• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

Basic Master Cups Server and Clients Configuration for Browsing in CentOS/RHEL 7

by admin

The intention of this post is to explain how to perform basic configuration of CUPS server and Clients for browsing printers available over the network when this does not work properly on CentOS/RHEL 7.

CUPS Server Configuration

1. Check that cups packages are installed

# rpm -qa | grep cups
cups-client-1.6.3-35.el7.x86_64
cups-filesystem-1.6.3-35.el7.noarch
cups-filters-libs-1.0.35-22.el7.x86_64
cups-filters-1.0.35-22.el7.x86_64
cups-1.6.3-35.el7.x86_64
cups-libs-1.6.3-35.el7.x86_64
ghostscript-cups-9.07-28.el7_4.2.x86_64

if not available in the system then install it:

# yum install cups
Installed:
cups.x86_64 1:1.6.3-35.el7

Dependency Installed:
avahi-glib.x86_64 0:0.6.31-19.el7 bc.x86_64 0:1.06.95-13.el7 cairo.x86_64 0:1.14.8-2.el7
cups-client.x86_64 1:1.6.3-35.el7 cups-filesystem.noarch 1:1.6.3-35.el7 cups-filters.x86_64 0:1.0.35-22.el7
cups-filters-libs.x86_64 0:1.0.35-22.el7 fontconfig.x86_64 0:2.10.95-11.el7 fontpackages-filesystem.noarch 0:1.44-8.el7
ghostscript.x86_64 0:9.07-28.el7_4.2 ghostscript-cups.x86_64 0:9.07-28.el7_4.2 ghostscript-fonts.noarch 0:5.50-32.el7
jbigkit-libs.x86_64 0:2.0-11.el7 lcms2.x86_64 0:2.6-3.el7 libICE.x86_64 0:1.0.9-9.el7
libSM.x86_64 0:1.2.2-2.el7 libX11.x86_64 0:1.6.5-1.el7 libX11-common.noarch 0:1.6.5-1.el7
libXau.x86_64 0:1.0.8-2.1.el7 libXdamage.x86_64 0:1.1.4-4.1.el7 libXext.x86_64 0:1.3.3-3.el7
libXfixes.x86_64 0:5.0.3-1.el7 libXfont.x86_64 0:1.5.2-1.el7 libXrender.x86_64 0:0.9.10-1.el7
libXt.x86_64 0:1.1.5-3.el7 libXxf86vm.x86_64 0:1.1.4-1.el7 liberation-fonts-common.noarch 1:1.07.2-16.el7
liberation-mono-fonts.noarch 1:1.07.2-16.el7 libfontenc.x86_64 0:1.1.3-3.el7 libjpeg-turbo.x86_64 0:1.2.90-5.el7
libpng.x86_64 2:1.5.13-7.el7_2 libtiff.x86_64 0:4.0.3-27.el7_3 libusbx.x86_64 0:1.0.21-1.el7
libwayland-client.x86_64 0:1.14.0-2.el7 libwayland-server.x86_64 0:1.14.0-2.el7 libxcb.x86_64 0:1.12-1.el7
libxshmfence.x86_64 0:1.2-1.el7 mesa-libEGL.x86_64 0:17.2.3-8.20171019.el7 mesa-libGL.x86_64 0:17.2.3-8.20171019.el7
mesa-libgbm.x86_64 0:17.2.3-8.20171019.el7 mesa-libglapi.x86_64 0:17.2.3-8.20171019.el7 openjpeg-libs.x86_64 0:1.5.1-17.el7
pixman.x86_64 0:0.34.0-1.el7 poppler.x86_64 0:0.26.5-17.el7_4 poppler-data.noarch 0:0.4.6-3.el7
poppler-utils.x86_64 0:0.26.5-17.el7_4 qpdf-libs.x86_64 0:5.0.1-3.el7 urw-fonts.noarch 0:2.4-16.el7
xorg-x11-font-utils.x86_64 1:7.5-20.el7

Complete!

2. Start cups and cups-browsed services:

# systemctl enable cups
# systemctl start cups
# systemctl enable cups-browsed.service
# systemctl start cups-browsed.service

3. Edit the cups configuration file “/etc/cups/cupsd.conf” to allow other servers to connect to printers on this master server. The following is a cups configuration file from an CentOS/RHEL 7 server.

# grep -v '#' /etc/cups/cupsd.conf
MaxLogSize 0
LogLevel warn
Listen *:631
Listen /var/run/cups/cups.sock
Browsing On
BrowseLocalProtocols all
DefaultAuthType Basic
WebInterface Yes

<Location />
Order allow,deny
Allow all
</Location>

<Location /admin>
Order allow,deny
</Location>

<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>

<Policy default>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default

<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>

<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

<Limit All>
Order deny,allow
</Limit>
</Policy>

<Policy authenticated>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default

<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>

<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>

<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>

<Limit All>
Order deny,allow
</Limit>
</Policy>

To configure CUPS to listen on all network interfaces, change:

Listen localhost:631

to

Listen *:631

To configure cups to listen on specific network interface just use the IP address instead:

Listen 10.157.100.45:631

To allow clients on the same subnet where the master server is located add “Allow @LOCAL” to the bottom of the <Location /> stanza:

<Location />
# Allow shared printing
Order allow,deny
Allow @LOCAL
</Location>

but if we need all clients to access this master server use “Allow all” instead:

<Location />
# Allow shared printing
Order allow,deny
Allow all
</Location>

By default, cups configuration file is setup to send out broadcast packets with printer sharing information, make sure the following parameter exist on it.

Browsing On
BrowseLocalProtocols cups dnssd

If not needed set it to “Browsing Off“.

4. Start the avahi-daemon service. If not available then install it.

# yum -y install avahi
# systemctl enable avahi-daemon
# systemctl start avahi-daemon

Check that the server is now running properly

# systemctl status avahi-daemon
● avahi-daemon.service - Avahi mDNS/DNS-SD Stack
Loaded: loaded (/usr/lib/systemd/system/avahi-daemon.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2018-07-24 13:15:02 EDT; 3 days ago
Main PID: 635 (avahi-daemon)
Status: "avahi-daemon 0.6.31 starting up."
CGroup: /system.slice/avahi-daemon.service
├─635 avahi-daemon: running [gerald-vmol7.local]
└─646 avahi-daemon: chroot helper

Jul 24 13:15:01 ol7-master avahi-daemon[635]: Registering HINFO record with values 'X86_64'/'LINUX'.
Jul 24 13:15:01 ol7-master avahi-daemon[635]: Server startup complete. Host name is gerald-vmol7.local. Local service cookie is 3732296456.
Jul 24 13:15:02 ol7-master systemd[1]: Started Avahi mDNS/DNS-SD Stack.
Jul 24 13:15:07 ol7-master avahi-daemon[635]: Joining mDNS multicast group on interface eth0.IPv4 with address 10.157.10.122.
Jul 24 13:15:07 ol7-master avahi-daemon[635]: New relevant interface eth0.IPv4 for mDNS.
Jul 24 13:15:07 ol7-master avahi-daemon[635]: Registering new address record for 10.157.10.122 on eth0.IPv4.
Jul 24 13:15:09 ol7-master avahi-daemon[635]: Registering new address record for fe80::221:f6ff:feb0:3f6e on eth0.*.
Jul 24 13:15:13 ol7-master avahi-daemon[635]: Joining mDNS multicast group on interface virbr0.IPv4 with address 192.168.122.1.
Jul 24 13:15:13 ol7-master avahi-daemon[635]: New relevant interface virbr0.IPv4 for mDNS.
Jul 24 13:15:13 ol7-master avahi-daemon[635]: Registering new address record for 192.168.122.1 on virbr0.IPv4.

5. Start the cups-browsed service.

# systemctl enable cups-browsed
Created symlink from /etc/systemd/system/multi-user.target.wants/cups-browsed.service to /usr/lib/systemd/system/cups-browsed.service.
# systemctl start cups-browsed
Check that the service is now runnning
# systemctl status cups-browsed
● cups-browsed.service - Make remote CUPS printers available locally
Loaded: loaded (/usr/lib/systemd/system/cups-browsed.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2018-07-27 15:20:03 EDT; 2s ago
Main PID: 14388 (cups-browsed)
CGroup: /system.slice/cups-browsed.service
└─14388 /usr/sbin/cups-browsed 

Jul 27 15:20:03 ol7-master systemd[1]: Started Make remote CUPS printers available locally.
Jul 27 15:20:03 ol7-master systemd[1]: Starting Make remote CUPS printers available locally...

6. Start the cups service.

# systemctl start cups
 Check that the service is now running
# systemctl status cups
● cups.service - CUPS Printing Service
Loaded: loaded (/usr/lib/systemd/system/cups.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2018-07-27 15:20:03 EDT; 33s ago
Main PID: 14387 (cupsd)
CGroup: /system.slice/cups.service
└─14387 /usr/sbin/cupsd -f

Jul 27 15:20:03 ol7-master systemd[1]: Started CUPS Printing Service.
Jul 27 15:20:03 ol7-master systemd[1]: Starting CUPS Printing Service...

7. Either configure the firewall to allow outside access to port 631 and 5353 or stop it.

To add rule:

# iptables -A OUTPUT -p tcp -m tcp --dport 631 -j ACCEPT
# iptables -A INPUT -p tcp --dport 631 -j ACCEPT
# iptables -A OUTPUT -p tcp -m tcp --dport 5353 -j ACCEPT
# iptables -A INPUT -p tcp --dport 5353 -j ACCEPT

To stop firewall:

# systemctl stop firewalld
# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)

Jul 30 12:49:58 ol7-master systemd[1]: Starting firewalld - dynamic firewall daemon...
Jul 30 12:49:59 ol7-master systemd[1]: Started firewalld - dynamic firewall daemon.
Jul 30 12:54:48 ol7-master systemd[1]: Stopping firewalld - dynamic firewall daemon...
Jul 30 12:54:49 ol7-master systemd[1]: Stopped firewalld - dynamic firewall daemon.

8. Add the printer over CUPS web interface on the Master server:

Open a web browser, enter the URI in the following format “https://localhost:631/” and go to Administration tab. The IP or hostname of the Master cups server can be used instead.

In the Administration tab, choose ‘Add a New Printer’ and then select Other Network Printers: Internet Printing Protocol (http) used in our test case. Then hit Continue.

Enter the device URI on Connection box, like in the example bellow and then hit Continue.

Where “10.157.138.57” is the IP of the networked printer and 631 the port used by cups to establish the connection. Enter the corresponding information required about the printer like in the example below and click on Continue.

In the next page select the printer vendor or PPD (Postscript Printer Description) file if required and hit Add Printer

Finish the printer configuration with the respective settings.

9. Now check that printer is discovered on Master cups server

# lpstat -t
scheduler is running
no system default destination
device for TestPrinter08-SP5210SR: http://10.157.138.57:631/ipp/
device for TestPrinter09-SP5210SR: http://10.157.138.61:631/ipp/
TestPrinter08-SP5210SR accepting requests since Mon 30 Jul 2018 12:46:47 PM EDT
TestPrinter09-SP5210SR accepting requests since Mon 03 Sep 2018 03:53:53 PM EDT
printer TestPrinter08-SP5210SR is idle. enabled since Mon 30 Jul 2018 12:46:47 PM EDT
printer TestPrinter09-SP5210SR is idle. enabled since Mon 03 Sep 2018 03:53:53 PM EDT

Notice our recently added printer and previous printer discovered in the past

TestPrinter08-SP5210SR accepting requests since Mon 30 Jul 2018 12:46:47 PM EDT
TestPrinter09-SP5210SR accepting requests since Mon 03 Sep 2018 03:53:53 PM EDT

CUPS Client Configuration

1. Check that cups packages are installed

# rpm -qa | grep cups
cups-libs-1.6.3-35.el7.x86_64

If not installed proceed to install the package

# yum install cups-1.6.3-35
Installed:
cups.x86_64 1:1.6.3-35.el7

Dependency Installed:
avahi-glib.x86_64 0:0.6.31-19.el7 bc.x86_64 0:1.06.95-13.el7 cairo.x86_64 0:1.14.8-2.el7
cups-client.x86_64 1:1.6.3-35.el7 cups-filesystem.noarch 1:1.6.3-35.el7 cups-filters.x86_64 0:1.0.35-22.el7
cups-filters-libs.x86_64 0:1.0.35-22.el7 fontconfig.x86_64 0:2.10.95-11.el7 fontpackages-filesystem.noarch 0:1.44-8.el7
ghostscript.x86_64 0:9.07-28.el7_4.2 ghostscript-cups.x86_64 0:9.07-28.el7_4.2 ghostscript-fonts.noarch 0:5.50-32.el7
jbigkit-libs.x86_64 0:2.0-11.el7 lcms2.x86_64 0:2.6-3.el7 libICE.x86_64 0:1.0.9-9.el7
libSM.x86_64 0:1.2.2-2.el7 libX11.x86_64 0:1.6.5-1.el7 libX11-common.noarch 0:1.6.5-1.el7
libXau.x86_64 0:1.0.8-2.1.el7 libXdamage.x86_64 0:1.1.4-4.1.el7 libXext.x86_64 0:1.3.3-3.el7
libXfixes.x86_64 0:5.0.3-1.el7 libXfont.x86_64 0:1.5.2-1.el7 libXrender.x86_64 0:0.9.10-1.el7
libXt.x86_64 0:1.1.5-3.el7 libXxf86vm.x86_64 0:1.1.4-1.el7 liberation-fonts-common.noarch 1:1.07.2-16.el7
liberation-mono-fonts.noarch 1:1.07.2-16.el7 libfontenc.x86_64 0:1.1.3-3.el7 libjpeg-turbo.x86_64 0:1.2.90-5.el7
libpng.x86_64 2:1.5.13-7.el7_2 libtiff.x86_64 0:4.0.3-27.el7_3 libusbx.x86_64 0:1.0.21-1.el7
libwayland-client.x86_64 0:1.14.0-2.el7 libwayland-server.x86_64 0:1.14.0-2.el7 libxcb.x86_64 0:1.12-1.el7
libxshmfence.x86_64 0:1.2-1.el7 mesa-libEGL.x86_64 0:17.2.3-8.20171019.el7 mesa-libGL.x86_64 0:17.2.3-8.20171019.el7
mesa-libgbm.x86_64 0:17.2.3-8.20171019.el7 mesa-libglapi.x86_64 0:17.2.3-8.20171019.el7 openjpeg-libs.x86_64 0:1.5.1-17.el7
pixman.x86_64 0:0.34.0-1.el7 poppler.x86_64 0:0.26.5-17.el7_4 poppler-data.noarch 0:0.4.6-3.el7
poppler-utils.x86_64 0:0.26.5-17.el7_4 qpdf-libs.x86_64 0:5.0.1-3.el7 urw-fonts.noarch 0:2.4-16.el7
xorg-x11-font-utils.x86_64 1:7.5-20.el7

Complete!

2. Edit the configuration file /etc/cups/cups-browsed.conf and add the required configuration directives, some of the following are the ones available:

BrowsePoll
BrowseAllow
BrowseLocalProtocols
BrowseRemoteProtocols
BrowseProtocols

Prior to CentOS/RHEL 7, these directives were used under /etc/cups/cupsd.conf but on CentOS/RHEL 7 and latest these are no longer working on it but in the file /etc/cups/cups-browsed.conf. For more information about the available directives use the man pages of cups-browsed.conf, “# man cups-browsed.conf”.

# vi /etc/cups/cups-browsed.conf
<<< IN THIS TEST WE JUST ADDED BrowseAllow 10.157.10.122 IN WHICH THE IP IS OUR CUPS SERVER >>>
# cat /etc/cups/cups-browsed.conf | grep -v '#'  
BrowseRemoteProtocols dnssd cups
BrowseAllow 10.157.10.122

3. Start the cups service

# systemctl enable cups.service
# systemctl start cups.service

4. Start the avahi-daemon service. If not available then install it:

# yum -y install avahi
# systemctl enable avahi-daemon
# systemctl start avahi-daemon

5. Start the cups-browsed service

# systemctl enable cups-browsed
# systemctl start cups-browsed

6. Use lpstat command to test that browsing works as expected:

# lpstat -t
scheduler is running
no system default destination
device for TestPrinter08-SP5210SR: ipps://ol7-master.local:631/printers/TestPrinter08-SP5210SR
device for TestPrinter09-SP5210SR: ipps://ol7-master.local:631/printers/TestPrinter09-SP5210SR
TestPrinter08-SP5210SR accepting requests since Mon 03 Sep 2018 04:19:49 PM EDT
TestPrinter09-SP5210SR accepting requests since Mon 03 Sep 2018 04:19:49 PM EDT
printer TestPrinter08-SP5210SR is idle. enabled since Mon 03 Sep 2018 04:19:49 PM EDT
printer TestPrinter09-SP5210SR is idle. enabled since Mon 03 Sep 2018 04:19:49 PM EDT

or

# lpstat -v
device for TestPrinter08-SP5210SR: ipps://ol7-master.local:631/printers/TestPrinter08-SP5210SR
device for TestPrinter09-SP5210SR: ipps://ol7-master.local:631/printers/TestPrinter09-SP5210SR

For more information on lpstat refer to the man pages, “# man lpstat”. Now your CUPS master and client servers are configured and ready to use.

Filed Under: CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. Understanding the rc Scripts in Linux
  2. host: command not found
  3. snap Command Examples in Linux
  4. ifrename Command Examples in Linux
  5. pacstrap: command not found
  6. CentOS / RHEL 7 : Unable to start/enable iptables
  7. ceph: command not found
  8. kubectl: command not found
  9. lvremove Command Fails With Error “LVM – Can’t remove open logical volume”
  10. nautilus Command Examples in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • pw-cat Command Examples in Linux
  • pvs: command not found
  • pulseaudio: command not found
  • pulseaudio Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright