Karla:/home/ulrich # cat /etc/cups/cupsd.conf
#
# "$Id: cupsd.conf.in 11025 2013-06-07 01:00:33Z msweet $"
#
# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#
# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
# Only listen for connections from the local machine.
Listen localhost:631
Listen /run/cups/cups.sock
# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols dnssd
# Default authentication type, when authentication is required...
DefaultAuthType Basic
# Web interface setting...
WebInterface Yes
# Restrict access to the server...
Order allow,deny
# Restrict access to the admin pages...
Order allow,deny
# Restrict access to configuration files...
AuthType Default
Require user @SYSTEM
Order allow,deny
# Set the default printer/job policies...
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
Order deny,allow
Require user @OWNER @SYSTEM
Order deny,allow
# All administration operations require an administrator to authenticate...
AuthType Default
Require user @SYSTEM
Order deny,allow
# All printer operations require a printer operator to authenticate...
AuthType Default
Require user @SYSTEM
Order deny,allow
# Only the owner or an administrator can cancel or authenticate a job...
Require user @OWNER @SYSTEM
Order deny,allow
Order deny,allow
# Set the authenticated printer/job policies...
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
AuthType Default
Order deny,allow
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
# All administration operations require an administrator to authenticate...
AuthType Default
Require user @SYSTEM
Order deny,allow
# All printer operations require a printer operator to authenticate...
AuthType Default
Require user @SYSTEM
Order deny,allow
# Only the owner or an administrator can cancel or authenticate a job...
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
Order deny,allow
# The policy below is added by SUSE during build of our cups package.
# The policy 'allowallforanybody' is totally open and insecure and therefore
# it can only be used within an internal network where only trused users exist
# and where the cupsd is not accessible at all from any external host, see
# http://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings
# Have in mind that any user who is allowed to do printer admin tasks
# can change the print queues as he likes - e.g. send copies of confidental
# print jobs from an internal network to any external destination, see
# http://en.opensuse.org/SDB:CUPS_in_a_Nutshell
# For documentation regarding 'Managing Operation Policies' see
# http://www.cups.org/documentation.php/doc-1.7/policies.html
# Allow anybody to access job's private values:
JobPrivateAccess all
# Make none of the job values to be private:
JobPrivateValues none
# Allow anybody to access subscription's private values:
SubscriptionPrivateAccess all
# Make none of the subscription values to be private:
SubscriptionPrivateValues none
# Allow anybody to do all IPP operations:
# Currently the IPP operations Validate-Job Cancel-Jobs Cancel-My-Jobs Close-Job CUPS-Get-Document
# must be additionally exlicitly specified because those IPP operations are not included
# in the "All" wildcard value - otherwise cupsd prints error messages of the form
# "No limit for Validate-Job defined in policy allowallforanybody and no suitable template found."
Order deny,allow
Allow from all
# Explicitly set the CUPS 'default' policy to be used by default:
DefaultPolicy default
#
# End of "$Id: cupsd.conf.in 11025 2013-06-07 01:00:33Z msweet $".
#