X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=man%2Fcupsd.conf.man.in;h=40fe9bdc1b1512d08ddc8f45927b1b83f8ed880e;hb=2909c66c504b0e527d6b032486ecfa8faffd3d07;hp=06f3ccdaf9f592be534519f16452cc219fcd0d60;hpb=b19ccc9e271691cc71a08e9968c58f464ebeade5;p=thirdparty%2Fcups.git
diff --git a/man/cupsd.conf.man.in b/man/cupsd.conf.man.in
index 06f3ccdaf..40fe9bdc1 100644
--- a/man/cupsd.conf.man.in
+++ b/man/cupsd.conf.man.in
@@ -1,92 +1,42 @@
.\"
-.\" "$Id: cupsd.conf.man.in 7935 2008-09-11 01:54:11Z mike $"
+.\" "$Id$"
.\"
-.\" cupsd.conf man page for the Common UNIX Printing System (CUPS).
+.\" cupsd.conf man page for CUPS.
.\"
-.\" Copyright 2007-2008 by Apple Inc.
-.\" Copyright 1997-2006 by Easy Software Products.
+.\" Copyright 2007-2014 by Apple Inc.
+.\" Copyright 1997-2006 by Easy Software Products.
.\"
-.\" These coded instructions, statements, and computer programs are the
-.\" property of Apple Inc. and are protected by Federal copyright
-.\" law. Distribution and use rights are outlined in the file "LICENSE.txt"
-.\" which should have been included with this file. If this file is
-.\" file is missing or damaged, see the license at "http://www.cups.org/".
+.\" These coded instructions, statements, and computer programs are the
+.\" property of Apple Inc. and are protected by Federal copyright
+.\" law. Distribution and use rights are outlined in the file "LICENSE.txt"
+.\" which should have been included with this file. If this file is
+.\" file is missing or damaged, see the license at "http://www.cups.org/".
.\"
-.TH cupsd.conf 5 "Common UNIX Printing System" "8 September 2008" "Apple Inc."
+.TH cupsd.conf 5 "CUPS" "28 March 2014" "Apple Inc."
.SH NAME
cupsd.conf \- server configuration file for cups
.SH DESCRIPTION
-The \fIcupsd.conf\fR file configures the CUPS scheduler, \fIcupsd(8)\fR. It
-is normally located in the \fI@CUPS_SERVERROOT@\fR directory.
+The
+.I cupsd.conf
+file configures the CUPS scheduler,
+.BR cupsd (8).
+It is normally located in the
+.I /etc/cups
+directory. \fBNote:\fR File, directory, and user configuration directives that used to be allowed in the \fIcupsd.conf\fR file are now stored in the \fIcups-files.conf(5)\fR instead in order to prevent certain types of privilege escalation attacks.
.LP
-Each line in the file can be a configuration directive, a blank line,
-or a comment. Comment lines start with the # character. The
-configuration directives are intentionally similar to those used by the
-popular Apache web server software and are described below.
-.SH DIRECTIVES
-The following directives are understood by \fIcupsd(8)\fR. Consult the
-on-line help for detailed descriptions:
-.TP 5
-AccessLog filename
-.TP 5
-AccessLog syslog
-.br
-Defines the access log filename.
+Each line in the file can be a configuration directive, a blank line, or a comment. Comment lines start with the # character. The configuration directives are intentionally similar to those used by the popular Apache web server software and are described below.
+.SH TOP-LEVEL DIRECTIVES
+The following directives are understood by
+.B cupsd (8).
+Consult the online help (http://localhost:631/help) for detailed descriptions:
.TP 5
AccessLogLevel config
.TP 5
AccessLogLevel actions
.TP 5
AccessLogLevel all
-.br
Specifies the logging level for the AccessLog file.
.TP 5
-Allow all
-.TP 5
-Allow none
-.TP 5
-Allow host.domain.com
-.TP 5
-Allow *.domain.com
-.TP 5
-Allow ip-address
-.TP 5
-Allow ip-address/netmask
-.TP 5
-Allow ip-address/mm
-.TP 5
-Allow @IF(name)
-.TP 5
-Allow @LOCAL
-.br
-Allows access from the named hosts or addresses.
-.TP 5
-AuthClass User
-.TP 5
-AuthClass Group
-.TP 5
-AuthClass System
-.br
-Specifies the authentication class (User, Group, System) -
-\fBthis directive is deprecated\fR.
-.TP 5
-AuthGroupName group-name
-.br
-Specifies the authentication group - \fBthis directive is
-deprecated\fR.
-.TP 5
-AuthType None
-.TP 5
-AuthType Basic
-.TP 5
-AuthType BasicDigest
-.TP 5
-AuthType Digest
-.TP 5
-AuthType Negotiate
-.br
-Specifies the authentication type (None, Basic, BasicDigest, Digest, Negotiate)
-.TP 5
AutoPurgeJobs Yes
.TP 5
AutoPurgeJobs No
@@ -94,121 +44,12 @@ AutoPurgeJobs No
Specifies whether to purge job history data automatically when
it is no longer required for quotas.
.TP 5
-BrowseAddress ip-address
-.TP 5
-BrowseAddress @IF(name)
-.TP 5
-BrowseAddress @LOCAL
-.br
-Specifies a broadcast address for outgoing printer information packets.
-.TP 5
-BrowseAllow all
-.TP 5
-BrowseAllow none
-.TP 5
-BrowseAllow host.domain.com
-.TP 5
-BrowseAllow *.domain.com
-.TP 5
-BrowseAllow ip-address
-.TP 5
-BrowseAllow ip-address/netmask
-.TP 5
-BrowseAllow ip-address/mm
-.TP 5
-BrowseAllow @IF(name)
-.TP 5
-BrowseAllow @LOCAL
-.br
-Allows incoming printer information packets from the named host or address.
-.TP 5
-BrowseDeny all
-.TP 5
-BrowseDeny none
-.TP 5
-BrowseDeny host.domain.com
-.TP 5
-BrowseDeny *.domain.com
-.TP 5
-BrowseDeny ip-address
-.TP 5
-BrowseDeny ip-address/netmask
-.TP 5
-BrowseDeny ip-address/mm
-.TP 5
-BrowseDeny @IF(name)
-.TP 5
-BrowseDeny @LOCAL
-.br
-Denies incoming printer information packets from the named host or address.
-.TP 5
-BrowseInterval seconds
-.br
-Specifies the maximum interval between printer information broadcasts.
-.TP 5
-BrowseLDAPBindDN
-.br
-Specifies the LDAP domain name to use when registering printers.
-.TP 5
-BrowseLDAPCACertFile
-.br
-Specifies the SSL certificate authority file to use.
-.TP 5
-BrowseLDAPDN
-.br
-Specifies the LDAP domain name to use when discovering printers.
-.TP 5
-BrowseLDAPPassword
-.br
-Specifies the password to use when accessing the LDAP server.
-.TP 5
-BrowseLDAPServer
-.br
-Specifies the LDAP server to use.
-.TP 5
-BrowseOrder allow,deny
-.TP 5
-BrowseOrder deny,allow
-.br
-Specifies the order of printer information access control (allow,deny or deny,allow)
-.TP 5
-BrowsePoll host-or-ip-address
-.br
-Specifies a server to poll for printer information.
-.TP 5
-BrowsePort port
-.br
-Specifies the port to listen to for printer information packets.
-.TP 5
-BrowseProtocols [All] [CUPS] [DNSSD] [LDAP] [SLP]
-.br
-Specifies the protocols to use for printer browsing.
-.TP 5
-BrowseLocalProtocols [All] [CUPS] [DNSSD] [LDAP] [SLP]
-.br
-Specifies the protocols to use for local printer browsing.
-.TP 5
-BrowseRemoteProtocols [All] [CUPS] [DNSSD] [LDAP] [SLP]
-.br
-Specifies the protocols to use for remote printer browsing.
-.TP 5
-BrowseRelay from-address to-address
-.br
-Specifies that printer information packets should be relayed from one host or
-network to another.
-.TP 5
-BrowseShortNames Yes
-.TP 5
-BrowseShortNames No
-.br
-Specifies whether remote printers will use short names ("printer") or not
-("printer@server"). This option is ignored if more than one remote printer
-exists with the same name.
-.TP 5
-BrowseTimeout seconds
-.br
-Specifies the maximum interval between printer information updates before
-remote printers will be removed from the list of available printers.
+BrowseLocalProtocols [
+.I All
+] [
+.I DNSSD
+]
+Specifies the protocols to use for local printer sharing.
.TP 5
BrowseWebIF Yes
.TP 5
@@ -220,7 +61,7 @@ Browsing Yes
.TP 5
Browsing No
.br
-Specifies whether or not remote printer browsing should be enabled.
+Specifies whether or not shared printers should be advertised.
.TP 5
Classification banner
.br
@@ -233,31 +74,20 @@ ClassifyOverride No
Specifies whether to allow users to override the classification
of individual print jobs.
.TP 5
-ConfigFilePerm mode
-.br
-Specifies the permissions for all configuration files that the scheduler
-writes.
-.TP 5
-DataDir path
-.br
-Specified the directory where data files can be found.
-.TP 5
DefaultAuthType Basic
.TP 5
-DefaultAuthType BasicDigest
-.TP 5
-DefaultAuthType Digest
-.TP 5
DefaultAuthType Negotiate
.br
Specifies the default type of authentication to use.
.TP 5
-DefaultCharset charset
-.br
-Specifies the default character set to use for text.
+DefaultEncryption Never
+.TP 5
+DefaultEncryption IfRequested
+.TP 5
+DefaultEncryption Required
+Specifies the type of encryption to use for authenticated requests.
.TP 5
DefaultLanguage locale
-.br
Specifies the default language to use for text and web content.
.TP 5
DefaultPaperSize Auto
@@ -265,160 +95,70 @@ DefaultPaperSize Auto
DefaultPaperSize None
.TP 5
DefaultPaperSize sizename
-.br
Specifies the default paper size for new print queues. "Auto" uses a locale-
specific default, while "None" specifies there is no default paper size.
.TP 5
DefaultPolicy policy-name
-.br
Specifies the default access policy to use.
.TP 5
DefaultShared Yes
.TP 5
DefaultShared No
-.br
Specifies whether local printers are shared by default.
.TP 5
-Deny all
-.TP 5
-Deny none
-.TP 5
-Deny host.domain.com
-.TP 5
-Deny *.domain.com
-.TP 5
-Deny ip-address
-.TP 5
-Deny ip-address/netmask
-.TP 5
-Deny ip-address/mm
-.TP 5
-Deny @IF(name)
-.TP 5
-Deny @LOCAL
-.br
-Denies access to the named host or address.
-.TP 5
-DocumentRoot directory
-.br
-Specifies the root directory for the internal web server documents.
-.TP 5
-Encryption IfRequested
-.TP 5
-Encryption Never
-.TP 5
-Encryption Required
-.br
-Specifies the level of encryption that is required for a particular
-location.
-.TP 5
-ErrorLog filename
-.TP 5
-ErrorLog syslog
-.br
-Specifies the error log filename.
-.TP 5
-FatalErrors none
-.TP 5
-FatalErrors all -kind [... -kind]
-.TP 5
-FatalErrors kind [... kind]
-.br
-Specifies which errors are fatal, causing the scheduler to exit. "Kind" is
-"browse", "config", "listen", "log", or "permissions".
-.TP 5
-FileDevice Yes
-.TP 5
-FileDevice No
-.br
-Specifies whether the file pseudo-device can be used for new
-printer queues.
+DirtyCleanInterval seconds
+Specifies the delay for updating of configuration and state files. A value of 0
+causes the update to happen as soon as possible, typically within a few
+milliseconds.
.TP 5
FilterLimit limit
-.br
Specifies the maximum cost of filters that are run concurrently.
.TP 5
FilterNice nice-value
-.br
Specifies the scheduling priority ("nice" value) of filters that
are run to print a job.
.TP 5
-FontPath directory[:directory:...]
-.br
-Specifies the search path for fonts.
-.TP 5
-Group group-name-or-number
-.br
-Specifies the group name or ID that will be used when executing
-external programs.
-.TP 5
-HideImplicitMembers Yes
-.TP 5
-HideImplicitMembers No
-.br
-Specifies whether to hide members of implicit classes.
+GSSServiceName name
+Specifies the service name when using Kerberos authentication. The default
+service name is "http".
.TP 5
HostNameLookups On
.TP 5
HostNameLookups Off
.TP 5
HostNameLookups Double
-.br
Specifies whether or not to do reverse lookups on client addresses.
.TP 5
-ImplicitAnyClasses Yes
-.TP 5
-ImplicitAnyClasses No
-.br
-Specifies whether or not to create implicit classes for local and
-remote printers, e.g. "AnyPrinter" from "Printer", "Printer@server1",
-and "Printer@server2".
-.TP 5
-ImplicitClasses Yes
-.TP 5
-ImplicitClasses No
-.br
-Specifies whether or not to create implicit classes from identical
-remote printers.
-.TP 5
Include filename
-.br
Includes the named file.
.TP 5
+JobKillDelay seconds
+Specifies the number of seconds to wait before killing the filters and backend
+associated with a canceled or held job.
+.TP 5
JobRetryInterval seconds
-.br
Specifies the interval between retries of jobs in seconds.
.TP 5
JobRetryLimit count
-.br
Specifies the number of retries that are done for jobs.
.TP 5
KeepAlive Yes
.TP 5
KeepAlive No
-.br
Specifies whether to support HTTP keep-alive connections.
.TP 5
KeepAliveTimeout seconds
-.br
Specifies the amount of time that connections are kept alive.
.TP 5
-Krb5Keytab filename
-.br
-Overrides the Kerberos key tab location.
-.TP 5
...
-.br
Specifies the IPP operations that are being limited inside a policy.
.TP 5
...
.TP 5
...
-.br
Specifies the HTTP methods that are being limited inside a location.
.TP 5
LimitRequestBody
-.br
Specifies the maximum size of any print job request.
.TP 5
Listen ip-address:port
@@ -426,16 +166,14 @@ Listen ip-address:port
Listen *:port
.TP 5
Listen /path/to/domain/socket
-.br
Listens to the specified address and port or domain socket path.
.TP 5
...
-.br
Specifies access control for the named location.
.TP 5
-LogFilePerm mode
-.br
-Specifies the permissions for all log files that the scheduler writes.
+LogDebugHistory #-messages
+Specifies the number of debugging messages that are logged when an error
+occurs in a print job.
.TP 5
LogLevel alert
.TP 5
@@ -456,167 +194,108 @@ LogLevel none
LogLevel notice
.TP 5
LogLevel warn
-.br
Specifies the logging level for the ErrorLog file.
.TP 5
+LogTimeFormat standard
+.TP 5
+LogTimeFormat usecs
+Specifies the format of the date and time in the log files.
+.TP 5
MaxClients number
-.br
Specifies the maximum number of simultaneous clients to support.
.TP 5
MaxClientsPerHost number
-.br
Specifies the maximum number of simultaneous clients to support from a
single address.
.TP 5
MaxCopies number
-.br
Specifies the maximum number of copies that a user can print of each job.
.TP 5
+MaxHoldTime seconds
+Specifies the maximum time a job may remain in the "indefinite" hold state
+before it is canceled. Set to 0 to disable cancellation of held jobs.
+.TP 5
MaxJobs number
-.br
Specifies the maximum number of simultaneous jobs to support.
.TP 5
MaxJobsPerPrinter number
-.br
Specifies the maximum number of simultaneous jobs per printer to support.
.TP 5
MaxJobsPerUser number
-.br
Specifies the maximum number of simultaneous jobs per user to support.
.TP 5
+MaxJobTime seconds
+Specifies the maximum time a job may take to print before it is canceled. The
+default is 10800 seconds (3 hours). Set to 0 to disable cancellation of "stuck"
+jobs.
+.TP 5
MaxLogSize number-bytes
-.br
Specifies the maximum size of the log files before they are
rotated (0 to disable rotation)
.TP 5
MaxRequestSize number-bytes
-.br
Specifies the maximum request/file size in bytes (0 for no limit)
.TP 5
-Order allow,deny
-.TP 5
-Order deny,allow
-.br
-Specifies the order of HTTP access control (allow,deny or deny,allow)
-.TP 5
-PageLog filename
-.TP 5
-PageLog syslog
-.br
-Specifies the page log filename.
+MultipleOperationTimeout seconds
+Specifies the maximum amount of time to allow between files in a multiple file
+print job.
.TP 5
PageLogFormat format string
-.br
Specifies the format of page log lines.
.TP 5
PassEnv variable [... variable]
-.br
Passes the specified environment variable(s) to child processes.
.TP 5
...
-.br
Specifies access control for the named policy.
.TP 5
Port number
-.br
Specifies a port number to listen to for HTTP requests.
.TP 5
PreserveJobFiles Yes
.TP 5
PreserveJobFiles No
-.br
Specifies whether or not to preserve job files after they are printed.
.TP 5
PreserveJobHistory Yes
.TP 5
PreserveJobHistory No
-.br
Specifies whether or not to preserve the job history after they are
printed.
.TP 5
-Printcap
-.TP 5
-Printcap filename
-.br
-Specifies the filename for a printcap file that is updated
-automatically with a list of available printers (needed for
-legacy applications); specifying Printcap with no filename
-disables printcap generation.
-.TP 5
PrintcapFormat bsd
.TP 5
+PrintcapFormat plist
+.TP 5
PrintcapFormat solaris
-.br
Specifies the format of the printcap file.
.TP 5
-PrintcapGUI
-.TP 5
-PrintcapGUI gui-program-filename
-.br
-Specifies whether to generate option panel definition files on
-some operating systems. When provided with no program filename,
-disables option panel definition files.
-.TP 5
ReloadTimeout seconds
-.br
Specifies the amount of time to wait for job completion before
restarting the scheduler.
.TP 5
-RemoteRoot user-name
-.br
-Specifies the username that is associated with unauthenticated root
-accesses.
-.TP 5
-RequestRoot directory
-.br
-Specifies the directory to store print jobs and other HTTP request
-data.
-.TP 5
-Require group group-name-list
-.TP 5
-Require user user-name-list
-.TP 5
-Require valid-user
-.br
-Specifies that user or group authentication is required.
-.TP 5
RIPCache bytes
-.br
Specifies the maximum amount of memory to use when converting images
and PostScript files to bitmaps for a printer.
.TP 5
Satisfy all
.TP 5
Satisfy any
-.br
Specifies whether all or any limits set for a Location must be
satisfied to allow access.
.TP 5
ServerAdmin user@domain.com
-.br
Specifies the email address of the server administrator.
.TP 5
-ServerBin directory
-.br
-Specifies the directory where backends, CGIs, daemons, and filters may
-be found.
-.TP 5
-ServerCertificate filename
-.br
-Specifies the encryption certificate to use.
+ServerAlias hostname [... hostname]
.TP 5
-ServerKey filename
-.br
-Specifies the encryption key to use.
+ServerAlias *
+Specifies an alternate name that the server is known by. The special name "*"
+allows any name to be used.
.TP 5
ServerName hostname-or-ip-address
-.br
Specifies the fully-qualified hostname of the server.
.TP 5
-ServerRoot directory
-.br
-Specifies the directory where the server configuration files can be found.
-.TP 5
ServerTokens Full
.TP 5
ServerTokens Major
@@ -630,51 +309,141 @@ ServerTokens None
ServerTokens OS
.TP 5
ServerTokens ProductOnly
-.br
Specifies what information is included in the Server header of HTTP
responses.
.TP 5
SetEnv variable value
-.br
Set the specified environment variable to be passed to child processes.
.TP 5
SSLListen
-.br
Listens on the specified address and port for encrypted connections.
.TP 5
-SSLOptions None
-.TP 5
-SSLOptions NoEmptyFragments
-.br
-Sets SSL/TLS protocol options for encrypted connections.
-.TP 5
SSLPort
-.br
Listens on the specified port for encrypted connections.
.TP 5
-SystemGroup group-name [group-name ...]
-.br
-Specifies the group(s) to use for System class authentication.
+StrictConformance Yes
.TP 5
-TempDir directory
-.br
-Specifies the directory where temporary files are stored.
+StrictConformance No
+Specifies whether the scheduler requires clients to strictly adhere to the IPP
+specifications. The default is No.
.TP 5
Timeout seconds
-.br
Specifies the HTTP request timeout in seconds.
.TP 5
-User user-name
-.br
-Specifies the user name or ID that is used when running external programs.
+WebInterface yes
+.TP 5
+WebInterface no
+Specifies whether the web interface is enabled.
+.SH DIRECTIVES VALID WITHIN LOCATION AND LIMIT SECTIONS
+The following directives may be placed inside Location and Limit sections in the \fIcupsd.conf\fR file:
+.TP 5
+Allow all
+.TP 5
+Allow none
+.TP 5
+Allow host.domain.com
+.TP 5
+Allow *.domain.com
+.TP 5
+Allow ip-address
+.TP 5
+Allow ip-address/netmask
+.TP 5
+Allow ip-address/mm
+.TP 5
+Allow @IF(name)
+.TP 5
+Allow @LOCAL
+Allows access from the named hosts or addresses.
+.TP 5
+AuthType None
+.TP 5
+AuthType Basic
+.TP 5
+AuthType Negotiate
+Specifies the authentication type (None, Basic, or Negotiate)
+.TP 5
+Deny all
+.TP 5
+Deny none
+.TP 5
+Deny host.domain.com
+.TP 5
+Deny *.domain.com
+.TP 5
+Deny ip-address
+.TP 5
+Deny ip-address/netmask
+.TP 5
+Deny ip-address/mm
+.TP 5
+Deny @IF(name)
+.TP 5
+Deny @LOCAL
+Denies access to the named host or address.
+.TP 5
+Encryption IfRequested
+.TP 5
+Encryption Never
+.TP 5
+Encryption Required
+Specifies the level of encryption that is required for a particular
+location.
+.TP 5
+Order allow,deny
+.TP 5
+Order deny,allow
+Specifies the order of HTTP access control (allow,deny or deny,allow)
+.TP 5
+Require group group-name-list
+.TP 5
+Require user user-name-list
+.TP 5
+Require valid-user
+Specifies that user or group authentication is required.
+.SH DIRECTIVES VALID WITHIN POLICY SECTIONS
+The following directives may be placed inside Policy sections in the \fIcupsd.conf\fR file:
+.TP 5
+JobPrivateAccess all
+.TP 5
+JobPrivateAccess default
+.TP 5
+JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+Specifies an access list for a job's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
+.TP 5
+JobPrivateValues all
+.TP 5
+JobPrivateValues default
+.TP 5
+JobPrivateValues none
+.TP 5
+JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
+Specifies the list of job values to make private. The "default" values are "job-name", "job-originating-host-name", and "job-originating-user-name".
+.TP 5
+SubscriptionPrivateAccess all
+.TP 5
+SubscriptionPrivateAccess default
+.TP 5
+SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+Specifies an access list for a subscription's private values. The "default"
+access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's
+requesting-user-name-allowed or requesting-user-name-denied values.
+.TP 5
+SubscriptionPrivateValues all
+.TP 5
+SubscriptionPrivateValues default
+.TP 5
+SubscriptionPrivateValues none
+.TP 5
+SubscriptionPrivateValues attribute-name-1 [ ... attribute-name-N ]
+Specifies the list of job values to make private. The "default" values are
+"notify-events", "notify-pull-method", "notify-recipient-uri",
+"notify-subscriber-user-name", and "notify-user-data".
.SH SEE ALSO
-\fIclasses.conf(5)\fR, \fIcupsd(8)\fR, \fImime.convs(5)\fR,
-\fImime.types(5)\fR, \fIprinters.conf(5)\fR,
-\fIsubscriptions.conf(5)\fR,
-.br
+.BR classes.conf (5), cups-files.conf (5), cupsd (8), mime.convs (5), mime.types (5), printers.conf (5), subscriptions.conf (5),
http://localhost:631/help
.SH COPYRIGHT
-Copyright 2007-2008 by Apple Inc.
+Copyright \[co] 2007-2014 by Apple Inc.
.\"
-.\" End of "$Id: cupsd.conf.man.in 7935 2008-09-11 01:54:11Z mike $".
+.\" End of "$Id$".
.\"