How can I enable remote access to the Admin page in CUPS

What I would do is at the following block below the </Policy> tag:

<Location />
    Order allow,deny
    Allow localhost
    Allow from 192.168.0.*
    Allow from 10.0.*.*
</Location>

Listen 0.0.0.0:631

For admin access specifically, the vanilla config normally has:

<Location /admin/conf>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
</Location>

In order to create a suitable user account, you just need to create a user that is a member of the lpadmin group (I would recommend you do require some kind auth for the admin section): sudo useradd -g lpadmin cupsadmin, then set a password.

See also https://askubuntu.com/questions/387217/cups-admin-user-and-password-saucy

Update: The below should work as a starting point to also happens to fix the issue originally raise by @DavidGatti - it isn't as complete/granular as the original config, but the policy config can be re-added.

This config does however do away with using @SYSTEM user, and instead will accept any 'local', valid user. The use-case for the config is running CUPS in a docker container, so it seemed best to avoid requiring anything 'special', beyond a user with a password, to provide admin access to CUPS. 

# Disable cups internal logging - use logrotate instead
MaxLogSize 0

# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
#PageLogFormat

Listen /run/cups/cups.sock
Listen 0.0.0.0:631
Port 631

# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols dnssd

# Default authentication type, when authentication is required...
DefaultAuthType Basic

# Web interface setting...
WebInterface Yes

# Restrict access to the server...
# This config allow anyone access to the WUI
<Location />
  Order allow,deny
  Allow all
</Location>

# Restrict access to the admin pages...
# Allows anyone to try and access admin pages.
# Any local user's credentials will be accepted
<Location /admin>
  AuthType Basic
  Require valid-user
  Allow all
  Order allow,deny
</Location>

# Restrict access to configuration files...
# Any local user's credentials will be accepted
<Location /admin/conf>
  AuthType Basic
  Require valid-user
  Allow all
  Order allow,deny
</Location>

# Restrict access to log files...
# Any local user's credentials will be accepted
<Location /admin/log>
  AuthType Basic
  Require valid-user
  Allow all
  Order allow,deny
</Location>

Browsing On

You might also find some decent pointers in How to configure cups to allow remote printing with authentication and local printing without?

Tags:

Cups

Recent Posts