2 <!-- SECTION: References -->
4 <TITLE>cupsd.conf
</TITLE>
9 <P>The
<VAR>/etc/cups/cupsd.conf
</VAR> file contains
10 configuration
<I>directives
</I> that control how the server
11 functions. Each directive is listed on a line by itself followed
12 by its value. Comments are introduced using the number sign (
"#")
13 character at the beginning of a line.
</P>
15 <P>Since the server configuration file consists of plain text,
16 you can use your favorite text editor to make changes to it.
17 After making any changes, restart the
<CODE>cupsd(
8)
</CODE>
18 process using the startup script for your operating system:
</P>
22 <LI>AIX, IRIX, Linux, Solaris:
24 /etc/init.d/cups restart
29 /sbin/init.d/cups restart
34 sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
35 sudo launchctl load /System/Library/LaunchDaemons/org.cups.cupsd.plist
40 <P>You can also edit this file from the CUPS web interface, which
41 automatically handles restarting the scheduler.
</P>
44 <H2 CLASS=
"title"><A NAME=
"AccessLog">AccessLog
</A></H2>
49 AccessLog /var/log/cups/access_log
50 AccessLog /var/log/cups/access_log-%s
56 <P>The
<CODE>AccessLog
</CODE> directive sets the name of the
57 access log file. If the filename is not absolute then it is
58 assumed to be relative to the
<A
59 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
60 access log file is stored in
"common log format" and can be used
61 by any web access reporting tool to generate a report on CUPS
64 <P>The server name can be included in the filename by using
65 <CODE>%s
</CODE> in the name.
</P>
67 <P>The special name
"syslog" can be used to send the access
68 information to the system log instead of a plain file.
</P>
70 <P>The default access log file is
71 <VAR>@CUPS_LOGDIR@/access_log
</VAR>.
</P>
74 <H2 CLASS=
"title"><A NAME=
"AccessLogLevel">AccessLogLevel
</A></H2>
80 AccessLogLevel actions
86 <P>The
<CODE>AccessLogLevel
</CODE> directive controls which requests are logged
87 to the access log file. The following levels are defined:
</P>
91 <LI><CODE>config
</CODE>; Log when printers and classes are added,
92 deleted, or modified and when configuration files are accessed or
95 <LI><CODE>actions
</CODE>; Log when print jobs are submitted,
96 held, released, modified, or canceled, and any of the conditions
97 for
<CODE>config
</CODE>.
</LI>
99 <LI><CODE>all
</CODE>; Log all requests.
</LI>
103 <P>The default access log level is
<CODE>@CUPS_ACCESS_LOG_LEVEL@
</CODE>.
</P>
106 <H2 CLASS=
"title"><A NAME=
"Allow">Allow
</A></H2>
110 <PRE CLASS=
"command">
111 <Location /path
>
115 Allow from *.domain.com
116 Allow from .domain.com
117 Allow from host.domain.com
120 Allow from nnn.nnn.nnn.*
121 Allow from nnn.nnn.nnn.nnn
122 Allow from nnn.nnn.nnn.nnn/mm
123 Allow from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
124 Allow from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
132 <P>The
<CODE>Allow
</CODE> directive specifies a hostname, IP
133 address, or network that is allowed access to the server.
134 <CODE>Allow
</CODE> directives are cummulative, so multiple
135 <CODE>Allow
</CODE> directives can be used to allow access for
136 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
137 specifies a CIDR netmask, as shown in Table
1.
</P>
139 <DIV CLASS=
"table"><TABLE SUMMARY=
"CIDR Netmasks">
140 <CAPTION>Table
1:
<A NAME=
"TABLE1">CIDR Netmasks
</A></CAPTION>
142 <TH WIDTH=
"10%">mm
</TH>
143 <TH WIDTH=
"20%">netmask
</TH>
144 <TH WIDTH=
"10%">mm
</TH>
145 <TH WIDTH=
"20%">netmask
</TH>
148 <TD ALIGN=
"CENTER">0</TD>
149 <TD ALIGN=
"CENTER">0.0.0.0</TD>
150 <TD ALIGN=
"CENTER">8</TD>
151 <TD ALIGN=
"CENTER">255.0.0.0</TD>
154 <TD ALIGN=
"CENTER">1</TD>
155 <TD ALIGN=
"CENTER">128.0.0.0</TD>
156 <TD ALIGN=
"CENTER">16</TD>
157 <TD ALIGN=
"CENTER">255.255.0.0</TD>
160 <TD ALIGN=
"CENTER">2</TD>
161 <TD ALIGN=
"CENTER">192.0.0.0</TD>
162 <TD ALIGN=
"CENTER">24</TD>
163 <TD ALIGN=
"CENTER">255.255.255.0</TD>
166 <TD ALIGN=
"CENTER">...
</TD>
167 <TD ALIGN=
"CENTER">...
</TD>
168 <TD ALIGN=
"CENTER">32</TD>
169 <TD ALIGN=
"CENTER">255.255.255.255</TD>
173 <P>The
<CODE>@LOCAL
</CODE> name will allow access from all local
174 interfaces. The
<CODE>@IF(name)
</CODE> name will allow access
175 from the named interface. In both cases, CUPS only allows access
176 from the network that the interface(s) are configured for -
177 requests arriving on the interface from a foreign network will
178 <em>not
</em> be accepted.
</P>
180 <P>The
<CODE>Allow
</CODE> directive must appear inside a
<A
181 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
182 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
185 <H2 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthClass">AuthClass
</A></H2>
189 <PRE CLASS=
"command">
190 <Location /path
>
201 <P>The
<CODE>AuthClass
</CODE> directive defines what level of
202 authentication is required:
</P>
206 <LI><CODE>Anonymous
</CODE> - No authentication should be
207 performed (default)
</LI>
209 <LI><CODE>User
</CODE> - A valid username and password is
212 <LI><CODE>System
</CODE> - A valid username and password
213 is required, and the username must belong to the
"sys"
214 group; this can be changed using the
<A
215 HREF=
"#SystemGroup"><CODE>SystemGroup
</CODE></A>
218 <LI><CODE>Group
</CODE> - A valid username and password is
219 required, and the username must belong to the group named
221 HREF=
"#AuthGroupName"><CODE>AuthGroupName
</CODE></A>
226 <P>The
<CODE>AuthClass
</CODE> directive must appear inside a
<A
227 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
228 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
230 <P><B>This directive is deprecated and will be removed from a
231 future release of CUPS.
</B> Consider using the more flexible
<A
232 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
235 <H2 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthGroupName">AuthGroupName
</A></H2>
239 <PRE CLASS=
"command">
240 <Location /path
>
242 AuthGroupName mygroup
249 <P>The
<CODE>AuthGroupName
</CODE> directive sets the group to use
250 for
<CODE>Group
</CODE> authentication.
</P>
252 <P>The
<CODE>AuthGroupName
</CODE> directive must appear inside a
253 <A HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
254 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
256 <P><B>This directive is deprecated and will be removed from a
257 future release of CUPS.
</B> Consider using the more flexible
<A
258 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
261 <H2 CLASS=
"title"><A NAME=
"AuthType">AuthType
</A></H2>
265 <PRE CLASS=
"command">
266 <Location /path
>
278 <P>The
<CODE>AuthType
</CODE> directive defines the type of
279 authentication to perform:
</P>
283 <LI><CODE>None
</CODE> - No authentication should be
284 performed (default)
</LI>
286 <LI><CODE>Basic
</CODE> - Basic authentication should be
287 performed using the UNIX password and group files
</LI>
289 <LI><CODE>Digest
</CODE> - Digest authentication should be
290 performed using the
<VAR>/etc/cups/passwd.md5
</VAR>
293 <LI><CODE>BasicDigest
</CODE> - Basic authentication
294 should be performed using the
295 <VAR>/etc/cups/passwd.md5
</VAR> file
</LI>
297 <LI><CODE>Negotiate
</CODE> - Kerberos authentication
298 should be performed
</LI>
302 <P>When using
<CODE>Basic
</CODE>,
<CODE>Digest
</CODE>,
303 <CODE>BasicDigest
</CODE>, or
<CODE>Negotiate
</CODE> authentication,
304 clients connecting through the
<CODE>localhost
</CODE> interface can
305 also authenticate using certificates.
</P>
307 <P>The
<CODE>AuthType
</CODE> directive must appear inside a
<A
308 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
309 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
312 <H2 CLASS=
"title"><A NAME=
"AutoPurgeJobs">AutoPurgeJobs
</A></H2>
316 <PRE CLASS=
"command">
323 <P>The
<CODE>AutoPurgeJobs
</CODE> directive specifies whether or
324 not to purge completed jobs once they are no longer required for
325 quotas. This option has no effect if quotas are not enabled. The
326 default setting is
<CODE>No
</CODE>.
</P>
329 <H2 CLASS=
"title"><A NAME=
"BrowseAddress">BrowseAddress
</A></H2>
333 <PRE CLASS=
"command">
334 BrowseAddress
255.255.255.255:
631
335 BrowseAddress
192.0.2.255:
631
336 BrowseAddress host.domain.com:
631
338 BrowseAddress @IF(name)
343 <P>The
<CODE>BrowseAddress
</CODE> directive specifies an address
344 to send browsing information to. Multiple
345 <CODE>BrowseAddress
</CODE> directives can be specified to send
346 browsing information to different networks or systems.
</P>
348 <P>The
<CODE>@LOCAL
</CODE> name will broadcast printer
349 information to all local interfaces. The
<CODE>@IF(name)
</CODE>
350 name will broadcast to the named interface.
</P>
352 <P>There is no default browse address.
</P>
354 <BLOCKQUOTE><B>Note:
</B>
356 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
357 16, or
8 bits, printer browsing (and in fact all broadcast
358 reception) will not work. This problem appears to be fixed in
364 <H2 CLASS=
"title"><A NAME=
"BrowseAllow">BrowseAllow
</A></H2>
368 <PRE CLASS=
"command">
370 BrowseAllow from none
371 BrowseAllow from
192.0.2
372 BrowseAllow from
192.0.2.0/
24
373 BrowseAllow from
192.0.2.0/
255.255.255.0
374 BrowseAllow from *.domain.com
375 BrowseAllow from @LOCAL
376 BrowseAllow from @IF(name)
381 <P>The
<CODE>BrowseAllow
</CODE> directive specifies a system or
382 network to accept browse packets from. The default is to accept
383 browse packets from all hosts.
</P>
385 <P>Host and domain name matching require that you enable the
<A
386 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
389 <P>IP address matching supports exact matches, partial addresses
390 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
391 255.255.255.0, or network addresses using the specified netmask
394 <P>The
<CODE>@LOCAL
</CODE> name will allow browse data from all
395 local interfaces. The
<CODE>@IF(name)
</CODE> name will allow
396 browse data from the named interface. In both cases, CUPS only
397 allows data from the network that the interface(s) are configured
398 for - data arriving on the interface from a foreign network will
399 <em>not
</em> be allowed.
</P>
402 <H2 CLASS=
"title"><A NAME=
"BrowseDeny">BrowseDeny
</A></H2>
406 <PRE CLASS=
"command">
409 BrowseDeny from
192.0.2
410 BrowseDeny from
192.0.2.0/
24
411 BrowseDeny from
192.0.2.0/
255.255.255.0
412 BrowseDeny from *.domain.com
413 BrowseDeny from @LOCAL
414 BrowseDeny from @IF(name)
419 <P>The
<CODE>BrowseDeny
</CODE> directive specifies a system or
420 network to reject browse packets from. The default is to not deny
421 browse packets from any hosts.
</P>
423 <P>Host and domain name matching require that you enable the
<A
424 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
427 <P>IP address matching supports exact matches, partial addresses
428 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
429 255.255.255.0, or network addresses using the specified netmask
432 <P>The
<CODE>@LOCAL
</CODE> name will block browse data from all
433 local interfaces. The
<CODE>@IF(name)
</CODE> name will block
434 browse data from the named interface. In both cases, CUPS only
435 blocks data from the network that the interface(s) are configured
436 for - data arriving on the interface from a foreign network will
437 <em>not
</em> be blocked.
</P>
440 <H2 CLASS=
"title"><A NAME=
"BrowseInterval">BrowseInterval
</A></H2>
444 <PRE CLASS=
"command">
451 <P>The
<CODE>BrowseInterval
</CODE> directive specifies the
452 maximum amount of time between browsing updates. Specifying a
453 value of
0 seconds disables outgoing browse updates but allows a
454 server to receive printer information from other hosts.
</P>
456 <P>The
<CODE>BrowseInterval
</CODE> value should always be less
457 than the
<A HREF=
"#BrowseTimeout"><CODE>BrowseTimeout
</CODE></A>
458 value. Otherwise printers and classes will disappear from client
459 systems between updates.
</P>
462 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPBindDN">BrowseLDAPBindDN
</A></H2>
466 <PRE CLASS=
"command">
472 <P>The
<CODE>BrowseLDAPBindDN
</CODE> directive specifies the LDAP
473 domain name to use when listening for printer registrations. The
474 default is undefined.
</P>
477 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"BrowseLDAPCACertFile">BrowseLDAPCACertFile
</A></H2>
481 <PRE CLASS=
"command">
482 BrowseLDAPCACertFile /etc/cups/ssl/certs
487 <P>The
<CODE>BrowseLDAPCACertFile
</CODE> directive specifies the SSL certificate
488 authority file to use for LDAP + SSL. The default is undefined.
</P>
491 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPDN">BrowseLDAPDN
</A></H2>
495 <PRE CLASS=
"command">
501 <P>The
<CODE>BrowseLDAPDN
</CODE> directive specifies the LDAP
502 domain name to use when registering local shared printers. The
503 default is undefined.
</P>
506 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPPassword">BrowseLDAPPassword
</A></H2>
510 <PRE CLASS=
"command">
511 BrowseLDAPPassword foo123
516 <P>The
<CODE>BrowseLDAPPassword
</CODE> directive specifies the
517 access password to use when connecting to the LDAP server. The
518 default is undefined.
</P>
521 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPServer">BrowseLDAPServer
</A></H2>
525 <PRE CLASS=
"command">
526 BrowseLDAPServer localhost
531 <P>The
<CODE>BrowseLDAPServer
</CODE> directive specifies the name
532 of the LDAP server to connect to. The default is undefined.
</P>
535 <H2 CLASS=
"title"><A NAME=
"BrowseLocalOptions">BrowseLocalOptions
</A></H2>
539 <PRE CLASS=
"command">
540 BrowseLocalOptions compression=yes
541 BrowseLocalOptions encryption=required
542 BrowseLocalOptions compression=yes
&encryption=required
547 <P>The
<CODE>BrowseLocalOptions
</CODE> directive specifies
548 additional IPP backend options to advertise with local shared
549 printers. The default is to not include any options.
</P>
552 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLocalProtocols">BrowseLocalProtocols
</A></H2>
556 <PRE CLASS=
"command">
557 BrowseLocalProtocols all
558 BrowseLocalProtocols none
559 BrowseLocalProtocols cups
560 BrowseLocalProtocols dnssd
561 BrowseLocalProtocols ldap
562 BrowseLocalProtocols lpd
563 BrowseLocalProtocols slp
564 BrowseLocalProtocols smb
565 BrowseLocalProtocols cups dnssd
570 <P>The
<CODE>BrowseLocalProtocols
</CODE> directive specifies the
571 protocols to use when advertising local shared printers on the
572 network. Multiple protocols can be specified by separating them
573 with spaces. The default is
"<CODE>@CUPS_BROWSE_LOCAL_PROTOCOLS@</CODE>".
</P>
576 <H2 CLASS=
"title"><A NAME=
"BrowseOrder">BrowseOrder
</A></H2>
580 <PRE CLASS=
"command">
581 BrowseOrder allow,deny
582 BrowseOrder deny,allow
587 <P>The
<CODE>BrowseOrder
</CODE> directive specifies the order of
588 allow/deny processing. The default order is
589 <CODE>deny,allow
</CODE>:
</P>
593 <LI><CODE>allow,deny
</CODE> - Deny browse packets by
594 default, then check
<CODE>BrowseAllow
</CODE> lines
595 followed by
<CODE>BrowseDeny
</CODE> lines.
</LI>
597 <LI><CODE>deny,allow
</CODE> - Allow browse packets by
598 default, then check
<CODE>BrowseDeny
</CODE> lines
599 followed by
<CODE>BrowseAllow
</CODE> lines.
</LI>
604 <H2 CLASS=
"title"><A NAME=
"BrowsePoll">BrowsePoll
</A></H2>
608 <PRE CLASS=
"command">
609 BrowsePoll
192.0.2.2:
631
610 BrowsePoll host.domain.com:
631
615 <P>The
<CODE>BrowsePoll
</CODE> directive polls a server for
616 available printers once every
<A
617 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> seconds.
618 Multiple
<CODE>BrowsePoll
</CODE> directives can be specified to
619 poll multiple servers.
</P>
621 <P>If
<CODE>BrowseInterval
</CODE> is set to
0 then the server is
622 polled once every
30 seconds.
</P>
625 <H2 CLASS=
"title"><A NAME=
"BrowsePort">BrowsePort
</A></H2>
629 <PRE CLASS=
"command">
636 <P>The
<CODE>BrowsePort
</CODE> directive specifies the UDP port number
637 used for browse packets. The default port number is
631.
</P>
639 <BLOCKQUOTE><B>Note:
</B>
641 <P>You must set the
<CODE>BrowsePort
</CODE> to the same value
642 on all of the systems that you want to see.
647 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"BrowseProtocols">BrowseProtocols
</A></H2>
651 <PRE CLASS=
"command">
655 BrowseProtocols dnssd
660 BrowseProtocols cups dnssd
665 <P>The
<CODE>BrowseProtocols
</CODE> directive specifies the
666 protocols to use when showing and advertising shared printers on
667 the local network. Multiple protocols can be specified by
668 separating them with spaces. The default protocol is
669 "<CODE>@CUPS_BROWSE_LOCAL_PROTOCOLS@</CODE>" for
670 <A HREF=
"#BrowseLocalProtocols"><CODE>BrowseLocalProtocols
</CODE></A> and
671 "<CODE>@CUPS_BROWSE_REMOTE_PROTOCOLS@</CODE>" for
672 <A HREF=
"#BrowseRemoteProtocols"><CODE>BrowseRemoteProtocols
</CODE></A>.
</P>
674 <BLOCKQUOTE><B>Note:
</B>
676 <P>When using the
<CODE>SLP
</CODE> protocol, you must have at least
677 one Directory Agent (DA) server on your network. Otherwise the
678 CUPS scheduler (
<CODE>cupsd
</CODE>) will not respond to client
679 requests for several seconds while polling the network.
</P>
684 <H2 CLASS=
"title"><A NAME=
"BrowseRelay">BrowseRelay
</A></H2>
688 <PRE CLASS=
"command">
689 BrowseRelay
193.0.2.1 192.0.2.255
690 BrowseRelay
193.0.2.0/
255.255.255.0 192.0.2.255
691 BrowseRelay
193.0.2.0/
24 192.0.2.255
692 BrowseRelay *.domain.com
192.0.2.255
693 BrowseRelay host.domain.com
192.0.2.255
698 <P>The
<CODE>BrowseRelay
</CODE> directive specifies source and
699 destination addresses for relaying browsing information from one
700 host or network to another. Multiple
<CODE>BrowseRelay
</CODE>
701 directives can be specified as needed.
</P>
703 <P><CODE>BrowseRelay
</CODE> is typically used on systems that
704 bridge multiple subnets using one or more network interfaces. It
705 can also be used to relay printer information from polled servers
708 <PRE CLASS=
"command">
709 BrowseRelay
127.0.0.1 @LOCAL
712 <P>This effectively provides access to printers on a WAN for all
713 clients on the LAN(s).
</P>
716 <H2 CLASS=
"title"><A NAME=
"BrowseRemoteOptions">BrowseRemoteOptions
</A></H2>
720 <PRE CLASS=
"command">
721 BrowseRemoteOptions compression=yes
722 BrowseRemoteOptions encryption=required
723 BrowseRemoteOptions ?compression=yes
&encryption=required
728 <P>The
<CODE>BrowseRemoteOptions
</CODE> directive specifies
729 additional IPP backend options to include with remote shared
730 printers. If the options string begins with a question mark (?),
731 the options replace any options specified by the remote server.
732 The default is to not include any options.
</P>
735 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseRemoteProtocols">BrowseRemoteProtocols
</A></H2>
739 <PRE CLASS=
"command">
740 BrowseRemoteProtocols all
741 BrowseRemoteProtocols none
742 BrowseRemoteProtocols cups
743 BrowseRemoteProtocols ldap
744 BrowseRemoteProtocols slp
749 <P>The
<CODE>BrowseRemoteProtocols
</CODE> directive specifies the
750 protocols to use when finding remote shared printers on the
751 network. Multiple protocols can be specified by separating them
752 with spaces. The default is
"<CODE>@CUPS_BROWSE_REMOTE_PROTOCOLS@</CODE>".
</P>
755 <H2 CLASS=
"title"><A NAME=
"BrowseShortNames">BrowseShortNames
</A></H2>
759 <PRE CLASS=
"command">
766 <P>The
<CODE>BrowseShortNames
</CODE> directive specifies whether
767 or not short names are used for remote printers when possible.
768 Short names are just the remote printer name, without the server
769 (
"printer"). If more than one remote printer is detected with the
770 same name, the printers will have long names (
"printer@server1",
771 "printer@server2".)
</P>
773 <P>The default value for this option is
<CODE>@CUPS_BROWSE_SHORT_NAMES@
</CODE>.
</P>
776 <H2 CLASS=
"title"><A NAME=
"BrowseTimeout">BrowseTimeout
</A></H2>
780 <PRE CLASS=
"command">
787 <P>The
<CODE>BrowseTimeout
</CODE> directive sets the timeout for
788 printer or class information that is received in browse packets.
789 Once a printer or class times out it is removed from the list of
790 available destinations.
</P>
792 <P>The
<CODE>BrowseTimeout
</CODE> value should always be greater
794 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> value.
795 Otherwise printers and classes will disappear from client systems
799 <H2 CLASS=
"title"><A NAME=
"BrowseWebIF">BrowseWebIF
</A></H2>
803 <PRE CLASS=
"command">
810 <P>The
<CODE>BrowseWebIF
</CODE> directive controls whether the CUPS web
811 interface is advertised via DNS-SD. The default setting is
812 <CODE>Off
</CODE>.
</P>
815 <H2 CLASS=
"title"><A NAME=
"Browsing">Browsing
</A></H2>
819 <PRE CLASS=
"command">
826 <P>The
<CODE>Browsing
</CODE> directive controls whether or not
827 network printer browsing is enabled. The default setting is
828 <CODE>@CUPS_BROWSING@
</CODE>.
</P>
830 <P>This directive does not enable sharing of local printers by
831 itself; you must also use the
<A
832 HREF=
"#BrowseAddress"><CODE>BrowseAddress
</CODE></A> or
<A
833 HREF=
"#BrowseProtocols"><CODE>BrowseProtocols
</CODE></A>
834 directives to advertise local printers to other systems.
</P>
836 <BLOCKQUOTE><B>Note:
</B>
838 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
839 16, or
8 bits, printer browsing (and in fact all broadcast
840 reception) will not work. This problem appears to be fixed in
846 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Classification">Classification
</A></H2>
850 <PRE CLASS=
"command">
852 Classification classified
853 Classification confidential
854 Classification secret
855 Classification topsecret
856 Classification unclassified
861 <P>The
<CODE>Classification
</CODE> directive sets the
862 classification level on the server. When this option is set, at
863 least one of the banner pages is forced to the classification
864 level, and the classification is placed on each page of output.
865 The default is no classification level.
</P>
868 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"ClassifyOverride">ClassifyOverride
</A></H2>
872 <PRE CLASS=
"command">
879 <P>The
<CODE>ClassifyOverride
</CODE> directive specifies whether
880 users can override the default classification level on the
881 server. When the server classification is set, users can change
882 the classification using the
<CODE>job-sheets
</CODE> option and
883 can choose to only print one security banner before or after the
884 job. If the
<CODE>job-sheets
</CODE> option is set to
885 <CODE>none
</CODE> then the server default classification is
888 <P>The default is to not allow classification overrides.
</P>
891 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.15</SPAN><A NAME=
"ConfigFilePerm">ConfigFilePerm
</A></H2>
895 <PRE CLASS=
"command">
902 <P>The
<CODE>ConfigFilePerm
</CODE> directive specifies the
903 permissions to use when writing configuration files. The default
904 is @CUPS_CONFIG_FILE_PERM@.
</P>
907 <H2 CLASS=
"title"><A NAME=
"DataDir">DataDir
</A></H2>
911 <PRE CLASS=
"command">
912 DataDir /usr/share/cups
917 <P>The
<CODE>DataDir
</CODE> directive sets the directory to use
921 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultAuthType">DefaultAuthType
</A></H2>
925 <PRE CLASS=
"command">
926 DefaultAuthType Basic
927 DefaultAuthType BasicDigest
928 DefaultAuthType Digest
929 DefaultAuthType Negotiate
934 <P>The
<CODE>DefaultAuthType
</CODE> directive specifies the type
935 of authentication to use for IPP operations that require a
936 username. The default is
<CODE>Basic
</CODE>.
</P>
939 <H2 CLASS=
"title"><A NAME=
"DefaultCharset">DefaultCharset
</A></H2>
943 <PRE CLASS=
"command">
945 DefaultCharset iso-
8859-
1
946 DefaultCharset windows-
1251
951 <P>The
<CODE>DefaultCharset
</CODE> directive sets the default
952 character set to use for client connections. The default
953 character set is
<CODE>utf-
8</CODE> but is overridden by the
954 character set for the language specified by the client or the
955 <CODE>DefaultLanguage
</CODE> directive.
</P>
958 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultEncryption">DefaultEncryption
</A></H2>
962 <PRE CLASS=
"command">
963 DefaultEncryption Never
964 DefaultEncryption IfRequested
965 DefaultEncryption Required
970 <P>The
<CODE>DefaultEncryption
</CODE> directive specifies the
971 type of encryption to use when performing authentication. The
972 default is
<CODE>Required
</CODE>.
</P>
975 <H2 CLASS=
"title"><A NAME=
"DefaultLanguage">DefaultLanguage
</A></H2>
979 <PRE CLASS=
"command">
989 <P>The
<CODE>DefaultLanguage
</CODE> directive specifies the
990 default language to use for client connections. Setting the
991 default language also sets the default character set if a
992 language localization file exists for it. The default language
993 is
"en" for English.
</P>
996 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"DefaultPaperSize">DefaultPaperSize
</A></H2>
1000 <PRE CLASS=
"command">
1001 DefaultPaperSize Letter
1003 DefaultPaperSize Auto
1004 DefaultPaperSize None
1007 <H3>Description
</H3>
1009 <P>The
<CODE>DefaultPaperSize
</CODE> directive specifies the default paper
1010 size to use when creating new printers. The default is
<CODE>Auto
</CODE>
1011 which uses a paper size appropriate for the system default locale. A value
1012 of
<CODE>None
</CODE> tells the scheduler to not set the default paper
1016 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultPolicy">DefaultPolicy
</A></H2>
1020 <PRE CLASS=
"command">
1021 DefaultPolicy default
1025 <H3>Description
</H3>
1027 <P>The
<CODE>DefaultPolicy
</CODE> directive specifies the default
1028 policy to use for IPP operation. The default is
1029 <CODE>default
</CODE>.
</P>
1032 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultShared">DefaultShared
</A></H2>
1036 <PRE CLASS=
"command">
1041 <H3>Description
</H3>
1043 <P>The
<CODE>DefaultShared
</CODE> directive specifies whether
1044 printers are shared (published) by default. The default is
1045 <CODE>@CUPS_DEFAULT_SHARED@
</CODE>.
</P>
1048 <H2 CLASS=
"title"><A NAME=
"Deny">Deny
</A></H2>
1052 <PRE CLASS=
"command">
1053 <Location /path
>
1057 Deny from *.domain.com
1058 Deny from .domain.com
1059 Deny from host.domain.com
1062 Deny from nnn.nnn.nnn.*
1063 Deny from nnn.nnn.nnn.nnn
1064 Deny from nnn.nnn.nnn.nnn/mm
1065 Deny from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
1066 Deny from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
1072 <H3>Description
</H3>
1074 <P>The
<CODE>Deny
</CODE> directive specifies a hostname, IP
1075 address, or network that is denied access to the server.
1076 <CODE>Deny
</CODE> directives are cummulative, so multiple
1077 <CODE>Deny
</CODE> directives can be used to allow access for
1078 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
1079 specifies a CIDR netmask, a shown in
<A HREF=
"TABLE1">Table
1082 <P>The
<CODE>@LOCAL
</CODE> name will deny access from all local
1083 interfaces. The
<CODE>@IF(name)
</CODE> name will deny access from
1084 the named interface. In both cases, CUPS only denies access from
1085 the network that the interface(s) are configured for - requests
1086 arriving on the interface from a foreign network will
1087 <em>not
</em> be denied.
</P>
1089 <P>The
<CODE>Deny
</CODE> directive must appear inside a
<A
1090 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
1091 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
1094 <H2 CLASS=
"title"><A NAME=
"DirtyCleanInterval">DirtyCleanInterval
</A></H2>
1098 <PRE CLASS=
"command">
1099 DirtyCleanInterval
30
1100 DirtyCleanInterval
0
1103 <H3>Description
</H3>
1105 <P>The
<CODE>DirtyCleanInterval
</CODE> directive specifies the number of
1106 seconds to wait before updating configuration and state files for printers,
1107 classes, subscriptions, and jobs. The default is
30 seconds.
</P>
1110 <H2 CLASS=
"title"><A NAME=
"DocumentRoot">DocumentRoot
</A></H2>
1114 <PRE CLASS=
"command">
1115 DocumentRoot /usr/share/doc/cups
1116 DocumentRoot /foo/bar/doc/cups
1119 <H3>Description
</H3>
1121 <P>The
<CODE>DocumentRoot
</CODE> directive specifies the location
1122 of web content for the HTTP server in CUPS. If an absolute path
1123 is not specified then it is assumed to be relative to the
<A
1124 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1125 default directory is
<VAR>@CUPS_DOCROOT@
</VAR>.
</P>
1127 <P>Documents are first looked up in a sub-directory for the
1128 primary language requested by the client (e.g.
1129 <VAR>@CUPS_DOCROOT@/fr/...
</VAR>) and then directly under
1130 the
<CODE>DocumentRoot
</CODE> directory (e.g.
1131 <VAR>@CUPS_DOCROOT@/...
</VAR>), so it is possible to
1132 localize the web content by providing subdirectories for each
1133 language needed.
</P>
1136 <H2 CLASS=
"title"><A NAME=
"Encryption">Encryption
</A></H2>
1140 <PRE CLASS=
"command">
1141 <Location /path
>
1144 Encryption IfRequested
1149 <H3>Description
</H3>
1151 <P>The
<CODE>Encryption
</CODE> directive must appear instead a
<A
1152 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
1153 HREF=
"#Limit"><CODE>Limit
</CODE></A> section and specifies the
1154 encryption settings for that location. The default setting is
1155 <CODE>IfRequested
</CODE> for all locations.
</P>
1158 <H2 CLASS=
"title"><A NAME=
"ErrorLog">ErrorLog
</A></H2>
1162 <PRE CLASS=
"command">
1163 ErrorLog /var/log/cups/error_log
1164 ErrorLog /var/log/cups/error_log-%s
1168 <H3>Description
</H3>
1170 <P>The
<CODE>ErrorLog
</CODE> directive sets the name of the error
1171 log file. If the filename is not absolute then it is assumed to
1172 be relative to the
<A
1173 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1174 default error log file is
<VAR>@CUPS_LOGDIR@/error_log
</VAR>.
</P>
1176 <P>The server name can be included in the filename by using
1177 <CODE>%s
</CODE> in the name.
</P>
1179 <P>The special name
"syslog" can be used to send the error
1180 information to the system log instead of a plain file.
</P>
1183 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.3</SPAN><A NAME=
"ErrorPolicy">ErrorPolicy
</A></H2>
1187 <PRE CLASS=
"command">
1188 ErrorPolicy abort-job
1189 ErrorPolicy retry-job
1190 ErrorPolicy stop-printer
1193 <H3>Description
</H3>
1195 <P>The
<CODE>ErrorPolicy
</CODE> directive defines the default policy that
1196 is used when a backend is unable to send a print job to the
1199 <P>The following values are supported:
</P>
1203 <LI><CODE>abort-job
</CODE> - Abort the job and proceed
1204 with the next job in the queue
</LI>
1206 <LI><CODE>retry-job
</CODE> - Retry the job after waiting
1207 for N seconds; the
<VAR>cupsd.conf
</VAR> <A
1208 HREF=
"#JobRetryInterval"><CODE>JobRetryInterval
</CODE></A>
1209 directive controls the value of N
</LI>
1211 <LI><CODE>retry-this-job
</CODE> - Retry the current job immediately
1212 and indefinitely.
</LI>
1214 <LI><CODE>stop-printer
</CODE> - Stop the printer and keep
1215 the job for future printing; this is the default
1222 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"FatalErrors">FatalErrors
</A></H2>
1226 <PRE CLASS=
"command">
1233 FatalErrors permissions
1234 FatalErrors all -permissions
1235 FatalErrors config permissions log
1238 <H3>Description
</H3>
1240 <P>The
<CODE>FatalErrors
</CODE> directive determines whether certain kinds of
1241 errors are fatal. The following kinds of errors are currently recognized:
</P>
1245 <LI><CODE>none
</CODE> - No errors are fatal
</LI>
1247 <LI><CODE>all
</CODE> - All of the errors below are fatal
</LI>
1249 <LI><CODE>browse
</CODE> - Browsing initialization errors are fatal,
1250 for example failed binding to the CUPS browse port or failed connections
1251 to LDAP servers
</LI>
1253 <LI><CODE>config
</CODE> - Configuration file syntax errors are
1256 <LI><CODE>listen
</CODE> - Listen or Port errors are fatal, except for
1257 IPv6 failures on the loopback or
"any" addresses
</LI>
1259 <LI><CODE>log
</CODE> - Log file creation or write errors are fatal
</LI>
1261 <LI><CODE>permissions
</CODE> - Bad startup file permissions are
1262 fatal, for example shared SSL certificate and key files with world-
1263 read permissions
</LI>
1267 <P>Multiple errors can be listed, and the form
"-kind" can be used with
1268 <CODE>all
</CODE> to remove specific kinds of errors. The default setting is
1269 <CODE>@CUPS_FATAL_ERRORS@
</CODE>.
</P>
1272 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.18</SPAN><A NAME=
"FileDevice">FileDevice
</A></H2>
1276 <PRE CLASS=
"command">
1281 <H3>Description
</H3>
1283 <P>The
<CODE>FileDevice
</CODE> directive determines whether the
1284 scheduler allows new printers to be added using device URIs of
1285 the form
<CODE>file:/filename
</CODE>. File devices are most often
1286 used to test new printer drivers and do not support raw file
1289 <P>The default setting is
<CODE>No
</CODE>.
</P>
1291 <BLOCKQUOTE><B>Note:
</B>
1293 <P>File devices are managed by the scheduler. Since the
1294 scheduler normally runs as the root user, file devices
1295 can be used to overwrite system files and potentially
1296 gain unauthorized access to the system. If you must
1297 create printers using file devices, we recommend that
1298 you set the
<CODE>FileDevice
</CODE> directive to
1299 <CODE>Yes
</CODE> for only as long as you need to add the
1300 printers to the system, and then reset the directive to
1301 <CODE>No
</CODE>.
</P>
1306 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.3</SPAN><A NAME=
"FilterLimit">FilterLimit
</A></H2>
1310 <PRE CLASS=
"command">
1316 <H3>Description
</H3>
1318 <P>The
<CODE>FilterLimit
</CODE> directive sets the maximum cost
1319 of all running job filters. It can be used to limit the number of
1320 filter programs that are run on a server to minimize disk,
1321 memory, and CPU resource problems. A limit of
0 disables filter
1324 <P>An average print to a non-PostScript printer needs a filter
1325 limit of about
200. A PostScript printer needs about half that
1326 (
100). Setting the limit below these thresholds will effectively
1327 limit the scheduler to printing a single job at any time.
</P>
1329 <P>The default limit is
0.
</P>
1332 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.16</SPAN><A NAME=
"FilterNice">FilterNice
</A></H2>
1336 <PRE CLASS=
"command">
1342 <H3>Description
</H3>
1344 <P>The
<CODE>FilterNice
</CODE> directive sets the
<B>nice(
1)
</B>
1345 value to assign to filter processes. The nice value ranges from
1346 0, the highest priority, to
19, the lowest priority. The default
1350 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.3</SPAN><A NAME=
"FontPath">FontPath
</A></H2>
1354 <PRE CLASS=
"command">
1355 FontPath /foo/bar/fonts
1356 FontPath /usr/share/cups/fonts:/foo/bar/fonts
1359 <H3>Description
</H3>
1361 <P>The
<CODE>FontPath
</CODE> directive specifies the font path to
1362 use when searching for fonts. The default font path is
1363 <CODE>/usr/share/cups/fonts
</CODE>.
</P>
1366 <H2 CLASS=
"title"><A NAME=
"Group">Group
</A></H2>
1370 <PRE CLASS=
"command">
1375 <H3>Description
</H3>
1377 <P>The
<CODE>Group
</CODE> directive specifies the UNIX group that
1378 filter and CGI programs run as. The default group is
1379 system-specific but is usually
<CODE>lp
</CODE> or
1380 <CODE>nobody
</CODE>.
</P>
1383 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"HideImplicitMembers">HideImplicitMembers
</A></H2>
1387 <PRE CLASS=
"command">
1388 HideImplicitMembers Yes
1389 HideImplicitMembers No
1392 <H3>Description
</H3>
1394 <P>The
<CODE>HideImplicitMembers
</CODE> directive controls
1395 whether the individual printers in an implicit class are hidden
1396 from the user. The default is
<CODE>Yes
</CODE>.
</P>
1398 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1399 must be enabled for this directive to have any effect.
</P>
1402 <H2 CLASS=
"title"><A NAME=
"HostNameLookups">HostNameLookups
</A></H2>
1406 <PRE CLASS=
"command">
1409 HostNameLookups Double
1412 <H3>Description
</H3>
1414 <P>The
<CODE>HostNameLookups
</CODE> directive controls whether or
1415 not CUPS looks up the hostname for connecting clients. The
1416 <CODE>Double
</CODE> setting causes CUPS to verify that the
1417 hostname resolved from the address matches one of the addresses
1418 returned for that hostname.
<CODE>Double
</CODE> lookups also
1419 prevent clients with unregistered addresses from connecting to
1422 <P>The default is
<CODE>Off
</CODE> to avoid the potential server
1423 performance problems with hostname lookups. Set this option to
1424 <CODE>On
</CODE> or
<CODE>Double
</CODE> only if absolutely
1428 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"ImplicitAnyClasses">ImplicitAnyClasses
</A></H2>
1432 <PRE CLASS=
"command">
1433 ImplicitAnyClasses On
1434 ImplicitAnyClasses Off
1437 <H3>Description
</H3>
1439 <P>The
<CODE>ImplicitAnyClasses
</CODE> directive controls
1440 whether implicit classes for local and remote printers are
1441 created with the name
<CODE>AnyPrinter
</CODE>. The default
1442 setting is
<CODE>Off
</CODE>.
</P>
1444 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1445 must be enabled for this directive to have any effect.
</P>
1448 <H2 CLASS=
"title"><A NAME=
"ImplicitClasses">ImplicitClasses
</A></H2>
1452 <PRE CLASS=
"command">
1457 <H3>Description
</H3>
1459 <P>The
<CODE>ImplicitClasses
</CODE> directive controls whether
1460 implicit classes are created based upon the available network
1461 printers and classes. The default setting is
1462 <CODE>@CUPS_IMPLICIT_CLASSES@
</CODE> but is automatically turned
1463 <CODE>Off
</CODE> if
<A HREF=
"#Browsing"><CODE>Browsing
</CODE></A> is turned
1464 <CODE>Off
</CODE>.
</P>
1467 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.9</SPAN><A NAME=
"Include">Include
</A></H2>
1471 <PRE CLASS=
"command">
1473 Include /foo/bar/filename
1476 <H3>Description
</H3>
1478 <P>The
<CODE>Include
</CODE> directive includes the named file in
1479 the
<CODE>cupsd.conf
</CODE> file. If no leading path is provided,
1480 the file is assumed to be relative to the
<A
1481 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory.
</P>
1484 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"JobRetryInterval">JobRetryInterval
</A></H2>
1488 <PRE CLASS=
"command">
1490 JobRetryInterval
120
1493 <H3>Description
</H3>
1495 <P>The
<CODE>JobRetryInterval
</CODE> directive specifies the
1496 number of seconds to wait before retrying a job. This is
1497 typically used for fax queues but can also be used with normal
1498 print queues whose error policy is
<CODE>retry-job
</CODE>. The
1499 default is
30 seconds.
</P>
1502 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"JobKillDelay">JobKillDelay
</A></H2>
1506 <PRE CLASS=
"command">
1511 <H3>Description
</H3>
1513 <P>The
<CODE>JobKillDelay
</CODE> directive specifies the number of seconds to
1514 wait before killing the filters and backend associated with a canceled or held
1515 job. The default is
30 seconds.
</P>
1518 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"JobRetryLimit">JobRetryLimit
</A></H2>
1522 <PRE CLASS=
"command">
1527 <H3>Description
</H3>
1529 <P>The
<CODE>JobRetryLimit
</CODE> directive specifies the maximum
1530 number of times the scheduler will try to print a job. This is
1531 typically used for fax queues but can also be used with normal
1532 print queues whose error policy is
<CODE>retry-job
</CODE>. The
1533 default is
5 times.
</P>
1536 <H2 CLASS=
"title"><A NAME=
"KeepAlive">KeepAlive
</A></H2>
1540 <PRE CLASS=
"command">
1545 <H3>Description
</H3>
1547 <P>The
<CODE>KeepAlive
</CODE> directive controls whether or not
1548 to support persistent HTTP connections. The default is
1549 <CODE>On
</CODE>.
</P>
1551 <P>HTTP/
1.1 clients automatically support persistent connections,
1552 while HTTP/
1.0 clients must specifically request them using the
1553 <CODE>Keep-Alive
</CODE> attribute in the
<CODE>Connection:
</CODE>
1554 field of each request.
</P>
1557 <H2 CLASS=
"title"><A NAME=
"KeepAliveTimeout">KeepAliveTimeout
</A></H2>
1561 <PRE CLASS=
"command">
1566 <H3>Description
</H3>
1568 <P>The
<CODE>KeepAliveTimeout
</CODE> directive controls how long
1569 a persistent HTTP connection will remain open after the last
1570 request. The default is
30 seconds.
</P>
1573 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Limit">Limit (Location)
</A></H2>
1577 <PRE CLASS=
"command">
1578 <Location /path
>
1579 <Limit GET POST
>
1589 <H3>Description
</H3>
1591 <P>The
<CODE>Limit
</CODE> directive groups access control
1592 directives for specific types of HTTP requests and must appear
1593 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1594 Access can be limited for individual request types
1595 (
<CODE>DELETE
</CODE>,
<CODE>GET
</CODE>,
<CODE>HEAD
</CODE>,
1596 <CODE>OPTIONS
</CODE>,
<CODE>POST
</CODE>,
<CODE>PUT
</CODE>, and
1597 <CODE>TRACE
</CODE>) or for all request types (
<CODE>ALL
</CODE>).
1598 The request type names are case-sensitive for compatibility with
1602 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"LimitIPP">Limit (Policy)
</A></H2>
1606 <PRE CLASS=
"command">
1608 <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer
>
1618 <H3>Description
</H3>
1620 <P>When included in
<A HREF=
"#Policy"><CODE>Policy
</CODE></A>
1621 sections, the
<CODE>Limit
</CODE> directive groups access control
1622 directives for specific IPP operations. Multiple operations can
1623 be listed, separated by spaces. Table
2 lists the supported
1626 <DIV CLASS=
"table"><TABLE SUMMARY=
"Supported IPP Operations">
1627 <CAPTION>Table
2:
<A NAME=
"TABLE2">Supported IPP Operations
</A></CAPTION>
1630 <TH>Operation Name
</TH>
1631 <TH>Description
</TH>
1637 <TD>All operations - used as the default limit for
1638 operations that are not listed
</TD>
1642 <TD>Cancel a job
</TD>
1645 <TD>Cancel-Subscription
</TD>
1646 <TD>Cancel a subscription
</TD>
1650 <TD>Create a new, empty job
</TD>
1653 <TD>Create-Job-Subscription
</TD>
1654 <TD>Creates a notification subscription on a job
</TD>
1657 <TD>Create-Printer-Subscription
</TD>
1658 <TD>Creates a notification subscription on a printer
</TD>
1661 <TD>CUPS-Accept-Jobs
</TD>
1662 <TD>Sets the printer-is-accepting-jobs value for a printer to true
</TD>
1665 <TD>CUPS-Add-Modify-Class
</TD>
1666 <TD>Adds or modifies a class
</TD>
1669 <TD>CUPS-Add-Modify-Printer
</TD>
1670 <TD>Adds or modifies a printer
</TD>
1673 <TD>CUPS-Authenticate-Job
</TD>
1674 <TD>Authenticates a job for printing
</TD>
1677 <TD>CUPS-Delete-Class
</TD>
1678 <TD>Deletes a class
</TD>
1681 <TD>CUPS-Delete-Printer
</TD>
1682 <TD>Deletes a printer
</TD>
1685 <TD>CUPS-Get-Classes
</TD>
1686 <TD>Gets a list of classes
</TD>
1689 <TD>CUPS-Get-Default
</TD>
1690 <TD>Gets the (network/server) default printer or class
</TD>
1693 <TD>CUPS-Get-Devices
</TD>
1694 <TD>Gets a list of available devices
</TD>
1697 <TD>CUPS-Get-PPDs
</TD>
1698 <TD>Gets a list of available manufacturers or drivers
</TD>
1701 <TD>CUPS-Get-Printers
</TD>
1702 <TD>Gets a list of printers and/or classes
</TD>
1705 <TD>CUPS-Move-Job
</TD>
1706 <TD>Moves a job to a new destination
</TD>
1709 <TD>CUPS-Reject-Jobs
</TD>
1710 <TD>Sets the printer-is-accepting-jobs value for a printer to false
</TD>
1713 <TD>CUPS-Set-Default
</TD>
1714 <TD>Sets the network/server default printer or class
</TD>
1717 <TD>Disable-Printer
</TD>
1718 <TD>Sets the printer-state value for a printer to stopped
</TD>
1721 <TD>Enable-Printer
</TD>
1722 <TD>Sets the printer-state value for a printer to idle/processing
</TD>
1725 <TD>Get-Job-Attributes
</TD>
1726 <TD>Gets information about a job
</TD>
1730 <TD>Gets a list of jobs
</TD>
1733 <TD>Get-Notifications
</TD>
1734 <TD>Gets a list of events
</TD>
1737 <TD>Get-Printer-Attributes
</TD>
1738 <TD>Gets informaion about a printer or class
</TD>
1741 <TD>Get-Subscription-Attributes
</TD>
1742 <TD>Gets informaion about a notification subscription
</TD>
1745 <TD>Get-Subscriptions
</TD>
1746 <TD>Gets a list of notification subscriptions
</TD>
1750 <TD>Holds a job for printing
</TD>
1753 <TD>Pause-Printer
</TD>
1754 <TD>Sets the printer-state value for a printer to stopped
</TD>
1758 <TD>Creates a job with a single file for printing
</TD>
1762 <TD>Removes all jobs from a printer
</TD>
1765 <TD>Release-Job
</TD>
1766 <TD>Releases a previously held job for printing
</TD>
1769 <TD>Renew-Subscription
</TD>
1770 <TD>Renews a notification subscription
</TD>
1773 <TD>Restart-Job
</TD>
1774 <TD>Reprints a job
</TD>
1777 <TD>Resume-Printer
</TD>
1778 <TD>Sets the printer-stae value for a printer to idle/processing
</TD>
1781 <TD>Send-Document
</TD>
1782 <TD>Adds a file to an job created with Create-Job
</TD>
1785 <TD>Set-Job-Attributes
</TD>
1786 <TD>Changes job options
</TD>
1789 <TD>Validate-Job
</TD>
1790 <TD>Validates job options prior to printing
</TD>
1796 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"LimitExcept">LimitExcept
</A></H2>
1800 <PRE CLASS=
"command">
1801 <Location /path
>
1802 <LimitExcept GET POST
>
1804 </LimitExcept
>
1808 <H3>Description
</H3>
1810 <P>The
<CODE>LimitExcept
</CODE> directive groups access control
1811 directives for specific types of HTTP requests and must appear
1812 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1813 Unlike the
<A HREF=
"#Limit"><CODE>Limit
</CODE></A> directive,
1814 <CODE>LimitExcept
</CODE> restricts access for all requests
1815 <I>except
</I> those listed on the
<CODE>LimitExcept
</CODE>
1819 <H2 CLASS=
"title"><A NAME=
"LimitRequestBody">LimitRequestBody
</A></H2>
1823 <PRE CLASS=
"command">
1824 LimitRequestBody
10485760
1825 LimitRequestBody
10m
1829 <H3>Description
</H3>
1831 <P>The
<CODE>LimitRequestBody
</CODE> directive controls the
1832 maximum size of print files, IPP requests, and HTML form data in
1833 HTTP POST requests. The default limit is
0 which disables the
1837 <H2 CLASS=
"title"><A NAME=
"Listen">Listen
</A></H2>
1841 <PRE CLASS=
"command">
1842 Listen
127.0.0.1:
631
1843 Listen
192.0.2.1:
631
1848 <H3>Description
</H3>
1850 <P>The
<CODE>Listen
</CODE> directive specifies a network address
1851 and port to listen for connections. Multiple
<CODE>Listen
</CODE>
1852 directives can be provided to listen on multiple addresses.
</P>
1854 <P>The
<CODE>Listen
</CODE> directive is similar to the
<A
1855 HREF=
"#Port"><CODE>Port
</CODE></A> directive but allows you to
1856 restrict access to specific interfaces or networks.
</P>
1859 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"ListenBackLog">ListenBackLog
</A></H2>
1863 <PRE CLASS=
"command">
1868 <H3>Description
</H3>
1870 <P>The
<CODE>ListenBackLog
</CODE> directive sets the maximum
1871 number of pending connections the scheduler will allow. This
1872 normally only affects very busy servers that have reached the
<A
1873 HREF=
"#MaxClients"><CODE>MaxClients
</CODE></A> limit, but can
1874 also be triggered by large numbers of simultaneous connections.
1875 When the limit is reached, the operating system will refuse
1876 additional connections until the scheduler can accept the pending
1877 ones. The default is the OS-defined default limit, typically
1878 either
5 for older operating systems or
128 for newer operating
1882 <H2 CLASS=
"title"><A NAME=
"Location">Location
</A></H2>
1886 <PRE CLASS=
"command">
1891 <Location /admin
>
1895 <Location /admin/conf
>
1899 <Location /admin/log
>
1903 <Location /classes
>
1907 <Location /classes/name
>
1911 <Location /jobs
>
1915 <Location /printers
>
1919 <Location /printers/name
>
1925 <H3>Description
</H3>
1927 <P>The
<CODE>Location
</CODE> directive specifies access control
1928 and authentication options for the specified HTTP resource or
1929 path. The
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>,
<A
1930 HREF=
"#AuthType"><CODE>AuthType
</CODE></A>,
<A
1931 HREF=
"#Deny"><CODE>Deny
</CODE></A>,
<A
1932 HREF=
"#Encryption"><CODE>Encryption
</CODE></A>,
<A
1933 HREF=
"#Limit"><CODE>Limit
</CODE></A>,
<A
1934 HREF=
"#LimitExcept"><CODE>LimitExcept
</CODE></A>,
<A
1935 HREF=
"#Order"><CODE>Order
</CODE></A>,
<A
1936 HREF=
"#Require"><CODE>Require
</CODE></A>, and
<A
1937 HREF=
"#Satisfy"><CODE>Satisfy
</CODE></A> directives may all
1938 appear inside a location.
</P>
1940 <P>Note that more specific resources override the less specific
1941 ones. So the directives inside the
<CODE>/printers/name
</CODE>
1942 location will override ones from
<CODE>/printers
</CODE>.
1943 Directives inside
<CODE>/printers
</CODE> will override ones from
1944 <CODE>/
</CODE>. None of the directives are inherited.
</P>
1946 <DIV CLASS=
"table"><TABLE SUMMARY=
"Common Locations on the Server">
1947 <CAPTION>Table
3:
<A NAME=
"TABLE3">Common Locations on the Server
</A></CAPTION>
1949 <TR><TH>Location
</TH><TH>Description
</TH></TR>
1952 <TR><TD><CODE>/
</CODE></TD><TD>The path for all get operations (get-printers, get-jobs, etc.)
</TD></TR>
1953 <TR><TD><CODE>/admin
</CODE></TD><TD>The path for all administration operations (add-printer, delete-printer, start-printer, etc.)
</TD></TR>
1954 <TR><TD><CODE>/admin/conf
</CODE></TD><TD>The path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
</TD></TR>
1955 <TR><TD><CODE>/admin/log
</CODE></TD><TD>The path for access to the CUPS log files (access_log, error_log, page_log)
</TD></TR>
1956 <TR><TD><CODE>/classes
</CODE></TD><TD>The path for all classes
</TD></TR>
1957 <TR><TD><CODE>/classes/name
</CODE></TD><TD>The resource for class
<CODE>name
</CODE></TD></TR>
1958 <TR><TD><CODE>/jobs
</CODE></TD><TD>The path for all jobs (hold-job, release-job, etc.)
</TD></TR>
1959 <TR><TD><CODE>/jobs/id
</CODE></TD><TD>The resource for job
<CODE>id
</CODE></TD></TR>
1960 <TR><TD><CODE>/printers
</CODE></TD><TD>The path for all printers
</TD></TR>
1961 <TR><TD><CODE>/printers/name
</CODE></TD><TD>The path for printer
<CODE>name
</CODE></TD></TR>
1962 <TR><TD><CODE>/printers/name.ppd
</CODE></TD><TD>The PPD file path for printer
<CODE>name
</CODE></TD></TR>
1967 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.15</SPAN><A NAME=
"LogFilePerm">LogFilePerm
</A></H2>
1971 <PRE CLASS=
"command">
1976 <H3>Description
</H3>
1978 <P>The
<CODE>LogFilePerm
</CODE> directive specifies the
1979 permissions to use when writing configuration files. The default
1980 is @CUPS_LOG_FILE_PERM@.
</P>
1983 <H2 CLASS=
"title"><A NAME=
"LogLevel">LogLevel
</A></H2>
1987 <PRE CLASS=
"command">
2000 <H3>Description
</H3>
2002 <P>The
<CODE>LogLevel
</CODE> directive specifies the level of
2003 logging for the
<A HREF=
"#ErrorLog"><CODE>ErrorLog
</CODE></A>
2004 file. The following values are recognized (each level logs
2005 everything under the preceding levels):
</P>
2009 <LI><CODE>none
</CODE> - Log nothing
</LI>
2011 <LI><CODE>emerg
</CODE> - Log emergency conditions that
2012 prevent the server from running
</LI>
2014 <LI><CODE>alert
</CODE> - Log alerts that must be handled
2017 <LI><CODE>crit
</CODE> - Log critical errors that don't
2018 prevent the server from running
</LI>
2020 <LI><CODE>error
</CODE> - Log general errors
</LI>
2022 <LI><CODE>warn
</CODE> - Log errors and warnings
</LI>
2024 <LI><CODE>notice
</CODE> - Log temporary error conditions
</LI>
2026 <LI><CODE>info
</CODE> - Log all requests and state
2029 <LI><CODE>debug
</CODE> - Log basic debugging
2032 <LI><CODE>debug2
</CODE> - Log all debugging
2037 <p>The default
<code>LogLevel
</code> is
<code>@CUPS_LOG_LEVEL@
</code>.
</p>
2040 <H2 CLASS=
"title"><A NAME=
"LogTimeFormat">LogTimeFormat
</A></H2>
2044 <PRE CLASS=
"command">
2045 LogTimeFormat standard
2049 <H3>Description
</H3>
2051 <P>The
<CODE>LogTimeFormat
</CODE> directive specifies the format used for the
2052 date and time in the log files.
<CODE>Standard
</CODE> uses the standard Apache
2053 Common Log Format date and time while
<CODE>usecs
</CODE> adds microseconds.
2054 The default is
<CODE>standard
</CODE>.
</P>
2057 <H2 CLASS=
"title"><A NAME=
"MaxClients">MaxClients
</A></H2>
2061 <PRE CLASS=
"command">
2066 <H3>Description
</H3>
2068 <P>The
<CODE>MaxClients
</CODE> directive controls the maximum
2069 number of simultaneous clients that will be allowed by the
2070 server. The default is
100 clients.
</P>
2072 <BLOCKQUOTE><B>Note:
</B>
2074 <P>Since each print job requires a file descriptor for the status
2075 pipe, the scheduler internally limits the
<CODE>MaxClients
</CODE>
2076 value to
1/
3 of the available file descriptors to avoid possible
2077 problems when printing large numbers of jobs.
</P>
2082 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.18</SPAN><A NAME=
"MaxClientsPerHost">MaxClientsPerHost
</A></H2>
2086 <PRE CLASS=
"command">
2087 MaxClientsPerHost
10
2090 <H3>Description
</H3>
2092 <P>The
<CODE>MaxClientsPerHost
</CODE> directive controls the
2093 maximum number of simultaneous clients that will be allowed from
2094 a single host by the server. The default is the
2095 <CODE>MaxClients
</CODE> value.
</P>
2097 <P>This directive provides a small measure of protection against
2098 Denial of Service attacks from a single host.
</P>
2101 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.16</SPAN><A NAME=
"MaxCopies">MaxCopies
</A></H2>
2105 <PRE CLASS=
"command">
2110 <H3>Description
</H3>
2112 <P>The
<CODE>MaxCopies
</CODE> directive controls the maximum
2113 number of copies that a user can print of a job. The default is
2114 @CUPS_MAX_COPIES@ copies.
</P>
2116 <BLOCKQUOTE><B>Note:
</B>
2118 <P>Most HP PCL laser printers internally limit the number of
2125 <H2 CLASS=
"title"><A NAME=
"MaxJobs">MaxJobs
</A></H2>
2129 <PRE CLASS=
"command">
2135 <H3>Description
</H3>
2137 <P>The
<CODE>MaxJobs
</CODE> directive controls the maximum number
2138 of jobs that are kept in memory. Once the number of jobs reaches
2139 the limit, the oldest completed job is automatically purged from
2140 the system to make room for the new one. If all of the known jobs
2141 are still pending or active then the new job will be
2144 <P>Setting the maximum size to
0 disables this functionality. The
2145 default setting is
500.
</P>
2148 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"MaxJobsPerPrinter">MaxJobsPerPrinter
</A></H2>
2152 <PRE CLASS=
"command">
2153 MaxJobsPerPrinter
100
2154 MaxJobsPerPrinter
9999
2158 <H3>Description
</H3>
2160 <P>The
<CODE>MaxJobsPerPrinter
</CODE> directive controls the
2161 maximum number of active jobs that are allowed for each printer
2162 or class. Once a printer or class reaches the limit, new jobs
2163 will be rejected until one of the active jobs is completed,
2164 stopped, aborted, or canceled.
</P>
2166 <P>Setting the maximum to
0 disables this functionality. The
2167 default setting is
0.
</P>
2170 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"MaxJobsPerUser">MaxJobsPerUser
</A></H2>
2174 <PRE CLASS=
"command">
2180 <H3>Description
</H3>
2182 <P>The
<CODE>MaxJobsPerUser
</CODE> directive controls the maximum
2183 number of active jobs that are allowed for each user. Once a user
2184 reaches the limit, new jobs will be rejected until one of the
2185 active jobs is completed, stopped, aborted, or canceled.
</P>
2187 <P>Setting the maximum to
0 disables this functionality. The
2188 default setting is
0.
</P>
2191 <H2 CLASS=
"title"><A NAME=
"MaxLogSize">MaxLogSize
</A></H2>
2195 <PRE CLASS=
"command">
2201 <H3>Description
</H3>
2203 <P>The
<CODE>MaxLogSize
</CODE> directive controls the maximum
2204 size of each log file. Once a log file reaches or exceeds the
2205 maximum size it is closed and renamed to
<VAR>filename.O
</VAR>.
2206 This allows you to rotate the logs automatically. The default
2207 size is
1048576 bytes (
1MB).
</P>
2209 <P>Setting the maximum size to
0 disables log rotation.
</P>
2212 <H2 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"MaxRequestSize">MaxRequestSize
</A></H2>
2216 <PRE CLASS=
"command">
2217 MaxRequestSize
10485760
2222 <H3>Description
</H3>
2224 <P>The
<CODE>MaxRequestSize
</CODE> directive controls the maximum
2225 size of print files, IPP requests, and HTML form data in HTTP
2226 POST requests. The default limit is
0 which disables the limit
2229 <P><B>This directive is deprecated and will be removed in a
2230 future CUPS release.
</B> Use the
<A
2231 HREF=
"#LimitRequestBody"><CODE>LimitRequestBody
</CODE></A>
2232 directive instead.
</P>
2235 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"MultipleOperationTimeout">MultipleOperationTimeout
</A></H2>
2239 <PRE CLASS=
"command">
2240 MultipleOperationTimeout
60
2241 MultipleOperationTimeout
300
2242 MultipleOperationTimeout
86400
2245 <H3>Description
</H3>
2247 <P>The
<CODE>MultipleOperationTimeout
</CODE> directive sets the maximum amount
2248 of time between files in a multi-file print job. The default is
300 seconds.
</P>
2251 <H2 CLASS=
"title"><A NAME=
"Order">Order
</A></H2>
2255 <PRE CLASS=
"command">
2256 <Location /path
>
2263 <H3>Description
</H3>
2265 <P>The
<CODE>Order
</CODE> directive defines the default access
2266 control. The following values are supported:
</P>
2270 <LI><CODE>allow,deny
</CODE> - Deny requests by default,
2271 then check the
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>
2272 lines followed by the
<A
2273 HREF=
"#Deny"><CODE>Deny
</CODE></A> lines
</LI>
2275 <LI><CODE>deny,allow
</CODE> - Allow requests by default,
2276 then check the
<A HREF=
"#Deny"><CODE>Deny
</CODE></A>
2277 lines followed by the
<A
2278 HREF=
"#Allow"><CODE>Allow
</CODE></A> lines
</LI>
2282 <P>The
<CODE>Order
</CODE> directive must appear inside a
<A
2283 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
2284 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
2287 <H2 CLASS=
"title"><A NAME=
"PageLog">PageLog
</A></H2>
2291 <PRE CLASS=
"command">
2292 PageLog /var/log/cups/page_log
2293 PageLog /var/log/cups/page_log-%s
2297 <H3>Description
</H3>
2299 <P>The
<CODE>PageLog
</CODE> directive sets the name of the page
2300 log file. If the filename is not absolute then it is assumed to
2301 be relative to the
<A
2302 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
2303 default page log file is
<VAR>@CUPS_LOGDIR@/page_log
</VAR>.
</P>
2305 <P>The server name can be included in the filename by using
2306 <CODE>%s
</CODE> in the name.
</P>
2308 <P>The special name
"syslog" can be used to send the page
2309 information to the system log instead of a plain file.
</P>
2312 <H2 CLASS=
"title"><A NAME=
"PageLogFormat">PageLogFormat
</A></H2>
2316 <PRE CLASS=
"command">
2317 PageLogFormat %p %j %u %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}
2318 PageLogFormat PAGE %p %j %u %P %C %{job-billing} %{job-originating-host-name}
2321 <H3>Description
</H3>
2323 <P>The
<CODE>PageLogFormat
</CODE> directive sets the format of lines
2324 that are logged to the page log file. Sequences beginning with percent (%)
2325 characters are replaced with the corresponding information, while all other
2326 characters are copied literally. The following percent sequences are
2331 <LI><CODE>%%
</CODE>: Inserts a single percent character.
</LI>
2333 <LI><CODE>%{name}
</CODE>: Inserts the value of the specified IPP
2336 <LI><CODE>%C
</CODE>: Inserts the number of copies for the current page.
</LI>
2338 <LI><CODE>%P
</CODE>: Inserts the current page number.
</LI>
2340 <LI><CODE>%T
</CODE>: Inserts the current date and time in common log
2343 <LI><CODE>%j
</CODE>: Inserts the job ID.
</LI>
2345 <LI><CODE>%p
</CODE>: Inserts the printer name.
</LI>
2347 <LI><CODE>%u
</CODE>: Inserts the username.
</LI>
2351 <P>The default is
"%p %j %u %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}".
</P>
2354 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"PassEnv">PassEnv
</A></H2>
2358 <PRE CLASS=
"command">
2359 PassEnv MY_ENV_VARIABLE
2362 <H3>Description
</H3>
2364 <P>The
<CODE>PassEnv
</CODE> directive specifies an environment
2365 variable that should be passed to child processes. Normally, the
2366 scheduler only passes the
<CODE>DYLD_LIBRARY_PATH
</CODE>,
2367 <CODE>LD_ASSUME_KERNEL
</CODE>,
<CODE>LD_LIBRARY_PATH
</CODE>,
2368 <CODE>LD_PRELOAD
</CODE>,
<CODE>NLSPATH
</CODE>,
2369 <CODE>SHLIB_PATH
</CODE>,
<CODE>TZ
</CODE>, and
<CODE>VGARGS
</CODE>
2370 environment variables to child processes.
</P>
2373 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"Policy">Policy
</A></H2>
2377 <PRE CLASS=
"command">
2379 <Limit operation ... operation
>
2382 <Limit operation ... operation
>
2391 <H3>Description
</H3>
2393 <P>The
<CODE>Policy
</CODE> directive specifies IPP operation
2394 access control limits. Each policy contains
1 or more
<A
2395 HREF=
"#LimitIPP"><CODE>Limit
</CODE></A> sections to set the
2396 access control limits for specific operations - user limits,
2397 authentication, encryption, and allowed/denied addresses,
2398 domains, or hosts. The
<CODE><Limit All
></CODE> section
2399 specifies the default access control limits for operations that
2402 <P>Policies are named and associated with printers via the
2403 printer's operation policy setting
2404 (
<CODE>printer-op-policy
</CODE>). The default policy for the
2405 scheduler is specified using the
<A
2406 HREF=
"#DefaultPolicy"><CODE>DefaultPolicy
</CODE></A>
2410 <H2 CLASS=
"title"><A NAME=
"Port">Port
</A></H2>
2414 <PRE CLASS=
"command">
2419 <H3>Description
</H3>
2421 <P>The
<CODE>Port
</CODE> directive specifies a port to listen on.
2422 Multiple
<CODE>Port
</CODE> lines can be specified to listen on
2423 multiple ports. The
<CODE>Port
</CODE> directive is equivalent to
2424 "<CODE>Listen *:nnn</CODE>". The default port is
631.
</P>
2426 <BLOCKQUOTE><B>Note:
</B>
2428 <P>On systems that support IPv6, this directive will bind to both
2429 the IPv4 and IPv6 wildcard address.
</P>
2434 <H2 CLASS=
"title"><A NAME=
"PreserveJobHistory">PreserveJobHistory
</A></H2>
2438 <PRE CLASS=
"command">
2439 PreserveJobHistory On
2440 PreserveJobHistory Off
2443 <H3>Description
</H3>
2445 <P>The
<CODE>PreserveJobHistory
</CODE> directive controls whether
2446 the history of completed, canceled, or aborted print jobs is
2449 <P>A value of
<CODE>On
</CODE> (the default) preserves job
2450 information until the administrator purges it with the
2451 <CODE>cancel
</CODE> command.
</P>
2453 <P>A value of
<CODE>Off
</CODE> removes the job information as
2454 soon as each job is completed, canceled, or aborted.
</P>
2457 <H2 CLASS=
"title"><A NAME=
"PreserveJobFiles">PreserveJobFiles
</A></H2>
2461 <PRE CLASS=
"command">
2463 PreserveJobFiles Off
2466 <H3>Description
</H3>
2468 <P>The
<CODE>PreserveJobFiles
</CODE> directive controls whether
2469 the document files of completed, canceled, or aborted print jobs
2470 are stored on disk.
</P>
2472 <P>A value of
<CODE>On
</CODE> preserves job files until the
2473 administrator purges them with the
<CODE>cancel
</CODE> command.
2474 Jobs can be restarted (and reprinted) as desired until they are
2477 <P>A value of
<CODE>Off
</CODE> (the default) removes the job
2478 files as soon as each job is completed, canceled, or aborted.
</P>
2481 <H2 CLASS=
"title"><A NAME=
"Printcap">Printcap
</A></H2>
2485 <PRE CLASS=
"command">
2487 Printcap /etc/printcap
2488 Printcap /etc/printers.conf
2489 Printcap /Library/Preferences/org.cups.printers.plist
2492 <H3>Description
</H3>
2494 <P>The
<CODE>Printcap
</CODE> directive controls whether or not a
2495 printcap file is automatically generated and updated with a list
2496 of available printers. If specified with no value, then no
2497 printcap file will be generated. The default is to generate a
2498 file named
<VAR>@CUPS_DEFAUL_PRINTCAP@
</VAR>.
</P>
2500 <P>When a filename is specified (e.g.
<VAR>@CUPS_DEFAULT_PRINTCAP@
</VAR>),
2501 the printcap file is written whenever a printer is added or
2502 removed. The printcap file can then be used by applications that
2503 are hardcoded to look at the printcap file for the available
2507 <H2 CLASS=
"title"><A NAME=
"PrintcapFormat">PrintcapFormat
</A></H2>
2511 <PRE CLASS=
"command">
2513 PrintcapFormat Solaris
2514 PrintcapFormat plist
2517 <H3>Description
</H3>
2519 <P>The
<CODE>PrintcapFormat
</CODE> directive controls the output format of the
2520 printcap file. The default is to generate the plist format on Mac OS X, the
2521 Solaris format on Solaris, and the BSD format on other operating systems.
</P>
2524 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.13</SPAN><A NAME=
"PrintcapGUI">PrintcapGUI
</A></H2>
2528 <PRE CLASS=
"command">
2529 PrintGUI /usr/bin/glpoptions
2532 <H3>Description
</H3>
2534 <P>The
<CODE>PrintcapGUI
</CODE> directive sets the program to
2535 associate with the IRIX printer GUI interface script which is
2536 used by IRIX applications to display printer-specific options.
2537 There is no default program.
</P>
2540 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.21</SPAN><A NAME=
"ReloadTimeout">ReloadTimeout
</A></H2>
2544 <PRE CLASS=
"command">
2549 <H3>Description
</H3>
2551 <P>The
<CODE>ReloadTimeout
</CODE> directive specifies the number
2552 of seconds the scheduler will wait for active jobs to complete
2553 before doing a restart. The default is
30 seconds.
</P>
2556 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.3</SPAN><A NAME=
"RemoteRoot">RemoteRoot
</A></H2>
2560 <PRE CLASS=
"command">
2565 <H3>Description
</H3>
2567 <P>The
<CODE>RemoteRoot
</CODE> directive sets the username for
2568 unauthenticated root requests from remote hosts. The default
2569 username is
<VAR>remroot
</VAR>. Setting
<CODE>RemoteRoot
</CODE>
2570 to
<VAR>root
</VAR> effectively disables this security
2574 <H2 CLASS=
"title"><A NAME=
"RequestRoot">RequestRoot
</A></H2>
2578 <PRE CLASS=
"command">
2579 RequestRoot /var/spool/cups
2580 RequestRoot /foo/bar/spool/cups
2583 <H3>Description
</H3>
2585 <P>The
<CODE>RequestRoot
</CODE> directive sets the directory for
2586 incoming IPP requests and HTML forms. If an absolute path is not
2587 provided then it is assumed to be relative to the
<A
2588 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
2589 default request directory is
<VAR>@CUPS_REQUESTS@
</VAR>.
</P>
2592 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Require">Require
</A></H2>
2596 <PRE CLASS=
"command">
2597 <Location /path
>
2599 Require group foo bar
2600 Require user john mary
2602 Require user @groupname
2603 Require user @SYSTEM
2608 <H3>Description
</H3>
2610 <P>The
<CODE>Require
</CODE> directive specifies that
2611 authentication is required for the resource. The
2612 <CODE>group
</CODE> keyword specifies that the authenticated user
2613 must be a member of one or more of the named groups that
2616 <P>The
<CODE>user
</CODE> keyword specifies that the
2617 authenticated user must be one of the named users or groups that
2618 follow. Group names are specified using the
"@" prefix.
</P>
2620 <P>The
<CODE>valid-user
</CODE> keyword specifies that any
2621 authenticated user may access the resource.
</P>
2623 <P>The default is to do no authentication. This directive must
2624 appear inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> or
2625 <A HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
2628 <H2 CLASS=
"title"><A NAME=
"RIPCache">RIPCache
</A></H2>
2632 <PRE CLASS=
"command">
2638 <H3>Description
</H3>
2640 <P>The
<CODE>RIPCache
</CODE> directive sets the size of the
2641 memory cache used by Raster Image Processor (
"RIP") filters such
2642 as
<CODE>imagetoraster
</CODE> and
<CODE>pstoraster
</CODE>. The
2643 size can be suffixed with a
"k" for kilobytes,
"m" for megabytes,
2644 or
"g" for gigabytes. The default cache size is
"8m", or
8
2648 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.16</SPAN><A NAME=
"RootCertDuration">RootCertDuration
</A></H2>
2652 <PRE CLASS=
"command">
2654 RootCertDuration
300
2657 <H3>Description
</H3>
2659 <P>The
<CODE>RootCertDuration
</CODE> directive specifies the
2660 number of seconds the
<EM>root certificate
</EM> remains valid.
2661 The scheduler will generate a new certificate as needed when the
2662 number of seconds has expired. If set to
0, the root certificate
2663 is generated only once on startup or on a restart. The default is
2667 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Satisfy">Satisfy
</A></H2>
2671 <PRE CLASS=
"command">
2672 <Location /path
>
2679 <H3>Description
</H3>
2681 <P>The
<CODE>Satisfy
</CODE> directive specifies whether all
2682 conditions must be satisfied to allow access to the resource. If
2683 set to
<CODE>all
</CODE>, then all authentication and access
2684 control conditions must be satified to allow access.
</P>
2686 <P>Setting
<CODE>Satisfy
</CODE> to
<CODE>any
</CODE> allows a user
2687 to gain access if the authentication or access control
2688 requirements are satisfied. For example, you might require
2689 authentication for remote access, but allow local access without
2692 <P>The default is
<CODE>all
</CODE>. This directive must appear
2693 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
2694 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
2697 <H2 CLASS=
"title"><A NAME=
"ServerAdmin">ServerAdmin
</A></H2>
2701 <PRE CLASS=
"command">
2702 ServerAdmin user@host
2703 ServerAdmin root@foo.bar.com
2706 <H3>Description
</H3>
2708 <P>The
<CODE>ServerAdmin
</CODE> directive identifies the email
2709 address for the administrator on the system. By default the
2710 administrator email address is
<CODE>root@server
</CODE>, where
2711 <CODE>server
</CODE> is the
<A
2712 HREF=
"#ServerName"><CODE>ServerName
</CODE></A>.
</P>
2715 <H2 CLASS=
"title"><A NAME=
"ServerBin">ServerBin
</A></H2>
2719 <PRE CLASS=
"command">
2720 ServerBin /usr/lib/cups
2721 ServerBin /foo/bar/lib/cups
2724 <H3>Description
</H3>
2726 <P>The
<CODE>ServerBin
</CODE> directive sets the directory for
2727 server-run executables. If an absolute path is not provided then
2728 it is assumed to be relative to the
<A
2729 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
2730 default executable directory is
<VAR>/usr/lib/cups
</VAR>,
2731 <VAR>/usr/lib32/cups
</VAR>, or
<VAR>/usr/libexec/cups
</VAR>
2732 depending on the operating system.
</P>
2735 <H2 CLASS=
"title"><A NAME=
"ServerCertificate">ServerCertificate
</A></H2>
2739 <PRE CLASS=
"command">
2740 ServerCertificate /etc/cups/ssl/server.crt
2743 <H3>Description
</H3>
2745 <P>The
<CODE>ServerCertificate
</CODE> directive specifies the
2746 location of the SSL certificate file used by the server when
2747 negotiating encrypted connections. The certificate must not be
2748 encrypted (password protected) since the scheduler normally runs
2749 in the background and will be unable to ask for a password.
</P>
2751 <P>The default certificate file is
2752 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
2755 <H2 CLASS=
"title"><A NAME=
"ServerKey">ServerKey
</A></H2>
2759 <PRE CLASS=
"command">
2760 ServerKey /etc/cups/ssl/server.key
2763 <H3>Description
</H3>
2765 <P>The
<CODE>ServerKey
</CODE> directive specifies the location of
2766 the SSL private key file used by the server when negotiating
2767 encrypted connections.
</P>
2769 <P>The default key file is
2770 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
2773 <H2 CLASS=
"title"><A NAME=
"ServerName">ServerName
</A></H2>
2777 <PRE CLASS=
"command">
2778 ServerName foo.domain.com
2779 ServerName myserver.domain.com
2782 <H3>Description
</H3>
2784 <P>The
<CODE>ServerName
</CODE> directive specifies the hostname
2785 that is reported to clients. By default the server name is the
2789 <H2 CLASS=
"title"><A NAME=
"ServerRoot">ServerRoot
</A></H2>
2793 <PRE CLASS=
"command">
2794 ServerRoot /etc/cups
2795 ServerRoot /foo/bar/cups
2798 <H3>Description
</H3>
2800 <P>The
<CODE>ServerRoot
</CODE> directive specifies the absolute
2801 path to the server configuration and state files. It is also used
2802 to resolve relative paths in the
<VAR>cupsd.conf
</VAR> file. The
2803 default server directory is
<VAR>/etc/cups
</VAR>.
</P>
2806 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.21</SPAN><A NAME=
"ServerTokens">ServerTokens
</A></H2>
2810 <PRE CLASS=
"command">
2812 ServerTokens ProductOnly
2815 ServerTokens Minimal
2820 <H3>Description
</H3>
2822 <P>The
<CODE>ServerTokens
</CODE> directive specifies the
2823 information that is included in the
<CODE>Server:
</CODE> header
2824 of all HTTP responses. Table
4 lists the token name along with
2825 the text that is returned. The default is
2826 <CODE>Minimal
</CODE>.
</P>
2828 <DIV CLASS=
"table"><TABLE SUMMARY=
"ServerToken Names and Values">
2829 <CAPTION>Table
4:
<A NAME=
"TABLE4">ServerToken Names and Values
</A></CAPTION>
2839 <TD>No
<CODE>Server:
</CODE> header is returned
</TD>
2842 <TD>ProductOnly
</TD>
2855 <TD>"CUPS 1.2.N" where N is the patch release
</TD>
2859 <TD>"CUPS 1.2.N (UNAME)" where N is the patch release and
2860 UNAME is the output of the
<B>uname(
1)
</B> command
</TD>
2864 <TD>"CUPS 1.2.N (UNAME) IPP/1.1" where N is the patch
2865 release and UNAME is the output of the
<B>uname(
1)
</B>
2872 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"SetEnv">SetEnv
</A></H2>
2876 <PRE CLASS=
"command">
2877 SetEnv PATH /usr/lib/cups/filter:/bin:/usr/bin:/usr/local/bin
2878 SetEnv MY_ENV_VAR foo
2881 <H3>Description
</H3>
2883 <P>The
<CODE>SetEnv
</CODE> directive specifies an environment
2884 variable that should be passed to child processes.
</P>
2887 <H2 CLASS=
"title"><A NAME=
"SSLOptions">SSLOptions
</A></H2>
2891 <PRE CLASS=
"command">
2892 SSLOptions
127.0.0.1:
443
2893 SSLOptions
192.0.2.1:
443
2896 <H3>Description
</H3>
2898 <P>The
<CODE>SSLOptions
</CODE> directive specifies a network
2899 address and port to listen for secure connections. Multiple
2900 <CODE>SSLOptions
</CODE> directives can be provided to listen on
2901 multiple addresses.
</P>
2903 <P>The
<CODE>SSLOptions
</CODE> directive is similar to the
<A
2904 HREF=
"#SSLPort"><CODE>SSLPort
</CODE></A> directive but allows you
2905 to restrict access to specific interfaces or networks.
</P>
2908 <H2 CLASS=
"title"><A NAME=
"SSLOptions">SSLOptions
</A></H2>
2912 <PRE CLASS=
"command">
2914 SSLOptions NoEmptyFragments
2917 <H3>Description
</H3>
2919 <P>The
<CODE>SSLOptions
</CODE> directive specifies additional SSL/TLS
2920 protocol options to use for encrypted connected. Currently only two
2921 options are supported -
<code>None
</code> (the default) for the most
2922 secure mode and
<code>NoEmptyFragments
</code> to allow CUPS to work with
2923 Microsoft Windows with the FIPS conformance mode enabled.
</p>
2926 <H2 CLASS=
"title"><A NAME=
"SSLPort">SSLPort
</A></H2>
2930 <PRE CLASS=
"command">
2934 <H3>Description
</H3>
2936 <P>The
<CODE>SSLPort
</CODE> directive specifies a port to listen
2937 on for secure connections. Multiple
<CODE>SSLPort
</CODE> lines
2938 can be specified to listen on multiple ports.
</P>
2941 <H2 CLASS=
"title"><A NAME=
"SystemGroup">SystemGroup
</A></H2>
2945 <PRE CLASS=
"command">
2950 SystemGroup root lpadmin
2953 <H3>Description
</H3>
2955 <P>The
<CODE>SystemGroup
</CODE> directive specifies the system
2956 administration group for
<CODE>System
</CODE> authentication.
2957 Multiple groups can be listed, separated with spaces. The default
2958 group list is
<CODE>@CUPS_SYSTEM_GROUPS@
</CODE>.
</P>
2961 <H2 CLASS=
"title"><A NAME=
"TempDir">TempDir
</A></H2>
2965 <PRE CLASS=
"command">
2967 TempDir /foo/bar/tmp
2970 <H3>Description
</H3>
2972 <P>The
<CODE>TempDir
</CODE> directive specifies an absolute path
2973 for the directory to use for temporary files. The default
2974 directory is
<VAR>@CUPS_REQUESTS@/tmp
</VAR>.
</P>
2976 <P>Temporary directories must be world-writable and should have
2977 the
"sticky" permission bit enabled so that other users cannot
2978 delete filter temporary files. The following commands will create
2979 an appropriate temporary directory called
2980 <VAR>/foo/bar/tmp
</VAR>:
</P>
2982 <PRE CLASS=
"command">
2983 <KBD>mkdir /foo/bar/tmp
</KBD>
2984 <KBD>chmod a+rwxt /foo/bar/tmp
</KBD>
2988 <H2 CLASS=
"title"><A NAME=
"Timeout">Timeout
</A></H2>
2992 <PRE CLASS=
"command">
2997 <H3>Description
</H3>
2999 <P>The
<CODE>Timeout
</CODE> directive controls the amount of time
3000 to wait before an active HTTP or IPP request times out. The
3001 default timeout is
300 seconds.
</P>
3004 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"UseNetworkDefault">UseNetworkDefault
</A></H2>
3008 <PRE CLASS=
"command">
3009 UseNetworkDefault yes
3010 UseNetworkDefault no
3013 <H3>Description
</H3>
3015 <P>The
<CODE>UseNetworkDefault
</CODE> directive controls whether
3016 the client will use a network/remote printer as a default
3017 printer. If enabled, the default printer of a server is used as
3018 the default printer on a client. When multiple servers are
3019 advertising a default printer, the client's default printer is
3020 set to the first discovered printer, or to the implicit class for
3021 the same printer available from multiple servers.
</P>
3023 <P>The default is
<CODE>@CUPS_USE_NETWORK_DEFAULT@
</CODE>.
</P>
3026 <H2 CLASS=
"title"><A NAME=
"User">User
</A></H2>
3030 <PRE CLASS=
"command">
3035 <H3>Description
</H3>
3037 <P>The
<CODE>User
</CODE> directive specifies the UNIX user that
3038 filter and CGI programs run as. The default user is
3039 <CODE>@CUPS_USER@
</CODE>.
</P>
3041 <BLOCKQUOTE><B>Note:
</B>
3043 <P>You may not use user
<CODE>root
</CODE>, as that would expose
3044 the system to unacceptable security risks. The scheduler will
3045 automatically choose user
<CODE>nobody
</CODE> if you specify a
3046 user whose ID is
0.
</P>