2 <!-- SECTION: References -->
4 <TITLE>cupsd.conf
</TITLE>
28 <P>The
<VAR>/etc/cups/cupsd.conf
</VAR> file contains
29 configuration
<I>directives
</I> that control how the server
30 functions. Each directive is listed on a line by itself followed
31 by its value. Comments are introduced using the number sign (
"#")
32 character at the beginning of a line.
</P>
34 <P>Since the server configuration file consists of plain text,
35 you can use your favorite text editor to make changes to it.
36 After making any changes, restart the
<CODE>cupsd(
8)
</CODE>
37 process using the startup script for your operating system:
</P>
43 /etc/init.d/cups restart
48 /sbin/init.d/cups restart
53 /etc/init.d/cups restart
58 /etc/init.d/cups restart
63 /System/Library/StartupItems/PrintingServices/PrintingServices restart
68 /etc/init.d/cups restart
73 <P>You can also edit this file from the CUPS web interface, which
74 automatically handles restarting the scheduler.
</P>
77 <H3 CLASS=
"title"><A NAME=
"AccessLog">AccessLog
</A></H3>
82 AccessLog /var/log/cups/access_log
83 AccessLog /var/log/cups/access_log-%s
89 <P>The
<CODE>AccessLog
</CODE> directive sets the name of the
90 access log file. If the filename is not absolute then it is
91 assumed to be relative to the
<A
92 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
93 access log file is stored in
"common log format" and can be used
94 by any web access reporting tool to generate a report on CUPS
97 <P>The server name can be included in the filename by using
98 <CODE>%s
</CODE> in the name.
</P>
100 <P>The special name
"syslog" can be used to send the access
101 information to the system log instead of a plain file.
</P>
103 <P>The default access log file is
104 <VAR>/var/log/cups/access_log
</VAR>.
</P>
107 <H3 CLASS=
"title"><A NAME=
"Allow">Allow
</A></H3>
111 <PRE CLASS=
"command">
114 Allow from *.domain.com
115 Allow from .domain.com
116 Allow from host.domain.com
119 Allow from nnn.nnn.nnn.*
120 Allow from nnn.nnn.nnn.nnn
121 Allow from nnn.nnn.nnn.nnn/mm
122 Allow from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
123 Allow from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
130 <P>The
<CODE>Allow
</CODE> directive specifies a hostname, IP address,
131 or network that is allowed access to the server.
<CODE>Allow
</CODE>
132 directives are cummulative, so multiple
<CODE>Allow
</CODE> directives
133 can be used to allow access for multiple hosts or networks. The
134 <CODE>/mm
</CODE> notation specifies a CIDR netmask:
</P>
136 <DIV CLASS=
"table"><TABLE>
138 <TH WIDTH=
"10%">mm
</TH>
139 <TH WIDTH=
"20%">netmask
</TH>
140 <TH WIDTH=
"10%">mm
</TH>
141 <TH WIDTH=
"20%">netmask
</TH>
144 <TD ALIGN=
"CENTER">0</TD>
145 <TD ALIGN=
"CENTER">0.0.0.0</TD>
146 <TD ALIGN=
"CENTER">8</TD>
147 <TD ALIGN=
"CENTER">255.0.0.0</TD>
150 <TD ALIGN=
"CENTER">1</TD>
151 <TD ALIGN=
"CENTER">128.0.0.0</TD>
152 <TD ALIGN=
"CENTER">16</TD>
153 <TD ALIGN=
"CENTER">255.255.0.0</TD>
156 <TD ALIGN=
"CENTER">2</TD>
157 <TD ALIGN=
"CENTER">192.0.0.0</TD>
158 <TD ALIGN=
"CENTER">24</TD>
159 <TD ALIGN=
"CENTER">255.255.255.0</TD>
162 <TD ALIGN=
"CENTER">...
</TD>
163 <TD ALIGN=
"CENTER">...
</TD>
164 <TD ALIGN=
"CENTER">32</TD>
165 <TD ALIGN=
"CENTER">255.255.255.255</TD>
169 <P>The
<CODE>@LOCAL
</CODE> name will allow access from all local
170 interfaces. The
<CODE>@IF(name)
</CODE> name will allow access
171 from the named interface.
</P>
173 <P>The
<CODE>Allow
</CODE> directive must appear inside a
<A
174 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
177 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthClass">AuthClass
</A></H3>
181 <PRE CLASS=
"command">
190 <P>The
<CODE>AuthClass
</CODE> directive defines what level of
191 authentication is required:
</P>
195 <LI><CODE>Anonymous
</CODE> - No authentication should be
196 performed (default)
</LI>
198 <LI><CODE>User
</CODE> - A valid username and password is
201 <LI><CODE>System
</CODE> - A valid username and password
202 is required, and the username must belong to the
"sys"
203 group; this can be changed using the
<A
204 HREF=
"#SystemGroup"><CODE>SystemGroup
</CODE></A>
207 <LI><CODE>Group
</CODE> - A valid username and password is
208 required, and the username must belong to the group named
210 HREF=
"#AuthGroupName"><CODE>AuthGroupName
</CODE></A>
215 <P>The
<CODE>AuthClass
</CODE> directive must appear inside a
<A
216 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
218 <P><B>This directive is deprecated and will be removed from a
219 future release of CUPS.
</B> Consider using the more flexible
<A
220 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
223 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"AuthGroupName">AuthGroupName
</A></H3>
227 <PRE CLASS=
"command">
228 AuthGroupName mygroup
234 <P>The
<CODE>AuthGroupName
</CODE> directive sets the group to use
235 for
<CODE>Group
</CODE> authentication.
</P>
237 <P>The
<CODE>AuthGroupName
</CODE> directive must appear inside a
238 <A HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
240 <P><B>This directive is deprecated and will be removed from a
241 future release of CUPS.
</B> Consider using the more flexible
<A
242 HREF=
"#Require"><CODE>Require
</CODE></A> directive instead.
</P>
245 <H3 CLASS=
"title"><A NAME=
"AuthType">AuthType
</A></H3>
249 <PRE CLASS=
"command">
258 <P>The
<CODE>AuthType
</CODE> directive defines the type of
259 authentication to perform:
</P>
263 <LI><CODE>None
</CODE> - No authentication should be
264 performed (default)
</LI>
266 <LI><CODE>Basic
</CODE> - Basic authentication should be
267 performed using the UNIX password and group files
</LI>
269 <LI><CODE>Digest
</CODE> - Digest authentication should be
270 performed using the
<VAR>/etc/cups/passwd.md5
</VAR>
273 <LI><CODE>BasicDigest
</CODE> - Basic authentication
274 should be performed using the
275 <VAR>/etc/cups/passwd.md5
</VAR> file
</LI>
279 <P>When using
<CODE>Basic
</CODE>,
<CODE>Digest
</CODE>, or
280 <CODE>BasicDigest
</CODE> authentication, clients connecting
281 through the
<CODE>localhost
</CODE> interface can also
282 authenticate using certificates.
</P>
284 <P>The
<CODE>AuthType
</CODE> directive must appear inside a
<A
285 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
288 <H3 CLASS=
"title"><A NAME=
"AutoPurgeJobs">AutoPurgeJobs
</A></H3>
292 <PRE CLASS=
"command">
299 <P>The
<CODE>AutoPurgeJobs
</CODE> directive specifies whether or
300 not to purge completed jobs once they are no longer required for
301 quotas. This option has no effect if quotas are not enabled. The
302 default setting is
<CODE>No
</CODE>.
</P>
305 <H3 CLASS=
"title"><A NAME=
"BrowseAddress">BrowseAddress
</A></H3>
309 <PRE CLASS=
"command">
310 BrowseAddress
255.255.255.255:
631
311 BrowseAddress
192.0.2.255:
631
312 BrowseAddress host.domain.com:
631
314 BrowseAddress @IF(name)
319 <P>The
<CODE>BrowseAddress
</CODE> directive specifies an address
320 to send browsing information to. Multiple
321 <CODE>BrowseAddress
</CODE> directives can be specified to send
322 browsing information to different networks or systems.
</P>
324 <P>The
<CODE>@LOCAL
</CODE> name will broadcast printer
325 information to all local interfaces. The
<CODE>@IF(name)
</CODE>
326 name will broadcast to the named interface.
</P>
328 <P>There is no default browse address.
</P>
330 <BLOCKQUOTE><B>Note:
</B>
332 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
333 16, or
8 bits, printer browsing (and in fact all broadcast
334 reception) will not work. This problem appears to be fixed in
340 <H3 CLASS=
"title"><A NAME=
"BrowseAllow">BrowseAllow
</A></H3>
344 <PRE CLASS=
"command">
346 BrowseAllow from none
347 BrowseAllow from
192.0.2
348 BrowseAllow from
192.0.2.0/
24
349 BrowseAllow from
192.0.2.0/
255.255.255.0
350 BrowseAllow from *.domain.com
351 BrowseAllow from @LOCAL
352 BrowseAllow from @IF(name)
357 <P>The
<CODE>BrowseAllow
</CODE> directive specifies a system or
358 network to accept browse packets from. The default is to accept
359 browse packets from all hosts.
</P>
361 <P>Host and domain name matching require that you enable the
<A
362 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
365 <P>IP address matching supports exact matches, partial addresses
366 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
367 255.255.255.0, or network addresses using the specified netmask
370 <P>The
<CODE>@LOCAL
</CODE> name will allow browse data from all
371 local interfaces. The
<CODE>@IF(name)
</CODE> name will allow
372 browse data from the named interface.
</P>
375 <H3 CLASS=
"title"><A NAME=
"BrowseDeny">BrowseDeny
</A></H3>
379 <PRE CLASS=
"command">
382 BrowseDeny from
192.0.2
383 BrowseDeny from
192.0.2.0/
24
384 BrowseDeny from
192.0.2.0/
255.255.255.0
385 BrowseDeny from *.domain.com
386 BrowseDeny from @LOCAL
387 BrowseDeny from @IF(name)
392 <P>The
<CODE>BrowseDeny
</CODE> directive specifies a system or
393 network to reject browse packets from. The default is to not deny
394 browse packets from any hosts.
</P>
396 <P>Host and domain name matching require that you enable the
<A
397 HREF=
"#HostNameLookups"><CODE>HostNameLookups
</CODE></A>
400 <P>IP address matching supports exact matches, partial addresses
401 that match networks using netmasks of
255.0.0.0,
255.255.0.0, and
402 255.255.255.0, or network addresses using the specified netmask
405 <P>The
<CODE>@LOCAL
</CODE> name will block browse data from all
406 local interfaces. The
<CODE>@IF(name)
</CODE> name will block
407 browse data from the named interface.
</P>
410 <H3 CLASS=
"title"><A NAME=
"BrowseOrder">BrowseOrder
</A></H3>
414 <PRE CLASS=
"command">
415 BrowseOrder allow,deny
416 BrowseOrder deny,allow
421 <P>The
<CODE>BrowseOrder
</CODE> directive specifies the order of
422 allow/deny processing. The default order is
423 <CODE>deny,allow
</CODE>:
</P>
427 <LI><CODE>allow,deny
</CODE> - Deny browse packets by
428 default, then check
<CODE>BrowseAllow
</CODE> lines
429 followed by
<CODE>BrowseDeny
</CODE> lines.
</LI>
431 <LI><CODE>deny,allow
</CODE> - Allow browse packets by
432 default, then check
<CODE>BrowseDeny
</CODE> lines
433 followed by
<CODE>BrowseAllow
</CODE> lines.
</LI>
438 <H3 CLASS=
"title"><A NAME=
"BrowseInterval">BrowseInterval
</A></H3>
442 <PRE CLASS=
"command">
449 <P>The
<CODE>BrowseInterval
</CODE> directive specifies the
450 maximum amount of time between browsing updates. Specifying a
451 value of
0 seconds disables outgoing browse updates but allows a
452 server to receive printer information from other hosts.
</P>
454 <P>The
<CODE>BrowseInterval
</CODE> value should always be less
455 than the
<A HREF=
"#BrowseTimeout"><CODE>BrowseTimeout
</CODE></A>
456 value. Otherwise printers and classes will disappear from client
457 systems between updates.
</P>
460 <H3 CLASS=
"title"><A NAME=
"BrowsePoll">BrowsePoll
</A></H3>
464 <PRE CLASS=
"command">
465 BrowsePoll
192.0.2.2:
631
466 BrowsePoll host.domain.com:
631
471 <P>The
<CODE>BrowsePoll
</CODE> directive polls a server for
472 available printers once every
<A
473 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> seconds.
474 Multiple
<CODE>BrowsePoll
</CODE> directives can be specified to
475 poll multiple servers.
</P>
477 <P>If
<CODE>BrowseInterval
</CODE> is set to
0 then the server is
478 polled once every
30 seconds.
</P>
481 <H3 CLASS=
"title"><A NAME=
"BrowsePort">BrowsePort
</A></H3>
485 <PRE CLASS=
"command">
492 <P>The
<CODE>BrowsePort
</CODE> directive specifies the UDP port number
493 used for browse packets. The default port number is
631.
</P>
495 <BLOCKQUOTE><B>Note:
</B>
497 <P>You must set the
<CODE>BrowsePort
</CODE> to the same value
498 on all of the systems that you want to see.
503 <H3 CLASS=
"title"><A NAME=
"BrowseProtocols">BrowseProtocols
</A></H3>
507 <PRE CLASS=
"command">
510 BrowseProtocols CUPS SLP
516 <P>The
<CODE>BrowseProtocols
</CODE> directive specifies the
517 protocols to use when collecting and distributing shared printers
518 on the local network. The default protocol is
<CODE>CUPS
</CODE>,
519 which is a broadcast-based protocol.
</P>
521 <BLOCKQUOTE><B>Note:
</B>
523 <P>When using the
<CODE>SLP
</CODE> protocol, you must have at least
524 one Directory Agent (DA) server on your network. Otherwise the
525 CUPS scheduler (
<CODE>cupsd
</CODE>) will not respond to client
526 requests for several seconds while polling the network.
</P>
531 <H3 CLASS=
"title"><A NAME=
"BrowseRelay">BrowseRelay
</A></H3>
535 <PRE CLASS=
"command">
536 BrowseRelay
193.0.2.1 192.0.2.255
537 BrowseRelay
193.0.2.0/
255.255.255.0 192.0.2.255
538 BrowseRelay
193.0.2.0/
24 192.0.2.255
539 BrowseRelay *.domain.com
192.0.2.255
540 BrowseRelay host.domain.com
192.0.2.255
545 <P>The
<CODE>BrowseRelay
</CODE> directive specifies source and
546 destination addresses for relaying browsing information from one
547 host or network to another. Multiple
<CODE>BrowseRelay
</CODE>
548 directives can be specified as needed.
</P>
550 <P><CODE>BrowseRelay
</CODE> is typically used on systems that
551 bridge multiple subnets using one or more network interfaces. It
552 can also be used to relay printer information from polled servers
555 <PRE CLASS=
"command">
556 BrowseRelay
127.0.0.1 @LOCAL
559 <P>This effectively provides access to printers on a WAN for all
560 clients on the LAN(s).
</P>
563 <H3 CLASS=
"title"><A NAME=
"BrowseShortNames">BrowseShortNames
</A></H3>
567 <PRE CLASS=
"command">
574 <P>The
<CODE>BrowseShortNames
</CODE> directive specifies whether
575 or not short names are used for remote printers when possible.
576 Short names are just the remote printer name, without the server
577 (
"printer"). If more than one remote printer is detected with the
578 same name, the printers will have long names (
"printer@server1",
579 "printer@server2".)
</P>
581 <P>The default value for this option is
<CODE>Yes
</CODE>.
</P>
584 <H3 CLASS=
"title"><A NAME=
"BrowseTimeout">BrowseTimeout
</A></H3>
588 <PRE CLASS=
"command">
595 <P>The
<CODE>BrowseTimeout
</CODE> directive sets the timeout for
596 printer or class information that is received in browse packets.
597 Once a printer or class times out it is removed from the list of
598 available destinations.
</P>
600 <P>The
<CODE>BrowseTimeout
</CODE> value should always be greater
602 HREF=
"#BrowseInterval"><CODE>BrowseInterval
</CODE></A> value.
603 Otherwise printers and classes will disappear from client systems
607 <H3 CLASS=
"title"><A NAME=
"Browsing">Browsing
</A></H3>
611 <PRE CLASS=
"command">
618 <P>The
<CODE>Browsing
</CODE> directive controls whether or not
619 network printer browsing is enabled. The default setting is
622 <P>This directive does not enable sharing of local printers by
623 itself; you must also use the
<A
624 HREF=
"#BrowseAddress"><CODE>BrowseAddress
</CODE></A> or
<A
625 HREF=
"#BrowseProtocols"><CODE>BrowseProtocols
</CODE></A>
626 directives to advertise local printers to other systems.
</P>
628 <BLOCKQUOTE><B>Note:
</B>
630 <P>If you are using HP-UX
10.20 and a subnet that is not
24,
631 16, or
8 bits, printer browsing (and in fact all broadcast
632 reception) will not work. This problem appears to be fixed in
638 <H3 CLASS=
"title"><A NAME=
"Classification">Classification
</A></H3>
642 <PRE CLASS=
"command">
644 Classification classified
645 Classification confidential
646 Classification secret
647 Classification topsecret
648 Classification unclassified
653 <P>The
<CODE>Classification
</CODE> directive sets the
654 classification level on the server. When this option is set, at
655 least one of the banner pages is forced to the classification
656 level, and the classification is placed on each page of output.
657 The default is no classification level.
</P>
660 <H3 CLASS=
"title"><A NAME=
"ClassifyOverride">ClassifyOverride
</A></H3>
664 <PRE CLASS=
"command">
671 <P>The
<CODE>ClassifyOverride
</CODE> directive specifies whether
672 users can override the default classification level on the
673 server. When the server classification is set, users can change
674 the classification using the
<CODE>job-sheets
</CODE> option and
675 can choose to only print one security banner before or after the
676 job. If the
<CODE>job-sheets
</CODE> option is set to
677 <CODE>none
</CODE> then the server default classification is
680 <P>The default is to not allow classification overrides.
</P>
683 <H3 CLASS=
"title"><A NAME=
"ConfigFilePerm">ConfigFilePerm
</A></H3>
687 <PRE CLASS=
"command">
694 <P>The
<CODE>ConfigFilePerm
</CODE> directive specifies the
695 permissions to use when writing configuration files. The default
699 <H3 CLASS=
"title"><A NAME=
"DataDir">DataDir
</A></H3>
703 <PRE CLASS=
"command">
704 DataDir /usr/share/cups
709 <P>The
<CODE>DataDir
</CODE> directive sets the directory to use
713 <H3 CLASS=
"title"><A NAME=
"DefaultCharset">DefaultCharset
</A></H3>
717 <PRE CLASS=
"command">
719 DefaultCharset iso-
8859-
1
720 DefaultCharset windows-
1251
725 <P>The
<CODE>DefaultCharset
</CODE> directive sets the default
726 character set to use for client connections. The default
727 character set is
<CODE>utf-
8</CODE> but is overridden by the
728 character set for the language specified by the client or the
729 <CODE>DefaultLanguage
</CODE> directive.
</P>
732 <H3 CLASS=
"title"><A NAME=
"DefaultLanguage">DefaultLanguage
</A></H3>
736 <PRE CLASS=
"command">
746 <P>The
<CODE>DefaultLanguage
</CODE> directive specifies the
747 default language to use for client connections. Setting the
748 default language also sets the default character set if a
749 language localization file exists for it. The default language
750 is
"en" for English.
</P>
753 <H3 CLASS=
"title"><A NAME=
"Deny">Deny
</A></H3>
757 <PRE CLASS=
"command">
760 Deny from *.domain.com
761 Deny from .domain.com
762 Deny from host.domain.com
765 Deny from nnn.nnn.nnn.*
766 Deny from nnn.nnn.nnn.nnn
767 Deny from nnn.nnn.nnn.nnn/mm
768 Deny from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
769 Deny from xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
776 <P>The
<CODE>Deny
</CODE> directive specifies a hostname, IP
777 address, or network that is allowed access to the server.
778 <CODE>Deny
</CODE> directives are cummulative, so multiple
779 <CODE>Deny
</CODE> directives can be used to allow access for
780 multiple hosts or networks. The
<CODE>/mm
</CODE> notation
781 specifies a CIDR netmask:
</P>
783 <DIV CLASS=
"table"><TABLE>
785 <TH WIDTH=
"10%">mm
</TH>
786 <TH WIDTH=
"20%">netmask
</TH>
787 <TH WIDTH=
"10%">mm
</TH>
788 <TH WIDTH=
"20%">netmask
</TH>
791 <TD ALIGN=
"CENTER">0</TD>
792 <TD ALIGN=
"CENTER">0.0.0.0</TD>
793 <TD ALIGN=
"CENTER">8</TD>
794 <TD ALIGN=
"CENTER">255.0.0.0</TD>
797 <TD ALIGN=
"CENTER">1</TD>
798 <TD ALIGN=
"CENTER">128.0.0.0</TD>
799 <TD ALIGN=
"CENTER">16</TD>
800 <TD ALIGN=
"CENTER">255.255.0.0</TD>
803 <TD ALIGN=
"CENTER">2</TD>
804 <TD ALIGN=
"CENTER">192.0.0.0</TD>
805 <TD ALIGN=
"CENTER">24</TD>
806 <TD ALIGN=
"CENTER">255.255.255.0</TD>
809 <TD ALIGN=
"CENTER">...
</TD>
810 <TD ALIGN=
"CENTER">...
</TD>
811 <TD ALIGN=
"CENTER">32</TD>
812 <TD ALIGN=
"CENTER">255.255.255.255</TD>
816 <P>The
<CODE>@LOCAL
</CODE> name will deny access from all local
817 interfaces. The
<CODE>@IF(name)
</CODE> name will deny access from
818 the named interface.
</P>
820 <P>The
<CODE>Deny
</CODE> directive must appear inside a
<A
821 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
824 <H3 CLASS=
"title"><A NAME=
"DocumentRoot">DocumentRoot
</A></H3>
828 <PRE CLASS=
"command">
829 DocumentRoot /usr/share/doc/cups
830 DocumentRoot /foo/bar/doc/cups
835 <P>The
<CODE>DocumentRoot
</CODE> directive specifies the location
836 of web content for the HTTP server in CUPS. If an absolute path
837 is not specified then it is assumed to be relative to the
<A
838 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
839 default directory is
<VAR>/usr/share/doc/cups
</VAR>.
</P>
841 <P>Documents are first looked up in a sub-directory for the
842 primary language requested by the client (e.g.
843 <VAR>/usr/share/doc/cups/fr/...
</VAR>) and then directly under
844 the
<CODE>DocumentRoot
</CODE> directory (e.g.
845 <VAR>/usr/share/doc/cups/...
</VAR>), so it is possible to
846 localize the web content by providing subdirectories for each
850 <H3 CLASS=
"title"><A NAME=
"Encryption">Encryption
</A></H3>
854 <PRE CLASS=
"command">
856 Encryption IfRequested
862 <P>The
<CODE>Encryption
</CODE> directive must appear instead a
<A
863 HREF=
"#Location"><CODE>Location
</CODE></A> section and specifies
864 the encryption settings for that location. The default setting is
865 <CODE>IfRequested
</CODE> for all locations.
</P>
868 <H3 CLASS=
"title"><A NAME=
"ErrorLog">ErrorLog
</A></H3>
872 <PRE CLASS=
"command">
873 ErrorLog /var/log/cups/error_log
874 ErrorLog /var/log/cups/error_log-%s
880 <P>The
<CODE>ErrorLog
</CODE> directive sets the name of the error
881 log file. If the filename is not absolute then it is assumed to
882 be relative to the
<A
883 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
884 default error log file is
<VAR>/var/log/cups/error_log
</VAR>.
</P>
886 <P>The server name can be included in the filename by using
887 <CODE>%s
</CODE> in the name.
</P>
889 <P>The special name
"syslog" can be used to send the error
890 information to the system log instead of a plain file.
</P>
893 <H3 CLASS=
"title"><A NAME=
"FileDevice">FileDevice
</A></H3>
897 <PRE CLASS=
"command">
904 <P>The
<CODE>FileDevice
</CODE> directive determines whether the
905 scheduler allows new printers to be added using device URIs of
906 the form
<CODE>file:/filename
</CODE>. File devices are most often
907 used to test new printer drivers and do not support raw file
910 <P>The default setting is
<CODE>No
</CODE>.
</P>
912 <BLOCKQUOTE><B>Note:
</B>
914 <P>File devices are managed by the scheduler. Since the
915 scheduler normally runs as the root user, file devices
916 can be used to overwrite system files and potentially
917 gain unauthorized access to the system. If you must
918 create printers using file devices, we recommend that
919 you set the
<CODE>FileDevice
</CODE> directive to
920 <CODE>Yes
</CODE> for only as long as you need to add the
921 printers to the system, and then reset the directive to
927 <H3 CLASS=
"title"><A NAME=
"FilterLimit">FilterLimit
</A></H3>
931 <PRE CLASS=
"command">
939 <P>The
<CODE>FilterLimit
</CODE> directive sets the maximum cost
940 of all running job filters. It can be used to limit the number of
941 filter programs that are run on a server to minimize disk,
942 memory, and CPU resource problems. A limit of
0 disables filter
945 <P>An average print to a non-PostScript printer needs a filter
946 limit of about
200. A PostScript printer needs about half that
947 (
100). Setting the limit below these thresholds will effectively
948 limit the scheduler to printing a single job at any time.
</P>
950 <P>The default limit is
0.
</P>
953 <H3 CLASS=
"title"><A NAME=
"FontPath">FontPath
</A></H3>
957 <PRE CLASS=
"command">
958 FontPath /foo/bar/fonts
959 FontPath /usr/share/cups/fonts:/foo/bar/fonts
964 <P>The
<CODE>FontPath
</CODE> directive specifies the font path to
965 use when searching for fonts. The default font path is
966 <CODE>/usr/share/cups/fonts
</CODE>.
</P>
969 <H3 CLASS=
"title"><A NAME=
"Group">Group
</A></H3>
973 <PRE CLASS=
"command">
979 <P>The
<CODE>Group
</CODE> directive specifies the UNIX group that
980 filter and CGI programs run as. The default group is
981 <CODE>nobody
</CODE>.
</P>
984 <H3 CLASS=
"title"><A NAME=
"HideImplicitMembers">HideImplicitMembers
</A></H3>
988 <PRE CLASS=
"command">
989 HideImplicitMembers Yes
990 HideImplicitMembers No
995 <P>The
<CODE>HideImplicitMembers
</CODE> directive controls
996 whether the individual printers in an implicit class are hidden
997 from the user. The default is
<CODE>Yes
</CODE>.
</P>
999 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1000 must be enabled for this directive to have any effect.
</P>
1003 <H3 CLASS=
"title"><A NAME=
"HostNameLookups">HostNameLookups
</A></H3>
1007 <PRE CLASS=
"command">
1010 HostNameLookups Double
1013 <H4>Description
</H4>
1015 <P>The
<CODE>HostNameLookups
</CODE> directive controls whether or
1016 not CUPS looks up the hostname for connecting clients. The
1017 <CODE>Double
</CODE> setting causes CUPS to verify that the
1018 hostname resolved from the address matches one of the addresses
1019 returned for that hostname.
<CODE>Double
</CODE> lookups also
1020 prevent clients with unregistered addresses from connecting to
1023 <P>The default is
<CODE>Off
</CODE> to avoid the potential server
1024 performance problems with hostname lookups. Set this option to
1025 <CODE>On
</CODE> or
<CODE>Double
</CODE> only if absolutely
1029 <H3 CLASS=
"title"><A NAME=
"ImplicitClasses">ImplicitClasses
</A></H3>
1033 <PRE CLASS=
"command">
1038 <H4>Description
</H4>
1040 <P>The
<CODE>ImplicitClasses
</CODE> directive controls whether
1041 implicit classes are created based upon the available network
1042 printers and classes. The default setting is
<CODE>On
</CODE> but
1043 is automatically turned
<CODE>Off
</CODE> if
<A
1044 HREF=
"#Browsing"><CODE>Browsing
</CODE></A> is turned
1045 <CODE>Off
</CODE>.
</P>
1048 <H3 CLASS=
"title"><A NAME=
"ImplicitAnyClasses">ImplicitAnyClasses
</A></H3>
1052 <PRE CLASS=
"command">
1053 ImplicitAnyClasses On
1054 ImplicitAnyClasses Off
1057 <H4>Description
</H4>
1059 <P>The
<CODE>ImplicitAnyClasses
</CODE> directive controls
1060 whether implicit classes for local and remote printers are
1061 created with the name
<CODE>AnyPrinter
</CODE>. The default
1062 setting is
<CODE>Off
</CODE>.
</P>
1064 <P><A HREF=
"#ImplicitClasses"><CODE>ImplicitClasses
</CODE></A>
1065 must be enabled for this directive to have any effect.
</P>
1068 <H3 CLASS=
"title"><A NAME=
"Include">Include
</A></H3>
1072 <PRE CLASS=
"command">
1074 Include /foo/bar/filename
1077 <H4>Description
</H4>
1079 <P>The
<CODE>Include
</CODE> directive includes the named file in
1080 the
<CODE>cupsd.conf
</CODE> file. If no leading path is provided,
1081 the file is assumed to be relative to the
<A
1082 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory.
</P>
1085 <H3 CLASS=
"title"><A NAME=
"KeepAlive">KeepAlive
</A></H3>
1089 <PRE CLASS=
"command">
1094 <H4>Description
</H4>
1096 <P>The
<CODE>KeepAlive
</CODE> directive controls whether or not
1097 to support persistent HTTP connections. The default is
1098 <CODE>On
</CODE>.
</P>
1100 <P>HTTP/
1.1 clients automatically support persistent connections,
1101 while HTTP/
1.0 clients must specifically request them using the
1102 <CODE>Keep-Alive
</CODE> attribute in the
<CODE>Connection:
</CODE>
1103 field of each request.
</P>
1106 <H3 CLASS=
"title"><A NAME=
"KeepAliveTimeout">KeepAliveTimeout
</A></H3>
1110 <PRE CLASS=
"command">
1115 <H4>Description
</H4>
1117 <P>The
<CODE>KeepAliveTimeout
</CODE> directive controls how long
1118 a persistent HTTP connection will remain open after the last
1119 request. The default is
60 seconds.
</P>
1122 <H3 CLASS=
"title"><A NAME=
"Limit">Limit
</A></H3>
1126 <PRE CLASS=
"command">
1127 <Limit GET POST
>
1136 <H4>Description
</H4>
1138 <P>The
<CODE>Limit
</CODE> directive groups access control
1139 directives for specific types of HTTP requests and must appear
1140 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1141 Access can be limited for individual request types
1142 (
<CODE>DELETE
</CODE>,
<CODE>GET
</CODE>,
<CODE>HEAD
</CODE>,
1143 <CODE>OPTIONS
</CODE>,
<CODE>POST
</CODE>,
<CODE>PUT
</CODE>, and
1144 <CODE>TRACE
</CODE>) or for all request types (
<CODE>ALL
</CODE>).
1145 The request type names are case-sensitive for compatibility with
1149 <H3 CLASS=
"title"><A NAME=
"LimitExcept">LimitExcept
</A></H3>
1153 <PRE CLASS=
"command">
1154 <LimitExcept GET POST
>
1156 </LimitExcept
>
1159 <H4>Description
</H4>
1161 <P>The
<CODE>LimitExcept
</CODE> directive groups access control
1162 directives for specific types of HTTP requests and must appear
1163 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A> section.
1164 Unlike the
<A HREF=
"#Limit"><CODE>Limit
</CODE></A> directive,
1165 <CODE>LimitExcept
</CODE> restricts access for all requests
1166 <I>except
</I> those listed on the
<CODE>LimitExcept
</CODE>
1170 <H3 CLASS=
"title"><A NAME=
"LimitRequestBody">LimitRequestBody
</A></H3>
1174 <PRE CLASS=
"command">
1175 LimitRequestBody
10485760
1176 LimitRequestBody
10m
1180 <H4>Description
</H4>
1182 <P>The
<CODE>LimitRequestBody
</CODE> directive controls the
1183 maximum size of print files, IPP requests, and HTML form data in
1184 HTTP POST requests. The default limit is
0 which disables the
1188 <H3 CLASS=
"title"><A NAME=
"Listen">Listen
</A></H3>
1192 <PRE CLASS=
"command">
1193 Listen
127.0.0.1:
631
1194 Listen
192.0.2.1:
631
1199 <H4>Description
</H4>
1201 <P>The
<CODE>Listen
</CODE> directive specifies a network address
1202 and port to listen for connections. Multiple
<CODE>Listen
</CODE>
1203 directives can be provided to listen on multiple addresses.
</P>
1205 <P>The
<CODE>Listen
</CODE> directive is similar to the
<A
1206 HREF=
"#Port"><CODE>Port
</CODE></A> directive but allows you to
1207 restrict access to specific interfaces or networks.
</P>
1210 <H3 CLASS=
"title"><A NAME=
"Location">Location
</A></H3>
1214 <PRE CLASS=
"command">
1219 <Location /admin
>
1223 <Location /admin/conf
>
1227 <Location /admin/log
>
1231 <Location /classes
>
1235 <Location /classes/name
>
1239 <Location /jobs
>
1243 <Location /printers
>
1247 <Location /printers/name
>
1253 <H4>Description
</H4>
1255 <P>The
<CODE>Location
</CODE> directive specifies access control
1256 and authentication options for the specified HTTP resource or
1257 path. The
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>,
<A
1258 HREF=
"#AuthType"><CODE>AuthType
</CODE></A>,
<A
1259 HREF=
"#Deny"><CODE>Deny
</CODE></A>,
<A
1260 HREF=
"#Encryption"><CODE>Encryption
</CODE></A>,
<A
1261 HREF=
"#Limit"><CODE>Limit
</CODE></A>,
<A
1262 HREF=
"#LimitExcept"><CODE>LimitExcept
</CODE></A>,
<A
1263 HREF=
"#Order"><CODE>Order
</CODE></A>,
<A
1264 HREF=
"#Require"><CODE>Require
</CODE></A>, and
<A
1265 HREF=
"#Satisfy"><CODE>Satisfy
</CODE></A> directives may all
1266 appear inside a location.
</P>
1268 <P>Note that more specific resources override the less specific
1269 ones. So the directives inside the
<CODE>/printers/name
</CODE>
1270 location will override ones from
<CODE>/printers
</CODE>.
1271 Directives inside
<CODE>/printers
</CODE> will override ones from
1272 <CODE>/
</CODE>. None of the directives are inherited.
</P>
1274 <DIV CLASS=
"table"><TABLE>
1275 <CAPTION>Common Locations on the Server
</CAPTION>
1276 <TR><TH>Location
</TH><TH>Description
</TH></TR>
1277 <TR><TD><CODE>/
</CODE></TD><TD>The path for all get operations (get-printers, get-jobs, etc.)
</TD></TR>
1278 <TR><TD><CODE>/admin
</CODE></TD><TD>The path for all administration operations (add-printer, delete-printer, start-printer, etc.)
</TD></TR>
1279 <TR><TD><CODE>/admin/conf
</CODE></TD><TD>The path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
</TD></TR>
1280 <TR><TD><CODE>/admin/log
</CODE></TD><TD>The path for access to the CUPS log files (access_log, error_log, page_log)
</TD></TR>
1281 <TR><TD><CODE>/classes
</CODE></TD><TD>The path for all classes
</TD></TR>
1282 <TR><TD><CODE>/classes/name
</CODE></TD><TD>The resource for class
<CODE>name
</CODE></TD></TR>
1283 <TR><TD><CODE>/jobs
</CODE></TD><TD>The path for all jobs (hold-job, release-job, etc.)
</TD></TR>
1284 <TR><TD><CODE>/jobs/id
</CODE></TD><TD>The resource for job
<CODE>id
</CODE></TD></TR>
1285 <TR><TD><CODE>/printers
</CODE></TD><TD>The path for all printers
</TD></TR>
1286 <TR><TD><CODE>/printers/name
</CODE></TD><TD>The path for printer
<CODE>name
</CODE></TD></TR>
1287 <TR><TD><CODE>/printers/name.ppd
</CODE></TD><TD>The PPD file path for printer
<CODE>name
</CODE></TD></TR>
1291 <H3 CLASS=
"title"><A NAME=
"LogFilePerm">LogFilePerm
</A></H3>
1295 <PRE CLASS=
"command">
1300 <H4>Description
</H4>
1302 <P>The
<CODE>LogFilePerm
</CODE> directive specifies the
1303 permissions to use when writing configuration files. The default
1307 <H3 CLASS=
"title"><A NAME=
"LogLevel">LogLevel
</A></H3>
1311 <PRE CLASS=
"command">
1324 <H4>Description
</H4>
1326 <P>The
<CODE>LogLevel
</CODE> directive specifies the level of
1327 logging for the
<A HREF=
"#ErrorLog"><CODE>ErrorLog
</CODE></A>
1328 file. The following values are recognized (each level logs
1329 everything under the preceding levels):
</P>
1333 <LI><CODE>none
</CODE> - Log nothing
</LI>
1335 <LI><CODE>emerg
</CODE> - Log emergency conditions that
1336 prevent the server from running
</LI>
1338 <LI><CODE>alert
</CODE> - Log alerts that must be handled
1341 <LI><CODE>crit
</CODE> - Log critical errors that don't
1342 prevent the server from running
</LI>
1344 <LI><CODE>error
</CODE> - Log general errors
</LI>
1346 <LI><CODE>warn
</CODE> - Log errors and warnings
</LI>
1348 <LI><CODE>notice
</CODE> - Log temporary error conditions
</LI>
1350 <LI><CODE>info
</CODE> - Log all requests and state
1351 changes (default)
</LI>
1353 <LI><CODE>debug
</CODE> - Log basic debugging
1356 <LI><CODE>debug2
</CODE> - Log all debugging
1362 <H3 CLASS=
"title"><A NAME=
"MaxClients">MaxClients
</A></H3>
1366 <PRE CLASS=
"command">
1371 <H4>Description
</H4>
1373 <P>The
<CODE>MaxClients
</CODE> directive controls the maximum
1374 number of simultaneous clients that will be allowed by the
1375 server. The default is
100 clients.
</P>
1377 <BLOCKQUOTE><B>Note:
</B>
1379 <P>Since each print job requires a file descriptor for the status
1380 pipe, the scheduler internally limits the
<CODE>MaxClients
</CODE>
1381 value to
1/
3 of the available file descriptors to avoid possible
1382 problems when printing large numbers of jobs.
</P>
1387 <H3 CLASS=
"title"><A NAME=
"MaxClientsPerHost">MaxClientsPerHost
</A></H3>
1391 <PRE CLASS=
"command">
1392 MaxClientsPerHost
10
1395 <H4>Description
</H4>
1397 <P>The
<CODE>MaxClientsPerHost
</CODE> directive controls the
1398 maximum number of simultaneous clients that will be allowed from
1399 a single host by the server. The default is the
1400 <CODE>MaxClients
</CODE> value.
</P>
1402 <P>This directive provides a small measure of protection against
1403 Denial of Service attacks from a single host.
</P>
1406 <H3 CLASS=
"title"><A NAME=
"MaxCopies">MaxCopies
</A></H3>
1410 <PRE CLASS=
"command">
1415 <H4>Description
</H4>
1417 <P>The
<CODE>MaxCopies
</CODE> directive controls the maximum
1418 number of copies that a user can print of a job. The default is
1421 <BLOCKQUOTE><B>Note:
</B>
1423 <P>Most HP PCL laser printers internally limit the number of
1430 <H3 CLASS=
"title"><A NAME=
"MaxJobs">MaxJobs
</A></H3>
1434 <PRE CLASS=
"command">
1440 <H4>Description
</H4>
1442 <P>The
<CODE>MaxJobs
</CODE> directive controls the maximum number
1443 of jobs that are kept in memory. Once the number of jobs reaches
1444 the limit, the oldest completed job is automatically purged from
1445 the system to make room for the new one. If all of the known jobs
1446 are still pending or active then the new job will be
1449 <P>Setting the maximum size to
0 disables this functionality. The
1450 default setting is
0.
</P>
1453 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerPrinter">MaxJobsPerPrinter
</A></H3>
1457 <PRE CLASS=
"command">
1458 MaxJobsPerPrinter
100
1459 MaxJobsPerPrinter
9999
1463 <H4>Description
</H4>
1465 <P>The
<CODE>MaxJobsPerPrinter
</CODE> directive controls the
1466 maximum number of active jobs that are allowed for each printer
1467 or class. Once a printer or class reaches the limit, new jobs
1468 will be rejected until one of the active jobs is completed,
1469 stopped, aborted, or canceled.
</P>
1471 <P>Setting the maximum to
0 disables this functionality. The
1472 default setting is
0.
</P>
1475 <H3 CLASS=
"title"><A NAME=
"MaxJobsPerUser">MaxJobsPerUser
</A></H3>
1479 <PRE CLASS=
"command">
1485 <H4>Description
</H4>
1487 <P>The
<CODE>MaxJobsPerUser
</CODE> directive controls the maximum
1488 number of active jobs that are allowed for each user. Once a user
1489 reaches the limit, new jobs will be rejected until one of the
1490 active jobs is completed, stopped, aborted, or canceled.
</P>
1492 <P>Setting the maximum to
0 disables this functionality. The
1493 default setting is
0.
</P>
1496 <H3 CLASS=
"title"><A NAME=
"MaxLogSize">MaxLogSize
</A></H3>
1500 <PRE CLASS=
"command">
1506 <H4>Description
</H4>
1508 <P>The
<CODE>MaxLogSize
</CODE> directive controls the maximum
1509 size of each log file. Once a log file reaches or exceeds the
1510 maximum size it is closed and renamed to
<VAR>filename.O
</VAR>.
1511 This allows you to rotate the logs automatically. The default
1512 size is
1048576 bytes (
1MB).
</P>
1514 <P>Setting the maximum size to
0 disables log rotation.
</P>
1517 <H3 CLASS=
"title"><SPAN CLASS=
"info">Deprecated
</SPAN><A NAME=
"MaxRequestSize">MaxRequestSize
</A></H3>
1521 <PRE CLASS=
"command">
1522 MaxRequestSize
10485760
1527 <H4>Description
</H4>
1529 <P>The
<CODE>MaxRequestSize
</CODE> directive controls the maximum
1530 size of print files, IPP requests, and HTML form data in HTTP
1531 POST requests. The default limit is
0 which disables the limit
1534 <P><B>This directive is deprecated and will be replaced in a
1535 future CUPS release.
</B> Use the
<A
1536 HREF=
"#LimitRequestBody"><CODE>LimitRequestBody
</CODE></A>
1537 directive instead.
</P>
1540 <H3 CLASS=
"title"><A NAME=
"Order">Order
</A></H3>
1544 <PRE CLASS=
"command">
1549 <H4>Description
</H4>
1551 <P>The
<CODE>Order
</CODE> directive defines the default access
1552 control. The following values are supported:
</P>
1556 <LI><CODE>allow,deny
</CODE> - Deny requests by default,
1557 then check the
<A HREF=
"#Allow"><CODE>Allow
</CODE></A>
1558 lines followed by the
<A
1559 HREF=
"#Deny"><CODE>Deny
</CODE></A> lines
</LI>
1561 <LI><CODE>deny,allow
</CODE> - Allow requests by default,
1562 then check the
<A HREF=
"#Deny"><CODE>Deny
</CODE></A>
1563 lines followed by the
<A
1564 HREF=
"#Allow"><CODE>Allow
</CODE></A> lines
</LI>
1568 <P>The
<CODE>Order
</CODE> directive must appear inside a
<A
1569 HREF=
"#Location"><CODE>Location
</CODE></A> directive.
</P>
1572 <H3 CLASS=
"title"><A NAME=
"PageLog">PageLog
</A></H3>
1576 <PRE CLASS=
"command">
1577 PageLog /var/log/cups/page_log
1578 PageLog /var/log/cups/page_log-%s
1582 <H4>Description
</H4>
1584 <P>The
<CODE>PageLog
</CODE> directive sets the name of the page
1585 log file. If the filename is not absolute then it is assumed to
1586 be relative to the
<A
1587 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1588 default page log file is
<VAR>/var/log/cups/page_log
</VAR>.
</P>
1590 <P>The server name can be included in the filename by using
1591 <CODE>%s
</CODE> in the name.
</P>
1593 <P>The special name
"syslog" can be used to send the page
1594 information to the system log instead of a plain file.
</P>
1597 <H3 CLASS=
"title"><A NAME=
"Port">Port
</A></H3>
1601 <PRE CLASS=
"command">
1606 <H4>Description
</H4>
1608 <P>The
<CODE>Port
</CODE> directive specifies a port to listen on.
1609 Multiple
<CODE>Port
</CODE> lines can be specified to listen on
1610 multiple ports. The
<CODE>Port
</CODE> directive is equivalent to
1611 "<CODE>Listen *:nnn</CODE>". The default port is
631.
</P>
1613 <BLOCKQUOTE><B>Note:
</B>
1615 <P>On systems that support IPv6, this directive will bind to both
1616 the IPv4 and IPv6 wildcard address.
</P>
1621 <H3 CLASS=
"title"><A NAME=
"PreserveJobHistory">PreserveJobHistory
</A></H3>
1625 <PRE CLASS=
"command">
1626 PreserveJobHistory On
1627 PreserveJobHistory Off
1630 <H4>Description
</H4>
1632 <P>The
<CODE>PreserveJobHistory
</CODE> directive controls whether
1633 the history of completed, canceled, or aborted print jobs is
1636 <P>A value of
<CODE>On
</CODE> (the default) preserves job
1637 information until the administrator purges it with the
1638 <CODE>cancel
</CODE> command.
</P>
1640 <P>A value of
<CODE>Off
</CODE> removes the job information as
1641 soon as each job is completed, canceled, or aborted.
</P>
1644 <H3 CLASS=
"title"><A NAME=
"PreserveJobFiles">PreserveJobFiles
</A></H3>
1648 <PRE CLASS=
"command">
1650 PreserveJobFiles Off
1653 <H4>Description
</H4>
1655 <P>The
<CODE>PreserveJobFiles
</CODE> directive controls whether
1656 the document files of completed, canceled, or aborted print jobs
1657 are stored on disk.
</P>
1659 <P>A value of
<CODE>On
</CODE> preserves job files until the
1660 administrator purges them with the
<CODE>cancel
</CODE> command.
1661 Jobs can be restarted (and reprinted) as desired until they are
1664 <P>A value of
<CODE>Off
</CODE> (the default) removes the job
1665 files as soon as each job is completed, canceled, or aborted.
</P>
1668 <H3 CLASS=
"title"><A NAME=
"Printcap">Printcap
</A></H3>
1672 <PRE CLASS=
"command">
1674 Printcap /etc/printcap
1675 Printcap /etc/printers.conf
1678 <H4>Description
</H4>
1680 <P>The
<CODE>Printcap
</CODE> directive controls whether or not a
1681 printcap file is automatically generated and updated with a list
1682 of available printers. If specified with no value, then no
1683 printcap file will be generated. The default is to generate a
1684 file named
<VAR>/etc/printcap
</VAR>.
</P>
1686 <P>When a filename is specified (e.g.
<VAR>/etc/printcap
</VAR>),
1687 the printcap file is written whenever a printer is added or
1688 removed. The printcap file can then be used by applications that
1689 are hardcoded to look at the printcap file for the available
1693 <H3 CLASS=
"title"><A NAME=
"PrintcapFormat">PrintcapFormat
</A></H3>
1697 <PRE CLASS=
"command">
1699 PrintcapFormat Solaris
1702 <H4>Description
</H4>
1704 <P>The
<CODE>PrintcapFormat
</CODE> directive controls the output
1705 format of the printcap file. The default is to generate a BSD
1709 <H3 CLASS=
"title"><A NAME=
"RemoteRoot">RemoteRoot
</A></H3>
1713 <PRE CLASS=
"command">
1718 <H4>Description
</H4>
1720 <P>The
<CODE>RemoteRoot
</CODE> directive sets the username for
1721 unauthenticated root requests from remote hosts. The default
1722 username is
<VAR>remroot
</VAR>. Setting
<CODE>RemoteRoot
</CODE>
1723 to
<VAR>root
</VAR> effectively disables this security
1727 <H3 CLASS=
"title"><A NAME=
"RequestRoot">RequestRoot
</A></H3>
1731 <PRE CLASS=
"command">
1732 RequestRoot /var/spool/cups
1733 RequestRoot /foo/bar/spool/cups
1736 <H4>Description
</H4>
1738 <P>The
<CODE>RequestRoot
</CODE> directive sets the directory for
1739 incoming IPP requests and HTML forms. If an absolute path is not
1740 provided then it is assumed to be relative to the
<A
1741 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1742 default request directory is
<VAR>/var/spool/cups
</VAR>.
</P>
1745 <H3 CLASS=
"title"><A NAME=
"Require">Require
</A></H3>
1749 <PRE CLASS=
"command">
1750 Require group foo bar
1751 Require user john mary
1753 Require user @groupname
1754 Require user @SYSTEM
1758 <H4>Description
</H4>
1760 <P>The
<CODE>Require
</CODE> directive specifies that
1761 authentication is required for the resource. The
1762 <CODE>group
</CODE> keyword specifies that the authenticated user
1763 must be a member of one or more of the named groups that
1766 <P>The
<CODE>user
</CODE> keyboard specifies that the
1767 authenticated user must be one of the named users or groups that
1768 follow. Group names are specified using the
"@" prefix.
</P>
1770 <P>The
<CODE>valid-user
</CODE> keyword specifies that any
1771 authenticated user may access the resource.
</P>
1773 <P>The default is to do no authentication. This directive must
1774 appear inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1778 <H3 CLASS=
"title"><A NAME=
"RIPCache">RIPCache
</A></H3>
1782 <PRE CLASS=
"command">
1788 <H4>Description
</H4>
1790 <P>The
<CODE>RIPCache
</CODE> directive sets the size of the
1791 memory cache used by Raster Image Processor (
"RIP") filters such
1792 as
<CODE>imagetoraster
</CODE> and
<CODE>pstoraster
</CODE>. The
1793 size can be suffixed with a
"k" for kilobytes,
"m" for megabytes,
1794 or
"g" for gigabytes. The default cache size is
"8m", or
8
1798 <H3 CLASS=
"title"><A NAME=
"Satisfy">Satisfy
</A></H3>
1802 <PRE CLASS=
"command">
1807 <H4>Description
</H4>
1809 <P>The
<CODE>Satisfy
</CODE> directive specifies whether all
1810 conditions must be satisfied to allow access to the resource. If
1811 set to
<CODE>all
</CODE>, then all authentication and access
1812 control conditions must be satified to allow access.
</P>
1814 <P>Setting
<CODE>Satisfy
</CODE> to
<CODE>any
</CODE> allows a user
1815 to gain access if the authentication or access control
1816 requirements are satisfied. For example, you might require
1817 authentication for remote access, but allow local access without
1820 <P>The default is
<CODE>all
</CODE>. This directive must appear
1821 inside a
<A HREF=
"#Location"><CODE>Location
</CODE></A>
1825 <H3 CLASS=
"title"><A NAME=
"ServerAdmin">ServerAdmin
</A></H3>
1829 <PRE CLASS=
"command">
1830 ServerAdmin user@host
1831 ServerAdmin root@foo.bar.com
1834 <H4>Description
</H4>
1836 <P>The
<CODE>ServerAdmin
</CODE> directive identifies the email
1837 address for the administrator on the system. By default the
1838 administrator email address is
<CODE>root@server
</CODE>, where
1839 <CODE>server
</CODE> is the server name.
</P>
1842 <H3 CLASS=
"title"><A NAME=
"ServerBin">ServerBin
</A></H3>
1846 <PRE CLASS=
"command">
1847 ServerBin /usr/lib/cups
1848 ServerBin /foo/bar/lib/cups
1851 <H4>Description
</H4>
1853 <P>The
<CODE>ServerBin
</CODE> directive sets the directory for
1854 server-run executables. If an absolute path is not provided then
1855 it is assumed to be relative to the
<A
1856 HREF=
"#ServerRoot"><CODE>ServerRoot
</CODE></A> directory. The
1857 default executable directory is
<VAR>/usr/lib/cups
</VAR> or
1858 <VAR>/usr/lib32/cups
</VAR> (IRIX
6.5).
</P>
1861 <H3 CLASS=
"title"><A NAME=
"ServerCertificate">ServerCertificate
</A></H3>
1865 <PRE CLASS=
"command">
1866 ServerCertificate /etc/cups/ssl/server.crt
1869 <H4>Description
</H4>
1871 <P>The
<CODE>ServerCertificate
</CODE> directive specifies the
1872 location of the SSL certificate file used by the server when
1873 negotiating encrypted connections. The certificate must not be
1874 encrypted (password protected) since the scheduler normally runs
1875 in the background and will be unable to ask for a password.
</P>
1877 <P>The default certificate file is
1878 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1881 <H3 CLASS=
"title"><A NAME=
"ServerKey">ServerKey
</A></H3>
1885 <PRE CLASS=
"command">
1886 ServerKey /etc/cups/ssl/server.key
1889 <H4>Description
</H4>
1891 <P>The
<CODE>ServerKey
</CODE> directive specifies the location of
1892 the SSL private key file used by the server when negotiating
1893 encrypted connections.
</P>
1895 <P>The default key file is
1896 <VAR>/etc/cups/ssl/server.crt
</VAR>.
</P>
1899 <H3 CLASS=
"title"><A NAME=
"ServerName"></A>ServerName
</H3>
1903 <PRE CLASS=
"command">
1904 ServerName foo.domain.com
1905 ServerName myserver.domain.com
1908 <H4>Description
</H4>
1910 <P>The
<CODE>ServerName
</CODE> directive specifies the hostname
1911 that is reported to clients. By default the server name is the
1915 <H3 CLASS=
"title"><A NAME=
"ServerRoot">ServerRoot
</A></H3>
1919 <PRE CLASS=
"command">
1920 ServerRoot /etc/cups
1921 ServerRoot /foo/bar/cups
1924 <H4>Description
</H4>
1926 <P>The
<CODE>ServerRoot
</CODE> directive specifies the absolute
1927 path to the server configuration and state files. It is also used
1928 to resolve relative paths in the
<VAR>cupsd.conf
</VAR> file. The
1929 default server directory is
<VAR>/etc/cups
</VAR>.
</P>
1932 <H3 CLASS=
"title"><A NAME=
"SSLListen">SSLListen
</A></H3>
1936 <PRE CLASS=
"command">
1937 SSLListen
127.0.0.1:
443
1938 SSLListen
192.0.2.1:
443
1941 <H4>Description
</H4>
1943 <P>The
<CODE>SSLListen
</CODE> directive specifies a network
1944 address and port to listen for secure connections. Multiple
1945 <CODE>SSLListen
</CODE> directives can be provided to listen on
1946 multiple addresses.
</P>
1948 <P>The
<CODE>SSLListen
</CODE> directive is similar to the
<A
1949 HREF=
"#SSLPort"><CODE>SSLPort
</CODE></A> directive but allows you
1950 to restrict access to specific interfaces or networks.
</P>
1953 <H3 CLASS=
"title"><A NAME=
"SSLPort">SSLPort
</A></H3>
1957 <PRE CLASS=
"command">
1961 <H4>Description
</H4>
1963 <P>The
<CODE>SSLPort
</CODE> directive specifies a port to listen
1964 on for secure connections. Multiple
<CODE>SSLPort
</CODE> lines
1965 can be specified to listen on multiple ports.
</P>
1968 <H3 CLASS=
"title"><A NAME=
"SystemGroup">SystemGroup
</A></H3>
1972 <PRE CLASS=
"command">
1979 <H4>Description
</H4>
1981 <P>The
<CODE>SystemGroup
</CODE> directive specifies the system
1982 administration group for
<CODE>System
</CODE> authentication.
</P>
1985 <H3 CLASS=
"title"><A NAME=
"TempDir">TempDir
</A></H3>
1989 <PRE CLASS=
"command">
1991 TempDir /foo/bar/tmp
1994 <H4>Description
</H4>
1996 <P>The
<CODE>TempDir
</CODE> directive specifies an absolute path
1997 for the directory to use for temporary files. The default
1998 directory is
<VAR>/var/spool/cups/tmp
</VAR>.
</P>
2000 <P>Temporary directories must be world-writable and should have
2001 the
"sticky" permission bit enabled so that other users cannot
2002 delete filter temporary files. The following commands will create
2003 an appropriate temporary directory called
2004 <VAR>/foo/bar/tmp
</VAR>:
</P>
2006 <PRE CLASS=
"command">
2007 <KBD>mkdir /foo/bar/tmp
</KBD>
2008 <KBD>chmod a+rwxt /foo/bar/tmp
</KBD>
2012 <H3 CLASS=
"title"><A NAME=
"Timeout">Timeout
</A></H3>
2016 <PRE CLASS=
"command">
2021 <H4>Description
</H4>
2023 <P>The
<CODE>Timeout
</CODE> directive controls the amount of time
2024 to wait before an active HTTP or IPP request times out. The
2025 default timeout is
300 seconds.
</P>
2028 <H3 CLASS=
"title"><A NAME=
"User">User
</A></H3>
2032 <PRE CLASS=
"command">
2037 <H4>Description
</H4>
2039 <P>The
<CODE>User
</CODE> directive specifies the UNIX user that
2040 filter and CGI programs run as. The default user is
2041 <CODE>lp
</CODE>.
</P>
2043 <BLOCKQUOTE><B>Note:
</B>
2045 <P>You may not use user
<CODE>root
</CODE>, as that would expose
2046 the system to unacceptable security risks. The scheduler will
2047 automatically choose user
<CODE>nobody
</CODE> if you specify a
2048 user whose ID is
0.
</P>