Home     Administration     Classes     Online Help     Jobs     Printers  
 

Search in cupsd.conf:

cupsd.conf

cupsd.conf

The /etc/cups/cupsd.conf file contains configuration directives that control how the server functions. Each directive is listed on a line by itself followed by its value. Comments are introduced using the number sign ("#") character at the beginning of a line.

Since the server configuration file consists of plain text, you can use your favorite text editor to make changes to it. After making any changes, restart the cupsd(8) process using the startup script for your operating system:

  • AIX, IRIX, Linux, Solaris:
    /etc/init.d/cups restart
    	
  • HP-UX:
    /sbin/init.d/cups restart
    	
  • MacOS X:
    sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
    sudo launchctl load /System/Library/LaunchDaemons/org.cups.cupsd.plist
    	

You can also edit this file from the CUPS web interface, which automatically handles restarting the scheduler.

AccessLogLevel

Examples

AccessLogLevel config
AccessLogLevel actions
AccessLogLevel all

Description

The AccessLogLevel directive controls which requests are logged to the access log file. The following levels are defined:

  • config; Log when printers and classes are added, deleted, or modified and when configuration files are accessed or updated.
  • actions; Log when print jobs are submitted, held, released, modified, or canceled, and any of the conditions for config.
  • all; Log all requests.

The default access log level is actions.

Allow

Examples

<Location /path>
  ...
  Allow from All
  Allow from None
  Allow from *.example.com
  Allow from .example.com
  Allow from host.example.com
  Allow from nnn.*
  Allow from nnn.nnn.*
  Allow from nnn.nnn.nnn.*
  Allow from nnn.nnn.nnn.nnn
  Allow from nnn.nnn.nnn.nnn/mm
  Allow from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
  Allow from [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]
  Allow from [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]/mmm
  Allow from @LOCAL
  Allow from @IF(name)
</Location>

Description

The Allow directive specifies a hostname, IP address, or network that is allowed access to the server. Allow directives are cumulative, so multiple Allow directives can be used to allow access for multiple hosts or networks.

Host and domain name matching require that you enable the HostNameLookups directive.

The /mm notation specifies a CIDR netmask, as shown in Table 1.

Table 1: CIDR Netmasks
mm netmask mm netmask
0 0.0.0.0 8 255.0.0.0
1 128.0.0.0 16 255.255.0.0
2 192.0.0.0 24 255.255.255.0
... ... 32 255.255.255.255

The @LOCAL name will allow access from all local interfaces. The @IF(name) name will allow access from the named interface. In both cases, CUPS only allows access from the network that the interface(s) are configured for - requests arriving on the interface from a foreign network will not be accepted.

The Allow directive must appear inside a Location or Limit section.

AuthType

Examples

<Location /path>
  ...
  AuthType None
  AuthType Basic
  AuthType Digest
  AuthType BasicDigest
  AuthType Negotiate
</Location>

Description

The AuthType directive defines the type of authentication to perform:

  • None - No authentication should be performed (default)
  • Basic - Basic authentication should be performed using the UNIX password and group files
  • Digest - Digest authentication should be performed using the /etc/cups/passwd.md5 file
  • BasicDigest - Basic authentication should be performed using the /etc/cups/passwd.md5 file
  • Negotiate - Kerberos authentication should be performed

When using Basic, Digest, BasicDigest, or Negotiate authentication, clients connecting through the localhost interface can also authenticate using certificates.

The AuthType directive must appear inside a Location or Limit section.

AutoPurgeJobs

Examples

AutoPurgeJobs Yes
AutoPurgeJobs No

Description

The AutoPurgeJobs directive specifies whether or not to purge completed jobs once they are no longer required for quotas. This option has no effect if quotas are not enabled. The default setting is No.

BrowseAddress

Examples

BrowseAddress 255.255.255.255:631
BrowseAddress 192.0.2.255:631
BrowseAddress host.example.com:631
BrowseAddress @LOCAL
BrowseAddress @IF(name)

Description

The BrowseAddress directive specifies an address to send browsing information to. Multiple BrowseAddress directives can be specified to send browsing information to different networks or systems.

The @LOCAL name will broadcast printer information to all local interfaces. The @IF(name) name will broadcast to the named interface.

There is no default browse address.

Note:

If you are using HP-UX 10.20 and a subnet that is not 24, 16, or 8 bits, printer browsing (and in fact all broadcast reception) will not work. This problem appears to be fixed in HP-UX 11.0.

BrowseAllow

Examples

BrowseAllow from all
BrowseAllow from none
BrowseAllow from 192.0.2
BrowseAllow from 192.0.2.0/24
BrowseAllow from 192.0.2.0/255.255.255.0
BrowseAllow from *.example.com
BrowseAllow from @LOCAL
BrowseAllow from @IF(name)

Description

The BrowseAllow directive specifies a system or network to accept browse packets from. The default is to accept browse packets from all hosts.

Host and domain name matching require that you enable the HostNameLookups directive.

IP address matching supports exact matches, partial addresses that match networks using netmasks of 255.0.0.0, 255.255.0.0, and 255.255.255.0, or network addresses using the specified netmask or bit count. The /mm notation specifies a CIDR netmask, a shown in Table 1.

The @LOCAL name will allow browse data from all local interfaces. The @IF(name) name will allow browse data from the named interface. In both cases, CUPS only allows data from the network that the interface(s) are configured for - data arriving on the interface from a foreign network will not be allowed.

BrowseDeny

Examples

BrowseDeny from all
BrowseDeny from none
BrowseDeny from 192.0.2
BrowseDeny from 192.0.2.0/24
BrowseDeny from 192.0.2.0/255.255.255.0
BrowseDeny from *.example.com
BrowseDeny from @LOCAL
BrowseDeny from @IF(name)

Description

The BrowseDeny directive specifies a system or network to reject browse packets from. The default is to not deny browse packets from any hosts.

Host and domain name matching require that you enable the HostNameLookups directive.

IP address matching supports exact matches, partial addresses that match networks using netmasks of 255.0.0.0, 255.255.0.0, and 255.255.255.0, or network addresses using the specified netmask or bit count. The /mm notation specifies a CIDR netmask, a shown in Table 1.

The @LOCAL name will block browse data from all local interfaces. The @IF(name) name will block browse data from the named interface. In both cases, CUPS only blocks data from the network that the interface(s) are configured for - data arriving on the interface from a foreign network will not be blocked.

BrowseInterval

Examples

BrowseInterval 0
BrowseInterval 30

Description

The BrowseInterval directive specifies the maximum amount of time between browsing updates. Specifying a value of 0 seconds disables outgoing browse updates but allows a server to receive printer information from other hosts.

The BrowseInterval value should always be less than the BrowseTimeout value. Otherwise printers and classes will disappear from client systems between updates.

CUPS 1.2/Mac OS X 10.5BrowseLDAPBindDN

Examples

BrowseLDAPBindDN foo

Description

The BrowseLDAPBindDN directive specifies the LDAP domain name to use when listening for printer registrations. The default is undefined.

CUPS 1.4/Mac OS X 10.6BrowseLDAPCACertFile

Examples

BrowseLDAPCACertFile /etc/cups/ssl/certs

Description

The BrowseLDAPCACertFile directive specifies the SSL certificate authority file to use for LDAP + SSL. The default is undefined.

CUPS 1.2/Mac OS X 10.5BrowseLDAPDN

Examples

BrowseLDAPDN bar

Description

The BrowseLDAPDN directive specifies the LDAP domain name to use when registering local shared printers. The default is undefined.

CUPS 1.2/Mac OS X 10.5BrowseLDAPPassword

Examples

BrowseLDAPPassword foo123

Description

The BrowseLDAPPassword directive specifies the access password to use when connecting to the LDAP server. The default is undefined.

CUPS 1.2/Mac OS X 10.5BrowseLDAPServer

Examples

BrowseLDAPServer localhost

Description

The BrowseLDAPServer directive specifies the name of the LDAP server to connect to. The default is undefined.

BrowseLocalOptions

Examples

BrowseLocalOptions compression=yes
BrowseLocalOptions encryption=required
BrowseLocalOptions compression=yes&encryption=required

Description

The BrowseLocalOptions directive specifies additional IPP backend options to advertise with local shared printers. The default is to not include any options.

CUPS 1.2/Mac OS X 10.5BrowseLocalProtocols

Examples

BrowseLocalProtocols all
BrowseLocalProtocols none
BrowseLocalProtocols cups
BrowseLocalProtocols dnssd
BrowseLocalProtocols ldap
BrowseLocalProtocols lpd
BrowseLocalProtocols slp
BrowseLocalProtocols smb
BrowseLocalProtocols cups dnssd

Description

The BrowseLocalProtocols directive specifies the protocols to use when advertising local shared printers on the network. Multiple protocols can be specified by separating them with spaces. The default is "CUPS dnssd".

BrowseOrder

Examples

BrowseOrder allow,deny
BrowseOrder deny,allow

Description

The BrowseOrder directive specifies the order of allow/deny processing. The default order is deny,allow:

  • allow,deny - Deny browse packets by default, then check BrowseAllow lines followed by BrowseDeny lines.
  • deny,allow - Allow browse packets by default, then check BrowseDeny lines followed by BrowseAllow lines.

BrowsePoll

Examples

BrowsePoll 192.0.2.2:631
BrowsePoll host.example.com:631

Description

The BrowsePoll directive polls a server for available printers once every BrowseInterval seconds. Multiple BrowsePoll directives can be specified to poll multiple servers.

If BrowseInterval is set to 0 then the server is polled once every 30 seconds.

BrowsePort

Examples

BrowsePort 631
BrowsePort 9999

Description

The BrowsePort directive specifies the UDP port number used for browse packets. The default port number is 631.

Note:

You must set the BrowsePort to the same value on all of the systems that you want to see.

CUPS 1.1.10BrowseProtocols

Examples

BrowseProtocols all
BrowseProtocols none
BrowseProtocols cups
BrowseProtocols dnssd
BrowseProtocols ldap
BrowseProtocols lpd
BrowseProtocols slp
BrowseProtocols smb
BrowseProtocols cups dnssd

Description

The BrowseProtocols directive specifies the protocols to use when showing and advertising shared printers on the local network. Multiple protocols can be specified by separating them with spaces. The default protocol is "CUPS dnssd" for BrowseLocalProtocols and "CUPS dnssd" for BrowseRemoteProtocols.

Note:

When using the SLP protocol, you must have at least one Directory Agent (DA) server on your network. Otherwise the CUPS scheduler (cupsd) will not respond to client requests for several seconds while polling the network.

BrowseRelay

Examples

BrowseRelay 193.0.2.1 192.0.2.255
BrowseRelay 193.0.2.0/255.255.255.0 192.0.2.255
BrowseRelay 193.0.2.0/24 192.0.2.255
BrowseRelay *.example.com 192.0.2.255
BrowseRelay host.example.com 192.0.2.255

Description

The BrowseRelay directive specifies source and destination addresses for relaying browsing information from one host or network to another. Multiple BrowseRelay directives can be specified as needed.

BrowseRelay is typically used on systems that bridge multiple subnets using one or more network interfaces. It can also be used to relay printer information from polled servers with the line:

BrowseRelay 127.0.0.1 192.0.2.255

This effectively provides access to printers on a WAN for all clients on the LAN. Use multiple BrowseRelay lines to relay information to multiple subnets.

BrowseRemoteOptions

Examples

BrowseRemoteOptions compression=yes
BrowseRemoteOptions encryption=required
BrowseRemoteOptions ?compression=yes&encryption=required

Description

The BrowseRemoteOptions directive specifies additional IPP backend options to include with remote shared printers. If the options string begins with a question mark (?), the options replace any options specified by the remote server. The default is to not include any options.

CUPS 1.2/Mac OS X 10.5BrowseRemoteProtocols

Examples

BrowseRemoteProtocols all
BrowseRemoteProtocols none
BrowseRemoteProtocols cups
BrowseRemoteProtocols ldap
BrowseRemoteProtocols slp

Description

The BrowseRemoteProtocols directive specifies the protocols to use when finding remote shared printers on the network. Multiple protocols can be specified by separating them with spaces. The default is "CUPS dnssd".

BrowseShortNames

Examples

BrowseShortNames Yes
BrowseShortNames No

Description

The BrowseShortNames directive specifies whether or not short names are used for remote printers when possible. Short names are just the remote printer name, without the server ("printer"). If more than one remote printer is detected with the same name, the printers will have long names ("[email protected]", "[email protected]".)

The default value for this option is Yes.

BrowseTimeout

Examples

BrowseTimeout 300
BrowseTimeout 60

Description

The BrowseTimeout directive sets the timeout for printer or class information that is received in browse packets. Once a printer or class times out it is removed from the list of available destinations.

The BrowseTimeout value should always be greater than the BrowseInterval value. Otherwise printers and classes will disappear from client systems between updates.

BrowseWebIF

Examples

BrowseWebIF On
BrowseWebIF Off

Description

The BrowseWebIF directive controls whether the CUPS web interface is advertised via DNS-SD. The default setting is Off.

Browsing

Examples

Browsing On
Browsing Off

Description

The Browsing directive controls whether or not network printer browsing is enabled. The default setting is Yes.

This directive does not enable sharing of local printers by itself; you must also use the BrowseAddress or BrowseProtocols directives to advertise local printers to other systems.

Note:

If you are using HP-UX 10.20 and a subnet that is not 24, 16, or 8 bits, printer browsing (and in fact all broadcast reception) will not work. This problem appears to be fixed in HP-UX 11.0.

CUPS 1.1.7Classification

Examples

Classification
Classification classified
Classification confidential
Classification secret
Classification topsecret
Classification unclassified

Description

The Classification directive sets the classification level on the server. When this option is set, at least one of the banner pages is forced to the classification level, and the classification is placed on each page of output. The default is no classification level.

CUPS 1.1.10ClassifyOverride

Examples

ClassifyOverride Yes
ClassifyOverride No

Description

The ClassifyOverride directive specifies whether users can override the default classification level on the server. When the server classification is set, users can change the classification using the job-sheets option and can choose to only print one security banner before or after the job. If the job-sheets option is set to none then the server default classification is used.

The default is to not allow classification overrides.

CUPS 1.2/Mac OS X 10.5DefaultAuthType

Examples

DefaultAuthType Basic
DefaultAuthType BasicDigest
DefaultAuthType Digest
DefaultAuthType Negotiate

Description

The DefaultAuthType directive specifies the type of authentication to use for IPP operations that require a username. The default is Basic.

CUPS 1.2/Mac OS X 10.5DefaultEncryption

Examples

DefaultEncryption Never
DefaultEncryption IfRequested
DefaultEncryption Required

Description

The DefaultEncryption directive specifies the type of encryption to use when performing authentication. The default is Required.

DefaultLanguage

Examples

DefaultLanguage de
DefaultLanguage en
DefaultLanguage es
DefaultLanguage fr
DefaultLanguage it

Description

The DefaultLanguage directive specifies the default language to use for client connections. Setting the default language also sets the default character set if a language localization file exists for it. The default language is "en" for English.

CUPS 1.4/Mac OS X 10.6DefaultPaperSize

Examples

DefaultPaperSize Letter
DefaultPaperSize A4
DefaultPaperSize Auto
DefaultPaperSize None

Description

The DefaultPaperSize directive specifies the default paper size to use when creating new printers. The default is Auto which uses a paper size appropriate for the system default locale. A value of None tells the scheduler to not set the default paper size.

CUPS 1.2/Mac OS X 10.5DefaultPolicy

Examples

DefaultPolicy default
DefaultPolicy authenticated
DefaultPolicy foo

Description

The DefaultPolicy directive specifies the default policy to use for IPP operation. The default is default. CUPS also includes a policy called authenticated that requires a username and password for printing and other job operations.

CUPS 1.2/Mac OS X 10.5DefaultShared

Examples

DefaultShared yes
DefaultShared no

Description

The DefaultShared directive specifies whether printers are shared (published) by default. The default is Yes.

Deny

Examples

<Location /path>
  ..
  Deny from All
  Deny from None
  Deny from *.example.com
  Deny from .example.com
  Deny from host.example.com
  Deny from nnn.*
  Deny from nnn.nnn.*
  Deny from nnn.nnn.nnn.*
  Deny from nnn.nnn.nnn.nnn
  Deny from nnn.nnn.nnn.nnn/mm
  Deny from nnn.nnn.nnn.nnn/mmm.mmm.mmm.mmm
  Deny from [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]
  Deny from [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]/mmm
  Deny from @LOCAL
  Deny from @IF(name)
</Location>

Description

The Deny directive specifies a hostname, IP address, or network that is denied access to the server. Deny directives are cumulative, so multiple Deny directives can be used to deny access for multiple hosts or networks.

Host and domain name matching require that you enable the HostNameLookups directive.

The /mm notation specifies a CIDR netmask, a shown in Table 1.

The @LOCAL name will deny access from all local interfaces. The @IF(name) name will deny access from the named interface. In both cases, CUPS only denies access from the network that the interface(s) are configured for - requests arriving on the interface from a foreign network will not be denied.

The Deny directive must appear inside a Location or Limit section.

CUPS 1.4/Mac OS X 10.6DirtyCleanInterval

Examples

DirtyCleanInterval 30
DirtyCleanInterval 0

Description

The DirtyCleanInterval directive specifies the number of seconds to wait before updating configuration and state files for printers, classes, subscriptions, and jobs. The default is 30 seconds. A value of 0 causes the update to occur as soon as possible, typically within a few milliseconds.

Encryption

Examples

<Location /path>
  ...
  Encryption Never
  Encryption IfRequested
  Encryption Required
</Location>

Description

The Encryption directive must appear instead a Location or Limit section and specifies the encryption settings for that location. The default setting is IfRequested for all locations.

CUPS 1.3/Mac OS X 10.5ErrorPolicy

Examples

ErrorPolicy abort-job
ErrorPolicy retry-job
ErrorPolicy stop-printer

Description

The ErrorPolicy directive defines the default policy that is used when a backend is unable to send a print job to the printer.

The following values are supported:

  • abort-job - Abort the job and proceed with the next job in the queue
  • retry-job - Retry the job after waiting for N seconds; the cupsd.conf JobRetryInterval directive controls the value of N
  • retry-this-job - Retry the current job immediately and indefinitely.
  • stop-printer - Stop the printer and keep the job for future printing; this is the default value

CUPS 1.1.3FilterLimit

Examples

FilterLimit 0
FilterLimit 200
FilterLimit 1000

Description

The FilterLimit directive sets the maximum cost of all running job filters. It can be used to limit the number of filter programs that are run on a server to minimize disk, memory, and CPU resource problems. A limit of 0 disables filter limiting.

An average print to a non-PostScript printer needs a filter limit of about 200. A PostScript printer needs about half that (100). Setting the limit below these thresholds will effectively limit the scheduler to printing a single job at any time.

The default limit is 0.

CUPS 1.1.16FilterNice

Examples

FilterNice 0
FilterNice 10
FilterNice 19

Description

The FilterNice directive sets the nice(1) value to assign to filter processes. The nice value ranges from 0, the highest priority, to 19, the lowest priority. The default is 0.

CUPS 1.1.10HideImplicitMembers

Examples

HideImplicitMembers Yes
HideImplicitMembers No

Description

The HideImplicitMembers directive controls whether the individual printers in an implicit class are hidden from the user. The default is Yes.

ImplicitClasses must be enabled for this directive to have any effect.

HostNameLookups

Examples

HostNameLookups On
HostNameLookups Off
HostNameLookups Double

Description

The HostNameLookups directive controls whether or not CUPS looks up the hostname for connecting clients. The Double setting causes CUPS to verify that the hostname resolved from the address matches one of the addresses returned for that hostname. Double lookups also prevent clients with unregistered addresses from connecting to your server.

The default is Off to avoid the potential server performance problems with hostname lookups. Set this option to On or Double only if absolutely required.

CUPS 1.1.10ImplicitAnyClasses

Examples

ImplicitAnyClasses On
ImplicitAnyClasses Off

Description

The ImplicitAnyClasses directive controls whether implicit classes for local and remote printers are created with the name AnyPrinter. The default setting is Off.

ImplicitClasses must be enabled for this directive to have any effect.

ImplicitClasses

Examples

ImplicitClasses On
ImplicitClasses Off

Description

The ImplicitClasses directive controls whether implicit classes are created based upon the available network printers and classes. The default setting is Yes but is automatically turned Off if Browsing is turned Off.

CUPS 1.1.9Include

Examples

Include filename
Include /foo/bar/filename

Description

The Include directive includes the named file in the cupsd.conf file. If no leading path is provided, the file is assumed to be relative to the ServerRoot directory.

CUPS 1.5JobPrivateAccess

Examples

JobPrivateAccess all
JobPrivateAccess default
JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+

Description

The JobPrivateAccess directive specifies the access list for a job's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.

The JobPrivateAccess directive must appear inside a Policy section.

CUPS 1.5JobPrivateValues

Examples

JobPrivateValues all
JobPrivateValues default
JobPrivateValues none
JobPrivateValues attribute-name-1 [ ... attribute-name-N ]

Description

The JobPrivateValues directive specifies the list of job values to make private. The "default" values are "job-name", "job-originating-host-name", and "job-originating-user-name".

The JobPrivateValues directive must appear inside a Policy section.

CUPS 1.2/Mac OS X 10.5JobRetryInterval

Examples

JobRetryInterval 30
JobRetryInterval 120

Description

The JobRetryInterval directive specifies the number of seconds to wait before retrying a job. This is typically used for fax queues but can also be used with normal print queues whose error policy is retry-job. The default is 30 seconds.

CUPS 1.4/Mac OS X 10.6JobKillDelay

Examples

JobKillDelay 30
JobKillDelay 120

Description

The JobKillDelay directive specifies the number of seconds to wait before killing the filters and backend associated with a canceled or held job. The default is 30 seconds.

CUPS 1.2/Mac OS X 10.5JobRetryLimit

Examples

JobRetryLimit 5
JobRetryLimit 50

Description

The JobRetryLimit directive specifies the maximum number of times the scheduler will try to print a job. This is typically used for fax queues but can also be used with normal print queues whose error policy is retry-job. The default is 5 times.

KeepAlive

Examples

KeepAlive On
KeepAlive Off

Description

The KeepAlive directive controls whether or not to support persistent HTTP connections. The default is On.

HTTP/1.1 clients automatically support persistent connections, while HTTP/1.0 clients must specifically request them using the Keep-Alive attribute in the Connection: field of each request.

KeepAliveTimeout

Examples

KeepAliveTimeout 60
KeepAliveTimeout 30

Description

The KeepAliveTimeout directive controls how long a persistent HTTP connection will remain open after the last request. The default is 30 seconds.

CUPS 1.1.7Limit (Location)

Examples

<Location /path>
  <Limit GET POST>
  ...
  </Limit>

  <Limit ALL>
  ...
  </Limit>
</Location>

Description

The Limit directive groups access control directives for specific types of HTTP requests and must appear inside a Location section. Access can be limited for individual request types (DELETE, GET, HEAD, OPTIONS, POST, PUT, and TRACE) or for all request types (ALL). The request type names are case-sensitive for compatibility with Apache.

CUPS 1.2/Mac OS X 10.5Limit (Policy)

Examples

<Policy name>
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer>
  ...
  </Limit>

  <Limit All>
  ...
  </Limit>
</Policy>

Description

When included in Policy sections, the Limit directive groups access control directives for specific IPP operations. Multiple operations can be listed, separated by spaces. Table 2 lists the supported operations.

Table 2: Supported IPP Operations
Operation Name Description
All All operations - used as the default limit for operations that are not listed
Cancel-Job Cancel a job
Cancel-Subscription Cancel a subscription
Create-Job Create a new, empty job
Create-Job-Subscription Creates a notification subscription on a job
Create-Printer-Subscription Creates a notification subscription on a printer
CUPS-Accept-Jobs Sets the printer-is-accepting-jobs value for a printer to true
CUPS-Add-Modify-Class Adds or modifies a class
CUPS-Add-Modify-Printer Adds or modifies a printer
CUPS-Authenticate-Job Authenticates a job for printing
CUPS-Delete-Class Deletes a class
CUPS-Delete-Printer Deletes a printer
CUPS-Get-Classes Gets a list of classes
CUPS-Get-Default Gets the (network/server) default printer or class
CUPS-Get-Devices Gets a list of available devices
CUPS-Get-PPDs Gets a list of available manufacturers or drivers
CUPS-Get-Printers Gets a list of printers and/or classes
CUPS-Move-Job Moves a job to a new destination
CUPS-Reject-Jobs Sets the printer-is-accepting-jobs value for a printer to false
CUPS-Set-Default Sets the network/server default printer or class
Disable-Printer Sets the printer-state value for a printer to stopped
Enable-Printer Sets the printer-state value for a printer to idle/processing
Get-Job-Attributes Gets information about a job
Get-Jobs Gets a list of jobs
Get-Notifications Gets a list of events
Get-Printer-Attributes Gets information about a printer or class
Get-Subscription-Attributes Gets information about a notification subscription
Get-Subscriptions Gets a list of notification subscriptions
Hold-Job Holds a job for printing
Pause-Printer Sets the printer-state value for a printer to stopped
Print-Job Creates a job with a single file for printing
Purge-Jobs Removes all jobs from a printer
Release-Job Releases a previously held job for printing
Renew-Subscription Renews a notification subscription
Restart-Job Reprints a job
Resume-Printer Sets the printer-state value for a printer to idle/processing
Send-Document Adds a file to an job created with Create-Job
Set-Job-Attributes Changes job options
Validate-Job Validates job options prior to printing

CUPS 1.1.7LimitExcept

Examples

<Location /path>
  <LimitExcept GET POST>
  ...
  </LimitExcept>
</Location>

Description

The LimitExcept directive groups access control directives for specific types of HTTP requests and must appear inside a Location section. Unlike the Limit directive, LimitExcept restricts access for all requests except those listed on the LimitExcept line.

LimitRequestBody

Examples

LimitRequestBody 10485760
LimitRequestBody 10m
LimitRequestBody 0

Description

The LimitRequestBody directive controls the maximum size of print files, IPP requests, and HTML form data in HTTP POST requests. The default limit is 0 which disables the limit check.

Listen

Examples

Listen 127.0.0.1:631
Listen 192.0.2.1:631
Listen [::1]:631
Listen *:631

Description

The Listen directive specifies a network address and port to listen for connections. Multiple Listen directives can be provided to listen on multiple addresses.

The Listen directive is similar to the Port directive but allows you to restrict access to specific interfaces or networks.

CUPS 1.1.7ListenBackLog

Examples

ListenBackLog 5
ListenBackLog 10

Description

The ListenBackLog directive sets the maximum number of pending connections the scheduler will allow. This normally only affects very busy servers that have reached the MaxClients limit, but can also be triggered by large numbers of simultaneous connections. When the limit is reached, the operating system will refuse additional connections until the scheduler can accept the pending ones. The default is the OS-defined default limit, typically either 5 for older operating systems or 128 for newer operating systems.

Location

Examples

<Location />
...
</Location>

<Location /admin>
...
</Location>

<Location /admin/conf>
...
</Location>

<Location /admin/log>
...
</Location>

<Location /classes>
...
</Location>

<Location /classes/name>
...
</Location>

<Location /jobs>
...
</Location>

<Location /printers>
...
</Location>

<Location /printers/name>
...
</Location>

Description

The Location directive specifies access control and authentication options for the specified HTTP resource or path. The Allow, AuthType, Deny, Encryption, Limit, LimitExcept, Order, Require, and Satisfy directives may all appear inside a location.

Note that more specific resources override the less specific ones. So the directives inside the /printers/name location will override ones from /printers. Directives inside /printers will override ones from /. None of the directives are inherited.

Table 3: Common Locations on the Server
LocationDescription
/The path for all get operations (get-printers, get-jobs, etc.)
/adminThe path for all administration operations (add-printer, delete-printer, start-printer, etc.)
/admin/confThe path for access to the CUPS configuration files (cupsd.conf, client.conf, etc.)
/admin/logThe path for access to the CUPS log files (access_log, error_log, page_log)
/classesThe path for all classes
/classes/nameThe resource for class name
/jobsThe path for all jobs (hold-job, release-job, etc.)
/jobs/idThe resource for job id
/printersThe path for all printers
/printers/nameThe path for printer name
/printers/name.ppdThe PPD file path for printer name

LogDebugHistory

Examples

LogDebugHistory 0
LogDebugHistory 200

Description

When LogLevel is not set to debug or debug2, the LogDebugHistory directive specifies the number of debugging messages that are logged when an error occurs during printing. The default is 200 messages. A value of 0 disables debugging history entirely and is not recommended.

LogLevel

Examples

LogLevel none
LogLevel emerg
LogLevel alert
LogLevel crit
LogLevel error
LogLevel warn
LogLevel notice
LogLevel info
LogLevel debug
LogLevel debug2

Description

The LogLevel directive specifies the level of logging for the ErrorLog file. The following values are recognized (each level logs everything under the preceding levels):

  • none - Log nothing
  • emerg - Log emergency conditions that prevent the server from running
  • alert - Log alerts that must be handled immediately
  • crit - Log critical errors that don't prevent the server from running
  • error - Log general errors
  • warn - Log errors and warnings
  • notice - Log temporary error conditions
  • info - Log all requests and state changes
  • debug - Log basic debugging information
  • debug2 - Log all debugging information

The default LogLevel is warn.

LogTimeFormat

Examples

LogTimeFormat standard
LogTimeFormat usecs

Description

The LogTimeFormat directive specifies the format used for the date and time in the log files. Standard uses the standard Apache Common Log Format date and time while usecs adds microseconds. The default is standard.

MaxClients

Examples

MaxClients 100
MaxClients 1024

Description

The MaxClients directive controls the maximum number of simultaneous clients that will be allowed by the server. The default is 100 clients.

Note:

Since each print job requires a file descriptor for the status pipe, the scheduler internally limits the MaxClients value to 1/3 of the available file descriptors to avoid possible problems when printing large numbers of jobs.

CUPS 1.1.18MaxClientsPerHost

Examples

MaxClientsPerHost 10

Description

The MaxClientsPerHost directive controls the maximum number of simultaneous clients that will be allowed from a single host by the server. The default is the MaxClients value.

This directive provides a small measure of protection against Denial of Service attacks from a single host.

CUPS 1.1.16MaxCopies

Examples

MaxCopies 100
MaxCopies 65535

Description

The MaxCopies directive controls the maximum number of copies that a user can print of a job. The default is 9999 copies.

Note:

Most HP PCL laser printers internally limit the number of copies to 100.

MaxJobs

Examples

MaxJobs 100
MaxJobs 9999
MaxJobs 0

Description

The MaxJobs directive controls the maximum number of jobs that are kept in memory. Once the number of jobs reaches the limit, the oldest completed job is automatically purged from the system to make room for the new one. If all of the known jobs are still pending or active then the new job will be rejected.

Setting the maximum size to 0 disables this functionality. The default setting is 500.

CUPS 1.1.7MaxJobsPerPrinter

Examples

MaxJobsPerPrinter 100
MaxJobsPerPrinter 9999
MaxJobsPerPrinter 0

Description

The MaxJobsPerPrinter directive controls the maximum number of active jobs that are allowed for each printer or class. Once a printer or class reaches the limit, new jobs will be rejected until one of the active jobs is completed, stopped, aborted, or canceled.

Setting the maximum to 0 disables this functionality. The default setting is 0.

CUPS 1.1.7MaxJobsPerUser

Examples

MaxJobsPerUser 100
MaxJobsPerUser 9999
MaxJobsPerUser 0

Description

The MaxJobsPerUser directive controls the maximum number of active jobs that are allowed for each user. Once a user reaches the limit, new jobs will be rejected until one of the active jobs is completed, stopped, aborted, or canceled.

Setting the maximum to 0 disables this functionality. The default setting is 0.

MaxLogSize

Examples

MaxLogSize 1048576
MaxLogSize 1m
MaxLogSize 0

Description

The MaxLogSize directive controls the maximum size of each log file. Once a log file reaches or exceeds the maximum size it is closed and renamed to filename.O. This allows you to rotate the logs automatically. The default size is 1048576 bytes (1MB).

Setting the maximum size to 0 disables log rotation.

DeprecatedMaxRequestSize

Examples

MaxRequestSize 10485760
MaxRequestSize 10m
MaxRequestSize 0

Description

The MaxRequestSize directive controls the maximum size of print files, IPP requests, and HTML form data in HTTP POST requests. The default limit is 0 which disables the limit check.

This directive is deprecated and will be removed in a future CUPS release. Use the LimitRequestBody directive instead.

CUPS 1.4/Mac OS X 10.6MultipleOperationTimeout

Examples

MultipleOperationTimeout 60
MultipleOperationTimeout 300
MultipleOperationTimeout 86400

Description

The MultipleOperationTimeout directive sets the maximum amount of time between files in a multi-file print job. The default is 300 seconds.

Order

Examples

<Location /path>
  ...
  Order Allow,Deny
  Order Deny,Allow
</Location>

Description

The Order directive defines the default access control. The following values are supported:

  • allow,deny - Deny requests by default, then check the Allow lines followed by the Deny lines
  • deny,allow - Allow requests by default, then check the Deny lines followed by the Allow lines

The Order directive must appear inside a Location or Limit section.

PageLogFormat

Examples

PageLogFormat %p %u %j %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}
PageLogFormat PAGE %p %u %j %P %C %{job-billing} %{job-originating-host-name}

Description

The PageLogFormat directive sets the format of lines that are logged to the page log file. Sequences beginning with percent (%) characters are replaced with the corresponding information, while all other characters are copied literally. The following percent sequences are recognized:

  • %%: Inserts a single percent character.
  • %{name}: Inserts the value of the specified IPP attribute.
  • %C: Inserts the number of copies for the current page.
  • %P: Inserts the current page number.
  • %T: Inserts the current date and time in common log format.
  • %j: Inserts the job ID.
  • %p: Inserts the printer name.
  • %u: Inserts the username.

The default is "%p %u %j %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}".

CUPS 1.2/Mac OS X 10.5PassEnv

Examples

PassEnv MY_ENV_VARIABLE

Description

The PassEnv directive specifies an environment variable that should be passed to child processes. Normally, the scheduler only passes the DYLD_LIBRARY_PATH, LD_ASSUME_KERNEL, LD_LIBRARY_PATH, LD_PRELOAD, NLSPATH, SHLIB_PATH, TZ, and VGARGS environment variables to child processes.

CUPS 1.2/Mac OS X 10.5Policy

Examples

<Policy name>
  <Limit operation ... operation>
  ...
  </Limit>
  <Limit operation ... operation>
  ...
  </Limit>
  <Limit All>
  ...
  </Limit>
</Policy>

Description

The Policy directive specifies IPP operation access control limits. Each policy contains 1 or more Limit sections to set the access control limits for specific operations - user limits, authentication, encryption, and allowed/denied addresses, domains, or hosts. The <Limit All> section specifies the default access control limits for operations that are not listed.

Policies are named and associated with printers via the printer's operation policy setting (printer-op-policy). The default policy for the scheduler is specified using the DefaultPolicy directive.

Port

Examples

Port 631
Port 80

Description

The Port directive specifies a port to listen on. Multiple Port lines can be specified to listen on multiple ports. The Port directive is equivalent to "Listen *:nnn". The default port is 631.

Note:

On systems that support IPv6, this directive will bind to both the IPv4 and IPv6 wildcard address.

PreserveJobHistory

Examples

PreserveJobHistory On
PreserveJobHistory Off

Description

The PreserveJobHistory directive controls whether the history of completed, canceled, or aborted print jobs is stored on disk.

A value of On (the default) preserves job information until the administrator purges it with the cancel command.

A value of Off removes the job information as soon as each job is completed, canceled, or aborted.

PreserveJobFiles

Examples

PreserveJobFiles On
PreserveJobFiles Off

Description

The PreserveJobFiles directive controls whether the document files of completed, canceled, or aborted print jobs are stored on disk.

A value of On preserves job files until the administrator purges them with the cancel command. Jobs can be restarted (and reprinted) as desired until they are purged.

A value of Off (the default) removes the job files as soon as each job is completed, canceled, or aborted.

CUPS 1.1.21ReloadTimeout

Examples

ReloadTimeout 0
ReloadTimeout 30

Description

The ReloadTimeout directive specifies the number of seconds the scheduler will wait for active jobs to complete before doing a restart. The default is 30 seconds.

CUPS 1.1.7Require

Examples

<Location /path>
  ...
  Require group foo bar
  Require user john mary
  Require valid-user
  Require user @groupname
  Require user @SYSTEM
  Require user @OWNER
</Location>

Description

The Require directive specifies that authentication is required for the resource. The group keyword specifies that the authenticated user must be a member of one or more of the named groups that follow.

The user keyword specifies that the authenticated user must be one of the named users or groups that follow. Group names are specified using the "@" prefix.

The valid-user keyword specifies that any authenticated user may access the resource.

The default is to do no authentication. This directive must appear inside a Location or Limit section.

RIPCache

Examples

RIPCache 128m
RIPCache 1g
RIPCache 2048k

Description

The RIPCache directive sets the size of the memory cache used by Raster Image Processor ("RIP") filters such as imagetoraster and pstoraster. The size can be suffixed with a "k" for kilobytes, "m" for megabytes, or "g" for gigabytes. The default cache size is "128m", or 128 megabytes.

CUPS 1.1.16RootCertDuration

Examples

RootCertDuration 0
RootCertDuration 300

Description

The RootCertDuration directive specifies the number of seconds the root certificate remains valid. The scheduler will generate a new certificate as needed when the number of seconds has expired. If set to 0, the root certificate is generated only once on startup or on a restart. The default is 300 seconds.

CUPS 1.1.7Satisfy

Examples

<Location /path>
  ...
  Satisfy all
  Satisfy any
</Location>

Description

The Satisfy directive specifies whether all conditions must be satisfied to allow access to the resource. If set to all, then all authentication and access control conditions must be satisfied to allow access.

Setting Satisfy to any allows a user to gain access if the authentication or access control requirements are satisfied. For example, you might require authentication for remote access, but allow local access without authentication.

The default is all. This directive must appear inside a Location or Limit section.

ServerAdmin

Examples

ServerAdmin [email protected]
ServerAdmin [email protected]

Description

The ServerAdmin directive identifies the email address for the administrator on the system. By default the administrator email address is [email protected], where server is the ServerName.

CUPS 1.3.10ServerAlias

Examples

ServerAlias althost
ServerAlias foo.example.com
ServerAlias bar.example.com
ServerAlias one.example.com two.example.com
ServerAlias *

Description

The ServerAlias directive specifies alternate names that the server is known by. By default it contains a list of all aliases associated with the ServerName. The special name "*" can be used to allow any hostname when accessing CUPS via an external network interfaces.

Note

The ServerAlias directive is used for HTTP Host header validation when clients connect to the scheduler from external interfaces. Using the special name "*" can expose your system to known browser-based DNS rebinding attacks, even when accessing sites through a firewall. If the auto-discovery of alternate names does not work, we recommend listing each alternate name with a ServerAlias directive instead of using "*".

ServerName

Examples

ServerName foo.example.com
ServerName myserver.example.com

Description

The ServerName directive specifies the hostname that is reported to clients. By default the server name is the hostname.

CUPS 1.1.21ServerTokens

Examples

ServerTokens None
ServerTokens ProductOnly
ServerTokens Major
ServerTokens Minor
ServerTokens Minimal
ServerTokens OS
ServerTokens Full

Description

The ServerTokens directive specifies the information that is included in the Server: header of all HTTP responses. Table 4 lists the token name along with the text that is returned. The default is Minimal.

Table 4: ServerToken Names and Values
Name Value
None No Server: header is returned
ProductOnly "CUPS"
Major "CUPS 1"
Minor "CUPS 1.2"
Minimal "CUPS 1.2.N" where N is the patch release
OS "CUPS 1.2.N (UNAME)" where N is the patch release and UNAME is the output of the uname(1) command
Full "CUPS 1.2.N (UNAME) IPP/1.1" where N is the patch release and UNAME is the output of the uname(1) command

CUPS 1.2/Mac OS X 10.5SetEnv

Examples

SetEnv PATH /usr/lib/cups/filter:/bin:/usr/bin:/usr/local/bin
SetEnv MY_ENV_VAR foo

Description

The SetEnv directive specifies an environment variable that should be passed to child processes.

SSLListen

Examples

SSLListen 127.0.0.1:443
SSLListen 192.0.2.1:443

Description

The SSLListen directive specifies a network address and port to listen for secure connections. Multiple SSLListen directives can be provided to listen on multiple addresses.

The SSLListen directive is similar to the SSLPort directive but allows you to restrict access to specific interfaces or networks.

SSLOptions

Examples

SSLOptions None
SSLOptions NoEmptyFragments

Description

The SSLOptions directive specifies additional SSL/TLS protocol options to use for encrypted connected. Currently only two options are supported - None (the default) for the most secure mode and NoEmptyFragments to allow CUPS to work with Microsoft Windows with the FIPS conformance mode enabled.

SSLPort

Examples

SSLPort 443

Description

The SSLPort directive specifies a port to listen on for secure connections. Multiple SSLPort lines can be specified to listen on multiple ports.

CUPS 1.5SubscriptionPrivateAccess

Examples

SubscriptionPrivateAccess all
SubscriptionPrivateAccess default
SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+

Description

The SubscriptionPrivateAccess directive specifies the access list for a subscription's private values. The "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or requesting-user-name-denied values.

The SubscriptionPrivateAccess directive must appear inside a Policy section.

CUPS 1.5SubscriptionPrivateValues

Examples

SubscriptionPrivateValues all
SubscriptionPrivateValues default
SubscriptionPrivateValues none
SubscriptionPrivateValues attribute-name-1 [ ... attribute-name-N ]

Description

The SubscriptionPrivateValues directive specifies the list of subscription values to make private. The "default" values are "notify-events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and "notify-user-data".

The SubscriptionPrivateValues directive must appear inside a Policy section.

Timeout

Examples

Timeout 300
Timeout 90

Description

The Timeout directive controls the amount of time to wait before an active HTTP or IPP request times out. The default timeout is 300 seconds.

CUPS 1.5WebInterface

Examples

WebInterface yes
WebInterface no

Description

The WebInterface directive specifies whether the web interface is enabled. The default value is Yes.

 
CUPS and the CUPS logo are trademarks of Apple Inc. CUPS is copyright 2007-2012 Apple Inc. All rights reserved.