2 .\" cupsd.conf man page for CUPS.
4 .\" Copyright © 2007-2019 by Apple Inc.
5 .\" Copyright © 1997-2006 by Easy Software Products.
7 .\" Licensed under Apache License v2.0. See the file "LICENSE" for more
10 .TH cupsd.conf 5 "CUPS" "16 July 2019" "Apple Inc."
12 cupsd.conf \- server configuration file for cups
16 file configures the CUPS scheduler,
18 It is normally located in the
21 Each line in the file can be a configuration directive, a blank line, or a comment.
22 Configuration directives typically consist of a name and zero or more values separated by whitespace.
23 The configuration directive name and values are case-insensitive.
24 Comment lines start with the # character.
25 .SS TOP-LEVEL DIRECTIVES
26 The following top-level directives are understood by
30 \fBAccessLogLevel config\fR
32 \fBAccessLogLevel actions\fR
34 \fBAccessLogLevel all\fR
35 Specifies the logging level for the AccessLog file.
36 The "config" level logs when printers and classes are added, deleted, or modified and when configuration files are accessed or updated.
37 The "actions" level logs when print jobs are submitted, held, released, modified, or canceled, and any of the conditions for "config".
38 The "all" level logs all requests.
39 The default access log level is "actions".
42 \fBAutoPurgeJobs Yes\fR
44 \fBAutoPurgeJobs No\fR
46 Specifies whether to purge job history data automatically when it is no longer required for quotas.
48 .\"#BrowseDNSSDSubTypes
50 .BI BrowseDNSSDSubTypes _subtype[,...]
51 Specifies a list of Bonjour sub-types to advertise for each shared printer.
52 For example, "BrowseDNSSDSubTypes _cups,_print" will tell network clients that both CUPS sharing and IPP Everywhere are supported.
53 The default is "_cups" which is necessary for printer sharing to work between systems using CUPS.
54 .\"#BrowseLocalProtocols
56 \fBBrowseLocalProtocols all\fR
58 \fBBrowseLocalProtocols dnssd\fR
60 \fBBrowseLocalProtocols none\fR
61 Specifies which protocols to use for local printer sharing.
62 The default is "dnssd" on systems that support Bonjour and "none" otherwise.
69 Specifies whether the CUPS web interface is advertised.
77 Specifies whether shared printers are advertised.
81 \fBDefaultAuthType Basic\fR
83 \fBDefaultAuthType Negotiate\fR
85 Specifies the default type of authentication to use.
86 The default is "Basic".
89 \fBDefaultEncryption Never\fR
91 \fBDefaultEncryption IfRequested\fR
93 \fBDefaultEncryption Required\fR
94 Specifies whether encryption will be used for authenticated requests.
95 The default is "Required".
98 \fBDefaultLanguage \fIlocale\fR
99 Specifies the default language to use for text and web content.
103 \fBDefaultPaperSize Auto\fR
105 \fBDefaultPaperSize None\fR
107 \fBDefaultPaperSize \fIsizename\fR
108 Specifies the default paper size for new print queues. "Auto" uses a locale-specific default, while "None" specifies there is no default paper size.
109 Specific size names are typically "Letter" or "A4".
110 The default is "Auto".
113 \fBDefaultPolicy \fIpolicy-name\fR
114 Specifies the default access policy to use.
115 The default access policy is "default".
118 \fBDefaultShared Yes\fR
120 \fBDefaultShared No\fR
121 Specifies whether local printers are shared by default.
122 The default is "Yes".
123 .\"#DirtyCleanInterval
125 \fBDirtyCleanInterval \fIseconds\fR
126 Specifies the delay for updating of configuration and state files.
127 A value of 0 causes the update to happen as soon as possible, typically within a few milliseconds.
128 The default value is "30".
131 .BI DNSSDHostName hostname.example.com
132 Specifies the fully-qualified domain name for the server that is used for Bonjour sharing.
133 The default is typically the server's ".local" hostname.
136 \fBErrorPolicy abort-job\fR
137 Specifies that a failed print job should be aborted (discarded) unless otherwise specified for the printer.
139 \fBErrorPolicy retry-current-job\fR
140 Specifies that a failed print job should be retried immediately unless otherwise specified for the printer.
142 \fBErrorPolicy retry-job\fR
143 Specifies that a failed print job should be retried at a later time unless otherwise specified for the printer.
145 \fBErrorPolicy stop-printer\fR
146 Specifies that a failed print job should stop the printer unless otherwise specified for the printer. The 'stop-printer' error policy is the default.
149 \fBFilterLimit \fIlimit\fR
150 Specifies the maximum cost of filters that are run concurrently, which can be used to minimize disk, memory, and CPU resource problems.
151 A limit of 0 disables filter limiting.
152 An average print to a non-PostScript printer needs a filter limit of about 200.
153 A PostScript printer needs about half that (100).
154 Setting the limit below these thresholds will effectively limit the scheduler to printing a single job at any time.
155 The default limit is "0".
158 \fBFilterNice \fInice-value\fR
159 Specifies the scheduling priority (
161 value) of filters that are run to print a job.
162 The nice value ranges from 0, the highest priority, to 19, the lowest priority.
166 \fBGSSServiceName \fIname\fR
167 Specifies the service name when using Kerberos authentication.
168 The default service name is "http."
171 \fBHostNameLookups On\fR
173 \fBHostNameLookups Off\fR
175 \fBHostNameLookups Double\fR
176 Specifies whether to do reverse lookups on connecting clients.
177 The "Double" setting causes
179 to verify that the hostname resolved from the address matches one of the addresses returned for that hostname.
180 Double lookups also prevent clients with unregistered addresses from connecting to your server.
181 The default is "Off" to avoid the potential server performance problems with hostname lookups.
182 Only set this option to "On" or "Double" if absolutely required.
185 \fBIdleExitTimeout \fIseconds\fR
186 Specifies the length of time to wait before shutting down due to inactivity.
187 The default is "60" seconds.
188 Note: Only applicable when
190 is run on-demand (e.g., with \fB-l\fR).
193 \fBJobKillDelay \fIseconds\fR
194 Specifies the number of seconds to wait before killing the filters and backend associated with a canceled or held job.
198 \fBJobRetryInterval \fIseconds\fR
199 Specifies the interval between retries of jobs in seconds.
200 This is typically used for fax queues but can also be used with normal print queues whose error policy is "retry-job" or "retry-current-job".
204 \fBJobRetryLimit \fIcount\fR
205 Specifies the number of retries that are done for jobs.
206 This is typically used for fax queues but can also be used with normal print queues whose error policy is "retry-job" or "retry-current-job".
213 Specifies whether to support HTTP keep-alive connections.
214 The default is "Yes".
217 \fBKeepAliveTimeout \fIseconds\fR
218 Specifies how long an idle client connection remains open.
222 \fB<Limit \fIoperation \fR...\fB> \fR... \fB</Limit>\fR
223 Specifies the IPP operations that are being limited inside a Policy section. IPP operation names are listed below in the section "IPP OPERATION NAMES".
226 \fB<Limit \fImethod \fR...\fB> \fR... \fB</Limit>\fR
229 \fB<LimitExcept \fImethod \fR...\fB> \fR... \fB</LimitExcept>\fR
230 Specifies the HTTP methods that are being limited inside a Location section. HTTP method names are listed below in the section "HTTP METHOD NAMES".
233 \fBLimitRequestBody \fIsize\fR
234 Specifies the maximum size of print files, IPP requests, and HTML form data.
235 The default is "0" which disables the limit check.
238 \fBListen \fIipv4-address\fB:\fIport\fR
240 \fBListen [\fIipv6-address\fB]:\fIport\fR
242 \fBListen *:\fIport\fR
244 \fBListen \fI/path/to/domain/socket\fR
245 Listens to the specified address and port or domain socket path for connections.
246 Multiple Listen directives can be provided to listen on multiple addresses.
247 The Listen directive is similar to the Port directive but allows you to restrict access to specific interfaces or networks.
250 \fBListenBackLog \fInumber\fR
251 Specifies the number of pending connections that will be allowed.
252 This normally only affects very busy servers that have reached the MaxClients limit, but can also be triggered by large numbers of simultaneous connections.
253 When the limit is reached, the operating system will refuse additional connections until the scheduler can accept the pending ones.
254 The default is the OS-defined default limit, typically either "5" for older operating systems or "128" for newer operating systems.
257 \fB<Location \fI/path\fB> \fR... \fB</Location>\fR
258 Specifies access control for the named location.
259 Paths are documented below in the section "LOCATION PATHS".
262 \fBLogDebugHistory \fInumber\fR
263 Specifies the number of debugging messages that are retained for logging if an error occurs in a print job. Debug messages are logged regardless of the LogLevel setting.
278 \fBLogLevel \fRnotice
284 \fBLogLevel \fRdebug2
285 Specifies the level of logging for the ErrorLog file.
286 The value "none" stops all logging while "debug2" logs everything.
287 The default is "warn".
290 \fBLogTimeFormat \fRstandard
292 \fBLogTimeFormat \fRusecs
293 Specifies the format of the date and time in the log files.
294 The value "standard" is the default and logs whole seconds while "usecs" logs microseconds.
297 \fBMaxClients \fInumber\fR
298 Specifies the maximum number of simultaneous clients that are allowed by the scheduler.
299 The default is "100".
302 \fBMaxClientsPerHost \fInumber\fR
303 Specifies the maximum number of simultaneous clients that are allowed from a
305 The default is the MaxClients value.
308 \fBMaxCopies \fInumber\fR
309 Specifies the maximum number of copies that a user can print of each job.
310 The default is "9999".
313 \fBMaxHoldTime \fIseconds\fR
314 Specifies the maximum time a job may remain in the "indefinite" hold state before it is canceled.
315 The default is "0" which disables cancellation of held jobs.
318 \fBMaxJobs \fInumber\fR
319 Specifies the maximum number of simultaneous jobs that are allowed.
320 Set to "0" to allow an unlimited number of jobs.
321 The default is "500".
322 .\"#MaxJobsPerPrinter
324 \fBMaxJobsPerPrinter \fInumber\fR
325 Specifies the maximum number of simultaneous jobs that are allowed per printer.
326 The default is "0" which allows up to MaxJobs jobs per printer.
329 \fBMaxJobsPerUser \fInumber\fR
330 Specifies the maximum number of simultaneous jobs that are allowed per user.
331 The default is "0" which allows up to MaxJobs jobs per user.
334 \fBMaxJobTime \fIseconds\fR
335 Specifies the maximum time a job may take to print before it is canceled.
336 Set to "0" to disable cancellation of "stuck" jobs.
337 The default is "10800" (3 hours).
340 \fBMaxLogSize \fIsize\fR
341 Specifies the maximum size of the log files before they are rotated.
342 The value "0" disables log rotation.
343 The default is "1048576" (1MB).
344 .\"#MultipleOperationTimeout
346 \fBMultipleOperationTimeout \fIseconds\fR
347 Specifies the maximum amount of time to allow between files in a multiple file print job.
348 The default is "900" (15 minutes).
351 \fB<Policy \fIname\fB> \fR... \fB</Policy>\fR
352 Specifies access control for the named policy.
356 Listens to the specified port number for connections.
359 \fBPreserveJobFiles Yes\fR
361 \fBPreserveJobFiles No\fR
363 \fBPreserveJobFiles \fIseconds\fR
364 Specifies whether job files (documents) are preserved after a job is printed.
365 If a numeric value is specified, job files are preserved for the indicated number of seconds after printing.
366 The default is "86400" (preserve 1 day).
367 .\"#PreserveJobHistory
369 \fBPreserveJobHistory Yes\fR
371 \fBPreserveJobHistory No\fR
373 \fBPreserveJobHistory \fIseconds\fR
374 Specifies whether the job history is preserved after a job is printed.
375 If a numeric value is specified, the job history is preserved for the indicated number of seconds after printing.
376 If "Yes", the job history is preserved until the MaxJobs limit is reached.
377 The default is "Yes".
380 \fBReloadTimeout \fIseconds\fR
381 Specifies the amount of time to wait for job completion before restarting the scheduler.
385 \fBServerAdmin \fIemail-address\fR
386 Specifies the email address of the server administrator.
387 The default value is "root@ServerName".
390 \fBServerAlias \fIhostname \fR[ ... \fIhostname \fR]
393 The ServerAlias directive is used for HTTP Host header validation when clients connect to the scheduler from external interfaces.
394 Using the special name "*" can expose your system to known browser-based DNS rebinding attacks, even when accessing sites through a firewall.
395 If the auto-discovery of alternate names does not work, we recommend listing each alternate name with a ServerAlias directive instead of using "*".
398 \fBServerName \fIhostname\fR
399 Specifies the fully-qualified hostname of the server.
400 The default is the value reported by the
405 \fBServerTokens None\fR
407 \fBServerTokens ProductOnly\fR
409 \fBServerTokens Major\fR
411 \fBServerTokens Minor\fR
413 \fBServerTokens Minimal\fR
415 \fBServerTokens OS\fR
417 \fBServerTokens Full\fR
418 Specifies what information is included in the Server header of HTTP responses.
419 "None" disables the Server header.
420 "ProductOnly" reports "CUPS".
421 "Major" reports "CUPS/major IPP/2".
422 "Minor" reports "CUPS/major.minor IPP/2.1".
423 "Minimal" reports "CUPS/major.minor.patch IPP/2.1".
424 "OS" reports "CUPS/major.minor.path (osname osversion) IPP/2.1".
425 "Full" reports "CUPS/major.minor.path (osname osversion; architecture) IPP/2.1".
426 The default is "Minimal".
429 \fBSSLListen \fIipv4-address\fB:\fIport\fR
431 \fBSSLListen [\fIipv6-address\fB]:\fIport\fR
433 \fBSSLListen *:\fIport\fR
434 Listens on the specified address and port for encrypted connections.
438 \fBSSLOptions \fR[\fIAllowDH\fR] [\fIAllowRC4\fR] [\fIAllowSSL3\fR] [\fIDenyCBC\fR] [\fIDenyTLS1.0\fR] [\fIMaxTLS1.0\fR] [\fIMaxTLS1.1\fR] [\fIMaxTLS1.2\fR] [\fIMaxTLS1.3\fR] [\fIMinTLS1.0\fR] [\fIMinTLS1.1\fR] [\fIMinTLS1.2\fR] [\fIMinTLS1.3\fR]
440 \fBSSLOptions None\fR
441 Sets encryption options (only in /etc/cups/client.conf).
442 By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
443 Security is reduced when \fIAllow\fR options are used.
444 Security is enhanced when \fIDeny\fR options are used.
445 The \fIAllowDH\fR option enables cipher suites using plain Diffie-Hellman key negotiation (not supported on systems using GNU TLS).
446 The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are required for some older clients.
447 The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
448 The \fIDenyCBC\fR option disables all CBC cipher suites.
449 The \fIDenyTLS1.0\fR option disables TLS v1.0 support - this sets the minimum protocol version to TLS v1.1.
450 The \fIMinTLS\fR options set the minimum TLS version to support.
451 The \fIMaxTLS\fR options set the maximum TLS version to support.
452 Not all operating systems support TLS 1.3 at this time.
455 \fBSSLPort \fIport\fR
456 Listens on the specified port for encrypted connections.
457 .\"#StrictConformance
459 \fBStrictConformance Yes\fR
461 \fBStrictConformance No\fR
462 Specifies whether the scheduler requires clients to strictly adhere to the IPP specifications.
466 \fBTimeout \fIseconds\fR
467 Specifies the HTTP request timeout.
468 The default is "900" (15 minutes).
471 \fBWebInterface yes\fR
473 \fBWebInterface no\fR
474 Specifies whether the web interface is enabled.
476 .SS HTTP METHOD NAMES
477 The following HTTP methods are supported by
481 Used by a client to download icons and other printer resources and to access the CUPS web interface.
484 Used by a client to get the type, size, and modification date of resources.
487 Used by a client to establish a secure (SSL/TLS) connection.
490 Used by a client to submit IPP requests and HTML forms from the CUPS web interface.
493 Used by a client to upload configuration files.
494 .SS IPP OPERATION NAMES
495 The following IPP operations are supported by
499 Allows a printer to accept new jobs.
501 CUPS\-Add\-Modify\-Class
502 Adds or modifies a printer class.
504 CUPS\-Add\-Modify\-Printer
505 Adds or modifies a printer.
507 CUPS\-Authenticate\-Job
508 Releases a job that is held for authentication.
511 Deletes a printer class.
513 CUPS\-Delete\-Printer
517 Gets a list of printer classes.
520 Gets the server default printer or printer class.
523 Gets a list of devices that are currently available.
526 Gets a document file for a job.
532 Gets a list of installed PPD files.
535 Gets a list of printers.
541 Prevents a printer from accepting new jobs.
544 Sets the server default printer or printer class.
550 Cancels one or more jobs.
553 Cancels one or more jobs creates by a user.
556 Cancels a subscription.
559 Closes a job that is waiting for more documents.
562 Creates a new job with no documents.
564 Create\-Job\-Subscriptions
565 Creates a subscription for job events.
567 Create\-Printer\-Subscriptions
568 Creates a subscription for printer events.
571 Gets information about a job.
577 Gets a list of event notifications for a subscription.
579 Get\-Printer\-Attributes
580 Gets information about a printer or printer class.
582 Get\-Subscription\-Attributes
583 Gets information about a subscription.
586 Gets a list of subscriptions.
589 Holds a job from printing.
592 Holds all new jobs from printing.
595 Stops processing of jobs by a printer or printer class.
597 Pause\-Printer\-After\-Current\-Job
598 Stops processing of jobs by a printer or printer class after the current job is finished.
601 Creates a new job with a single document.
604 Cancels one or more jobs and deletes the job history.
606 Release\-Held\-New\-Jobs
607 Allows previously held jobs to print.
610 Allows a job to print.
613 Renews a subscription.
616 Reprints a job, if possible.
619 Adds a document to a job.
622 Changes job information.
624 Set\-Printer\-Attributes
625 Changes printer or printer class information.
628 Validates options for a new job.
630 The following paths are commonly used when configuring
634 The path for all get operations (get-printers, get-jobs, etc.)
637 The path for all administration operations (add-printer, delete-printer, start-printer, etc.)
640 The path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
643 The path for access to the CUPS log files (access_log, error_log, page_log)
646 The path for all printer classes
649 The resource for the named printer class
652 The path for all jobs (hold-job, release-job, etc.)
655 The path for the specified job
658 The path for all printers
661 The path for the named printer
664 The icon file path for the named printer
667 The PPD file path for the named printer
668 .SS DIRECTIVES VALID WITHIN LOCATION AND LIMIT SECTIONS
669 The following directives may be placed inside Location and Limit sections in the \fBcupsd.conf\fR file:
675 \fBAllow \fIhost.domain.com\fR
677 \fBAllow *.\fIdomain.com\fR
679 \fBAllow \fIipv4-address\fR
681 \fBAllow \fIipv4-address\fB/\fInetmask\fR
683 \fBAllow \fIipv4-address\fB/\fImm\fR
685 \fBAllow [\fIipv6-address\fB]\fR
687 \fBAllow [\fIipv6-address\fB]/\fImm\fR
689 \fBAllow @IF(\fIname\fB)\fR
692 Allows access from the named hosts, domains, addresses, or interfaces.
693 The @IF(name) form uses the current subnets configured for the named interface.
694 The @LOCAL form uses the current subnets configured for all interfaces that are not point-to-point, for example Ethernet and Wi-Fi interfaces are used but DSL and VPN interfaces are not.
695 The Order directive controls whether Allow lines are evaluated before or after Deny lines.
701 \fBAuthType Default\fR
703 \fBAuthType Negotiate\fR
704 Specifies the type of authentication required.
705 The value "Default" corresponds to the DefaultAuthType value.
711 \fBDeny \fIhost.domain.com\fR
713 \fBDeny *.\fIdomain.com\fR
715 \fBDeny \fIipv4-address\fR
717 \fBDeny \fIipv4-address\fB/\fInetmask\fR
719 \fBDeny \fIipv4-address\fB/\fImm\fR
721 \fBDeny [\fIipv6-address\fB]\fR
723 \fBDeny [\fIipv6-address\fB]/\fImm\fR
725 \fBDeny @IF(\fIname\fB)\fR
728 Denies access from the named hosts, domains, addresses, or interfaces.
729 The @IF(name) form uses the current subnets configured for the named interface.
730 The @LOCAL form uses the current subnets configured for all interfaces that are not point-to-point, for example Ethernet and Wi-Fi interfaces are used but DSL and VPN interfaces are not.
731 The Order directive controls whether Deny lines are evaluated before or after Allow lines.
733 \fBEncryption IfRequested\fR
735 \fBEncryption Never\fR
737 \fBEncryption Required\fR
738 Specifies the level of encryption that is required for a particular location.
739 The default value is "IfRequested".
741 \fBOrder allow,deny\fR
742 Specifies that access is denied by default. Allow lines are then processed followed by Deny lines to determine whether a client may access a particular resource.
744 \fBOrder deny,allow\fR
745 Specifies that access is allowed by default. Deny lines are then processed followed by Allow lines to determine whether a client may access a particular resource.
747 \fBRequire group \fIgroup-name \fR[ \fIgroup-name \fR... ]
748 Specifies that an authenticated user must be a member of one of the named groups.
750 \fBRequire user {\fIuser-name\fR|\fB@\fIgroup-name\fR} ...
751 Specifies that an authenticated user must match one of the named users or be a member of one of the named groups.
752 The group name "@SYSTEM" corresponds to the list of groups defined by the SystemGroup directive in the
753 .BR cups-files.conf (5)
755 The group name "@OWNER" corresponds to the owner of the resource, for example the person that submitted a print job.
756 Note: The 'root' user is not special and must be granted privileges like any other user account.
758 \fBRequire valid-user\fR
759 Specifies that any authenticated user is acceptable.
762 Specifies that all Allow, AuthType, Deny, Order, and Require conditions must be satisfied to allow access.
765 Specifies that any a client may access a resource if either the authentication (AuthType/Require) or address (Allow/Deny/Order) conditions are satisfied.
766 For example, this can be used to require authentication only for remote accesses.
767 .SS DIRECTIVES VALID WITHIN POLICY SECTIONS
768 The following directives may be placed inside Policy sections in the \fBcupsd.conf\fR file:
770 \fBJobPrivateAccess all\fR
772 \fBJobPrivateAccess default\fR
774 \fBJobPrivateAccess \fR{\fIuser\fR|\fB@\fIgroup\fR|\fB@ACL\fR|\fB@OWNER\fR|\fB@SYSTEM\fR} ...
775 Specifies an access list for a job's private values.
776 The "default" access list is "@OWNER @SYSTEM".
777 "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
778 "@OWNER" maps to the job's owner.
779 "@SYSTEM" maps to the groups listed for the SystemGroup directive in the
780 .BR cups-files.conf (5)
783 \fBJobPrivateValues all\fR
785 \fBJobPrivateValues default\fR
787 \fBJobPrivateValues none\fR
789 \fBJobPrivateValues \fIattribute-name \fR[ ... \fIattribute-name \fR]
790 Specifies the list of job values to make private.
791 The "default" values are "job-name", "job-originating-host-name", "job-originating-user-name", and "phone".
793 \fBSubscriptionPrivateAccess all\fR
795 \fBSubscriptionPrivateAccess default\fR
797 \fBSubscriptionPrivateAccess \fR{\fIuser\fR|\fB@\fIgroup\fR|\fB@ACL\fR|\fB@OWNER\fR|\fB@SYSTEM\fR} ...
798 Specifies an access list for a subscription's private values.
799 The "default" access list is "@OWNER @SYSTEM".
800 "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
801 "@OWNER" maps to the job's owner.
802 "@SYSTEM" maps to the groups listed for the SystemGroup directive in the
803 .BR cups-files.conf (5)
806 \fBSubscriptionPrivateValues all\fR
808 \fBSubscriptionPrivateValues default\fR
810 \fBSubscriptionPrivateValues none\fR
812 \fBSubscriptionPrivateValues \fIattribute-name \fR[ ... \fIattribute-name \fR]
813 Specifies the list of subscription values to make private.
814 The "default" values are "notify-events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and "notify-user-data".
815 .SS DEPRECATED DIRECTIVES
816 The following directives are deprecated and will be removed in a future release of CUPS:
819 \fBClassification \fIbanner\fR
821 Specifies the security classification of the server.
822 Any valid banner name can be used, including "classified", "confidential", "secret", "topsecret", and "unclassified", or the banner can be omitted to disable secure printing functions.
823 The default is no classification banner.
826 \fBClassifyOverride Yes\fR
828 \fBClassifyOverride No\fR
830 Specifies whether users may override the classification (cover page) of individual print jobs using the "job-sheets" option.
834 \fBPageLogFormat \fIformat-string\fR
835 Specifies the format of PageLog lines.
836 Sequences beginning with percent (%) characters are replaced with the corresponding information, while all other characters are copied literally.
837 The following percent sequences are recognized:
840 "%%" inserts a single percent character.
841 "%{name}" inserts the value of the specified IPP attribute.
842 "%C" inserts the number of copies for the current page.
843 "%P" inserts the current page number.
844 "%T" inserts the current date and time in common log format.
845 "%j" inserts the job ID.
846 "%p" inserts the printer name.
847 "%u" inserts the username.
850 The default is the empty string, which disables page logging.
851 The string "%p %u %j %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}" creates a page log with the standard items.
852 Use "%{job-impressions-completed}" to insert the number of pages (sides) that were printed, or "%{job-media-sheets-completed}" to insert the number of sheets that were printed.
855 \fBRIPCache \fIsize\fR
856 Specifies the maximum amount of memory to use when converting documents into bitmaps for a printer.
857 The default is "128m".
859 File, directory, and user configuration directives that used to be allowed in the \fBcupsd.conf\fR file are now stored in the
860 .BR cups-files.conf (5)
861 file instead in order to prevent certain types of privilege escalation attacks.
863 The scheduler MUST be restarted manually after making changes to the \fBcupsd.conf\fR file.
864 On Linux this is typically done using the
866 command, while on macOS the
868 command is used instead.
870 The @LOCAL macro name can be confusing since the system running
872 often belongs to a different set of subnets from its clients.
874 The \fBcupsd.conf\fR file format is based on the Apache HTTP Server configuration file format.
876 Log everything with a maximum log file size of 32 megabytes:
884 Require authentication for accesses from outside the 10. network:
896 .BR classes.conf (5),
897 .BR cups-files.conf (5),
901 .BR printers.conf (5),
902 .BR subscriptions.conf (5),
903 CUPS Online Help (http://localhost:631/help)
905 Copyright \[co] 2007-2019 by Apple Inc.