服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 如何启用远程访问CUPS中的pipe理页面
Intereting Posts
后缀不工作 如何强制Outlook 2003 / Exchange 2003使用静态RPC端口? 从子域反向代理到子目录(HAProxy) 主pipe没有检测到服务 无法连接到JRun服务器 将所有请求redirect到一个特定的文件夹,除SSL之外的作品不? Server 2008 MSDN开发人员版本与Enterprise Server 2008不同? Kubuntu 9.04中有问题的无线连接pipe理器 redirectIIS与多个域 从文件stream迁移到“经典”blob Xen Domus与私人IP stunnel + HAProxy + Apache问题,多个站点证书 双向文件系统透明解决scheme的解决scheme 如何使用组策略禁用SID安全检查以进行文件夹redirect? 在Apache中添加随机标题

如何启用远程访问CUPS中的pipe理页面

我正在寻找访问CUPS网页界面的pipe理页面。

我可以访问该页面,并且可以浏览网站的大部分内容,但不幸的是,pipe理页面仍然被远程locking。

我确实Allow from all设置了Allow from all ,也尝试Allow all现在到处都是,而且我仍然无法访问该页面。

我错过了什么?

configuration文件 

 # # # Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a # complete description of this file. # # Log general information in error_log - change "warn" to "debug" # for troubleshooting... LogLevel warn # Deactivate CUPS' internal logrotating, as we provide a better one, especially # LogLevel debug2 gets usable now MaxLogSize 0 # Allow connection from remote hosts Port 631 Listen /var/run/cups/cups.sock # Show shared printers on the local network. Browsing On BrowseOrder allow,deny BrowseAllow all BrowseLocalProtocols all # Default authentication type, when authentication is required... DefaultAuthType Basic # Web interface setting... WebInterface Yes # Restrict access to the server... <Location /> Order allow,deny Allow from all </Location> # Restrict access to the admin pages... <Location /admin> Order allow,deny Allow from all </Location> # Restrict access to configuration files... <Location /admin/conf> AuthType Default Order allow,deny Allow from all </Location> # Set the default printer/job policies... <Policy default> # Job/subscription privacy... JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default # Job-related operations must be done by the owner or an administrator... <Limit Create-Job Print-Job Print-URI Validate-Job> Order deny,allow Allow from all </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> Require user @OWNER @SYSTEM Order deny,allow Allow from all </Limit> # All administration operations require an administrator to authenticate... <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices> AuthType Default Require user @SYSTEM Order deny,allow Allow from all </Limit> # All printer operations require a printer operator to authenticate... <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Require user @SYSTEM Order deny,allow Allow from all </Limit> # Only the owner or an administrator can cancel or authenticate a job... <Limit Cancel-Job CUPS-Authenticate-Job> Require user @OWNER @SYSTEM Order deny,allow Allow from all </Limit> <Limit All> Order deny,allow Allow from all </Limit> </Policy> # Set the authenticated printer/job policies... <Policy authenticated> # Job/subscription privacy... JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default # Job-related operations must be done by the owner or an administrator... <Limit Create-Job Print-Job Print-URI Validate-Job> AuthType Default Order deny,allow Allow from all </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> AuthType Default Require user @OWNER @SYSTEM Order deny,allow Allow from all </Limit> # All administration operations require an administrator to authenticate... <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> AuthType Default Require user @SYSTEM Order deny,allow Allow from all </Limit> # All printer operations require a printer operator to authenticate... <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Require user @SYSTEM Order deny,allow Allow from all </Limit> # Only the owner or an administrator can cancel or authenticate a job... <Limit Cancel-Job CUPS-Authenticate-Job> AuthType Default Require user @OWNER @SYSTEM Order deny,allow Allow from all </Limit> <Limit All> Order deny,allow Allow from all </Limit> </Policy>

Dockerfile 

 # # Add a Printer user # RUN useradd \ --groups=sudo,lp,lpadmin \ --create-home \ --home-dir=/home/print \ --shell=/bin/bash \ print # # Set the password for the printer user # RUN echo print:sdsds | chpasswd

我要做的是在</Policy>标签下面的下面的块: 

 <Location /> Order allow,deny Allow localhost Allow from 192.168.0.* Allow from 10.0.*.* </Location> Listen 0.0.0.0:631

对于pipe理员访问具体来说,香草configuration通常有: 

 <Location /admin/conf> AuthType Default Require user @SYSTEM Order allow,deny </Location>

为了创build一个合适的用户帐户,你只需要创build一个用户,该用户是lpadmin组的成员(我build议你确实需要对pipe理部分进行某种authentication): sudo useradd -g lpadmin cupsadmin ,然后设置一个密码。

另见https://askubuntu.com/questions/387217/cups-admin-user-and-password-saucy

更新:下面应该作为一个起点,也正好解决了@DavidGatti最初提出的问题 – 它不像原始configuration那样完整/精细,但可以重新添加策略configuration。

然而,这个configuration不会使用@SYSTEM用户,而是接受任何“本地”,有效的用户。 configuration的用例在Docker容器中运行CUPS,所以似乎最好避免需要任何“特殊”,除了具有密码的用户之外,为CUPS提供pipe理访问。 

 # Disable cups internal logging - use logrotate instead MaxLogSize 0 # Log general information in error_log - change "warn" to "debug" # for troubleshooting... LogLevel warn #PageLogFormat Listen /run/cups/cups.sock Listen 0.0.0.0:631 Port 631 # Show shared printers on the local network. Browsing On BrowseLocalProtocols dnssd # Default authentication type, when authentication is required... DefaultAuthType Basic # Web interface setting... WebInterface Yes # Restrict access to the server... # This config allow anyone access to the WUI <Location /> Order allow,deny Allow all </Location> # Restrict access to the admin pages... # Allows anyone to try and access admin pages. # Any local user's credentials will be accepted <Location /admin> AuthType Basic Require valid-user Allow all Order allow,deny </Location> # Restrict access to configuration files... # Any local user's credentials will be accepted <Location /admin/conf> AuthType Basic Require valid-user Allow all Order allow,deny </Location> # Restrict access to log files... # Any local user's credentials will be accepted <Location /admin/log> AuthType Basic Require valid-user Allow all Order allow,deny </Location> Browsing On

您可能还会在“ 如何configuration杯子”中find一些体面的指示器, 以允许使用身份validation和本地打印进行远程打印。

我尝试了所有的解决scheme,但浏览器总是返回消息“连接拒绝”,直到我改变我的cupsd.conf文件,如下所示:

听0.0.0.0:631港口631