2 <!-- SECTION: References -->
4 <TITLE>cupsd.conf
</TITLE>
8 <P>The
<VAR>/etc/cups/cupsd.conf
</VAR> file contains
9 configuration
<I>directives
</I> that control how the server
10 functions. Each directive is listed on a line by itself followed
11 by its value. Comments are introduced using the number sign (
"#")
12 character at the beginning of a line.
</P>
14 <P>Since the server configuration file consists of plain text,
15 you can use your favorite text editor to make changes to it.
16 After making any changes, restart the
<CODE>cupsd(
8)
</CODE>
17 process using the startup script for your operating system:
</P>
23 /etc/init.d/cups restart
28 /sbin/init.d/cups restart
33 /etc/init.d/cups restart
38 /etc/init.d/cups restart
43 /System/Library/StartupItems/PrintingServices/PrintingServices restart
48 /etc/init.d/cups restart
53 <P>You can also edit this file from the CUPS web interface, which
54 automatically handles restarting the scheduler.
</P>
57 <H3 CLASS=
"title"><A NAME=
"AccessLog">AccessLog
</A></H3>
62 AccessLog /var/log/cups/access_log
63 AccessLog /var/log/cups/access_log-%s
69 <P>The
<CODE>AccessLog
</CODE> directive sets the name of the
70 access log file. If the filename is not absolute then it is
71 assumed to be relative to the
<A
72 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
73 access log file is stored in
"common log format" and can be used
74 by any web access reporting tool to generate a report on CUPS
77 <P>The server name can be included in the filename by using
78 <CODE>%s
</CODE> in the name.
</P>
80 <P>The special name
"syslog" can be used to send the access
81 information to the system log instead of a plain file.
</P>
83 <P>The default access log file is
84 <VAR>/var/log/cups/access_log
</VAR>.
</P>
87 <H3 CLASS=
"title"><A NAME=
"Allow">Allow
</A></H3>
94 Allow from *.domain.com
95 Allow from .domain.com
96 Allow from host.domain.com
99 Allow from nnn.nnn.nnn.*
100 Allow from nnn.nnn.nnn.nnn
101 Allow from nnn.nnn.nnn.nnn/mm
102 Allow from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
103 Allow from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
110 <P>The
<CODE>Allow
</CODE> directive specifies a hostname, IP address,
111 or network that is allowed access to the server.
<CODE>Allow
</CODE>
112 directives are cummulative, so multiple
<CODE>Allow
</CODE> directives
113 can be used to allow access for multiple hosts or networks. The
114 <CODE>/mm
</CODE> notation specifies a CIDR netmask:
</P>
116 <DIV CLASS=
"table"><TABLE>
118 <TH WIDTH=
"10%">mm
</TH>
119 <TH WIDTH=
"20%">netmask
</TH>
120 <TH WIDTH=
"10%">mm
</TH>
121 <TH WIDTH=
"20%">netmask
</TH>
124 <TD ALIGN=
"CENTER">0</TD>
125 <TD ALIGN=
"CENTER">0.0.0.0</TD>
126 <TD ALIGN=
"CENTER">8</TD>
127 <TD ALIGN=
"CENTER">255.0.0.0</TD>
130 <TD ALIGN=
"CENTER">1</TD>
131 <TD ALIGN=
"CENTER">128.0.0.0</TD>
132 <TD ALIGN=
"CENTER">16</TD>
133 <TD ALIGN=
"CENTER">255.255.0.0</TD>
136 <TD ALIGN=
"CENTER">2</TD>
137 <TD ALIGN=
"CENTER">192.0.0.0</TD>
138 <TD ALIGN=
"CENTER">24</TD>
139 <TD ALIGN=
"CENTER">255.255.255.0</TD>
142 <TD ALIGN=
"CENTER">...
</TD>
143 <TD ALIGN=
"CENTER">...
</TD>
144 <TD ALIGN=
"CENTER">32</TD>
145 <TD ALIGN=
"CENTER">255.255.255.255</TD>
149 <P>The
<CODE>@LOCAL
</CODE> name will allow access from all local
150 interfaces. The
<CODE>@IF(name)
</CODE> name will allow access
151 from the named interface.
</P>
153 <P>The
<CODE>Allow
</CODE> directive must appear inside a
<A
154 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
157 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthClass">AuthClass
</A></H3>
161 <PRE CLASS=
"command">
170 <P>The
<CODE>AuthClass
</CODE> directive defines what level of
171 authentication is required:
</P>
175 <LI><CODE>Anonymous
</CODE> - No authentication should be
176 performed (default)
</LI>
178 <LI><CODE>User
</CODE> - A valid username and password is
181 <LI><CODE>System
</CODE> - A valid username and password
182 is required, and the username must belong to the
"sys"
183 group; this can be changed using the
<A
184 HREF=
"#SystemGroup"><CODE>SystemGroup
</CODE></A>
187 <LI><CODE>Group
</CODE> - A valid username and password is
188 required, and the username must belong to the group named
190 HREF=
"#AuthGroupName"><CODE>AuthGroupName
</CODE></A>
195 <P>The
<CODE>AuthClass
</CODE> directive must appear inside a
<A
196 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
198 <P><B>This directive is deprecated and will be removed from a
199 future release of CUPS.
</B> Consider using the more flexible
<A
200 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
203 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthGroupName">AuthGroupName
</A></H3>
207 <PRE CLASS=
"command">
208 AuthGroupName mygroup
214 <P>The
<CODE>AuthGroupName
</CODE> directive sets the group to use
215 for
<CODE>Group
</CODE> authentication.
</P>
217 <P>The
<CODE>AuthGroupName
</CODE> directive must appear inside a
218 <A HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
220 <P><B>This directive is deprecated and will be removed from a
221 future release of CUPS.
</B> Consider using the more flexible
<A
222 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
225 <H3 CLASS=
"title"><A NAME=
"AuthType">AuthType
</A></H3>
229 <PRE CLASS=
"command">
238 <P>The
<CODE>AuthType
</CODE> directive defines the type of
239 authentication to perform:
</P>
243 <LI><CODE>None
</CODE> - No authentication should be
244 performed (default)
</LI>
246 <LI><CODE>Basic
</CODE> - Basic authentication should be
247 performed using the UNIX password and group files
</LI>
249 <LI><CODE>Digest
</CODE> - Digest authentication should be
250 performed using the
<VAR>/etc/cups/passwd.md5
</VAR>
253 <LI><CODE>BasicDigest
</CODE> - Basic authentication
254 should be performed using the
255 <VAR>/etc/cups/passwd.md5
</VAR> file
</LI>
259 <P>When using
<CODE>Basic
</CODE>,
<CODE>Digest
</CODE>, or
260 <CODE>BasicDigest
</CODE> authentication, clients connecting
261 through the
<CODE>localhost
</CODE> interface can also
262 authenticate using certificates.
</P>
264 <P>The
<CODE>AuthType
</CODE> directive must appear inside a
<A
265 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
268 <H3 CLASS=
"title"><A NAME=
"AutoPurgeJobs">AutoPurgeJobs
</A></H3>
272 <PRE CLASS=
"command">
279 <P>The
<CODE>AutoPurgeJobs
</CODE> directive specifies whether or
280 not to purge completed jobs once they are no longer required for
281 quotas. This option has no effect if quotas are not enabled. The
282 default setting is
<CODE>No
</CODE>.
</P>
285 <H3 CLASS=
"title"><A NAME=
"BrowseAddress">BrowseAddress
</A></H3>
289 <PRE CLASS=
"command">
290 BrowseAddress
255.255.255.255:
631
291 BrowseAddress
192.0.2.255:
631
292 BrowseAddress host.domain.com:
631
294 BrowseAddress @IF(name)
299 <P>The
<CODE>BrowseAddress
</CODE> directive specifies an address
300 to send browsing information to. Multiple
301 <CODE>BrowseAddress
</CODE> directives can be specified to send
302 browsing information to different networks or systems.
</P>
304 <P>The
<CODE>@LOCAL
</CODE> name will broadcast printer
305 information to all local interfaces. The
<CODE>@IF(name)
</CODE>
306 name will broadcast to the named interface.
</P>
308 <P>There is no default browse address.
</P>
310 <BLOCKQUOTE><B>Note:
</B>
312 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
313 16, or
8 bits, printer browsing (and in fact all broadcast
314 reception) will not work. This problem appears to be fixed in
320 <H3 CLASS=
"title"><A NAME=
"BrowseAllow">BrowseAllow
</A></H3>
324 <PRE CLASS=
"command">
326 BrowseAllow from none
327 BrowseAllow from
192.0.2
328 BrowseAllow from
192.0.2.0/
24
329 BrowseAllow from
192.0.2.0/
255.255.255.0
330 BrowseAllow from *.domain.com
331 BrowseAllow from @LOCAL
332 BrowseAllow from @IF(name)
337 <P>The
<CODE>BrowseAllow
</CODE> directive specifies a system or
338 network to accept browse packets from. The default is to accept
339 browse packets from all hosts.
</P>
341 <P>Host and domain name matching require that you enable the
<A
342 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
345 <P>IP address matching supports exact matches, partial addresses
346 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
347 255.255.255.0, or network addresses using the specified netmask
350 <P>The
<CODE>@LOCAL
</CODE> name will allow browse data from all
351 local interfaces. The
<CODE>@IF(name)
</CODE> name will allow
352 browse data from the named interface.
</P>
355 <H3 CLASS=
"title"><A NAME=
"BrowseDeny">BrowseDeny
</A></H3>
359 <PRE CLASS=
"command">
362 BrowseDeny from
192.0.2
363 BrowseDeny from
192.0.2.0/
24
364 BrowseDeny from
192.0.2.0/
255.255.255.0
365 BrowseDeny from *.domain.com
366 BrowseDeny from @LOCAL
367 BrowseDeny from @IF(name)
372 <P>The
<CODE>BrowseDeny
</CODE> directive specifies a system or
373 network to reject browse packets from. The default is to not deny
374 browse packets from any hosts.
</P>
376 <P>Host and domain name matching require that you enable the
<A
377 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
380 <P>IP address matching supports exact matches, partial addresses
381 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
382 255.255.255.0, or network addresses using the specified netmask
385 <P>The
<CODE>@LOCAL
</CODE> name will block browse data from all
386 local interfaces. The
<CODE>@IF(name)
</CODE> name will block
387 browse data from the named interface.
</P>
390 <H3 CLASS=
"title"><A NAME=
"BrowseOrder">BrowseOrder
</A></H3>
394 <PRE CLASS=
"command">
395 BrowseOrder allow,deny
396 BrowseOrder deny,allow
401 <P>The
<CODE>BrowseOrder
</CODE> directive specifies the order of
402 allow/deny processing. The default order is
403 <CODE>deny,allow
</CODE>:
</P>
407 <LI><CODE>allow,deny
</CODE> - Deny browse packets by
408 default, then check
<CODE>BrowseAllow
</CODE> lines
409 followed by
<CODE>BrowseDeny
</CODE> lines.
</LI>
411 <LI><CODE>deny,allow
</CODE> - Allow browse packets by
412 default, then check
<CODE>BrowseDeny
</CODE> lines
413 followed by
<CODE>BrowseAllow
</CODE> lines.
</LI>
418 <H3 CLASS=
"title"><A NAME=
"BrowseInterval">BrowseInterval
</A></H3>
422 <PRE CLASS=
"command">
429 <P>The
<CODE>BrowseInterval
</CODE> directive specifies the
430 maximum amount of time between browsing updates. Specifying a
431 value of
0 seconds disables outgoing browse updates but allows a
432 server to receive printer information from other hosts.
</P>
434 <P>The
<CODE>BrowseInterval
</CODE> value should always be less
435 than the
<A HREF=
"#BrowseTimeout"><CODE>BrowseTimeout
</CODE></A>
436 value. Otherwise printers and classes will disappear from client
437 systems between updates.
</P>
440 <H3 CLASS=
"title"><A NAME=
"BrowsePoll">BrowsePoll
</A></H3>
444 <PRE CLASS=
"command">
445 BrowsePoll
192.0.2.2:
631
446 BrowsePoll host.domain.com:
631
451 <P>The
<CODE>BrowsePoll
</CODE> directive polls a server for
452 available printers once every
<A
453 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> seconds.
454 Multiple
<CODE>BrowsePoll
</CODE> directives can be specified to
455 poll multiple servers.
</P>
457 <P>If
<CODE>BrowseInterval
</CODE> is set to
0 then the server is
458 polled once every
30 seconds.
</P>
461 <H3 CLASS=
"title"><A NAME=
"BrowsePort">BrowsePort
</A></H3>
465 <PRE CLASS=
"command">
472 <P>The
<CODE>BrowsePort
</CODE> directive specifies the UDP port number
473 used for browse packets. The default port number is
631.
</P>
475 <BLOCKQUOTE><B>Note:
</B>
477 <P>You must set the
<CODE>BrowsePort
</CODE> to the same value
478 on all of the systems that you want to see.
483 <H3 CLASS=
"title"><A NAME=
"BrowseProtocols">BrowseProtocols
</A></H3>
487 <PRE CLASS=
"command">
490 BrowseProtocols CUPS SLP
496 <P>The
<CODE>BrowseProtocols
</CODE> directive specifies the
497 protocols to use when collecting and distributing shared printers
498 on the local network. The default protocol is
<CODE>CUPS
</CODE>,
499 which is a broadcast-based protocol.
</P>
501 <BLOCKQUOTE><B>Note:
</B>
503 <P>When using the
<CODE>SLP
</CODE> protocol, you must have at least
504 one Directory Agent (DA) server on your network. Otherwise the
505 CUPS scheduler (
<CODE>cupsd
</CODE>) will not respond to client
506 requests for several seconds while polling the network.
</P>
511 <H3 CLASS=
"title"><A NAME=
"BrowseRelay">BrowseRelay
</A></H3>
515 <PRE CLASS=
"command">
516 BrowseRelay
193.0.2.1 192.0.2.255
517 BrowseRelay
193.0.2.0/
255.255.255.0 192.0.2.255
518 BrowseRelay
193.0.2.0/
24 192.0.2.255
519 BrowseRelay *.domain.com
192.0.2.255
520 BrowseRelay host.domain.com
192.0.2.255
525 <P>The
<CODE>BrowseRelay
</CODE> directive specifies source and
526 destination addresses for relaying browsing information from one
527 host or network to another. Multiple
<CODE>BrowseRelay
</CODE>
528 directives can be specified as needed.
</P>
530 <P><CODE>BrowseRelay
</CODE> is typically used on systems that
531 bridge multiple subnets using one or more network interfaces. It
532 can also be used to relay printer information from polled servers
535 <PRE CLASS=
"command">
536 BrowseRelay
127.0.0.1 @LOCAL
539 <P>This effectively provides access to printers on a WAN for all
540 clients on the LAN(s).
</P>
543 <H3 CLASS=
"title"><A NAME=
"BrowseShortNames">BrowseShortNames
</A></H3>
547 <PRE CLASS=
"command">
554 <P>The
<CODE>BrowseShortNames
</CODE> directive specifies whether
555 or not short names are used for remote printers when possible.
556 Short names are just the remote printer name, without the server
557 (
"printer"). If more than one remote printer is detected with the
558 same name, the printers will have long names (
"printer@server1",
559 "printer@server2".)
</P>
561 <P>The default value for this option is
<CODE>Yes
</CODE>.
</P>
564 <H3 CLASS=
"title"><A NAME=
"BrowseTimeout">BrowseTimeout
</A></H3>
568 <PRE CLASS=
"command">
575 <P>The
<CODE>BrowseTimeout
</CODE> directive sets the timeout for
576 printer or class information that is received in browse packets.
577 Once a printer or class times out it is removed from the list of
578 available destinations.
</P>
580 <P>The
<CODE>BrowseTimeout
</CODE> value should always be greater
582 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> value.
583 Otherwise printers and classes will disappear from client systems
587 <H3 CLASS=
"title"><A NAME=
"Browsing">Browsing
</A></H3>
591 <PRE CLASS=
"command">
598 <P>The
<CODE>Browsing
</CODE> directive controls whether or not
599 network printer browsing is enabled. The default setting is
602 <P>This directive does not enable sharing of local printers by
603 itself; you must also use the
<A
604 HREF=
"#BrowseAddress"><CODE>BrowseAddress
</CODE></A> or
<A
605 HREF=
"#BrowseProtocols"><CODE>BrowseProtocols
</CODE></A>
606 directives to advertise local printers to other systems.
</P>
608 <BLOCKQUOTE><B>Note:
</B>
610 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
611 16, or
8 bits, printer browsing (and in fact all broadcast
612 reception) will not work. This problem appears to be fixed in
618 <H3 CLASS=
"title"><A NAME=
"Classification">Classification
</A></H3>
622 <PRE CLASS=
"command">
624 Classification classified
625 Classification confidential
626 Classification secret
627 Classification topsecret
628 Classification unclassified
633 <P>The
<CODE>Classification
</CODE> directive sets the
634 classification level on the server. When this option is set, at
635 least one of the banner pages is forced to the classification
636 level, and the classification is placed on each page of output.
637 The default is no classification level.
</P>
640 <H3 CLASS=
"title"><A NAME=
"ClassifyOverride">ClassifyOverride
</A></H3>
644 <PRE CLASS=
"command">
651 <P>The
<CODE>ClassifyOverride
</CODE> directive specifies whether
652 users can override the default classification level on the
653 server. When the server classification is set, users can change
654 the classification using the
<CODE>job-sheets
</CODE> option and
655 can choose to only print one security banner before or after the
656 job. If the
<CODE>job-sheets
</CODE> option is set to
657 <CODE>none
</CODE> then the server default classification is
660 <P>The default is to not allow classification overrides.
</P>
663 <H3 CLASS=
"title"><A NAME=
"ConfigFilePerm">ConfigFilePerm
</A></H3>
667 <PRE CLASS=
"command">
674 <P>The
<CODE>ConfigFilePerm
</CODE> directive specifies the
675 permissions to use when writing configuration files. The default
679 <H3 CLASS=
"title"><A NAME=
"DataDir">DataDir
</A></H3>
683 <PRE CLASS=
"command">
684 DataDir /usr/share/cups
689 <P>The
<CODE>DataDir
</CODE> directive sets the directory to use
693 <H3 CLASS=
"title"><A NAME=
"DefaultCharset">DefaultCharset
</A></H3>
697 <PRE CLASS=
"command">
699 DefaultCharset iso-
8859-
1
700 DefaultCharset windows-
1251
705 <P>The
<CODE>DefaultCharset
</CODE> directive sets the default
706 character set to use for client connections. The default
707 character set is
<CODE>utf-
8</CODE> but is overridden by the
708 character set for the language specified by the client or the
709 <CODE>DefaultLanguage
</CODE> directive.
</P>
712 <H3 CLASS=
"title"><A NAME=
"DefaultLanguage">DefaultLanguage
</A></H3>
716 <PRE CLASS=
"command">
726 <P>The
<CODE>DefaultLanguage
</CODE> directive specifies the
727 default language to use for client connections. Setting the
728 default language also sets the default character set if a
729 language localization file exists for it. The default language
730 is
"en" for English.
</P>
733 <H3 CLASS=
"title"><A NAME=
"Deny">Deny
</A></H3>
737 <PRE CLASS=
"command">
740 Deny from *.domain.com
741 Deny from .domain.com
742 Deny from host.domain.com
745 Deny from nnn.nnn.nnn.*
746 Deny from nnn.nnn.nnn.nnn
747 Deny from nnn.nnn.nnn.nnn/mm
748 Deny from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
749 Deny from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
756 <P>The
<CODE>Deny
</CODE> directive specifies a hostname, IP
757 address, or network that is allowed access to the server.
758 <CODE>Deny
</CODE> directives are cummulative, so multiple
759 <CODE>Deny
</CODE> directives can be used to allow access for
760 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
761 specifies a CIDR netmask:
</P>
763 <DIV CLASS=
"table"><TABLE>
765 <TH WIDTH=
"10%">mm
</TH>
766 <TH WIDTH=
"20%">netmask
</TH>
767 <TH WIDTH=
"10%">mm
</TH>
768 <TH WIDTH=
"20%">netmask
</TH>
771 <TD ALIGN=
"CENTER">0</TD>
772 <TD ALIGN=
"CENTER">0.0.0.0</TD>
773 <TD ALIGN=
"CENTER">8</TD>
774 <TD ALIGN=
"CENTER">255.0.0.0</TD>
777 <TD ALIGN=
"CENTER">1</TD>
778 <TD ALIGN=
"CENTER">128.0.0.0</TD>
779 <TD ALIGN=
"CENTER">16</TD>
780 <TD ALIGN=
"CENTER">255.255.0.0</TD>
783 <TD ALIGN=
"CENTER">2</TD>
784 <TD ALIGN=
"CENTER">192.0.0.0</TD>
785 <TD ALIGN=
"CENTER">24</TD>
786 <TD ALIGN=
"CENTER">255.255.255.0</TD>
789 <TD ALIGN=
"CENTER">...
</TD>
790 <TD ALIGN=
"CENTER">...
</TD>
791 <TD ALIGN=
"CENTER">32</TD>
792 <TD ALIGN=
"CENTER">255.255.255.255</TD>
796 <P>The
<CODE>@LOCAL
</CODE> name will deny access from all local
797 interfaces. The
<CODE>@IF(name)
</CODE> name will deny access from
798 the named interface.
</P>
800 <P>The
<CODE>Deny
</CODE> directive must appear inside a
<A
801 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
804 <H3 CLASS=
"title"><A NAME=
"DocumentRoot">DocumentRoot
</A></H3>
808 <PRE CLASS=
"command">
809 DocumentRoot /usr/share/doc/cups
810 DocumentRoot /foo/bar/doc/cups
815 <P>The
<CODE>DocumentRoot
</CODE> directive specifies the location
816 of web content for the HTTP server in CUPS. If an absolute path
817 is not specified then it is assumed to be relative to the
<A
818 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
819 default directory is
<VAR>/usr/share/doc/cups
</VAR>.
</P>
821 <P>Documents are first looked up in a sub-directory for the
822 primary language requested by the client (e.g.
823 <VAR>/usr/share/doc/cups/fr/...
</VAR>) and then directly under
824 the
<CODE>DocumentRoot
</CODE> directory (e.g.
825 <VAR>/usr/share/doc/cups/...
</VAR>), so it is possible to
826 localize the web content by providing subdirectories for each
830 <H3 CLASS=
"title"><A NAME=
"Encryption">Encryption
</A></H3>
834 <PRE CLASS=
"command">
836 Encryption IfRequested
842 <P>The
<CODE>Encryption
</CODE> directive must appear instead a
<A
843 HREF=
"#Location"><CODE>Location
</CODE></A> section and specifies
844 the encryption settings for that location. The default setting is
845 <CODE>IfRequested
</CODE> for all locations.
</P>
848 <H3 CLASS=
"title"><A NAME=
"ErrorLog">ErrorLog
</A></H3>
852 <PRE CLASS=
"command">
853 ErrorLog /var/log/cups/error_log
854 ErrorLog /var/log/cups/error_log-%s
860 <P>The
<CODE>ErrorLog
</CODE> directive sets the name of the error
861 log file. If the filename is not absolute then it is assumed to
862 be relative to the
<A
863 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
864 default error log file is
<VAR>/var/log/cups/error_log
</VAR>.
</P>
866 <P>The server name can be included in the filename by using
867 <CODE>%s
</CODE> in the name.
</P>
869 <P>The special name
"syslog" can be used to send the error
870 information to the system log instead of a plain file.
</P>
873 <H3 CLASS=
"title"><A NAME=
"FileDevice">FileDevice
</A></H3>
877 <PRE CLASS=
"command">
884 <P>The
<CODE>FileDevice
</CODE> directive determines whether the
885 scheduler allows new printers to be added using device URIs of
886 the form
<CODE>file:/filename
</CODE>. File devices are most often
887 used to test new printer drivers and do not support raw file
890 <P>The default setting is
<CODE>No
</CODE>.
</P>
892 <BLOCKQUOTE><B>Note:
</B>
894 <P>File devices are managed by the scheduler. Since the
895 scheduler normally runs as the root user, file devices
896 can be used to overwrite system files and potentially
897 gain unauthorized access to the system. If you must
898 create printers using file devices, we recommend that
899 you set the
<CODE>FileDevice
</CODE> directive to
900 <CODE>Yes
</CODE> for only as long as you need to add the
901 printers to the system, and then reset the directive to
907 <H3 CLASS=
"title"><A NAME=
"FilterLimit">FilterLimit
</A></H3>
911 <PRE CLASS=
"command">
919 <P>The
<CODE>FilterLimit
</CODE> directive sets the maximum cost
920 of all running job filters. It can be used to limit the number of
921 filter programs that are run on a server to minimize disk,
922 memory, and CPU resource problems. A limit of
0 disables filter
925 <P>An average print to a non-PostScript printer needs a filter
926 limit of about
200. A PostScript printer needs about half that
927 (
100). Setting the limit below these thresholds will effectively
928 limit the scheduler to printing a single job at any time.
</P>
930 <P>The default limit is
0.
</P>
933 <H3 CLASS=
"title"><A NAME=
"FontPath">FontPath
</A></H3>
937 <PRE CLASS=
"command">
938 FontPath /foo/bar/fonts
939 FontPath /usr/share/cups/fonts:/foo/bar/fonts
944 <P>The
<CODE>FontPath
</CODE> directive specifies the font path to
945 use when searching for fonts. The default font path is
946 <CODE>/usr/share/cups/fonts
</CODE>.
</P>
949 <H3 CLASS=
"title"><A NAME=
"Group">Group
</A></H3>
953 <PRE CLASS=
"command">
959 <P>The
<CODE>Group
</CODE> directive specifies the UNIX group that
960 filter and CGI programs run as. The default group is
961 <CODE>nobody
</CODE>.
</P>
964 <H3 CLASS=
"title"><A NAME=
"HideImplicitMembers">HideImplicitMembers
</A></H3>
968 <PRE CLASS=
"command">
969 HideImplicitMembers Yes
970 HideImplicitMembers No
975 <P>The
<CODE>HideImplicitMembers
</CODE> directive controls
976 whether the individual printers in an implicit class are hidden
977 from the user. The default is
<CODE>Yes
</CODE>.
</P>
979 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
980 must be enabled for this directive to have any effect.
</P>
983 <H3 CLASS=
"title"><A NAME=
"HostNameLookups">HostNameLookups
</A></H3>
987 <PRE CLASS=
"command">
990 HostNameLookups Double
995 <P>The
<CODE>HostNameLookups
</CODE> directive controls whether or
996 not CUPS looks up the hostname for connecting clients. The
997 <CODE>Double
</CODE> setting causes CUPS to verify that the
998 hostname resolved from the address matches one of the addresses
999 returned for that hostname.
<CODE>Double
</CODE> lookups also
1000 prevent clients with unregistered addresses from connecting to
1003 <P>The default is
<CODE>Off
</CODE> to avoid the potential server
1004 performance problems with hostname lookups. Set this option to
1005 <CODE>On
</CODE> or
<CODE>Double
</CODE> only if absolutely
1009 <H3 CLASS=
"title"><A NAME=
"ImplicitClasses">ImplicitClasses
</A></H3>
1013 <PRE CLASS=
"command">
1018 <H4>Description
</H4>
1020 <P>The
<CODE>ImplicitClasses
</CODE> directive controls whether
1021 implicit classes are created based upon the available network
1022 printers and classes. The default setting is
<CODE>On
</CODE> but
1023 is automatically turned
<CODE>Off
</CODE> if
<A
1024 HREF=
"#Browsing"><CODE>Browsing
</CODE></A> is turned
1025 <CODE>Off
</CODE>.
</P>
1028 <H3 CLASS=
"title"><A NAME=
"ImplicitAnyClasses">ImplicitAnyClasses
</A></H3>
1032 <PRE CLASS=
"command">
1033 ImplicitAnyClasses On
1034 ImplicitAnyClasses Off
1037 <H4>Description
</H4>
1039 <P>The
<CODE>ImplicitAnyClasses
</CODE> directive controls
1040 whether implicit classes for local and remote printers are
1041 created with the name
<CODE>AnyPrinter
</CODE>. The default
1042 setting is
<CODE>Off
</CODE>.
</P>
1044 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1045 must be enabled for this directive to have any effect.
</P>
1048 <H3 CLASS=
"title"><A NAME=
"Include">Include
</A></H3>
1052 <PRE CLASS=
"command">
1054 Include /foo/bar/filename
1057 <H4>Description
</H4>
1059 <P>The
<CODE>Include
</CODE> directive includes the named file in
1060 the
<CODE>cupsd.conf
</CODE> file. If no leading path is provided,
1061 the file is assumed to be relative to the
<A
1062 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory.
</P>
1065 <H3 CLASS=
"title"><A NAME=
"KeepAlive">KeepAlive
</A></H3>
1069 <PRE CLASS=
"command">
1074 <H4>Description
</H4>
1076 <P>The
<CODE>KeepAlive
</CODE> directive controls whether or not
1077 to support persistent HTTP connections. The default is
1078 <CODE>On
</CODE>.
</P>
1080 <P>HTTP/
1.1 clients automatically support persistent connections,
1081 while HTTP/
1.0 clients must specifically request them using the
1082 <CODE>Keep-Alive
</CODE> attribute in the
<CODE>Connection:
</CODE>
1083 field of each request.
</P>
1086 <H3 CLASS=
"title"><A NAME=
"KeepAliveTimeout">KeepAliveTimeout
</A></H3>
1090 <PRE CLASS=
"command">
1095 <H4>Description
</H4>
1097 <P>The
<CODE>KeepAliveTimeout
</CODE> directive controls how long
1098 a persistent HTTP connection will remain open after the last
1099 request. The default is
60 seconds.
</P>
1102 <H3 CLASS=
"title"><A NAME=
"Limit">Limit
</A></H3>
1106 <PRE CLASS=
"command">
1107 <Limit GET POST
>
1116 <H4>Description
</H4>
1118 <P>The
<CODE>Limit
</CODE> directive groups access control
1119 directives for specific types of HTTP requests and must appear
1120 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1121 Access can be limited for individual request types
1122 (
<CODE>DELETE
</CODE>,
<CODE>GET
</CODE>,
<CODE>HEAD
</CODE>,
1123 <CODE>OPTIONS
</CODE>,
<CODE>POST
</CODE>,
<CODE>PUT
</CODE>, and
1124 <CODE>TRACE
</CODE>) or for all request types (
<CODE>ALL
</CODE>).
1125 The request type names are case-sensitive for compatibility with
1129 <H3 CLASS=
"title"><A NAME=
"LimitExcept">LimitExcept
</A></H3>
1133 <PRE CLASS=
"command">
1134 <LimitExcept GET POST
>
1136 </LimitExcept
>
1139 <H4>Description
</H4>
1141 <P>The
<CODE>LimitExcept
</CODE> directive groups access control
1142 directives for specific types of HTTP requests and must appear
1143 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1144 Unlike the
<A HREF=
"#Limit"><CODE>Limit
</CODE></A> directive,
1145 <CODE>LimitExcept
</CODE> restricts access for all requests
1146 <I>except
</I> those listed on the
<CODE>LimitExcept
</CODE>
1150 <H3 CLASS=
"title"><A NAME=
"LimitRequestBody">LimitRequestBody
</A></H3>
1154 <PRE CLASS=
"command">
1155 LimitRequestBody
10485760
1156 LimitRequestBody
10m
1160 <H4>Description
</H4>
1162 <P>The
<CODE>LimitRequestBody
</CODE> directive controls the
1163 maximum size of print files, IPP requests, and HTML form data in
1164 HTTP POST requests. The default limit is
0 which disables the
1168 <H3 CLASS=
"title"><A NAME=
"Listen">Listen
</A></H3>
1172 <PRE CLASS=
"command">
1173 Listen
127.0.0.1:
631
1174 Listen
192.0.2.1:
631
1179 <H4>Description
</H4>
1181 <P>The
<CODE>Listen
</CODE> directive specifies a network address
1182 and port to listen for connections. Multiple
<CODE>Listen
</CODE>
1183 directives can be provided to listen on multiple addresses.
</P>
1185 <P>The
<CODE>Listen
</CODE> directive is similar to the
<A
1186 HREF=
"#Port"><CODE>Port
</CODE></A> directive but allows you to
1187 restrict access to specific interfaces or networks.
</P>
1190 <H3 CLASS=
"title"><A NAME=
"Location">Location
</A></H3>
1194 <PRE CLASS=
"command">
1199 <Location /admin
>
1203 <Location /admin/conf
>
1207 <Location /admin/log
>
1211 <Location /classes
>
1215 <Location /classes/name
>
1219 <Location /jobs
>
1223 <Location /printers
>
1227 <Location /printers/name
>
1233 <H4>Description
</H4>
1235 <P>The
<CODE>Location
</CODE> directive specifies access control
1236 and authentication options for the specified HTTP resource or
1237 path. The
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>,
<A
1238 HREF=
"#AuthType"><CODE>AuthType
</CODE></A>,
<A
1239 HREF=
"#Deny"><CODE>Deny
</CODE></A>,
<A
1240 HREF=
"#Encryption"><CODE>Encryption
</CODE></A>,
<A
1241 HREF=
"#Limit"><CODE>Limit
</CODE></A>,
<A
1242 HREF=
"#LimitExcept"><CODE>LimitExcept
</CODE></A>,
<A
1243 HREF=
"#Order"><CODE>Order
</CODE></A>,
<A
1244 HREF=
"#Require"><CODE>Require
</CODE></A>, and
<A
1245 HREF=
"#Satisfy"><CODE>Satisfy
</CODE></A> directives may all
1246 appear inside a location.
</P>
1248 <P>Note that more specific resources override the less specific
1249 ones. So the directives inside the
<CODE>/printers/name
</CODE>
1250 location will override ones from
<CODE>/printers
</CODE>.
1251 Directives inside
<CODE>/printers
</CODE> will override ones from
1252 <CODE>/
</CODE>. None of the directives are inherited.
</P>
1254 <DIV CLASS=
"table"><TABLE>
1255 <CAPTION>Common Locations on the Server
</CAPTION>
1256 <TR><TH>Location
</TH><TH>Description
</TH></TR>
1257 <TR><TD><CODE>/
</CODE></TD><TD>The path for all get operations (get-printers, get-jobs, etc.)
</TD></TR>
1258 <TR><TD><CODE>/admin
</CODE></TD><TD>The path for all administration operations (add-printer, delete-printer, start-printer, etc.)
</TD></TR>
1259 <TR><TD><CODE>/admin/conf
</CODE></TD><TD>The path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
</TD></TR>
1260 <TR><TD><CODE>/admin/log
</CODE></TD><TD>The path for access to the CUPS log files (access_log, error_log, page_log)
</TD></TR>
1261 <TR><TD><CODE>/classes
</CODE></TD><TD>The path for all classes
</TD></TR>
1262 <TR><TD><CODE>/classes/name
</CODE></TD><TD>The resource for class
<CODE>name
</CODE></TD></TR>
1263 <TR><TD><CODE>/jobs
</CODE></TD><TD>The path for all jobs (hold-job, release-job, etc.)
</TD></TR>
1264 <TR><TD><CODE>/jobs/id
</CODE></TD><TD>The resource for job
<CODE>id
</CODE></TD></TR>
1265 <TR><TD><CODE>/printers
</CODE></TD><TD>The path for all printers
</TD></TR>
1266 <TR><TD><CODE>/printers/name
</CODE></TD><TD>The path for printer
<CODE>name
</CODE></TD></TR>
1267 <TR><TD><CODE>/printers/name.ppd
</CODE></TD><TD>The PPD file path for printer
<CODE>name
</CODE></TD></TR>
1271 <H3 CLASS=
"title"><A NAME=
"LogFilePerm">LogFilePerm
</A></H3>
1275 <PRE CLASS=
"command">
1280 <H4>Description
</H4>
1282 <P>The
<CODE>LogFilePerm
</CODE> directive specifies the
1283 permissions to use when writing configuration files. The default
1287 <H3 CLASS=
"title"><A NAME=
"LogLevel">LogLevel
</A></H3>
1291 <PRE CLASS=
"command">
1304 <H4>Description
</H4>
1306 <P>The
<CODE>LogLevel
</CODE> directive specifies the level of
1307 logging for the
<A HREF=
"#ErrorLog"><CODE>ErrorLog
</CODE></A>
1308 file. The following values are recognized (each level logs
1309 everything under the preceding levels):
</P>
1313 <LI><CODE>none
</CODE> - Log nothing
</LI>
1315 <LI><CODE>emerg
</CODE> - Log emergency conditions that
1316 prevent the server from running
</LI>
1318 <LI><CODE>alert
</CODE> - Log alerts that must be handled
1321 <LI><CODE>crit
</CODE> - Log critical errors that don't
1322 prevent the server from running
</LI>
1324 <LI><CODE>error
</CODE> - Log general errors
</LI>
1326 <LI><CODE>warn
</CODE> - Log errors and warnings
</LI>
1328 <LI><CODE>notice
</CODE> - Log temporary error conditions
</LI>
1330 <LI><CODE>info
</CODE> - Log all requests and state
1331 changes (default)
</LI>
1333 <LI><CODE>debug
</CODE> - Log basic debugging
1336 <LI><CODE>debug2
</CODE> - Log all debugging
1342 <H3 CLASS=
"title"><A NAME=
"MaxClients">MaxClients
</A></H3>
1346 <PRE CLASS=
"command">
1351 <H4>Description
</H4>
1353 <P>The
<CODE>MaxClients
</CODE> directive controls the maximum
1354 number of simultaneous clients that will be allowed by the
1355 server. The default is
100 clients.
</P>
1357 <BLOCKQUOTE><B>Note:
</B>
1359 <P>Since each print job requires a file descriptor for the status
1360 pipe, the scheduler internally limits the
<CODE>MaxClients
</CODE>
1361 value to
1/
3 of the available file descriptors to avoid possible
1362 problems when printing large numbers of jobs.
</P>
1367 <H3 CLASS=
"title"><A NAME=
"MaxClientsPerHost">MaxClientsPerHost
</A></H3>
1371 <PRE CLASS=
"command">
1372 MaxClientsPerHost
10
1375 <H4>Description
</H4>
1377 <P>The
<CODE>MaxClientsPerHost
</CODE> directive controls the
1378 maximum number of simultaneous clients that will be allowed from
1379 a single host by the server. The default is the
1380 <CODE>MaxClients
</CODE> value.
</P>
1382 <P>This directive provides a small measure of protection against
1383 Denial of Service attacks from a single host.
</P>
1386 <H3 CLASS=
"title"><A NAME=
"MaxCopies">MaxCopies
</A></H3>
1390 <PRE CLASS=
"command">
1395 <H4>Description
</H4>
1397 <P>The
<CODE>MaxCopies
</CODE> directive controls the maximum
1398 number of copies that a user can print of a job. The default is
1401 <BLOCKQUOTE><B>Note:
</B>
1403 <P>Most HP PCL laser printers internally limit the number of
1410 <H3 CLASS=
"title"><A NAME=
"MaxJobs">MaxJobs
</A></H3>
1414 <PRE CLASS=
"command">
1420 <H4>Description
</H4>
1422 <P>The
<CODE>MaxJobs
</CODE> directive controls the maximum number
1423 of jobs that are kept in memory. Once the number of jobs reaches
1424 the limit, the oldest completed job is automatically purged from
1425 the system to make room for the new one. If all of the known jobs
1426 are still pending or active then the new job will be
1429 <P>Setting the maximum size to
0 disables this functionality. The
1430 default setting is
0.
</P>
1433 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerPrinter">MaxJobsPerPrinter
</A></H3>
1437 <PRE CLASS=
"command">
1438 MaxJobsPerPrinter
100
1439 MaxJobsPerPrinter
9999
1443 <H4>Description
</H4>
1445 <P>The
<CODE>MaxJobsPerPrinter
</CODE> directive controls the
1446 maximum number of active jobs that are allowed for each printer
1447 or class. Once a printer or class reaches the limit, new jobs
1448 will be rejected until one of the active jobs is completed,
1449 stopped, aborted, or canceled.
</P>
1451 <P>Setting the maximum to
0 disables this functionality. The
1452 default setting is
0.
</P>
1455 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerUser">MaxJobsPerUser
</A></H3>
1459 <PRE CLASS=
"command">
1465 <H4>Description
</H4>
1467 <P>The
<CODE>MaxJobsPerUser
</CODE> directive controls the maximum
1468 number of active jobs that are allowed for each user. Once a user
1469 reaches the limit, new jobs will be rejected until one of the
1470 active jobs is completed, stopped, aborted, or canceled.
</P>
1472 <P>Setting the maximum to
0 disables this functionality. The
1473 default setting is
0.
</P>
1476 <H3 CLASS=
"title"><A NAME=
"MaxLogSize">MaxLogSize
</A></H3>
1480 <PRE CLASS=
"command">
1486 <H4>Description
</H4>
1488 <P>The
<CODE>MaxLogSize
</CODE> directive controls the maximum
1489 size of each log file. Once a log file reaches or exceeds the
1490 maximum size it is closed and renamed to
<VAR>filename.O
</VAR>.
1491 This allows you to rotate the logs automatically. The default
1492 size is
1048576 bytes (
1MB).
</P>
1494 <P>Setting the maximum size to
0 disables log rotation.
</P>
1497 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"MaxRequestSize">MaxRequestSize
</A></H3>
1501 <PRE CLASS=
"command">
1502 MaxRequestSize
10485760
1507 <H4>Description
</H4>
1509 <P>The
<CODE>MaxRequestSize
</CODE> directive controls the maximum
1510 size of print files, IPP requests, and HTML form data in HTTP
1511 POST requests. The default limit is
0 which disables the limit
1514 <P><B>This directive is deprecated and will be replaced in a
1515 future CUPS release.
</B> Use the
<A
1516 HREF=
"#LimitRequestBody"><CODE>LimitRequestBody
</CODE></A>
1517 directive instead.
</P>
1520 <H3 CLASS=
"title"><A NAME=
"Order">Order
</A></H3>
1524 <PRE CLASS=
"command">
1529 <H4>Description
</H4>
1531 <P>The
<CODE>Order
</CODE> directive defines the default access
1532 control. The following values are supported:
</P>
1536 <LI><CODE>allow,deny
</CODE> - Deny requests by default,
1537 then check the
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>
1538 lines followed by the
<A
1539 HREF=
"#Deny"><CODE>Deny
</CODE></A> lines
</LI>
1541 <LI><CODE>deny,allow
</CODE> - Allow requests by default,
1542 then check the
<A HREF=
"#Deny"><CODE>Deny
</CODE></A>
1543 lines followed by the
<A
1544 HREF=
"#Allow"><CODE>Allow
</CODE></A> lines
</LI>
1548 <P>The
<CODE>Order
</CODE> directive must appear inside a
<A
1549 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
1552 <H3 CLASS=
"title"><A NAME=
"PageLog">PageLog
</A></H3>
1556 <PRE CLASS=
"command">
1557 PageLog /var/log/cups/page_log
1558 PageLog /var/log/cups/page_log-%s
1562 <H4>Description
</H4>
1564 <P>The
<CODE>PageLog
</CODE> directive sets the name of the page
1565 log file. If the filename is not absolute then it is assumed to
1566 be relative to the
<A
1567 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1568 default page log file is
<VAR>/var/log/cups/page_log
</VAR>.
</P>
1570 <P>The server name can be included in the filename by using
1571 <CODE>%s
</CODE> in the name.
</P>
1573 <P>The special name
"syslog" can be used to send the page
1574 information to the system log instead of a plain file.
</P>
1577 <H3 CLASS=
"title"><A NAME=
"Port">Port
</A></H3>
1581 <PRE CLASS=
"command">
1586 <H4>Description
</H4>
1588 <P>The
<CODE>Port
</CODE> directive specifies a port to listen on.
1589 Multiple
<CODE>Port
</CODE> lines can be specified to listen on
1590 multiple ports. The
<CODE>Port
</CODE> directive is equivalent to
1591 "<CODE>Listen *:nnn</CODE>". The default port is
631.
</P>
1593 <BLOCKQUOTE><B>Note:
</B>
1595 <P>On systems that support IPv6, this directive will bind to both
1596 the IPv4 and IPv6 wildcard address.
</P>
1601 <H3 CLASS=
"title"><A NAME=
"PreserveJobHistory">PreserveJobHistory
</A></H3>
1605 <PRE CLASS=
"command">
1606 PreserveJobHistory On
1607 PreserveJobHistory Off
1610 <H4>Description
</H4>
1612 <P>The
<CODE>PreserveJobHistory
</CODE> directive controls whether
1613 the history of completed, canceled, or aborted print jobs is
1616 <P>A value of
<CODE>On
</CODE> (the default) preserves job
1617 information until the administrator purges it with the
1618 <CODE>cancel
</CODE> command.
</P>
1620 <P>A value of
<CODE>Off
</CODE> removes the job information as
1621 soon as each job is completed, canceled, or aborted.
</P>
1624 <H3 CLASS=
"title"><A NAME=
"PreserveJobFiles">PreserveJobFiles
</A></H3>
1628 <PRE CLASS=
"command">
1630 PreserveJobFiles Off
1633 <H4>Description
</H4>
1635 <P>The
<CODE>PreserveJobFiles
</CODE> directive controls whether
1636 the document files of completed, canceled, or aborted print jobs
1637 are stored on disk.
</P>
1639 <P>A value of
<CODE>On
</CODE> preserves job files until the
1640 administrator purges them with the
<CODE>cancel
</CODE> command.
1641 Jobs can be restarted (and reprinted) as desired until they are
1644 <P>A value of
<CODE>Off
</CODE> (the default) removes the job
1645 files as soon as each job is completed, canceled, or aborted.
</P>
1648 <H3 CLASS=
"title"><A NAME=
"Printcap">Printcap
</A></H3>
1652 <PRE CLASS=
"command">
1654 Printcap /etc/printcap
1655 Printcap /etc/printers.conf
1658 <H4>Description
</H4>
1660 <P>The
<CODE>Printcap
</CODE> directive controls whether or not a
1661 printcap file is automatically generated and updated with a list
1662 of available printers. If specified with no value, then no
1663 printcap file will be generated. The default is to generate a
1664 file named
<VAR>/etc/printcap
</VAR>.
</P>
1666 <P>When a filename is specified (e.g.
<VAR>/etc/printcap
</VAR>),
1667 the printcap file is written whenever a printer is added or
1668 removed. The printcap file can then be used by applications that
1669 are hardcoded to look at the printcap file for the available
1673 <H3 CLASS=
"title"><A NAME=
"PrintcapFormat">PrintcapFormat
</A></H3>
1677 <PRE CLASS=
"command">
1679 PrintcapFormat Solaris
1682 <H4>Description
</H4>
1684 <P>The
<CODE>PrintcapFormat
</CODE> directive controls the output
1685 format of the printcap file. The default is to generate a BSD
1689 <H3 CLASS=
"title"><A NAME=
"RemoteRoot">RemoteRoot
</A></H3>
1693 <PRE CLASS=
"command">
1698 <H4>Description
</H4>
1700 <P>The
<CODE>RemoteRoot
</CODE> directive sets the username for
1701 unauthenticated root requests from remote hosts. The default
1702 username is
<VAR>remroot
</VAR>. Setting
<CODE>RemoteRoot
</CODE>
1703 to
<VAR>root
</VAR> effectively disables this security
1707 <H3 CLASS=
"title"><A NAME=
"RequestRoot">RequestRoot
</A></H3>
1711 <PRE CLASS=
"command">
1712 RequestRoot /var/spool/cups
1713 RequestRoot /foo/bar/spool/cups
1716 <H4>Description
</H4>
1718 <P>The
<CODE>RequestRoot
</CODE> directive sets the directory for
1719 incoming IPP requests and HTML forms. If an absolute path is not
1720 provided then it is assumed to be relative to the
<A
1721 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1722 default request directory is
<VAR>/var/spool/cups
</VAR>.
</P>
1725 <H3 CLASS=
"title"><A NAME=
"Require">Require
</A></H3>
1729 <PRE CLASS=
"command">
1730 Require group foo bar
1731 Require user john mary
1733 Require user @groupname
1734 Require user @SYSTEM
1738 <H4>Description
</H4>
1740 <P>The
<CODE>Require
</CODE> directive specifies that
1741 authentication is required for the resource. The
1742 <CODE>group
</CODE> keyword specifies that the authenticated user
1743 must be a member of one or more of the named groups that
1746 <P>The
<CODE>user
</CODE> keyboard specifies that the
1747 authenticated user must be one of the named users or groups that
1748 follow. Group names are specified using the
"@" prefix.
</P>
1750 <P>The
<CODE>valid-user
</CODE> keyword specifies that any
1751 authenticated user may access the resource.
</P>
1753 <P>The default is to do no authentication. This directive must
1754 appear inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1758 <H3 CLASS=
"title"><A NAME=
"RIPCache">RIPCache
</A></H3>
1762 <PRE CLASS=
"command">
1768 <H4>Description
</H4>
1770 <P>The
<CODE>RIPCache
</CODE> directive sets the size of the
1771 memory cache used by Raster Image Processor (
"RIP") filters such
1772 as
<CODE>imagetoraster
</CODE> and
<CODE>pstoraster
</CODE>. The
1773 size can be suffixed with a
"k" for kilobytes,
"m" for megabytes,
1774 or
"g" for gigabytes. The default cache size is
"8m", or
8
1778 <H3 CLASS=
"title"><A NAME=
"Satisfy">Satisfy
</A></H3>
1782 <PRE CLASS=
"command">
1787 <H4>Description
</H4>
1789 <P>The
<CODE>Satisfy
</CODE> directive specifies whether all
1790 conditions must be satisfied to allow access to the resource. If
1791 set to
<CODE>all
</CODE>, then all authentication and access
1792 control conditions must be satified to allow access.
</P>
1794 <P>Setting
<CODE>Satisfy
</CODE> to
<CODE>any
</CODE> allows a user
1795 to gain access if the authentication or access control
1796 requirements are satisfied. For example, you might require
1797 authentication for remote access, but allow local access without
1800 <P>The default is
<CODE>all
</CODE>. This directive must appear
1801 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1805 <H3 CLASS=
"title"><A NAME=
"ServerAdmin">ServerAdmin
</A></H3>
1809 <PRE CLASS=
"command">
1810 ServerAdmin user@host
1811 ServerAdmin root@foo.bar.com
1814 <H4>Description
</H4>
1816 <P>The
<CODE>ServerAdmin
</CODE> directive identifies the email
1817 address for the administrator on the system. By default the
1818 administrator email address is
<CODE>root@server
</CODE>, where
1819 <CODE>server
</CODE> is the server name.
</P>
1822 <H3 CLASS=
"title"><A NAME=
"ServerBin">ServerBin
</A></H3>
1826 <PRE CLASS=
"command">
1827 ServerBin /usr/lib/cups
1828 ServerBin /foo/bar/lib/cups
1831 <H4>Description
</H4>
1833 <P>The
<CODE>ServerBin
</CODE> directive sets the directory for
1834 server-run executables. If an absolute path is not provided then
1835 it is assumed to be relative to the
<A
1836 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1837 default executable directory is
<VAR>/usr/lib/cups
</VAR> or
1838 <VAR>/usr/lib32/cups
</VAR> (IRIX
6.5).
</P>
1841 <H3 CLASS=
"title"><A NAME=
"ServerCertificate">ServerCertificate
</A></H3>
1845 <PRE CLASS=
"command">
1846 ServerCertificate /etc/cups/ssl/server.crt
1849 <H4>Description
</H4>
1851 <P>The
<CODE>ServerCertificate
</CODE> directive specifies the
1852 location of the SSL certificate file used by the server when
1853 negotiating encrypted connections. The certificate must not be
1854 encrypted (password protected) since the scheduler normally runs
1855 in the background and will be unable to ask for a password.
</P>
1857 <P>The default certificate file is
1858 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1861 <H3 CLASS=
"title"><A NAME=
"ServerKey">ServerKey
</A></H3>
1865 <PRE CLASS=
"command">
1866 ServerKey /etc/cups/ssl/server.key
1869 <H4>Description
</H4>
1871 <P>The
<CODE>ServerKey
</CODE> directive specifies the location of
1872 the SSL private key file used by the server when negotiating
1873 encrypted connections.
</P>
1875 <P>The default key file is
1876 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1879 <H3 CLASS=
"title"><A NAME=
"ServerName"></A>ServerName
</H3>
1883 <PRE CLASS=
"command">
1884 ServerName foo.domain.com
1885 ServerName myserver.domain.com
1888 <H4>Description
</H4>
1890 <P>The
<CODE>ServerName
</CODE> directive specifies the hostname
1891 that is reported to clients. By default the server name is the
1895 <H3 CLASS=
"title"><A NAME=
"ServerRoot">ServerRoot
</A></H3>
1899 <PRE CLASS=
"command">
1900 ServerRoot /etc/cups
1901 ServerRoot /foo/bar/cups
1904 <H4>Description
</H4>
1906 <P>The
<CODE>ServerRoot
</CODE> directive specifies the absolute
1907 path to the server configuration and state files. It is also used
1908 to resolve relative paths in the
<VAR>cupsd.conf
</VAR> file. The
1909 default server directory is
<VAR>/etc/cups
</VAR>.
</P>
1912 <H3 CLASS=
"title"><A NAME=
"SSLListen">SSLListen
</A></H3>
1916 <PRE CLASS=
"command">
1917 SSLListen
127.0.0.1:
443
1918 SSLListen
192.0.2.1:
443
1921 <H4>Description
</H4>
1923 <P>The
<CODE>SSLListen
</CODE> directive specifies a network
1924 address and port to listen for secure connections. Multiple
1925 <CODE>SSLListen
</CODE> directives can be provided to listen on
1926 multiple addresses.
</P>
1928 <P>The
<CODE>SSLListen
</CODE> directive is similar to the
<A
1929 HREF=
"#SSLPort"><CODE>SSLPort
</CODE></A> directive but allows you
1930 to restrict access to specific interfaces or networks.
</P>
1933 <H3 CLASS=
"title"><A NAME=
"SSLPort">SSLPort
</A></H3>
1937 <PRE CLASS=
"command">
1941 <H4>Description
</H4>
1943 <P>The
<CODE>SSLPort
</CODE> directive specifies a port to listen
1944 on for secure connections. Multiple
<CODE>SSLPort
</CODE> lines
1945 can be specified to listen on multiple ports.
</P>
1948 <H3 CLASS=
"title"><A NAME=
"SystemGroup">SystemGroup
</A></H3>
1952 <PRE CLASS=
"command">
1959 <H4>Description
</H4>
1961 <P>The
<CODE>SystemGroup
</CODE> directive specifies the system
1962 administration group for
<CODE>System
</CODE> authentication.
</P>
1965 <H3 CLASS=
"title"><A NAME=
"TempDir">TempDir
</A></H3>
1969 <PRE CLASS=
"command">
1971 TempDir /foo/bar/tmp
1974 <H4>Description
</H4>
1976 <P>The
<CODE>TempDir
</CODE> directive specifies an absolute path
1977 for the directory to use for temporary files. The default
1978 directory is
<VAR>/var/spool/cups/tmp
</VAR>.
</P>
1980 <P>Temporary directories must be world-writable and should have
1981 the
"sticky" permission bit enabled so that other users cannot
1982 delete filter temporary files. The following commands will create
1983 an appropriate temporary directory called
1984 <VAR>/foo/bar/tmp
</VAR>:
</P>
1986 <PRE CLASS=
"command">
1987 <KBD>mkdir /foo/bar/tmp
</KBD>
1988 <KBD>chmod a+rwxt /foo/bar/tmp
</KBD>
1992 <H3 CLASS=
"title"><A NAME=
"Timeout">Timeout
</A></H3>
1996 <PRE CLASS=
"command">
2001 <H4>Description
</H4>
2003 <P>The
<CODE>Timeout
</CODE> directive controls the amount of time
2004 to wait before an active HTTP or IPP request times out. The
2005 default timeout is
300 seconds.
</P>
2008 <H3 CLASS=
"title"><A NAME=
"User">User
</A></H3>
2012 <PRE CLASS=
"command">
2017 <H4>Description
</H4>
2019 <P>The
<CODE>User
</CODE> directive specifies the UNIX user that
2020 filter and CGI programs run as. The default user is
2021 <CODE>lp
</CODE>.
</P>
2023 <BLOCKQUOTE><B>Note:
</B>
2025 <P>You may not use user
<CODE>root
</CODE>, as that would expose
2026 the system to unacceptable security risks. The scheduler will
2027 automatically choose user
<CODE>nobody
</CODE> if you specify a
2028 user whose ID is
0.
</P>