How to prevent a user from adding or removing printers?

printing

How to prevent a user from adding or removing printers?


This could be done using a PolKit policy. There are a few printer-related Polkit actions:

$ pkaction | grep -i print
org.opensuse.cupspkhelper.mechanism.printer-enable
org.opensuse.cupspkhelper.mechanism.printer-local-edit
org.opensuse.cupspkhelper.mechanism.printer-remote-edit
org.opensuse.cupspkhelper.mechanism.printer-set-default
org.opensuse.cupspkhelper.mechanism.printeraddremove

The last one seems to be the most relevant. Create a .pkla file in /etc/polkit-1/localauthority/50-local.d named, say, disable-printer-change.pkla, containing:

[Printer addition, removal]
Identity=unix-user:geraldo
Action=org.opensuse.cupspkhelper.mechanism.printeraddremove
ResultAny=no
ResultInactive=no
ResultActive=no

Replace geraldo with the appropriate username. Wildcards are supported, and you can also use groups using unix-group:<group-name>.

Related

OKI B2540 - still doesn't print?
How to enhance my system boot up speed [duplicate]
Minecraft Setblock Lever - On Position
How do you hide usernames in Minecraft:PE?
Having trouble downloading the game
A Redstone Torch That Can Only Be Placed On Green Wool In Minecraft PE
Archive of the Titans Azerite trait stacking
Does the "Conquest of Jerusalem" triggered modifier still exist?
On what stages can I farm Lesser (**) Black Orbs?
I need help with /execute
Is it possible to reroll skin shards into a skin you already own?
How to remove uninstalled game from list of steam tray [closed]