2 <!-- SECTION: References -->
4 <TITLE>cupsd.conf
</TITLE>
29 <P>The
<VAR>/etc/cups/cupsd.conf
</VAR> file contains
30 configuration
<I>directives
</I> that control how the server
31 functions. Each directive is listed on a line by itself followed
32 by its value. Comments are introduced using the number sign (
"#")
33 character at the beginning of a line.
</P>
35 <P>Since the server configuration file consists of plain text,
36 you can use your favorite text editor to make changes to it.
37 After making any changes, restart the
<CODE>cupsd(
8)
</CODE>
38 process using the startup script for your operating system:
</P>
44 /etc/init.d/cups restart
49 /sbin/init.d/cups restart
54 /etc/init.d/cups restart
59 /etc/init.d/cups restart
64 /System/Library/StartupItems/PrintingServices/PrintingServices restart
69 /etc/init.d/cups restart
74 <P>You can also edit this file from the CUPS web interface, which
75 automatically handles restarting the scheduler.
</P>
78 <H3 CLASS=
"title"><A NAME=
"AccessLog">AccessLog
</A></H3>
83 AccessLog /var/log/cups/access_log
84 AccessLog /var/log/cups/access_log-%s
90 <P>The
<CODE>AccessLog
</CODE> directive sets the name of the
91 access log file. If the filename is not absolute then it is
92 assumed to be relative to the
<A
93 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
94 access log file is stored in
"common log format" and can be used
95 by any web access reporting tool to generate a report on CUPS
98 <P>The server name can be included in the filename by using
99 <CODE>%s
</CODE> in the name.
</P>
101 <P>The special name
"syslog" can be used to send the access
102 information to the system log instead of a plain file.
</P>
104 <P>The default access log file is
105 <VAR>/var/log/cups/access_log
</VAR>.
</P>
108 <H3 CLASS=
"title"><A NAME=
"Allow">Allow
</A></H3>
112 <PRE CLASS=
"command">
115 Allow from *.domain.com
116 Allow from .domain.com
117 Allow from host.domain.com
120 Allow from nnn.nnn.nnn.*
121 Allow from nnn.nnn.nnn.nnn
122 Allow from nnn.nnn.nnn.nnn/mm
123 Allow from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
124 Allow from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
131 <P>The
<CODE>Allow
</CODE> directive specifies a hostname, IP address,
132 or network that is allowed access to the server.
<CODE>Allow
</CODE>
133 directives are cummulative, so multiple
<CODE>Allow
</CODE> directives
134 can be used to allow access for multiple hosts or networks. The
135 <CODE>/mm
</CODE> notation specifies a CIDR netmask:
</P>
137 <DIV CLASS=
"table"><TABLE>
139 <TH WIDTH=
"10%">mm
</TH>
140 <TH WIDTH=
"20%">netmask
</TH>
141 <TH WIDTH=
"10%">mm
</TH>
142 <TH WIDTH=
"20%">netmask
</TH>
145 <TD ALIGN=
"CENTER">0</TD>
146 <TD ALIGN=
"CENTER">0.0.0.0</TD>
147 <TD ALIGN=
"CENTER">8</TD>
148 <TD ALIGN=
"CENTER">255.0.0.0</TD>
151 <TD ALIGN=
"CENTER">1</TD>
152 <TD ALIGN=
"CENTER">128.0.0.0</TD>
153 <TD ALIGN=
"CENTER">16</TD>
154 <TD ALIGN=
"CENTER">255.255.0.0</TD>
157 <TD ALIGN=
"CENTER">2</TD>
158 <TD ALIGN=
"CENTER">192.0.0.0</TD>
159 <TD ALIGN=
"CENTER">24</TD>
160 <TD ALIGN=
"CENTER">255.255.255.0</TD>
163 <TD ALIGN=
"CENTER">...
</TD>
164 <TD ALIGN=
"CENTER">...
</TD>
165 <TD ALIGN=
"CENTER">32</TD>
166 <TD ALIGN=
"CENTER">255.255.255.255</TD>
170 <P>The
<CODE>@LOCAL
</CODE> name will allow access from all local
171 interfaces. The
<CODE>@IF(name)
</CODE> name will allow access
172 from the named interface.
</P>
174 <P>The
<CODE>Allow
</CODE> directive must appear inside a
<A
175 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
178 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthClass">AuthClass
</A></H3>
182 <PRE CLASS=
"command">
191 <P>The
<CODE>AuthClass
</CODE> directive defines what level of
192 authentication is required:
</P>
196 <LI><CODE>Anonymous
</CODE> - No authentication should be
197 performed (default)
</LI>
199 <LI><CODE>User
</CODE> - A valid username and password is
202 <LI><CODE>System
</CODE> - A valid username and password
203 is required, and the username must belong to the
"sys"
204 group; this can be changed using the
<A
205 HREF=
"#SystemGroup"><CODE>SystemGroup
</CODE></A>
208 <LI><CODE>Group
</CODE> - A valid username and password is
209 required, and the username must belong to the group named
211 HREF=
"#AuthGroupName"><CODE>AuthGroupName
</CODE></A>
216 <P>The
<CODE>AuthClass
</CODE> directive must appear inside a
<A
217 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
219 <P><B>This directive is deprecated and will be removed from a
220 future release of CUPS.
</B> Consider using the more flexible
<A
221 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
224 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthGroupName">AuthGroupName
</A></H3>
228 <PRE CLASS=
"command">
229 AuthGroupName mygroup
235 <P>The
<CODE>AuthGroupName
</CODE> directive sets the group to use
236 for
<CODE>Group
</CODE> authentication.
</P>
238 <P>The
<CODE>AuthGroupName
</CODE> directive must appear inside a
239 <A HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
241 <P><B>This directive is deprecated and will be removed from a
242 future release of CUPS.
</B> Consider using the more flexible
<A
243 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
246 <H3 CLASS=
"title"><A NAME=
"AuthType">AuthType
</A></H3>
250 <PRE CLASS=
"command">
259 <P>The
<CODE>AuthType
</CODE> directive defines the type of
260 authentication to perform:
</P>
264 <LI><CODE>None
</CODE> - No authentication should be
265 performed (default)
</LI>
267 <LI><CODE>Basic
</CODE> - Basic authentication should be
268 performed using the UNIX password and group files
</LI>
270 <LI><CODE>Digest
</CODE> - Digest authentication should be
271 performed using the
<VAR>/etc/cups/passwd.md5
</VAR>
274 <LI><CODE>BasicDigest
</CODE> - Basic authentication
275 should be performed using the
276 <VAR>/etc/cups/passwd.md5
</VAR> file
</LI>
280 <P>When using
<CODE>Basic
</CODE>,
<CODE>Digest
</CODE>, or
281 <CODE>BasicDigest
</CODE> authentication, clients connecting
282 through the
<CODE>localhost
</CODE> interface can also
283 authenticate using certificates.
</P>
285 <P>The
<CODE>AuthType
</CODE> directive must appear inside a
<A
286 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
289 <H3 CLASS=
"title"><A NAME=
"AutoPurgeJobs">AutoPurgeJobs
</A></H3>
293 <PRE CLASS=
"command">
300 <P>The
<CODE>AutoPurgeJobs
</CODE> directive specifies whether or
301 not to purge completed jobs once they are no longer required for
302 quotas. This option has no effect if quotas are not enabled. The
303 default setting is
<CODE>No
</CODE>.
</P>
306 <H3 CLASS=
"title"><A NAME=
"BrowseAddress">BrowseAddress
</A></H3>
310 <PRE CLASS=
"command">
311 BrowseAddress
255.255.255.255:
631
312 BrowseAddress
192.0.2.255:
631
313 BrowseAddress host.domain.com:
631
315 BrowseAddress @IF(name)
320 <P>The
<CODE>BrowseAddress
</CODE> directive specifies an address
321 to send browsing information to. Multiple
322 <CODE>BrowseAddress
</CODE> directives can be specified to send
323 browsing information to different networks or systems.
</P>
325 <P>The
<CODE>@LOCAL
</CODE> name will broadcast printer
326 information to all local interfaces. The
<CODE>@IF(name)
</CODE>
327 name will broadcast to the named interface.
</P>
329 <P>There is no default browse address.
</P>
331 <BLOCKQUOTE><B>Note:
</B>
333 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
334 16, or
8 bits, printer browsing (and in fact all broadcast
335 reception) will not work. This problem appears to be fixed in
341 <H3 CLASS=
"title"><A NAME=
"BrowseAllow">BrowseAllow
</A></H3>
345 <PRE CLASS=
"command">
347 BrowseAllow from none
348 BrowseAllow from
192.0.2
349 BrowseAllow from
192.0.2.0/
24
350 BrowseAllow from
192.0.2.0/
255.255.255.0
351 BrowseAllow from *.domain.com
352 BrowseAllow from @LOCAL
353 BrowseAllow from @IF(name)
358 <P>The
<CODE>BrowseAllow
</CODE> directive specifies a system or
359 network to accept browse packets from. The default is to accept
360 browse packets from all hosts.
</P>
362 <P>Host and domain name matching require that you enable the
<A
363 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
366 <P>IP address matching supports exact matches, partial addresses
367 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
368 255.255.255.0, or network addresses using the specified netmask
371 <P>The
<CODE>@LOCAL
</CODE> name will allow browse data from all
372 local interfaces. The
<CODE>@IF(name)
</CODE> name will allow
373 browse data from the named interface.
</P>
376 <H3 CLASS=
"title"><A NAME=
"BrowseDeny">BrowseDeny
</A></H3>
380 <PRE CLASS=
"command">
383 BrowseDeny from
192.0.2
384 BrowseDeny from
192.0.2.0/
24
385 BrowseDeny from
192.0.2.0/
255.255.255.0
386 BrowseDeny from *.domain.com
387 BrowseDeny from @LOCAL
388 BrowseDeny from @IF(name)
393 <P>The
<CODE>BrowseDeny
</CODE> directive specifies a system or
394 network to reject browse packets from. The default is to not deny
395 browse packets from any hosts.
</P>
397 <P>Host and domain name matching require that you enable the
<A
398 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
401 <P>IP address matching supports exact matches, partial addresses
402 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
403 255.255.255.0, or network addresses using the specified netmask
406 <P>The
<CODE>@LOCAL
</CODE> name will block browse data from all
407 local interfaces. The
<CODE>@IF(name)
</CODE> name will block
408 browse data from the named interface.
</P>
411 <H3 CLASS=
"title"><A NAME=
"BrowseOrder">BrowseOrder
</A></H3>
415 <PRE CLASS=
"command">
416 BrowseOrder allow,deny
417 BrowseOrder deny,allow
422 <P>The
<CODE>BrowseOrder
</CODE> directive specifies the order of
423 allow/deny processing. The default order is
424 <CODE>deny,allow
</CODE>:
</P>
428 <LI><CODE>allow,deny
</CODE> - Deny browse packets by
429 default, then check
<CODE>BrowseAllow
</CODE> lines
430 followed by
<CODE>BrowseDeny
</CODE> lines.
</LI>
432 <LI><CODE>deny,allow
</CODE> - Allow browse packets by
433 default, then check
<CODE>BrowseDeny
</CODE> lines
434 followed by
<CODE>BrowseAllow
</CODE> lines.
</LI>
439 <H3 CLASS=
"title"><A NAME=
"BrowseInterval">BrowseInterval
</A></H3>
443 <PRE CLASS=
"command">
450 <P>The
<CODE>BrowseInterval
</CODE> directive specifies the
451 maximum amount of time between browsing updates. Specifying a
452 value of
0 seconds disables outgoing browse updates but allows a
453 server to receive printer information from other hosts.
</P>
455 <P>The
<CODE>BrowseInterval
</CODE> value should always be less
456 than the
<A HREF=
"#BrowseTimeout"><CODE>BrowseTimeout
</CODE></A>
457 value. Otherwise printers and classes will disappear from client
458 systems between updates.
</P>
461 <H3 CLASS=
"title"><A NAME=
"BrowsePoll">BrowsePoll
</A></H3>
465 <PRE CLASS=
"command">
466 BrowsePoll
192.0.2.2:
631
467 BrowsePoll host.domain.com:
631
472 <P>The
<CODE>BrowsePoll
</CODE> directive polls a server for
473 available printers once every
<A
474 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> seconds.
475 Multiple
<CODE>BrowsePoll
</CODE> directives can be specified to
476 poll multiple servers.
</P>
478 <P>If
<CODE>BrowseInterval
</CODE> is set to
0 then the server is
479 polled once every
30 seconds.
</P>
482 <H3 CLASS=
"title"><A NAME=
"BrowsePort">BrowsePort
</A></H3>
486 <PRE CLASS=
"command">
493 <P>The
<CODE>BrowsePort
</CODE> directive specifies the UDP port number
494 used for browse packets. The default port number is
631.
</P>
496 <BLOCKQUOTE><B>Note:
</B>
498 <P>You must set the
<CODE>BrowsePort
</CODE> to the same value
499 on all of the systems that you want to see.
504 <H3 CLASS=
"title"><A NAME=
"BrowseProtocols">BrowseProtocols
</A></H3>
508 <PRE CLASS=
"command">
511 BrowseProtocols CUPS SLP
517 <P>The
<CODE>BrowseProtocols
</CODE> directive specifies the
518 protocols to use when collecting and distributing shared printers
519 on the local network. The default protocol is
<CODE>CUPS
</CODE>,
520 which is a broadcast-based protocol.
</P>
522 <BLOCKQUOTE><B>Note:
</B>
524 <P>When using the
<CODE>SLP
</CODE> protocol, you must have at least
525 one Directory Agent (DA) server on your network. Otherwise the
526 CUPS scheduler (
<CODE>cupsd
</CODE>) will not respond to client
527 requests for several seconds while polling the network.
</P>
532 <H3 CLASS=
"title"><A NAME=
"BrowseRelay">BrowseRelay
</A></H3>
536 <PRE CLASS=
"command">
537 BrowseRelay
193.0.2.1 192.0.2.255
538 BrowseRelay
193.0.2.0/
255.255.255.0 192.0.2.255
539 BrowseRelay
193.0.2.0/
24 192.0.2.255
540 BrowseRelay *.domain.com
192.0.2.255
541 BrowseRelay host.domain.com
192.0.2.255
546 <P>The
<CODE>BrowseRelay
</CODE> directive specifies source and
547 destination addresses for relaying browsing information from one
548 host or network to another. Multiple
<CODE>BrowseRelay
</CODE>
549 directives can be specified as needed.
</P>
551 <P><CODE>BrowseRelay
</CODE> is typically used on systems that
552 bridge multiple subnets using one or more network interfaces. It
553 can also be used to relay printer information from polled servers
556 <PRE CLASS=
"command">
557 BrowseRelay
127.0.0.1 @LOCAL
560 <P>This effectively provides access to printers on a WAN for all
561 clients on the LAN(s).
</P>
564 <H3 CLASS=
"title"><A NAME=
"BrowseShortNames">BrowseShortNames
</A></H3>
568 <PRE CLASS=
"command">
575 <P>The
<CODE>BrowseShortNames
</CODE> directive specifies whether
576 or not short names are used for remote printers when possible.
577 Short names are just the remote printer name, without the server
578 (
"printer"). If more than one remote printer is detected with the
579 same name, the printers will have long names (
"printer@server1",
580 "printer@server2".)
</P>
582 <P>The default value for this option is
<CODE>Yes
</CODE>.
</P>
585 <H3 CLASS=
"title"><A NAME=
"BrowseTimeout">BrowseTimeout
</A></H3>
589 <PRE CLASS=
"command">
596 <P>The
<CODE>BrowseTimeout
</CODE> directive sets the timeout for
597 printer or class information that is received in browse packets.
598 Once a printer or class times out it is removed from the list of
599 available destinations.
</P>
601 <P>The
<CODE>BrowseTimeout
</CODE> value should always be greater
603 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> value.
604 Otherwise printers and classes will disappear from client systems
608 <H3 CLASS=
"title"><A NAME=
"Browsing">Browsing
</A></H3>
612 <PRE CLASS=
"command">
619 <P>The
<CODE>Browsing
</CODE> directive controls whether or not
620 network printer browsing is enabled. The default setting is
623 <P>This directive does not enable sharing of local printers by
624 itself; you must also use the
<A
625 HREF=
"#BrowseAddress"><CODE>BrowseAddress
</CODE></A> or
<A
626 HREF=
"#BrowseProtocols"><CODE>BrowseProtocols
</CODE></A>
627 directives to advertise local printers to other systems.
</P>
629 <BLOCKQUOTE><B>Note:
</B>
631 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
632 16, or
8 bits, printer browsing (and in fact all broadcast
633 reception) will not work. This problem appears to be fixed in
639 <H3 CLASS=
"title"><A NAME=
"Classification">Classification
</A></H3>
643 <PRE CLASS=
"command">
645 Classification classified
646 Classification confidential
647 Classification secret
648 Classification topsecret
649 Classification unclassified
654 <P>The
<CODE>Classification
</CODE> directive sets the
655 classification level on the server. When this option is set, at
656 least one of the banner pages is forced to the classification
657 level, and the classification is placed on each page of output.
658 The default is no classification level.
</P>
661 <H3 CLASS=
"title"><A NAME=
"ClassifyOverride">ClassifyOverride
</A></H3>
665 <PRE CLASS=
"command">
672 <P>The
<CODE>ClassifyOverride
</CODE> directive specifies whether
673 users can override the default classification level on the
674 server. When the server classification is set, users can change
675 the classification using the
<CODE>job-sheets
</CODE> option and
676 can choose to only print one security banner before or after the
677 job. If the
<CODE>job-sheets
</CODE> option is set to
678 <CODE>none
</CODE> then the server default classification is
681 <P>The default is to not allow classification overrides.
</P>
684 <H3 CLASS=
"title"><A NAME=
"ConfigFilePerm">ConfigFilePerm
</A></H3>
688 <PRE CLASS=
"command">
695 <P>The
<CODE>ConfigFilePerm
</CODE> directive specifies the
696 permissions to use when writing configuration files. The default
700 <H3 CLASS=
"title"><A NAME=
"DataDir">DataDir
</A></H3>
704 <PRE CLASS=
"command">
705 DataDir /usr/share/cups
710 <P>The
<CODE>DataDir
</CODE> directive sets the directory to use
714 <H3 CLASS=
"title"><A NAME=
"DefaultCharset">DefaultCharset
</A></H3>
718 <PRE CLASS=
"command">
720 DefaultCharset iso-
8859-
1
721 DefaultCharset windows-
1251
726 <P>The
<CODE>DefaultCharset
</CODE> directive sets the default
727 character set to use for client connections. The default
728 character set is
<CODE>utf-
8</CODE> but is overridden by the
729 character set for the language specified by the client or the
730 <CODE>DefaultLanguage
</CODE> directive.
</P>
733 <H3 CLASS=
"title"><A NAME=
"DefaultLanguage">DefaultLanguage
</A></H3>
737 <PRE CLASS=
"command">
747 <P>The
<CODE>DefaultLanguage
</CODE> directive specifies the
748 default language to use for client connections. Setting the
749 default language also sets the default character set if a
750 language localization file exists for it. The default language
751 is
"en" for English.
</P>
754 <H3 CLASS=
"title"><A NAME=
"Deny">Deny
</A></H3>
758 <PRE CLASS=
"command">
761 Deny from *.domain.com
762 Deny from .domain.com
763 Deny from host.domain.com
766 Deny from nnn.nnn.nnn.*
767 Deny from nnn.nnn.nnn.nnn
768 Deny from nnn.nnn.nnn.nnn/mm
769 Deny from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
770 Deny from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
777 <P>The
<CODE>Deny
</CODE> directive specifies a hostname, IP
778 address, or network that is allowed access to the server.
779 <CODE>Deny
</CODE> directives are cummulative, so multiple
780 <CODE>Deny
</CODE> directives can be used to allow access for
781 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
782 specifies a CIDR netmask:
</P>
784 <DIV CLASS=
"table"><TABLE>
786 <TH WIDTH=
"10%">mm
</TH>
787 <TH WIDTH=
"20%">netmask
</TH>
788 <TH WIDTH=
"10%">mm
</TH>
789 <TH WIDTH=
"20%">netmask
</TH>
792 <TD ALIGN=
"CENTER">0</TD>
793 <TD ALIGN=
"CENTER">0.0.0.0</TD>
794 <TD ALIGN=
"CENTER">8</TD>
795 <TD ALIGN=
"CENTER">255.0.0.0</TD>
798 <TD ALIGN=
"CENTER">1</TD>
799 <TD ALIGN=
"CENTER">128.0.0.0</TD>
800 <TD ALIGN=
"CENTER">16</TD>
801 <TD ALIGN=
"CENTER">255.255.0.0</TD>
804 <TD ALIGN=
"CENTER">2</TD>
805 <TD ALIGN=
"CENTER">192.0.0.0</TD>
806 <TD ALIGN=
"CENTER">24</TD>
807 <TD ALIGN=
"CENTER">255.255.255.0</TD>
810 <TD ALIGN=
"CENTER">...
</TD>
811 <TD ALIGN=
"CENTER">...
</TD>
812 <TD ALIGN=
"CENTER">32</TD>
813 <TD ALIGN=
"CENTER">255.255.255.255</TD>
817 <P>The
<CODE>@LOCAL
</CODE> name will deny access from all local
818 interfaces. The
<CODE>@IF(name)
</CODE> name will deny access from
819 the named interface.
</P>
821 <P>The
<CODE>Deny
</CODE> directive must appear inside a
<A
822 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
825 <H3 CLASS=
"title"><A NAME=
"DocumentRoot">DocumentRoot
</A></H3>
829 <PRE CLASS=
"command">
830 DocumentRoot /usr/share/doc/cups
831 DocumentRoot /foo/bar/doc/cups
836 <P>The
<CODE>DocumentRoot
</CODE> directive specifies the location
837 of web content for the HTTP server in CUPS. If an absolute path
838 is not specified then it is assumed to be relative to the
<A
839 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
840 default directory is
<VAR>/usr/share/doc/cups
</VAR>.
</P>
842 <P>Documents are first looked up in a sub-directory for the
843 primary language requested by the client (e.g.
844 <VAR>/usr/share/doc/cups/fr/...
</VAR>) and then directly under
845 the
<CODE>DocumentRoot
</CODE> directory (e.g.
846 <VAR>/usr/share/doc/cups/...
</VAR>), so it is possible to
847 localize the web content by providing subdirectories for each
851 <H3 CLASS=
"title"><A NAME=
"Encryption">Encryption
</A></H3>
855 <PRE CLASS=
"command">
857 Encryption IfRequested
863 <P>The
<CODE>Encryption
</CODE> directive must appear instead a
<A
864 HREF=
"#Location"><CODE>Location
</CODE></A> section and specifies
865 the encryption settings for that location. The default setting is
866 <CODE>IfRequested
</CODE> for all locations.
</P>
869 <H3 CLASS=
"title"><A NAME=
"ErrorLog">ErrorLog
</A></H3>
873 <PRE CLASS=
"command">
874 ErrorLog /var/log/cups/error_log
875 ErrorLog /var/log/cups/error_log-%s
881 <P>The
<CODE>ErrorLog
</CODE> directive sets the name of the error
882 log file. If the filename is not absolute then it is assumed to
883 be relative to the
<A
884 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
885 default error log file is
<VAR>/var/log/cups/error_log
</VAR>.
</P>
887 <P>The server name can be included in the filename by using
888 <CODE>%s
</CODE> in the name.
</P>
890 <P>The special name
"syslog" can be used to send the error
891 information to the system log instead of a plain file.
</P>
894 <H3 CLASS=
"title"><A NAME=
"FileDevice">FileDevice
</A></H3>
898 <PRE CLASS=
"command">
905 <P>The
<CODE>FileDevice
</CODE> directive determines whether the
906 scheduler allows new printers to be added using device URIs of
907 the form
<CODE>file:/filename
</CODE>. File devices are most often
908 used to test new printer drivers and do not support raw file
911 <P>The default setting is
<CODE>No
</CODE>.
</P>
913 <BLOCKQUOTE><B>Note:
</B>
915 <P>File devices are managed by the scheduler. Since the
916 scheduler normally runs as the root user, file devices
917 can be used to overwrite system files and potentially
918 gain unauthorized access to the system. If you must
919 create printers using file devices, we recommend that
920 you set the
<CODE>FileDevice
</CODE> directive to
921 <CODE>Yes
</CODE> for only as long as you need to add the
922 printers to the system, and then reset the directive to
928 <H3 CLASS=
"title"><A NAME=
"FilterLimit">FilterLimit
</A></H3>
932 <PRE CLASS=
"command">
940 <P>The
<CODE>FilterLimit
</CODE> directive sets the maximum cost
941 of all running job filters. It can be used to limit the number of
942 filter programs that are run on a server to minimize disk,
943 memory, and CPU resource problems. A limit of
0 disables filter
946 <P>An average print to a non-PostScript printer needs a filter
947 limit of about
200. A PostScript printer needs about half that
948 (
100). Setting the limit below these thresholds will effectively
949 limit the scheduler to printing a single job at any time.
</P>
951 <P>The default limit is
0.
</P>
954 <H3 CLASS=
"title"><A NAME=
"FontPath">FontPath
</A></H3>
958 <PRE CLASS=
"command">
959 FontPath /foo/bar/fonts
960 FontPath /usr/share/cups/fonts:/foo/bar/fonts
965 <P>The
<CODE>FontPath
</CODE> directive specifies the font path to
966 use when searching for fonts. The default font path is
967 <CODE>/usr/share/cups/fonts
</CODE>.
</P>
970 <H3 CLASS=
"title"><A NAME=
"Group">Group
</A></H3>
974 <PRE CLASS=
"command">
980 <P>The
<CODE>Group
</CODE> directive specifies the UNIX group that
981 filter and CGI programs run as. The default group is
982 <CODE>nobody
</CODE>.
</P>
985 <H3 CLASS=
"title"><A NAME=
"HideImplicitMembers">HideImplicitMembers
</A></H3>
989 <PRE CLASS=
"command">
990 HideImplicitMembers Yes
991 HideImplicitMembers No
996 <P>The
<CODE>HideImplicitMembers
</CODE> directive controls
997 whether the individual printers in an implicit class are hidden
998 from the user. The default is
<CODE>Yes
</CODE>.
</P>
1000 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1001 must be enabled for this directive to have any effect.
</P>
1004 <H3 CLASS=
"title"><A NAME=
"HostNameLookups">HostNameLookups
</A></H3>
1008 <PRE CLASS=
"command">
1011 HostNameLookups Double
1014 <H4>Description
</H4>
1016 <P>The
<CODE>HostNameLookups
</CODE> directive controls whether or
1017 not CUPS looks up the hostname for connecting clients. The
1018 <CODE>Double
</CODE> setting causes CUPS to verify that the
1019 hostname resolved from the address matches one of the addresses
1020 returned for that hostname.
<CODE>Double
</CODE> lookups also
1021 prevent clients with unregistered addresses from connecting to
1024 <P>The default is
<CODE>Off
</CODE> to avoid the potential server
1025 performance problems with hostname lookups. Set this option to
1026 <CODE>On
</CODE> or
<CODE>Double
</CODE> only if absolutely
1030 <H3 CLASS=
"title"><A NAME=
"ImplicitClasses">ImplicitClasses
</A></H3>
1034 <PRE CLASS=
"command">
1039 <H4>Description
</H4>
1041 <P>The
<CODE>ImplicitClasses
</CODE> directive controls whether
1042 implicit classes are created based upon the available network
1043 printers and classes. The default setting is
<CODE>On
</CODE> but
1044 is automatically turned
<CODE>Off
</CODE> if
<A
1045 HREF=
"#Browsing"><CODE>Browsing
</CODE></A> is turned
1046 <CODE>Off
</CODE>.
</P>
1049 <H3 CLASS=
"title"><A NAME=
"ImplicitAnyClasses">ImplicitAnyClasses
</A></H3>
1053 <PRE CLASS=
"command">
1054 ImplicitAnyClasses On
1055 ImplicitAnyClasses Off
1058 <H4>Description
</H4>
1060 <P>The
<CODE>ImplicitAnyClasses
</CODE> directive controls
1061 whether implicit classes for local and remote printers are
1062 created with the name
<CODE>AnyPrinter
</CODE>. The default
1063 setting is
<CODE>Off
</CODE>.
</P>
1065 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1066 must be enabled for this directive to have any effect.
</P>
1069 <H3 CLASS=
"title"><A NAME=
"Include">Include
</A></H3>
1073 <PRE CLASS=
"command">
1075 Include /foo/bar/filename
1078 <H4>Description
</H4>
1080 <P>The
<CODE>Include
</CODE> directive includes the named file in
1081 the
<CODE>cupsd.conf
</CODE> file. If no leading path is provided,
1082 the file is assumed to be relative to the
<A
1083 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory.
</P>
1086 <H3 CLASS=
"title"><A NAME=
"KeepAlive">KeepAlive
</A></H3>
1090 <PRE CLASS=
"command">
1095 <H4>Description
</H4>
1097 <P>The
<CODE>KeepAlive
</CODE> directive controls whether or not
1098 to support persistent HTTP connections. The default is
1099 <CODE>On
</CODE>.
</P>
1101 <P>HTTP/
1.1 clients automatically support persistent connections,
1102 while HTTP/
1.0 clients must specifically request them using the
1103 <CODE>Keep-Alive
</CODE> attribute in the
<CODE>Connection:
</CODE>
1104 field of each request.
</P>
1107 <H3 CLASS=
"title"><A NAME=
"KeepAliveTimeout">KeepAliveTimeout
</A></H3>
1111 <PRE CLASS=
"command">
1116 <H4>Description
</H4>
1118 <P>The
<CODE>KeepAliveTimeout
</CODE> directive controls how long
1119 a persistent HTTP connection will remain open after the last
1120 request. The default is
60 seconds.
</P>
1123 <H3 CLASS=
"title"><A NAME=
"Limit">Limit
</A></H3>
1127 <PRE CLASS=
"command">
1128 <Limit GET POST
>
1137 <H4>Description
</H4>
1139 <P>The
<CODE>Limit
</CODE> directive groups access control
1140 directives for specific types of HTTP requests and must appear
1141 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1142 Access can be limited for individual request types
1143 (
<CODE>DELETE
</CODE>,
<CODE>GET
</CODE>,
<CODE>HEAD
</CODE>,
1144 <CODE>OPTIONS
</CODE>,
<CODE>POST
</CODE>,
<CODE>PUT
</CODE>, and
1145 <CODE>TRACE
</CODE>) or for all request types (
<CODE>ALL
</CODE>).
1146 The request type names are case-sensitive for compatibility with
1150 <H3 CLASS=
"title"><A NAME=
"LimitExcept">LimitExcept
</A></H3>
1154 <PRE CLASS=
"command">
1155 <LimitExcept GET POST
>
1157 </LimitExcept
>
1160 <H4>Description
</H4>
1162 <P>The
<CODE>LimitExcept
</CODE> directive groups access control
1163 directives for specific types of HTTP requests and must appear
1164 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1165 Unlike the
<A HREF=
"#Limit"><CODE>Limit
</CODE></A> directive,
1166 <CODE>LimitExcept
</CODE> restricts access for all requests
1167 <I>except
</I> those listed on the
<CODE>LimitExcept
</CODE>
1171 <H3 CLASS=
"title"><A NAME=
"LimitRequestBody">LimitRequestBody
</A></H3>
1175 <PRE CLASS=
"command">
1176 LimitRequestBody
10485760
1177 LimitRequestBody
10m
1181 <H4>Description
</H4>
1183 <P>The
<CODE>LimitRequestBody
</CODE> directive controls the
1184 maximum size of print files, IPP requests, and HTML form data in
1185 HTTP POST requests. The default limit is
0 which disables the
1189 <H3 CLASS=
"title"><A NAME=
"Listen">Listen
</A></H3>
1193 <PRE CLASS=
"command">
1194 Listen
127.0.0.1:
631
1195 Listen
192.0.2.1:
631
1200 <H4>Description
</H4>
1202 <P>The
<CODE>Listen
</CODE> directive specifies a network address
1203 and port to listen for connections. Multiple
<CODE>Listen
</CODE>
1204 directives can be provided to listen on multiple addresses.
</P>
1206 <P>The
<CODE>Listen
</CODE> directive is similar to the
<A
1207 HREF=
"#Port"><CODE>Port
</CODE></A> directive but allows you to
1208 restrict access to specific interfaces or networks.
</P>
1211 <H3 CLASS=
"title"><A NAME=
"Location">Location
</A></H3>
1215 <PRE CLASS=
"command">
1220 <Location /admin
>
1224 <Location /admin/conf
>
1228 <Location /admin/log
>
1232 <Location /classes
>
1236 <Location /classes/name
>
1240 <Location /jobs
>
1244 <Location /printers
>
1248 <Location /printers/name
>
1254 <H4>Description
</H4>
1256 <P>The
<CODE>Location
</CODE> directive specifies access control
1257 and authentication options for the specified HTTP resource or
1258 path. The
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>,
<A
1259 HREF=
"#AuthType"><CODE>AuthType
</CODE></A>,
<A
1260 HREF=
"#Deny"><CODE>Deny
</CODE></A>,
<A
1261 HREF=
"#Encryption"><CODE>Encryption
</CODE></A>,
<A
1262 HREF=
"#Limit"><CODE>Limit
</CODE></A>,
<A
1263 HREF=
"#LimitExcept"><CODE>LimitExcept
</CODE></A>,
<A
1264 HREF=
"#Order"><CODE>Order
</CODE></A>,
<A
1265 HREF=
"#Require"><CODE>Require
</CODE></A>, and
<A
1266 HREF=
"#Satisfy"><CODE>Satisfy
</CODE></A> directives may all
1267 appear inside a location.
</P>
1269 <P>Note that more specific resources override the less specific
1270 ones. So the directives inside the
<CODE>/printers/name
</CODE>
1271 location will override ones from
<CODE>/printers
</CODE>.
1272 Directives inside
<CODE>/printers
</CODE> will override ones from
1273 <CODE>/
</CODE>. None of the directives are inherited.
</P>
1275 <DIV CLASS=
"table"><TABLE>
1276 <CAPTION>Common Locations on the Server
</CAPTION>
1277 <TR><TH>Location
</TH><TH>Description
</TH></TR>
1278 <TR><TD><CODE>/
</CODE></TD><TD>The path for all get operations (get-printers, get-jobs, etc.)
</TD></TR>
1279 <TR><TD><CODE>/admin
</CODE></TD><TD>The path for all administration operations (add-printer, delete-printer, start-printer, etc.)
</TD></TR>
1280 <TR><TD><CODE>/admin/conf
</CODE></TD><TD>The path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
</TD></TR>
1281 <TR><TD><CODE>/admin/log
</CODE></TD><TD>The path for access to the CUPS log files (access_log, error_log, page_log)
</TD></TR>
1282 <TR><TD><CODE>/classes
</CODE></TD><TD>The path for all classes
</TD></TR>
1283 <TR><TD><CODE>/classes/name
</CODE></TD><TD>The resource for class
<CODE>name
</CODE></TD></TR>
1284 <TR><TD><CODE>/jobs
</CODE></TD><TD>The path for all jobs (hold-job, release-job, etc.)
</TD></TR>
1285 <TR><TD><CODE>/jobs/id
</CODE></TD><TD>The resource for job
<CODE>id
</CODE></TD></TR>
1286 <TR><TD><CODE>/printers
</CODE></TD><TD>The path for all printers
</TD></TR>
1287 <TR><TD><CODE>/printers/name
</CODE></TD><TD>The path for printer
<CODE>name
</CODE></TD></TR>
1288 <TR><TD><CODE>/printers/name.ppd
</CODE></TD><TD>The PPD file path for printer
<CODE>name
</CODE></TD></TR>
1292 <H3 CLASS=
"title"><A NAME=
"LogFilePerm">LogFilePerm
</A></H3>
1296 <PRE CLASS=
"command">
1301 <H4>Description
</H4>
1303 <P>The
<CODE>LogFilePerm
</CODE> directive specifies the
1304 permissions to use when writing configuration files. The default
1308 <H3 CLASS=
"title"><A NAME=
"LogLevel">LogLevel
</A></H3>
1312 <PRE CLASS=
"command">
1325 <H4>Description
</H4>
1327 <P>The
<CODE>LogLevel
</CODE> directive specifies the level of
1328 logging for the
<A HREF=
"#ErrorLog"><CODE>ErrorLog
</CODE></A>
1329 file. The following values are recognized (each level logs
1330 everything under the preceding levels):
</P>
1334 <LI><CODE>none
</CODE> - Log nothing
</LI>
1336 <LI><CODE>emerg
</CODE> - Log emergency conditions that
1337 prevent the server from running
</LI>
1339 <LI><CODE>alert
</CODE> - Log alerts that must be handled
1342 <LI><CODE>crit
</CODE> - Log critical errors that don't
1343 prevent the server from running
</LI>
1345 <LI><CODE>error
</CODE> - Log general errors
</LI>
1347 <LI><CODE>warn
</CODE> - Log errors and warnings
</LI>
1349 <LI><CODE>notice
</CODE> - Log temporary error conditions
</LI>
1351 <LI><CODE>info
</CODE> - Log all requests and state
1352 changes (default)
</LI>
1354 <LI><CODE>debug
</CODE> - Log basic debugging
1357 <LI><CODE>debug2
</CODE> - Log all debugging
1363 <H3 CLASS=
"title"><A NAME=
"MaxClients">MaxClients
</A></H3>
1367 <PRE CLASS=
"command">
1372 <H4>Description
</H4>
1374 <P>The
<CODE>MaxClients
</CODE> directive controls the maximum
1375 number of simultaneous clients that will be allowed by the
1376 server. The default is
100 clients.
</P>
1378 <BLOCKQUOTE><B>Note:
</B>
1380 <P>Since each print job requires a file descriptor for the status
1381 pipe, the scheduler internally limits the
<CODE>MaxClients
</CODE>
1382 value to
1/
3 of the available file descriptors to avoid possible
1383 problems when printing large numbers of jobs.
</P>
1388 <H3 CLASS=
"title"><A NAME=
"MaxClientsPerHost">MaxClientsPerHost
</A></H3>
1392 <PRE CLASS=
"command">
1393 MaxClientsPerHost
10
1396 <H4>Description
</H4>
1398 <P>The
<CODE>MaxClientsPerHost
</CODE> directive controls the
1399 maximum number of simultaneous clients that will be allowed from
1400 a single host by the server. The default is the
1401 <CODE>MaxClients
</CODE> value.
</P>
1403 <P>This directive provides a small measure of protection against
1404 Denial of Service attacks from a single host.
</P>
1407 <H3 CLASS=
"title"><A NAME=
"MaxCopies">MaxCopies
</A></H3>
1411 <PRE CLASS=
"command">
1416 <H4>Description
</H4>
1418 <P>The
<CODE>MaxCopies
</CODE> directive controls the maximum
1419 number of copies that a user can print of a job. The default is
1422 <BLOCKQUOTE><B>Note:
</B>
1424 <P>Most HP PCL laser printers internally limit the number of
1431 <H3 CLASS=
"title"><A NAME=
"MaxJobs">MaxJobs
</A></H3>
1435 <PRE CLASS=
"command">
1441 <H4>Description
</H4>
1443 <P>The
<CODE>MaxJobs
</CODE> directive controls the maximum number
1444 of jobs that are kept in memory. Once the number of jobs reaches
1445 the limit, the oldest completed job is automatically purged from
1446 the system to make room for the new one. If all of the known jobs
1447 are still pending or active then the new job will be
1450 <P>Setting the maximum size to
0 disables this functionality. The
1451 default setting is
0.
</P>
1454 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerPrinter">MaxJobsPerPrinter
</A></H3>
1458 <PRE CLASS=
"command">
1459 MaxJobsPerPrinter
100
1460 MaxJobsPerPrinter
9999
1464 <H4>Description
</H4>
1466 <P>The
<CODE>MaxJobsPerPrinter
</CODE> directive controls the
1467 maximum number of active jobs that are allowed for each printer
1468 or class. Once a printer or class reaches the limit, new jobs
1469 will be rejected until one of the active jobs is completed,
1470 stopped, aborted, or canceled.
</P>
1472 <P>Setting the maximum to
0 disables this functionality. The
1473 default setting is
0.
</P>
1476 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerUser">MaxJobsPerUser
</A></H3>
1480 <PRE CLASS=
"command">
1486 <H4>Description
</H4>
1488 <P>The
<CODE>MaxJobsPerUser
</CODE> directive controls the maximum
1489 number of active jobs that are allowed for each user. Once a user
1490 reaches the limit, new jobs will be rejected until one of the
1491 active jobs is completed, stopped, aborted, or canceled.
</P>
1493 <P>Setting the maximum to
0 disables this functionality. The
1494 default setting is
0.
</P>
1497 <H3 CLASS=
"title"><A NAME=
"MaxLogSize">MaxLogSize
</A></H3>
1501 <PRE CLASS=
"command">
1507 <H4>Description
</H4>
1509 <P>The
<CODE>MaxLogSize
</CODE> directive controls the maximum
1510 size of each log file. Once a log file reaches or exceeds the
1511 maximum size it is closed and renamed to
<VAR>filename.O
</VAR>.
1512 This allows you to rotate the logs automatically. The default
1513 size is
1048576 bytes (
1MB).
</P>
1515 <P>Setting the maximum size to
0 disables log rotation.
</P>
1518 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"MaxRequestSize">MaxRequestSize
</A></H3>
1522 <PRE CLASS=
"command">
1523 MaxRequestSize
10485760
1528 <H4>Description
</H4>
1530 <P>The
<CODE>MaxRequestSize
</CODE> directive controls the maximum
1531 size of print files, IPP requests, and HTML form data in HTTP
1532 POST requests. The default limit is
0 which disables the limit
1535 <P><B>This directive is deprecated and will be replaced in a
1536 future CUPS release.
</B> Use the
<A
1537 HREF=
"#LimitRequestBody"><CODE>LimitRequestBody
</CODE></A>
1538 directive instead.
</P>
1541 <H3 CLASS=
"title"><A NAME=
"Order">Order
</A></H3>
1545 <PRE CLASS=
"command">
1550 <H4>Description
</H4>
1552 <P>The
<CODE>Order
</CODE> directive defines the default access
1553 control. The following values are supported:
</P>
1557 <LI><CODE>allow,deny
</CODE> - Deny requests by default,
1558 then check the
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>
1559 lines followed by the
<A
1560 HREF=
"#Deny"><CODE>Deny
</CODE></A> lines
</LI>
1562 <LI><CODE>deny,allow
</CODE> - Allow requests by default,
1563 then check the
<A HREF=
"#Deny"><CODE>Deny
</CODE></A>
1564 lines followed by the
<A
1565 HREF=
"#Allow"><CODE>Allow
</CODE></A> lines
</LI>
1569 <P>The
<CODE>Order
</CODE> directive must appear inside a
<A
1570 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
1573 <H3 CLASS=
"title"><A NAME=
"PageLog">PageLog
</A></H3>
1577 <PRE CLASS=
"command">
1578 PageLog /var/log/cups/page_log
1579 PageLog /var/log/cups/page_log-%s
1583 <H4>Description
</H4>
1585 <P>The
<CODE>PageLog
</CODE> directive sets the name of the page
1586 log file. If the filename is not absolute then it is assumed to
1587 be relative to the
<A
1588 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1589 default page log file is
<VAR>/var/log/cups/page_log
</VAR>.
</P>
1591 <P>The server name can be included in the filename by using
1592 <CODE>%s
</CODE> in the name.
</P>
1594 <P>The special name
"syslog" can be used to send the page
1595 information to the system log instead of a plain file.
</P>
1598 <H3 CLASS=
"title"><A NAME=
"Port">Port
</A></H3>
1602 <PRE CLASS=
"command">
1607 <H4>Description
</H4>
1609 <P>The
<CODE>Port
</CODE> directive specifies a port to listen on.
1610 Multiple
<CODE>Port
</CODE> lines can be specified to listen on
1611 multiple ports. The
<CODE>Port
</CODE> directive is equivalent to
1612 "<CODE>Listen *:nnn</CODE>". The default port is
631.
</P>
1614 <BLOCKQUOTE><B>Note:
</B>
1616 <P>On systems that support IPv6, this directive will bind to both
1617 the IPv4 and IPv6 wildcard address.
</P>
1622 <H3 CLASS=
"title"><A NAME=
"PreserveJobHistory">PreserveJobHistory
</A></H3>
1626 <PRE CLASS=
"command">
1627 PreserveJobHistory On
1628 PreserveJobHistory Off
1631 <H4>Description
</H4>
1633 <P>The
<CODE>PreserveJobHistory
</CODE> directive controls whether
1634 the history of completed, canceled, or aborted print jobs is
1637 <P>A value of
<CODE>On
</CODE> (the default) preserves job
1638 information until the administrator purges it with the
1639 <CODE>cancel
</CODE> command.
</P>
1641 <P>A value of
<CODE>Off
</CODE> removes the job information as
1642 soon as each job is completed, canceled, or aborted.
</P>
1645 <H3 CLASS=
"title"><A NAME=
"PreserveJobFiles">PreserveJobFiles
</A></H3>
1649 <PRE CLASS=
"command">
1651 PreserveJobFiles Off
1654 <H4>Description
</H4>
1656 <P>The
<CODE>PreserveJobFiles
</CODE> directive controls whether
1657 the document files of completed, canceled, or aborted print jobs
1658 are stored on disk.
</P>
1660 <P>A value of
<CODE>On
</CODE> preserves job files until the
1661 administrator purges them with the
<CODE>cancel
</CODE> command.
1662 Jobs can be restarted (and reprinted) as desired until they are
1665 <P>A value of
<CODE>Off
</CODE> (the default) removes the job
1666 files as soon as each job is completed, canceled, or aborted.
</P>
1669 <H3 CLASS=
"title"><A NAME=
"Printcap">Printcap
</A></H3>
1673 <PRE CLASS=
"command">
1675 Printcap /etc/printcap
1676 Printcap /etc/printers.conf
1679 <H4>Description
</H4>
1681 <P>The
<CODE>Printcap
</CODE> directive controls whether or not a
1682 printcap file is automatically generated and updated with a list
1683 of available printers. If specified with no value, then no
1684 printcap file will be generated. The default is to generate a
1685 file named
<VAR>/etc/printcap
</VAR>.
</P>
1687 <P>When a filename is specified (e.g.
<VAR>/etc/printcap
</VAR>),
1688 the printcap file is written whenever a printer is added or
1689 removed. The printcap file can then be used by applications that
1690 are hardcoded to look at the printcap file for the available
1694 <H3 CLASS=
"title"><A NAME=
"PrintcapFormat">PrintcapFormat
</A></H3>
1698 <PRE CLASS=
"command">
1700 PrintcapFormat Solaris
1703 <H4>Description
</H4>
1705 <P>The
<CODE>PrintcapFormat
</CODE> directive controls the output
1706 format of the printcap file. The default is to generate a BSD
1710 <H3 CLASS=
"title"><A NAME=
"RemoteRoot">RemoteRoot
</A></H3>
1714 <PRE CLASS=
"command">
1719 <H4>Description
</H4>
1721 <P>The
<CODE>RemoteRoot
</CODE> directive sets the username for
1722 unauthenticated root requests from remote hosts. The default
1723 username is
<VAR>remroot
</VAR>. Setting
<CODE>RemoteRoot
</CODE>
1724 to
<VAR>root
</VAR> effectively disables this security
1728 <H3 CLASS=
"title"><A NAME=
"RequestRoot">RequestRoot
</A></H3>
1732 <PRE CLASS=
"command">
1733 RequestRoot /var/spool/cups
1734 RequestRoot /foo/bar/spool/cups
1737 <H4>Description
</H4>
1739 <P>The
<CODE>RequestRoot
</CODE> directive sets the directory for
1740 incoming IPP requests and HTML forms. If an absolute path is not
1741 provided then it is assumed to be relative to the
<A
1742 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1743 default request directory is
<VAR>/var/spool/cups
</VAR>.
</P>
1746 <H3 CLASS=
"title"><A NAME=
"Require">Require
</A></H3>
1750 <PRE CLASS=
"command">
1751 Require group foo bar
1752 Require user john mary
1754 Require user @groupname
1755 Require user @SYSTEM
1759 <H4>Description
</H4>
1761 <P>The
<CODE>Require
</CODE> directive specifies that
1762 authentication is required for the resource. The
1763 <CODE>group
</CODE> keyword specifies that the authenticated user
1764 must be a member of one or more of the named groups that
1767 <P>The
<CODE>user
</CODE> keyboard specifies that the
1768 authenticated user must be one of the named users or groups that
1769 follow. Group names are specified using the
"@" prefix.
</P>
1771 <P>The
<CODE>valid-user
</CODE> keyword specifies that any
1772 authenticated user may access the resource.
</P>
1774 <P>The default is to do no authentication. This directive must
1775 appear inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1779 <H3 CLASS=
"title"><A NAME=
"RIPCache">RIPCache
</A></H3>
1783 <PRE CLASS=
"command">
1789 <H4>Description
</H4>
1791 <P>The
<CODE>RIPCache
</CODE> directive sets the size of the
1792 memory cache used by Raster Image Processor (
"RIP") filters such
1793 as
<CODE>imagetoraster
</CODE> and
<CODE>pstoraster
</CODE>. The
1794 size can be suffixed with a
"k" for kilobytes,
"m" for megabytes,
1795 or
"g" for gigabytes. The default cache size is
"8m", or
8
1799 <H3 CLASS=
"title"><A NAME=
"Satisfy">Satisfy
</A></H3>
1803 <PRE CLASS=
"command">
1808 <H4>Description
</H4>
1810 <P>The
<CODE>Satisfy
</CODE> directive specifies whether all
1811 conditions must be satisfied to allow access to the resource. If
1812 set to
<CODE>all
</CODE>, then all authentication and access
1813 control conditions must be satified to allow access.
</P>
1815 <P>Setting
<CODE>Satisfy
</CODE> to
<CODE>any
</CODE> allows a user
1816 to gain access if the authentication or access control
1817 requirements are satisfied. For example, you might require
1818 authentication for remote access, but allow local access without
1821 <P>The default is
<CODE>all
</CODE>. This directive must appear
1822 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1826 <H3 CLASS=
"title"><A NAME=
"ServerAdmin">ServerAdmin
</A></H3>
1830 <PRE CLASS=
"command">
1831 ServerAdmin user@host
1832 ServerAdmin root@foo.bar.com
1835 <H4>Description
</H4>
1837 <P>The
<CODE>ServerAdmin
</CODE> directive identifies the email
1838 address for the administrator on the system. By default the
1839 administrator email address is
<CODE>root@server
</CODE>, where
1840 <CODE>server
</CODE> is the server name.
</P>
1843 <H3 CLASS=
"title"><A NAME=
"ServerBin">ServerBin
</A></H3>
1847 <PRE CLASS=
"command">
1848 ServerBin /usr/lib/cups
1849 ServerBin /foo/bar/lib/cups
1852 <H4>Description
</H4>
1854 <P>The
<CODE>ServerBin
</CODE> directive sets the directory for
1855 server-run executables. If an absolute path is not provided then
1856 it is assumed to be relative to the
<A
1857 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1858 default executable directory is
<VAR>/usr/lib/cups
</VAR> or
1859 <VAR>/usr/lib32/cups
</VAR> (IRIX
6.5).
</P>
1862 <H3 CLASS=
"title"><A NAME=
"ServerCertificate">ServerCertificate
</A></H3>
1866 <PRE CLASS=
"command">
1867 ServerCertificate /etc/cups/ssl/server.crt
1870 <H4>Description
</H4>
1872 <P>The
<CODE>ServerCertificate
</CODE> directive specifies the
1873 location of the SSL certificate file used by the server when
1874 negotiating encrypted connections. The certificate must not be
1875 encrypted (password protected) since the scheduler normally runs
1876 in the background and will be unable to ask for a password.
</P>
1878 <P>The default certificate file is
1879 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1882 <H3 CLASS=
"title"><A NAME=
"ServerKey">ServerKey
</A></H3>
1886 <PRE CLASS=
"command">
1887 ServerKey /etc/cups/ssl/server.key
1890 <H4>Description
</H4>
1892 <P>The
<CODE>ServerKey
</CODE> directive specifies the location of
1893 the SSL private key file used by the server when negotiating
1894 encrypted connections.
</P>
1896 <P>The default key file is
1897 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1900 <H3 CLASS=
"title"><A NAME=
"ServerName"></A>ServerName
</H3>
1904 <PRE CLASS=
"command">
1905 ServerName foo.domain.com
1906 ServerName myserver.domain.com
1909 <H4>Description
</H4>
1911 <P>The
<CODE>ServerName
</CODE> directive specifies the hostname
1912 that is reported to clients. By default the server name is the
1916 <H3 CLASS=
"title"><A NAME=
"ServerRoot">ServerRoot
</A></H3>
1920 <PRE CLASS=
"command">
1921 ServerRoot /etc/cups
1922 ServerRoot /foo/bar/cups
1925 <H4>Description
</H4>
1927 <P>The
<CODE>ServerRoot
</CODE> directive specifies the absolute
1928 path to the server configuration and state files. It is also used
1929 to resolve relative paths in the
<VAR>cupsd.conf
</VAR> file. The
1930 default server directory is
<VAR>/etc/cups
</VAR>.
</P>
1933 <H3 CLASS=
"title"><A NAME=
"SSLListen">SSLListen
</A></H3>
1937 <PRE CLASS=
"command">
1938 SSLListen
127.0.0.1:
443
1939 SSLListen
192.0.2.1:
443
1942 <H4>Description
</H4>
1944 <P>The
<CODE>SSLListen
</CODE> directive specifies a network
1945 address and port to listen for secure connections. Multiple
1946 <CODE>SSLListen
</CODE> directives can be provided to listen on
1947 multiple addresses.
</P>
1949 <P>The
<CODE>SSLListen
</CODE> directive is similar to the
<A
1950 HREF=
"#SSLPort"><CODE>SSLPort
</CODE></A> directive but allows you
1951 to restrict access to specific interfaces or networks.
</P>
1954 <H3 CLASS=
"title"><A NAME=
"SSLPort">SSLPort
</A></H3>
1958 <PRE CLASS=
"command">
1962 <H4>Description
</H4>
1964 <P>The
<CODE>SSLPort
</CODE> directive specifies a port to listen
1965 on for secure connections. Multiple
<CODE>SSLPort
</CODE> lines
1966 can be specified to listen on multiple ports.
</P>
1969 <H3 CLASS=
"title"><A NAME=
"SystemGroup">SystemGroup
</A></H3>
1973 <PRE CLASS=
"command">
1980 <H4>Description
</H4>
1982 <P>The
<CODE>SystemGroup
</CODE> directive specifies the system
1983 administration group for
<CODE>System
</CODE> authentication.
</P>
1986 <H3 CLASS=
"title"><A NAME=
"TempDir">TempDir
</A></H3>
1990 <PRE CLASS=
"command">
1992 TempDir /foo/bar/tmp
1995 <H4>Description
</H4>
1997 <P>The
<CODE>TempDir
</CODE> directive specifies an absolute path
1998 for the directory to use for temporary files. The default
1999 directory is
<VAR>/var/spool/cups/tmp
</VAR>.
</P>
2001 <P>Temporary directories must be world-writable and should have
2002 the
"sticky" permission bit enabled so that other users cannot
2003 delete filter temporary files. The following commands will create
2004 an appropriate temporary directory called
2005 <VAR>/foo/bar/tmp
</VAR>:
</P>
2007 <PRE CLASS=
"command">
2008 <KBD>mkdir /foo/bar/tmp
</KBD>
2009 <KBD>chmod a+rwxt /foo/bar/tmp
</KBD>
2013 <H3 CLASS=
"title"><A NAME=
"Timeout">Timeout
</A></H3>
2017 <PRE CLASS=
"command">
2022 <H4>Description
</H4>
2024 <P>The
<CODE>Timeout
</CODE> directive controls the amount of time
2025 to wait before an active HTTP or IPP request times out. The
2026 default timeout is
300 seconds.
</P>
2029 <H3 CLASS=
"title"><A NAME=
"User">User
</A></H3>
2033 <PRE CLASS=
"command">
2038 <H4>Description
</H4>
2040 <P>The
<CODE>User
</CODE> directive specifies the UNIX user that
2041 filter and CGI programs run as. The default user is
2042 <CODE>lp
</CODE>.
</P>
2044 <BLOCKQUOTE><B>Note:
</B>
2046 <P>You may not use user
<CODE>root
</CODE>, as that would expose
2047 the system to unacceptable security risks. The scheduler will
2048 automatically choose user
<CODE>nobody
</CODE> if you specify a
2049 user whose ID is
0.
</P>