On Wed, 2008-12-03 at 17:55 +0100, David Jansen wrote: > I came across another weird problem: here at our university department, > we have a few hundred Linux machines, most of them Fedora, and in the > process of being upgraded to fedora 10. > Now my problem is printing. There is a central printserver (running RHEL5) > and making a fedora pc a client (by placing a printserver entry in > /etc/cups/client.conf) makes it possible to access all the printers on > the printserver. > However, a couple of machines have a local printer as well. That used to > work in Fedora 8: set up the local printer (probably autodetected on > install anyway), make sure it is shared, and then make the machine a > cups client so everything goes to the printserver. A solution I found in > some howto on the net, but I can't remember where. > However, in fedora 10, this no longer works. A computer seems to be a > client of the central printserver, or it is not a client, and it can see > its own printer, and any browsed cups printers on the local net. > (and, since our network consists of a couple of subnets in multiple > buildings, just relying on cups to find all printers by browsing on the > local subnet is not a complete solution). > > Does anyone know how to do this? The thing is ofcourse, that cups has > not had a major upgrade between fedora 8 and fedora 10, and I see > nothing in the changelogs that indicates a change of behaviour. > > David Jansen > This can be done. I have one machine doing it. It requires a careful reading of the documentation for cupsd.conf on the client machine which is also its own server. Unfortunately I can't remember exactly what I did to make this work so the best I can do is to attach a copy of cupsd.conf on a machine that supports this configuration. Its central print server is 192.168.100 but can print to its local printer in addition. -- ======================================================================= Distress, n.: A disease incurred by exposure to the prosperity of a friend. -- Ambrose Bierce, "The Devil's Dictionary" ======================================================================= Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@xxxxxxxxxxxxx
# # "$Id: cupsd.conf.in,v 1.17 2005/01/03 19:29:45 mike Exp $" # # Sample configuration file for the Common UNIX Printing System (CUPS) # scheduler. # # Copyright 1997-2005 by Easy Software Products, all rights reserved. # # These coded instructions, statements, and computer programs are the # property of Easy Software Products and are protected by Federal # copyright law. Distribution and use rights are outlined in the file # "LICENSE.txt" which should have been included with this file. If this # file is missing or damaged please contact Easy Software Products # at: # # Attn: CUPS Licensing Information # Easy Software Products # 44141 Airport View Drive, Suite 204 # Hollywood, Maryland 20636 USA # # Voice: (301) 373-9600 # EMail: cups-info@xxxxxxxx # WWW: http://www.cups.org # ######################################################################## # # # This is the CUPS configuration file. If you are familiar with # # Apache or any of the other popular web servers, we've followed the # # same format. Any configuration variable used here has the same # # semantics as the corresponding variable in Apache. If we need # # different functionality then a different name is used to avoid # # confusion... # # # ######################################################################## ######## ######## Server Identity ######## # # ServerName: the hostname of your server, as advertised to the world. # By default CUPS will use the hostname of the system. # # To set the default server used by clients, see the client.conf file. # #ServerName myhost.domain.com # # ServerAdmin: the email address to send all complaints/problems to. # By default CUPS will use "root@hostname". # #ServerAdmin root@xxxxxxxxxxxxxxx ######## ######## Server Options ######## # # AccessLog: the access log file; if this does not start with a leading / # then it is assumed to be relative to ServerRoot. By default set to # "/var/log/cups/access_log" # # You can also use the special name "syslog" to send the output to the # syslog file or daemon. # #AccessLog /var/log/cups/access_log # # Classification: the classification level of the server. If set, this # classification is displayed on all pages, and raw printing is disabled. # The default is the empty string. # #Classification classified #Classification confidential #Classification secret #Classification topsecret #Classification unclassified # # ClassifyOverride: whether to allow users to override the classification # on printouts. If enabled, users can limit banner pages to before or # after the job, and can change the classification of a job, but cannot # completely eliminate the classification or banners. # # The default is off. # #ClassifyOverride off # # DataDir: the root directory for the CUPS data files. # By default "/usr/share/cups". # #DataDir /usr/share/cups # # DefaultCharset: the default character set to use. If not specified, # defaults to "utf-8". Note that this can also be overridden in # HTML documents... # #DefaultCharset utf-8 # # DefaultLanguage: the default language if not specified by the browser. # If not specified, the current locale is used. # #DefaultLanguage en # # DocumentRoot: the root directory for HTTP documents that are served. # By default "/usr/share/doc/cups-1.1.23". # #DocumentRoot /usr/share/doc/cups-1.1.23 # # ErrorLog: the error log file; if this does not start with a leading / # then it is assumed to be relative to ServerRoot. By default set to # "/var/log/cups/error_log" # # You can also use the special name "syslog" to send the output to the # syslog file or daemon. # #ErrorLog /var/log/cups/error_log # LogFilePerm: determines the file mode to set log files to. # LogFilePerm 0600 # # FileDevice: determines whether the scheduler will allow new printers # to be added using device URIs of the form "file:/foo/bar". The default # is not to allow file devices due to the potential security vulnerability # and due to the fact that file devices do not support raw printing. # #FileDevice No # # FontPath: the path to locate all font files (currently only for pstoraster) # By default "/usr/share/cups/fonts". # #FontPath /usr/share/cups/fonts # # LogLevel: controls the number of messages logged to the ErrorLog # file and can be one of the following: # # debug2 Log everything. # debug Log almost everything. # info Log all requests and state changes. # warn Log errors and warnings. # error Log only errors. # none Log nothing. # MaxLogSize 2000000000 LogLevel info # # MaxLogSize: controls the maximum size of each log file before they are # rotated. Defaults to 1048576 (1MB). Set to 0 to disable log rotating. # #MaxLogSize 0 # # PageLog: the page log file; if this does not start with a leading / # then it is assumed to be relative to ServerRoot. By default set to # "/var/log/cups/page_log" # # You can also use the special name "syslog" to send the output to the # syslog file or daemon. # #PageLog /var/log/cups/page_log # # PreserveJobHistory: whether or not to preserve the job history after a # job is completed, cancelled, or stopped. Default is Yes. # #PreserveJobHistory Yes # # PreserveJobFiles: whether or not to preserve the job files after a # job is completed, cancelled, or stopped. Default is No. # #PreserveJobFiles No # # AutoPurgeJobs: automatically purge jobs when not needed for quotas. # Default is No. # #AutoPurgeJobs No # # MaxCopies: maximum number of copies that a user can request. Default is # 100. # #MaxCopies 100 # # MaxJobs: maximum number of jobs to keep in memory (active and completed.) # Default is 500; the value 0 is used for no limit. # #MaxJobs 500 # # MaxJobsPerPrinter: maximum number of active jobs per printer. The default # is 0 for no limit. # #MaxJobsPerPrinter 0 # # MaxJobsPerUser: maximum number of active jobs per user. The default # is 0 for no limit. # #MaxJobsPerUser 0 # # MaxPrinterHistory: controls the maximum number of history collections # in the printer-state-history attribute. Set to 0 to disable history # data. # #MaxPrinterHistory 10 # # Printcap: the name of the printcap file. Default is /etc/printcap. # Leave blank to disable printcap file generation. # Printcap /etc/printcap # # PrintcapFormat: the format of the printcap file, currently either # BSD or Solaris. The default is "BSD". # #PrintcapFormat BSD #PrintcapFormat Solaris # # PrintcapGUI: the name of the GUI options panel program to associate # with print queues under IRIX. The default is "/usr/bin/glpoptions" # from ESP Print Pro. # # This option is only used under IRIX; the options panel program # must accept the "-d printer" and "-o options" options and write # the selected printer options back to stdout on completion. # #PrintcapGUI /usr/bin/glpoptions # # RequestRoot: the directory where request files are stored. # By default "/var/spool/cups". # #RequestRoot /var/spool/cups # # RemoteRoot: the name of the user assigned to unauthenticated accesses # from remote systems. By default "remroot". # #RemoteRoot remroot # # ServerBin: the root directory for the scheduler executables. # By default "/usr/lib/cups". # #ServerBin /usr/lib/cups # # ServerRoot: the root directory for the scheduler. # By default "/etc/cups". # #ServerRoot /etc/cups # # ServerTokens: specifies what information in provided in the Server # header of HTTP responses. The default is Minor. # # ServerTokens None # ServerTokens ProductOnly CUPS # ServerTokens Major CUPS/1 # ServerTokens Minor CUPS/1.1 # ServerTokens Minimal CUPS/1.1.23 # ServerTokens OS CUPS/1.1.23 (uname) # ServerTokens Full CUPS/1.1.23 (uname) IPP/1.1 # #ServerTokens Minor ######## ######## Fax Support ######## # # FaxRetryLimit: the number of times a fax job is retried. # The default is 5 times. # #FaxRetryLimit 5 # # FaxRetryInterval: the number of seconds between fax job retries. # The default is 300 seconds/5 minutes. # #FaxRetryInterval 300 ######## ######## Encryption Support ######## # # ServerCertificate: the file to read containing the server's certificate. # Defaults to "/etc/cups/ssl/server.crt". # #ServerCertificate /etc/cups/ssl/server.crt # # ServerKey: the file to read containing the server's key. # Defaults to "/etc/cups/ssl/server.key". # #ServerKey /etc/cups/ssl/server.key ######## ######## Filter Options ######## # # User/Group: the user and group the server runs under. Normally this # must be lp and sys, however you can configure things for another # user or group as needed. # # Note: the server must be run initially as root to support the # default IPP port of 631. It changes users whenever an external # program is run, or if the RunAsUser directive is specified... # #User lp #Group sys # # RIPCache: the amount of memory that each RIP should use to cache # bitmaps. The value can be any real number followed by "k" for # kilobytes, "m" for megabytes, "g" for gigabytes, or "t" for tiles # (1 tile = 256x256 pixels.) Defaults to "8m" (8 megabytes). # #RIPCache 8m # # TempDir: the directory to put temporary files in. This directory must be # writable by the user defined above! Defaults to "/var/spool/cups/tmp" or # the value of the TMPDIR environment variable. # #TempDir /var/spool/cups/tmp # # FilterLimit: sets the maximum cost of all job filters that can be run # at the same time. A limit of 0 means no limit. A typical job may need # a filter limit of at least 200; limits less than the minimum required # by a job force a single job to be printed at any time. # # The default limit is 0 (unlimited). # #FilterLimit 0 ######## ######## Network Options ######## # # Ports/addresses that we listen to. The default port 631 is reserved # for the Internet Printing Protocol (IPP) and is what we use here. # # You can have multiple Port/Listen lines to listen to more than one # port or address, or to restrict access: # # Port 80 # Port 631 # Listen hostname # Listen hostname:80 # Listen hostname:631 # Listen 1.2.3.4 # Listen 1.2.3.4:631 # # NOTE: Unfortunately, most web browsers don't support TLS or HTTP Upgrades # for encryption. If you want to support web-based encryption you'll # probably need to listen on port 443 (the "https" port...) # # NOTE 2: In order for the command-line and web interfaces to work, you # must have at least one Port or Listen line that allows access from the # local loopback address (localhost). # #Port 80 #Port 443 # # HostNameLookups: whether or not to do lookups on IP addresses to get a # fully-qualified hostname. This defaults to Off for performance reasons... # #HostNameLookups On # # KeepAlive: whether or not to support the Keep-Alive connection # option. Default is on. # #KeepAlive On # # KeepAliveTimeout: the timeout before Keep-Alive connections are # automatically closed. Default is 60 seconds. # #KeepAliveTimeout 60 # # MaxClients: controls the maximum number of simultaneous clients that # will be handled. Defaults to 100. # #MaxClients 100 # # MaxClientsPerHost: controls the maximum number of simultaneous clients that # will be handled from a specific host. Defaults to 10 or 1/10th of the # MaxClients setting, whichever is larger. A value of 0 specifies the # automatic (10 or 1/10th) setting. # #MaxClientsPerHost 0 # # MaxRequestSize: controls the maximum size of HTTP requests and print files. # Set to 0 to disable this feature (defaults to 0.) # #MaxRequestSize 0 # # Timeout: the timeout before requests time out. Default is 300 seconds. # #Timeout 300 ######## ######## Browsing Options ######## # # Browsing: whether or not to broadcast and/or listen for CUPS printer # information on the network. Enabled by default. # #Browsing On # # BrowseProtocols: which protocols to use for browsing. Can be # any of the following separated by whitespace and/or commas: # # all - Use all supported protocols. # cups - Use the CUPS browse protocol. # slp - Use the SLPv2 protocol. # # The default is "cups". # # NOTE: If you choose to use SLPv2, it is *strongly* recommended that # you have at least one SLP Directory Agent (DA) on your # network. Otherwise, browse updates can take several seconds, # during which the scheduler will not respond to client # requests. # #BrowseProtocols cups # # BrowseAddress: specifies a broadcast address to be used. By # default browsing information is not sent! # # Note: HP-UX does not properly handle broadcast unless you have a # Class A, B, C, or D netmask (i.e. no CIDR support). # # Note: Using the "global" broadcast address (255.255.255.255) will # activate a Linux demand-dial link with the default configuration. # If you have a LAN as well as the dial-up link, use the LAN's # broadcast address. # # The @LOCAL address broadcasts to all non point-to-point interfaces. # For example, if you have a LAN and a dial-up link, @LOCAL would # send printer updates to the LAN but not to the dial-up link. # Similarly, the @IF(name) address sends to the named network # interface, e.g. @IF(eth0) under Linux. Interfaces are refreshed # automatically (no more than once every 60 seconds), so they can # be used on dynamically-configured interfaces, e.g. PPP, 802.11, etc. # #BrowseAddress x.y.z.255 #BrowseAddress x.y.255.255 #BrowseAddress x.255.255.255 #BrowseAddress 255.255.255.255 #BrowseAddress @LOCAL #BrowseAddress @IF(name) # # BrowseShortNames: whether or not to use "short" names for remote printers # when possible (e.g. "printer" instead of "printer@host".) Enabled by # default. # #BrowseShortNames Yes # # BrowseAllow: specifies an address mask to allow for incoming browser # packets. The default is to allow packets from all addresses. # # BrowseDeny: specifies an address mask to deny for incoming browser # packets. The default is to deny packets from no addresses. # # Both "BrowseAllow" and "BrowseDeny" accept the following notations for # addresses: # # All # None # *.domain.com # .domain.com # host.domain.com # nnn.* # nnn.nnn.* # nnn.nnn.nnn.* # nnn.nnn.nnn.nnn # nnn.nnn.nnn.nnn/mm # nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm # @LOCAL # @IF(name) # # The hostname/domainname restrictions only work if you have turned hostname # lookups on! # #BrowseAllow address #BrowseDeny address # # BrowseInterval: the time between browsing updates in seconds. Default # is 30 seconds. # # Note that browsing information is sent whenever a printer's state changes # as well, so this represents the maximum time between updates. # # Set this to 0 to disable outgoing broadcasts so your local printers are # not advertised but you can still see printers on other hosts. # #BrowseInterval 30 # # BrowseOrder: specifies the order of BrowseAllow/BrowseDeny comparisons. # #BrowseOrder allow,deny #BrowseOrder deny,allow # # BrowsePoll: poll the named server(s) for printers # BrowsePoll 192.168.1.100 # # BrowsePort: the port used for UDP broadcasts. By default this is # the IPP port; if you change this you need to do it on all servers. # Only one BrowsePort is recognized. # #BrowsePort 631 # # BrowseRelay: relay browser packets from one address/network to another. # #BrowseRelay source-address destination-address #BrowseRelay @IF(src) @IF(dst) # # BrowseTimeout: the timeout for network printers - if we don't # get an update within this time the printer will be removed # from the printer list. This number definitely should not be # less the BrowseInterval value for obvious reasons. Defaults # to 300 seconds. # #BrowseTimeout 300 # # ImplicitClasses: whether or not to use implicit classes. # # Printer classes can be specified explicitly in the classes.conf # file, implicitly based upon the printers available on the LAN, or # both. # # When ImplicitClasses is On, printers on the LAN with the same name # (e.g. Acme-LaserPrint-1000) will be put into a class with the same # name. This allows you to setup multiple redundant queues on a LAN # without a lot of administrative difficulties. If a user sends a # job to Acme-LaserPrint-1000, the job will go to the first available # queue. # # Enabled by default. # #ImplicitClasses On # # ImplicitAnyClasses: whether or not to create "AnyPrinter" implicit # classes. # # When ImplicitAnyClasses is On and a local queue of the same name # exists, e.g. "printer", "printer@server1", "printer@server1", then # an implicit class called "Anyprinter" is created instead. # # When ImplicitAnyClasses is Off, implicit classes are not created # when there is a local queue of the same name. # # Disabled by default. # #ImplicitAnyCLasses Off # # HideImplicitMembers: whether or not to show the members of an # implicit class. # # When HideImplicitMembers is On, any remote printers that are # part of an implicit class are hidden from the user, who will # then only see a single queue even though many queues will be # supporting the implicit class. # # Enabled by default. # #HideImplicitMembers On ######## ######## Security Options ######## # # SystemGroup: the group name for "System" (printer administration) # access. The default varies depending on the operating system, but # will be "sys", "system", or "root" (checked for in that order.) # #SystemGroup sys # # RootCertDuration: How frequently the root certificate is regenerated. # Defaults to 300 seconds. # #RootCertDuration 300 # # Access permissions for each directory served by the scheduler. # Locations are relative to DocumentRoot... # # AuthType: the authorization to use: # # None - Perform no authentication # Basic - Perform authentication using the HTTP Basic method. # Digest - Perform authentication using the HTTP Digest method. # # (Note: local certificate authentication can be substituted by # the client for Basic or Digest when connecting to the # localhost interface) # # AuthClass: the authorization class; currently only "Anonymous", "User", # "System" (valid user belonging to group SystemGroup), and "Group" # (valid user belonging to the specified group) are supported. # # AuthGroupName: the group name for "Group" authorization. # # Order: the order of Allow/Deny processing. # # Allow: allows access from the specified hostname, domain, IP address, # network, or interface. # # Deny: denies access from the specified hostname, domain, IP address, # network, or interface. # # Both "Allow" and "Deny" accept the following notations for addresses: # # All # None # *.domain.com # .domain.com # host.domain.com # nnn.* # nnn.nnn.* # nnn.nnn.nnn.* # nnn.nnn.nnn.nnn # nnn.nnn.nnn.nnn/mm # nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm # @LOCAL # @IF(name) # # The host and domain address require that you enable hostname lookups # with "HostNameLookups On" above. # # The @LOCAL address allows or denies from all non point-to-point # interfaces. For example, if you have a LAN and a dial-up link, # @LOCAL could allow connections from the LAN but not from the dial-up # link. Similarly, the @IF(name) address allows or denies from the # named network interface, e.g. @IF(eth0) under Linux. Interfaces are # refreshed automatically (no more than once every 60 seconds), so # they can be used on dynamically-configured interfaces, e.g. PPP, # 802.11, etc. # # Encryption: whether or not to use encryption; this depends on having # the OpenSSL library linked into the CUPS library and scheduler. # # Possible values: # # Always - Always use encryption (SSL) # Never - Never use encryption # Required - Use TLS encryption upgrade # IfRequested - Use encryption if the server requests it # # The default value is "IfRequested". # <Location /> Order Deny,Allow Deny From All Allow From 127.0.0.1 </Location> #<Location /classes> # # You may wish to limit access to printers and classes, either with Allow # and Deny lines, or by requiring a username and password. # #</Location> #<Location /classes/name> # # You may wish to limit access to printers and classes, either with Allow # and Deny lines, or by requiring a username and password. # #</Location> #<Location /jobs> # # You may wish to limit access to job operations, either with Allow # and Deny lines, or by requiring a username and password. # #</Location> #<Location /printers> # # You may wish to limit access to printers and classes, either with Allow # and Deny lines, or by requiring a username and password. # #</Location> #<Location /printers/name> # # You may wish to limit access to printers and classes, either with Allow # and Deny lines, or by requiring a username and password. # ## Anonymous access (default) #AuthType None ## Require a username and password (Basic authentication) #AuthType Basic #AuthClass User ## Require a username and password (Digest/MD5 authentication) #AuthType Digest #AuthClass User ## Restrict access to local domain #Order Deny,Allow #Deny From All #Allow From .mydomain.com #</Location> <Location /admin> # # You definitely will want to limit access to the administration functions. # The default configuration requires a local connection from a user who # is a member of the system group to do any admin tasks. You can change # the group name using the SystemGroup directive. # AuthType Basic AuthClass System ## Restrict access to local domain Order Deny,Allow Deny From All Allow From 127.0.0.1 #Encryption Required </Location> # # End of "$Id: cupsd.conf.in,v 1.17 2005/01/03 19:29:45 mike Exp $". # # Lines below are automatically generated - DO NOT EDIT Browsing On BrowseProtocols cups BrowseOrder Deny,Allow BrowseAllow from @LOCAL Listen 127.0.0.1:631
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines