Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Minimum open valid cupsd.conf policy?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
turtles
Veteran
Veteran


Joined: 31 Dec 2004
Posts: 1341

PostPosted: Wed Feb 06, 2019 9:45 pm    Post subject: Minimum open valid cupsd.conf policy? Reply with quote

Greetings all I am setting up some cups servers mostly for testing and I would like the cups server to allow anyone logged in on the local box to do anything (add printers etc) over the web interface with cups asking for no authentication of any kind also google chrome does not implement http auth headers correctly so I would like cups to never send them (I am just talking localhost).

I have been doing this for years and lately I am running into problems where the web interface wanting me to authenticate when adding a printer from google chrome.
When I tested this from firefox it asked for my username and password.
I have been re-reading the man pages and cupsd source code to figure out whats going on.
This is the config I am testing
Code:
#
# Configuration file for the CUPS scheduler.  See "man cupsd.conf" for a
# complete description of this file.
#

# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
#none emerg alert crit error warn notice info debug debug2

LogLevel debug
PageLogFormat

# Only listen for connections from the local machine.
Listen localhost:631
Listen /run/cups/cups.sock

# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols all

# Default authentication type, when authentication is required...
#'cupsdDefaultAuthType()' - Get the default AuthType.
#When the default_auth_type is "auto", this function tries to get the GSS
#credentials for the server.  If that succeeds we use Kerberos authentication,
#otherwise we do a fallback to Basic authentication against the local user
# accounts.
# note net-print/cups-filters with USE= ipp_autosetup is needed to discover office printer on the network.
#net-print/cups-filters provides  cups-browsed
# Also set BrowseRemoteProtocols DNSSD,CUPS
#in  cups-browsed.conf
AuthType None

#DefaultAuthType Basic #Setting this to None seems to breaks cups

DefaultPolicy Open

# Web interface setting...
WebInterface Yes

# Restrict access to the server...
<Location />
  Order allow,deny
</Location>

# Restrict access to the admin pages...
<Location /admin>
  Order allow,deny
</Location>

# Restrict access to configuration files...
<Location /admin/conf>
  Order allow,deny
</Location>

# Restrict access to log files...
<Location /admin/log>
  Order allow,deny
</Location>

# Set the printer/job policy to Open


<Policy Open>
  JobPrivateAccess none
  JobPrivateValues none
  SubscriptionPrivateAccess none
  #SubscriptionPrivateAccess all
  SubscriptionPrivateValues none
  #SubscriptionPrivateValues all
  <Limit All>
  Allow all
  </Limit>
</Policy>


Thanks all!
_________________
Donate to Gentoo
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum