4 .\" cupsd.conf man page for CUPS.
6 .\" Copyright 2007-2014 by Apple Inc.
7 .\" Copyright 1997-2006 by Easy Software Products.
9 .\" These coded instructions, statements, and computer programs are the
10 .\" property of Apple Inc. and are protected by Federal copyright
11 .\" law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 .\" which should have been included with this file. If this file is
13 .\" file is missing or damaged, see the license at "http://www.cups.org/".
15 .TH cupsd.conf 5 "CUPS" "28 March 2014" "Apple Inc."
17 cupsd.conf \- server configuration file for cups
21 file configures the CUPS scheduler,
23 It is normally located in the
25 directory. \fBNote:\fR File, directory, and user configuration directives that used to be allowed in the \fIcupsd.conf\fR file are now stored in the \fIcups-files.conf(5)\fR instead in order to prevent certain types of privilege escalation attacks.
27 Each line in the file can be a configuration directive, a blank line, or a comment. Comment lines start with the # character. The configuration directives are intentionally similar to those used by the popular Apache web server software and are described below.
28 .SH TOP-LEVEL DIRECTIVES
29 The following directives are understood by
31 Consult the online help (http://localhost:631/help) for detailed descriptions:
35 AccessLogLevel actions
38 Specifies the logging level for the AccessLog file.
44 Specifies whether to purge job history data automatically when
45 it is no longer required for quotas.
47 BrowseLocalProtocols [
52 Specifies the protocols to use for local printer sharing.
58 Specifies whether the CUPS web interface is advertised via DNS-SD.
64 Specifies whether or not shared printers should be advertised.
68 Specifies the security classification of the server.
74 Specifies whether to allow users to override the classification
75 of individual print jobs.
79 DefaultAuthType Negotiate
81 Specifies the default type of authentication to use.
83 DefaultEncryption Never
85 DefaultEncryption IfRequested
87 DefaultEncryption Required
88 Specifies the type of encryption to use for authenticated requests.
90 DefaultLanguage locale
91 Specifies the default language to use for text and web content.
97 DefaultPaperSize sizename
98 Specifies the default paper size for new print queues. "Auto" uses a locale-
99 specific default, while "None" specifies there is no default paper size.
101 DefaultPolicy policy-name
102 Specifies the default access policy to use.
107 Specifies whether local printers are shared by default.
109 DirtyCleanInterval seconds
110 Specifies the delay for updating of configuration and state files. A value of 0
111 causes the update to happen as soon as possible, typically within a few
115 Specifies the maximum cost of filters that are run concurrently.
117 FilterNice nice-value
118 Specifies the scheduling priority ("nice" value) of filters that
119 are run to print a job.
122 Specifies the service name when using Kerberos authentication. The default
123 service name is "http".
129 HostNameLookups Double
130 Specifies whether or not to do reverse lookups on client addresses.
133 Includes the named file.
136 Specifies the number of seconds to wait before killing the filters and backend
137 associated with a canceled or held job.
139 JobRetryInterval seconds
140 Specifies the interval between retries of jobs in seconds.
143 Specifies the number of retries that are done for jobs.
148 Specifies whether to support HTTP keep-alive connections.
150 KeepAliveTimeout seconds
151 Specifies the amount of time that connections are kept alive.
153 <Limit operations> ... </Limit>
154 Specifies the IPP operations that are being limited inside a policy.
156 <Limit methods> ... </Limit>
158 <LimitExcept methods> ... </LimitExcept>
159 Specifies the HTTP methods that are being limited inside a location.
162 Specifies the maximum size of any print job request.
164 Listen ip-address:port
168 Listen /path/to/domain/socket
169 Listens to the specified address and port or domain socket path.
171 <Location /path> ... </Location>
172 Specifies access control for the named location.
174 LogDebugHistory #-messages
175 Specifies the number of debugging messages that are logged when an error
176 occurs in a print job.
197 Specifies the logging level for the ErrorLog file.
199 LogTimeFormat standard
202 Specifies the format of the date and time in the log files.
205 Specifies the maximum number of simultaneous clients to support.
207 MaxClientsPerHost number
208 Specifies the maximum number of simultaneous clients to support from a
212 Specifies the maximum number of copies that a user can print of each job.
215 Specifies the maximum time a job may remain in the "indefinite" hold state
216 before it is canceled. Set to 0 to disable cancellation of held jobs.
219 Specifies the maximum number of simultaneous jobs to support.
221 MaxJobsPerPrinter number
222 Specifies the maximum number of simultaneous jobs per printer to support.
224 MaxJobsPerUser number
225 Specifies the maximum number of simultaneous jobs per user to support.
228 Specifies the maximum time a job may take to print before it is canceled. The
229 default is 10800 seconds (3 hours). Set to 0 to disable cancellation of "stuck"
232 MaxLogSize number-bytes
233 Specifies the maximum size of the log files before they are
234 rotated (0 to disable rotation)
236 MaxRequestSize number-bytes
237 Specifies the maximum request/file size in bytes (0 for no limit)
239 MultipleOperationTimeout seconds
240 Specifies the maximum amount of time to allow between files in a multiple file
243 PageLogFormat format string
244 Specifies the format of page log lines.
246 PassEnv variable [... variable]
247 Passes the specified environment variable(s) to child processes.
249 <Policy name> ... </Policy>
250 Specifies access control for the named policy.
253 Specifies a port number to listen to for HTTP requests.
258 Specifies whether or not to preserve job files after they are printed.
260 PreserveJobHistory Yes
262 PreserveJobHistory No
263 Specifies whether or not to preserve the job history after they are
270 PrintcapFormat solaris
271 Specifies the format of the printcap file.
273 ReloadTimeout seconds
274 Specifies the amount of time to wait for job completion before
275 restarting the scheduler.
278 Specifies the maximum amount of memory to use when converting images
279 and PostScript files to bitmaps for a printer.
284 Specifies whether all or any limits set for a Location must be
285 satisfied to allow access.
287 ServerAdmin user@domain.com
288 Specifies the email address of the server administrator.
290 ServerAlias hostname [... hostname]
293 Specifies an alternate name that the server is known by. The special name "*"
294 allows any name to be used.
296 ServerName hostname-or-ip-address
297 Specifies the fully-qualified hostname of the server.
311 ServerTokens ProductOnly
312 Specifies what information is included in the Server header of HTTP
315 SetEnv variable value
316 Set the specified environment variable to be passed to child processes.
319 Listens on the specified address and port for encrypted connections.
322 Listens on the specified port for encrypted connections.
324 StrictConformance Yes
327 Specifies whether the scheduler requires clients to strictly adhere to the IPP
328 specifications. The default is No.
331 Specifies the HTTP request timeout in seconds.
336 Specifies whether the web interface is enabled.
337 .SH DIRECTIVES VALID WITHIN LOCATION AND LIMIT SECTIONS
338 The following directives may be placed inside Location and Limit sections in the \fIcupsd.conf\fR file:
344 Allow host.domain.com
350 Allow ip-address/netmask
357 Allows access from the named hosts or addresses.
364 Specifies the authentication type (None, Basic, or Negotiate)
376 Deny ip-address/netmask
383 Denies access to the named host or address.
385 Encryption IfRequested
390 Specifies the level of encryption that is required for a particular
396 Specifies the order of HTTP access control (allow,deny or deny,allow)
398 Require group group-name-list
400 Require user user-name-list
403 Specifies that user or group authentication is required.
404 .SH DIRECTIVES VALID WITHIN POLICY SECTIONS
405 The following directives may be placed inside Policy sections in the \fIcupsd.conf\fR file:
409 JobPrivateAccess default
411 JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
412 Specifies an access list for a job's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
416 JobPrivateValues default
418 JobPrivateValues none
420 JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
421 Specifies the list of job values to make private. The "default" values are "job-name", "job-originating-host-name", and "job-originating-user-name".
423 SubscriptionPrivateAccess all
425 SubscriptionPrivateAccess default
427 SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
428 Specifies an access list for a subscription's private values. The "default"
429 access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's
430 requesting-user-name-allowed or requesting-user-name-denied values.
432 SubscriptionPrivateValues all
434 SubscriptionPrivateValues default
436 SubscriptionPrivateValues none
438 SubscriptionPrivateValues attribute-name-1 [ ... attribute-name-N ]
439 Specifies the list of job values to make private. The "default" values are
440 "notify-events", "notify-pull-method", "notify-recipient-uri",
441 "notify-subscriber-user-name", and "notify-user-data".
443 .BR classes.conf (5), cups-files.conf (5), cupsd (8), mime.convs (5), mime.types (5), printers.conf (5), subscriptions.conf (5),
444 http://localhost:631/help
446 Copyright \[co] 2007-2014 by Apple Inc.