CUPS in Fedora 35

maverickofsurrey · December 5, 2021, 9:01pm

The Lynis security audit tool has flagged up the following:

Check CUPS configuration if it really needs to listen on the network

The online note states: “Adjust the line stating “Listen” in the cupsd.conf file. Alter it so it only listens on the localhost interface, if appropriate. Listen localhost:631”.

The cupsd.conf file on my system has:

Listen localhost:631

Listen /run/cups/cups.sock

Is the flagging up by Lynis valid?

computersavvy · December 5, 2021, 9:36pm

That appears to be a point where lynis has not kept up with systemd.
/run/cups/cups.sock is a valid socket for cups to use

# lsof /run/cups/cups.sock 
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.
lsof: WARNING: can't stat() fuse.portal file system /run/user/1000/doc
      Output information may be incomplete.
COMMAND  PID USER   FD   TYPE             DEVICE SIZE/OFF  NODE NAME
systemd    1 root  214u  unix 0x00000000b7450be9      0t0 18376 /run/cups/cups.sock type=STREAM (LISTEN)
cupsd   1397 root    3u  unix 0x00000000b7450be9      0t0 18376 /run/cups/cups.sock type=STREAM (LISTEN)

Topic		Replies	Views
Selinux help me deal with it Ask Fedora f35 , selinux	8	1523	January 20, 2022
Setting up a print server Ask Fedora	1	441	July 23, 2019
Lynis suggestions Ask Fedora	3	1150	October 4, 2022
Getting Fedora 32 duplicate HP network printer & scanner Ask Fedora f32 , gnome	6	656	July 21, 2020
My desktop is crashing with some applications Ask Fedora wayland , gnome	14	934	January 6, 2023

CUPS in Fedora 35

Listen /run/cups/cups.sock

Related Topics