of the CUPS 1.4 sleep support to do a cleaner sleep
(<rdar://problem/14323704>)
- Dropped support for AIX, HP-UX, and OSF/1 (aka Digital UNIX)
+ - Dropped lppasswd and support for Digest authentication in in the
+ scheduler (STR #4321)
- Adopted Linux man page conventions and updated all man pages
(STR #4372)
- Added a "--list-filters" option to the cupsfilter command (STR #4325)
char encode[33], /* MD5 buffer */
digest[1024]; /* Digest auth data */
-
httpGetSubField(http, HTTP_FIELD_WWW_AUTHENTICATE, "realm", realm);
httpGetSubField(http, HTTP_FIELD_WWW_AUTHENTICATE, "nonce", nonce);
help/man-lpinfo.html \
help/man-lpmove.html \
help/man-lpoptions.html \
- help/man-lppasswd.html \
help/man-lpq.html \
help/man-lpr.html \
help/man-lprm.html \
<h2 class="title"><a name="NAME">Name</a></h2>
cupsd.conf - server configuration file for cups
<h2 class="title"><a name="DESCRIPTION">Description</a></h2>
-The <i>cupsd.conf</i> file configures the CUPS scheduler, <i>cupsd(8)</i>. It
-is normally located in the <i>/etc/cups</i> directory. <b>Note:</b>
-File, directory, and user configuration directives that used to be allowed in
-the <i>cupsd.conf</i> file are now stored in the <i>cups-files.conf(5)</i> instead
-in order to prevent certain types of privilege escalation attacks.
-<p>Each line in the file can be a configuration directive, a blank line,
-or a comment. Comment lines start with the # character. The
-configuration directives are intentionally similar to those used by the
-popular Apache web server software and are described below.
-<h2 class="title"><a name="DIRECTIVES">Directives</a></h2>
-The following directives are understood by <i>cupsd(8)</i>. Consult the
-on-line help for detailed descriptions:
+The
+<i>cupsd.conf</i>
+file configures the CUPS scheduler,
+<a href="man-cupsd.html?TOPIC=Man+Pages"><b>cupsd</b>(8).</a>
+It is normally located in the <i>/etc/cups</i> directory. <b>Note:</b> File, directory, and user configuration directives that used to be allowed in the <i>cupsd.conf</i> file are now stored in the <i>cups-files.conf(5)</i> instead in order to prevent certain types of privilege escalation attacks.
+<p>Each line in the file can be a configuration directive, a blank line, or a comment. Comment lines start with the # character. The configuration directives are intentionally similar to those used by the popular Apache web server software and are described below.
+<h2 class="title"><a name="TOP_LEVEL_DIRECTIVES">Top-level Directives</a></h2>
+The following directives are understood by
+<b>cupsd</b><b>(8).</b>
+Consult the online help (<a href="http://localhost:631/help">http://localhost:631/help</a>) for detailed descriptions:
<p style="margin-left: 5.0em; text-indent: -5.0em">AccessLogLevel config
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">AccessLogLevel actions
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">AccessLogLevel all
<br>
-<br>
Specifies the logging level for the AccessLog file.
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow all
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow none
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow host.domain.com
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow *.domain.com
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow ip-address
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow ip-address/netmask
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow ip-address/mm
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow @IF(name)
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Allow @LOCAL
-<br>
-<br>
-Allows access from the named hosts or addresses.
-<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType None
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType Basic
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType BasicDigest
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType Digest
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType Negotiate
-<br>
-<br>
-Specifies the authentication type (None, Basic, BasicDigest, Digest, Negotiate)
<p style="margin-left: 5.0em; text-indent: -5.0em">AutoPurgeJobs Yes
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">AutoPurgeJobs No
<br>
Specifies whether to purge job history data automatically when
it is no longer required for quotas.
-<p style="margin-left: 5.0em; text-indent: -5.0em">BrowseLocalProtocols [All] [DNSSD]
-<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">BrowseLocalProtocols [
<br>
+<i>All</i>
+] [
+<i>DNSSD</i>
+]
Specifies the protocols to use for local printer sharing.
<p style="margin-left: 5.0em; text-indent: -5.0em">BrowseWebIF Yes
<br>
of individual print jobs.
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultAuthType Basic
<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultAuthType BasicDigest
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultAuthType Digest
-<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultAuthType Negotiate
<br>
<br>
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultEncryption Required
<br>
-<br>
Specifies the type of encryption to use for authenticated requests.
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultLanguage locale
<br>
-<br>
Specifies the default language to use for text and web content.
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultPaperSize Auto
<br>
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultPaperSize sizename
<br>
-<br>
Specifies the default paper size for new print queues. "Auto" uses a locale-
specific default, while "None" specifies there is no default paper size.
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultPolicy policy-name
<br>
-<br>
Specifies the default access policy to use.
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultShared Yes
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">DefaultShared No
<br>
-<br>
Specifies whether local printers are shared by default.
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny all
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny none
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny host.domain.com
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny *.domain.com
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny ip-address
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny ip-address/netmask
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny ip-address/mm
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny @IF(name)
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Deny @LOCAL
-<br>
-<br>
-Denies access to the named host or address.
<p style="margin-left: 5.0em; text-indent: -5.0em">DirtyCleanInterval seconds
<br>
-<br>
Specifies the delay for updating of configuration and state files. A value of 0
causes the update to happen as soon as possible, typically within a few
milliseconds.
-<p style="margin-left: 5.0em; text-indent: -5.0em">Encryption IfRequested
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Encryption Never
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Encryption Required
-<br>
-<br>
-Specifies the level of encryption that is required for a particular
-location.
<p style="margin-left: 5.0em; text-indent: -5.0em">FilterLimit limit
<br>
-<br>
Specifies the maximum cost of filters that are run concurrently.
<p style="margin-left: 5.0em; text-indent: -5.0em">FilterNice nice-value
<br>
-<br>
Specifies the scheduling priority ("nice" value) of filters that
are run to print a job.
<p style="margin-left: 5.0em; text-indent: -5.0em">GSSServiceName name
<br>
-<br>
Specifies the service name when using Kerberos authentication. The default
service name is "http".
<p style="margin-left: 5.0em; text-indent: -5.0em">HostNameLookups On
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">HostNameLookups Double
<br>
-<br>
Specifies whether or not to do reverse lookups on client addresses.
<p style="margin-left: 5.0em; text-indent: -5.0em">Include filename
<br>
-<br>
Includes the named file.
<p style="margin-left: 5.0em; text-indent: -5.0em">JobKillDelay seconds
<br>
-<br>
Specifies the number of seconds to wait before killing the filters and backend
associated with a canceled or held job.
-<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateAccess all
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateAccess default
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
-<br>
-<br>
-Specifies an access list for a job's private values. The "default" access list
-is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed
-or requesting-user-name-denied values.
-<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues all
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues default
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues none
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
-<br>
-Specifies the list of job values to make private. The "default" values are
-"job-name", "job-originating-host-name", and "job-originating-user-name".
<p style="margin-left: 5.0em; text-indent: -5.0em">JobRetryInterval seconds
<br>
-<br>
Specifies the interval between retries of jobs in seconds.
<p style="margin-left: 5.0em; text-indent: -5.0em">JobRetryLimit count
<br>
-<br>
Specifies the number of retries that are done for jobs.
<p style="margin-left: 5.0em; text-indent: -5.0em">KeepAlive Yes
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">KeepAlive No
<br>
-<br>
Specifies whether to support HTTP keep-alive connections.
<p style="margin-left: 5.0em; text-indent: -5.0em">KeepAliveTimeout seconds
<br>
-<br>
Specifies the amount of time that connections are kept alive.
<p style="margin-left: 5.0em; text-indent: -5.0em"><Limit operations> ... </Limit>
<br>
-<br>
Specifies the IPP operations that are being limited inside a policy.
<p style="margin-left: 5.0em; text-indent: -5.0em"><Limit methods> ... </Limit>
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em"><LimitExcept methods> ... </LimitExcept>
<br>
-<br>
Specifies the HTTP methods that are being limited inside a location.
<p style="margin-left: 5.0em; text-indent: -5.0em">LimitRequestBody
<br>
-<br>
Specifies the maximum size of any print job request.
<p style="margin-left: 5.0em; text-indent: -5.0em">Listen ip-address:port
<br>
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">Listen /path/to/domain/socket
<br>
-<br>
Listens to the specified address and port or domain socket path.
<p style="margin-left: 5.0em; text-indent: -5.0em"><Location /path> ... </Location>
<br>
-<br>
Specifies access control for the named location.
<p style="margin-left: 5.0em; text-indent: -5.0em">LogDebugHistory #-messages
<br>
-<br>
Specifies the number of debugging messages that are logged when an error
occurs in a print job.
<p style="margin-left: 5.0em; text-indent: -5.0em">LogLevel alert
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">LogLevel warn
<br>
-<br>
Specifies the logging level for the ErrorLog file.
<p style="margin-left: 5.0em; text-indent: -5.0em">LogTimeFormat standard
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">LogTimeFormat usecs
<br>
-<br>
Specifies the format of the date and time in the log files.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxClients number
<br>
-<br>
Specifies the maximum number of simultaneous clients to support.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxClientsPerHost number
<br>
-<br>
Specifies the maximum number of simultaneous clients to support from a
single address.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxCopies number
<br>
-<br>
Specifies the maximum number of copies that a user can print of each job.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxHoldTime seconds
<br>
-<br>
Specifies the maximum time a job may remain in the "indefinite" hold state
before it is canceled. Set to 0 to disable cancellation of held jobs.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxJobs number
<br>
-<br>
Specifies the maximum number of simultaneous jobs to support.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxJobsPerPrinter number
<br>
-<br>
Specifies the maximum number of simultaneous jobs per printer to support.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxJobsPerUser number
<br>
-<br>
Specifies the maximum number of simultaneous jobs per user to support.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxJobTime seconds
<br>
-<br>
Specifies the maximum time a job may take to print before it is canceled. The
default is 10800 seconds (3 hours). Set to 0 to disable cancellation of "stuck"
jobs.
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxLogSize number-bytes
<br>
-<br>
Specifies the maximum size of the log files before they are
rotated (0 to disable rotation)
<p style="margin-left: 5.0em; text-indent: -5.0em">MaxRequestSize number-bytes
<br>
-<br>
Specifies the maximum request/file size in bytes (0 for no limit)
<p style="margin-left: 5.0em; text-indent: -5.0em">MultipleOperationTimeout seconds
<br>
-<br>
Specifies the maximum amount of time to allow between files in a multiple file
print job.
-<p style="margin-left: 5.0em; text-indent: -5.0em">Order allow,deny
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Order deny,allow
-<br>
-<br>
-Specifies the order of HTTP access control (allow,deny or deny,allow)
<p style="margin-left: 5.0em; text-indent: -5.0em">PageLogFormat format string
<br>
-<br>
Specifies the format of page log lines.
<p style="margin-left: 5.0em; text-indent: -5.0em">PassEnv variable [... variable]
<br>
-<br>
Passes the specified environment variable(s) to child processes.
<p style="margin-left: 5.0em; text-indent: -5.0em"><Policy name> ... </Policy>
<br>
-<br>
Specifies access control for the named policy.
<p style="margin-left: 5.0em; text-indent: -5.0em">Port number
<br>
-<br>
Specifies a port number to listen to for HTTP requests.
<p style="margin-left: 5.0em; text-indent: -5.0em">PreserveJobFiles Yes
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">PreserveJobFiles No
<br>
-<br>
Specifies whether or not to preserve job files after they are printed.
<p style="margin-left: 5.0em; text-indent: -5.0em">PreserveJobHistory Yes
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">PreserveJobHistory No
<br>
-<br>
Specifies whether or not to preserve the job history after they are
printed.
<p style="margin-left: 5.0em; text-indent: -5.0em">PrintcapFormat bsd
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">PrintcapFormat solaris
<br>
-<br>
Specifies the format of the printcap file.
<p style="margin-left: 5.0em; text-indent: -5.0em">ReloadTimeout seconds
<br>
-<br>
Specifies the amount of time to wait for job completion before
restarting the scheduler.
-<p style="margin-left: 5.0em; text-indent: -5.0em">Require group group-name-list
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Require user user-name-list
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">Require valid-user
-<br>
-<br>
-Specifies that user or group authentication is required.
<p style="margin-left: 5.0em; text-indent: -5.0em">RIPCache bytes
<br>
-<br>
Specifies the maximum amount of memory to use when converting images
and PostScript files to bitmaps for a printer.
<p style="margin-left: 5.0em; text-indent: -5.0em">Satisfy all
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">Satisfy any
<br>
-<br>
Specifies whether all or any limits set for a Location must be
satisfied to allow access.
<p style="margin-left: 5.0em; text-indent: -5.0em">ServerAdmin user@domain.com
<br>
-<br>
Specifies the email address of the server administrator.
<p style="margin-left: 5.0em; text-indent: -5.0em">ServerAlias hostname [... hostname]
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">ServerAlias *
<br>
-<br>
Specifies an alternate name that the server is known by. The special name "*"
allows any name to be used.
<p style="margin-left: 5.0em; text-indent: -5.0em">ServerName hostname-or-ip-address
<br>
-<br>
Specifies the fully-qualified hostname of the server.
<p style="margin-left: 5.0em; text-indent: -5.0em">ServerTokens Full
<br>
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">ServerTokens ProductOnly
<br>
-<br>
Specifies what information is included in the Server header of HTTP
responses.
<p style="margin-left: 5.0em; text-indent: -5.0em">SetEnv variable value
<br>
-<br>
Set the specified environment variable to be passed to child processes.
<p style="margin-left: 5.0em; text-indent: -5.0em">SSLListen
<br>
-<br>
Listens on the specified address and port for encrypted connections.
<p style="margin-left: 5.0em; text-indent: -5.0em">SSLPort
<br>
-<br>
Listens on the specified port for encrypted connections.
<p style="margin-left: 5.0em; text-indent: -5.0em">StrictConformance Yes
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">StrictConformance No
<br>
-<br>
Specifies whether the scheduler requires clients to strictly adhere to the IPP
specifications. The default is No.
+<p style="margin-left: 5.0em; text-indent: -5.0em">Timeout seconds
+<br>
+Specifies the HTTP request timeout in seconds.
+<p style="margin-left: 5.0em; text-indent: -5.0em">WebInterface yes
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">WebInterface no
+<br>
+Specifies whether the web interface is enabled.
+<h2 class="title"><a name="DIRECTIVES_VALID_WITHIN_LOCATION_AND_LIMIT_SECTIONS">Directives Valid Within Location And Limit Sections</a></h2>
+The following directives may be placed inside Location and Limit sections in the <i>cupsd.conf</i> file:
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow all
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow none
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow host.domain.com
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow *.domain.com
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow ip-address
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow ip-address/netmask
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow ip-address/mm
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow @IF(name)
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Allow @LOCAL
+<br>
+Allows access from the named hosts or addresses.
+<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType None
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType Basic
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">AuthType Negotiate
+<br>
+Specifies the authentication type (None, Basic, or Negotiate)
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny all
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny none
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny host.domain.com
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny *.domain.com
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny ip-address
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny ip-address/netmask
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny ip-address/mm
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny @IF(name)
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Deny @LOCAL
+<br>
+Denies access to the named host or address.
+<p style="margin-left: 5.0em; text-indent: -5.0em">Encryption IfRequested
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Encryption Never
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Encryption Required
+<br>
+Specifies the level of encryption that is required for a particular
+location.
+<p style="margin-left: 5.0em; text-indent: -5.0em">Order allow,deny
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Order deny,allow
+<br>
+Specifies the order of HTTP access control (allow,deny or deny,allow)
+<p style="margin-left: 5.0em; text-indent: -5.0em">Require group group-name-list
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Require user user-name-list
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">Require valid-user
+<br>
+Specifies that user or group authentication is required.
+<h2 class="title"><a name="DIRECTIVES_VALID_WITHIN_POLICY_SECTIONS">Directives Valid Within Policy Sections</a></h2>
+The following directives may be placed inside Policy sections in the <i>cupsd.conf</i> file:
+<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateAccess all
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateAccess default
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+<br>
+Specifies an access list for a job's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
+<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues all
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues default
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues none
+<br>
+<p style="margin-left: 5.0em; text-indent: -5.0em">JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
+<br>
+Specifies the list of job values to make private. The "default" values are "job-name", "job-originating-host-name", and "job-originating-user-name".
<p style="margin-left: 5.0em; text-indent: -5.0em">SubscriptionPrivateAccess all
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">SubscriptionPrivateAccess default
<br>
<p style="margin-left: 5.0em; text-indent: -5.0em">SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
<br>
-<br>
Specifies an access list for a subscription's private values. The "default"
access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's
requesting-user-name-allowed or requesting-user-name-denied values.
Specifies the list of job values to make private. The "default" values are
"notify-events", "notify-pull-method", "notify-recipient-uri",
"notify-subscriber-user-name", and "notify-user-data".
-<p style="margin-left: 5.0em; text-indent: -5.0em">Timeout seconds
-<br>
-<br>
-Specifies the HTTP request timeout in seconds.
-<p style="margin-left: 5.0em; text-indent: -5.0em">WebInterface yes
-<br>
-<p style="margin-left: 5.0em; text-indent: -5.0em">WebInterface no
-<br>
-Specifies whether the web interface is enabled.
<h2 class="title"><a name="SEE_ALSO">See Also</a></h2>
-<i>classes.conf(5)</i>, <i>cups-files.conf(5)</i>, <i>cupsd(8)</i>,
-<i>mime.convs(5)</i>, <i>mime.types(5)</i>, <i>printers.conf(5)</i>,
-<i>subscriptions.conf(5)</i>,
-<br>
+<a href="man-classes.conf.html?TOPIC=Man+Pages"><b>classes.conf</b>(5),</a> <a href="man-cups-files.conf.html?TOPIC=Man+Pages"><b>cups-files.conf</b>(5),</a> <a href="man-cupsd.html?TOPIC=Man+Pages"><b>cupsd</b>(8),</a> <a href="man-mime.convs.html?TOPIC=Man+Pages"><b>mime.convs</b>(5),</a> <a href="man-mime.types.html?TOPIC=Man+Pages"><b>mime.types</b>(5),</a> <a href="man-printers.conf.html?TOPIC=Man+Pages"><b>printers.conf</b>(5),</a> <a href="man-subscriptions.conf.html?TOPIC=Man+Pages"><b>subscriptions.conf</b>(5),</a>
<a href="http://localhost:631/help">http://localhost:631/help</a>
<h2 class="title"><a name="COPYRIGHT">Copyright</a></h2>
-Copyright 2007-2013 by Apple Inc.
+Copyright © 2007-2014 by Apple Inc.
</body>
</html>
.\"
.\" "$Id$"
.\"
-.\" cupsd.conf man page for CUPS.
+.\" cupsd.conf man page for CUPS.
.\"
-.\" Copyright 2007-2013 by Apple Inc.
-.\" Copyright 1997-2006 by Easy Software Products.
+.\" Copyright 2007-2014 by Apple Inc.
+.\" Copyright 1997-2006 by Easy Software Products.
.\"
-.\" These coded instructions, statements, and computer programs are the
-.\" property of Apple Inc. and are protected by Federal copyright
-.\" law. Distribution and use rights are outlined in the file "LICENSE.txt"
-.\" which should have been included with this file. If this file is
-.\" file is missing or damaged, see the license at "http://www.cups.org/".
+.\" These coded instructions, statements, and computer programs are the
+.\" property of Apple Inc. and are protected by Federal copyright
+.\" law. Distribution and use rights are outlined in the file "LICENSE.txt"
+.\" which should have been included with this file. If this file is
+.\" file is missing or damaged, see the license at "http://www.cups.org/".
.\"
-.TH cupsd.conf 5 "CUPS" "8 July 2013" "Apple Inc."
+.TH cupsd.conf 5 "CUPS" "28 March 2014" "Apple Inc."
.SH NAME
cupsd.conf \- server configuration file for cups
.SH DESCRIPTION
-The \fIcupsd.conf\fR file configures the CUPS scheduler, \fIcupsd(8)\fR. It
-is normally located in the \fI/etc/cups\fR directory. \fBNote:\fR
-File, directory, and user configuration directives that used to be allowed in
-the \fIcupsd.conf\fR file are now stored in the \fIcups-files.conf(5)\fR instead
-in order to prevent certain types of privilege escalation attacks.
+The
+.I cupsd.conf
+file configures the CUPS scheduler,
+.BR cupsd (8).
+It is normally located in the \fI/etc/cups\fR directory. \fBNote:\fR File, directory, and user configuration directives that used to be allowed in the \fIcupsd.conf\fR file are now stored in the \fIcups-files.conf(5)\fR instead in order to prevent certain types of privilege escalation attacks.
.LP
-Each line in the file can be a configuration directive, a blank line,
-or a comment. Comment lines start with the # character. The
-configuration directives are intentionally similar to those used by the
-popular Apache web server software and are described below.
-.SH DIRECTIVES
-The following directives are understood by \fIcupsd(8)\fR. Consult the
-on-line help for detailed descriptions:
+Each line in the file can be a configuration directive, a blank line, or a comment. Comment lines start with the # character. The configuration directives are intentionally similar to those used by the popular Apache web server software and are described below.
+.SH TOP-LEVEL DIRECTIVES
+The following directives are understood by
+.B cupsd (8).
+Consult the online help (http://localhost:631/help) for detailed descriptions:
.TP 5
AccessLogLevel config
.TP 5
AccessLogLevel actions
.TP 5
AccessLogLevel all
-.br
Specifies the logging level for the AccessLog file.
.TP 5
-Allow all
-.TP 5
-Allow none
-.TP 5
-Allow host.domain.com
-.TP 5
-Allow *.domain.com
-.TP 5
-Allow ip-address
-.TP 5
-Allow ip-address/netmask
-.TP 5
-Allow ip-address/mm
-.TP 5
-Allow @IF(name)
-.TP 5
-Allow @LOCAL
-.br
-Allows access from the named hosts or addresses.
-.TP 5
-AuthType None
-.TP 5
-AuthType Basic
-.TP 5
-AuthType BasicDigest
-.TP 5
-AuthType Digest
-.TP 5
-AuthType Negotiate
-.br
-Specifies the authentication type (None, Basic, BasicDigest, Digest, Negotiate)
-.TP 5
AutoPurgeJobs Yes
.TP 5
AutoPurgeJobs No
Specifies whether to purge job history data automatically when
it is no longer required for quotas.
.TP 5
-BrowseLocalProtocols [All] [DNSSD]
-.br
+BrowseLocalProtocols [
+.I All
+] [
+.I DNSSD
+]
Specifies the protocols to use for local printer sharing.
.TP 5
BrowseWebIF Yes
.TP 5
DefaultAuthType Basic
.TP 5
-DefaultAuthType BasicDigest
-.TP 5
-DefaultAuthType Digest
-.TP 5
DefaultAuthType Negotiate
.br
Specifies the default type of authentication to use.
DefaultEncryption IfRequested
.TP 5
DefaultEncryption Required
-.br
Specifies the type of encryption to use for authenticated requests.
.TP 5
DefaultLanguage locale
-.br
Specifies the default language to use for text and web content.
.TP 5
DefaultPaperSize Auto
DefaultPaperSize None
.TP 5
DefaultPaperSize sizename
-.br
Specifies the default paper size for new print queues. "Auto" uses a locale-
specific default, while "None" specifies there is no default paper size.
.TP 5
DefaultPolicy policy-name
-.br
Specifies the default access policy to use.
.TP 5
DefaultShared Yes
.TP 5
DefaultShared No
-.br
Specifies whether local printers are shared by default.
.TP 5
-Deny all
-.TP 5
-Deny none
-.TP 5
-Deny host.domain.com
-.TP 5
-Deny *.domain.com
-.TP 5
-Deny ip-address
-.TP 5
-Deny ip-address/netmask
-.TP 5
-Deny ip-address/mm
-.TP 5
-Deny @IF(name)
-.TP 5
-Deny @LOCAL
-.br
-Denies access to the named host or address.
-.TP 5
DirtyCleanInterval seconds
-.br
Specifies the delay for updating of configuration and state files. A value of 0
causes the update to happen as soon as possible, typically within a few
milliseconds.
.TP 5
-Encryption IfRequested
-.TP 5
-Encryption Never
-.TP 5
-Encryption Required
-.br
-Specifies the level of encryption that is required for a particular
-location.
-.TP 5
FilterLimit limit
-.br
Specifies the maximum cost of filters that are run concurrently.
.TP 5
FilterNice nice-value
-.br
Specifies the scheduling priority ("nice" value) of filters that
are run to print a job.
.TP 5
GSSServiceName name
-.br
Specifies the service name when using Kerberos authentication. The default
service name is "http".
.TP 5
HostNameLookups Off
.TP 5
HostNameLookups Double
-.br
Specifies whether or not to do reverse lookups on client addresses.
.TP 5
Include filename
-.br
Includes the named file.
.TP 5
JobKillDelay seconds
-.br
Specifies the number of seconds to wait before killing the filters and backend
associated with a canceled or held job.
.TP 5
-JobPrivateAccess all
-.TP 5
-JobPrivateAccess default
-.TP 5
-JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
-.br
-Specifies an access list for a job's private values. The "default" access list
-is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed
-or requesting-user-name-denied values.
-.TP 5
-JobPrivateValues all
-.TP 5
-JobPrivateValues default
-.TP 5
-JobPrivateValues none
-.TP 5
-JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
-Specifies the list of job values to make private. The "default" values are
-"job-name", "job-originating-host-name", and "job-originating-user-name".
-.TP 5
JobRetryInterval seconds
-.br
Specifies the interval between retries of jobs in seconds.
.TP 5
JobRetryLimit count
-.br
Specifies the number of retries that are done for jobs.
.TP 5
KeepAlive Yes
.TP 5
KeepAlive No
-.br
Specifies whether to support HTTP keep-alive connections.
.TP 5
KeepAliveTimeout seconds
-.br
Specifies the amount of time that connections are kept alive.
.TP 5
<Limit operations> ... </Limit>
-.br
Specifies the IPP operations that are being limited inside a policy.
.TP 5
<Limit methods> ... </Limit>
.TP 5
<LimitExcept methods> ... </LimitExcept>
-.br
Specifies the HTTP methods that are being limited inside a location.
.TP 5
LimitRequestBody
-.br
Specifies the maximum size of any print job request.
.TP 5
Listen ip-address:port
Listen *:port
.TP 5
Listen /path/to/domain/socket
-.br
Listens to the specified address and port or domain socket path.
.TP 5
<Location /path> ... </Location>
-.br
Specifies access control for the named location.
.TP 5
LogDebugHistory #-messages
-.br
Specifies the number of debugging messages that are logged when an error
occurs in a print job.
.TP 5
LogLevel notice
.TP 5
LogLevel warn
-.br
Specifies the logging level for the ErrorLog file.
.TP 5
LogTimeFormat standard
.TP 5
LogTimeFormat usecs
-.br
Specifies the format of the date and time in the log files.
.TP 5
MaxClients number
-.br
Specifies the maximum number of simultaneous clients to support.
.TP 5
MaxClientsPerHost number
-.br
Specifies the maximum number of simultaneous clients to support from a
single address.
.TP 5
MaxCopies number
-.br
Specifies the maximum number of copies that a user can print of each job.
.TP 5
MaxHoldTime seconds
-.br
Specifies the maximum time a job may remain in the "indefinite" hold state
before it is canceled. Set to 0 to disable cancellation of held jobs.
.TP 5
MaxJobs number
-.br
Specifies the maximum number of simultaneous jobs to support.
.TP 5
MaxJobsPerPrinter number
-.br
Specifies the maximum number of simultaneous jobs per printer to support.
.TP 5
MaxJobsPerUser number
-.br
Specifies the maximum number of simultaneous jobs per user to support.
.TP 5
MaxJobTime seconds
-.br
Specifies the maximum time a job may take to print before it is canceled. The
default is 10800 seconds (3 hours). Set to 0 to disable cancellation of "stuck"
jobs.
.TP 5
MaxLogSize number-bytes
-.br
Specifies the maximum size of the log files before they are
rotated (0 to disable rotation)
.TP 5
MaxRequestSize number-bytes
-.br
Specifies the maximum request/file size in bytes (0 for no limit)
.TP 5
MultipleOperationTimeout seconds
-.br
Specifies the maximum amount of time to allow between files in a multiple file
print job.
.TP 5
-Order allow,deny
-.TP 5
-Order deny,allow
-.br
-Specifies the order of HTTP access control (allow,deny or deny,allow)
-.TP 5
PageLogFormat format string
-.br
Specifies the format of page log lines.
.TP 5
PassEnv variable [... variable]
-.br
Passes the specified environment variable(s) to child processes.
.TP 5
<Policy name> ... </Policy>
-.br
Specifies access control for the named policy.
.TP 5
Port number
-.br
Specifies a port number to listen to for HTTP requests.
.TP 5
PreserveJobFiles Yes
.TP 5
PreserveJobFiles No
-.br
Specifies whether or not to preserve job files after they are printed.
.TP 5
PreserveJobHistory Yes
.TP 5
PreserveJobHistory No
-.br
Specifies whether or not to preserve the job history after they are
printed.
.TP 5
PrintcapFormat plist
.TP 5
PrintcapFormat solaris
-.br
Specifies the format of the printcap file.
.TP 5
ReloadTimeout seconds
-.br
Specifies the amount of time to wait for job completion before
restarting the scheduler.
.TP 5
-Require group group-name-list
-.TP 5
-Require user user-name-list
-.TP 5
-Require valid-user
-.br
-Specifies that user or group authentication is required.
-.TP 5
RIPCache bytes
-.br
Specifies the maximum amount of memory to use when converting images
and PostScript files to bitmaps for a printer.
.TP 5
Satisfy all
.TP 5
Satisfy any
-.br
Specifies whether all or any limits set for a Location must be
satisfied to allow access.
.TP 5
ServerAdmin user@domain.com
-.br
Specifies the email address of the server administrator.
.TP 5
ServerAlias hostname [... hostname]
.TP 5
ServerAlias *
-.br
Specifies an alternate name that the server is known by. The special name "*"
allows any name to be used.
.TP 5
ServerName hostname-or-ip-address
-.br
Specifies the fully-qualified hostname of the server.
.TP 5
ServerTokens Full
ServerTokens OS
.TP 5
ServerTokens ProductOnly
-.br
Specifies what information is included in the Server header of HTTP
responses.
.TP 5
SetEnv variable value
-.br
Set the specified environment variable to be passed to child processes.
.TP 5
SSLListen
-.br
Listens on the specified address and port for encrypted connections.
.TP 5
SSLPort
-.br
Listens on the specified port for encrypted connections.
.TP 5
StrictConformance Yes
.TP 5
StrictConformance No
-.br
Specifies whether the scheduler requires clients to strictly adhere to the IPP
specifications. The default is No.
.TP 5
+Timeout seconds
+Specifies the HTTP request timeout in seconds.
+.TP 5
+WebInterface yes
+.TP 5
+WebInterface no
+Specifies whether the web interface is enabled.
+.SH DIRECTIVES VALID WITHIN LOCATION AND LIMIT SECTIONS
+The following directives may be placed inside Location and Limit sections in the \fIcupsd.conf\fR file:
+.TP 5
+Allow all
+.TP 5
+Allow none
+.TP 5
+Allow host.domain.com
+.TP 5
+Allow *.domain.com
+.TP 5
+Allow ip-address
+.TP 5
+Allow ip-address/netmask
+.TP 5
+Allow ip-address/mm
+.TP 5
+Allow @IF(name)
+.TP 5
+Allow @LOCAL
+Allows access from the named hosts or addresses.
+.TP 5
+AuthType None
+.TP 5
+AuthType Basic
+.TP 5
+AuthType Negotiate
+Specifies the authentication type (None, Basic, or Negotiate)
+.TP 5
+Deny all
+.TP 5
+Deny none
+.TP 5
+Deny host.domain.com
+.TP 5
+Deny *.domain.com
+.TP 5
+Deny ip-address
+.TP 5
+Deny ip-address/netmask
+.TP 5
+Deny ip-address/mm
+.TP 5
+Deny @IF(name)
+.TP 5
+Deny @LOCAL
+Denies access to the named host or address.
+.TP 5
+Encryption IfRequested
+.TP 5
+Encryption Never
+.TP 5
+Encryption Required
+Specifies the level of encryption that is required for a particular
+location.
+.TP 5
+Order allow,deny
+.TP 5
+Order deny,allow
+Specifies the order of HTTP access control (allow,deny or deny,allow)
+.TP 5
+Require group group-name-list
+.TP 5
+Require user user-name-list
+.TP 5
+Require valid-user
+Specifies that user or group authentication is required.
+.SH DIRECTIVES VALID WITHIN POLICY SECTIONS
+The following directives may be placed inside Policy sections in the \fIcupsd.conf\fR file:
+.TP 5
+JobPrivateAccess all
+.TP 5
+JobPrivateAccess default
+.TP 5
+JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
+Specifies an access list for a job's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
+.TP 5
+JobPrivateValues all
+.TP 5
+JobPrivateValues default
+.TP 5
+JobPrivateValues none
+.TP 5
+JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
+Specifies the list of job values to make private. The "default" values are "job-name", "job-originating-host-name", and "job-originating-user-name".
+.TP 5
SubscriptionPrivateAccess all
.TP 5
SubscriptionPrivateAccess default
.TP 5
SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
-.br
Specifies an access list for a subscription's private values. The "default"
access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's
requesting-user-name-allowed or requesting-user-name-denied values.
Specifies the list of job values to make private. The "default" values are
"notify-events", "notify-pull-method", "notify-recipient-uri",
"notify-subscriber-user-name", and "notify-user-data".
-.TP 5
-Timeout seconds
-.br
-Specifies the HTTP request timeout in seconds.
-.TP 5
-WebInterface yes
-.TP 5
-WebInterface no
-Specifies whether the web interface is enabled.
.SH SEE ALSO
-\fIclasses.conf(5)\fR, \fIcups-files.conf(5)\fR, \fIcupsd(8)\fR,
-\fImime.convs(5)\fR, \fImime.types(5)\fR, \fIprinters.conf(5)\fR,
-\fIsubscriptions.conf(5)\fR,
-.br
+.BR classes.conf (5), cups-files.conf (5), cupsd (8), mime.convs (5), mime.types (5), printers.conf (5), subscriptions.conf (5),
http://localhost:631/help
.SH COPYRIGHT
-Copyright 2007-2013 by Apple Inc.
+Copyright \[co] 2007-2014 by Apple Inc.
.\"
.\" End of "$Id$".
.\"
#
# "$Id$"
#
-# ESP Package Manager (EPM) file list for CUPS.
+# ESP Package Manager (EPM) file list for CUPS.
#
-# Copyright 2007-2012 by Apple Inc.
-# Copyright 1997-2007 by Easy Software Products, all rights reserved.
+# Copyright 2007-2014 by Apple Inc.
+# Copyright 1997-2007 by Easy Software Products, all rights reserved.
#
-# These coded instructions, statements, and computer programs are the
-# property of Apple Inc. and are protected by Federal copyright
-# law. Distribution and use rights are outlined in the file "LICENSE.txt"
-# which should have been included with this file. If this file is
-# file is missing or damaged, see the license at "http://www.cups.org/".
+# These coded instructions, statements, and computer programs are the
+# property of Apple Inc. and are protected by Federal copyright
+# law. Distribution and use rights are outlined in the file "LICENSE.txt"
+# which should have been included with this file. If this file is
+# file is missing or damaged, see the license at "http://www.cups.org/".
#
# Product information
%product CUPS
-%copyright 2007-2012 by Apple Inc.
+%copyright 2007-2014 by Apple Inc.
%vendor Apple Inc.
#%license LICENSE.txt
%readme LICENSE.txt
f 0555 root sys $BINDIR/ipptool test/ipptool
f 0555 root sys $BINDIR/lp systemv/lp
f 0555 root sys $BINDIR/lpoptions systemv/lpoptions
-f 0555 root sys $BINDIR/lppasswd systemv/lppasswd
f 0555 root sys $BINDIR/lpq berkeley/lpq
f 0555 root sys $BINDIR/lpr berkeley/lpr
f 0555 root sys $BINDIR/lprm berkeley/lprm
f 0444 root sys $MANDIR/man1/cupstestppd.$MAN1EXT man/cupstestppd.$MAN1EXT
f 0444 root sys $MANDIR/man1/ipptool.$MAN1EXT man/ipptool.$MAN1EXT
f 0444 root sys $MANDIR/man1/lpoptions.$MAN1EXT man/lpoptions.$MAN1EXT
-f 0444 root sys $MANDIR/man1/lppasswd.$MAN1EXT man/lppasswd.$MAN1EXT
f 0444 root sys $MANDIR/man1/lpq.$MAN1EXT man/lpq.$MAN1EXT
f 0444 root sys $MANDIR/man1/lprm.$MAN1EXT man/lprm.$MAN1EXT
f 0444 root sys $MANDIR/man1/lpr.$MAN1EXT man/lpr.$MAN1EXT
/usr/share/man/man1/ipptool.1.gz
/usr/share/man/man1/lp.1.gz
/usr/share/man/man1/lpoptions.1.gz
-/usr/share/man/man1/lppasswd.1.gz
/usr/share/man/man1/lpq.1.gz
/usr/share/man/man1/lpr.1.gz
/usr/share/man/man1/lprm.1.gz
static char *cups_crypt(const char *pw, const char *salt);
#endif /* !HAVE_LIBPAM */
static void free_authmask(cupsd_authmask_t *am, void *data);
-static char *get_md5_password(const char *username,
- const char *group, char passwd[33]);
#if HAVE_LIBPAM
static int pam_func(int, const struct pam_message **,
struct pam_response **, void *);
password[HTTP_MAX_VALUE];
/* Password string */
cupsd_cert_t *localuser; /* Certificate username */
- char nonce[HTTP_MAX_VALUE], /* Nonce value from client */
- md5[33], /* MD5 password */
- basicmd5[33]; /* MD5 of Basic password */
- static const char * const states[] = /* HTTP client states... */
- {
- "WAITING",
- "OPTIONS",
- "GET",
- "GET",
- "HEAD",
- "POST",
- "POST",
- "POST",
- "PUT",
- "PUT",
- "DELETE",
- "TRACE",
- "CLOSE",
- "STATUS"
- };
/*
httpAddrLocalhost(httpGetAddress(con->http)))
{
OSStatus status; /* Status */
+ char authdata[HTTP_MAX_VALUE];
+ /* Nonce value from client */
int authlen; /* Auth string length */
AuthorizationItemSet *authinfo; /* Authorization item set */
while (isspace(*authorization & 255))
authorization ++;
- authlen = sizeof(nonce);
- httpDecode64_2(nonce, &authlen, authorization);
+ authlen = sizeof(authdata);
+ httpDecode64_2(authdata, &authlen, authorization);
if (authlen != kAuthorizationExternalFormLength)
{
return;
}
- if ((status = AuthorizationCreateFromExternalForm(
- (AuthorizationExternalForm *)nonce, &con->authref)) != 0)
+ if ((status = AuthorizationCreateFromExternalForm((AuthorizationExternalForm *)authdata, &con->authref)) != 0)
{
cupsdLogMessage(CUPSD_LOG_ERROR,
"[Client %d] AuthorizationCreateFromExternalForm "
"[Client %d] Authorized as %s using Basic",
con->number, username);
break;
-
- case CUPSD_AUTH_BASICDIGEST :
- /*
- * Do Basic authentication with the Digest password file...
- */
-
- if (!get_md5_password(username, NULL, md5))
- {
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] Unknown MD5 username \"%s\".",
- con->number, username);
- return;
- }
-
- httpMD5(username, "CUPS", password, basicmd5);
-
- if (strcmp(md5, basicmd5))
- {
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] Authentication failed for \"%s\".",
- con->number, username);
- return;
- }
-
- cupsdLogMessage(CUPSD_LOG_DEBUG,
- "[Client %d] Authorized as %s using BasicDigest",
- con->number, username);
- break;
}
con->type = type;
}
- else if (!strncmp(authorization, "Digest", 6))
- {
- /*
- * Get the username, password, and nonce from the Digest attributes...
- */
-
- if (!httpGetSubField2(con->http, HTTP_FIELD_AUTHORIZATION, "username",
- username, sizeof(username)) || !username[0])
- {
- /*
- * Username must not be empty...
- */
-
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] Empty or missing Digest username.",
- con->number);
- return;
- }
-
- if (!httpGetSubField2(con->http, HTTP_FIELD_AUTHORIZATION, "response",
- password, sizeof(password)) || !password[0])
- {
- /*
- * Password must not be empty...
- */
-
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] Empty or missing Digest password.",
- con->number);
- return;
- }
-
- if (!httpGetSubField(con->http, HTTP_FIELD_AUTHORIZATION, "nonce",
- nonce))
- {
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] No nonce value for Digest authentication.",
- con->number);
- return;
- }
-
- if (strcmp(con->http->hostname, nonce))
- {
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] Bad nonce value, expected \"%s\", "
- "got \"%s\".", con->number, con->http->hostname, nonce);
- return;
- }
-
- /*
- * Validate the username and password...
- */
-
- if (!get_md5_password(username, NULL, md5))
- {
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] Unknown MD5 username \"%s\".",
- con->number, username);
- return;
- }
-
- httpMD5Final(nonce, states[httpGetState(con->http)], con->uri, md5);
-
- if (strcmp(md5, password))
- {
- cupsdLogMessage(CUPSD_LOG_ERROR,
- "[Client %d] Authentication failed for \"%s\".",
- con->number, username);
- return;
- }
-
- cupsdLogMessage(CUPSD_LOG_DEBUG,
- "[Client %d] Authorized as %s using Digest", con->number,
- username);
-
- con->type = CUPSD_AUTH_DIGEST;
- }
#ifdef HAVE_GSSAPI
else if (!strncmp(authorization, "Negotiate", 9))
{
{
int i; /* Looping var */
struct group *group; /* System group info */
- char junk[33]; /* MD5 password (not used) */
#ifdef HAVE_MBR_UID_TO_UUID
uuid_t useruuid, /* UUID for username */
groupuuid; /* UUID for groupname */
return (0);
#endif /* HAVE_MBR_UID_TO_UUID */
- /*
- * Username not found, group not found, or user is not part of the
- * system group... Check for a user and group in the MD5 password
- * file...
- */
-
- if (get_md5_password(username, groupname, junk) != NULL)
- return (1);
-
/*
* If we get this far, then the user isn't part of the named group...
*/
{
"None",
"Basic",
- "Digest",
- "BasicDigest",
"Negotiate"
};
#ifdef HAVE_GSSAPI
(type != CUPSD_AUTH_NEGOTIATE || con->gss_uid <= 0) &&
#endif /* HAVE_GSSAPI */
- (con->type != CUPSD_AUTH_BASIC || type != CUPSD_AUTH_BASICDIGEST))
+ con->type != CUPSD_AUTH_BASIC)
{
- cupsdLogMessage(CUPSD_LOG_ERROR, "Authorized using %s, expected %s!",
+ cupsdLogMessage(CUPSD_LOG_ERROR, "Authorized using %s, expected %s.",
types[con->type], types[type]);
return (HTTP_UNAUTHORIZED);
}
-/*
- * 'get_md5_password()' - Get an MD5 password.
- */
-
-static char * /* O - MD5 password string */
-get_md5_password(const char *username, /* I - Username */
- const char *group, /* I - Group */
- char passwd[33]) /* O - MD5 password string */
-{
- cups_file_t *fp; /* passwd.md5 file */
- char filename[1024], /* passwd.md5 filename */
- line[256], /* Line from file */
- tempuser[33], /* User from file */
- tempgroup[33]; /* Group from file */
-
-
- cupsdLogMessage(CUPSD_LOG_DEBUG2,
- "get_md5_password(username=\"%s\", group=\"%s\", passwd=%p)",
- username, group ? group : "(null)", passwd);
-
- snprintf(filename, sizeof(filename), "%s/passwd.md5", ServerRoot);
- if ((fp = cupsFileOpen(filename, "r")) == NULL)
- {
- if (errno != ENOENT)
- cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open %s - %s", filename,
- strerror(errno));
-
- return (NULL);
- }
-
- while (cupsFileGets(fp, line, sizeof(line)) != NULL)
- {
- if (sscanf(line, "%32[^:]:%32[^:]:%32s", tempuser, tempgroup, passwd) != 3)
- {
- cupsdLogMessage(CUPSD_LOG_ERROR, "Bad MD5 password line: %s", line);
- continue;
- }
-
- if (!strcmp(username, tempuser) &&
- (group == NULL || !strcmp(group, tempgroup)))
- {
- /*
- * Found the password entry!
- */
-
- cupsdLogMessage(CUPSD_LOG_DEBUG2, "Found MD5 user %s, group %s...",
- username, tempgroup);
-
- cupsFileClose(fp);
- return (passwd);
- }
- }
-
- /*
- * Didn't find a password entry - return NULL!
- */
-
- cupsFileClose(fp);
- return (NULL);
-}
-
-
#if HAVE_LIBPAM
/*
* 'pam_func()' - PAM conversation function.
#define CUPSD_AUTH_DEFAULT -1 /* Use DefaultAuthType */
#define CUPSD_AUTH_NONE 0 /* No authentication */
#define CUPSD_AUTH_BASIC 1 /* Basic authentication */
-#define CUPSD_AUTH_DIGEST 2 /* Digest authentication */
-#define CUPSD_AUTH_BASICDIGEST 3 /* Basic authentication w/passwd.md5 */
-#define CUPSD_AUTH_NEGOTIATE 4 /* Kerberos authentication */
-#define CUPSD_AUTH_AUTO 5 /* Kerberos or Basic, depending on configuration of server */
+#define CUPSD_AUTH_NEGOTIATE 2 /* Kerberos authentication */
+#define CUPSD_AUTH_AUTO 3 /* Kerberos or Basic, depending on configuration of server */
#define CUPSD_AUTH_ANON 0 /* Anonymous access */
#define CUPSD_AUTH_USER 1 /* Must have a valid username/password */
auth_str[0] = '\0';
- if (auth_type == CUPSD_AUTH_BASIC || auth_type == CUPSD_AUTH_BASICDIGEST)
+ if (auth_type == CUPSD_AUTH_BASIC)
strlcpy(auth_str, "Basic realm=\"CUPS\"", sizeof(auth_str));
- else if (auth_type == CUPSD_AUTH_DIGEST)
- snprintf(auth_str, sizeof(auth_str), "Digest realm=\"CUPS\", nonce=\"%s\"",
- httpGetHostname(con->http, NULL, 0));
#ifdef HAVE_GSSAPI
else if (auth_type == CUPSD_AUTH_NEGOTIATE)
{
if (loc->level == CUPSD_AUTH_ANON)
loc->level = CUPSD_AUTH_USER;
}
- else if (!_cups_strcasecmp(value, "digest"))
- {
- loc->type = CUPSD_AUTH_DIGEST;
-
- if (loc->level == CUPSD_AUTH_ANON)
- loc->level = CUPSD_AUTH_USER;
- }
- else if (!_cups_strcasecmp(value, "basicdigest"))
- {
- loc->type = CUPSD_AUTH_BASICDIGEST;
-
- if (loc->level == CUPSD_AUTH_ANON)
- loc->level = CUPSD_AUTH_USER;
- }
else if (!_cups_strcasecmp(value, "default"))
{
loc->type = CUPSD_AUTH_DEFAULT;
default_auth_type = CUPSD_AUTH_NONE;
else if (!_cups_strcasecmp(value, "basic"))
default_auth_type = CUPSD_AUTH_BASIC;
- else if (!_cups_strcasecmp(value, "digest"))
- default_auth_type = CUPSD_AUTH_DIGEST;
- else if (!_cups_strcasecmp(value, "basicdigest"))
- default_auth_type = CUPSD_AUTH_BASICDIGEST;
#ifdef HAVE_GSSAPI
else if (!_cups_strcasecmp(value, "negotiate"))
default_auth_type = CUPSD_AUTH_NEGOTIATE;
if ((auth_type = auth->type) == CUPSD_AUTH_DEFAULT)
auth_type = cupsdDefaultAuthType();
- if (auth_type == CUPSD_AUTH_BASIC || auth_type == CUPSD_AUTH_BASICDIGEST)
+ if (auth_type == CUPSD_AUTH_BASIC)
auth_supported = "basic";
- else if (auth_type == CUPSD_AUTH_DIGEST)
- auth_supported = "digest";
#ifdef HAVE_GSSAPI
else if (auth_type == CUPSD_AUTH_NEGOTIATE)
auth_supported = "negotiate";
#
# "$Id$"
#
-# System V commands makefile for CUPS.
+# System V commands makefile for CUPS.
#
-# Copyright 2007-2012 by Apple Inc.
-# Copyright 1997-2006 by Easy Software Products, all rights reserved.
+# Copyright 2007-2014 by Apple Inc.
+# Copyright 1997-2006 by Easy Software Products, all rights reserved.
#
-# These coded instructions, statements, and computer programs are the
-# property of Apple Inc. and are protected by Federal copyright
-# law. Distribution and use rights are outlined in the file "LICENSE.txt"
-# which should have been included with this file. If this file is
-# file is missing or damaged, see the license at "http://www.cups.org/".
+# These coded instructions, statements, and computer programs are the
+# property of Apple Inc. and are protected by Federal copyright
+# law. Distribution and use rights are outlined in the file "LICENSE.txt"
+# which should have been included with this file. If this file is
+# file is missing or damaged, see the license at "http://www.cups.org/".
#
include ../Makedefs
TARGETS = cancel cupsaccept cupsaddsmb cupsctl cupstestdsc cupstestppd \
- lp lpadmin lpinfo lpmove lpoptions lppasswd lpstat
+ lp lpadmin lpinfo lpmove lpoptions lpstat
OBJS = cancel.o cupsaccept.o cupsaddsmb.o cupsctl.o cupstestdsc.o \
cupstestppd.o lp.o lpadmin.o lpinfo.o lpmove.o lpoptions.o \
- lppasswd.o lpstat.o
+ lpstat.o
#
$(INSTALL_BIN) lp $(BINDIR)
$(INSTALL_BIN) lpoptions $(BINDIR)
$(INSTALL_BIN) lpstat $(BINDIR)
- $(INSTALL_BIN) lppasswd $(BINDIR)
if test "x$(SYMROOT)" != "x"; then \
$(INSTALL_DIR) $(SYMROOT); \
for file in $(TARGETS); do \
$(RM) $(BINDIR)/cupstestppd
$(RM) $(BINDIR)/lp
$(RM) $(BINDIR)/lpoptions
- $(RM) $(BINDIR)/lppasswd
$(RM) $(BINDIR)/lpstat
-$(RMDIR) $(BINDIR)
$(RM) $(SBINDIR)/accept
$(CC) $(LDFLAGS) -o lpoptions lpoptions.o $(LIBZ) $(LIBS)
-#
-# lppasswd
-#
-
-lppasswd: lppasswd.o ../cups/$(LIBCUPS)
- echo Linking $@...
- $(CC) $(LDFLAGS) -o lppasswd lppasswd.o $(LIBZ) $(LIBS)
-
-
#
# lpstat
#
+++ /dev/null
-/*
- * "$Id$"
- *
- * MD5 password program for CUPS.
- *
- * Copyright 2007-2011 by Apple Inc.
- * Copyright 1997-2006 by Easy Software Products.
- *
- * These coded instructions, statements, and computer programs are the
- * property of Apple Inc. and are protected by Federal copyright
- * law. Distribution and use rights are outlined in the file "LICENSE.txt"
- * which should have been included with this file. If this file is
- * file is missing or damaged, see the license at "http://www.cups.org/".
- *
- * Contents:
- *
- * main() - Add, change, or delete passwords from the MD5 password file.
- * usage() - Show program usage.
- */
-
-/*
- * Include necessary headers...
- */
-
-#include <cups/cups-private.h>
-#include <cups/md5-private.h>
-#include <fcntl.h>
-#include <grp.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#ifndef WIN32
-# include <unistd.h>
-# include <signal.h>
-#endif /* !WIN32 */
-
-
-/*
- * Operations...
- */
-
-#define ADD 0
-#define CHANGE 1
-#define DELETE 2
-
-
-/*
- * Local functions...
- */
-
-static void usage(FILE *fp) __attribute__((noreturn));
-
-
-/*
- * 'main()' - Add, change, or delete passwords from the MD5 password file.
- */
-
-int /* O - Exit status */
-main(int argc, /* I - Number of command-line arguments */
- char *argv[]) /* I - Command-line arguments */
-{
- int i; /* Looping var */
- char *opt; /* Option pointer */
- const char *username; /* Pointer to username */
- const char *groupname; /* Pointer to group name */
- int op; /* Operation (add, change, delete) */
- const char *passwd; /* Password string */
- FILE *infile, /* Input file */
- *outfile; /* Output file */
- char line[256], /* Line from file */
- userline[17], /* User from line */
- groupline[17], /* Group from line */
- md5line[33], /* MD5-sum from line */
- md5new[33]; /* New MD5 sum */
- char passwdmd5[1024], /* passwd.md5 file */
- passwdold[1024], /* passwd.old file */
- passwdnew[1024]; /* passwd.tmp file */
- char *newpass, /* new password */
- *oldpass; /* old password */
- int flag; /* Password check flags... */
- int fd; /* Password file descriptor */
- int error; /* Write error */
- _cups_globals_t *cg = _cupsGlobals(); /* Global data */
- cups_lang_t *lang; /* Language info */
-#if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
- struct sigaction action; /* Signal action */
-#endif /* HAVE_SIGACTION && !HAVE_SIGSET*/
-
-
- _cupsSetLocale(argv);
- lang = cupsLangDefault();
-
- /*
- * Check to see if stdin, stdout, and stderr are still open...
- */
-
- if (fcntl(0, F_GETFD, &i) ||
- fcntl(1, F_GETFD, &i) ||
- fcntl(2, F_GETFD, &i))
- {
- /*
- * No, return exit status 2 and don't try to send any output since
- * someone is trying to bypass the security on the server.
- */
-
- return (2);
- }
-
- /*
- * Find the server directory...
- */
-
- snprintf(passwdmd5, sizeof(passwdmd5), "%s/passwd.md5", cg->cups_serverroot);
- snprintf(passwdold, sizeof(passwdold), "%s/passwd.old", cg->cups_serverroot);
- snprintf(passwdnew, sizeof(passwdnew), "%s/passwd.new", cg->cups_serverroot);
-
- /*
- * Find the default system group...
- */
-
- if (getgrnam(CUPS_DEFAULT_GROUP))
- groupname = CUPS_DEFAULT_GROUP;
- else
- groupname = "unknown";
-
- endgrent();
-
- username = NULL;
- op = CHANGE;
-
- /*
- * Parse command-line options...
- */
-
- for (i = 1; i < argc; i ++)
- if (argv[i][0] == '-')
- for (opt = argv[i] + 1; *opt; opt ++)
- switch (*opt)
- {
- case 'a' : /* Add */
- op = ADD;
- break;
- case 'x' : /* Delete */
- op = DELETE;
- break;
- case 'g' : /* Group */
- i ++;
- if (i >= argc)
- usage(stderr);
-
- groupname = argv[i];
- break;
- case 'h' : /* Help */
- usage(stdout);
- break;
- default : /* Bad option */
- usage(stderr);
- break;
- }
- else if (!username)
- username = argv[i];
- else
- usage(stderr);
-
- /*
- * See if we are trying to add or delete a password when we aren't logged in
- * as root...
- */
-
- if (getuid() && getuid() != geteuid() && (op != CHANGE || username))
- {
- _cupsLangPuts(stderr,
- _("lppasswd: Only root can add or delete passwords."));
- return (1);
- }
-
- /*
- * Fill in missing info...
- */
-
- if (!username)
- username = cupsUser();
-
- oldpass = newpass = NULL;
-
- /*
- * Obtain old and new password _before_ locking the database
- * to keep users from locking the file indefinitely.
- */
-
- if (op == CHANGE && getuid())
- {
- if ((passwd = cupsGetPassword(_("Enter old password:"))) == NULL)
- return (1);
-
- if ((oldpass = strdup(passwd)) == NULL)
- {
- _cupsLangPrintf(stderr,
- _("lppasswd: Unable to copy password string: %s"),
- strerror(errno));
- return (1);
- }
- }
-
- /*
- * Now get the new password, if necessary...
- */
-
- if (op != DELETE)
- {
- if ((passwd = cupsGetPassword(
- _cupsLangString(lang, _("Enter password:")))) == NULL)
- return (1);
-
- if ((newpass = strdup(passwd)) == NULL)
- {
- _cupsLangPrintf(stderr,
- _("lppasswd: Unable to copy password string: %s"),
- strerror(errno));
- return (1);
- }
-
- if ((passwd = cupsGetPassword(
- _cupsLangString(lang, _("Enter password again:")))) == NULL)
- return (1);
-
- if (strcmp(passwd, newpass) != 0)
- {
- _cupsLangPuts(stderr,
- _("lppasswd: Sorry, passwords don't match."));
- return (1);
- }
-
- /*
- * Check that the password contains at least one letter and number.
- */
-
- flag = 0;
-
- for (passwd = newpass; *passwd; passwd ++)
- if (isdigit(*passwd & 255))
- flag |= 1;
- else if (isalpha(*passwd & 255))
- flag |= 2;
-
- /*
- * Only allow passwords that are at least 6 chars, have a letter and
- * a number, and don't contain the username.
- */
-
- if (strlen(newpass) < 6 || strstr(newpass, username) != NULL || flag != 3)
- {
- _cupsLangPuts(stderr, _("lppasswd: Sorry, password rejected."));
- _cupsLangPuts(stderr, _("Your password must be at least 6 characters "
- "long, cannot contain your username, and must "
- "contain at least one letter and number."));
- return (1);
- }
- }
-
- /*
- * Ignore SIGHUP, SIGINT, SIGTERM, and SIGXFSZ (if defined) for the
- * remainder of the time so that we won't end up with bogus password
- * files...
- */
-
-#ifndef WIN32
-# if defined(HAVE_SIGSET)
- sigset(SIGHUP, SIG_IGN);
- sigset(SIGINT, SIG_IGN);
- sigset(SIGTERM, SIG_IGN);
-# ifdef SIGXFSZ
- sigset(SIGXFSZ, SIG_IGN);
-# endif /* SIGXFSZ */
-# elif defined(HAVE_SIGACTION)
- memset(&action, 0, sizeof(action));
- action.sa_handler = SIG_IGN;
-
- sigaction(SIGHUP, &action, NULL);
- sigaction(SIGINT, &action, NULL);
- sigaction(SIGTERM, &action, NULL);
-# ifdef SIGXFSZ
- sigaction(SIGXFSZ, &action, NULL);
-# endif /* SIGXFSZ */
-# else
- signal(SIGHUP, SIG_IGN);
- signal(SIGINT, SIG_IGN);
- signal(SIGTERM, SIG_IGN);
-# ifdef SIGXFSZ
- signal(SIGXFSZ, SIG_IGN);
-# endif /* SIGXFSZ */
-# endif
-#endif /* !WIN32 */
-
- /*
- * Open the output file.
- */
-
- if ((fd = open(passwdnew, O_WRONLY | O_CREAT | O_EXCL, 0400)) < 0)
- {
- if (errno == EEXIST)
- _cupsLangPuts(stderr, _("lppasswd: Password file busy."));
- else
- _cupsLangPrintf(stderr, _("lppasswd: Unable to open password file: %s"),
- strerror(errno));
-
- return (1);
- }
-
- if ((outfile = fdopen(fd, "w")) == NULL)
- {
- _cupsLangPrintf(stderr, _("lppasswd: Unable to open password file: %s"),
- strerror(errno));
-
- unlink(passwdnew);
-
- return (1);
- }
-
- setbuf(outfile, NULL);
-
- /*
- * Open the existing password file and create a new one...
- */
-
- infile = fopen(passwdmd5, "r");
- if (infile == NULL && errno != ENOENT && op != ADD)
- {
- _cupsLangPrintf(stderr, _("lppasswd: Unable to open password file: %s"),
- strerror(errno));
-
- fclose(outfile);
-
- unlink(passwdnew);
-
- return (1);
- }
-
- /*
- * Read lines from the password file; the format is:
- *
- * username:group:MD5-sum
- */
-
- error = 0;
- userline[0] = '\0';
- groupline[0] = '\0';
- md5line[0] = '\0';
-
- if (infile)
- {
- while (fgets(line, sizeof(line), infile) != NULL)
- {
- if (sscanf(line, "%16[^:]:%16[^:]:%32s", userline, groupline, md5line) != 3)
- continue;
-
- if (strcmp(username, userline) == 0 &&
- strcmp(groupname, groupline) == 0)
- break;
-
- if (fputs(line, outfile) == EOF)
- {
- _cupsLangPrintf(stderr,
- _("lppasswd: Unable to write to password file: %s"),
- strerror(errno));
- error = 1;
- break;
- }
- }
-
- if (!error)
- {
- while (fgets(line, sizeof(line), infile) != NULL)
- if (fputs(line, outfile) == EOF)
- {
- _cupsLangPrintf(stderr,
- _("lppasswd: Unable to write to password file: %s"),
- strerror(errno));
- error = 1;
- break;
- }
- }
- }
-
- if (op == CHANGE &&
- (strcmp(username, userline) || strcmp(groupname, groupline)))
- {
- _cupsLangPrintf(stderr,
- _("lppasswd: user \"%s\" and group \"%s\" do not exist."),
- username, groupname);
- error = 1;
- }
- else if (op != DELETE)
- {
- if (oldpass &&
- strcmp(httpMD5(username, "CUPS", oldpass, md5new), md5line) != 0)
- {
- _cupsLangPuts(stderr, _("lppasswd: Sorry, password doesn't match."));
- error = 1;
- }
- else
- {
- snprintf(line, sizeof(line), "%s:%s:%s\n", username, groupname,
- httpMD5(username, "CUPS", newpass, md5new));
- if (fputs(line, outfile) == EOF)
- {
- _cupsLangPrintf(stderr,
- _("lppasswd: Unable to write to password file: %s"),
- strerror(errno));
- error = 1;
- }
- }
- }
-
- /*
- * Close the files...
- */
-
- if (infile)
- fclose(infile);
-
- if (fclose(outfile) == EOF)
- error = 1;
-
- /*
- * Error out gracefully as needed...
- */
-
- if (error)
- {
- _cupsLangPuts(stderr, _("lppasswd: Password file not updated."));
-
- unlink(passwdnew);
-
- return (1);
- }
-
- /*
- * Save old passwd file
- */
-
- unlink(passwdold);
- if (link(passwdmd5, passwdold) && errno != ENOENT)
- {
- _cupsLangPrintf(stderr,
- _("lppasswd: failed to backup old password file: %s"),
- strerror(errno));
- unlink(passwdnew);
- return (1);
- }
-
- /*
- * Install new password file
- */
-
- if (rename(passwdnew, passwdmd5) < 0)
- {
- _cupsLangPrintf(stderr, _("lppasswd: failed to rename password file: %s"),
- strerror(errno));
- unlink(passwdnew);
- return (1);
- }
-
- return (0);
-}
-
-
-/*
- * 'usage()' - Show program usage.
- */
-
-static void
-usage(FILE *fp) /* I - File to send usage to */
-{
- if (getuid())
- _cupsLangPuts(fp, _("Usage: lppasswd [-g groupname]"));
- else
- _cupsLangPuts(fp,
- _("Usage: lppasswd [-g groupname] [username]\n"
- " lppasswd [-g groupname] -a [username]\n"
- " lppasswd [-g groupname] -x [username]"));
-
- exit(1);
-}
-
-
-/*
- * End of "$Id$".
- */
2732E08E137A3F5200FAFEF6 /* lpinfo.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; name = lpinfo.c; path = ../systemv/lpinfo.c; sourceTree = "<group>"; };
2732E08F137A3F5200FAFEF6 /* lpmove.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; name = lpmove.c; path = ../systemv/lpmove.c; sourceTree = "<group>"; };
2732E090137A3F5200FAFEF6 /* lpoptions.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; name = lpoptions.c; path = ../systemv/lpoptions.c; sourceTree = "<group>"; };
- 2732E091137A3F5200FAFEF6 /* lppasswd.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; name = lppasswd.c; path = ../systemv/lppasswd.c; sourceTree = "<group>"; };
2732E092137A3F5200FAFEF6 /* lpstat.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; name = lpstat.c; path = ../systemv/lpstat.c; sourceTree = "<group>"; };
273BF6BD1333B5000022CAAB /* testcups */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = testcups; sourceTree = BUILT_PRODUCTS_DIR; };
273BF6C61333B5370022CAAB /* testcups.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = testcups.c; path = ../cups/testcups.c; sourceTree = "<group>"; };
2732E08E137A3F5200FAFEF6 /* lpinfo.c */,
2732E08F137A3F5200FAFEF6 /* lpmove.c */,
2732E090137A3F5200FAFEF6 /* lpoptions.c */,
- 2732E091137A3F5200FAFEF6 /* lppasswd.c */,
2732E092137A3F5200FAFEF6 /* lpstat.c */,
);
name = commands;