2 <!-- SECTION: References -->
4 <TITLE>cupsd.conf
</TITLE>
24 <P>The
<VAR>/etc/cups/cupsd.conf
</VAR> file contains
25 configuration
<I>directives
</I> that control how the server
26 functions. Each directive is listed on a line by itself followed
27 by its value. Comments are introduced using the number sign (
"#")
28 character at the beginning of a line.
</P>
30 <P>Since the server configuration file consists of plain text,
31 you can use your favorite text editor to make changes to it.
32 After making any changes, restart the
<CODE>cupsd(
8)
</CODE>
33 process using the startup script for your operating system:
</P>
39 /etc/init.d/cups restart
44 /sbin/init.d/cups restart
49 /etc/init.d/cups restart
54 /etc/init.d/cups restart
59 /System/Library/StartupItems/PrintingServices/PrintingServices restart
64 /etc/init.d/cups restart
69 <P>You can also edit this file from the CUPS web interface, which
70 automatically handles restarting the scheduler.
</P>
73 <H3 CLASS=
"title"><A NAME=
"AccessLog">AccessLog
</A></H3>
78 AccessLog /var/log/cups/access_log
79 AccessLog /var/log/cups/access_log-%s
85 <P>The
<CODE>AccessLog
</CODE> directive sets the name of the
86 access log file. If the filename is not absolute then it is
87 assumed to be relative to the
<A
88 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
89 access log file is stored in
"common log format" and can be used
90 by any web access reporting tool to generate a report on CUPS
93 <P>The server name can be included in the filename by using
94 <CODE>%s
</CODE> in the name.
</P>
96 <P>The special name
"syslog" can be used to send the access
97 information to the system log instead of a plain file.
</P>
99 <P>The default access log file is
100 <VAR>/var/log/cups/access_log
</VAR>.
</P>
103 <H3 CLASS=
"title"><A NAME=
"Allow">Allow
</A></H3>
107 <PRE CLASS=
"command">
110 Allow from *.domain.com
111 Allow from .domain.com
112 Allow from host.domain.com
115 Allow from nnn.nnn.nnn.*
116 Allow from nnn.nnn.nnn.nnn
117 Allow from nnn.nnn.nnn.nnn/mm
118 Allow from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
119 Allow from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
126 <P>The
<CODE>Allow
</CODE> directive specifies a hostname, IP address,
127 or network that is allowed access to the server.
<CODE>Allow
</CODE>
128 directives are cummulative, so multiple
<CODE>Allow
</CODE> directives
129 can be used to allow access for multiple hosts or networks. The
130 <CODE>/mm
</CODE> notation specifies a CIDR netmask:
</P>
132 <DIV CLASS=
"table"><TABLE>
134 <TH WIDTH=
"10%">mm
</TH>
135 <TH WIDTH=
"20%">netmask
</TH>
136 <TH WIDTH=
"10%">mm
</TH>
137 <TH WIDTH=
"20%">netmask
</TH>
140 <TD ALIGN=
"CENTER">0</TD>
141 <TD ALIGN=
"CENTER">0.0.0.0</TD>
142 <TD ALIGN=
"CENTER">8</TD>
143 <TD ALIGN=
"CENTER">255.0.0.0</TD>
146 <TD ALIGN=
"CENTER">1</TD>
147 <TD ALIGN=
"CENTER">128.0.0.0</TD>
148 <TD ALIGN=
"CENTER">16</TD>
149 <TD ALIGN=
"CENTER">255.255.0.0</TD>
152 <TD ALIGN=
"CENTER">2</TD>
153 <TD ALIGN=
"CENTER">192.0.0.0</TD>
154 <TD ALIGN=
"CENTER">24</TD>
155 <TD ALIGN=
"CENTER">255.255.255.0</TD>
158 <TD ALIGN=
"CENTER">...
</TD>
159 <TD ALIGN=
"CENTER">...
</TD>
160 <TD ALIGN=
"CENTER">32</TD>
161 <TD ALIGN=
"CENTER">255.255.255.255</TD>
165 <P>The
<CODE>@LOCAL
</CODE> name will allow access from all local
166 interfaces. The
<CODE>@IF(name)
</CODE> name will allow access
167 from the named interface.
</P>
169 <P>The
<CODE>Allow
</CODE> directive must appear inside a
<A
170 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
173 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthClass">AuthClass
</A></H3>
177 <PRE CLASS=
"command">
186 <P>The
<CODE>AuthClass
</CODE> directive defines what level of
187 authentication is required:
</P>
191 <LI><CODE>Anonymous
</CODE> - No authentication should be
192 performed (default)
</LI>
194 <LI><CODE>User
</CODE> - A valid username and password is
197 <LI><CODE>System
</CODE> - A valid username and password
198 is required, and the username must belong to the
"sys"
199 group; this can be changed using the
<A
200 HREF=
"#SystemGroup"><CODE>SystemGroup
</CODE></A>
203 <LI><CODE>Group
</CODE> - A valid username and password is
204 required, and the username must belong to the group named
206 HREF=
"#AuthGroupName"><CODE>AuthGroupName
</CODE></A>
211 <P>The
<CODE>AuthClass
</CODE> directive must appear inside a
<A
212 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
214 <P><B>This directive is deprecated and will be removed from a
215 future release of CUPS.
</B> Consider using the more flexible
<A
216 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
219 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthGroupName">AuthGroupName
</A></H3>
223 <PRE CLASS=
"command">
224 AuthGroupName mygroup
230 <P>The
<CODE>AuthGroupName
</CODE> directive sets the group to use
231 for
<CODE>Group
</CODE> authentication.
</P>
233 <P>The
<CODE>AuthGroupName
</CODE> directive must appear inside a
234 <A HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
236 <P><B>This directive is deprecated and will be removed from a
237 future release of CUPS.
</B> Consider using the more flexible
<A
238 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
241 <H3 CLASS=
"title"><A NAME=
"AuthType">AuthType
</A></H3>
245 <PRE CLASS=
"command">
254 <P>The
<CODE>AuthType
</CODE> directive defines the type of
255 authentication to perform:
</P>
259 <LI><CODE>None
</CODE> - No authentication should be
260 performed (default)
</LI>
262 <LI><CODE>Basic
</CODE> - Basic authentication should be
263 performed using the UNIX password and group files
</LI>
265 <LI><CODE>Digest
</CODE> - Digest authentication should be
266 performed using the
<VAR>/etc/cups/passwd.md5
</VAR>
269 <LI><CODE>BasicDigest
</CODE> - Basic authentication
270 should be performed using the
271 <VAR>/etc/cups/passwd.md5
</VAR> file
</LI>
275 <P>When using
<CODE>Basic
</CODE>,
<CODE>Digest
</CODE>, or
276 <CODE>BasicDigest
</CODE> authentication, clients connecting
277 through the
<CODE>localhost
</CODE> interface can also
278 authenticate using certificates.
</P>
280 <P>The
<CODE>AuthType
</CODE> directive must appear inside a
<A
281 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
284 <H3 CLASS=
"title"><A NAME=
"AutoPurgeJobs">AutoPurgeJobs
</A></H3>
288 <PRE CLASS=
"command">
295 <P>The
<CODE>AutoPurgeJobs
</CODE> directive specifies whether or
296 not to purge completed jobs once they are no longer required for
297 quotas. This option has no effect if quotas are not enabled. The
298 default setting is
<CODE>No
</CODE>.
</P>
301 <H3 CLASS=
"title"><A NAME=
"BrowseAddress">BrowseAddress
</A></H3>
305 <PRE CLASS=
"command">
306 BrowseAddress
255.255.255.255:
631
307 BrowseAddress
192.0.2.255:
631
308 BrowseAddress host.domain.com:
631
310 BrowseAddress @IF(name)
315 <P>The
<CODE>BrowseAddress
</CODE> directive specifies an address
316 to send browsing information to. Multiple
317 <CODE>BrowseAddress
</CODE> directives can be specified to send
318 browsing information to different networks or systems.
</P>
320 <P>The
<CODE>@LOCAL
</CODE> name will broadcast printer
321 information to all local interfaces. The
<CODE>@IF(name)
</CODE>
322 name will broadcast to the named interface.
</P>
324 <P>There is no default browse address.
</P>
326 <BLOCKQUOTE><B>Note:
</B>
328 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
329 16, or
8 bits, printer browsing (and in fact all broadcast
330 reception) will not work. This problem appears to be fixed in
336 <H3 CLASS=
"title"><A NAME=
"BrowseAllow">BrowseAllow
</A></H3>
340 <PRE CLASS=
"command">
342 BrowseAllow from none
343 BrowseAllow from
192.0.2
344 BrowseAllow from
192.0.2.0/
24
345 BrowseAllow from
192.0.2.0/
255.255.255.0
346 BrowseAllow from *.domain.com
347 BrowseAllow from @LOCAL
348 BrowseAllow from @IF(name)
353 <P>The
<CODE>BrowseAllow
</CODE> directive specifies a system or
354 network to accept browse packets from. The default is to accept
355 browse packets from all hosts.
</P>
357 <P>Host and domain name matching require that you enable the
<A
358 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
361 <P>IP address matching supports exact matches, partial addresses
362 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
363 255.255.255.0, or network addresses using the specified netmask
366 <P>The
<CODE>@LOCAL
</CODE> name will allow browse data from all
367 local interfaces. The
<CODE>@IF(name)
</CODE> name will allow
368 browse data from the named interface.
</P>
371 <H3 CLASS=
"title"><A NAME=
"BrowseDeny">BrowseDeny
</A></H3>
375 <PRE CLASS=
"command">
378 BrowseDeny from
192.0.2
379 BrowseDeny from
192.0.2.0/
24
380 BrowseDeny from
192.0.2.0/
255.255.255.0
381 BrowseDeny from *.domain.com
382 BrowseDeny from @LOCAL
383 BrowseDeny from @IF(name)
388 <P>The
<CODE>BrowseDeny
</CODE> directive specifies a system or
389 network to reject browse packets from. The default is to not deny
390 browse packets from any hosts.
</P>
392 <P>Host and domain name matching require that you enable the
<A
393 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
396 <P>IP address matching supports exact matches, partial addresses
397 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
398 255.255.255.0, or network addresses using the specified netmask
401 <P>The
<CODE>@LOCAL
</CODE> name will block browse data from all
402 local interfaces. The
<CODE>@IF(name)
</CODE> name will block
403 browse data from the named interface.
</P>
406 <H3 CLASS=
"title"><A NAME=
"BrowseOrder">BrowseOrder
</A></H3>
410 <PRE CLASS=
"command">
411 BrowseOrder allow,deny
412 BrowseOrder deny,allow
417 <P>The
<CODE>BrowseOrder
</CODE> directive specifies the order of
418 allow/deny processing. The default order is
419 <CODE>deny,allow
</CODE>:
</P>
423 <LI><CODE>allow,deny
</CODE> - Deny browse packets by
424 default, then check
<CODE>BrowseAllow
</CODE> lines
425 followed by
<CODE>BrowseDeny
</CODE> lines.
</LI>
427 <LI><CODE>deny,allow
</CODE> - Allow browse packets by
428 default, then check
<CODE>BrowseDeny
</CODE> lines
429 followed by
<CODE>BrowseAllow
</CODE> lines.
</LI>
434 <H3 CLASS=
"title"><A NAME=
"BrowseInterval">BrowseInterval
</A></H3>
438 <PRE CLASS=
"command">
445 <P>The
<CODE>BrowseInterval
</CODE> directive specifies the
446 maximum amount of time between browsing updates. Specifying a
447 value of
0 seconds disables outgoing browse updates but allows a
448 server to receive printer information from other hosts.
</P>
450 <P>The
<CODE>BrowseInterval
</CODE> value should always be less
451 than the
<A HREF=
"#BrowseTimeout"><CODE>BrowseTimeout
</CODE></A>
452 value. Otherwise printers and classes will disappear from client
453 systems between updates.
</P>
456 <H3 CLASS=
"title"><A NAME=
"BrowsePoll">BrowsePoll
</A></H3>
460 <PRE CLASS=
"command">
461 BrowsePoll
192.0.2.2:
631
462 BrowsePoll host.domain.com:
631
467 <P>The
<CODE>BrowsePoll
</CODE> directive polls a server for
468 available printers once every
<A
469 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> seconds.
470 Multiple
<CODE>BrowsePoll
</CODE> directives can be specified to
471 poll multiple servers.
</P>
473 <P>If
<CODE>BrowseInterval
</CODE> is set to
0 then the server is
474 polled once every
30 seconds.
</P>
477 <H3 CLASS=
"title"><A NAME=
"BrowsePort">BrowsePort
</A></H3>
481 <PRE CLASS=
"command">
488 <P>The
<CODE>BrowsePort
</CODE> directive specifies the UDP port number
489 used for browse packets. The default port number is
631.
</P>
491 <BLOCKQUOTE><B>Note:
</B>
493 <P>You must set the
<CODE>BrowsePort
</CODE> to the same value
494 on all of the systems that you want to see.
499 <H3 CLASS=
"title"><A NAME=
"BrowseProtocols">BrowseProtocols
</A></H3>
503 <PRE CLASS=
"command">
506 BrowseProtocols CUPS SLP
512 <P>The
<CODE>BrowseProtocols
</CODE> directive specifies the
513 protocols to use when collecting and distributing shared printers
514 on the local network. The default protocol is
<CODE>CUPS
</CODE>,
515 which is a broadcast-based protocol.
</P>
517 <BLOCKQUOTE><B>Note:
</B>
519 <P>When using the
<CODE>SLP
</CODE> protocol, you must have at least
520 one Directory Agent (DA) server on your network. Otherwise the
521 CUPS scheduler (
<CODE>cupsd
</CODE>) will not respond to client
522 requests for several seconds while polling the network.
</P>
527 <H3 CLASS=
"title"><A NAME=
"BrowseRelay">BrowseRelay
</A></H3>
531 <PRE CLASS=
"command">
532 BrowseRelay
193.0.2.1 192.0.2.255
533 BrowseRelay
193.0.2.0/
255.255.255.0 192.0.2.255
534 BrowseRelay
193.0.2.0/
24 192.0.2.255
535 BrowseRelay *.domain.com
192.0.2.255
536 BrowseRelay host.domain.com
192.0.2.255
541 <P>The
<CODE>BrowseRelay
</CODE> directive specifies source and
542 destination addresses for relaying browsing information from one
543 host or network to another. Multiple
<CODE>BrowseRelay
</CODE>
544 directives can be specified as needed.
</P>
546 <P><CODE>BrowseRelay
</CODE> is typically used on systems that
547 bridge multiple subnets using one or more network interfaces. It
548 can also be used to relay printer information from polled servers
551 <PRE CLASS=
"command">
552 BrowseRelay
127.0.0.1 @LOCAL
555 <P>This effectively provides access to printers on a WAN for all
556 clients on the LAN(s).
</P>
559 <H3 CLASS=
"title"><A NAME=
"BrowseShortNames">BrowseShortNames
</A></H3>
563 <PRE CLASS=
"command">
570 <P>The
<CODE>BrowseShortNames
</CODE> directive specifies whether
571 or not short names are used for remote printers when possible.
572 Short names are just the remote printer name, without the server
573 (
"printer"). If more than one remote printer is detected with the
574 same name, the printers will have long names (
"printer@server1",
575 "printer@server2".)
</P>
577 <P>The default value for this option is
<CODE>Yes
</CODE>.
</P>
580 <H3 CLASS=
"title"><A NAME=
"BrowseTimeout">BrowseTimeout
</A></H3>
584 <PRE CLASS=
"command">
591 <P>The
<CODE>BrowseTimeout
</CODE> directive sets the timeout for
592 printer or class information that is received in browse packets.
593 Once a printer or class times out it is removed from the list of
594 available destinations.
</P>
596 <P>The
<CODE>BrowseTimeout
</CODE> value should always be greater
598 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> value.
599 Otherwise printers and classes will disappear from client systems
603 <H3 CLASS=
"title"><A NAME=
"Browsing">Browsing
</A></H3>
607 <PRE CLASS=
"command">
614 <P>The
<CODE>Browsing
</CODE> directive controls whether or not
615 network printer browsing is enabled. The default setting is
618 <P>This directive does not enable sharing of local printers by
619 itself; you must also use the
<A
620 HREF=
"#BrowseAddress"><CODE>BrowseAddress
</CODE></A> or
<A
621 HREF=
"#BrowseProtocols"><CODE>BrowseProtocols
</CODE></A>
622 directives to advertise local printers to other systems.
</P>
624 <BLOCKQUOTE><B>Note:
</B>
626 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
627 16, or
8 bits, printer browsing (and in fact all broadcast
628 reception) will not work. This problem appears to be fixed in
634 <H3 CLASS=
"title"><A NAME=
"Classification">Classification
</A></H3>
638 <PRE CLASS=
"command">
640 Classification classified
641 Classification confidential
642 Classification secret
643 Classification topsecret
644 Classification unclassified
649 <P>The
<CODE>Classification
</CODE> directive sets the
650 classification level on the server. When this option is set, at
651 least one of the banner pages is forced to the classification
652 level, and the classification is placed on each page of output.
653 The default is no classification level.
</P>
656 <H3 CLASS=
"title"><A NAME=
"ClassifyOverride">ClassifyOverride
</A></H3>
660 <PRE CLASS=
"command">
667 <P>The
<CODE>ClassifyOverride
</CODE> directive specifies whether
668 users can override the default classification level on the
669 server. When the server classification is set, users can change
670 the classification using the
<CODE>job-sheets
</CODE> option and
671 can choose to only print one security banner before or after the
672 job. If the
<CODE>job-sheets
</CODE> option is set to
673 <CODE>none
</CODE> then the server default classification is
676 <P>The default is to not allow classification overrides.
</P>
679 <H3 CLASS=
"title"><A NAME=
"ConfigFilePerm">ConfigFilePerm
</A></H3>
683 <PRE CLASS=
"command">
690 <P>The
<CODE>ConfigFilePerm
</CODE> directive specifies the
691 permissions to use when writing configuration files. The default
695 <H3 CLASS=
"title"><A NAME=
"DataDir">DataDir
</A></H3>
699 <PRE CLASS=
"command">
700 DataDir /usr/share/cups
705 <P>The
<CODE>DataDir
</CODE> directive sets the directory to use
709 <H3 CLASS=
"title"><A NAME=
"DefaultCharset">DefaultCharset
</A></H3>
713 <PRE CLASS=
"command">
715 DefaultCharset iso-
8859-
1
716 DefaultCharset windows-
1251
721 <P>The
<CODE>DefaultCharset
</CODE> directive sets the default
722 character set to use for client connections. The default
723 character set is
<CODE>utf-
8</CODE> but is overridden by the
724 character set for the language specified by the client or the
725 <CODE>DefaultLanguage
</CODE> directive.
</P>
728 <H3 CLASS=
"title"><A NAME=
"DefaultLanguage">DefaultLanguage
</A></H3>
732 <PRE CLASS=
"command">
742 <P>The
<CODE>DefaultLanguage
</CODE> directive specifies the
743 default language to use for client connections. Setting the
744 default language also sets the default character set if a
745 language localization file exists for it. The default language
746 is
"en" for English.
</P>
749 <H3 CLASS=
"title"><A NAME=
"Deny">Deny
</A></H3>
753 <PRE CLASS=
"command">
756 Deny from *.domain.com
757 Deny from .domain.com
758 Deny from host.domain.com
761 Deny from nnn.nnn.nnn.*
762 Deny from nnn.nnn.nnn.nnn
763 Deny from nnn.nnn.nnn.nnn/mm
764 Deny from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
765 Deny from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
772 <P>The
<CODE>Deny
</CODE> directive specifies a hostname, IP
773 address, or network that is allowed access to the server.
774 <CODE>Deny
</CODE> directives are cummulative, so multiple
775 <CODE>Deny
</CODE> directives can be used to allow access for
776 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
777 specifies a CIDR netmask:
</P>
779 <DIV CLASS=
"table"><TABLE>
781 <TH WIDTH=
"10%">mm
</TH>
782 <TH WIDTH=
"20%">netmask
</TH>
783 <TH WIDTH=
"10%">mm
</TH>
784 <TH WIDTH=
"20%">netmask
</TH>
787 <TD ALIGN=
"CENTER">0</TD>
788 <TD ALIGN=
"CENTER">0.0.0.0</TD>
789 <TD ALIGN=
"CENTER">8</TD>
790 <TD ALIGN=
"CENTER">255.0.0.0</TD>
793 <TD ALIGN=
"CENTER">1</TD>
794 <TD ALIGN=
"CENTER">128.0.0.0</TD>
795 <TD ALIGN=
"CENTER">16</TD>
796 <TD ALIGN=
"CENTER">255.255.0.0</TD>
799 <TD ALIGN=
"CENTER">2</TD>
800 <TD ALIGN=
"CENTER">192.0.0.0</TD>
801 <TD ALIGN=
"CENTER">24</TD>
802 <TD ALIGN=
"CENTER">255.255.255.0</TD>
805 <TD ALIGN=
"CENTER">...
</TD>
806 <TD ALIGN=
"CENTER">...
</TD>
807 <TD ALIGN=
"CENTER">32</TD>
808 <TD ALIGN=
"CENTER">255.255.255.255</TD>
812 <P>The
<CODE>@LOCAL
</CODE> name will deny access from all local
813 interfaces. The
<CODE>@IF(name)
</CODE> name will deny access from
814 the named interface.
</P>
816 <P>The
<CODE>Deny
</CODE> directive must appear inside a
<A
817 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
820 <H3 CLASS=
"title"><A NAME=
"DocumentRoot">DocumentRoot
</A></H3>
824 <PRE CLASS=
"command">
825 DocumentRoot /usr/share/doc/cups
826 DocumentRoot /foo/bar/doc/cups
831 <P>The
<CODE>DocumentRoot
</CODE> directive specifies the location
832 of web content for the HTTP server in CUPS. If an absolute path
833 is not specified then it is assumed to be relative to the
<A
834 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
835 default directory is
<VAR>/usr/share/doc/cups
</VAR>.
</P>
837 <P>Documents are first looked up in a sub-directory for the
838 primary language requested by the client (e.g.
839 <VAR>/usr/share/doc/cups/fr/...
</VAR>) and then directly under
840 the
<CODE>DocumentRoot
</CODE> directory (e.g.
841 <VAR>/usr/share/doc/cups/...
</VAR>), so it is possible to
842 localize the web content by providing subdirectories for each
846 <H3 CLASS=
"title"><A NAME=
"Encryption">Encryption
</A></H3>
850 <PRE CLASS=
"command">
852 Encryption IfRequested
858 <P>The
<CODE>Encryption
</CODE> directive must appear instead a
<A
859 HREF=
"#Location"><CODE>Location
</CODE></A> section and specifies
860 the encryption settings for that location. The default setting is
861 <CODE>IfRequested
</CODE> for all locations.
</P>
864 <H3 CLASS=
"title"><A NAME=
"ErrorLog">ErrorLog
</A></H3>
868 <PRE CLASS=
"command">
869 ErrorLog /var/log/cups/error_log
870 ErrorLog /var/log/cups/error_log-%s
876 <P>The
<CODE>ErrorLog
</CODE> directive sets the name of the error
877 log file. If the filename is not absolute then it is assumed to
878 be relative to the
<A
879 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
880 default error log file is
<VAR>/var/log/cups/error_log
</VAR>.
</P>
882 <P>The server name can be included in the filename by using
883 <CODE>%s
</CODE> in the name.
</P>
885 <P>The special name
"syslog" can be used to send the error
886 information to the system log instead of a plain file.
</P>
889 <H3 CLASS=
"title"><A NAME=
"FileDevice">FileDevice
</A></H3>
893 <PRE CLASS=
"command">
900 <P>The
<CODE>FileDevice
</CODE> directive determines whether the
901 scheduler allows new printers to be added using device URIs of
902 the form
<CODE>file:/filename
</CODE>. File devices are most often
903 used to test new printer drivers and do not support raw file
906 <P>The default setting is
<CODE>No
</CODE>.
</P>
908 <BLOCKQUOTE><B>Note:
</B>
910 <P>File devices are managed by the scheduler. Since the
911 scheduler normally runs as the root user, file devices
912 can be used to overwrite system files and potentially
913 gain unauthorized access to the system. If you must
914 create printers using file devices, we recommend that
915 you set the
<CODE>FileDevice
</CODE> directive to
916 <CODE>Yes
</CODE> for only as long as you need to add the
917 printers to the system, and then reset the directive to
923 <H3 CLASS=
"title"><A NAME=
"FilterLimit">FilterLimit
</A></H3>
927 <PRE CLASS=
"command">
935 <P>The
<CODE>FilterLimit
</CODE> directive sets the maximum cost
936 of all running job filters. It can be used to limit the number of
937 filter programs that are run on a server to minimize disk,
938 memory, and CPU resource problems. A limit of
0 disables filter
941 <P>An average print to a non-PostScript printer needs a filter
942 limit of about
200. A PostScript printer needs about half that
943 (
100). Setting the limit below these thresholds will effectively
944 limit the scheduler to printing a single job at any time.
</P>
946 <P>The default limit is
0.
</P>
949 <H3 CLASS=
"title"><A NAME=
"FontPath">FontPath
</A></H3>
953 <PRE CLASS=
"command">
954 FontPath /foo/bar/fonts
955 FontPath /usr/share/cups/fonts:/foo/bar/fonts
960 <P>The
<CODE>FontPath
</CODE> directive specifies the font path to
961 use when searching for fonts. The default font path is
962 <CODE>/usr/share/cups/fonts
</CODE>.
</P>
965 <H3 CLASS=
"title"><A NAME=
"Group">Group
</A></H3>
969 <PRE CLASS=
"command">
975 <P>The
<CODE>Group
</CODE> directive specifies the UNIX group that
976 filter and CGI programs run as. The default group is
977 <CODE>nobody
</CODE>.
</P>
980 <H3 CLASS=
"title"><A NAME=
"HideImplicitMembers">HideImplicitMembers
</A></H3>
984 <PRE CLASS=
"command">
985 HideImplicitMembers Yes
986 HideImplicitMembers No
991 <P>The
<CODE>HideImplicitMembers
</CODE> directive controls
992 whether the individual printers in an implicit class are hidden
993 from the user. The default is
<CODE>Yes
</CODE>.
</P>
995 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
996 must be enabled for this directive to have any effect.
</P>
999 <H3 CLASS=
"title"><A NAME=
"HostNameLookups">HostNameLookups
</A></H3>
1003 <PRE CLASS=
"command">
1006 HostNameLookups Double
1009 <H4>Description
</H4>
1011 <P>The
<CODE>HostNameLookups
</CODE> directive controls whether or
1012 not CUPS looks up the hostname for connecting clients. The
1013 <CODE>Double
</CODE> setting causes CUPS to verify that the
1014 hostname resolved from the address matches one of the addresses
1015 returned for that hostname.
<CODE>Double
</CODE> lookups also
1016 prevent clients with unregistered addresses from connecting to
1019 <P>The default is
<CODE>Off
</CODE> to avoid the potential server
1020 performance problems with hostname lookups. Set this option to
1021 <CODE>On
</CODE> or
<CODE>Double
</CODE> only if absolutely
1025 <H3 CLASS=
"title"><A NAME=
"ImplicitClasses">ImplicitClasses
</A></H3>
1029 <PRE CLASS=
"command">
1034 <H4>Description
</H4>
1036 <P>The
<CODE>ImplicitClasses
</CODE> directive controls whether
1037 implicit classes are created based upon the available network
1038 printers and classes. The default setting is
<CODE>On
</CODE> but
1039 is automatically turned
<CODE>Off
</CODE> if
<A
1040 HREF=
"#Browsing"><CODE>Browsing
</CODE></A> is turned
1041 <CODE>Off
</CODE>.
</P>
1044 <H3 CLASS=
"title"><A NAME=
"ImplicitAnyClasses">ImplicitAnyClasses
</A></H3>
1048 <PRE CLASS=
"command">
1049 ImplicitAnyClasses On
1050 ImplicitAnyClasses Off
1053 <H4>Description
</H4>
1055 <P>The
<CODE>ImplicitAnyClasses
</CODE> directive controls
1056 whether implicit classes for local and remote printers are
1057 created with the name
<CODE>AnyPrinter
</CODE>. The default
1058 setting is
<CODE>Off
</CODE>.
</P>
1060 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1061 must be enabled for this directive to have any effect.
</P>
1064 <H3 CLASS=
"title"><A NAME=
"Include">Include
</A></H3>
1068 <PRE CLASS=
"command">
1070 Include /foo/bar/filename
1073 <H4>Description
</H4>
1075 <P>The
<CODE>Include
</CODE> directive includes the named file in
1076 the
<CODE>cupsd.conf
</CODE> file. If no leading path is provided,
1077 the file is assumed to be relative to the
<A
1078 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory.
</P>
1081 <H3 CLASS=
"title"><A NAME=
"KeepAlive">KeepAlive
</A></H3>
1085 <PRE CLASS=
"command">
1090 <H4>Description
</H4>
1092 <P>The
<CODE>KeepAlive
</CODE> directive controls whether or not
1093 to support persistent HTTP connections. The default is
1094 <CODE>On
</CODE>.
</P>
1096 <P>HTTP/
1.1 clients automatically support persistent connections,
1097 while HTTP/
1.0 clients must specifically request them using the
1098 <CODE>Keep-Alive
</CODE> attribute in the
<CODE>Connection:
</CODE>
1099 field of each request.
</P>
1102 <H3 CLASS=
"title"><A NAME=
"KeepAliveTimeout">KeepAliveTimeout
</A></H3>
1106 <PRE CLASS=
"command">
1111 <H4>Description
</H4>
1113 <P>The
<CODE>KeepAliveTimeout
</CODE> directive controls how long
1114 a persistent HTTP connection will remain open after the last
1115 request. The default is
60 seconds.
</P>
1118 <H3 CLASS=
"title"><A NAME=
"Limit">Limit
</A></H3>
1122 <PRE CLASS=
"command">
1123 <Limit GET POST
>
1132 <H4>Description
</H4>
1134 <P>The
<CODE>Limit
</CODE> directive groups access control
1135 directives for specific types of HTTP requests and must appear
1136 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1137 Access can be limited for individual request types
1138 (
<CODE>DELETE
</CODE>,
<CODE>GET
</CODE>,
<CODE>HEAD
</CODE>,
1139 <CODE>OPTIONS
</CODE>,
<CODE>POST
</CODE>,
<CODE>PUT
</CODE>, and
1140 <CODE>TRACE
</CODE>) or for all request types (
<CODE>ALL
</CODE>).
1141 The request type names are case-sensitive for compatibility with
1145 <H3 CLASS=
"title"><A NAME=
"LimitExcept">LimitExcept
</A></H3>
1149 <PRE CLASS=
"command">
1150 <LimitExcept GET POST
>
1152 </LimitExcept
>
1155 <H4>Description
</H4>
1157 <P>The
<CODE>LimitExcept
</CODE> directive groups access control
1158 directives for specific types of HTTP requests and must appear
1159 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1160 Unlike the
<A HREF=
"#Limit"><CODE>Limit
</CODE></A> directive,
1161 <CODE>LimitExcept
</CODE> restricts access for all requests
1162 <I>except
</I> those listed on the
<CODE>LimitExcept
</CODE>
1166 <H3 CLASS=
"title"><A NAME=
"LimitRequestBody">LimitRequestBody
</A></H3>
1170 <PRE CLASS=
"command">
1171 LimitRequestBody
10485760
1172 LimitRequestBody
10m
1176 <H4>Description
</H4>
1178 <P>The
<CODE>LimitRequestBody
</CODE> directive controls the
1179 maximum size of print files, IPP requests, and HTML form data in
1180 HTTP POST requests. The default limit is
0 which disables the
1184 <H3 CLASS=
"title"><A NAME=
"Listen">Listen
</A></H3>
1188 <PRE CLASS=
"command">
1189 Listen
127.0.0.1:
631
1190 Listen
192.0.2.1:
631
1195 <H4>Description
</H4>
1197 <P>The
<CODE>Listen
</CODE> directive specifies a network address
1198 and port to listen for connections. Multiple
<CODE>Listen
</CODE>
1199 directives can be provided to listen on multiple addresses.
</P>
1201 <P>The
<CODE>Listen
</CODE> directive is similar to the
<A
1202 HREF=
"#Port"><CODE>Port
</CODE></A> directive but allows you to
1203 restrict access to specific interfaces or networks.
</P>
1206 <H3 CLASS=
"title"><A NAME=
"Location">Location
</A></H3>
1210 <PRE CLASS=
"command">
1215 <Location /admin
>
1219 <Location /admin/conf
>
1223 <Location /admin/log
>
1227 <Location /classes
>
1231 <Location /classes/name
>
1235 <Location /jobs
>
1239 <Location /printers
>
1243 <Location /printers/name
>
1249 <H4>Description
</H4>
1251 <P>The
<CODE>Location
</CODE> directive specifies access control
1252 and authentication options for the specified HTTP resource or
1253 path. The
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>,
<A
1254 HREF=
"#AuthType"><CODE>AuthType
</CODE></A>,
<A
1255 HREF=
"#Deny"><CODE>Deny
</CODE></A>,
<A
1256 HREF=
"#Encryption"><CODE>Encryption
</CODE></A>,
<A
1257 HREF=
"#Limit"><CODE>Limit
</CODE></A>,
<A
1258 HREF=
"#LimitExcept"><CODE>LimitExcept
</CODE></A>,
<A
1259 HREF=
"#Order"><CODE>Order
</CODE></A>,
<A
1260 HREF=
"#Require"><CODE>Require
</CODE></A>, and
<A
1261 HREF=
"#Satisfy"><CODE>Satisfy
</CODE></A> directives may all
1262 appear inside a location.
</P>
1264 <P>Note that more specific resources override the less specific
1265 ones. So the directives inside the
<CODE>/printers/name
</CODE>
1266 location will override ones from
<CODE>/printers
</CODE>.
1267 Directives inside
<CODE>/printers
</CODE> will override ones from
1268 <CODE>/
</CODE>. None of the directives are inherited.
</P>
1270 <DIV CLASS=
"table"><TABLE>
1271 <CAPTION>Common Locations on the Server
</CAPTION>
1272 <TR><TH>Location
</TH><TH>Description
</TH></TR>
1273 <TR><TD><CODE>/
</CODE></TD><TD>The path for all get operations (get-printers, get-jobs, etc.)
</TD></TR>
1274 <TR><TD><CODE>/admin
</CODE></TD><TD>The path for all administration operations (add-printer, delete-printer, start-printer, etc.)
</TD></TR>
1275 <TR><TD><CODE>/admin/conf
</CODE></TD><TD>The path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
</TD></TR>
1276 <TR><TD><CODE>/admin/log
</CODE></TD><TD>The path for access to the CUPS log files (access_log, error_log, page_log)
</TD></TR>
1277 <TR><TD><CODE>/classes
</CODE></TD><TD>The path for all classes
</TD></TR>
1278 <TR><TD><CODE>/classes/name
</CODE></TD><TD>The resource for class
<CODE>name
</CODE></TD></TR>
1279 <TR><TD><CODE>/jobs
</CODE></TD><TD>The path for all jobs (hold-job, release-job, etc.)
</TD></TR>
1280 <TR><TD><CODE>/jobs/id
</CODE></TD><TD>The resource for job
<CODE>id
</CODE></TD></TR>
1281 <TR><TD><CODE>/printers
</CODE></TD><TD>The path for all printers
</TD></TR>
1282 <TR><TD><CODE>/printers/name
</CODE></TD><TD>The path for printer
<CODE>name
</CODE></TD></TR>
1283 <TR><TD><CODE>/printers/name.ppd
</CODE></TD><TD>The PPD file path for printer
<CODE>name
</CODE></TD></TR>
1287 <H3 CLASS=
"title"><A NAME=
"LogFilePerm">LogFilePerm
</A></H3>
1291 <PRE CLASS=
"command">
1296 <H4>Description
</H4>
1298 <P>The
<CODE>LogFilePerm
</CODE> directive specifies the
1299 permissions to use when writing configuration files. The default
1303 <H3 CLASS=
"title"><A NAME=
"LogLevel">LogLevel
</A></H3>
1307 <PRE CLASS=
"command">
1320 <H4>Description
</H4>
1322 <P>The
<CODE>LogLevel
</CODE> directive specifies the level of
1323 logging for the
<A HREF=
"#ErrorLog"><CODE>ErrorLog
</CODE></A>
1324 file. The following values are recognized (each level logs
1325 everything under the preceding levels):
</P>
1329 <LI><CODE>none
</CODE> - Log nothing
</LI>
1331 <LI><CODE>emerg
</CODE> - Log emergency conditions that
1332 prevent the server from running
</LI>
1334 <LI><CODE>alert
</CODE> - Log alerts that must be handled
1337 <LI><CODE>crit
</CODE> - Log critical errors that don't
1338 prevent the server from running
</LI>
1340 <LI><CODE>error
</CODE> - Log general errors
</LI>
1342 <LI><CODE>warn
</CODE> - Log errors and warnings
</LI>
1344 <LI><CODE>notice
</CODE> - Log temporary error conditions
</LI>
1346 <LI><CODE>info
</CODE> - Log all requests and state
1347 changes (default)
</LI>
1349 <LI><CODE>debug
</CODE> - Log basic debugging
1352 <LI><CODE>debug2
</CODE> - Log all debugging
1358 <H3 CLASS=
"title"><A NAME=
"MaxClients">MaxClients
</A></H3>
1362 <PRE CLASS=
"command">
1367 <H4>Description
</H4>
1369 <P>The
<CODE>MaxClients
</CODE> directive controls the maximum
1370 number of simultaneous clients that will be allowed by the
1371 server. The default is
100 clients.
</P>
1373 <BLOCKQUOTE><B>Note:
</B>
1375 <P>Since each print job requires a file descriptor for the status
1376 pipe, the scheduler internally limits the
<CODE>MaxClients
</CODE>
1377 value to
1/
3 of the available file descriptors to avoid possible
1378 problems when printing large numbers of jobs.
</P>
1383 <H3 CLASS=
"title"><A NAME=
"MaxClientsPerHost">MaxClientsPerHost
</A></H3>
1387 <PRE CLASS=
"command">
1388 MaxClientsPerHost
10
1391 <H4>Description
</H4>
1393 <P>The
<CODE>MaxClientsPerHost
</CODE> directive controls the
1394 maximum number of simultaneous clients that will be allowed from
1395 a single host by the server. The default is the
1396 <CODE>MaxClients
</CODE> value.
</P>
1398 <P>This directive provides a small measure of protection against
1399 Denial of Service attacks from a single host.
</P>
1402 <H3 CLASS=
"title"><A NAME=
"MaxCopies">MaxCopies
</A></H3>
1406 <PRE CLASS=
"command">
1411 <H4>Description
</H4>
1413 <P>The
<CODE>MaxCopies
</CODE> directive controls the maximum
1414 number of copies that a user can print of a job. The default is
1417 <BLOCKQUOTE><B>Note:
</B>
1419 <P>Most HP PCL laser printers internally limit the number of
1426 <H3 CLASS=
"title"><A NAME=
"MaxJobs">MaxJobs
</A></H3>
1430 <PRE CLASS=
"command">
1436 <H4>Description
</H4>
1438 <P>The
<CODE>MaxJobs
</CODE> directive controls the maximum number
1439 of jobs that are kept in memory. Once the number of jobs reaches
1440 the limit, the oldest completed job is automatically purged from
1441 the system to make room for the new one. If all of the known jobs
1442 are still pending or active then the new job will be
1445 <P>Setting the maximum size to
0 disables this functionality. The
1446 default setting is
0.
</P>
1449 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerPrinter">MaxJobsPerPrinter
</A></H3>
1453 <PRE CLASS=
"command">
1454 MaxJobsPerPrinter
100
1455 MaxJobsPerPrinter
9999
1459 <H4>Description
</H4>
1461 <P>The
<CODE>MaxJobsPerPrinter
</CODE> directive controls the
1462 maximum number of active jobs that are allowed for each printer
1463 or class. Once a printer or class reaches the limit, new jobs
1464 will be rejected until one of the active jobs is completed,
1465 stopped, aborted, or canceled.
</P>
1467 <P>Setting the maximum to
0 disables this functionality. The
1468 default setting is
0.
</P>
1471 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerUser">MaxJobsPerUser
</A></H3>
1475 <PRE CLASS=
"command">
1481 <H4>Description
</H4>
1483 <P>The
<CODE>MaxJobsPerUser
</CODE> directive controls the maximum
1484 number of active jobs that are allowed for each user. Once a user
1485 reaches the limit, new jobs will be rejected until one of the
1486 active jobs is completed, stopped, aborted, or canceled.
</P>
1488 <P>Setting the maximum to
0 disables this functionality. The
1489 default setting is
0.
</P>
1492 <H3 CLASS=
"title"><A NAME=
"MaxLogSize">MaxLogSize
</A></H3>
1496 <PRE CLASS=
"command">
1502 <H4>Description
</H4>
1504 <P>The
<CODE>MaxLogSize
</CODE> directive controls the maximum
1505 size of each log file. Once a log file reaches or exceeds the
1506 maximum size it is closed and renamed to
<VAR>filename.O
</VAR>.
1507 This allows you to rotate the logs automatically. The default
1508 size is
1048576 bytes (
1MB).
</P>
1510 <P>Setting the maximum size to
0 disables log rotation.
</P>
1513 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"MaxRequestSize">MaxRequestSize
</A></H3>
1517 <PRE CLASS=
"command">
1518 MaxRequestSize
10485760
1523 <H4>Description
</H4>
1525 <P>The
<CODE>MaxRequestSize
</CODE> directive controls the maximum
1526 size of print files, IPP requests, and HTML form data in HTTP
1527 POST requests. The default limit is
0 which disables the limit
1530 <P><B>This directive is deprecated and will be replaced in a
1531 future CUPS release.
</B> Use the
<A
1532 HREF=
"#LimitRequestBody"><CODE>LimitRequestBody
</CODE></A>
1533 directive instead.
</P>
1536 <H3 CLASS=
"title"><A NAME=
"Order">Order
</A></H3>
1540 <PRE CLASS=
"command">
1545 <H4>Description
</H4>
1547 <P>The
<CODE>Order
</CODE> directive defines the default access
1548 control. The following values are supported:
</P>
1552 <LI><CODE>allow,deny
</CODE> - Deny requests by default,
1553 then check the
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>
1554 lines followed by the
<A
1555 HREF=
"#Deny"><CODE>Deny
</CODE></A> lines
</LI>
1557 <LI><CODE>deny,allow
</CODE> - Allow requests by default,
1558 then check the
<A HREF=
"#Deny"><CODE>Deny
</CODE></A>
1559 lines followed by the
<A
1560 HREF=
"#Allow"><CODE>Allow
</CODE></A> lines
</LI>
1564 <P>The
<CODE>Order
</CODE> directive must appear inside a
<A
1565 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
1568 <H3 CLASS=
"title"><A NAME=
"PageLog">PageLog
</A></H3>
1572 <PRE CLASS=
"command">
1573 PageLog /var/log/cups/page_log
1574 PageLog /var/log/cups/page_log-%s
1578 <H4>Description
</H4>
1580 <P>The
<CODE>PageLog
</CODE> directive sets the name of the page
1581 log file. If the filename is not absolute then it is assumed to
1582 be relative to the
<A
1583 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1584 default page log file is
<VAR>/var/log/cups/page_log
</VAR>.
</P>
1586 <P>The server name can be included in the filename by using
1587 <CODE>%s
</CODE> in the name.
</P>
1589 <P>The special name
"syslog" can be used to send the page
1590 information to the system log instead of a plain file.
</P>
1593 <H3 CLASS=
"title"><A NAME=
"Port">Port
</A></H3>
1597 <PRE CLASS=
"command">
1602 <H4>Description
</H4>
1604 <P>The
<CODE>Port
</CODE> directive specifies a port to listen on.
1605 Multiple
<CODE>Port
</CODE> lines can be specified to listen on
1606 multiple ports. The
<CODE>Port
</CODE> directive is equivalent to
1607 "<CODE>Listen *:nnn</CODE>". The default port is
631.
</P>
1609 <BLOCKQUOTE><B>Note:
</B>
1611 <P>On systems that support IPv6, this directive will bind to both
1612 the IPv4 and IPv6 wildcard address.
</P>
1617 <H3 CLASS=
"title"><A NAME=
"PreserveJobHistory">PreserveJobHistory
</A></H3>
1621 <PRE CLASS=
"command">
1622 PreserveJobHistory On
1623 PreserveJobHistory Off
1626 <H4>Description
</H4>
1628 <P>The
<CODE>PreserveJobHistory
</CODE> directive controls whether
1629 the history of completed, canceled, or aborted print jobs is
1632 <P>A value of
<CODE>On
</CODE> (the default) preserves job
1633 information until the administrator purges it with the
1634 <CODE>cancel
</CODE> command.
</P>
1636 <P>A value of
<CODE>Off
</CODE> removes the job information as
1637 soon as each job is completed, canceled, or aborted.
</P>
1640 <H3 CLASS=
"title"><A NAME=
"PreserveJobFiles">PreserveJobFiles
</A></H3>
1644 <PRE CLASS=
"command">
1646 PreserveJobFiles Off
1649 <H4>Description
</H4>
1651 <P>The
<CODE>PreserveJobFiles
</CODE> directive controls whether
1652 the document files of completed, canceled, or aborted print jobs
1653 are stored on disk.
</P>
1655 <P>A value of
<CODE>On
</CODE> preserves job files until the
1656 administrator purges them with the
<CODE>cancel
</CODE> command.
1657 Jobs can be restarted (and reprinted) as desired until they are
1660 <P>A value of
<CODE>Off
</CODE> (the default) removes the job
1661 files as soon as each job is completed, canceled, or aborted.
</P>
1664 <H3 CLASS=
"title"><A NAME=
"Printcap">Printcap
</A></H3>
1668 <PRE CLASS=
"command">
1670 Printcap /etc/printcap
1671 Printcap /etc/printers.conf
1674 <H4>Description
</H4>
1676 <P>The
<CODE>Printcap
</CODE> directive controls whether or not a
1677 printcap file is automatically generated and updated with a list
1678 of available printers. If specified with no value, then no
1679 printcap file will be generated. The default is to generate a
1680 file named
<VAR>/etc/printcap
</VAR>.
</P>
1682 <P>When a filename is specified (e.g.
<VAR>/etc/printcap
</VAR>),
1683 the printcap file is written whenever a printer is added or
1684 removed. The printcap file can then be used by applications that
1685 are hardcoded to look at the printcap file for the available
1689 <H3 CLASS=
"title"><A NAME=
"PrintcapFormat">PrintcapFormat
</A></H3>
1693 <PRE CLASS=
"command">
1695 PrintcapFormat Solaris
1698 <H4>Description
</H4>
1700 <P>The
<CODE>PrintcapFormat
</CODE> directive controls the output
1701 format of the printcap file. The default is to generate a BSD
1705 <H3 CLASS=
"title"><A NAME=
"RemoteRoot">RemoteRoot
</A></H3>
1709 <PRE CLASS=
"command">
1714 <H4>Description
</H4>
1716 <P>The
<CODE>RemoteRoot
</CODE> directive sets the username for
1717 unauthenticated root requests from remote hosts. The default
1718 username is
<VAR>remroot
</VAR>. Setting
<CODE>RemoteRoot
</CODE>
1719 to
<VAR>root
</VAR> effectively disables this security
1723 <H3 CLASS=
"title"><A NAME=
"RequestRoot">RequestRoot
</A></H3>
1727 <PRE CLASS=
"command">
1728 RequestRoot /var/spool/cups
1729 RequestRoot /foo/bar/spool/cups
1732 <H4>Description
</H4>
1734 <P>The
<CODE>RequestRoot
</CODE> directive sets the directory for
1735 incoming IPP requests and HTML forms. If an absolute path is not
1736 provided then it is assumed to be relative to the
<A
1737 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1738 default request directory is
<VAR>/var/spool/cups
</VAR>.
</P>
1741 <H3 CLASS=
"title"><A NAME=
"Require">Require
</A></H3>
1745 <PRE CLASS=
"command">
1746 Require group foo bar
1747 Require user john mary
1749 Require user @groupname
1750 Require user @SYSTEM
1754 <H4>Description
</H4>
1756 <P>The
<CODE>Require
</CODE> directive specifies that
1757 authentication is required for the resource. The
1758 <CODE>group
</CODE> keyword specifies that the authenticated user
1759 must be a member of one or more of the named groups that
1762 <P>The
<CODE>user
</CODE> keyboard specifies that the
1763 authenticated user must be one of the named users or groups that
1764 follow. Group names are specified using the
"@" prefix.
</P>
1766 <P>The
<CODE>valid-user
</CODE> keyword specifies that any
1767 authenticated user may access the resource.
</P>
1769 <P>The default is to do no authentication. This directive must
1770 appear inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1774 <H3 CLASS=
"title"><A NAME=
"RIPCache">RIPCache
</A></H3>
1778 <PRE CLASS=
"command">
1784 <H4>Description
</H4>
1786 <P>The
<CODE>RIPCache
</CODE> directive sets the size of the
1787 memory cache used by Raster Image Processor (
"RIP") filters such
1788 as
<CODE>imagetoraster
</CODE> and
<CODE>pstoraster
</CODE>. The
1789 size can be suffixed with a
"k" for kilobytes,
"m" for megabytes,
1790 or
"g" for gigabytes. The default cache size is
"8m", or
8
1794 <H3 CLASS=
"title"><A NAME=
"Satisfy">Satisfy
</A></H3>
1798 <PRE CLASS=
"command">
1803 <H4>Description
</H4>
1805 <P>The
<CODE>Satisfy
</CODE> directive specifies whether all
1806 conditions must be satisfied to allow access to the resource. If
1807 set to
<CODE>all
</CODE>, then all authentication and access
1808 control conditions must be satified to allow access.
</P>
1810 <P>Setting
<CODE>Satisfy
</CODE> to
<CODE>any
</CODE> allows a user
1811 to gain access if the authentication or access control
1812 requirements are satisfied. For example, you might require
1813 authentication for remote access, but allow local access without
1816 <P>The default is
<CODE>all
</CODE>. This directive must appear
1817 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1821 <H3 CLASS=
"title"><A NAME=
"ServerAdmin">ServerAdmin
</A></H3>
1825 <PRE CLASS=
"command">
1826 ServerAdmin user@host
1827 ServerAdmin root@foo.bar.com
1830 <H4>Description
</H4>
1832 <P>The
<CODE>ServerAdmin
</CODE> directive identifies the email
1833 address for the administrator on the system. By default the
1834 administrator email address is
<CODE>root@server
</CODE>, where
1835 <CODE>server
</CODE> is the server name.
</P>
1838 <H3 CLASS=
"title"><A NAME=
"ServerBin">ServerBin
</A></H3>
1842 <PRE CLASS=
"command">
1843 ServerBin /usr/lib/cups
1844 ServerBin /foo/bar/lib/cups
1847 <H4>Description
</H4>
1849 <P>The
<CODE>ServerBin
</CODE> directive sets the directory for
1850 server-run executables. If an absolute path is not provided then
1851 it is assumed to be relative to the
<A
1852 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1853 default executable directory is
<VAR>/usr/lib/cups
</VAR> or
1854 <VAR>/usr/lib32/cups
</VAR> (IRIX
6.5).
</P>
1857 <H3 CLASS=
"title"><A NAME=
"ServerCertificate">ServerCertificate
</A></H3>
1861 <PRE CLASS=
"command">
1862 ServerCertificate /etc/cups/ssl/server.crt
1865 <H4>Description
</H4>
1867 <P>The
<CODE>ServerCertificate
</CODE> directive specifies the
1868 location of the SSL certificate file used by the server when
1869 negotiating encrypted connections. The certificate must not be
1870 encrypted (password protected) since the scheduler normally runs
1871 in the background and will be unable to ask for a password.
</P>
1873 <P>The default certificate file is
1874 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1877 <H3 CLASS=
"title"><A NAME=
"ServerKey">ServerKey
</A></H3>
1881 <PRE CLASS=
"command">
1882 ServerKey /etc/cups/ssl/server.key
1885 <H4>Description
</H4>
1887 <P>The
<CODE>ServerKey
</CODE> directive specifies the location of
1888 the SSL private key file used by the server when negotiating
1889 encrypted connections.
</P>
1891 <P>The default key file is
1892 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1895 <H3 CLASS=
"title"><A NAME=
"ServerName"></A>ServerName
</H3>
1899 <PRE CLASS=
"command">
1900 ServerName foo.domain.com
1901 ServerName myserver.domain.com
1904 <H4>Description
</H4>
1906 <P>The
<CODE>ServerName
</CODE> directive specifies the hostname
1907 that is reported to clients. By default the server name is the
1911 <H3 CLASS=
"title"><A NAME=
"ServerRoot">ServerRoot
</A></H3>
1915 <PRE CLASS=
"command">
1916 ServerRoot /etc/cups
1917 ServerRoot /foo/bar/cups
1920 <H4>Description
</H4>
1922 <P>The
<CODE>ServerRoot
</CODE> directive specifies the absolute
1923 path to the server configuration and state files. It is also used
1924 to resolve relative paths in the
<VAR>cupsd.conf
</VAR> file. The
1925 default server directory is
<VAR>/etc/cups
</VAR>.
</P>
1928 <H3 CLASS=
"title"><A NAME=
"SSLListen">SSLListen
</A></H3>
1932 <PRE CLASS=
"command">
1933 SSLListen
127.0.0.1:
443
1934 SSLListen
192.0.2.1:
443
1937 <H4>Description
</H4>
1939 <P>The
<CODE>SSLListen
</CODE> directive specifies a network
1940 address and port to listen for secure connections. Multiple
1941 <CODE>SSLListen
</CODE> directives can be provided to listen on
1942 multiple addresses.
</P>
1944 <P>The
<CODE>SSLListen
</CODE> directive is similar to the
<A
1945 HREF=
"#SSLPort"><CODE>SSLPort
</CODE></A> directive but allows you
1946 to restrict access to specific interfaces or networks.
</P>
1949 <H3 CLASS=
"title"><A NAME=
"SSLPort">SSLPort
</A></H3>
1953 <PRE CLASS=
"command">
1957 <H4>Description
</H4>
1959 <P>The
<CODE>SSLPort
</CODE> directive specifies a port to listen
1960 on for secure connections. Multiple
<CODE>SSLPort
</CODE> lines
1961 can be specified to listen on multiple ports.
</P>
1964 <H3 CLASS=
"title"><A NAME=
"SystemGroup">SystemGroup
</A></H3>
1968 <PRE CLASS=
"command">
1975 <H4>Description
</H4>
1977 <P>The
<CODE>SystemGroup
</CODE> directive specifies the system
1978 administration group for
<CODE>System
</CODE> authentication.
</P>
1981 <H3 CLASS=
"title"><A NAME=
"TempDir">TempDir
</A></H3>
1985 <PRE CLASS=
"command">
1987 TempDir /foo/bar/tmp
1990 <H4>Description
</H4>
1992 <P>The
<CODE>TempDir
</CODE> directive specifies an absolute path
1993 for the directory to use for temporary files. The default
1994 directory is
<VAR>/var/spool/cups/tmp
</VAR>.
</P>
1996 <P>Temporary directories must be world-writable and should have
1997 the
"sticky" permission bit enabled so that other users cannot
1998 delete filter temporary files. The following commands will create
1999 an appropriate temporary directory called
2000 <VAR>/foo/bar/tmp
</VAR>:
</P>
2002 <PRE CLASS=
"command">
2003 <KBD>mkdir /foo/bar/tmp
</KBD>
2004 <KBD>chmod a+rwxt /foo/bar/tmp
</KBD>
2008 <H3 CLASS=
"title"><A NAME=
"Timeout">Timeout
</A></H3>
2012 <PRE CLASS=
"command">
2017 <H4>Description
</H4>
2019 <P>The
<CODE>Timeout
</CODE> directive controls the amount of time
2020 to wait before an active HTTP or IPP request times out. The
2021 default timeout is
300 seconds.
</P>
2024 <H3 CLASS=
"title"><A NAME=
"User">User
</A></H3>
2028 <PRE CLASS=
"command">
2033 <H4>Description
</H4>
2035 <P>The
<CODE>User
</CODE> directive specifies the UNIX user that
2036 filter and CGI programs run as. The default user is
2037 <CODE>lp
</CODE>.
</P>
2039 <BLOCKQUOTE><B>Note:
</B>
2041 <P>You may not use user
<CODE>root
</CODE>, as that would expose
2042 the system to unacceptable security risks. The scheduler will
2043 automatically choose user
<CODE>nobody
</CODE> if you specify a
2044 user whose ID is
0.
</P>