]> git.ipfire.org Git - thirdparty/cups.git/blob - scheduler/conf.h
projects / thirdparty / cups.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
<rdar://problem/15939788> Improve CUPS sandboxing
[thirdparty/cups.git] / scheduler / conf.h
1 /*
2 * "$Id$"
3 *
4 * Configuration file definitions for the CUPS scheduler.
5 *
6 * Copyright 2007-2014 by Apple Inc.
7 * Copyright 1997-2007 by Easy Software Products, all rights reserved.
8 *
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
14 */
15
16
17 /*
18 * Log levels...
19 */
20
21 typedef enum
22 {
23 CUPSD_LOG_PPD = -5, /* Used internally for PPD keywords */
24 CUPSD_LOG_ATTR, /* Used internally for attributes */
25 CUPSD_LOG_STATE, /* Used internally for printer-state-reasons */
26 CUPSD_LOG_JOBSTATE, /* Used internally for job-state-reasons */
27 CUPSD_LOG_PAGE, /* Used internally for page logging */
28 CUPSD_LOG_NONE,
29 CUPSD_LOG_EMERG, /* Emergency issues */
30 CUPSD_LOG_ALERT, /* Something bad happened that needs attention */
31 CUPSD_LOG_CRIT, /* Critical error but server continues */
32 CUPSD_LOG_ERROR, /* Error condition */
33 CUPSD_LOG_WARN, /* Warning */
34 CUPSD_LOG_NOTICE, /* Normal condition that needs logging */
35 CUPSD_LOG_INFO, /* General information */
36 CUPSD_LOG_DEBUG, /* General debugging */
37 CUPSD_LOG_DEBUG2 /* Detailed debugging */
38 } cupsd_loglevel_t;
39
40 typedef enum
41 {
42 CUPSD_ACCESSLOG_CONFIG, /* Log config requests */
43 CUPSD_ACCESSLOG_ACTIONS, /* Log config, print, and job management requests */
44 CUPSD_ACCESSLOG_ALL /* Log everything */
45 } cupsd_accesslog_t;
46
47 typedef enum
48 {
49 CUPSD_TIME_STANDARD, /* "Standard" Apache/CLF format */
50 CUPSD_TIME_USECS /* Standard format with microseconds */
51 } cupsd_time_t;
52
53 typedef enum
54 {
55 CUPSD_SANDBOXING_OFF, /* No sandboxing */
56 CUPSD_SANDBOXING_RELAXED, /* Relaxed sandboxing */
57 CUPSD_SANDBOXING_STRICT /* Strict sandboxing */
58 } cupsd_sandboxing_t;
59
60
61 /*
62 * FatalErrors flags...
63 */
64
65 #define CUPSD_FATAL_NONE 0 /* No errors are fatal */
66 #define CUPSD_FATAL_BROWSE 1 /* Browse bind errors are fatal */
67 #define CUPSD_FATAL_CONFIG 2 /* Config file syntax errors are fatal */
68 #define CUPSD_FATAL_LISTEN 4 /* Listen/Port bind errors are fatal */
69 #define CUPSD_FATAL_LOG 8 /* Log file errors are fatal */
70 #define CUPSD_FATAL_PERMISSIONS 16 /* File permission errors are fatal */
71 #define CUPSD_FATAL_ALL ~0 /* All errors are fatal */
72
73
74 /*
75 * Printcap formats...
76 */
77
78 #define PRINTCAP_BSD 0 /* Berkeley LPD format */
79 #define PRINTCAP_SOLARIS 1 /* Solaris lpsched format */
80 #define PRINTCAP_PLIST 2 /* OS X plist format */
81
82
83 /*
84 * ServerAlias data...
85 */
86
87 typedef struct
88 {
89 size_t namelen; /* Length of alias name */
90 char name[1]; /* Alias name */
91 } cupsd_alias_t;
92
93
94 /*
95 * Globals...
96 */
97
98 VAR char *ConfigurationFile VALUE(NULL),
99 /* cupsd.conf file to use */
100 *CupsFilesFile VALUE(NULL),
101 /* cups-files.conf file to use */
102 *ServerName VALUE(NULL),
103 /* FQDN for server */
104 *ServerAdmin VALUE(NULL),
105 /* Administrator's email */
106 *ServerRoot VALUE(NULL),
107 /* Root directory for scheduler */
108 *ServerBin VALUE(NULL),
109 /* Root directory for binaries */
110 *StateDir VALUE(NULL),
111 /* Root directory for state data */
112 *RequestRoot VALUE(NULL),
113 /* Directory for request files */
114 *DocumentRoot VALUE(NULL);
115 /* Root directory for documents */
116 VAR cups_array_t *ServerAlias VALUE(NULL);
117 /* Alias names for server */
118 VAR int ServerNameIsIP VALUE(0);
119 /* Is the ServerName an IP address? */
120 VAR int NumSystemGroups VALUE(0);
121 /* Number of system group names */
122 VAR char *SystemGroups[MAX_SYSTEM_GROUPS]
123 VALUE({0});
124 /* System group names */
125 VAR gid_t SystemGroupIDs[MAX_SYSTEM_GROUPS]
126 VALUE({0});
127 /* System group IDs */
128 VAR char *AccessLog VALUE(NULL),
129 /* Access log filename */
130 *ErrorLog VALUE(NULL),
131 /* Error log filename */
132 *PageLog VALUE(NULL),
133 /* Page log filename */
134 *CacheDir VALUE(NULL),
135 /* Cache file directory */
136 *DataDir VALUE(NULL),
137 /* Data file directory */
138 *DefaultLanguage VALUE(NULL),
139 /* Default language encoding */
140 *DefaultLocale VALUE(NULL),
141 /* Default locale */
142 *DefaultPaperSize VALUE(NULL),
143 /* Default paper size */
144 *ErrorPolicy VALUE(NULL),
145 /* Default printer-error-policy */
146 *RIPCache VALUE(NULL),
147 /* Amount of memory for RIPs */
148 *TempDir VALUE(NULL),
149 /* Temporary directory */
150 *Printcap VALUE(NULL),
151 /* Printcap file */
152 *FontPath VALUE(NULL),
153 /* Font search path */
154 *RemoteRoot VALUE(NULL),
155 /* Remote root user */
156 *Classification VALUE(NULL);
157 /* Classification of system */
158 VAR uid_t User VALUE(1),
159 /* User ID for server */
160 RunUser VALUE(0);
161 /* User to run as, used for files */
162 VAR gid_t Group VALUE(0);
163 /* Group ID for server */
164 VAR cupsd_accesslog_t AccessLogLevel VALUE(CUPSD_ACCESSLOG_ACTIONS);
165 /* Access log level */
166 VAR int ClassifyOverride VALUE(0),
167 /* Allow overrides? */
168 LogDebugHistory VALUE(200),
169 /* Amount of automatic debug history */
170 FatalErrors VALUE(CUPSD_FATAL_CONFIG),
171 /* Which errors are fatal? */
172 StrictConformance VALUE(FALSE),
173 /* Require strict IPP conformance? */
174 SyncOnClose VALUE(FALSE);
175 /* Call fsync() when closing files? */
176 VAR mode_t ConfigFilePerm VALUE(0640U),
177 /* Permissions for config files */
178 LogFilePerm VALUE(0644U);
179 /* Permissions for log files */
180 VAR cupsd_loglevel_t LogLevel VALUE(CUPSD_LOG_WARN);
181 /* Error log level */
182 VAR cupsd_time_t LogTimeFormat VALUE(CUPSD_TIME_STANDARD);
183 /* Log file time format */
184 VAR cupsd_sandboxing_t Sandboxing VALUE(CUPSD_SANDBOXING_STRICT);
185 /* Sandboxing level */
186 VAR int UseSandboxing VALUE(1);
187 /* Use sandboxing for child procs? */
188 VAR int MaxClients VALUE(100),
189 /* Maximum number of clients */
190 MaxClientsPerHost VALUE(0),
191 /* Maximum number of clients per host */
192 MaxCopies VALUE(CUPS_DEFAULT_MAX_COPIES),
193 /* Maximum number of copies per job */
194 MaxLogSize VALUE(1024 * 1024),
195 /* Maximum size of log files */
196 MaxRequestSize VALUE(0),
197 /* Maximum size of IPP requests */
198 HostNameLookups VALUE(FALSE),
199 /* Do we do reverse lookups? */
200 Timeout VALUE(DEFAULT_TIMEOUT),
201 /* Timeout during requests */
202 KeepAlive VALUE(TRUE),
203 /* Support the Keep-Alive option? */
204 KeepAliveTimeout VALUE(DEFAULT_KEEPALIVE),
205 /* Timeout between requests */
206 FileDevice VALUE(FALSE),
207 /* Allow file: devices? */
208 FilterLimit VALUE(0),
209 /* Max filter cost at any time */
210 FilterLevel VALUE(0),
211 /* Current filter level */
212 FilterNice VALUE(0),
213 /* Nice value for filters */
214 ReloadTimeout VALUE(DEFAULT_KEEPALIVE),
215 /* Timeout before reload from SIGHUP */
216 RootCertDuration VALUE(300),
217 /* Root certificate update interval */
218 PrintcapFormat VALUE(PRINTCAP_BSD),
219 /* Format of printcap file? */
220 DefaultShared VALUE(TRUE),
221 /* Share printers by default? */
222 MultipleOperationTimeout VALUE(DEFAULT_TIMEOUT),
223 /* multiple-operation-time-out value */
224 WebInterface VALUE(CUPS_DEFAULT_WEBIF);
225 /* Enable the web interface? */
226 VAR cups_file_t *AccessFile VALUE(NULL),
227 /* Access log file */
228 *ErrorFile VALUE(NULL),
229 /* Error log file */
230 *PageFile VALUE(NULL);
231 /* Page log file */
232 VAR char *PageLogFormat VALUE(NULL);
233 /* Page log format */
234 VAR mime_t *MimeDatabase VALUE(NULL);
235 /* MIME type database */
236 VAR int NumMimeTypes VALUE(0);
237 /* Number of MIME types */
238 VAR const char **MimeTypes VALUE(NULL);
239 /* Array of MIME types */
240
241 #ifdef HAVE_SSL
242 VAR char *ServerKeychain VALUE(NULL);
243 /* Keychain holding cert + key */
244 #endif /* HAVE_SSL */
245
246 #ifdef HAVE_LAUNCHD
247 VAR int LaunchdTimeout VALUE(10);
248 /* Time after which an idle cupsd will exit */
249 #endif /* HAVE_LAUNCHD */
250
251 #ifdef HAVE_AUTHORIZATION_H
252 VAR char *SystemGroupAuthKey VALUE(NULL);
253 /* System group auth key */
254 #endif /* HAVE_AUTHORIZATION_H */
255
256 #ifdef HAVE_GSSAPI
257 VAR char *GSSServiceName VALUE(NULL);
258 /* GSS service name */
259 int HaveServerCreds VALUE(0);
260 /* Do we have server credentials? */
261 gss_cred_id_t ServerCreds; /* Server's GSS credentials */
262 #endif /* HAVE_GSSAPI */
263
264
265 /*
266 * Prototypes...
267 */
268
269 extern void cupsdAddAlias(cups_array_t *aliases, const char *name);
270 extern int cupsdCheckLogFile(cups_file_t **lf, const char *logname);
271 extern int cupsdCheckPermissions(const char *filename,
272 const char *suffix, mode_t mode,
273 uid_t user, gid_t group, int is_dir,
274 int create_dir);
275 extern int cupsdCheckProgram(const char *filename, cupsd_printer_t *p);
276 extern int cupsdDefaultAuthType(void);
277 extern void cupsdFreeAliases(cups_array_t *aliases);
278 extern char *cupsdGetDateTime(struct timeval *t, cupsd_time_t format);
279 extern int cupsdLogClient(cupsd_client_t *con, int level,
280 const char *message, ...)
281 __attribute__((__format__(__printf__, 3, 4)));
282 extern void cupsdLogFCMessage(void *context, _cups_fc_result_t result,
283 const char *message);
284 #ifdef HAVE_GSSAPI
285 extern int cupsdLogGSSMessage(int level, OM_uint32 major_status,
286 OM_uint32 minor_status,
287 const char *message, ...);
288 #endif /* HAVE_GSSAPI */
289 extern int cupsdLogJob(cupsd_job_t *job, int level, const char *message,
290 ...) __attribute__((__format__(__printf__, 3, 4)));
291 extern int cupsdLogMessage(int level, const char *message, ...)
292 __attribute__ ((__format__ (__printf__, 2, 3)));
293 extern int cupsdLogPage(cupsd_job_t *job, const char *page);
294 extern int cupsdLogRequest(cupsd_client_t *con, http_status_t code);
295 extern int cupsdReadConfiguration(void);
296 extern int cupsdWriteErrorLog(int level, const char *message);
297
298
299 /*
300 * End of "$Id$".
301 */
Unnamed repository; edit this file 'description' to name the repository.