1 | #!/bin/sh |
---|
2 | |
---|
3 | # Set the CUPS permissions such that anyone can add/remove jobs |
---|
4 | # from the queue for gutenbach. |
---|
5 | |
---|
6 | if [ -e /usr/lib/gutenbach/config/printername ]; then |
---|
7 | printername="$(cat /usr/lib/gutenbach/config/printername)" |
---|
8 | |
---|
9 | conffile="/etc/cups/cupsd.conf" |
---|
10 | mv "$conffile" "$conffile.gutenbach-orig" |
---|
11 | touch "$conffile" |
---|
12 | |
---|
13 | cat >> "$conffile" <<EOF |
---|
14 | # |
---|
15 | # This cupsd.conf was generated by the Gutenbach music spooler |
---|
16 | # |
---|
17 | |
---|
18 | # Log general information in error_log - change "info" to "debug" for |
---|
19 | # troubleshooting... |
---|
20 | LogLevel warning |
---|
21 | |
---|
22 | # Administrator user group... |
---|
23 | SystemGroup lpadmin |
---|
24 | Group audio |
---|
25 | |
---|
26 | Listen /var/run/cups/cups.sock |
---|
27 | Listen * |
---|
28 | |
---|
29 | ServerAlias * |
---|
30 | |
---|
31 | # Default authentication type, when authentication is required... |
---|
32 | DefaultAuthType Basic |
---|
33 | |
---|
34 | # Restrict access to the server... |
---|
35 | <Location /> |
---|
36 | Allow from All |
---|
37 | Order deny,allow |
---|
38 | </Location> |
---|
39 | |
---|
40 | # Restrict access to the admin pages... |
---|
41 | <Location /admin> |
---|
42 | Encryption Required |
---|
43 | Order deny,allow |
---|
44 | </Location> |
---|
45 | |
---|
46 | # Restrict access to configuration files... |
---|
47 | <Location /admin/conf> |
---|
48 | AuthType Default |
---|
49 | Require user @SYSTEM |
---|
50 | Order deny,allow |
---|
51 | </Location> |
---|
52 | |
---|
53 | # Set the default printer/job policies... |
---|
54 | <Policy default> |
---|
55 | # Job-related operations must be done by the owner or an administrator... |
---|
56 | <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job> |
---|
57 | Allow from All |
---|
58 | Order deny,allow |
---|
59 | </Limit> |
---|
60 | |
---|
61 | # All administration operations require an administrator to authenticate... |
---|
62 | <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> |
---|
63 | AuthType Default |
---|
64 | Require user @SYSTEM |
---|
65 | Order deny,allow |
---|
66 | </Limit> |
---|
67 | |
---|
68 | # All printer operations require a printer operator to authenticate... |
---|
69 | <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs> |
---|
70 | AuthType Default |
---|
71 | Require user @SYSTEM |
---|
72 | Order deny,allow |
---|
73 | </Limit> |
---|
74 | |
---|
75 | <Limit All> |
---|
76 | Order deny,allow |
---|
77 | </Limit> |
---|
78 | </Policy> |
---|
79 | |
---|
80 | <Location /printers/$printername> |
---|
81 | <Limit Cancel-Job Purge-Jobs CUPS-Authenticate-Job> |
---|
82 | Order deny,allow |
---|
83 | Allow from All |
---|
84 | </Limit> |
---|
85 | |
---|
86 | Order deny,allow |
---|
87 | Allow from All |
---|
88 | </Location> |
---|
89 | EOF |
---|
90 | |
---|
91 | /etc/init.d/cups reload |
---|
92 | |
---|
93 | else |
---|
94 | echo "Error: /usr/lib/gutenbach/config/printername does not exist" |
---|
95 | exit 1 |
---|
96 | fi |
---|