Chapter 3. Granting administration permissions to manage a CUPS server in the web interface
By default, members of the
wheel groups can perform administration tasks in the web interface. However, certain other services use these groups as well. For example, members of the
wheel groups can, by default, execute commands with
root permissions by using
sudo. To avoid that CUPS administrators gain unexpected permissions in other services, use a dedicated group for CUPS administrators.
- CUPS is configured.
- The IP address of the client you want to use has permissions to access the administration area in the web interface.
Create a group for CUPS administrators:
# groupadd cups-admins
Add the users who should manage the service in the web interface to the
# usermod -a -G cups-admins <username>
Update the value of the
SystemGroupparameter in the
/etc/cups/cups-files.conffile, and append the
SystemGroup sys root wheel cups-admins
If only the
cups-admingroup should have administrative access, remove the other group names from the parameter.
# systemctl restart cups
Use a browser, and access
You can access the administration area in the web UI only if you use the HTTPS protocol.
Start performing an administrative task. For example, click
The web interface prompts for a username and password. To proceed, authenticate by using credentials of a user who is a member of the
If authentication succeeds, this user can perform administrative tasks.