Chapter 1. Installing and configuring CUPS
You can use CUPS to print from a local host. You can also use this host to share printers in the network and act as a print server.
Procedure
Install the
cups
package:# dnf install cups
If you configure a CUPS as a print server, edit the
/etc/cups/cupsd.conf
file, and make the following changes:If you want to remotely configure CUPS or use this host as a print server, configure on which IP addresses and ports the service listens:
Listen 192.0.2.1:631 Listen [2001:db8:1::1]:631
By default, CUPS listens only on
localhost
interfaces (127.0.0.1
and::1
). Specify IPv6 addresses in square brackets.ImportantDo not configure CUPS to listen on interfaces that allow access from untrustworthy networks, such as the internet.
Configure which IP ranges can access the service by allowing the respective IP ranges in the
<Location />
directive:<Location /> Allow from 192.0.2.0/24 Allow from [2001:db8:1::1]/32 Order allow,deny </Location>
In the
<Location /admin>
directive, configure which IP addresses and ranges can access the CUPS administration services:<Location /admin> Allow from 192.0.2.15/32 Allow from [2001:db8:1::22]/128 Order allow,deny </Location>
With these settings, only the hosts with the IP addresses
192.0.2.15
and2001:db8:1::22
can access the administration services.Optional: Configure IP addresses and ranges that are allowed to access the configuration and log files in the web interface:
<Location /admin/conf> Allow from 192.0.2.15/32 Allow from [2001:db8:1::22]/128 ... </Location> <Location /admin/log> Allow from 192.0.2.15/32 Allow from [2001:db8:1::22]/128 ... </Location>
If you run the
firewalld
service and want to configure remote access to CUPS, open the CUPS port infirewalld
:# firewall-cmd --permanent --add-port=631/tcp # firewall-cmd --reload
If you run CUPS on a host with multiple interfaces, consider limiting the access to the required networks.
Enable and start the
cups
service:# systemctl enable --now cups
Verification
Use a browser, and access
http://<hostname>:631
. If you can connect to the web interface, CUPS works.Note that certain features, such as the
Administration
tab, require authentication and an HTTPS connection. By default, CUPS uses a self-signed certificate for HTTPS access and, consequently, the connection is not secure when you authenticate.