the owner or an administrator can cancel or authenticate a job... | ||
<Limit Cancel-Job CUPS-Authenticate-Job> | ||
AuthType Default | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
<Limit All> | ||
Order deny,allow | ||
</Limit> | ||
</Policy> | ||
|
||
# Set the kerberized printer/job policies... | ||
<Policy kerberos> | ||
# Job/subscription privacy... | ||
JobPrivateAccess default | ||
JobPrivateValues default | ||
SubscriptionPrivateAccess default | ||
SubscriptionPrivateValues default | ||
|
||
# Job-related operations must be done by the owner or an administrator... | ||
<Limit Create-Job Print-Job Print-URI Validate-Job> | ||
AuthType Negotiate | ||
Order deny,allow | ||
</Limit> | ||
|
||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> | ||
AuthType Negotiate | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# All administration operations require an administrator to authenticate... | ||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# All printer operations require a printer operator to authenticate... | ||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
# Only the owner or an administrator can cancel or authenticate a job... | ||
<Limit Cancel-Job CUPS-Authenticate-Job> | ||
AuthType Negotiate | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
|
||
<Limit All> | ||
Order deny,allow | ||
</Limit> | ||
</Policy> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.