]>
Commit | Line | Data |
---|---|---|
b0d4207c | 1 | # |
53510eae | 2 | # "$Id: cupsd.conf.in,v 1.2.2.11 2003/04/10 20:15:48 mike Exp $" |
b0d4207c | 3 | # |
4 | # Sample configuration file for the Common UNIX Printing System (CUPS) | |
5 | # scheduler. | |
6 | # | |
1d9595ab | 7 | # Copyright 1997-2003 by Easy Software Products, all rights reserved. |
b0d4207c | 8 | # |
9 | # These coded instructions, statements, and computer programs are the | |
10 | # property of Easy Software Products and are protected by Federal | |
11 | # copyright law. Distribution and use rights are outlined in the file | |
12 | # "LICENSE.txt" which should have been included with this file. If this | |
13 | # file is missing or damaged please contact Easy Software Products | |
14 | # at: | |
15 | # | |
16 | # Attn: CUPS Licensing Information | |
17 | # Easy Software Products | |
18 | # 44141 Airport View Drive, Suite 204 | |
19 | # Hollywood, Maryland 20636-3111 USA | |
20 | # | |
21 | # Voice: (301) 373-9603 | |
22 | # EMail: cups-info@cups.org | |
23 | # WWW: http://www.cups.org | |
24 | # | |
25 | ||
26 | ######################################################################## | |
27 | # # | |
28 | # This is the CUPS configuration file. If you are familiar with # | |
29 | # Apache or any of the other popular web servers, we've followed the # | |
30 | # same format. Any configuration variable used here has the same # | |
31 | # semantics as the corresponding variable in Apache. If we need # | |
32 | # different functionality then a different name is used to avoid # | |
33 | # confusion... # | |
34 | # # | |
35 | ######################################################################## | |
36 | ||
37 | ||
38 | ######## | |
39 | ######## Server Identity | |
40 | ######## | |
41 | ||
42 | # | |
43 | # ServerName: the hostname of your server, as advertised to the world. | |
44 | # By default CUPS will use the hostname of the system. | |
45 | # | |
46 | # To set the default server used by clients, see the client.conf file. | |
47 | # | |
48 | ||
49 | #ServerName myhost.domain.com | |
50 | ||
51 | # | |
52 | # ServerAdmin: the email address to send all complaints/problems to. | |
53 | # By default CUPS will use "root@hostname". | |
54 | # | |
55 | ||
56 | #ServerAdmin root@your.domain.com | |
57 | ||
58 | ||
59 | ######## | |
60 | ######## Server Options | |
61 | ######## | |
62 | ||
63 | # | |
64 | # AccessLog: the access log file; if this does not start with a leading / | |
65 | # then it is assumed to be relative to ServerRoot. By default set to | |
66 | # "@CUPS_LOGDIR@/access_log" | |
67 | # | |
68 | # You can also use the special name "syslog" to send the output to the | |
69 | # syslog file or daemon. | |
70 | # | |
71 | ||
72 | #AccessLog @CUPS_LOGDIR@/access_log | |
73 | ||
74 | # | |
75 | # Classification: the classification level of the server. If set, this | |
76 | # classification is displayed on all pages, and raw printing is disabled. | |
77 | # The default is the empty string. | |
78 | # | |
79 | ||
80 | #Classification classified | |
81 | #Classification confidential | |
82 | #Classification secret | |
83 | #Classification topsecret | |
84 | #Classification unclassified | |
85 | ||
86 | # | |
87 | # ClassifyOverride: whether to allow users to override the classification | |
88 | # on printouts. If enabled, users can limit banner pages to before or | |
89 | # after the job, and can change the classification of a job, but cannot | |
90 | # completely eliminate the classification or banners. | |
91 | # | |
92 | # The default is off. | |
93 | # | |
94 | ||
95 | #ClassifyOverride off | |
96 | ||
97 | # | |
98 | # DataDir: the root directory for the CUPS data files. | |
99 | # By default "@CUPS_DATADIR@". | |
100 | # | |
101 | ||
102 | #DataDir @CUPS_DATADIR@ | |
103 | ||
104 | # | |
105 | # DefaultCharset: the default character set to use. If not specified, | |
106 | # defaults to "utf-8". Note that this can also be overridden in | |
107 | # HTML documents... | |
108 | # | |
109 | ||
110 | #DefaultCharset utf-8 | |
111 | ||
112 | # | |
113 | # DefaultLanguage: the default language if not specified by the browser. | |
114 | # If not specified, the current locale is used. | |
115 | # | |
116 | ||
117 | #DefaultLanguage en | |
118 | ||
119 | # | |
120 | # DocumentRoot: the root directory for HTTP documents that are served. | |
121 | # By default "@CUPS_DOCROOT@". | |
122 | # | |
123 | ||
124 | #DocumentRoot @CUPS_DOCROOT@ | |
125 | ||
126 | # | |
127 | # ErrorLog: the error log file; if this does not start with a leading / | |
128 | # then it is assumed to be relative to ServerRoot. By default set to | |
129 | # "@CUPS_LOGDIR@/error_log" | |
130 | # | |
131 | # You can also use the special name "syslog" to send the output to the | |
132 | # syslog file or daemon. | |
133 | # | |
134 | ||
135 | #ErrorLog @CUPS_LOGDIR@/error_log | |
136 | ||
f63a430f | 137 | # |
138 | # FileDevice: determines whether the scheduler will allow new printers | |
139 | # to be added using device URIs of the form "file:/foo/bar". The default | |
140 | # is not to allow file devices due to the potential security vulnerability | |
141 | # and due to the fact that file devices do not support raw printing. | |
142 | # | |
143 | ||
144 | #FileDevice No | |
145 | ||
146 | ||
b0d4207c | 147 | # |
148 | # FontPath: the path to locate all font files (currently only for pstoraster) | |
149 | # By default "@CUPS_FONTPATH@". | |
150 | # | |
151 | ||
152 | #FontPath @CUPS_FONTPATH@ | |
153 | ||
154 | # | |
155 | # LogLevel: controls the number of messages logged to the ErrorLog | |
156 | # file and can be one of the following: | |
157 | # | |
158 | # debug2 Log everything. | |
159 | # debug Log almost everything. | |
160 | # info Log all requests and state changes. | |
161 | # warn Log errors and warnings. | |
162 | # error Log only errors. | |
163 | # none Log nothing. | |
164 | # | |
165 | ||
166 | LogLevel info | |
167 | ||
168 | # | |
169 | # MaxLogSize: controls the maximum size of each log file before they are | |
170 | # rotated. Defaults to 1048576 (1MB). Set to 0 to disable log rotating. | |
171 | # | |
172 | ||
173 | #MaxLogSize 0 | |
174 | ||
175 | # | |
176 | # PageLog: the page log file; if this does not start with a leading / | |
177 | # then it is assumed to be relative to ServerRoot. By default set to | |
178 | # "@CUPS_LOGDIR@/page_log" | |
179 | # | |
180 | # You can also use the special name "syslog" to send the output to the | |
181 | # syslog file or daemon. | |
182 | # | |
183 | ||
184 | #PageLog @CUPS_LOGDIR@/page_log | |
185 | ||
186 | # | |
187 | # PreserveJobHistory: whether or not to preserve the job history after a | |
188 | # job is completed, cancelled, or stopped. Default is Yes. | |
189 | # | |
190 | ||
191 | #PreserveJobHistory Yes | |
192 | ||
193 | # | |
194 | # PreserveJobFiles: whether or not to preserve the job files after a | |
195 | # job is completed, cancelled, or stopped. Default is No. | |
196 | # | |
197 | ||
198 | #PreserveJobFiles No | |
199 | ||
200 | # | |
201 | # AutoPurgeJobs: automatically purge jobs when not needed for quotas. | |
202 | # Default is No. | |
203 | # | |
204 | ||
205 | #AutoPurgeJobs No | |
206 | ||
2e9f3b68 | 207 | # |
208 | # MaxCopies: maximum number of copies that a user can request. Default is | |
209 | # 100. | |
210 | # | |
211 | ||
212 | #MaxCopies 100 | |
213 | ||
b0d4207c | 214 | # |
215 | # MaxJobs: maximum number of jobs to keep in memory (active and completed.) | |
216 | # Default is 500; the value 0 is used for no limit. | |
217 | # | |
218 | ||
219 | #MaxJobs 500 | |
220 | ||
221 | # | |
222 | # Printcap: the name of the printcap file. Default is /etc/printcap. | |
223 | # Leave blank to disable printcap file generation. | |
224 | # | |
225 | ||
226 | #Printcap /etc/printcap | |
227 | ||
228 | # | |
229 | # PrintcapFormat: the format of the printcap file, currently either | |
230 | # BSD or Solaris. The default is "BSD". | |
231 | # | |
232 | ||
233 | #PrintcapFormat BSD | |
234 | #PrintcapFormat Solaris | |
235 | ||
236 | # | |
237 | # PrintcapGUI: the name of the GUI options panel program to associate | |
238 | # with print queues under IRIX. The default is "/usr/bin/glpoptions" | |
239 | # from ESP Print Pro. | |
240 | # | |
241 | # This option is only used under IRIX; the options panel program | |
242 | # must accept the "-d printer" and "-o options" options and write | |
243 | # the selected printer options back to stdout on completion. | |
244 | # | |
245 | ||
246 | #PrintcapGUI /usr/bin/glpoptions | |
247 | ||
248 | # | |
249 | # RequestRoot: the directory where request files are stored. | |
250 | # By default "@CUPS_REQUESTS@". | |
251 | # | |
252 | ||
253 | #RequestRoot @CUPS_REQUESTS@ | |
254 | ||
255 | # | |
256 | # RemoteRoot: the name of the user assigned to unauthenticated accesses | |
257 | # from remote systems. By default "remroot". | |
258 | # | |
259 | ||
260 | #RemoteRoot remroot | |
261 | ||
262 | # | |
263 | # ServerBin: the root directory for the scheduler executables. | |
264 | # By default "@CUPS_SERVERBIN@". | |
265 | # | |
266 | ||
267 | #ServerBin @CUPS_SERVERBIN@ | |
268 | ||
269 | # | |
270 | # ServerRoot: the root directory for the scheduler. | |
271 | # By default "@CUPS_SERVERROOT@". | |
272 | # | |
273 | ||
274 | #ServerRoot @CUPS_SERVERROOT@ | |
275 | ||
276 | ||
53510eae | 277 | ######## |
278 | ######## Fax Support | |
279 | ######## | |
280 | ||
281 | # | |
282 | # FaxRetryLimit: the number of times a fax job is retried. | |
283 | # The default is 5 times. | |
284 | # | |
285 | ||
286 | #FaxRetryLimit 5 | |
287 | ||
288 | # | |
289 | # FaxRetryInterval: the number of seconds between fax job retries. | |
290 | # The default is 300 seconds/5 minutes. | |
291 | # | |
292 | ||
293 | #FaxRetryInterval 300 | |
294 | ||
295 | ||
b0d4207c | 296 | ######## |
297 | ######## Encryption Support | |
298 | ######## | |
299 | ||
300 | # | |
301 | # ServerCertificate: the file to read containing the server's certificate. | |
302 | # Defaults to "@CUPS_SERVERROOT@/ssl/server.crt". | |
303 | # | |
304 | ||
305 | #ServerCertificate @CUPS_SERVERROOT@/ssl/server.crt | |
306 | ||
307 | # | |
308 | # ServerKey: the file to read containing the server's key. | |
309 | # Defaults to "@CUPS_SERVERROOT@/ssl/server.key". | |
310 | # | |
311 | ||
312 | #ServerKey @CUPS_SERVERROOT@/ssl/server.key | |
313 | ||
314 | ||
315 | ######## | |
316 | ######## Filter Options | |
317 | ######## | |
318 | ||
319 | # | |
320 | # User/Group: the user and group the server runs under. Normally this | |
ba31b514 | 321 | # must be @CUPS_USER@ and @CUPS_GROUP@, however you can configure things for another |
322 | # user or group as needed. | |
b0d4207c | 323 | # |
324 | # Note: the server must be run initially as root to support the | |
325 | # default IPP port of 631. It changes users whenever an external | |
ba31b514 | 326 | # program is run, or if the RunAsUser directive is specified... |
b0d4207c | 327 | # |
328 | ||
ba31b514 | 329 | #User @CUPS_USER@ |
330 | #Group @CUPS_GROUP@ | |
b0d4207c | 331 | |
332 | # | |
333 | # RIPCache: the amount of memory that each RIP should use to cache | |
334 | # bitmaps. The value can be any real number followed by "k" for | |
335 | # kilobytes, "m" for megabytes, "g" for gigabytes, or "t" for tiles | |
336 | # (1 tile = 256x256 pixels.) Defaults to "8m" (8 megabytes). | |
337 | # | |
338 | ||
339 | #RIPCache 8m | |
340 | ||
341 | # | |
342 | # TempDir: the directory to put temporary files in. This directory must be | |
343 | # writable by the user defined above! Defaults to "@CUPS_REQUESTS@/tmp" or | |
344 | # the value of the TMPDIR environment variable. | |
345 | # | |
346 | ||
347 | #TempDir @CUPS_REQUESTS@/tmp | |
348 | ||
349 | # | |
350 | # FilterLimit: sets the maximum cost of all job filters that can be run | |
351 | # at the same time. A limit of 0 means no limit. A typical job may need | |
352 | # a filter limit of at least 200; limits less than the minimum required | |
353 | # by a job force a single job to be printed at any time. | |
354 | # | |
355 | # The default limit is 0 (unlimited). | |
356 | # | |
357 | ||
358 | #FilterLimit 0 | |
359 | ||
360 | ######## | |
361 | ######## Network Options | |
362 | ######## | |
363 | ||
364 | # | |
365 | # Ports/addresses that we listen to. The default port 631 is reserved | |
366 | # for the Internet Printing Protocol (IPP) and is what we use here. | |
367 | # | |
368 | # You can have multiple Port/Listen lines to listen to more than one | |
369 | # port or address, or to restrict access: | |
370 | # | |
371 | # Port 80 | |
372 | # Port 631 | |
373 | # Listen hostname | |
374 | # Listen hostname:80 | |
375 | # Listen hostname:631 | |
376 | # Listen 1.2.3.4 | |
377 | # Listen 1.2.3.4:631 | |
378 | # | |
379 | # NOTE: Unfortunately, most web browsers don't support TLS or HTTP Upgrades | |
380 | # for encryption. If you want to support web-based encryption you'll | |
381 | # probably need to listen on port 443 (the "https" port...) | |
382 | # | |
383 | ||
384 | #Port 80 | |
385 | #Port 443 | |
1d9595ab | 386 | Port @DEFAULT_IPP_PORT@ |
b0d4207c | 387 | |
388 | # | |
389 | # HostNameLookups: whether or not to do lookups on IP addresses to get a | |
390 | # fully-qualified hostname. This defaults to Off for performance reasons... | |
391 | # | |
392 | ||
393 | #HostNameLookups On | |
394 | ||
395 | # | |
396 | # KeepAlive: whether or not to support the Keep-Alive connection | |
397 | # option. Default is on. | |
398 | # | |
399 | ||
400 | #KeepAlive On | |
401 | ||
402 | # | |
403 | # KeepAliveTimeout: the timeout before Keep-Alive connections are | |
404 | # automatically closed. Default is 60 seconds. | |
405 | # | |
406 | ||
407 | #KeepAliveTimeout 60 | |
408 | ||
409 | # | |
410 | # MaxClients: controls the maximum number of simultaneous clients that | |
411 | # will be handled. Defaults to 100. | |
412 | # | |
413 | ||
414 | #MaxClients 100 | |
415 | ||
1060c9b6 | 416 | # |
417 | # MaxClientsPerHost: controls the maximum number of simultaneous clients that | |
418 | # will be handled from a specific host. Defaults to 10 or 1/10th of the | |
419 | # MaxClients setting, whichever is larger. A value of 0 specifies the | |
420 | # automatic (10 or 1/10th) setting. | |
421 | # | |
422 | ||
423 | #MaxClientsPerHost 0 | |
424 | ||
b0d4207c | 425 | # |
426 | # MaxRequestSize: controls the maximum size of HTTP requests and print files. | |
427 | # Set to 0 to disable this feature (defaults to 0.) | |
428 | # | |
429 | ||
430 | #MaxRequestSize 0 | |
431 | ||
432 | # | |
433 | # Timeout: the timeout before requests time out. Default is 300 seconds. | |
434 | # | |
435 | ||
436 | #Timeout 300 | |
437 | ||
438 | ||
439 | ######## | |
440 | ######## Browsing Options | |
441 | ######## | |
442 | ||
443 | # | |
444 | # Browsing: whether or not to broadcast and/or listen for CUPS printer | |
445 | # information on the network. Enabled by default. | |
446 | # | |
447 | ||
448 | #Browsing On | |
449 | ||
450 | # | |
451 | # BrowseProtocols: which protocols to use for browsing. Can be | |
452 | # any of the following separated by whitespace and/or commas: | |
453 | # | |
454 | # all - Use all supported protocols. | |
455 | # cups - Use the CUPS browse protocol. | |
456 | # slp - Use the SLPv2 protocol. | |
457 | # | |
458 | # The default is "cups". | |
459 | # | |
460 | # NOTE: If you choose to use SLPv2, it is *strongly* recommended that | |
461 | # you have at least one SLP Directory Agent (DA) on your | |
462 | # network. Otherwise, browse updates can take several seconds, | |
1e6bd2df | 463 | # during which the scheduler will not respond to client |
b0d4207c | 464 | # requests. |
465 | # | |
466 | ||
467 | #BrowseProtocols cups | |
468 | ||
469 | # | |
470 | # BrowseAddress: specifies a broadcast address to be used. By | |
471 | # default browsing information is not sent! | |
472 | # | |
473 | # Note: HP-UX does not properly handle broadcast unless you have a | |
474 | # Class A, B, C, or D netmask (i.e. no CIDR support). | |
475 | # | |
476 | # Note: Using the "global" broadcast address (255.255.255.255) will | |
477 | # activate a Linux demand-dial link with the default configuration. | |
478 | # If you have a LAN as well as the dial-up link, use the LAN's | |
479 | # broadcast address. | |
480 | # | |
fba7409c | 481 | # The @LOCAL address broadcasts to all non point-to-point interfaces. |
482 | # For example, if you have a LAN and a dial-up link, @LOCAL would | |
483 | # send printer updates to the LAN but not to the dial-up link. | |
484 | # Similarly, the @IF(name) address sends to the named network | |
485 | # interface, e.g. @IF(eth0) under Linux. Interfaces are refreshed | |
486 | # automatically (no more than once every 60 seconds), so they can | |
487 | # be used on dynamically-configured interfaces, e.g. PPP, 802.11, etc. | |
488 | # | |
b0d4207c | 489 | |
490 | #BrowseAddress x.y.z.255 | |
491 | #BrowseAddress x.y.255.255 | |
492 | #BrowseAddress x.255.255.255 | |
493 | #BrowseAddress 255.255.255.255 | |
fba7409c | 494 | #BrowseAddress @LOCAL |
495 | #BrowseAddress @IF(name) | |
b0d4207c | 496 | |
497 | # | |
498 | # BrowseShortNames: whether or not to use "short" names for remote printers | |
499 | # when possible (e.g. "printer" instead of "printer@host".) Enabled by | |
500 | # default. | |
501 | # | |
502 | ||
503 | #BrowseShortNames Yes | |
504 | ||
505 | # | |
506 | # BrowseAllow: specifies an address mask to allow for incoming browser | |
507 | # packets. The default is to allow packets from all addresses. | |
508 | # | |
509 | # BrowseDeny: specifies an address mask to deny for incoming browser | |
510 | # packets. The default is to deny packets from no addresses. | |
511 | # | |
512 | # Both "BrowseAllow" and "BrowseDeny" accept the following notations for | |
513 | # addresses: | |
514 | # | |
515 | # All | |
516 | # None | |
517 | # *.domain.com | |
518 | # .domain.com | |
519 | # host.domain.com | |
520 | # nnn.* | |
521 | # nnn.nnn.* | |
522 | # nnn.nnn.nnn.* | |
523 | # nnn.nnn.nnn.nnn | |
524 | # nnn.nnn.nnn.nnn/mm | |
525 | # nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm | |
fba7409c | 526 | # @LOCAL |
527 | # @IF(name) | |
b0d4207c | 528 | # |
529 | # The hostname/domainname restrictions only work if you have turned hostname | |
530 | # lookups on! | |
531 | # | |
532 | ||
533 | #BrowseAllow address | |
534 | #BrowseDeny address | |
535 | ||
536 | # | |
537 | # BrowseInterval: the time between browsing updates in seconds. Default | |
538 | # is 30 seconds. | |
539 | # | |
540 | # Note that browsing information is sent whenever a printer's state changes | |
541 | # as well, so this represents the maximum time between updates. | |
542 | # | |
543 | # Set this to 0 to disable outgoing broadcasts so your local printers are | |
544 | # not advertised but you can still see printers on other hosts. | |
545 | # | |
546 | ||
547 | #BrowseInterval 30 | |
548 | ||
549 | # | |
550 | # BrowseOrder: specifies the order of BrowseAllow/BrowseDeny comparisons. | |
551 | # | |
552 | ||
553 | #BrowseOrder allow,deny | |
554 | #BrowseOrder deny,allow | |
555 | ||
556 | # | |
557 | # BrowsePoll: poll the named server(s) for printers | |
558 | # | |
559 | ||
560 | #BrowsePoll address:port | |
561 | ||
562 | # | |
563 | # BrowsePort: the port used for UDP broadcasts. By default this is | |
564 | # the IPP port; if you change this you need to do it on all servers. | |
565 | # Only one BrowsePort is recognized. | |
566 | # | |
567 | ||
568 | #BrowsePort 631 | |
569 | ||
570 | # | |
571 | # BrowseRelay: relay browser packets from one address/network to another. | |
572 | # | |
573 | ||
574 | #BrowseRelay source-address destination-address | |
fba7409c | 575 | #BrowseRelay @IF(src) @IF(dst) |
b0d4207c | 576 | |
577 | # | |
578 | # BrowseTimeout: the timeout for network printers - if we don't | |
579 | # get an update within this time the printer will be removed | |
580 | # from the printer list. This number definitely should not be | |
581 | # less the BrowseInterval value for obvious reasons. Defaults | |
582 | # to 300 seconds. | |
583 | # | |
584 | ||
585 | #BrowseTimeout 300 | |
586 | ||
587 | # | |
588 | # ImplicitClasses: whether or not to use implicit classes. | |
589 | # | |
590 | # Printer classes can be specified explicitly in the classes.conf | |
591 | # file, implicitly based upon the printers available on the LAN, or | |
592 | # both. | |
593 | # | |
594 | # When ImplicitClasses is On, printers on the LAN with the same name | |
595 | # (e.g. Acme-LaserPrint-1000) will be put into a class with the same | |
596 | # name. This allows you to setup multiple redundant queues on a LAN | |
597 | # without a lot of administrative difficulties. If a user sends a | |
598 | # job to Acme-LaserPrint-1000, the job will go to the first available | |
599 | # queue. | |
600 | # | |
601 | # Enabled by default. | |
602 | # | |
603 | ||
604 | #ImplicitClasses On | |
605 | ||
606 | # | |
607 | # ImplicitAnyClasses: whether or not to create "AnyPrinter" implicit | |
608 | # classes. | |
609 | # | |
610 | # When ImplicitAnyClasses is On and a local queue of the same name | |
611 | # exists, e.g. "printer", "printer@server1", "printer@server1", then | |
612 | # an implicit class called "Anyprinter" is created instead. | |
613 | # | |
614 | # When ImplicitAnyClasses is Off, implicit classes are not created | |
615 | # when there is a local queue of the same name. | |
616 | # | |
617 | # Disabled by default. | |
618 | # | |
619 | ||
620 | #ImplicitAnyCLasses Off | |
621 | ||
622 | # | |
623 | # HideImplicitMembers: whether or not to show the members of an | |
624 | # implicit class. | |
625 | # | |
626 | # When HideImplicitMembers is On, any remote printers that are | |
627 | # part of an implicit class are hidden from the user, who will | |
628 | # then only see a single queue even though many queues will be | |
629 | # supporting the implicit class. | |
630 | # | |
631 | # Enabled by default. | |
632 | # | |
633 | ||
634 | #HideImplicitMembers On | |
635 | ||
636 | ||
637 | ######## | |
638 | ######## Security Options | |
639 | ######## | |
640 | ||
641 | # | |
642 | # SystemGroup: the group name for "System" (printer administration) | |
643 | # access. The default varies depending on the operating system, but | |
644 | # will be "sys", "system", or "root" (checked for in that order.) | |
645 | # | |
646 | ||
f915b00f | 647 | #SystemGroup @CUPS_GROUP@ |
b0d4207c | 648 | |
d9e72533 | 649 | # |
650 | # RootCertDuration: How frequently the root certificate is regenerated. | |
651 | # Defaults to 300 seconds. | |
652 | # | |
653 | ||
654 | #RootCertDuration 300 | |
655 | ||
b0d4207c | 656 | # |
657 | # Access permissions for each directory served by the scheduler. | |
658 | # Locations are relative to DocumentRoot... | |
659 | # | |
660 | # AuthType: the authorization to use: | |
661 | # | |
662 | # None - Perform no authentication | |
663 | # Basic - Perform authentication using the HTTP Basic method. | |
664 | # Digest - Perform authentication using the HTTP Digest method. | |
665 | # | |
666 | # (Note: local certificate authentication can be substituted by | |
667 | # the client for Basic or Digest when connecting to the | |
668 | # localhost interface) | |
669 | # | |
670 | # AuthClass: the authorization class; currently only "Anonymous", "User", | |
671 | # "System" (valid user belonging to group SystemGroup), and "Group" | |
672 | # (valid user belonging to the specified group) are supported. | |
673 | # | |
674 | # AuthGroupName: the group name for "Group" authorization. | |
675 | # | |
676 | # Order: the order of Allow/Deny processing. | |
677 | # | |
fba7409c | 678 | # Allow: allows access from the specified hostname, domain, IP address, |
679 | # network, or interface. | |
b0d4207c | 680 | # |
fba7409c | 681 | # Deny: denies access from the specified hostname, domain, IP address, |
682 | # network, or interface. | |
b0d4207c | 683 | # |
684 | # Both "Allow" and "Deny" accept the following notations for addresses: | |
685 | # | |
686 | # All | |
687 | # None | |
688 | # *.domain.com | |
689 | # .domain.com | |
690 | # host.domain.com | |
691 | # nnn.* | |
692 | # nnn.nnn.* | |
693 | # nnn.nnn.nnn.* | |
694 | # nnn.nnn.nnn.nnn | |
695 | # nnn.nnn.nnn.nnn/mm | |
696 | # nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm | |
fba7409c | 697 | # @LOCAL |
698 | # @IF(name) | |
b0d4207c | 699 | # |
700 | # The host and domain address require that you enable hostname lookups | |
701 | # with "HostNameLookups On" above. | |
702 | # | |
fba7409c | 703 | # The @LOCAL address allows or denies from all non point-to-point |
704 | # interfaces. For example, if you have a LAN and a dial-up link, | |
705 | # @LOCAL could allow connections from the LAN but not from the dial-up | |
706 | # link. Similarly, the @IF(name) address allows or denies from the | |
707 | # named network interface, e.g. @IF(eth0) under Linux. Interfaces are | |
708 | # refreshed automatically (no more than once every 60 seconds), so | |
709 | # they can be used on dynamically-configured interfaces, e.g. PPP, | |
710 | # 802.11, etc. | |
711 | # | |
b0d4207c | 712 | # Encryption: whether or not to use encryption; this depends on having |
713 | # the OpenSSL library linked into the CUPS library and scheduler. | |
714 | # | |
715 | # Possible values: | |
716 | # | |
717 | # Always - Always use encryption (SSL) | |
718 | # Never - Never use encryption | |
719 | # Required - Use TLS encryption upgrade | |
720 | # IfRequested - Use encryption if the server requests it | |
721 | # | |
722 | # The default value is "IfRequested". | |
723 | # | |
724 | ||
725 | <Location /> | |
726 | Order Deny,Allow | |
727 | Deny From All | |
728 | Allow From 127.0.0.1 | |
729 | </Location> | |
730 | ||
731 | #<Location /classes> | |
732 | # | |
733 | # You may wish to limit access to printers and classes, either with Allow | |
734 | # and Deny lines, or by requiring a username and password. | |
735 | # | |
736 | #</Location> | |
737 | ||
738 | #<Location /classes/name> | |
739 | # | |
740 | # You may wish to limit access to printers and classes, either with Allow | |
741 | # and Deny lines, or by requiring a username and password. | |
742 | # | |
743 | #</Location> | |
744 | ||
fba7409c | 745 | #<Location /jobs> |
746 | # | |
747 | # You may wish to limit access to job operations, either with Allow | |
748 | # and Deny lines, or by requiring a username and password. | |
749 | # | |
750 | #</Location> | |
751 | ||
b0d4207c | 752 | #<Location /printers> |
753 | # | |
754 | # You may wish to limit access to printers and classes, either with Allow | |
755 | # and Deny lines, or by requiring a username and password. | |
756 | # | |
757 | #</Location> | |
758 | ||
759 | #<Location /printers/name> | |
760 | # | |
761 | # You may wish to limit access to printers and classes, either with Allow | |
762 | # and Deny lines, or by requiring a username and password. | |
763 | # | |
764 | ||
765 | ## Anonymous access (default) | |
766 | #AuthType None | |
767 | ||
768 | ## Require a username and password (Basic authentication) | |
769 | #AuthType Basic | |
770 | #AuthClass User | |
771 | ||
772 | ## Require a username and password (Digest/MD5 authentication) | |
773 | #AuthType Digest | |
774 | #AuthClass User | |
775 | ||
776 | ## Restrict access to local domain | |
777 | #Order Deny,Allow | |
778 | #Deny From All | |
779 | #Allow From .mydomain.com | |
780 | #</Location> | |
781 | ||
782 | <Location /admin> | |
783 | # | |
784 | # You definitely will want to limit access to the administration functions. | |
785 | # The default configuration requires a local connection from a user who | |
786 | # is a member of the system group to do any admin tasks. You can change | |
787 | # the group name using the SystemGroup directive. | |
788 | # | |
789 | ||
790 | AuthType Basic | |
791 | AuthClass System | |
792 | ||
793 | ## Restrict access to local domain | |
794 | Order Deny,Allow | |
795 | Deny From All | |
796 | Allow From 127.0.0.1 | |
797 | ||
798 | #Encryption Required | |
799 | </Location> | |
800 | ||
801 | # | |
53510eae | 802 | # End of "$Id: cupsd.conf.in,v 1.2.2.11 2003/04/10 20:15:48 mike Exp $". |
b0d4207c | 803 | # |