Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

System Administration Guide: Solaris Printing
Previous Next

Setting Up the Internet Printing Protocol

The IPP listening service provides an IPP network protocol service that enables print client systems a means of interacting with a print service on the system that is running the listener. This listener implements server-side IPP protocol support, which includes a broad set of standard operations and attributes. The listener is implemented on Solaris as an Apache module and a series of shared libraries containing IPP operation and wire support. The IPP software stack is installed when the Solaris OS is installed on the system. The listening service is an SMF service that depends on the print service to run. As a result, IPP is automatically enabled on a print server when the first print queue has been added . It is also disabled when the last print queue has been removed. If you make configuration changes, you will need to restart the listener. For more information, see How to Restart the IPP Network Listening Service.

The IPP listening service implementation is embedded under the Apache Web Server. The web server receives IPP operations through HTTP POST requests. When an HTTP POST request is received it is passed on to the Apache IPP module (mod_ipp.so). Based on configuration, the Apache Web Service might provide an authentication service and it might also use encryption between client and server. The listening service runs as it's own dedicated instance of Apache.

IPP support in the Solaris OS is split into server-side and client-side support. Both the server-side and client-side support share some common elements, as well as elements that are unique to the client or server operation. As a result, the IPP client and server components share a code base that implements these common elements. Table Table A-1 describes the components that make up IPP support in the Solaris OS.

Configuring IPP Server and Client Data

The Apache configuration for this web server instance runs as the lp print service user, which provides enough privileges to support all of the existing IPP operations, but limits access to print service specific resources. The listening service runs as its own web server instance, specifically configured to support IPP, which is intended to minimize potential security risks.

On the server-side, IPP configuration changes are made to the /etc/apache/httpd-standalone-ipp.conf file. On the client-side, IPP configuration changes are made to the /etc/printers.conf file.


Note - If you make any configuration changes, you need to restart the service to load the new configuration. For more information, see How to Restart the Print Scheduler.


The IPP listening service configuration file, /etc/apache/httpd-standalone-ipp.conf, is like any normal Apache 1.3 configuration file. The configuration files takes any Apache 1.3 configuration directives that you want to use.

The default configuration includes the following features:

  • Listening on port 631.

  • Loading of a minimal set of Apache modules.

  • Enabling all supported IPP operations at the /printers/ path, for example ipp://server/printers/, without requiring authentication.

The default operations that are enabled for/printers/ is limited to a set of operations that poses less of a security risk. However, all operations are enabled at the /admin/ path, for example ipp://server/admin/, with basic authentication required.

The mod_ipp Apache configuration options to choose from are:

  • ipp-conformance - Selects the level of protocol checking. The default is automatic, allowing maximum client interaction.

  • ipp-operation - Allows you to selectively enable or disable IPP operation support for one more IPP operations.

  • ipp-default-user - Selects the user name to use when contacting the local print service.

    The default is lp user, which allows for more functional proxying.

  • ipp-default-service - Selects the default print service where print requests are directed.

    The default is the lpsched daemon.

Conformance checking types are:

  • Automatic – Only check that the requested operation is supported by the protocol listener. (default)

  • 1.0 – Check that the request conforms to IPP, 1.0

  • 1.1 – Check that the request conforms to IPP, 1.1

IPP Keywords for Apache Web Server Configuration

The following syntax is used for the IPP operations keywords:

ipp-operation operation enable | disable

For more information about the IPP operation keywords that are used to configure the Apache Web Server, see IPP Operation Keywords.

How to Configure IPP Server Data

  1. Become superuser or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

  2. Open the /etc/apache/httpd-standalone-ipp.conf file in a text editor.
  3. Add the desired IPP server configuration data.

    For example:

    if mod_ipp is loaded User lp run as "lp"
    URI: ipp://{host]/printers/{queue}
    SetHandler application/ipp use mod_ipp for this location
    ipp-conformance strict enable strict protocol checking (default)
    ipp-operation all enable enable all supported operations

How to Configure IPP Client Data

Under PAPI support, the bsdaddr value (server,q) is converted to it's equivalent printer-uri-supported value (lpd://server/printers/q), when the printer-uri-supported value is missing from the printers database. However, in some situations, such as when there is a mix of client systems and the queue is on an IPP capable server, you might need to manually configure this data.

  1. Become superuser or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

  2. Open the /etc/printers.conf file in a text editor. Add the desired IPP client configuration data.

    For example:

    /etc/printers.conf:queue: \
        :bsdaddr=server,queue,Solaris: \
        :printer-uri-supported=ipp\://server/printers/queue:
See Also

For additional information about printing with IPP, Appendix A, Using the Internet Printing Protocol.

For more information about administering printers by using IPP, see Administering Printers by Using the Internet Printing Protocol (Task Map).

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire