CTS 2301 (Unix/Linux Administration I) Project #8
Configuring Print Services

Setting up and maintaining a print service is a major task of a system administrator.  In some large organizations a full time printing administrator plans, configures, monitors, maintains, and troubleshoots the printing service, not to mention adding paper and toner when needed.  For background information on printing services see How Printing Works.  In this project you will set up your server to use the Windows networked printer located in the classroom as your server's default printer.

You will configure the CUPS print system on your server.  The default print system for some (older) Unix/Linux systems is LPR, LPRng, or SysV, and not CUPS (common Unix print system).  However, CUPS is the default on more modern Linux and Unix systems so that is the system you need to know.  A good source for documentation is www.cups.org.

In order to configure CUPS you will need to make sure the LPRng print system daemon (lpd) is configured not to start automatically in any run-level.  In addition the various print system commands (such as lpr) have two versions, lpr.LPRng and lpr.cups.  The commands such as lpr are really symlinks on Fedora, to one set of commands or the other.  By default on your system the links may refer to the LPRng set of commands rather than the CUPS versions.  If so this must be changed so that the various user and administrator commands refer to the CUPS versions.  Finally the CUPS print server cupsd must be set to start automatically in the standard run-levels, and must be manually turned on now (if not already running) in order to configure any printers.

To complete your printer setup you will need to gather information about the actual printer to be used, and any networking configuration information.

Printing should work using either the lpr command, a Printer icon on the desktop, or a print... menu choice from some GUI application.  The default printer name historically (that is, for lp and lpr systems) is lp, so you can name your printer that.  However you can have several names (aliases) for each printer, by modifying the printer configuration file (/etc/printcap for LPR, /etc/cups/* for CUPS) directly.  (The current version of CUPS doesn't allow this functionality from the GUI tool yet, but there are command line tools you can use, or other GUI tools.)  In CUPS, printer names are not case-sensitive, and can contain any characters except white-space.

Beside the GUI interface (and the Red Hat GUI printtool), the CUPS print system can be configured through a number of command line utilities.  Printers, classes, and servers can be managed with lpadmin.  (Note the older LPRng command lpc doesn't do much with CUPS, but is provided with limited functionality.)  System default options for printers can be set using lpadmin and lpoptions.  Note that regular users can also use lpoptions, to set their own options that over-ride the system defaults.  Finally printing can be configured by directly editing the configuration files, /etc/printcap (the configured printers database) and the CUPS configuration files in /etc/cups/*.  It is not recommended to edit these files directly, especially /etc/printcap, as these files are re-written when the various administration utilities are used.

This project can only be completed at HCC.  Although some time may be provided in class to work on this project, it is likely you will need to schedule extra time outside of class to come to HCC and complete the printing setup.  (Do not try to print anything when the class is working on something else!)

Many print servers use TCP, so your default firewall setup will work fine for that (allowing any outgoing TCP connection, and allowing the replies for open connections.)

A Windows print service may rely on some UDP services too, so to communicate with a Windows print server you may need to open additional firewall holes.  (You don't need to do this for our classroom setup, but you should understand how.)

iptables -I RH-Firewall-1-INPUT -p tcp -m tcp -​-dport 445 -j ACCEPT

-A RH-Firewall-1-INPUT -p tcp -m tcp -​-dport 445 -j ACCEPT

/etc/init.d/iptables restart

iptables -L -v -​-line-numbers

/etc/init.d/iptables stop

Using the standard CUPS GUI administration tool, the information in your textbook, and the configuration information provided below, create a default printer setup for your computer that will print to the HP laser printer in our classroom.

That printer is attached to a Windows server.  You could therefore use the SMB protocol (also known as CIFS) to connect to the Windows server.  In order to connect to the Windows server and use the printer, you would need to provide your HCC network username and password.  However this printer is networked, so we will bypass the Windows server and send print jobs to the printer directly.  Nonetheless, you will do some of the steps needed to setup for a Windows-attached printer, for the learning experience.

Answer all of the following questions, and perform the following tasks:

1. Check which, if any, print system is running on your system now.  Run the ps -ef.  Is either cupsd or lpd running now?  If lpd is running you must stop it.  (Note that Fedora 10 and newer uses CUPS and not lprNG.)  Exactly what command did you use to stop this service?
2. In which run-levels (if any) are lpd and CUPS services configured to start automatically?  Use the chkconfig command to find out; if using systemd, find the cups.service file and look in the “[Install]” section for the value of the “WantedBy” directive.
3. If necessary, update the configuration of CUPS to start automatically in all standard run-levels.  Use chkconfig to do this.  In which run-levels is CUPS now configured to start?
4. If your system is configured to run a different print system such as LPRng you must turn that off and switch to using CUPS.
   Show/Hide LPR-to-CUPS directions (+/-)
   1. The standard command line printing utilities such as /usr/bin/lpr and others are actually symlinks (or symbolic links or soft links).  The reason is that there are often two versions of these commands, one set for the LPRng print system and one for the CUPS print system.  To facilitate the switching from one system to another Red Hat (including Fedora) has adopted the alternatives system.  For example the lpr symlink points to another symlink, /etc/alternatives/print, which in turn points to either /usr/bin/lpr.LPRng or to /usr/bin/lpr.cups.  What is the ultimate command (e.g., non-symlink) executed on your system now for the /usr/bin/lpr command?
   2. If needed you must switch the links from LPRng to CUPS.  To switch all the printing related symlinks at once you should use the alternatives --config print command.  Here's a sample session:
      

      [root@YborStudent root]# cd /etc/alternatives
      [root@YborStudent alternatives]# ls -l print
      lrwxrwxrwx    1 root     root           17 Apr 10  2003 print -> /usr/bin/lpr.LPRng
      [root@YborStudent alternatives]# alternatives --config print
      
      There are 2 programs which provide 'print'.
      
       Selection    Command
      -----------------------------------------------
        1           /usr/bin/lpr.cups
      *+ 2           /usr/bin/lpr.LPRng
      
      Enter to keep the default[*], or type selection number: 1
      [root@YborStudent alternatives]# ls -l print
      lrwxrwxrwx    1 root     root           17 Nov  6 19:09 print -> /usr/bin/lpr.cups
      [root@YborStudent alternatives]# 
      

5. Next you must determine how you will connect to the printer.  In real life this can be a direct connection (e.g., using a cable from the printer directly to a parallel port on your host, usually /dev/lp0), or by forwarding the print job to another print server that manages the printer (this may be a Windows/SMB/CIFS print service, a CUPS service, or something else).

   In some cases the printer contains its own internal printer server; this is called a networked printer.  Many Hewlett-Packard (HP) models contain a print server known as a Jet Direct card.  CUPS can control local printers and talk to remote print servers to forward print jobs, but it will need the correct driver to talk to that printer.  CUPS calls these drivers back-ends.  You need to determine how your host will communicate to the printer or remote print server, and make certain the correct back-end is installed.

   Fortunately for you the current version of CUPS pre-installs many commonly used back-ends for you.  However you still need to know which back-end to use.

   Show/Hide SMB back-end setup directions (+/-)

   In order for CUPS to be able to use Samba's SMB to communicate with Windows servers, you must verify the smb backend for CUPS is installed.  Run the command ls /usr/lib/cups/backend.  Which backends is your version of CUPS configured to use?  If smb is not listed you must add it by running the following commands:

   which smbspool  # This command verifies you have samba installed on
                   # your system.  If this doesn't locate the file you
                   # must install the samba packages before proceeding.
   ln -s `which smbspool` /usr/lib/cups/backend/smb
   

6. Your system is now set to use CUPS the next time you boot.  But before you can proceed to configure and use printing you must turn on CUPS print service now, which can be done without rebooting.  What command did you use?  Run the ps -ef again.  Is CUPS running?  (Look for the actual command of cupsd.)  Examine the system log with the command tail -50 /var/log/messages.  What messages (if any) appear related to printing?

Previously this printer was managed by a Windows print server called dmtec2.  In January 2007 the printer in DTEC-461 was moved to a new subnet (i.e., network LAN).  While in theory it is still possible to connect via Samba and the dmtec2 Windows print server, in practice the firewall between dmtec2 and our classroom LAN makes such access difficult from our classroom.  Fortunately it is possible to connect directly to the printer, so that's what you will do for this project.

But how to connect?  It would depend on the type of print server installed in that printer (if any) and it's configuration.  It is useful to know how to figure out this sort of information, as this type of situation occurs more frequently than you might suspect.

7. Make a visual inspection of the printer in the classroom .

   A physical examination of this printer should tell you:

   • It is an HP LaserJet, model P4015tn.
   • It has an Ethernet cable sticking out the back rather than a serial, USB, or other direct connect cable.  (This implies this is a networked printer, but that is not guaranteed.)
   • The front panel shows PCL, so this printer supports PCL.  (A PostScript printer would be your default guess, especially if the LCD display shows PostScript or PS.  Even if nothing showed you can guess PostScript first and if that doesn't work try PCL next.)
   • There are some buttons on the front panel.  It is likely that one of them will cause the printer to print a page with useful information.  Reading the manual for this model printer tells us you can do this by printing a Configuration page (which will include the printer's IP address).  At the product control panel, press Menu, Then press the down-arrow to highlight INFORMATION and then press OK.  Press the down-arrow to highlight PRINT CONFIGURATION and then press OK.
8. Print a configuration page using the above method.  Examine these pages to determine:
   • What (if any) is the IP address of this printer?
   • Does this printer support PostScript?
   • How many pages have been printed on this printer?
9. To start with we only know the IP address of this printer.  The first step should be to verify that IP address (that is, verify you can access the printer from your host), and to see which network ports are accepting connections.  The port numbers of open ports will indicate which types of print servers (if any) are available on this printer.

   After making sure the printer is powered on, run nmap Printer's IP address.  (You may have to install nmap first.  An easy way would be yum install nmap.)  What port(s) are open on the printer?

10. Next you must determine what type of print server is available, by looking up the port number(s) to see which service(s) they represent.  This can be done with grep for the port numbers on the file /etc/services.  You can also Google for information with a query similar to port number 12345.  What type of print servers are available (if any) on this printer?
11. This information is needed to pick the appropriate backend when configuring CUPS: LPR, LPRng, CUPS (which uses IPP), SMB (CIFS), Netware print service, JetDirect, etc.  If more than one protocol is supported you need to choose one supported by CUPS.  Which backend will you use for this printer?  (There is no one answer for this; you can use any print service that is supported by both the printer and your print server (CUPS).  I used the JetDirect protocol myself but you can try the others if you wish.)

Now configure the printer and print a test page, using the following steps.  (See the Troubleshooting Hints below if you have a problem.)

12. To start the CUPS GUI configuration utility, launch a web browser (such as Firefox, Opera, or Konqueror).  Enter the URL http://localhost:631/.  Do not use the Red Hat printer configuration tools.  What version of CUPS is installed?  (HINT:  Click the Help button for on-line documentation.)
13. In the screen that first appears, click on the Printers tab to view the screen that shows your configured printers.  This should show No printers for now.
14. Click on the Administration tab, then click the Add Printer button to begin a wizard to add a printer.  Note you will need to provide the root password for your system to configure printing.
15. You will be guided to enter lots of information on several pages, including the backend to use, the protocol data (including any required username and password), a printer name, location, and description.  (Use the information provided below when entering this information.)  The order that you are asked for this information varies with the version of CUPS you use.
16. On one screen you will choose the Device for your printer:  a serial port, a parallel (printer) port, an LPR networked connection, a USB port, etc.  You can select only the devices for which you have a backend installed.  Scroll through the list that appears and you should see a choice for the type of print server controlling the printer.  (If it doesn't appear on your system, make sure networking is up and running!)  enter the device for the protocol you decided to use (from among the ones supported by the printer).
17. Another screen asks for the URI (similar to a URL).  For example, if using the SMB backend/protocol (and you're not), this URI would be of the form: smb://username:password@domain/server/share where the username and password are your valid HCC network user ID and password.  The remaining parts of the URI can be found in the table provided below.  For a JetDirect print server at IP address 1.2.3.4 the correct back-end is called AppSocket/HP JetDirect, and the correct URI is socket://1.2.3.4 or socket://1.2.3.4:9100.  What URI did you use?
18. On the last screens enter the make and model of the printer.  That will select the appropriate PPD file to use.  (Fedora 12 ships with a large set of PPD files.)  Which PPD files (print drivers) shown on the list would consider as possible PPDs to use for the current classroom printer?
19. Previously we had an ancient LaserJet III Si.  Some work with Google and the HP website tells us this is a long discontinued printer.  In fact CUPS doesn't include a PPD (driver) for it anymore.  Worse, the only PPD drivers for this printer that are readily available appear to be commercial (not for free).

    If you try to use a printer unsupported with the current version of CUPS, you can find an different installation of CUPS you may be able to copy the PPD file needed.  (You can try to find a free one on the Internet using Google; maybe you'll have more luck than I did!)  If no exact matching PPD file is available you need to use the nearest match.  Which PPD files (print drivers) show on the list that you would consider as possible PPDs to use for a LaserJet III Si printer?  (Don't forget to consider the non-HP generic PPD files available, such as one for any PostScript 3 printer or for any PCL 6 printer.)

    Of course the real answer is not to use a 15+ year old printer, or to pay for the correct PPD, or to write (or hire a consultant to write) a custom PPD.  If no models listed seem a reasonable choice, choose a generic PostScript printer.

20. When finished with the CUPS setup, try to print a test page from CUPS, using the command in the Maintenance drop-down list of commands that shows on the printer page.  (Make sure no one else is using the printer when you try this!)  If this fails to work, modify the printer by choosing a different PPD file.  Which PPD file did you ultimately use?  (Please recycle any extra used paper!)
21. Log in with your regular user (non-root) account.  (Remember you can simply switch to a virtual console for this!)  Use the lpr command to print a copy of your system's /etc/passwd file.  You can use the pr command to format the printing of the /etc/passwd file, including a page header with the date and your name in it.  You can either pipe the output of pr into lpr, or use special lpr options to set a header.  See the lpr and pr man pages for details.  What error message(s) did you get when you tried this?
22. The reason the previous step results in an error is that you haven't yet set a default printer to use.  Try printing again, this time using the correct command line option to select your printer.  What was the exact command line you used?
23. Now set your printer as your (not system wide, just your non-root login user account) default printer.  That and other default settings can be set using the lpoptions command.  What was the exact command used to set your default printer?  In what file is that option recorded?
24. Finally, set a system-wide default printer.  While you could do that from the command line using lpoptions (changes made using this command as root don't set the root user's defaults but the system-wide defaults), go back to the CUPS web page, select your printer from the Printers tab, and make it the default using the Administration drop-down list of commands.  What file gets modified when you set system-wide CUPS defaults this way?  Verify the default works by printing something.  (As before, make sure no one else is printing when you try this, and remember to recycle and not discard used paper.)

The last step is to determine a maintenance schedule, and to order the correct supplies (replacement parts for the printer elements that wear out after a certain number of pages have been printed, toner, cleaning supplies, etc.) in a timely fashion.

25. Find the user manual for this printer.  If you can't locate one, you will need to use on-line information found with Google.  (If you can't find the data for some old printer, you should locate data for a similar model and use that.)  What Google search term(s) did you use?

    After trying to locate the information you may come to the Hewlett-Packard support site for this printer.  You should be able to find manuals describing the use and setup of the printer, and maintenance information.

26. What element(s) of this printer need to be replaced?  How many pages can be printed before those element(s) need to be replaced?  (Assume you can't replace the whole printer. :-)
27. Next determine when you need to replace those elements.  You can assume the printer was purchased new in 2008.  Given the age of the printer and the current page count, and the number of pages until the element(s) need to be replaced, estimate how many months before the printer is due for such replacement service.  (Assume the printer had correct service in the past.)
28. Now go back to Google and determine where the replacement element(s) can be obtained and what they will cost.  Where can you obtain printer parts and supplies (such as toner) for this printer?  (You only need to list one source, but a better procedure is to fine three or more reliable sources and compare prices and services.  One way to determine good vendors is to use BizRate.com.)

A printout of the CUPS test page that you produced, a printout of your /etc/passwd file, and a printout of your system journal entries describing in detail the printing setup on your system and the answers to the questions above.  Make sure your name is clearly printed at the top of each page and remember to staple all the pages together.

You can submit project questions to .  Please see your syllabus for more information about submitting projects.

Make sure no one else is printing a test page at the same time you are, since there is no way to tell whose setup worked and whose didn't when only one page prints!

If you ever need to use the SMB protocol to print to a Windows print server (and you won't for this project), you will not need to start the Samba daemon.  The Samba server is used to make your Linux system appear in the Network Neighborhood of other computers, as if it were another Windows server.  You don't need the server on the local system to be running to use SMB or the Samba client tools to print to a Windows server.  (You only would need this if you wanted to offer print services to Windows users.)

Be careful when entering in the information, it is easy to make a typo when entering the URIs.  One common problem is using the wrong type of slash (use forward slashes (/) not backslashes).  Some problems that can occur if using SMB include using a Windows account that was never activated (or that has been deactivated), using the wrong Windows password, using a Windows password that contains special characters (shell metacharacters such as *, ?, \, !, $, ', ", a space, etc.), and using a password that is too long.

To print to an HCC Windows printer you will need a valid HCC Windows network username and password.  You can learn your HCC network ID by using WebAdvisor.  Even if you are certain your HCC network ID and password are fine, you should walk to the open lab and attempt to log in using that username and password on one of the Windows computers.  If you have any problems with your HCC ID, consult with a lab tech.

A Windows Share name is the unique UNC (Universal Naming Convention) name of a shared resource such as a printer, in the form //server_name/printer_name or (as in our case) //domain_name/server_name/printer_name.

If the correct printer driver is selected the resulting printout should appear fine for either text or PostScript.  However your version of CUPS may not ship with the exact printer driver for some printer models.  To fix this you can upgrade the printing packages on your system which will (hopefully) include the correct printer driver.  If you can't find the one you need, experiment a bit with printer drivers for similar printers.  You will usually find one that works pretty well.  If all else fails you can use the generic PostScript or PCL printer.

If the first driver you select doesn't work and you go to change it, Using the standard CUPS GUI tool you must go through the wizard again.  All the old information is preserved so all you need to is to click continue at each step, until you come to the driver choice (where you will make a new selection).  However, for security reasons the username and password don't appear in the displayed URI.  I've learned that if you just click continue to get to the driver selection page, the information that is showing replaces the information that was stored.  In short, the username and password will vanish if you just hit continue on that page!  The fix is easy, just re-enter your username and password into the URI that shows.

If all else fails, after attempting to print a test page check the log files for errors, especially /var/log/cups/error.log.

In the table below is the specific information needed to configure a printer on Linux for remote printing to the printer in room 461.  This printer is attached to a Windows server.  To use the Windows print server, you would need to use Samba and your HCC network user ID and password to use this printer via the Windows print server.  However it is not necessary to use that Windows print server; you can print directly to the printer.  But if multiple hosts print to the printer at the same time, it is difficult to know who printed what.

Most of the information used is case-sensitive, so be sure to enter it exactly as shown.  Some of the data in the table (shown in gray) would only be needed to connect to a Windows print server, and is for informational use only.