docker 运行cups 服务

标签：... deny AuthType user allow docker cups Order 运行

主要是一个简单测试，方便学习

环境准备

• docker-compose

version: "3"

services:

  cups:

    image: olbat/cupsd

    privileged: true

    ports:

      - "632:631"

    volumes:

      - ./cupsd.conf:/etc/cups/cupsd.conf

      - /var/run/dbus:/var/run/dbus

• 配置cupsd.conf

#

# Configuration file for the CUPS scheduler.  See "man cupsd.conf" for a

# complete description of this file.

#

 

# Log general information in error_log - change "warn" to "debug"

# for troubleshooting...

LogLevel warn

PageLogFormat

 

# Specifies the maximum size of the log files before they are rotated.  The value "0" disables log rotation.

MaxLogSize 0

 

# Default error policy for printers

ErrorPolicy retry-job

 

# Allow remote access

Listen *:631

ServerAlias * # 解决打开提示无效的问题，主要是主机解析问题

# Show shared printers on the local network.

Browsing Yes

BrowseLocalProtocols dnssd

 

# Default authentication type, when authentication is required...

DefaultAuthType Basic

DefaultEncryption IfRequested

 

# Web interface setting...

WebInterface Yes

 

# Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)

IdleExitTimeout 60

 

# Restrict access to the server...

<Location />

  Order allow,deny

  Allow all

</Location>

 

# Restrict access to the admin pages...

<Location /admin>

  Order allow,deny

  Allow all

</Location>

 

# Restrict access to configuration files...

<Location /admin/conf>

  AuthType Default

  Require user @SYSTEM

  Order allow,deny

  Allow all

</Location>

 

# Restrict access to log files...

<Location /admin/log>

  AuthType Default

  Require user @SYSTEM

  Order allow,deny

  Allow all

</Location>

 

# Set the default printer/job policies...

<Policy default>

  # Job/subscription privacy...

  JobPrivateAccess default

  JobPrivateValues default

  SubscriptionPrivateAccess default

  SubscriptionPrivateValues default

 

  # Job-related operations must be done by the owner or an administrator...

  <Limit Create-Job Print-Job Print-URI Validate-Job>

    Order deny,allow

  </Limit>

 

  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>

    Require user @OWNER @SYSTEM

    Order deny,allow

  </Limit>

 

  # All administration operations require an administrator to authenticate...

  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>

    AuthType Default

    Require user @SYSTEM

    Order deny,allow

  </Limit>

 

  # All printer operations require a printer operator to authenticate...

  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>

    AuthType Default

    Require user @SYSTEM

    Order deny,allow

  </Limit>

 

  # Only the owner or an administrator can cancel or authenticate a job...

  <Limit Cancel-Job CUPS-Authenticate-Job>

    Require user @OWNER @SYSTEM

    Order deny,allow

  </Limit>

 

  <Limit All>

    Order deny,allow

  </Limit>

</Policy>

 

# Set the authenticated printer/job policies...

<Policy authenticated>

  # Job/subscription privacy...

  JobPrivateAccess default

  JobPrivateValues default

  SubscriptionPrivateAccess default

  SubscriptionPrivateValues default

 

  # Job-related operations must be done by the owner or an administrator...

  <Limit Create-Job Print-Job Print-URI Validate-Job>

    AuthType Default

    Order deny,allow

  </Limit>

 

  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>

    AuthType Default

    Require user @OWNER @SYSTEM

    Order deny,allow

  </Limit>

 

  # All administration operations require an administrator to authenticate...

  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>

    AuthType Default

    Require user @SYSTEM

    Order deny,allow

  </Limit>

 

  # All printer operations require a printer operator to authenticate...

  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>

    AuthType Default

    Require user @SYSTEM

    Order deny,allow

  </Limit>

 

  # Only the owner or an administrator can cancel or authenticate a job...

  <Limit Cancel-Job CUPS-Authenticate-Job>

    AuthType Default

    Require user @OWNER @SYSTEM

    Order deny,allow

  </Limit>

 

  <Limit All>

    Order deny,allow

  </Limit>

</Policy>

 

# Set the kerberized printer/job policies...

<Policy kerberos>

  # Job/subscription privacy...

  JobPrivateAccess default

  JobPrivateValues default

  SubscriptionPrivateAccess default

  SubscriptionPrivateValues default

 

  # Job-related operations must be done by the owner or an administrator...

  <Limit Create-Job Print-Job Print-URI Validate-Job>

    AuthType Negotiate

    Order deny,allow

  </Limit>

 

  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>

    AuthType Negotiate

    Require user @OWNER @SYSTEM

    Order deny,allow

  </Limit>

 

  # All administration operations require an administrator to authenticate...

  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>

    AuthType Default

    Require user @SYSTEM

    Order deny,allow

  </Limit>

 

  # All printer operations require a printer operator to authenticate...

  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>

    AuthType Default

    Require user @SYSTEM

    Order deny,allow

  </Limit>

 

  # Only the owner or an administrator can cancel or authenticate a job...

  <Limit Cancel-Job CUPS-Authenticate-Job>

    AuthType Negotiate

    Require user @OWNER @SYSTEM

    Order deny,allow

  </Limit>

 

  <Limit All>

    Order deny,allow

  </Limit>

</Policy>

• 效果

默认有一个用户print，密码也是print

 

 

参考资料

https://github.com/olbat/dockerfiles/blob/master/cupsd/Dockerfile

标签：...,deny,AuthType,user,allow,docker,cups,Order,运行
From： https://www.cnblogs.com/rongfengliang/p/17320664.html