I have a CUPS access control question. This relates to cups-1.3.7-8.el5_3.4 on a SL 5.1 system fully patched. This also relates to using CUPS as a printer server where all my other linux boxes use the browsing feature of CUPS to print thru the print server.
With an older version of CUPS (1.1.17-13.3.58) I'm currently using on an older RHEL3 system, I can control access to all our printers by specifying either a network or specific IP address in a CUPS white list. This is done via redhat-config-printer, which has, via a pulldown menu, a "sharing..." option, which then opens a box that allows one to specify a single host or a network that is allowed to access individual print queues. This is very important for us in order to keep others, on different networks, from finding and using our printers (yes, I'm talking about those crafty grad students in other departments.) as well as allowing (via specific hostname) a user *not* on our network to print to our printers. Needing to migrate from RHEL3, I set up a test SL 5.1 box and was able to duplicate the printer server function of our old RHEL3 box, *except* that now, with the latest CUPS version, access control is only by user! - and even that seems to be broken when going thru system-config-printer. I'm only able to add a user via the web interface (http://localhost:631). That functionality via system-config-printer is grayed out! And just what does "user" mean? Where does it look for the "user" entry one might include? Passwd file? NIS? Is the CUPS administrator expected to enter hundreds of user names? And what about allowing someone, *not* in our NIS or passwd file to print to our printers? Anyway, we need to control access via network and hostname as in the past. Is there no way to do that type of access control anymore? Thanks! - Larry -- P. Larry Nelson (217-244-9855) | Systems/Network Administrator 461 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo:[email protected] | http://www.roadkill.com/lnelson/ ------------------------------------------------------------------- "Information without accountability is just noise." - P.L. Nelson
