2 # "$Id: cupsd.conf,v 1.37 2002/01/02 17:58:37 mike Exp $"
4 # Sample configuration file for the Common UNIX Printing System (CUPS)
7 # Copyright 1997-2002 by Easy Software Products, all rights reserved.
9 # These coded instructions, statements, and computer programs are the
10 # property of Easy Software Products and are protected by Federal
11 # copyright law. Distribution and use rights are outlined in the file
12 # "LICENSE.txt" which should have been included with this file. If this
13 # file is missing or damaged please contact Easy Software Products
16 # Attn: CUPS Licensing Information
17 # Easy Software Products
18 # 44141 Airport View Drive, Suite 204
19 # Hollywood, Maryland 20636-3111 USA
21 # Voice: (301) 373-9603
22 # EMail: cups-info@cups.org
23 # WWW: http://www.cups.org
26 ########################################################################
28 # This is the CUPS configuration file. If you are familiar with #
29 # Apache or any of the other popular web servers, we've followed the #
30 # same format. Any configuration variable used here has the same #
31 # semantics as the corresponding variable in Apache. If we need #
32 # different functionality then a different name is used to avoid #
35 ########################################################################
39 ######## Server Identity
43 # ServerName: the hostname of your server, as advertised to the world.
44 # By default CUPS will use the hostname of the system.
46 # To set the default server used by clients, see the client.conf file.
49 #ServerName myhost.domain.com
52 # ServerAdmin: the email address to send all complaints/problems to.
53 # By default CUPS will use "root@hostname".
56 #ServerAdmin root@your.domain.com
60 ######## Server Options
64 # AccessLog: the access log file; if this does not start with a leading /
65 # then it is assumed to be relative to ServerRoot. By default set to
66 # "/var/log/cups/access_log"
68 # You can also use the special name "syslog" to send the output to the
69 # syslog file or daemon.
72 #AccessLog /var/log/cups/access_log
75 # Classification: the classification level of the server. If set, this
76 # classification is displayed on all pages, and raw printing is disabled.
77 # The default is the empty string.
80 #Classification classified
81 #Classification confidential
82 #Classification secret
83 #Classification topsecret
84 #Classification unclassified
87 # ClassifyOverride: whether to allow users to override the classification
88 # on printouts. If enabled, users can limit banner pages to before or
89 # after the job, and can change the classification of a job, but cannot
90 # completely eliminate the classification or banners.
98 # DataDir: the root directory for the CUPS data files.
99 # By default /usr/share/cups.
102 #DataDir /usr/share/cups
105 # DefaultCharset: the default character set to use. If not specified,
106 # defaults to utf-8. Note that this can also be overridden in
110 #DefaultCharset utf-8
113 # DefaultLanguage: the default language if not specified by the browser.
114 # If not specified, the current locale is used.
120 # DocumentRoot: the root directory for HTTP documents that are served.
121 # By default the compiled in directory.
124 #DocumentRoot /usr/share/doc/cups
127 # ErrorLog: the error log file; if this does not start with a leading /
128 # then it is assumed to be relative to ServerRoot. By default set to
129 # "/var/log/cups/error_log"
131 # You can also use the special name "syslog" to send the output to the
132 # syslog file or daemon.
135 #ErrorLog /var/log/cups/error_log
138 # FontPath: the path to locate all font files (currently only for pstoraster)
139 # By default /usr/share/cups/fonts.
142 #FontPath /usr/share/cups/fonts
145 # LogLevel: controls the number of messages logged to the ErrorLog
146 # file and can be one of the following:
148 # debug2 Log everything.
149 # debug Log almost everything.
150 # info Log all requests and state changes.
151 # warn Log errors and warnings.
152 # error Log only errors.
159 # MaxLogSize: controls the maximum size of each log file before they are
160 # rotated. Defaults to 1048576 (1MB). Set to 0 to disable log rotating.
166 # PageLog: the page log file; if this does not start with a leading /
167 # then it is assumed to be relative to ServerRoot. By default set to
168 # "/var/log/cups/page_log"
170 # You can also use the special name "syslog" to send the output to the
171 # syslog file or daemon.
174 #PageLog /var/log/cups/page_log
177 # PreserveJobHistory: whether or not to preserve the job history after a
178 # job is completed, cancelled, or stopped. Default is Yes.
181 #PreserveJobHistory Yes
184 # PreserveJobFiles: whether or not to preserve the job files after a
185 # job is completed, cancelled, or stopped. Default is No.
191 # AutoPurgeJobs: automatically purge jobs when not needed for quotas.
198 # MaxJobs: maximum number of jobs to keep in memory (active and completed.)
199 # Default is 500; the value 0 is used for no limit.
205 # Printcap: the name of the printcap file. Default is /etc/printcap.
206 # Leave blank to disable printcap file generation.
209 #Printcap /etc/printcap
212 # RequestRoot: the directory where request files are stored.
213 # By default /var/spool/cups.
216 #RequestRoot /var/spool/cups
219 # RemoteRoot: the name of the user assigned to unauthenticated accesses
220 # from remote systems. By default "remroot".
226 # ServerBin: the root directory for the scheduler executables.
227 # By default /usr/lib/cups or /usr/lib32/cups (IRIX 6.5).
230 #ServerBin /usr/lib/cups
233 # ServerRoot: the root directory for the scheduler.
234 # By default /etc/cups.
237 #ServerRoot /etc/cups
241 ######## Encryption Support
245 # ServerCertificate: the file to read containing the server's certificate.
246 # Defaults to "/etc/cups/ssl/server.crt".
249 #ServerCertificate /etc/cups/ssl/server.crt
252 # ServerKey: the file to read containing the server's key.
253 # Defaults to "/etc/cups/ssl/server.key".
256 #ServerKey /etc/cups/ssl/server.key
260 ######## Filter Options
264 # User/Group: the user and group the server runs under. Normally this
265 # must be lp and sys, however you can configure things for another user
266 # or group as needed.
268 # Note: the server must be run initially as root to support the
269 # default IPP port of 631. It changes users whenever an external
277 # RIPCache: the amount of memory that each RIP should use to cache
278 # bitmaps. The value can be any real number followed by "k" for
279 # kilobytes, "m" for megabytes, "g" for gigabytes, or "t" for tiles
280 # (1 tile = 256x256 pixels.) Defaults to "8m" (8 megabytes).
286 # TempDir: the directory to put temporary files in. This directory must be
287 # writable by the user defined above! Defaults to "/var/spool/cups/tmp" or
288 # the value of the TMPDIR environment variable.
291 #TempDir /var/spool/cups/tmp
294 # FilterLimit: sets the maximum cost of all job filters that can be run
295 # at the same time. A limit of 0 means no limit. A typical job may need
296 # a filter limit of at least 200; limits less than the minimum required
297 # by a job force a single job to be printed at any time.
299 # The default limit is 0 (unlimited).
305 ######## Network Options
309 # Ports/addresses that we listen to. The default port 631 is reserved
310 # for the Internet Printing Protocol (IPP) and is what we use here.
312 # You can have multiple Port/Listen lines to listen to more than one
313 # port or address, or to restrict access:
319 # Listen hostname:631
323 # NOTE: Unfortunately, most web browsers don't support TLS or HTTP Upgrades
324 # for encryption. If you want to support web-based encryption you'll
325 # probably need to listen on port 443 (the "https" port...)
333 # HostNameLookups: whether or not to do lookups on IP addresses to get a
334 # fully-qualified hostname. This defaults to Off for performance reasons...
340 # KeepAlive: whether or not to support the Keep-Alive connection
341 # option. Default is on.
347 # KeepAliveTimeout: the timeout before Keep-Alive connections are
348 # automatically closed. Default is 60 seconds.
354 # MaxClients: controls the maximum number of simultaneous clients that
355 # will be handled. Defaults to 100.
361 # MaxRequestSize: controls the maximum size of HTTP requests and print files.
362 # Set to 0 to disable this feature (defaults to 0.)
368 # Timeout: the timeout before requests time out. Default is 300 seconds.
375 ######## Browsing Options
379 # Browsing: whether or not to broadcast and/or listen for CUPS printer
380 # information on the network. Enabled by default.
386 # BrowseProtocols: which protocols to use for browsing. Can be
387 # any of the following separated by whitespace and/or commas:
389 # all - Use all supported protocols.
390 # cups - Use the CUPS browse protocol.
391 # slp - Use the SLPv2 protocol.
393 # The default is "cups".
395 # NOTE: If you choose to use SLPv2, it is *strongly* recommended that
396 # you have at least one SLP Directory Agent (DA) on your
397 # network. Otherwise, browse updates can take several seconds,
398 # during which the scheduler will not response to client
402 #BrowseProtocols cups
405 # BrowseAddress: specifies a broadcast address to be used. By
406 # default browsing information is not sent!
408 # Note: HP-UX does not properly handle broadcast unless you have a
409 # Class A, B, C, or D netmask (i.e. no CIDR support).
411 # Note: Using the "global" broadcast address (255.255.255.255) will
412 # activate a Linux demand-dial link with the default configuration.
413 # If you have a LAN as well as the dial-up link, use the LAN's
417 #BrowseAddress x.y.z.255
418 #BrowseAddress x.y.255.255
419 #BrowseAddress x.255.255.255
420 #BrowseAddress 255.255.255.255
423 # BrowseShortNames: whether or not to use "short" names for remote printers
424 # when possible (e.g. "printer" instead of "printer@host".) Enabled by
428 #BrowseShortNames Yes
431 # BrowseAllow: specifies an address mask to allow for incoming browser
432 # packets. The default is to allow packets from all addresses.
434 # BrowseDeny: specifies an address mask to deny for incoming browser
435 # packets. The default is to deny packets from no addresses.
437 # Both "BrowseAllow" and "BrowseDeny" accept the following notations for
450 # nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
452 # The hostname/domainname restrictions only work if you have turned hostname
460 # BrowseInterval: the time between browsing updates in seconds. Default
463 # Note that browsing information is sent whenever a printer's state changes
464 # as well, so this represents the maximum time between updates.
466 # Set this to 0 to disable outgoing broadcasts so your local printers are
467 # not advertised but you can still see printers on other hosts.
473 # BrowseOrder: specifies the order of BrowseAllow/BrowseDeny comparisons.
476 #BrowseOrder allow,deny
477 #BrowseOrder deny,allow
480 # BrowsePoll: poll the named server(s) for printers
483 #BrowsePoll address:port
486 # BrowsePort: the port used for UDP broadcasts. By default this is
487 # the IPP port; if you change this you need to do it on all servers.
488 # Only one BrowsePort is recognized.
494 # BrowseRelay: relay browser packets from one address/network to another.
497 #BrowseRelay source-address destination-address
500 # BrowseTimeout: the timeout for network printers - if we don't
501 # get an update within this time the printer will be removed
502 # from the printer list. This number definitely should not be
503 # less the BrowseInterval value for obvious reasons. Defaults
510 # ImplicitClasses: whether or not to use implicit classes.
512 # Printer classes can be specified explicitly in the classes.conf
513 # file, implicitly based upon the printers available on the LAN, or
516 # When ImplicitClasses is On, printers on the LAN with the same name
517 # (e.g. Acme-LaserPrint-1000) will be put into a class with the same
518 # name. This allows you to setup multiple redundant queues on a LAN
519 # without a lot of administrative difficulties. If a user sends a
520 # job to Acme-LaserPrint-1000, the job will go to the first available
523 # Enabled by default.
529 # ImplicitAnyClasses: whether or not to create "AnyPrinter" implicit
532 # When ImplicitAnyClasses is On and a local queue of the same name
533 # exists, e.g. "printer", "printer@server1", "printer@server1", then
534 # an implicit class called "Anyprinter" is created instead.
536 # When ImplicitAnyClasses is Off, implicit classes are not created
537 # when there is a local queue of the same name.
539 # Disabled by default.
542 #ImplicitAnyCLasses Off
545 # HideImplicitMembers: whether or not to show the members of an
548 # When HideImplicitMembers is On, any remote printers that are
549 # part of an implicit class are hidden from the user, who will
550 # then only see a single queue even though many queues will be
551 # supporting the implicit class.
553 # Enabled by default.
556 #HideImplicitMembers On
560 ######## Security Options
564 # SystemGroup: the group name for "System" (printer administration)
565 # access. The default varies depending on the operating system, but
566 # will be "sys", "system", or "root" (checked for in that order.)
572 # Access permissions for each directory served by the scheduler.
573 # Locations are relative to DocumentRoot...
575 # AuthType: the authorization to use:
577 # None - Perform no authentication
578 # Basic - Perform authentication using the HTTP Basic method.
579 # Digest - Perform authentication using the HTTP Digest method.
581 # (Note: local certificate authentication can be substituted by
582 # the client for Basic or Digest when connecting to the
583 # localhost interface)
585 # AuthClass: the authorization class; currently only "Anonymous", "User",
586 # "System" (valid user belonging to group SystemGroup), and "Group"
587 # (valid user belonging to the specified group) are supported.
589 # AuthGroupName: the group name for "Group" authorization.
591 # Order: the order of Allow/Deny processing.
593 # Allow: allows access from the specified hostname, domain, IP address, or
596 # Deny: denies access from the specified hostname, domain, IP address, or
599 # Both "Allow" and "Deny" accept the following notations for addresses:
611 # nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
613 # The host and domain address require that you enable hostname lookups
614 # with "HostNameLookups On" above.
616 # Encryption: whether or not to use encryption; this depends on having
617 # the OpenSSL library linked into the CUPS library and scheduler.
621 # Always - Always use encryption (SSL)
622 # Never - Never use encryption
623 # Required - Use TLS encryption upgrade
624 # IfRequested - Use encryption if the server requests it
626 # The default value is "IfRequested".
637 # You may wish to limit access to printers and classes, either with Allow
638 # and Deny lines, or by requiring a username and password.
642 #<Location /classes/name>
644 # You may wish to limit access to printers and classes, either with Allow
645 # and Deny lines, or by requiring a username and password.
649 #<Location /printers>
651 # You may wish to limit access to printers and classes, either with Allow
652 # and Deny lines, or by requiring a username and password.
656 #<Location /printers/name>
658 # You may wish to limit access to printers and classes, either with Allow
659 # and Deny lines, or by requiring a username and password.
662 ## Anonymous access (default)
665 ## Require a username and password (Basic authentication)
669 ## Require a username and password (Digest/MD5 authentication)
673 ## Restrict access to local domain
676 #Allow From .mydomain.com
681 # You definitely will want to limit access to the administration functions.
682 # The default configuration requires a local connection from a user who
683 # is a member of the system group to do any admin tasks. You can change
684 # the group name using the SystemGroup directive.
690 ## Restrict access to local domain
699 # End of "$Id: cupsd.conf,v 1.37 2002/01/02 17:58:37 mike Exp $".