Search

Chapter 1. Installing and configuring CUPS

download PDF

You can use CUPS to print from a local host. You can also use this host to share printers in the network and act as a print server.

Procedure

  1. Install the cups package:

    # dnf install cups
  2. If you configure a CUPS as a print server, edit the /etc/cups/cupsd.conf file, and make the following changes:

    1. If you want to remotely configure CUPS or use this host as a print server, configure on which IP addresses and ports the service listens:

      Listen 192.0.2.1:631
      Listen [2001:db8:1::1]:631

      By default, CUPS listens only on localhost interfaces (127.0.0.1 and ::1). Specify IPv6 addresses in square brackets.

      Important

      Do not configure CUPS to listen on interfaces that allow access from untrustworthy networks, such as the internet.

    2. Configure which IP ranges can access the service by allowing the respective IP ranges in the <Location /> directive:

      <Location />
        Allow from 192.0.2.0/24
        Allow from [2001:db8:1::1]/32
        Order allow,deny
      </Location>
    3. In the <Location /admin> directive, configure which IP addresses and ranges can access the CUPS administration services:

      <Location /admin>
        Allow from 192.0.2.15/32
        Allow from [2001:db8:1::22]/128
        Order allow,deny
      </Location>

      With these settings, only the hosts with the IP addresses 192.0.2.15 and 2001:db8:1::22 can access the administration services.

    4. Optional: Configure IP addresses and ranges that are allowed to access the configuration and log files in the web interface:

      <Location /admin/conf>
        Allow from 192.0.2.15/32
        Allow from [2001:db8:1::22]/128
        ...
      </Location>
      
      <Location /admin/log>
        Allow from 192.0.2.15/32
        Allow from [2001:db8:1::22]/128
        ...
      </Location>
  3. If you run the firewalld service and want to configure remote access to CUPS, open the CUPS port in firewalld:

    # firewall-cmd --permanent --add-port=631/tcp
    # firewall-cmd --reload

    If you run CUPS on a host with multiple interfaces, consider limiting the access to the required networks.

  4. Enable and start the cups service:

    # systemctl enable --now cups

Verification

  • Use a browser, and access http://<hostname>:631. If you can connect to the web interface, CUPS works.

    Note that certain features, such as the Administration tab, require authentication and an HTTPS connection. By default, CUPS uses a self-signed certificate for HTTPS access and, consequently, the connection is not secure when you authenticate.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.