2. EL 7
  3. cups
  4. cupsd.conf(5)

Scroll to navigation

cupsd.conf(5) Apple Inc. cupsd.conf(5)

NAME

cupsd.conf - server configuration file for cups

DESCRIPTION

The cupsd.conf file configures the CUPS scheduler, cupsd(8). It is normally located in the /etc/cups directory. Note: File, directory, and user configuration directives that used to be allowed in the cupsd.conf file are now stored in the cups-files.conf(5) instead in order to prevent certain types of privilege escalation attacks.

Each line in the file can be a configuration directive, a blank line, or a comment. Comment lines start with the # character. The configuration directives are intentionally similar to those used by the popular Apache web server software and are described below.

DIRECTIVES

The following directives are understood by cupsd(8). Consult the on-line help for detailed descriptions:


Specifies the logging level for the AccessLog file.

Allows access from the named hosts or addresses.

Specifies the authentication type (None, Basic, BasicDigest, Digest, Negotiate)

Specifies whether to purge job history data automatically when it is no longer required for quotas.

Specifies the protocols to use for local printer sharing.

Specifies whether the CUPS web interface is advertised via DNS-SD.

Specifies whether or not shared printers should be advertised.

Specifies the security classification of the server.

Specifies whether to allow users to override the classification of individual print jobs.

Specifies the default type of authentication to use.

Specifies the type of encryption to use for authenticated requests.

Specifies the default language to use for text and web content.

Specifies the default paper size for new print queues. "Auto" uses a locale- specific default, while "None" specifies there is no default paper size.

Specifies the default access policy to use.

Specifies whether local printers are shared by default.

Denies access to the named host or address.

Specifies the delay for updating of configuration and state files. A value of 0 causes the update to happen as soon as possible, typically within a few milliseconds.

Specifies the level of encryption that is required for a particular location.
Specifies that a failed print job should be aborted (discarded) unless otherwise specified for the printer.
Specifies that a failed print job should be retried at a later time unless otherwise specified for the printer.
Specifies that a failed print job should be retried immediately unless otherwise specified for the printer.
Specifies that a failed print job should stop the printer unless otherwise specified for the printer. The 'stop-printer' error policy is the default.

Specifies the maximum cost of filters that are run concurrently.

Specifies the scheduling priority ("nice" value) of filters that are run to print a job.

Specifies the service name when using Kerberos authentication. The default service name is "host".

Specifies whether or not to do reverse lookups on client addresses.

Includes the named file.

Specifies the number of seconds to wait before killing the filters and backend associated with a canceled or held job.

Specifies an access list for a job's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
Specifies the list of job values to make private. The "default" values are "job-name", "job-originating-host-name", and "job-originating-user-name".

Specifies the interval between retries of jobs in seconds.

Specifies the number of retries that are done for jobs.

Specifies whether to support HTTP keep-alive connections.

Specifies the amount of time that connections are kept alive.
<Limit operations> ... </Limit>

Specifies the IPP operations that are being limited inside a policy.
<Limit methods> ... </Limit>
<LimitExcept methods> ... </LimitExcept>

Specifies the HTTP methods that are being limited inside a location.

Specifies the maximum size of any print job request.

Listens to the specified address and port or domain socket path.
<Location /path> ... </Location>

Specifies access control for the named location.

Specifies the number of debugging messages that are logged when an error occurs in a print job.

Specifies the logging level for the ErrorLog file.

Specifies the format of the date and time in the log files.

Specifies the maximum number of simultaneous clients to support.

Specifies the maximum number of simultaneous clients to support from a single address.

Specifies the maximum number of copies that a user can print of each job.

Specifies the maximum time a job may remain in the "indefinite" hold state before it is canceled. Set to 0 to disable cancellation of held jobs.

Specifies the maximum number of simultaneous jobs to support.

Specifies the maximum number of simultaneous jobs per printer to support.

Specifies the maximum number of simultaneous jobs per user to support.

Specifies the maximum time a job may take to print before it is canceled. The default is 10800 seconds (3 hours). Set to 0 to disable cancellation of "stuck" jobs.

Specifies the maximum size of the log files before they are rotated (0 to disable rotation)

Specifies the maximum request/file size in bytes (0 for no limit)

Specifies the maximum amount of time to allow between files in a multiple file print job.

Specifies the order of HTTP access control (allow,deny or deny,allow)

Specifies the format of page log lines.
<Policy name> ... </Policy>

Specifies access control for the named policy.

Specifies a port number to listen to for HTTP requests.

Specifies whether or not to preserve job files after they are printed.

Specifies whether or not to preserve the job history after they are printed.

Specifies the format of the printcap file.

Specifies the amount of time to wait for job completion before restarting the scheduler.

Specifies that user or group authentication is required.

Specifies the maximum amount of memory to use when converting images and PostScript files to bitmaps for a printer.

Specifies whether all or any limits set for a Location must be satisfied to allow access.

Specifies the email address of the server administrator.

Specifies an alternate name that the server is known by. The special name "*" allows any name to be used.

Specifies the fully-qualified hostname of the server.

Specifies what information is included in the Server header of HTTP responses.

Listens on the specified address and port for encrypted connections.

Sets SSL/TLS protocol options for encrypted connections. By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites. The NoEmptyFragments option allows CUPS to work with Microsoft Windows with the FIPS conformance mode enabled. The AllowRC4 option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones. The AllowSSL3 option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0. The MinTLS1.2 option enforces CUPS to use TLS v1.2 and higher.

Listens on the specified port for encrypted connections.

Specifies whether the scheduler requires clients to strictly adhere to the IPP specifications. The default is No.

Specifies an access list for a subscription's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.
Specifies the list of job values to make private. The "default" values are "notify-events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and "notify-user-data".

Specifies the HTTP request timeout in seconds.
Specifies whether the web interface is enabled.

SEE ALSO

classes.conf(5), cups-files.conf(5), cupsd(8), mime.convs(5), mime.types(5), printers.conf(5), subscriptions.conf(5),
http://localhost:631/help

COPYRIGHT

Copyright 2007-2013 by Apple Inc.

CUPS 19 November 2012