1cupsd.conf(5) Apple Inc. cupsd.conf(5)
2
6 cupsd.conf - server configuration file for cups
7
9 The cupsd.conf file configures the CUPS scheduler, cupsd(8). It is
10 normally located in the /etc/cups directory. Each line in the file can
11 be a configuration directive, a blank line, or a comment. Configura‐
12 tion directives typically consist of a name and zero or more values
13 separated by whitespace. The configuration directive name and values
14 are case-insensitive. Comment lines start with the # character.
15 TOP-LEVEL DIRECTIVES
17 The following top-level directives are understood by cupsd(8):
18 AccessLogLevel config
20 AccessLogLevel actions
22 AccessLogLevel all
24 Specifies the logging level for the AccessLog file. The "config"
25 level logs when printers and classes are added, deleted, or modi‐
26 fied and when configuration files are accessed or updated. The
27 "actions" level logs when print jobs are submitted, held,
28 released, modified, or canceled, and any of the conditions for
29 "config". The "all" level logs all requests. The default access
30 log level is "actions".
31 AutoPurgeJobs Yes
33 AutoPurgeJobs No
35 Specifies whether to purge job history data automatically when it
36 is no longer required for quotas. The default is "No".
37 BrowseDNSSDSubTypes_subtype[,...]
39 Specifies a list of Bonjour sub-types to advertise for each shared
40 printer. For example, "BrowseDNSSDSubTypes _cups,_print" will
41 tell network clients that both CUPS sharing and IPP Everywhere are
42 supported. The default is "_cups" which is necessary for printer
43 sharing to work between systems using CUPS.
44 BrowseLocalProtocols all
46 BrowseLocalProtocols dnssd
48 BrowseLocalProtocols none
50 Specifies which protocols to use for local printer sharing. The
51 default is "dnssd" on systems that support Bonjour and "none" oth‐
52 erwise.
53 BrowseWebIF Yes
55 BrowseWebIF No
57 Specifies whether the CUPS web interface is advertised. The
58 default is "No".
59 Browsing Yes
61 Browsing No
63 Specifies whether shared printers are advertised. The default is
64 "No".
65 DefaultAuthType Basic
67 DefaultAuthType Negotiate
69 Specifies the default type of authentication to use. The default
70 is "Basic".
71 DefaultEncryption Never
73 DefaultEncryption IfRequested
75 DefaultEncryption Required
77 Specifies whether encryption will be used for authenticated
78 requests. The default is "Required".
79 DefaultLanguage locale
81 Specifies the default language to use for text and web content.
82 The default is "en".
83 DefaultPaperSize Auto
85 DefaultPaperSize None
87 DefaultPaperSize sizename
89 Specifies the default paper size for new print queues. "Auto" uses
90 a locale-specific default, while "None" specifies there is no
91 default paper size. Specific size names are typically "Letter" or
92 "A4". The default is "Auto".
93 DefaultPolicy policy-name
95 Specifies the default access policy to use. The default access
96 policy is "default".
97 DefaultShared Yes
99 DefaultShared No
101 Specifies whether local printers are shared by default. The
102 default is "Yes".
103 DirtyCleanInterval seconds
105 Specifies the delay for updating of configuration and state files.
106 A value of 0 causes the update to happen as soon as possible, typ‐
107 ically within a few milliseconds. The default value is "30".
108 DNSSDHostNamehostname.example.com
110 Specifies the fully-qualified domain name for the server that is
111 used for Bonjour sharing. The default is typically the server's
112 ".local" hostname.
113 ErrorPolicy abort-job
115 Specifies that a failed print job should be aborted (discarded)
116 unless otherwise specified for the printer.
117 ErrorPolicy retry-current-job
119 Specifies that a failed print job should be retried immediately
120 unless otherwise specified for the printer.
121 ErrorPolicy retry-job
123 Specifies that a failed print job should be retried at a later
124 time unless otherwise specified for the printer.
125 ErrorPolicy stop-printer
127 Specifies that a failed print job should stop the printer unless
128 otherwise specified for the printer. The 'stop-printer' error pol‐
129 icy is the default.
130 FilterLimit limit
132 Specifies the maximum cost of filters that are run concurrently,
133 which can be used to minimize disk, memory, and CPU resource prob‐
134 lems. A limit of 0 disables filter limiting. An average print to
135 a non-PostScript printer needs a filter limit of about 200. A
136 PostScript printer needs about half that (100). Setting the limit
137 below these thresholds will effectively limit the scheduler to
138 printing a single job at any time. The default limit is "0".
139 FilterNice nice-value
141 Specifies the scheduling priority ( nice(8) value) of filters that
142 are run to print a job. The nice value ranges from 0, the highest
143 priority, to 19, the lowest priority. The default is 0.
144 GSSServiceName name
146 Specifies the service name when using Kerberos authentication.
147 The default service name is "http."
148 HostNameLookups On
150 HostNameLookups Off
152 HostNameLookups Double
154 Specifies whether to do reverse lookups on connecting clients.
155 The "Double" setting causes cupsd(8) to verify that the hostname
156 resolved from the address matches one of the addresses returned
157 for that hostname. Double lookups also prevent clients with
158 unregistered addresses from connecting to your server. The
159 default is "Off" to avoid the potential server performance prob‐
160 lems with hostname lookups. Only set this option to "On" or "Dou‐
161 ble" if absolutely required.
162 IdleExitTimeout seconds
164 Specifies the length of time to wait before shutting down due to
165 inactivity. The default is "60" seconds. Note: Only applicable
166 when cupsd(8) is run on-demand (e.g., with -l).
167 JobKillDelay seconds
169 Specifies the number of seconds to wait before killing the filters
170 and backend associated with a canceled or held job. The default
171 is "30".
172 JobRetryInterval seconds
174 Specifies the interval between retries of jobs in seconds. This
175 is typically used for fax queues but can also be used with normal
176 print queues whose error policy is "retry-job" or "retry-current-
177 job". The default is "30".
178 JobRetryLimit count
180 Specifies the number of retries that are done for jobs. This is
181 typically used for fax queues but can also be used with normal
182 print queues whose error policy is "retry-job" or "retry-current-
183 job". The default is "5".
184 KeepAlive Yes
186 KeepAlive No
188 Specifies whether to support HTTP keep-alive connections. The
189 default is "Yes".
190 KeepAliveTimeout seconds
192 Specifies how long an idle client connection remains open. The
193 default is "30".
194 <Limit operation ...> ... </Limit>
196 Specifies the IPP operations that are being limited inside a Pol‐
197 icy section. IPP operation names are listed below in the section
198 "IPP OPERATION NAMES".
199 <Limit method ...> ... </Limit>
201 <LimitExcept method ...> ... </LimitExcept>
203 Specifies the HTTP methods that are being limited inside a Loca‐
204 tion section. HTTP method names are listed below in the section
205 "HTTP METHOD NAMES".
206 LimitRequestBody size
208 Specifies the maximum size of print files, IPP requests, and HTML
209 form data. The default is "0" which disables the limit check.
210 Listen ipv4-address:port
212 Listen [ipv6-address]:port
214 Listen *:port
216 Listen /path/to/domain/socket
218 Listens to the specified address and port or domain socket path
219 for connections. Multiple Listen directives can be provided to
220 listen on multiple addresses. The Listen directive is similar to
221 the Port directive but allows you to restrict access to specific
222 interfaces or networks. Note: "Listen *:port" and "Port port"
223 effectively listen on all IP addresses, so you cannot combine them
224 with Listen directives for explicit IPv4 or IPv6 addresses on the
225 same port.
226 ListenBackLog number
228 Specifies the number of pending connections that will be allowed.
229 This normally only affects very busy servers that have reached the
230 MaxClients limit, but can also be triggered by large numbers of
231 simultaneous connections. When the limit is reached, the operat‐
232 ing system will refuse additional connections until the scheduler
233 can accept the pending ones. The default is the OS-defined
234 default limit, typically either "5" for older operating systems or
235 "128" for newer operating systems.
236 <Location /path> ... </Location>
238 Specifies access control for the named location. Paths are docu‐
239 mented below in the section "LOCATION PATHS".
240 LogDebugHistory number
242 Specifies the number of debugging messages that are retained for
243 logging if an error occurs in a print job. Debug messages are
244 logged regardless of the LogLevel setting.
245 LogLevel none
247 LogLevel emerg
249 LogLevel alert
251 LogLevel crit
253 LogLevel error
255 LogLevel warn
257 LogLevel notice
259 LogLevel info
261 LogLevel debug
263 LogLevel debug2
265 Specifies the level of logging for the ErrorLog file. The value
266 "none" stops all logging while "debug2" logs everything. The
267 default is "warn".
268 LogTimeFormat standard
270 LogTimeFormat usecs
272 Specifies the format of the date and time in the log files. The
273 value "standard" is the default and logs whole seconds while
274 "usecs" logs microseconds.
275 MaxClients number
277 Specifies the maximum number of simultaneous clients that are
278 allowed by the scheduler. The default is "100".
279 MaxClientsPerHost number
281 Specifies the maximum number of simultaneous clients that are
282 allowed from a single address. The default is the MaxClients
283 value.
284 MaxCopies number
286 Specifies the maximum number of copies that a user can print of
287 each job. The default is "9999".
288 MaxHoldTime seconds
290 Specifies the maximum time a job may remain in the "indefinite"
291 hold state before it is canceled. The default is "0" which dis‐
292 ables cancellation of held jobs.
293 MaxJobs number
295 Specifies the maximum number of simultaneous jobs that are
296 allowed. Set to "0" to allow an unlimited number of jobs. The
297 default is "500".
298 MaxJobsPerPrinter number
300 Specifies the maximum number of simultaneous jobs that are allowed
301 per printer. The default is "0" which allows up to MaxJobs jobs
302 per printer.
303 MaxJobsPerUser number
305 Specifies the maximum number of simultaneous jobs that are allowed
306 per user. The default is "0" which allows up to MaxJobs jobs per
307 user.
308 MaxJobTime seconds
310 Specifies the maximum time a job may take to print before it is
311 canceled. Set to "0" to disable cancellation of "stuck" jobs.
312 The default is "10800" (3 hours).
313 MaxLogSize size
315 Specifies the maximum size of the log files before they are
316 rotated. The value "0" disables log rotation. The default is
317 "1048576" (1MB).
318 MultipleOperationTimeout seconds
320 Specifies the maximum amount of time to allow between files in a
321 multiple file print job. The default is "900" (15 minutes).
322 <Policy name> ... </Policy>
324 Specifies access control for the named policy.
325 Port number
327 Listens to the specified port number for connections.
328 PreserveJobFiles Yes
330 PreserveJobFiles No
332 PreserveJobFiles seconds
334 Specifies whether job files (documents) are preserved after a job
335 is printed. If a numeric value is specified, job files are pre‐
336 served for the indicated number of seconds after printing. The
337 default is "86400" (preserve 1 day).
338 PreserveJobHistory Yes
340 PreserveJobHistory No
342 PreserveJobHistory seconds
344 Specifies whether the job history is preserved after a job is
345 printed. If a numeric value is specified, the job history is pre‐
346 served for the indicated number of seconds after printing. If
347 "Yes", the job history is preserved until the MaxJobs limit is
348 reached. The default is "Yes".
349 ReloadTimeout seconds
351 Specifies the amount of time to wait for job completion before
352 restarting the scheduler. The default is "30".
353 ServerAdmin email-address
355 Specifies the email address of the server administrator. The
356 default value is "root@ServerName".
357 ServerAlias hostname [ ... hostname ]
359 ServerAlias *
361 The ServerAlias directive is used for HTTP Host header validation
362 when clients connect to the scheduler from external interfaces.
363 Using the special name "*" can expose your system to known
364 browser-based DNS rebinding attacks, even when accessing sites
365 through a firewall. If the auto-discovery of alternate names does
366 not work, we recommend listing each alternate name with a Server‐
367 Alias directive instead of using "*".
368 ServerName hostname
370 Specifies the fully-qualified hostname of the server. The default
371 is the value reported by the hostname(1) command.
372 ServerTokens None
374 ServerTokens ProductOnly
376 ServerTokens Major
378 ServerTokens Minor
380 ServerTokens Minimal
382 ServerTokens OS
384 ServerTokens Full
386 Specifies what information is included in the Server header of
387 HTTP responses. "None" disables the Server header. "ProductOnly"
388 reports "CUPS". "Major" reports "CUPS/major IPP/2". "Minor"
389 reports "CUPS/major.minor IPP/2.1". "Minimal" reports
390 "CUPS/major.minor.patch IPP/2.1". "OS" reports
391 "CUPS/major.minor.path (osname osversion) IPP/2.1". "Full"
392 reports "CUPS/major.minor.path (osname osversion; architecture)
393 IPP/2.1". The default is "Minimal".
394 SSLListen ipv4-address:port
396 SSLListen [ipv6-address]:port
398 SSLListen *:port
400 Listens on the specified address and port for encrypted connec‐
401 tions.
402 SSLOptions [AllowDH] [AllowRC4] [AllowSSL3] [DenyCBC] [DenyTLS1.0]
405 [MaxTLS1.0] [MaxTLS1.1] [MaxTLS1.2] [MaxTLS1.3] [MinTLS1.0] [MinTLS1.1]
406 [MinTLS1.2] [MinTLS1.3]
407 SSLOptions None
409 Sets encryption options (only in /etc/cups/client.conf). By
410 default, CUPS only supports encryption using TLS v1.0 or higher
411 using known secure cipher suites. Security is reduced when Allow
412 options are used. Security is enhanced when Deny options are
413 used. The AllowDH option enables cipher suites using plain
414 Diffie-Hellman key negotiation (not supported on systems using GNU
415 TLS). The AllowRC4 option enables the 128-bit RC4 cipher suites,
416 which are required for some older clients. The AllowSSL3 option
417 enables SSL v3.0, which is required for some older clients that do
418 not support TLS v1.0. The DenyCBC option disables all CBC cipher
419 suites. The DenyTLS1.0 option disables TLS v1.0 support - this
420 sets the minimum protocol version to TLS v1.1. The MinTLS options
421 set the minimum TLS version to support. The MaxTLS options set
422 the maximum TLS version to support. Not all operating systems
423 support TLS 1.3 at this time.
424 SSLPort port
426 Listens on the specified port for encrypted connections.
427 StrictConformance Yes
429 StrictConformance No
431 Specifies whether the scheduler requires clients to strictly
432 adhere to the IPP specifications. The default is "No".
433 Timeout seconds
435 Specifies the HTTP request timeout. The default is "900" (15 min‐
436 utes).
437 WebInterface yes
439 WebInterface no
441 Specifies whether the web interface is enabled. The default is
442 "No".
443 HTTP METHOD NAMES
445 The following HTTP methods are supported by cupsd(8):
446 GET Used by a client to download icons and other printer resources and
448 to access the CUPS web interface.
449 HEAD Used by a client to get the type, size, and modification date of
451 resources.
452 OPTIONS
454 Used by a client to establish a secure (SSL/TLS) connection.
455 POST Used by a client to submit IPP requests and HTML forms from the
457 CUPS web interface.
458 PUT Used by a client to upload configuration files.
460 IPP OPERATION NAMES
462 The following IPP operations are supported by cupsd(8):
463 CUPS-Accept-Jobs
465 Allows a printer to accept new jobs.
466 CUPS-Add-Modify-Class
468 Adds or modifies a printer class.
469 CUPS-Add-Modify-Printer
471 Adds or modifies a printer.
472 CUPS-Authenticate-Job
474 Releases a job that is held for authentication.
475 CUPS-Delete-Class
477 Deletes a printer class.
478 CUPS-Delete-Printer
480 Deletes a printer.
481 CUPS-Get-Classes
483 Gets a list of printer classes.
484 CUPS-Get-Default
486 Gets the server default printer or printer class.
487 CUPS-Get-Devices
489 Gets a list of devices that are currently available.
490 CUPS-Get-Document
492 Gets a document file for a job.
493 CUPS-Get-PPD
495 Gets a PPD file.
496 CUPS-Get-PPDs
498 Gets a list of installed PPD files.
499 CUPS-Get-Printers
501 Gets a list of printers.
502 CUPS-Move-Job
504 Moves a job.
505 CUPS-Reject-Jobs
507 Prevents a printer from accepting new jobs.
508 CUPS-Set-Default
510 Sets the server default printer or printer class.
511 Cancel-Job
513 Cancels a job.
514 Cancel-Jobs
516 Cancels one or more jobs.
517 Cancel-My-Jobs
519 Cancels one or more jobs creates by a user.
520 Cancel-Subscription
522 Cancels a subscription.
523 Close-Job
525 Closes a job that is waiting for more documents.
526 Create-Job
528 Creates a new job with no documents.
529 Create-Job-Subscriptions
531 Creates a subscription for job events.
532 Create-Printer-Subscriptions
534 Creates a subscription for printer events.
535 Get-Job-Attributes
537 Gets information about a job.
538 Get-Jobs
540 Gets a list of jobs.
541 Get-Notifications
543 Gets a list of event notifications for a subscription.
544 Get-Printer-Attributes
546 Gets information about a printer or printer class.
547 Get-Subscription-Attributes
549 Gets information about a subscription.
550 Get-Subscriptions
552 Gets a list of subscriptions.
553 Hold-Job
555 Holds a job from printing.
556 Hold-New-Jobs
558 Holds all new jobs from printing.
559 Pause-Printer
561 Stops processing of jobs by a printer or printer class.
562 Pause-Printer-After-Current-Job
564 Stops processing of jobs by a printer or printer class after the
565 current job is finished.
566 Print-Job
568 Creates a new job with a single document.
569 Purge-Jobs
571 Cancels one or more jobs and deletes the job history.
572 Release-Held-New-Jobs
574 Allows previously held jobs to print.
575 Release-Job
577 Allows a job to print.
578 Renew-Subscription
580 Renews a subscription.
581 Restart-Job
583 Reprints a job, if possible.
584 Send-Document
586 Adds a document to a job.
587 Set-Job-Attributes
589 Changes job information.
590 Set-Printer-Attributes
592 Changes printer or printer class information.
593 Validate-Job
595 Validates options for a new job.
596 LOCATION PATHS
598 The following paths are commonly used when configuring cupsd(8):
599 / The path for all get operations (get-printers, get-jobs, etc.)
601 /admin
603 The path for all administration operations (add-printer, delete-
604 printer, start-printer, etc.)
605 /admin/conf
607 The path for access to the CUPS configuration files (cupsd.conf,
608 client.conf, etc.)
609 /admin/log
611 The path for access to the CUPS log files (access_log, error_log,
612 page_log)
613 /classes
615 The path for all printer classes
616 /classes/name
618 The resource for the named printer class
619 /jobs
621 The path for all jobs (hold-job, release-job, etc.)
622 /jobs/id
624 The path for the specified job
625 /printers
627 The path for all printers
628 /printers/name
630 The path for the named printer
631 /printers/name.png
633 The icon file path for the named printer
634 /printers/name.ppd
636 The PPD file path for the named printer
637 DIRECTIVES VALID WITHIN LOCATION AND LIMIT SECTIONS
639 The following directives may be placed inside Location and Limit sec‐
640 tions in the cupsd.conf file:
641 Allow all
643 Allow none
645 Allow host.domain.com
647 Allow *.domain.com
649 Allow ipv4-address
651 Allow ipv4-address/netmask
653 Allow ipv4-address/mm
655 Allow [ipv6-address]
657 Allow [ipv6-address]/mm
659 Allow @IF(name)
661 Allow @LOCAL
663 Allows access from the named hosts, domains, addresses, or inter‐
664 faces. The @IF(name) form uses the current subnets configured for
665 the named interface. The @LOCAL form uses the current subnets
666 configured for all interfaces that are not point-to-point, for
667 example Ethernet and Wi-Fi interfaces are used but DSL and VPN
668 interfaces are not. The Order directive controls whether Allow
669 lines are evaluated before or after Deny lines.
670 AuthType None
672 AuthType Basic
674 AuthType Default
676 AuthType Negotiate
678 Specifies the type of authentication required. The value
679 "Default" corresponds to the DefaultAuthType value.
680 Deny all
682 Deny none
684 Deny host.domain.com
686 Deny *.domain.com
688 Deny ipv4-address
690 Deny ipv4-address/netmask
692 Deny ipv4-address/mm
694 Deny [ipv6-address]
696 Deny [ipv6-address]/mm
698 Deny @IF(name)
700 Deny @LOCAL
702 Denies access from the named hosts, domains, addresses, or inter‐
703 faces. The @IF(name) form uses the current subnets configured for
704 the named interface. The @LOCAL form uses the current subnets
705 configured for all interfaces that are not point-to-point, for
706 example Ethernet and Wi-Fi interfaces are used but DSL and VPN
707 interfaces are not. The Order directive controls whether Deny
708 lines are evaluated before or after Allow lines.
709 Encryption IfRequested
711 Encryption Never
713 Encryption Required
715 Specifies the level of encryption that is required for a particu‐
716 lar location. The default value is "IfRequested".
717 Order allow,deny
719 Specifies that access is denied by default. Allow lines are then
720 processed followed by Deny lines to determine whether a client may
721 access a particular resource.
722 Order deny,allow
724 Specifies that access is allowed by default. Deny lines are then
725 processed followed by Allow lines to determine whether a client
726 may access a particular resource.
727 Require group group-name [ group-name ... ]
729 Specifies that an authenticated user must be a member of one of
730 the named groups.
731 Require user {user-name|@group-name} ...
733 Specifies that an authenticated user must match one of the named
734 users or be a member of one of the named groups. The group name
735 "@SYSTEM" corresponds to the list of groups defined by the System‐
736 Group directive in the cups-files.conf(5) file. The group name
737 "@OWNER" corresponds to the owner of the resource, for example the
738 person that submitted a print job. Note: The 'root' user is not
739 special and must be granted privileges like any other user
740 account.
741 Require valid-user
743 Specifies that any authenticated user is acceptable.
744 Satisfy all
746 Specifies that all Allow, AuthType, Deny, Order, and Require con‐
747 ditions must be satisfied to allow access.
748 Satisfy any
750 Specifies that any a client may access a resource if either the
751 authentication (AuthType/Require) or address (Allow/Deny/Order)
752 conditions are satisfied. For example, this can be used to
753 require authentication only for remote accesses.
754 DIRECTIVES VALID WITHIN POLICY SECTIONS
756 The following directives may be placed inside Policy sections in the
757 cupsd.conf file:
758 JobPrivateAccess all
760 JobPrivateAccess default
762 JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM} ...
764 Specifies an access list for a job's private values. The
765 "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the
766 printer's requesting-user-name-allowed or requesting-user-name-
767 denied values. "@OWNER" maps to the job's owner. "@SYSTEM" maps
768 to the groups listed for the SystemGroup directive in the cups-
769 files.conf(5) file.
770 JobPrivateValues all
772 JobPrivateValues default
774 JobPrivateValues none
776 JobPrivateValues attribute-name [ ... attribute-name ]
778 Specifies the list of job values to make private. The "default"
779 values are "job-name", "job-originating-host-name", "job-originat‐
780 ing-user-name", and "phone".
781 SubscriptionPrivateAccess all
783 SubscriptionPrivateAccess default
785 SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM} ...
787 Specifies an access list for a subscription's private values. The
788 "default" access list is "@OWNER @SYSTEM". "@ACL" maps to the
789 printer's requesting-user-name-allowed or requesting-user-name-
790 denied values. "@OWNER" maps to the job's owner. "@SYSTEM" maps
791 to the groups listed for the SystemGroup directive in the cups-
792 files.conf(5) file.
793 SubscriptionPrivateValues all
795 SubscriptionPrivateValues default
797 SubscriptionPrivateValues none
799 SubscriptionPrivateValues attribute-name [ ... attribute-name ]
801 Specifies the list of subscription values to make private. The
802 "default" values are "notify-events", "notify-pull-method",
803 "notify-recipient-uri", "notify-subscriber-user-name", and
804 "notify-user-data".
805 DEPRECATED DIRECTIVES
807 The following directives are deprecated and will be removed in a future
808 release of CUPS:
809 Classification banner
811 Specifies the security classification of the server. Any valid
812 banner name can be used, including "classified", "confidential",
813 "secret", "topsecret", and "unclassified", or the banner can be
814 omitted to disable secure printing functions. The default is no
815 classification banner.
816 ClassifyOverride Yes
818 ClassifyOverride No
820 Specifies whether users may override the classification (cover
821 page) of individual print jobs using the "job-sheets" option. The
822 default is "No".
823 PageLogFormat format-string
825 Specifies the format of PageLog lines. Sequences beginning with
826 percent (%) characters are replaced with the corresponding infor‐
827 mation, while all other characters are copied literally. The fol‐
828 lowing percent sequences are recognized:
829 "%%" inserts a single percent character.
831 "%{name}" inserts the value of the specified IPP attribute.
832 "%C" inserts the number of copies for the current page.
833 "%P" inserts the current page number.
834 "%T" inserts the current date and time in common log format.
835 "%j" inserts the job ID.
836 "%p" inserts the printer name.
837 "%u" inserts the username.
838 The default is the empty string, which disables page logging. The
840 string "%p %u %j %T %P %C %{job-billing} %{job-originating-host-
841 name} %{job-name} %{media} %{sides}" creates a page log with the
842 standard items. Use "%{job-impressions-completed}" to insert the
843 number of pages (sides) that were printed, or "%{job-media-sheets-
844 completed}" to insert the number of sheets that were printed.
845 RIPCache size
847 Specifies the maximum amount of memory to use when converting doc‐
848 uments into bitmaps for a printer. The default is "128m".
849
851 File, directory, and user configuration directives that used to be
852 allowed in the cupsd.conf file are now stored in the cups-files.conf(5)
853 file instead in order to prevent certain types of privilege escalation
854 attacks.
855 The scheduler MUST be restarted manually after making changes to the
857 cupsd.conf file. On Linux this is typically done using the system‐
858 ctl(8) command, while on macOS the launchctl(8) command is used
859 instead.
860 The @LOCAL macro name can be confusing since the system running cupsd
862 often belongs to a different set of subnets from its clients.
863
865 The cupsd.conf file format is based on the Apache HTTP Server configu‐
866 ration file format.
867
869 Log everything with a maximum log file size of 32 megabytes:
870 AccessLogLevel all
872 LogLevel debug2
873 MaxLogSize 32m
874 Require authentication for accesses from outside the 10. network:
876 <Location />
878 Order allow,deny
879 Allow from 10./8
880 AuthType Basic
881 Require valid-user
882 Satisfy any
883 </Location>
884
886 classes.conf(5), cups-files.conf(5), cupsd(8), mime.convs(5),
887 mime.types(5), printers.conf(5), subscriptions.conf(5), CUPS Online
888 Help (http://localhost:631/help)
889
891 Copyright © 2020 by Michael R Sweet
892 Copyright © 2007-2019 by Apple Inc.
89328 November 2020 CUPS cupsd.conf(5)