2 <!-- SECTION: References -->
4 <TITLE>cupsd.conf
</TITLE>
5 <LINK REL=
"STYLESHEET" TYPE=
"text/css" HREF=
"../cups-printable.css">
9 <H1 CLASS=
"title">cupsd.conf
</H1>
11 <P>The
<VAR>/etc/cups/cupsd.conf
</VAR> file contains
12 configuration
<I>directives
</I> that control how the server
13 functions. Each directive is listed on a line by itself followed
14 by its value. Comments are introduced using the number sign (
"#")
15 character at the beginning of a line.
</P>
17 <P>Since the server configuration file consists of plain text,
18 you can use your favorite text editor to make changes to it.
19 After making any changes, restart the
<CODE>cupsd(
8)
</CODE>
20 process using the startup script for your operating system:
</P>
24 <LI>AIX, IRIX, Linux, Solaris:
26 /etc/init.d/cups restart
31 /sbin/init.d/cups restart
36 sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
37 sudo launchctl load /System/Library/LaunchDaemons/org.cups.cupsd.plist
42 <P>You can also edit this file from the CUPS web interface, which
43 automatically handles restarting the scheduler.
</P>
46 <H2 CLASS=
"title"><A NAME=
"AccessLog">AccessLog
</A></H2>
51 AccessLog /var/log/cups/access_log
52 AccessLog /var/log/cups/access_log-%s
58 <P>The
<CODE>AccessLog
</CODE> directive sets the name of the
59 access log file. If the filename is not absolute then it is
60 assumed to be relative to the
<A
61 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
62 access log file is stored in
"common log format" and can be used
63 by any web access reporting tool to generate a report on CUPS
66 <P>The server name can be included in the filename by using
67 <CODE>%s
</CODE> in the name.
</P>
69 <P>The special name
"syslog" can be used to send the access
70 information to the system log instead of a plain file.
</P>
72 <P>The default access log file is
73 <VAR>@CUPS_LOGDIR@/access_log
</VAR>.
</P>
76 <H2 CLASS=
"title"><A NAME=
"AccessLogLevel">AccessLogLevel
</A></H2>
82 AccessLogLevel actions
88 <P>The
<CODE>AccessLogLevel
</CODE> directive controls which requests are logged
89 to the access log file. The following levels are defined:
</P>
93 <LI><CODE>config
</CODE>; Log when printers and classes are added,
94 deleted, or modified and when configuration files are accessed or
97 <LI><CODE>actions
</CODE>; Log when print jobs are submitted,
98 held, released, modified, or canceled, and any of the conditions
99 for
<CODE>config
</CODE>.
</LI>
101 <LI><CODE>all
</CODE>; Log all requests.
</LI>
105 <P>The default access log level is
<CODE>@CUPS_ACCESS_LOG_LEVEL@
</CODE>.
</P>
108 <H2 CLASS=
"title"><A NAME=
"Allow">Allow
</A></H2>
112 <PRE CLASS=
"command">
113 <Location /path
>
117 Allow from *.domain.com
118 Allow from .domain.com
119 Allow from host.domain.com
122 Allow from nnn.nnn.nnn.*
123 Allow from nnn.nnn.nnn.nnn
124 Allow from nnn.nnn.nnn.nnn/mm
125 Allow from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
126 Allow from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
134 <P>The
<CODE>Allow
</CODE> directive specifies a hostname, IP
135 address, or network that is allowed access to the server.
136 <CODE>Allow
</CODE> directives are cummulative, so multiple
137 <CODE>Allow
</CODE> directives can be used to allow access for
138 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
139 specifies a CIDR netmask, as shown in Table
1.
</P>
141 <DIV CLASS=
"table"><TABLE SUMMARY=
"CIDR Netmasks">
142 <CAPTION>Table
1:
<A NAME=
"TABLE1">CIDR Netmasks
</A></CAPTION>
144 <TH WIDTH=
"10%">mm
</TH>
145 <TH WIDTH=
"20%">netmask
</TH>
146 <TH WIDTH=
"10%">mm
</TH>
147 <TH WIDTH=
"20%">netmask
</TH>
150 <TD ALIGN=
"CENTER">0</TD>
151 <TD ALIGN=
"CENTER">0.0.0.0</TD>
152 <TD ALIGN=
"CENTER">8</TD>
153 <TD ALIGN=
"CENTER">255.0.0.0</TD>
156 <TD ALIGN=
"CENTER">1</TD>
157 <TD ALIGN=
"CENTER">128.0.0.0</TD>
158 <TD ALIGN=
"CENTER">16</TD>
159 <TD ALIGN=
"CENTER">255.255.0.0</TD>
162 <TD ALIGN=
"CENTER">2</TD>
163 <TD ALIGN=
"CENTER">192.0.0.0</TD>
164 <TD ALIGN=
"CENTER">24</TD>
165 <TD ALIGN=
"CENTER">255.255.255.0</TD>
168 <TD ALIGN=
"CENTER">...
</TD>
169 <TD ALIGN=
"CENTER">...
</TD>
170 <TD ALIGN=
"CENTER">32</TD>
171 <TD ALIGN=
"CENTER">255.255.255.255</TD>
175 <P>The
<CODE>@LOCAL
</CODE> name will allow access from all local
176 interfaces. The
<CODE>@IF(name)
</CODE> name will allow access
177 from the named interface. In both cases, CUPS only allows access
178 from the network that the interface(s) are configured for -
179 requests arriving on the interface from a foreign network will
180 <em>not
</em> be accepted.
</P>
182 <P>The
<CODE>Allow
</CODE> directive must appear inside a
<A
183 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
184 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
187 <H2 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthClass">AuthClass
</A></H2>
191 <PRE CLASS=
"command">
192 <Location /path
>
203 <P>The
<CODE>AuthClass
</CODE> directive defines what level of
204 authentication is required:
</P>
208 <LI><CODE>Anonymous
</CODE> - No authentication should be
209 performed (default)
</LI>
211 <LI><CODE>User
</CODE> - A valid username and password is
214 <LI><CODE>System
</CODE> - A valid username and password
215 is required, and the username must belong to the
"sys"
216 group; this can be changed using the
<A
217 HREF=
"#SystemGroup"><CODE>SystemGroup
</CODE></A>
220 <LI><CODE>Group
</CODE> - A valid username and password is
221 required, and the username must belong to the group named
223 HREF=
"#AuthGroupName"><CODE>AuthGroupName
</CODE></A>
228 <P>The
<CODE>AuthClass
</CODE> directive must appear inside a
<A
229 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
230 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
232 <P><B>This directive is deprecated and will be removed from a
233 future release of CUPS.
</B> Consider using the more flexible
<A
234 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
237 <H2 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthGroupName">AuthGroupName
</A></H2>
241 <PRE CLASS=
"command">
242 <Location /path
>
244 AuthGroupName mygroup
251 <P>The
<CODE>AuthGroupName
</CODE> directive sets the group to use
252 for
<CODE>Group
</CODE> authentication.
</P>
254 <P>The
<CODE>AuthGroupName
</CODE> directive must appear inside a
255 <A HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
256 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
258 <P><B>This directive is deprecated and will be removed from a
259 future release of CUPS.
</B> Consider using the more flexible
<A
260 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
263 <H2 CLASS=
"title"><A NAME=
"AuthType">AuthType
</A></H2>
267 <PRE CLASS=
"command">
268 <Location /path
>
280 <P>The
<CODE>AuthType
</CODE> directive defines the type of
281 authentication to perform:
</P>
285 <LI><CODE>None
</CODE> - No authentication should be
286 performed (default)
</LI>
288 <LI><CODE>Basic
</CODE> - Basic authentication should be
289 performed using the UNIX password and group files
</LI>
291 <LI><CODE>Digest
</CODE> - Digest authentication should be
292 performed using the
<VAR>/etc/cups/passwd.md5
</VAR>
295 <LI><CODE>BasicDigest
</CODE> - Basic authentication
296 should be performed using the
297 <VAR>/etc/cups/passwd.md5
</VAR> file
</LI>
299 <LI><CODE>Negotiate
</CODE> - Kerberos authentication
300 should be performed
</LI>
304 <P>When using
<CODE>Basic
</CODE>,
<CODE>Digest
</CODE>,
305 <CODE>BasicDigest
</CODE>, or
<CODE>Negotiate
</CODE> authentication,
306 clients connecting through the
<CODE>localhost
</CODE> interface can
307 also authenticate using certificates.
</P>
309 <P>The
<CODE>AuthType
</CODE> directive must appear inside a
<A
310 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
311 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
314 <H2 CLASS=
"title"><A NAME=
"AutoPurgeJobs">AutoPurgeJobs
</A></H2>
318 <PRE CLASS=
"command">
325 <P>The
<CODE>AutoPurgeJobs
</CODE> directive specifies whether or
326 not to purge completed jobs once they are no longer required for
327 quotas. This option has no effect if quotas are not enabled. The
328 default setting is
<CODE>No
</CODE>.
</P>
331 <H2 CLASS=
"title"><A NAME=
"BrowseAddress">BrowseAddress
</A></H2>
335 <PRE CLASS=
"command">
336 BrowseAddress
255.255.255.255:
631
337 BrowseAddress
192.0.2.255:
631
338 BrowseAddress host.domain.com:
631
340 BrowseAddress @IF(name)
345 <P>The
<CODE>BrowseAddress
</CODE> directive specifies an address
346 to send browsing information to. Multiple
347 <CODE>BrowseAddress
</CODE> directives can be specified to send
348 browsing information to different networks or systems.
</P>
350 <P>The
<CODE>@LOCAL
</CODE> name will broadcast printer
351 information to all local interfaces. The
<CODE>@IF(name)
</CODE>
352 name will broadcast to the named interface.
</P>
354 <P>There is no default browse address.
</P>
356 <BLOCKQUOTE><B>Note:
</B>
358 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
359 16, or
8 bits, printer browsing (and in fact all broadcast
360 reception) will not work. This problem appears to be fixed in
366 <H2 CLASS=
"title"><A NAME=
"BrowseAllow">BrowseAllow
</A></H2>
370 <PRE CLASS=
"command">
372 BrowseAllow from none
373 BrowseAllow from
192.0.2
374 BrowseAllow from
192.0.2.0/
24
375 BrowseAllow from
192.0.2.0/
255.255.255.0
376 BrowseAllow from *.domain.com
377 BrowseAllow from @LOCAL
378 BrowseAllow from @IF(name)
383 <P>The
<CODE>BrowseAllow
</CODE> directive specifies a system or
384 network to accept browse packets from. The default is to accept
385 browse packets from all hosts.
</P>
387 <P>Host and domain name matching require that you enable the
<A
388 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
391 <P>IP address matching supports exact matches, partial addresses
392 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
393 255.255.255.0, or network addresses using the specified netmask
396 <P>The
<CODE>@LOCAL
</CODE> name will allow browse data from all
397 local interfaces. The
<CODE>@IF(name)
</CODE> name will allow
398 browse data from the named interface. In both cases, CUPS only
399 allows data from the network that the interface(s) are configured
400 for - data arriving on the interface from a foreign network will
401 <em>not
</em> be allowed.
</P>
404 <H2 CLASS=
"title"><A NAME=
"BrowseDeny">BrowseDeny
</A></H2>
408 <PRE CLASS=
"command">
411 BrowseDeny from
192.0.2
412 BrowseDeny from
192.0.2.0/
24
413 BrowseDeny from
192.0.2.0/
255.255.255.0
414 BrowseDeny from *.domain.com
415 BrowseDeny from @LOCAL
416 BrowseDeny from @IF(name)
421 <P>The
<CODE>BrowseDeny
</CODE> directive specifies a system or
422 network to reject browse packets from. The default is to not deny
423 browse packets from any hosts.
</P>
425 <P>Host and domain name matching require that you enable the
<A
426 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
429 <P>IP address matching supports exact matches, partial addresses
430 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
431 255.255.255.0, or network addresses using the specified netmask
434 <P>The
<CODE>@LOCAL
</CODE> name will block browse data from all
435 local interfaces. The
<CODE>@IF(name)
</CODE> name will block
436 browse data from the named interface. In both cases, CUPS only
437 blocks data from the network that the interface(s) are configured
438 for - data arriving on the interface from a foreign network will
439 <em>not
</em> be blocked.
</P>
442 <H2 CLASS=
"title"><A NAME=
"BrowseInterval">BrowseInterval
</A></H2>
446 <PRE CLASS=
"command">
453 <P>The
<CODE>BrowseInterval
</CODE> directive specifies the
454 maximum amount of time between browsing updates. Specifying a
455 value of
0 seconds disables outgoing browse updates but allows a
456 server to receive printer information from other hosts.
</P>
458 <P>The
<CODE>BrowseInterval
</CODE> value should always be less
459 than the
<A HREF=
"#BrowseTimeout"><CODE>BrowseTimeout
</CODE></A>
460 value. Otherwise printers and classes will disappear from client
461 systems between updates.
</P>
464 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPBindDN">BrowseLDAPBindDN
</A></H2>
468 <PRE CLASS=
"command">
474 <P>The
<CODE>BrowseLDAPBindDN
</CODE> directive specifies the LDAP
475 domain name to use when listening for printer registrations. The
476 default is undefined.
</P>
479 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"BrowseLDAPCACertFile">BrowseLDAPCACertFile
</A></H2>
483 <PRE CLASS=
"command">
484 BrowseLDAPCACertFile /etc/cups/ssl/certs
489 <P>The
<CODE>BrowseLDAPCACertFile
</CODE> directive specifies the SSL certificate
490 authority file to use for LDAP + SSL. The default is undefined.
</P>
493 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPDN">BrowseLDAPDN
</A></H2>
497 <PRE CLASS=
"command">
503 <P>The
<CODE>BrowseLDAPDN
</CODE> directive specifies the LDAP
504 domain name to use when registering local shared printers. The
505 default is undefined.
</P>
508 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPPassword">BrowseLDAPPassword
</A></H2>
512 <PRE CLASS=
"command">
513 BrowseLDAPPassword foo123
518 <P>The
<CODE>BrowseLDAPPassword
</CODE> directive specifies the
519 access password to use when connecting to the LDAP server. The
520 default is undefined.
</P>
523 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLDAPServer">BrowseLDAPServer
</A></H2>
527 <PRE CLASS=
"command">
528 BrowseLDAPServer localhost
533 <P>The
<CODE>BrowseLDAPServer
</CODE> directive specifies the name
534 of the LDAP server to connect to. The default is undefined.
</P>
537 <H2 CLASS=
"title"><A NAME=
"BrowseLocalOptions">BrowseLocalOptions
</A></H2>
541 <PRE CLASS=
"command">
542 BrowseLocalOptions compression=yes
543 BrowseLocalOptions encryption=required
544 BrowseLocalOptions compression=yes
&encryption=required
549 <P>The
<CODE>BrowseLocalOptions
</CODE> directive specifies
550 additional IPP backend options to advertise with local shared
551 printers. The default is to not include any options.
</P>
554 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseLocalProtocols">BrowseLocalProtocols
</A></H2>
558 <PRE CLASS=
"command">
559 BrowseLocalProtocols all
560 BrowseLocalProtocols none
561 BrowseLocalProtocols cups
562 BrowseLocalProtocols dnssd
563 BrowseLocalProtocols ldap
564 BrowseLocalProtocols lpd
565 BrowseLocalProtocols slp
566 BrowseLocalProtocols smb
567 BrowseLocalProtocols cups dnssd
572 <P>The
<CODE>BrowseLocalProtocols
</CODE> directive specifies the
573 protocols to use when advertising local shared printers on the
574 network. Multiple protocols can be specified by separating them
575 with spaces. The default is
"<CODE>@CUPS_BROWSE_LOCAL_PROTOCOLS@</CODE>".
</P>
578 <H2 CLASS=
"title"><A NAME=
"BrowseOrder">BrowseOrder
</A></H2>
582 <PRE CLASS=
"command">
583 BrowseOrder allow,deny
584 BrowseOrder deny,allow
589 <P>The
<CODE>BrowseOrder
</CODE> directive specifies the order of
590 allow/deny processing. The default order is
591 <CODE>deny,allow
</CODE>:
</P>
595 <LI><CODE>allow,deny
</CODE> - Deny browse packets by
596 default, then check
<CODE>BrowseAllow
</CODE> lines
597 followed by
<CODE>BrowseDeny
</CODE> lines.
</LI>
599 <LI><CODE>deny,allow
</CODE> - Allow browse packets by
600 default, then check
<CODE>BrowseDeny
</CODE> lines
601 followed by
<CODE>BrowseAllow
</CODE> lines.
</LI>
606 <H2 CLASS=
"title"><A NAME=
"BrowsePoll">BrowsePoll
</A></H2>
610 <PRE CLASS=
"command">
611 BrowsePoll
192.0.2.2:
631
612 BrowsePoll host.domain.com:
631
617 <P>The
<CODE>BrowsePoll
</CODE> directive polls a server for
618 available printers once every
<A
619 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> seconds.
620 Multiple
<CODE>BrowsePoll
</CODE> directives can be specified to
621 poll multiple servers.
</P>
623 <P>If
<CODE>BrowseInterval
</CODE> is set to
0 then the server is
624 polled once every
30 seconds.
</P>
627 <H2 CLASS=
"title"><A NAME=
"BrowsePort">BrowsePort
</A></H2>
631 <PRE CLASS=
"command">
638 <P>The
<CODE>BrowsePort
</CODE> directive specifies the UDP port number
639 used for browse packets. The default port number is
631.
</P>
641 <BLOCKQUOTE><B>Note:
</B>
643 <P>You must set the
<CODE>BrowsePort
</CODE> to the same value
644 on all of the systems that you want to see.
649 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"BrowseProtocols">BrowseProtocols
</A></H2>
653 <PRE CLASS=
"command">
657 BrowseProtocols dnssd
662 BrowseProtocols cups dnssd
667 <P>The
<CODE>BrowseProtocols
</CODE> directive specifies the
668 protocols to use when showing and advertising shared printers on
669 the local network. Multiple protocols can be specified by
670 separating them with spaces. The default protocol is
671 "<CODE>@CUPS_BROWSE_LOCAL_PROTOCOLS@</CODE>" for
672 <A HREF=
"#BrowseLocalProtocols"><CODE>BrowseLocalProtocols
</CODE></A> and
673 "<CODE>@CUPS_BROWSE_REMOTE_PROTOCOLS@</CODE>" for
674 <A HREF=
"#BrowseRemoteProtocols"><CODE>BrowseRemoteProtocols
</CODE></A>.
</P>
676 <BLOCKQUOTE><B>Note:
</B>
678 <P>When using the
<CODE>SLP
</CODE> protocol, you must have at least
679 one Directory Agent (DA) server on your network. Otherwise the
680 CUPS scheduler (
<CODE>cupsd
</CODE>) will not respond to client
681 requests for several seconds while polling the network.
</P>
686 <H2 CLASS=
"title"><A NAME=
"BrowseRelay">BrowseRelay
</A></H2>
690 <PRE CLASS=
"command">
691 BrowseRelay
193.0.2.1 192.0.2.255
692 BrowseRelay
193.0.2.0/
255.255.255.0 192.0.2.255
693 BrowseRelay
193.0.2.0/
24 192.0.2.255
694 BrowseRelay *.domain.com
192.0.2.255
695 BrowseRelay host.domain.com
192.0.2.255
700 <P>The
<CODE>BrowseRelay
</CODE> directive specifies source and
701 destination addresses for relaying browsing information from one
702 host or network to another. Multiple
<CODE>BrowseRelay
</CODE>
703 directives can be specified as needed.
</P>
705 <P><CODE>BrowseRelay
</CODE> is typically used on systems that
706 bridge multiple subnets using one or more network interfaces. It
707 can also be used to relay printer information from polled servers
710 <PRE CLASS=
"command">
711 BrowseRelay
127.0.0.1 @LOCAL
714 <P>This effectively provides access to printers on a WAN for all
715 clients on the LAN(s).
</P>
718 <H2 CLASS=
"title"><A NAME=
"BrowseRemoteOptions">BrowseRemoteOptions
</A></H2>
722 <PRE CLASS=
"command">
723 BrowseRemoteOptions compression=yes
724 BrowseRemoteOptions encryption=required
725 BrowseRemoteOptions ?compression=yes
&encryption=required
730 <P>The
<CODE>BrowseRemoteOptions
</CODE> directive specifies
731 additional IPP backend options to include with remote shared
732 printers. If the options string begins with a question mark (?),
733 the options replace any options specified by the remote server.
734 The default is to not include any options.
</P>
737 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"BrowseRemoteProtocols">BrowseRemoteProtocols
</A></H2>
741 <PRE CLASS=
"command">
742 BrowseRemoteProtocols all
743 BrowseRemoteProtocols none
744 BrowseRemoteProtocols cups
745 BrowseRemoteProtocols ldap
746 BrowseRemoteProtocols slp
751 <P>The
<CODE>BrowseRemoteProtocols
</CODE> directive specifies the
752 protocols to use when finding remote shared printers on the
753 network. Multiple protocols can be specified by separating them
754 with spaces. The default is
"<CODE>@CUPS_BROWSE_REMOTE_PROTOCOLS@</CODE>".
</P>
757 <H2 CLASS=
"title"><A NAME=
"BrowseShortNames">BrowseShortNames
</A></H2>
761 <PRE CLASS=
"command">
768 <P>The
<CODE>BrowseShortNames
</CODE> directive specifies whether
769 or not short names are used for remote printers when possible.
770 Short names are just the remote printer name, without the server
771 (
"printer"). If more than one remote printer is detected with the
772 same name, the printers will have long names (
"printer@server1",
773 "printer@server2".)
</P>
775 <P>The default value for this option is
<CODE>@CUPS_BROWSE_SHORT_NAMES@
</CODE>.
</P>
778 <H2 CLASS=
"title"><A NAME=
"BrowseTimeout">BrowseTimeout
</A></H2>
782 <PRE CLASS=
"command">
789 <P>The
<CODE>BrowseTimeout
</CODE> directive sets the timeout for
790 printer or class information that is received in browse packets.
791 Once a printer or class times out it is removed from the list of
792 available destinations.
</P>
794 <P>The
<CODE>BrowseTimeout
</CODE> value should always be greater
796 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> value.
797 Otherwise printers and classes will disappear from client systems
801 <H2 CLASS=
"title"><A NAME=
"BrowseWebIF">BrowseWebIF
</A></H2>
805 <PRE CLASS=
"command">
812 <P>The
<CODE>BrowseWebIF
</CODE> directive controls whether the CUPS web
813 interface is advertised via DNS-SD. The default setting is
814 <CODE>Off
</CODE>.
</P>
817 <H2 CLASS=
"title"><A NAME=
"Browsing">Browsing
</A></H2>
821 <PRE CLASS=
"command">
828 <P>The
<CODE>Browsing
</CODE> directive controls whether or not
829 network printer browsing is enabled. The default setting is
830 <CODE>@CUPS_BROWSING@
</CODE>.
</P>
832 <P>This directive does not enable sharing of local printers by
833 itself; you must also use the
<A
834 HREF=
"#BrowseAddress"><CODE>BrowseAddress
</CODE></A> or
<A
835 HREF=
"#BrowseProtocols"><CODE>BrowseProtocols
</CODE></A>
836 directives to advertise local printers to other systems.
</P>
838 <BLOCKQUOTE><B>Note:
</B>
840 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
841 16, or
8 bits, printer browsing (and in fact all broadcast
842 reception) will not work. This problem appears to be fixed in
848 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Classification">Classification
</A></H2>
852 <PRE CLASS=
"command">
854 Classification classified
855 Classification confidential
856 Classification secret
857 Classification topsecret
858 Classification unclassified
863 <P>The
<CODE>Classification
</CODE> directive sets the
864 classification level on the server. When this option is set, at
865 least one of the banner pages is forced to the classification
866 level, and the classification is placed on each page of output.
867 The default is no classification level.
</P>
870 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"ClassifyOverride">ClassifyOverride
</A></H2>
874 <PRE CLASS=
"command">
881 <P>The
<CODE>ClassifyOverride
</CODE> directive specifies whether
882 users can override the default classification level on the
883 server. When the server classification is set, users can change
884 the classification using the
<CODE>job-sheets
</CODE> option and
885 can choose to only print one security banner before or after the
886 job. If the
<CODE>job-sheets
</CODE> option is set to
887 <CODE>none
</CODE> then the server default classification is
890 <P>The default is to not allow classification overrides.
</P>
893 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.15</SPAN><A NAME=
"ConfigFilePerm">ConfigFilePerm
</A></H2>
897 <PRE CLASS=
"command">
904 <P>The
<CODE>ConfigFilePerm
</CODE> directive specifies the
905 permissions to use when writing configuration files. The default
906 is @CUPS_CONFIG_FILE_PERM@.
</P>
909 <H2 CLASS=
"title"><A NAME=
"DataDir">DataDir
</A></H2>
913 <PRE CLASS=
"command">
914 DataDir /usr/share/cups
919 <P>The
<CODE>DataDir
</CODE> directive sets the directory to use
923 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultAuthType">DefaultAuthType
</A></H2>
927 <PRE CLASS=
"command">
928 DefaultAuthType Basic
929 DefaultAuthType BasicDigest
930 DefaultAuthType Digest
931 DefaultAuthType Negotiate
936 <P>The
<CODE>DefaultAuthType
</CODE> directive specifies the type
937 of authentication to use for IPP operations that require a
938 username. The default is
<CODE>Basic
</CODE>.
</P>
941 <H2 CLASS=
"title"><A NAME=
"DefaultCharset">DefaultCharset
</A></H2>
945 <PRE CLASS=
"command">
947 DefaultCharset iso-
8859-
1
948 DefaultCharset windows-
1251
953 <P>The
<CODE>DefaultCharset
</CODE> directive sets the default
954 character set to use for client connections. The default
955 character set is
<CODE>utf-
8</CODE> but is overridden by the
956 character set for the language specified by the client or the
957 <CODE>DefaultLanguage
</CODE> directive.
</P>
960 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultEncryption">DefaultEncryption
</A></H2>
964 <PRE CLASS=
"command">
965 DefaultEncryption Never
966 DefaultEncryption IfRequested
967 DefaultEncryption Required
972 <P>The
<CODE>DefaultEncryption
</CODE> directive specifies the
973 type of encryption to use when performing authentication. The
974 default is
<CODE>Required
</CODE>.
</P>
977 <H2 CLASS=
"title"><A NAME=
"DefaultLanguage">DefaultLanguage
</A></H2>
981 <PRE CLASS=
"command">
991 <P>The
<CODE>DefaultLanguage
</CODE> directive specifies the
992 default language to use for client connections. Setting the
993 default language also sets the default character set if a
994 language localization file exists for it. The default language
995 is
"en" for English.
</P>
998 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"DefaultPaperSize">DefaultPaperSize
</A></H2>
1002 <PRE CLASS=
"command">
1003 DefaultPaperSize Letter
1005 DefaultPaperSize Auto
1006 DefaultPaperSize None
1009 <H3>Description
</H3>
1011 <P>The
<CODE>DefaultPaperSize
</CODE> directive specifies the default paper
1012 size to use when creating new printers. The default is
<CODE>Auto
</CODE>
1013 which uses a paper size appropriate for the system default locale. A value
1014 of
<CODE>None
</CODE> tells the scheduler to not set the default paper
1018 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultPolicy">DefaultPolicy
</A></H2>
1022 <PRE CLASS=
"command">
1023 DefaultPolicy default
1027 <H3>Description
</H3>
1029 <P>The
<CODE>DefaultPolicy
</CODE> directive specifies the default
1030 policy to use for IPP operation. The default is
1031 <CODE>default
</CODE>.
</P>
1034 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"DefaultShared">DefaultShared
</A></H2>
1038 <PRE CLASS=
"command">
1043 <H3>Description
</H3>
1045 <P>The
<CODE>DefaultShared
</CODE> directive specifies whether
1046 printers are shared (published) by default. The default is
1047 <CODE>@CUPS_DEFAULT_SHARED@
</CODE>.
</P>
1050 <H2 CLASS=
"title"><A NAME=
"Deny">Deny
</A></H2>
1054 <PRE CLASS=
"command">
1055 <Location /path
>
1059 Deny from *.domain.com
1060 Deny from .domain.com
1061 Deny from host.domain.com
1064 Deny from nnn.nnn.nnn.*
1065 Deny from nnn.nnn.nnn.nnn
1066 Deny from nnn.nnn.nnn.nnn/mm
1067 Deny from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
1068 Deny from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
1074 <H3>Description
</H3>
1076 <P>The
<CODE>Deny
</CODE> directive specifies a hostname, IP
1077 address, or network that is denied access to the server.
1078 <CODE>Deny
</CODE> directives are cummulative, so multiple
1079 <CODE>Deny
</CODE> directives can be used to allow access for
1080 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
1081 specifies a CIDR netmask, a shown in
<A HREF=
"TABLE1">Table
1084 <P>The
<CODE>@LOCAL
</CODE> name will deny access from all local
1085 interfaces. The
<CODE>@IF(name)
</CODE> name will deny access from
1086 the named interface. In both cases, CUPS only denies access from
1087 the network that the interface(s) are configured for - requests
1088 arriving on the interface from a foreign network will
1089 <em>not
</em> be denied.
</P>
1091 <P>The
<CODE>Deny
</CODE> directive must appear inside a
<A
1092 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
1093 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
1096 <H2 CLASS=
"title"><A NAME=
"DirtyCleanInterval">DirtyCleanInterval
</A></H2>
1100 <PRE CLASS=
"command">
1101 DirtyCleanInterval
30
1102 DirtyCleanInterval
0
1105 <H3>Description
</H3>
1107 <P>The
<CODE>DirtyCleanInterval
</CODE> directive specifies the number of
1108 seconds to wait before updating configuration and state files for printers,
1109 classes, subscriptions, and jobs. The default is
30 seconds.
</P>
1112 <H2 CLASS=
"title"><A NAME=
"DocumentRoot">DocumentRoot
</A></H2>
1116 <PRE CLASS=
"command">
1117 DocumentRoot /usr/share/doc/cups
1118 DocumentRoot /foo/bar/doc/cups
1121 <H3>Description
</H3>
1123 <P>The
<CODE>DocumentRoot
</CODE> directive specifies the location
1124 of web content for the HTTP server in CUPS. If an absolute path
1125 is not specified then it is assumed to be relative to the
<A
1126 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1127 default directory is
<VAR>@CUPS_DOCROOT@
</VAR>.
</P>
1129 <P>Documents are first looked up in a sub-directory for the
1130 primary language requested by the client (e.g.
1131 <VAR>@CUPS_DOCROOT@/fr/...
</VAR>) and then directly under
1132 the
<CODE>DocumentRoot
</CODE> directory (e.g.
1133 <VAR>@CUPS_DOCROOT@/...
</VAR>), so it is possible to
1134 localize the web content by providing subdirectories for each
1135 language needed.
</P>
1138 <H2 CLASS=
"title"><A NAME=
"Encryption">Encryption
</A></H2>
1142 <PRE CLASS=
"command">
1143 <Location /path
>
1146 Encryption IfRequested
1151 <H3>Description
</H3>
1153 <P>The
<CODE>Encryption
</CODE> directive must appear instead a
<A
1154 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
1155 HREF=
"#Limit"><CODE>Limit
</CODE></A> section and specifies the
1156 encryption settings for that location. The default setting is
1157 <CODE>IfRequested
</CODE> for all locations.
</P>
1160 <H2 CLASS=
"title"><A NAME=
"ErrorLog">ErrorLog
</A></H2>
1164 <PRE CLASS=
"command">
1165 ErrorLog /var/log/cups/error_log
1166 ErrorLog /var/log/cups/error_log-%s
1170 <H3>Description
</H3>
1172 <P>The
<CODE>ErrorLog
</CODE> directive sets the name of the error
1173 log file. If the filename is not absolute then it is assumed to
1174 be relative to the
<A
1175 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1176 default error log file is
<VAR>@CUPS_LOGDIR@/error_log
</VAR>.
</P>
1178 <P>The server name can be included in the filename by using
1179 <CODE>%s
</CODE> in the name.
</P>
1181 <P>The special name
"syslog" can be used to send the error
1182 information to the system log instead of a plain file.
</P>
1185 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.3</SPAN><A NAME=
"ErrorPolicy">ErrorPolicy
</A></H2>
1189 <PRE CLASS=
"command">
1190 ErrorPolicy abort-job
1191 ErrorPolicy retry-job
1192 ErrorPolicy stop-printer
1195 <H3>Description
</H3>
1197 <P>The
<CODE>ErrorPolicy
</CODE> directive defines the default policy that
1198 is used when a backend is unable to send a print job to the
1201 <P>The following values are supported:
</P>
1205 <LI><CODE>abort-job
</CODE> - Abort the job and proceed
1206 with the next job in the queue
</LI>
1208 <LI><CODE>retry-job
</CODE> - Retry the job after waiting
1209 for N seconds; the
<VAR>cupsd.conf
</VAR> <A
1210 HREF=
"#JobRetryInterval"><CODE>JobRetryInterval
</CODE></A>
1211 directive controls the value of N
</LI>
1213 <LI><CODE>retry-this-job
</CODE> - Retry the current job immediately
1214 and indefinitely.
</LI>
1216 <LI><CODE>stop-printer
</CODE> - Stop the printer and keep
1217 the job for future printing; this is the default
1224 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"FatalErrors">FatalErrors
</A></H2>
1228 <PRE CLASS=
"command">
1235 FatalErrors permissions
1236 FatalErrors all -permissions
1237 FatalErrors config permissions log
1240 <H3>Description
</H3>
1242 <P>The
<CODE>FatalErrors
</CODE> directive determines whether certain kinds of
1243 errors are fatal. The following kinds of errors are currently recognized:
</P>
1247 <LI><CODE>none
</CODE> - No errors are fatal
</LI>
1249 <LI><CODE>all
</CODE> - All of the errors below are fatal
</LI>
1251 <LI><CODE>browse
</CODE> - Browsing initialization errors are fatal,
1252 for example failed binding to the CUPS browse port or failed connections
1253 to LDAP servers
</LI>
1255 <LI><CODE>config
</CODE> - Configuration file syntax errors are
1258 <LI><CODE>listen
</CODE> - Listen or Port errors are fatal, except for
1259 IPv6 failures on the loopback or
"any" addresses
</LI>
1261 <LI><CODE>log
</CODE> - Log file creation or write errors are fatal
</LI>
1263 <LI><CODE>permissions
</CODE> - Bad startup file permissions are
1264 fatal, for example shared SSL certificate and key files with world-
1265 read permissions
</LI>
1269 <P>Multiple errors can be listed, and the form
"-kind" can be used with
1270 <CODE>all
</CODE> to remove specific kinds of errors. The default setting is
1271 <CODE>@CUPS_FATAL_ERRORS@
</CODE>.
</P>
1274 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.18</SPAN><A NAME=
"FileDevice">FileDevice
</A></H2>
1278 <PRE CLASS=
"command">
1283 <H3>Description
</H3>
1285 <P>The
<CODE>FileDevice
</CODE> directive determines whether the
1286 scheduler allows new printers to be added using device URIs of
1287 the form
<CODE>file:/filename
</CODE>. File devices are most often
1288 used to test new printer drivers and do not support raw file
1291 <P>The default setting is
<CODE>No
</CODE>.
</P>
1293 <BLOCKQUOTE><B>Note:
</B>
1295 <P>File devices are managed by the scheduler. Since the
1296 scheduler normally runs as the root user, file devices
1297 can be used to overwrite system files and potentially
1298 gain unauthorized access to the system. If you must
1299 create printers using file devices, we recommend that
1300 you set the
<CODE>FileDevice
</CODE> directive to
1301 <CODE>Yes
</CODE> for only as long as you need to add the
1302 printers to the system, and then reset the directive to
1303 <CODE>No
</CODE>.
</P>
1308 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.3</SPAN><A NAME=
"FilterLimit">FilterLimit
</A></H2>
1312 <PRE CLASS=
"command">
1318 <H3>Description
</H3>
1320 <P>The
<CODE>FilterLimit
</CODE> directive sets the maximum cost
1321 of all running job filters. It can be used to limit the number of
1322 filter programs that are run on a server to minimize disk,
1323 memory, and CPU resource problems. A limit of
0 disables filter
1326 <P>An average print to a non-PostScript printer needs a filter
1327 limit of about
200. A PostScript printer needs about half that
1328 (
100). Setting the limit below these thresholds will effectively
1329 limit the scheduler to printing a single job at any time.
</P>
1331 <P>The default limit is
0.
</P>
1334 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.16</SPAN><A NAME=
"FilterNice">FilterNice
</A></H2>
1338 <PRE CLASS=
"command">
1344 <H3>Description
</H3>
1346 <P>The
<CODE>FilterNice
</CODE> directive sets the
<B>nice(
1)
</B>
1347 value to assign to filter processes. The nice value ranges from
1348 0, the highest priority, to
19, the lowest priority. The default
1352 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.3</SPAN><A NAME=
"FontPath">FontPath
</A></H2>
1356 <PRE CLASS=
"command">
1357 FontPath /foo/bar/fonts
1358 FontPath /usr/share/cups/fonts:/foo/bar/fonts
1361 <H3>Description
</H3>
1363 <P>The
<CODE>FontPath
</CODE> directive specifies the font path to
1364 use when searching for fonts. The default font path is
1365 <CODE>/usr/share/cups/fonts
</CODE>.
</P>
1368 <H2 CLASS=
"title"><A NAME=
"Group">Group
</A></H2>
1372 <PRE CLASS=
"command">
1377 <H3>Description
</H3>
1379 <P>The
<CODE>Group
</CODE> directive specifies the UNIX group that
1380 filter and CGI programs run as. The default group is
1381 system-specific but is usually
<CODE>lp
</CODE> or
1382 <CODE>nobody
</CODE>.
</P>
1385 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"HideImplicitMembers">HideImplicitMembers
</A></H2>
1389 <PRE CLASS=
"command">
1390 HideImplicitMembers Yes
1391 HideImplicitMembers No
1394 <H3>Description
</H3>
1396 <P>The
<CODE>HideImplicitMembers
</CODE> directive controls
1397 whether the individual printers in an implicit class are hidden
1398 from the user. The default is
<CODE>Yes
</CODE>.
</P>
1400 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1401 must be enabled for this directive to have any effect.
</P>
1404 <H2 CLASS=
"title"><A NAME=
"HostNameLookups">HostNameLookups
</A></H2>
1408 <PRE CLASS=
"command">
1411 HostNameLookups Double
1414 <H3>Description
</H3>
1416 <P>The
<CODE>HostNameLookups
</CODE> directive controls whether or
1417 not CUPS looks up the hostname for connecting clients. The
1418 <CODE>Double
</CODE> setting causes CUPS to verify that the
1419 hostname resolved from the address matches one of the addresses
1420 returned for that hostname.
<CODE>Double
</CODE> lookups also
1421 prevent clients with unregistered addresses from connecting to
1424 <P>The default is
<CODE>Off
</CODE> to avoid the potential server
1425 performance problems with hostname lookups. Set this option to
1426 <CODE>On
</CODE> or
<CODE>Double
</CODE> only if absolutely
1430 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.10</SPAN><A NAME=
"ImplicitAnyClasses">ImplicitAnyClasses
</A></H2>
1434 <PRE CLASS=
"command">
1435 ImplicitAnyClasses On
1436 ImplicitAnyClasses Off
1439 <H3>Description
</H3>
1441 <P>The
<CODE>ImplicitAnyClasses
</CODE> directive controls
1442 whether implicit classes for local and remote printers are
1443 created with the name
<CODE>AnyPrinter
</CODE>. The default
1444 setting is
<CODE>Off
</CODE>.
</P>
1446 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1447 must be enabled for this directive to have any effect.
</P>
1450 <H2 CLASS=
"title"><A NAME=
"ImplicitClasses">ImplicitClasses
</A></H2>
1454 <PRE CLASS=
"command">
1459 <H3>Description
</H3>
1461 <P>The
<CODE>ImplicitClasses
</CODE> directive controls whether
1462 implicit classes are created based upon the available network
1463 printers and classes. The default setting is
1464 <CODE>@CUPS_IMPLICIT_CLASSES@
</CODE> but is automatically turned
1465 <CODE>Off
</CODE> if
<A HREF=
"#Browsing"><CODE>Browsing
</CODE></A> is turned
1466 <CODE>Off
</CODE>.
</P>
1469 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.9</SPAN><A NAME=
"Include">Include
</A></H2>
1473 <PRE CLASS=
"command">
1475 Include /foo/bar/filename
1478 <H3>Description
</H3>
1480 <P>The
<CODE>Include
</CODE> directive includes the named file in
1481 the
<CODE>cupsd.conf
</CODE> file. If no leading path is provided,
1482 the file is assumed to be relative to the
<A
1483 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory.
</P>
1486 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"JobRetryInterval">JobRetryInterval
</A></H2>
1490 <PRE CLASS=
"command">
1492 JobRetryInterval
120
1495 <H3>Description
</H3>
1497 <P>The
<CODE>JobRetryInterval
</CODE> directive specifies the
1498 number of seconds to wait before retrying a job. This is
1499 typically used for fax queues but can also be used with normal
1500 print queues whose error policy is
<CODE>retry-job
</CODE>. The
1501 default is
30 seconds.
</P>
1504 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"JobKillDelay">JobKillDelay
</A></H2>
1508 <PRE CLASS=
"command">
1513 <H3>Description
</H3>
1515 <P>The
<CODE>JobKillDelay
</CODE> directive specifies the number of seconds to
1516 wait before killing the filters and backend associated with a canceled or held
1517 job. The default is
30 seconds.
</P>
1520 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"JobRetryLimit">JobRetryLimit
</A></H2>
1524 <PRE CLASS=
"command">
1529 <H3>Description
</H3>
1531 <P>The
<CODE>JobRetryLimit
</CODE> directive specifies the maximum
1532 number of times the scheduler will try to print a job. This is
1533 typically used for fax queues but can also be used with normal
1534 print queues whose error policy is
<CODE>retry-job
</CODE>. The
1535 default is
5 times.
</P>
1538 <H2 CLASS=
"title"><A NAME=
"KeepAlive">KeepAlive
</A></H2>
1542 <PRE CLASS=
"command">
1547 <H3>Description
</H3>
1549 <P>The
<CODE>KeepAlive
</CODE> directive controls whether or not
1550 to support persistent HTTP connections. The default is
1551 <CODE>On
</CODE>.
</P>
1553 <P>HTTP/
1.1 clients automatically support persistent connections,
1554 while HTTP/
1.0 clients must specifically request them using the
1555 <CODE>Keep-Alive
</CODE> attribute in the
<CODE>Connection:
</CODE>
1556 field of each request.
</P>
1559 <H2 CLASS=
"title"><A NAME=
"KeepAliveTimeout">KeepAliveTimeout
</A></H2>
1563 <PRE CLASS=
"command">
1568 <H3>Description
</H3>
1570 <P>The
<CODE>KeepAliveTimeout
</CODE> directive controls how long
1571 a persistent HTTP connection will remain open after the last
1572 request. The default is
30 seconds.
</P>
1575 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Limit">Limit (Location)
</A></H2>
1579 <PRE CLASS=
"command">
1580 <Location /path
>
1581 <Limit GET POST
>
1591 <H3>Description
</H3>
1593 <P>The
<CODE>Limit
</CODE> directive groups access control
1594 directives for specific types of HTTP requests and must appear
1595 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1596 Access can be limited for individual request types
1597 (
<CODE>DELETE
</CODE>,
<CODE>GET
</CODE>,
<CODE>HEAD
</CODE>,
1598 <CODE>OPTIONS
</CODE>,
<CODE>POST
</CODE>,
<CODE>PUT
</CODE>, and
1599 <CODE>TRACE
</CODE>) or for all request types (
<CODE>ALL
</CODE>).
1600 The request type names are case-sensitive for compatibility with
1604 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"LimitIPP">Limit (Policy)
</A></H2>
1608 <PRE CLASS=
"command">
1610 <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer
>
1620 <H3>Description
</H3>
1622 <P>When included in
<A HREF=
"#Policy"><CODE>Policy
</CODE></A>
1623 sections, the
<CODE>Limit
</CODE> directive groups access control
1624 directives for specific IPP operations. Multiple operations can
1625 be listed, separated by spaces. Table
2 lists the supported
1628 <DIV CLASS=
"table"><TABLE SUMMARY=
"Supported IPP Operations">
1629 <CAPTION>Table
2:
<A NAME=
"TABLE2">Supported IPP Operations
</A></CAPTION>
1632 <TH>Operation Name
</TH>
1633 <TH>Description
</TH>
1639 <TD>All operations - used as the default limit for
1640 operations that are not listed
</TD>
1644 <TD>Cancel a job
</TD>
1647 <TD>Cancel-Subscription
</TD>
1648 <TD>Cancel a subscription
</TD>
1652 <TD>Create a new, empty job
</TD>
1655 <TD>Create-Job-Subscription
</TD>
1656 <TD>Creates a notification subscription on a job
</TD>
1659 <TD>Create-Printer-Subscription
</TD>
1660 <TD>Creates a notification subscription on a printer
</TD>
1663 <TD>CUPS-Accept-Jobs
</TD>
1664 <TD>Sets the printer-is-accepting-jobs value for a printer to true
</TD>
1667 <TD>CUPS-Add-Modify-Class
</TD>
1668 <TD>Adds or modifies a class
</TD>
1671 <TD>CUPS-Add-Modify-Printer
</TD>
1672 <TD>Adds or modifies a printer
</TD>
1675 <TD>CUPS-Authenticate-Job
</TD>
1676 <TD>Authenticates a job for printing
</TD>
1679 <TD>CUPS-Delete-Class
</TD>
1680 <TD>Deletes a class
</TD>
1683 <TD>CUPS-Delete-Printer
</TD>
1684 <TD>Deletes a printer
</TD>
1687 <TD>CUPS-Get-Classes
</TD>
1688 <TD>Gets a list of classes
</TD>
1691 <TD>CUPS-Get-Default
</TD>
1692 <TD>Gets the (network/server) default printer or class
</TD>
1695 <TD>CUPS-Get-Devices
</TD>
1696 <TD>Gets a list of available devices
</TD>
1699 <TD>CUPS-Get-PPDs
</TD>
1700 <TD>Gets a list of available manufacturers or drivers
</TD>
1703 <TD>CUPS-Get-Printers
</TD>
1704 <TD>Gets a list of printers and/or classes
</TD>
1707 <TD>CUPS-Move-Job
</TD>
1708 <TD>Moves a job to a new destination
</TD>
1711 <TD>CUPS-Reject-Jobs
</TD>
1712 <TD>Sets the printer-is-accepting-jobs value for a printer to false
</TD>
1715 <TD>CUPS-Set-Default
</TD>
1716 <TD>Sets the network/server default printer or class
</TD>
1719 <TD>Disable-Printer
</TD>
1720 <TD>Sets the printer-state value for a printer to stopped
</TD>
1723 <TD>Enable-Printer
</TD>
1724 <TD>Sets the printer-state value for a printer to idle/processing
</TD>
1727 <TD>Get-Job-Attributes
</TD>
1728 <TD>Gets information about a job
</TD>
1732 <TD>Gets a list of jobs
</TD>
1735 <TD>Get-Notifications
</TD>
1736 <TD>Gets a list of events
</TD>
1739 <TD>Get-Printer-Attributes
</TD>
1740 <TD>Gets informaion about a printer or class
</TD>
1743 <TD>Get-Subscription-Attributes
</TD>
1744 <TD>Gets informaion about a notification subscription
</TD>
1747 <TD>Get-Subscriptions
</TD>
1748 <TD>Gets a list of notification subscriptions
</TD>
1752 <TD>Holds a job for printing
</TD>
1755 <TD>Pause-Printer
</TD>
1756 <TD>Sets the printer-state value for a printer to stopped
</TD>
1760 <TD>Creates a job with a single file for printing
</TD>
1764 <TD>Removes all jobs from a printer
</TD>
1767 <TD>Release-Job
</TD>
1768 <TD>Releases a previously held job for printing
</TD>
1771 <TD>Renew-Subscription
</TD>
1772 <TD>Renews a notification subscription
</TD>
1775 <TD>Restart-Job
</TD>
1776 <TD>Reprints a job
</TD>
1779 <TD>Resume-Printer
</TD>
1780 <TD>Sets the printer-stae value for a printer to idle/processing
</TD>
1783 <TD>Send-Document
</TD>
1784 <TD>Adds a file to an job created with Create-Job
</TD>
1787 <TD>Set-Job-Attributes
</TD>
1788 <TD>Changes job options
</TD>
1791 <TD>Validate-Job
</TD>
1792 <TD>Validates job options prior to printing
</TD>
1798 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"LimitExcept">LimitExcept
</A></H2>
1802 <PRE CLASS=
"command">
1803 <Location /path
>
1804 <LimitExcept GET POST
>
1806 </LimitExcept
>
1810 <H3>Description
</H3>
1812 <P>The
<CODE>LimitExcept
</CODE> directive groups access control
1813 directives for specific types of HTTP requests and must appear
1814 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1815 Unlike the
<A HREF=
"#Limit"><CODE>Limit
</CODE></A> directive,
1816 <CODE>LimitExcept
</CODE> restricts access for all requests
1817 <I>except
</I> those listed on the
<CODE>LimitExcept
</CODE>
1821 <H2 CLASS=
"title"><A NAME=
"LimitRequestBody">LimitRequestBody
</A></H2>
1825 <PRE CLASS=
"command">
1826 LimitRequestBody
10485760
1827 LimitRequestBody
10m
1831 <H3>Description
</H3>
1833 <P>The
<CODE>LimitRequestBody
</CODE> directive controls the
1834 maximum size of print files, IPP requests, and HTML form data in
1835 HTTP POST requests. The default limit is
0 which disables the
1839 <H2 CLASS=
"title"><A NAME=
"Listen">Listen
</A></H2>
1843 <PRE CLASS=
"command">
1844 Listen
127.0.0.1:
631
1845 Listen
192.0.2.1:
631
1850 <H3>Description
</H3>
1852 <P>The
<CODE>Listen
</CODE> directive specifies a network address
1853 and port to listen for connections. Multiple
<CODE>Listen
</CODE>
1854 directives can be provided to listen on multiple addresses.
</P>
1856 <P>The
<CODE>Listen
</CODE> directive is similar to the
<A
1857 HREF=
"#Port"><CODE>Port
</CODE></A> directive but allows you to
1858 restrict access to specific interfaces or networks.
</P>
1861 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"ListenBackLog">ListenBackLog
</A></H2>
1865 <PRE CLASS=
"command">
1870 <H3>Description
</H3>
1872 <P>The
<CODE>ListenBackLog
</CODE> directive sets the maximum
1873 number of pending connections the scheduler will allow. This
1874 normally only affects very busy servers that have reached the
<A
1875 HREF=
"#MaxClients"><CODE>MaxClients
</CODE></A> limit, but can
1876 also be triggered by large numbers of simultaneous connections.
1877 When the limit is reached, the operating system will refuse
1878 additional connections until the scheduler can accept the pending
1879 ones. The default is the OS-defined default limit, typically
1880 either
5 for older operating systems or
128 for newer operating
1884 <H2 CLASS=
"title"><A NAME=
"Location">Location
</A></H2>
1888 <PRE CLASS=
"command">
1893 <Location /admin
>
1897 <Location /admin/conf
>
1901 <Location /admin/log
>
1905 <Location /classes
>
1909 <Location /classes/name
>
1913 <Location /jobs
>
1917 <Location /printers
>
1921 <Location /printers/name
>
1927 <H3>Description
</H3>
1929 <P>The
<CODE>Location
</CODE> directive specifies access control
1930 and authentication options for the specified HTTP resource or
1931 path. The
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>,
<A
1932 HREF=
"#AuthType"><CODE>AuthType
</CODE></A>,
<A
1933 HREF=
"#Deny"><CODE>Deny
</CODE></A>,
<A
1934 HREF=
"#Encryption"><CODE>Encryption
</CODE></A>,
<A
1935 HREF=
"#Limit"><CODE>Limit
</CODE></A>,
<A
1936 HREF=
"#LimitExcept"><CODE>LimitExcept
</CODE></A>,
<A
1937 HREF=
"#Order"><CODE>Order
</CODE></A>,
<A
1938 HREF=
"#Require"><CODE>Require
</CODE></A>, and
<A
1939 HREF=
"#Satisfy"><CODE>Satisfy
</CODE></A> directives may all
1940 appear inside a location.
</P>
1942 <P>Note that more specific resources override the less specific
1943 ones. So the directives inside the
<CODE>/printers/name
</CODE>
1944 location will override ones from
<CODE>/printers
</CODE>.
1945 Directives inside
<CODE>/printers
</CODE> will override ones from
1946 <CODE>/
</CODE>. None of the directives are inherited.
</P>
1948 <DIV CLASS=
"table"><TABLE SUMMARY=
"Common Locations on the Server">
1949 <CAPTION>Table
3:
<A NAME=
"TABLE3">Common Locations on the Server
</A></CAPTION>
1951 <TR><TH>Location
</TH><TH>Description
</TH></TR>
1954 <TR><TD><CODE>/
</CODE></TD><TD>The path for all get operations (get-printers, get-jobs, etc.)
</TD></TR>
1955 <TR><TD><CODE>/admin
</CODE></TD><TD>The path for all administration operations (add-printer, delete-printer, start-printer, etc.)
</TD></TR>
1956 <TR><TD><CODE>/admin/conf
</CODE></TD><TD>The path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
</TD></TR>
1957 <TR><TD><CODE>/admin/log
</CODE></TD><TD>The path for access to the CUPS log files (access_log, error_log, page_log)
</TD></TR>
1958 <TR><TD><CODE>/classes
</CODE></TD><TD>The path for all classes
</TD></TR>
1959 <TR><TD><CODE>/classes/name
</CODE></TD><TD>The resource for class
<CODE>name
</CODE></TD></TR>
1960 <TR><TD><CODE>/jobs
</CODE></TD><TD>The path for all jobs (hold-job, release-job, etc.)
</TD></TR>
1961 <TR><TD><CODE>/jobs/id
</CODE></TD><TD>The resource for job
<CODE>id
</CODE></TD></TR>
1962 <TR><TD><CODE>/printers
</CODE></TD><TD>The path for all printers
</TD></TR>
1963 <TR><TD><CODE>/printers/name
</CODE></TD><TD>The path for printer
<CODE>name
</CODE></TD></TR>
1964 <TR><TD><CODE>/printers/name.ppd
</CODE></TD><TD>The PPD file path for printer
<CODE>name
</CODE></TD></TR>
1969 <H2 CLASS=
"title"><A NAME=
"LogDebugHistory">LogDebugHistory
</A></H2>
1973 <PRE CLASS=
"command">
1978 <H3>Description
</H3>
1980 <P>When
<A HREF=
"#LogLevel"><CODE>LogLevel
</CODE></A> is not set to
1981 <CODE>debug
</CODE> or
<CODE>debug2
</CODE>, the
<CODE>LogDebugHistory
</CODE>
1982 directive specifies the number of debugging messages that are logged when an
1983 error occurs during printing. The default is
200 messages. A value of
0
1984 disables debugging history entirely and is not recommended.
</P>
1987 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.15</SPAN><A NAME=
"LogFilePerm">LogFilePerm
</A></H2>
1991 <PRE CLASS=
"command">
1996 <H3>Description
</H3>
1998 <P>The
<CODE>LogFilePerm
</CODE> directive specifies the
1999 permissions to use when writing configuration files. The default
2000 is @CUPS_LOG_FILE_PERM@.
</P>
2003 <H2 CLASS=
"title"><A NAME=
"LogLevel">LogLevel
</A></H2>
2007 <PRE CLASS=
"command">
2020 <H3>Description
</H3>
2022 <P>The
<CODE>LogLevel
</CODE> directive specifies the level of
2023 logging for the
<A HREF=
"#ErrorLog"><CODE>ErrorLog
</CODE></A>
2024 file. The following values are recognized (each level logs
2025 everything under the preceding levels):
</P>
2029 <LI><CODE>none
</CODE> - Log nothing
</LI>
2031 <LI><CODE>emerg
</CODE> - Log emergency conditions that
2032 prevent the server from running
</LI>
2034 <LI><CODE>alert
</CODE> - Log alerts that must be handled
2037 <LI><CODE>crit
</CODE> - Log critical errors that don't
2038 prevent the server from running
</LI>
2040 <LI><CODE>error
</CODE> - Log general errors
</LI>
2042 <LI><CODE>warn
</CODE> - Log errors and warnings
</LI>
2044 <LI><CODE>notice
</CODE> - Log temporary error conditions
</LI>
2046 <LI><CODE>info
</CODE> - Log all requests and state
2049 <LI><CODE>debug
</CODE> - Log basic debugging
2052 <LI><CODE>debug2
</CODE> - Log all debugging
2057 <p>The default
<code>LogLevel
</code> is
<code>@CUPS_LOG_LEVEL@
</code>.
</p>
2060 <H2 CLASS=
"title"><A NAME=
"LogTimeFormat">LogTimeFormat
</A></H2>
2064 <PRE CLASS=
"command">
2065 LogTimeFormat standard
2069 <H3>Description
</H3>
2071 <P>The
<CODE>LogTimeFormat
</CODE> directive specifies the format used for the
2072 date and time in the log files.
<CODE>Standard
</CODE> uses the standard Apache
2073 Common Log Format date and time while
<CODE>usecs
</CODE> adds microseconds.
2074 The default is
<CODE>standard
</CODE>.
</P>
2077 <H2 CLASS=
"title"><A NAME=
"MaxClients">MaxClients
</A></H2>
2081 <PRE CLASS=
"command">
2086 <H3>Description
</H3>
2088 <P>The
<CODE>MaxClients
</CODE> directive controls the maximum
2089 number of simultaneous clients that will be allowed by the
2090 server. The default is
100 clients.
</P>
2092 <BLOCKQUOTE><B>Note:
</B>
2094 <P>Since each print job requires a file descriptor for the status
2095 pipe, the scheduler internally limits the
<CODE>MaxClients
</CODE>
2096 value to
1/
3 of the available file descriptors to avoid possible
2097 problems when printing large numbers of jobs.
</P>
2102 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.18</SPAN><A NAME=
"MaxClientsPerHost">MaxClientsPerHost
</A></H2>
2106 <PRE CLASS=
"command">
2107 MaxClientsPerHost
10
2110 <H3>Description
</H3>
2112 <P>The
<CODE>MaxClientsPerHost
</CODE> directive controls the
2113 maximum number of simultaneous clients that will be allowed from
2114 a single host by the server. The default is the
2115 <CODE>MaxClients
</CODE> value.
</P>
2117 <P>This directive provides a small measure of protection against
2118 Denial of Service attacks from a single host.
</P>
2121 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.16</SPAN><A NAME=
"MaxCopies">MaxCopies
</A></H2>
2125 <PRE CLASS=
"command">
2130 <H3>Description
</H3>
2132 <P>The
<CODE>MaxCopies
</CODE> directive controls the maximum
2133 number of copies that a user can print of a job. The default is
2134 @CUPS_MAX_COPIES@ copies.
</P>
2136 <BLOCKQUOTE><B>Note:
</B>
2138 <P>Most HP PCL laser printers internally limit the number of
2145 <H2 CLASS=
"title"><A NAME=
"MaxJobs">MaxJobs
</A></H2>
2149 <PRE CLASS=
"command">
2155 <H3>Description
</H3>
2157 <P>The
<CODE>MaxJobs
</CODE> directive controls the maximum number
2158 of jobs that are kept in memory. Once the number of jobs reaches
2159 the limit, the oldest completed job is automatically purged from
2160 the system to make room for the new one. If all of the known jobs
2161 are still pending or active then the new job will be
2164 <P>Setting the maximum size to
0 disables this functionality. The
2165 default setting is
500.
</P>
2168 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"MaxJobsPerPrinter">MaxJobsPerPrinter
</A></H2>
2172 <PRE CLASS=
"command">
2173 MaxJobsPerPrinter
100
2174 MaxJobsPerPrinter
9999
2178 <H3>Description
</H3>
2180 <P>The
<CODE>MaxJobsPerPrinter
</CODE> directive controls the
2181 maximum number of active jobs that are allowed for each printer
2182 or class. Once a printer or class reaches the limit, new jobs
2183 will be rejected until one of the active jobs is completed,
2184 stopped, aborted, or canceled.
</P>
2186 <P>Setting the maximum to
0 disables this functionality. The
2187 default setting is
0.
</P>
2190 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"MaxJobsPerUser">MaxJobsPerUser
</A></H2>
2194 <PRE CLASS=
"command">
2200 <H3>Description
</H3>
2202 <P>The
<CODE>MaxJobsPerUser
</CODE> directive controls the maximum
2203 number of active jobs that are allowed for each user. Once a user
2204 reaches the limit, new jobs will be rejected until one of the
2205 active jobs is completed, stopped, aborted, or canceled.
</P>
2207 <P>Setting the maximum to
0 disables this functionality. The
2208 default setting is
0.
</P>
2211 <H2 CLASS=
"title"><A NAME=
"MaxLogSize">MaxLogSize
</A></H2>
2215 <PRE CLASS=
"command">
2221 <H3>Description
</H3>
2223 <P>The
<CODE>MaxLogSize
</CODE> directive controls the maximum
2224 size of each log file. Once a log file reaches or exceeds the
2225 maximum size it is closed and renamed to
<VAR>filename.O
</VAR>.
2226 This allows you to rotate the logs automatically. The default
2227 size is
1048576 bytes (
1MB).
</P>
2229 <P>Setting the maximum size to
0 disables log rotation.
</P>
2232 <H2 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"MaxRequestSize">MaxRequestSize
</A></H2>
2236 <PRE CLASS=
"command">
2237 MaxRequestSize
10485760
2242 <H3>Description
</H3>
2244 <P>The
<CODE>MaxRequestSize
</CODE> directive controls the maximum
2245 size of print files, IPP requests, and HTML form data in HTTP
2246 POST requests. The default limit is
0 which disables the limit
2249 <P><B>This directive is deprecated and will be removed in a
2250 future CUPS release.
</B> Use the
<A
2251 HREF=
"#LimitRequestBody"><CODE>LimitRequestBody
</CODE></A>
2252 directive instead.
</P>
2255 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.4</SPAN><A NAME=
"MultipleOperationTimeout">MultipleOperationTimeout
</A></H2>
2259 <PRE CLASS=
"command">
2260 MultipleOperationTimeout
60
2261 MultipleOperationTimeout
300
2262 MultipleOperationTimeout
86400
2265 <H3>Description
</H3>
2267 <P>The
<CODE>MultipleOperationTimeout
</CODE> directive sets the maximum amount
2268 of time between files in a multi-file print job. The default is
300 seconds.
</P>
2271 <H2 CLASS=
"title"><A NAME=
"Order">Order
</A></H2>
2275 <PRE CLASS=
"command">
2276 <Location /path
>
2283 <H3>Description
</H3>
2285 <P>The
<CODE>Order
</CODE> directive defines the default access
2286 control. The following values are supported:
</P>
2290 <LI><CODE>allow,deny
</CODE> - Deny requests by default,
2291 then check the
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>
2292 lines followed by the
<A
2293 HREF=
"#Deny"><CODE>Deny
</CODE></A> lines
</LI>
2295 <LI><CODE>deny,allow
</CODE> - Allow requests by default,
2296 then check the
<A HREF=
"#Deny"><CODE>Deny
</CODE></A>
2297 lines followed by the
<A
2298 HREF=
"#Allow"><CODE>Allow
</CODE></A> lines
</LI>
2302 <P>The
<CODE>Order
</CODE> directive must appear inside a
<A
2303 HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
2304 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
2307 <H2 CLASS=
"title"><A NAME=
"PageLog">PageLog
</A></H2>
2311 <PRE CLASS=
"command">
2312 PageLog /var/log/cups/page_log
2313 PageLog /var/log/cups/page_log-%s
2317 <H3>Description
</H3>
2319 <P>The
<CODE>PageLog
</CODE> directive sets the name of the page
2320 log file. If the filename is not absolute then it is assumed to
2321 be relative to the
<A
2322 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
2323 default page log file is
<VAR>@CUPS_LOGDIR@/page_log
</VAR>.
</P>
2325 <P>The server name can be included in the filename by using
2326 <CODE>%s
</CODE> in the name.
</P>
2328 <P>The special name
"syslog" can be used to send the page
2329 information to the system log instead of a plain file.
</P>
2332 <H2 CLASS=
"title"><A NAME=
"PageLogFormat">PageLogFormat
</A></H2>
2336 <PRE CLASS=
"command">
2337 PageLogFormat %p %j %u %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}
2338 PageLogFormat PAGE %p %j %u %P %C %{job-billing} %{job-originating-host-name}
2341 <H3>Description
</H3>
2343 <P>The
<CODE>PageLogFormat
</CODE> directive sets the format of lines
2344 that are logged to the page log file. Sequences beginning with percent (%)
2345 characters are replaced with the corresponding information, while all other
2346 characters are copied literally. The following percent sequences are
2351 <LI><CODE>%%
</CODE>: Inserts a single percent character.
</LI>
2353 <LI><CODE>%{name}
</CODE>: Inserts the value of the specified IPP
2356 <LI><CODE>%C
</CODE>: Inserts the number of copies for the current page.
</LI>
2358 <LI><CODE>%P
</CODE>: Inserts the current page number.
</LI>
2360 <LI><CODE>%T
</CODE>: Inserts the current date and time in common log
2363 <LI><CODE>%j
</CODE>: Inserts the job ID.
</LI>
2365 <LI><CODE>%p
</CODE>: Inserts the printer name.
</LI>
2367 <LI><CODE>%u
</CODE>: Inserts the username.
</LI>
2371 <P>The default is
"%p %j %u %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}".
</P>
2374 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"PassEnv">PassEnv
</A></H2>
2378 <PRE CLASS=
"command">
2379 PassEnv MY_ENV_VARIABLE
2382 <H3>Description
</H3>
2384 <P>The
<CODE>PassEnv
</CODE> directive specifies an environment
2385 variable that should be passed to child processes. Normally, the
2386 scheduler only passes the
<CODE>DYLD_LIBRARY_PATH
</CODE>,
2387 <CODE>LD_ASSUME_KERNEL
</CODE>,
<CODE>LD_LIBRARY_PATH
</CODE>,
2388 <CODE>LD_PRELOAD
</CODE>,
<CODE>NLSPATH
</CODE>,
2389 <CODE>SHLIB_PATH
</CODE>,
<CODE>TZ
</CODE>, and
<CODE>VGARGS
</CODE>
2390 environment variables to child processes.
</P>
2393 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"Policy">Policy
</A></H2>
2397 <PRE CLASS=
"command">
2399 <Limit operation ... operation
>
2402 <Limit operation ... operation
>
2411 <H3>Description
</H3>
2413 <P>The
<CODE>Policy
</CODE> directive specifies IPP operation
2414 access control limits. Each policy contains
1 or more
<A
2415 HREF=
"#LimitIPP"><CODE>Limit
</CODE></A> sections to set the
2416 access control limits for specific operations - user limits,
2417 authentication, encryption, and allowed/denied addresses,
2418 domains, or hosts. The
<CODE><Limit All
></CODE> section
2419 specifies the default access control limits for operations that
2422 <P>Policies are named and associated with printers via the
2423 printer's operation policy setting
2424 (
<CODE>printer-op-policy
</CODE>). The default policy for the
2425 scheduler is specified using the
<A
2426 HREF=
"#DefaultPolicy"><CODE>DefaultPolicy
</CODE></A>
2430 <H2 CLASS=
"title"><A NAME=
"Port">Port
</A></H2>
2434 <PRE CLASS=
"command">
2439 <H3>Description
</H3>
2441 <P>The
<CODE>Port
</CODE> directive specifies a port to listen on.
2442 Multiple
<CODE>Port
</CODE> lines can be specified to listen on
2443 multiple ports. The
<CODE>Port
</CODE> directive is equivalent to
2444 "<CODE>Listen *:nnn</CODE>". The default port is
631.
</P>
2446 <BLOCKQUOTE><B>Note:
</B>
2448 <P>On systems that support IPv6, this directive will bind to both
2449 the IPv4 and IPv6 wildcard address.
</P>
2454 <H2 CLASS=
"title"><A NAME=
"PreserveJobHistory">PreserveJobHistory
</A></H2>
2458 <PRE CLASS=
"command">
2459 PreserveJobHistory On
2460 PreserveJobHistory Off
2463 <H3>Description
</H3>
2465 <P>The
<CODE>PreserveJobHistory
</CODE> directive controls whether
2466 the history of completed, canceled, or aborted print jobs is
2469 <P>A value of
<CODE>On
</CODE> (the default) preserves job
2470 information until the administrator purges it with the
2471 <CODE>cancel
</CODE> command.
</P>
2473 <P>A value of
<CODE>Off
</CODE> removes the job information as
2474 soon as each job is completed, canceled, or aborted.
</P>
2477 <H2 CLASS=
"title"><A NAME=
"PreserveJobFiles">PreserveJobFiles
</A></H2>
2481 <PRE CLASS=
"command">
2483 PreserveJobFiles Off
2486 <H3>Description
</H3>
2488 <P>The
<CODE>PreserveJobFiles
</CODE> directive controls whether
2489 the document files of completed, canceled, or aborted print jobs
2490 are stored on disk.
</P>
2492 <P>A value of
<CODE>On
</CODE> preserves job files until the
2493 administrator purges them with the
<CODE>cancel
</CODE> command.
2494 Jobs can be restarted (and reprinted) as desired until they are
2497 <P>A value of
<CODE>Off
</CODE> (the default) removes the job
2498 files as soon as each job is completed, canceled, or aborted.
</P>
2501 <H2 CLASS=
"title"><A NAME=
"Printcap">Printcap
</A></H2>
2505 <PRE CLASS=
"command">
2507 Printcap /etc/printcap
2508 Printcap /etc/printers.conf
2509 Printcap /Library/Preferences/org.cups.printers.plist
2512 <H3>Description
</H3>
2514 <P>The
<CODE>Printcap
</CODE> directive controls whether or not a
2515 printcap file is automatically generated and updated with a list
2516 of available printers. If specified with no value, then no
2517 printcap file will be generated. The default is to generate a
2518 file named
<VAR>@CUPS_DEFAUL_PRINTCAP@
</VAR>.
</P>
2520 <P>When a filename is specified (e.g.
<VAR>@CUPS_DEFAULT_PRINTCAP@
</VAR>),
2521 the printcap file is written whenever a printer is added or
2522 removed. The printcap file can then be used by applications that
2523 are hardcoded to look at the printcap file for the available
2527 <H2 CLASS=
"title"><A NAME=
"PrintcapFormat">PrintcapFormat
</A></H2>
2531 <PRE CLASS=
"command">
2533 PrintcapFormat Solaris
2534 PrintcapFormat plist
2537 <H3>Description
</H3>
2539 <P>The
<CODE>PrintcapFormat
</CODE> directive controls the output format of the
2540 printcap file. The default is to generate the plist format on Mac OS X, the
2541 Solaris format on Solaris, and the BSD format on other operating systems.
</P>
2544 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.13</SPAN><A NAME=
"PrintcapGUI">PrintcapGUI
</A></H2>
2548 <PRE CLASS=
"command">
2549 PrintGUI /usr/bin/glpoptions
2552 <H3>Description
</H3>
2554 <P>The
<CODE>PrintcapGUI
</CODE> directive sets the program to
2555 associate with the IRIX printer GUI interface script which is
2556 used by IRIX applications to display printer-specific options.
2557 There is no default program.
</P>
2560 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.21</SPAN><A NAME=
"ReloadTimeout">ReloadTimeout
</A></H2>
2564 <PRE CLASS=
"command">
2569 <H3>Description
</H3>
2571 <P>The
<CODE>ReloadTimeout
</CODE> directive specifies the number
2572 of seconds the scheduler will wait for active jobs to complete
2573 before doing a restart. The default is
30 seconds.
</P>
2576 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.3</SPAN><A NAME=
"RemoteRoot">RemoteRoot
</A></H2>
2580 <PRE CLASS=
"command">
2585 <H3>Description
</H3>
2587 <P>The
<CODE>RemoteRoot
</CODE> directive sets the username for
2588 unauthenticated root requests from remote hosts. The default
2589 username is
<VAR>remroot
</VAR>. Setting
<CODE>RemoteRoot
</CODE>
2590 to
<VAR>root
</VAR> effectively disables this security
2594 <H2 CLASS=
"title"><A NAME=
"RequestRoot">RequestRoot
</A></H2>
2598 <PRE CLASS=
"command">
2599 RequestRoot /var/spool/cups
2600 RequestRoot /foo/bar/spool/cups
2603 <H3>Description
</H3>
2605 <P>The
<CODE>RequestRoot
</CODE> directive sets the directory for
2606 incoming IPP requests and HTML forms. If an absolute path is not
2607 provided then it is assumed to be relative to the
<A
2608 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
2609 default request directory is
<VAR>@CUPS_REQUESTS@
</VAR>.
</P>
2612 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Require">Require
</A></H2>
2616 <PRE CLASS=
"command">
2617 <Location /path
>
2619 Require group foo bar
2620 Require user john mary
2622 Require user @groupname
2623 Require user @SYSTEM
2628 <H3>Description
</H3>
2630 <P>The
<CODE>Require
</CODE> directive specifies that
2631 authentication is required for the resource. The
2632 <CODE>group
</CODE> keyword specifies that the authenticated user
2633 must be a member of one or more of the named groups that
2636 <P>The
<CODE>user
</CODE> keyword specifies that the
2637 authenticated user must be one of the named users or groups that
2638 follow. Group names are specified using the
"@" prefix.
</P>
2640 <P>The
<CODE>valid-user
</CODE> keyword specifies that any
2641 authenticated user may access the resource.
</P>
2643 <P>The default is to do no authentication. This directive must
2644 appear inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> or
2645 <A HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
2648 <H2 CLASS=
"title"><A NAME=
"RIPCache">RIPCache
</A></H2>
2652 <PRE CLASS=
"command">
2658 <H3>Description
</H3>
2660 <P>The
<CODE>RIPCache
</CODE> directive sets the size of the
2661 memory cache used by Raster Image Processor (
"RIP") filters such
2662 as
<CODE>imagetoraster
</CODE> and
<CODE>pstoraster
</CODE>. The
2663 size can be suffixed with a
"k" for kilobytes,
"m" for megabytes,
2664 or
"g" for gigabytes. The default cache size is
"8m", or
8
2668 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.16</SPAN><A NAME=
"RootCertDuration">RootCertDuration
</A></H2>
2672 <PRE CLASS=
"command">
2674 RootCertDuration
300
2677 <H3>Description
</H3>
2679 <P>The
<CODE>RootCertDuration
</CODE> directive specifies the
2680 number of seconds the
<EM>root certificate
</EM> remains valid.
2681 The scheduler will generate a new certificate as needed when the
2682 number of seconds has expired. If set to
0, the root certificate
2683 is generated only once on startup or on a restart. The default is
2687 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.7</SPAN><A NAME=
"Satisfy">Satisfy
</A></H2>
2691 <PRE CLASS=
"command">
2692 <Location /path
>
2699 <H3>Description
</H3>
2701 <P>The
<CODE>Satisfy
</CODE> directive specifies whether all
2702 conditions must be satisfied to allow access to the resource. If
2703 set to
<CODE>all
</CODE>, then all authentication and access
2704 control conditions must be satified to allow access.
</P>
2706 <P>Setting
<CODE>Satisfy
</CODE> to
<CODE>any
</CODE> allows a user
2707 to gain access if the authentication or access control
2708 requirements are satisfied. For example, you might require
2709 authentication for remote access, but allow local access without
2712 <P>The default is
<CODE>all
</CODE>. This directive must appear
2713 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> or
<A
2714 HREF=
"#Limit"><CODE>Limit
</CODE></A> section.
</P>
2717 <H2 CLASS=
"title"><A NAME=
"ServerAdmin">ServerAdmin
</A></H2>
2721 <PRE CLASS=
"command">
2722 ServerAdmin user@host
2723 ServerAdmin root@foo.bar.com
2726 <H3>Description
</H3>
2728 <P>The
<CODE>ServerAdmin
</CODE> directive identifies the email
2729 address for the administrator on the system. By default the
2730 administrator email address is
<CODE>root@server
</CODE>, where
2731 <CODE>server
</CODE> is the
<A
2732 HREF=
"#ServerName"><CODE>ServerName
</CODE></A>.
</P>
2735 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.3.10</SPAN><A NAME=
"ServerAlias">ServerAlias
</A></H2>
2739 <PRE CLASS=
"command">
2741 ServerAlias althost.foo.com
2742 ServerAlias althost.bar.com
2746 <H3>Description
</H3>
2748 <P>The
<CODE>ServerAlias
</CODE> directive specifies alternate names that the
2749 server is known by. By default it contains a list of all aliases associated
2750 with the
<A HREF=
"#ServerName"><CODE>ServerName
</CODE></A>. The special name
2751 "*" can be used to allow any hostname when accessing CUPS via an external
2752 network interfaces.
</P>
2754 <BLOCKQUOTE><B>Note
</B>
2756 <P>The
<CODE>ServerAlias
</CODE> directive is used for HTTP Host header
2757 validation when clients connect to the scheduler from external interfaces.
2758 Using the special name
"*" can expose your system to known browser-based
2759 DNS rebinding attacks, even when accessing sites through a firewall. If the
2760 auto-discovery of alternate names does not work, we recommend listing each
2761 alternate name with a ServerAlias directive instead of using
"*".
</P>
2766 <H2 CLASS=
"title"><A NAME=
"ServerBin">ServerBin
</A></H2>
2770 <PRE CLASS=
"command">
2771 ServerBin /usr/lib/cups
2772 ServerBin /foo/bar/lib/cups
2775 <H3>Description
</H3>
2777 <P>The
<CODE>ServerBin
</CODE> directive sets the directory for
2778 server-run executables. If an absolute path is not provided then
2779 it is assumed to be relative to the
<A
2780 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
2781 default executable directory is
<VAR>/usr/lib/cups
</VAR>,
2782 <VAR>/usr/lib32/cups
</VAR>, or
<VAR>/usr/libexec/cups
</VAR>
2783 depending on the operating system.
</P>
2786 <H2 CLASS=
"title"><A NAME=
"ServerCertificate">ServerCertificate
</A></H2>
2790 <PRE CLASS=
"command">
2791 ServerCertificate /etc/cups/ssl/server.crt
2794 <H3>Description
</H3>
2796 <P>The
<CODE>ServerCertificate
</CODE> directive specifies the
2797 location of the SSL certificate file used by the server when
2798 negotiating encrypted connections. The certificate must not be
2799 encrypted (password protected) since the scheduler normally runs
2800 in the background and will be unable to ask for a password.
</P>
2802 <P>The default certificate file is
2803 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
2806 <H2 CLASS=
"title"><A NAME=
"ServerKey">ServerKey
</A></H2>
2810 <PRE CLASS=
"command">
2811 ServerKey /etc/cups/ssl/server.key
2814 <H3>Description
</H3>
2816 <P>The
<CODE>ServerKey
</CODE> directive specifies the location of
2817 the SSL private key file used by the server when negotiating
2818 encrypted connections.
</P>
2820 <P>The default key file is
2821 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
2824 <H2 CLASS=
"title"><A NAME=
"ServerName">ServerName
</A></H2>
2828 <PRE CLASS=
"command">
2829 ServerName foo.domain.com
2830 ServerName myserver.domain.com
2833 <H3>Description
</H3>
2835 <P>The
<CODE>ServerName
</CODE> directive specifies the hostname
2836 that is reported to clients. By default the server name is the
2840 <H2 CLASS=
"title"><A NAME=
"ServerRoot">ServerRoot
</A></H2>
2844 <PRE CLASS=
"command">
2845 ServerRoot /etc/cups
2846 ServerRoot /foo/bar/cups
2849 <H3>Description
</H3>
2851 <P>The
<CODE>ServerRoot
</CODE> directive specifies the absolute
2852 path to the server configuration and state files. It is also used
2853 to resolve relative paths in the
<VAR>cupsd.conf
</VAR> file. The
2854 default server directory is
<VAR>/etc/cups
</VAR>.
</P>
2857 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.1.21</SPAN><A NAME=
"ServerTokens">ServerTokens
</A></H2>
2861 <PRE CLASS=
"command">
2863 ServerTokens ProductOnly
2866 ServerTokens Minimal
2871 <H3>Description
</H3>
2873 <P>The
<CODE>ServerTokens
</CODE> directive specifies the
2874 information that is included in the
<CODE>Server:
</CODE> header
2875 of all HTTP responses. Table
4 lists the token name along with
2876 the text that is returned. The default is
2877 <CODE>Minimal
</CODE>.
</P>
2879 <DIV CLASS=
"table"><TABLE SUMMARY=
"ServerToken Names and Values">
2880 <CAPTION>Table
4:
<A NAME=
"TABLE4">ServerToken Names and Values
</A></CAPTION>
2890 <TD>No
<CODE>Server:
</CODE> header is returned
</TD>
2893 <TD>ProductOnly
</TD>
2906 <TD>"CUPS 1.2.N" where N is the patch release
</TD>
2910 <TD>"CUPS 1.2.N (UNAME)" where N is the patch release and
2911 UNAME is the output of the
<B>uname(
1)
</B> command
</TD>
2915 <TD>"CUPS 1.2.N (UNAME) IPP/1.1" where N is the patch
2916 release and UNAME is the output of the
<B>uname(
1)
</B>
2923 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"SetEnv">SetEnv
</A></H2>
2927 <PRE CLASS=
"command">
2928 SetEnv PATH /usr/lib/cups/filter:/bin:/usr/bin:/usr/local/bin
2929 SetEnv MY_ENV_VAR foo
2932 <H3>Description
</H3>
2934 <P>The
<CODE>SetEnv
</CODE> directive specifies an environment
2935 variable that should be passed to child processes.
</P>
2938 <H2 CLASS=
"title"><A NAME=
"SSLOptions">SSLOptions
</A></H2>
2942 <PRE CLASS=
"command">
2943 SSLOptions
127.0.0.1:
443
2944 SSLOptions
192.0.2.1:
443
2947 <H3>Description
</H3>
2949 <P>The
<CODE>SSLOptions
</CODE> directive specifies a network
2950 address and port to listen for secure connections. Multiple
2951 <CODE>SSLOptions
</CODE> directives can be provided to listen on
2952 multiple addresses.
</P>
2954 <P>The
<CODE>SSLOptions
</CODE> directive is similar to the
<A
2955 HREF=
"#SSLPort"><CODE>SSLPort
</CODE></A> directive but allows you
2956 to restrict access to specific interfaces or networks.
</P>
2959 <H2 CLASS=
"title"><A NAME=
"SSLOptions">SSLOptions
</A></H2>
2963 <PRE CLASS=
"command">
2965 SSLOptions NoEmptyFragments
2968 <H3>Description
</H3>
2970 <P>The
<CODE>SSLOptions
</CODE> directive specifies additional SSL/TLS
2971 protocol options to use for encrypted connected. Currently only two
2972 options are supported -
<code>None
</code> (the default) for the most
2973 secure mode and
<code>NoEmptyFragments
</code> to allow CUPS to work with
2974 Microsoft Windows with the FIPS conformance mode enabled.
</p>
2977 <H2 CLASS=
"title"><A NAME=
"SSLPort">SSLPort
</A></H2>
2981 <PRE CLASS=
"command">
2985 <H3>Description
</H3>
2987 <P>The
<CODE>SSLPort
</CODE> directive specifies a port to listen
2988 on for secure connections. Multiple
<CODE>SSLPort
</CODE> lines
2989 can be specified to listen on multiple ports.
</P>
2992 <H2 CLASS=
"title"><A NAME=
"SystemGroup">SystemGroup
</A></H2>
2996 <PRE CLASS=
"command">
3001 SystemGroup root lpadmin
3004 <H3>Description
</H3>
3006 <P>The
<CODE>SystemGroup
</CODE> directive specifies the system
3007 administration group for
<CODE>System
</CODE> authentication.
3008 Multiple groups can be listed, separated with spaces. The default
3009 group list is
<CODE>@CUPS_SYSTEM_GROUPS@
</CODE>.
</P>
3012 <H2 CLASS=
"title"><A NAME=
"TempDir">TempDir
</A></H2>
3016 <PRE CLASS=
"command">
3018 TempDir /foo/bar/tmp
3021 <H3>Description
</H3>
3023 <P>The
<CODE>TempDir
</CODE> directive specifies an absolute path
3024 for the directory to use for temporary files. The default
3025 directory is
<VAR>@CUPS_REQUESTS@/tmp
</VAR>.
</P>
3027 <P>Temporary directories must be world-writable and should have
3028 the
"sticky" permission bit enabled so that other users cannot
3029 delete filter temporary files. The following commands will create
3030 an appropriate temporary directory called
3031 <VAR>/foo/bar/tmp
</VAR>:
</P>
3033 <PRE CLASS=
"command">
3034 <KBD>mkdir /foo/bar/tmp
</KBD>
3035 <KBD>chmod a+rwxt /foo/bar/tmp
</KBD>
3039 <H2 CLASS=
"title"><A NAME=
"Timeout">Timeout
</A></H2>
3043 <PRE CLASS=
"command">
3048 <H3>Description
</H3>
3050 <P>The
<CODE>Timeout
</CODE> directive controls the amount of time
3051 to wait before an active HTTP or IPP request times out. The
3052 default timeout is
300 seconds.
</P>
3055 <H2 CLASS=
"title"><SPAN CLASS=
"info">CUPS
1.2</SPAN><A NAME=
"UseNetworkDefault">UseNetworkDefault
</A></H2>
3059 <PRE CLASS=
"command">
3060 UseNetworkDefault yes
3061 UseNetworkDefault no
3064 <H3>Description
</H3>
3066 <P>The
<CODE>UseNetworkDefault
</CODE> directive controls whether
3067 the client will use a network/remote printer as a default
3068 printer. If enabled, the default printer of a server is used as
3069 the default printer on a client. When multiple servers are
3070 advertising a default printer, the client's default printer is
3071 set to the first discovered printer, or to the implicit class for
3072 the same printer available from multiple servers.
</P>
3074 <P>The default is
<CODE>@CUPS_USE_NETWORK_DEFAULT@
</CODE>.
</P>
3077 <H2 CLASS=
"title"><A NAME=
"User">User
</A></H2>
3081 <PRE CLASS=
"command">
3086 <H3>Description
</H3>
3088 <P>The
<CODE>User
</CODE> directive specifies the UNIX user that
3089 filter and CGI programs run as. The default user is
3090 <CODE>@CUPS_USER@
</CODE>.
</P>
3092 <BLOCKQUOTE><B>Note:
</B>
3094 <P>You may not use user
<CODE>root
</CODE>, as that would expose
3095 the system to unacceptable security risks. The scheduler will
3096 automatically choose user
<CODE>nobody
</CODE> if you specify a
3097 user whose ID is
0.
</P>