Provided by: cups-daemon_1.7.2-0ubuntu1.11_amd64 
NAME
cupsd.conf - server configuration file for cups
DESCRIPTION
The cupsd.conf file configures the CUPS scheduler, cupsd(8). It is normally located in
the /etc/cups directory. Note: File, directory, and user configuration directives that
used to be allowed in the cupsd.conf file are now stored in the cups-files.conf(5) instead
in order to prevent certain types of privilege escalation attacks.
Each line in the file can be a configuration directive, a blank line, or a comment.
Comment lines start with the # character. The configuration directives are intentionally
similar to those used by the popular Apache web server software and are described below.
DIRECTIVES
The following directives are understood by cupsd(8). Consult the on-line help for detailed
descriptions:
AccessLogLevel config
AccessLogLevel actions
AccessLogLevel all
Specifies the logging level for the AccessLog file.
Allow all
Allow none
Allow host.domain.com
Allow *.domain.com
Allow ip-address
Allow ip-address/netmask
Allow ip-address/mm
Allow @IF(name)
Allow @LOCAL
Allows access from the named hosts or addresses.
AuthType None
AuthType Basic
AuthType BasicDigest
AuthType Digest
AuthType Negotiate
Specifies the authentication type (None, Basic, BasicDigest, Digest, Negotiate)
AutoPurgeJobs Yes
AutoPurgeJobs No
Specifies whether to purge job history data automatically when it is no longer
required for quotas.
BrowseLocalProtocols [All] [DNSSD]
Specifies the protocols to use for local printer sharing.
BrowseWebIF Yes
BrowseWebIF No
Specifies whether the CUPS web interface is advertised via DNS-SD.
Browsing Yes
Browsing No
Specifies whether or not shared printers should be advertised.
Classification banner
Specifies the security classification of the server.
ClassifyOverride Yes
ClassifyOverride No
Specifies whether to allow users to override the classification of individual print
jobs.
DefaultAuthType Basic
DefaultAuthType BasicDigest
DefaultAuthType Digest
DefaultAuthType Negotiate
Specifies the default type of authentication to use.
DefaultEncryption Never
DefaultEncryption IfRequested
DefaultEncryption Required
Specifies the type of encryption to use for authenticated requests.
DefaultLanguage locale
Specifies the default language to use for text and web content.
DefaultPaperSize Auto
DefaultPaperSize None
DefaultPaperSize sizename
Specifies the default paper size for new print queues. "Auto" uses a locale- specific
default, while "None" specifies there is no default paper size.
DefaultPolicy policy-name
Specifies the default access policy to use.
DefaultShared Yes
DefaultShared No
Specifies whether local printers are shared by default.
Deny all
Deny none
Deny host.domain.com
Deny *.domain.com
Deny ip-address
Deny ip-address/netmask
Deny ip-address/mm
Deny @IF(name)
Deny @LOCAL
Denies access to the named host or address.
DirtyCleanInterval seconds
Specifies the delay for updating of configuration and state files. A value of 0
causes the update to happen as soon as possible, typically within a few milliseconds.
Encryption IfRequested
Encryption Never
Encryption Required
Specifies the level of encryption that is required for a particular location.
FilterLimit limit
Specifies the maximum cost of filters that are run concurrently.
FilterNice nice-value
Specifies the scheduling priority ("nice" value) of filters that are run to print a
job.
GSSServiceName name
Specifies the service name when using Kerberos authentication. The default service
name is "http".
HostNameLookups On
HostNameLookups Off
HostNameLookups Double
Specifies whether or not to do reverse lookups on client addresses.
Include filename
Includes the named file.
JobKillDelay seconds
Specifies the number of seconds to wait before killing the filters and backend
associated with a canceled or held job.
JobPrivateAccess all
JobPrivateAccess default
JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
Specifies an access list for a job's private values. The "default" access list is
"@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed or
requesting-user-name-denied values.
JobPrivateValues all
JobPrivateValues default
JobPrivateValues none
JobPrivateValues attribute-name-1 [ ... attribute-name-N ]
Specifies the list of job values to make private. The "default" values are "job-
name", "job-originating-host-name", and "job-originating-user-name".
JobRetryInterval seconds
Specifies the interval between retries of jobs in seconds.
JobRetryLimit count
Specifies the number of retries that are done for jobs.
KeepAlive Yes
KeepAlive No
Specifies whether to support HTTP keep-alive connections.
KeepAliveTimeout seconds
Specifies the amount of time that connections are kept alive.
<Limit operations> ... </Limit>
Specifies the IPP operations that are being limited inside a policy.
<Limit methods> ... </Limit>
<LimitExcept methods> ... </LimitExcept>
Specifies the HTTP methods that are being limited inside a location.
LimitRequestBody
Specifies the maximum size of any print job request.
Listen ip-address:port
Listen *:port
Listen /path/to/domain/socket
Listens to the specified address and port or domain socket path.
<Location /path> ... </Location>
Specifies access control for the named location.
LogDebugHistory #-messages
Specifies the number of debugging messages that are logged when an error occurs in a
print job.
LogLevel alert
LogLevel crit
LogLevel debug2
LogLevel debug
LogLevel emerg
LogLevel error
LogLevel info
LogLevel none
LogLevel notice
LogLevel warn
Specifies the logging level for the ErrorLog file.
LogTimeFormat standard
LogTimeFormat usecs
Specifies the format of the date and time in the log files.
MaxClients number
Specifies the maximum number of simultaneous clients to support.
MaxClientsPerHost number
Specifies the maximum number of simultaneous clients to support from a single
address.
MaxCopies number
Specifies the maximum number of copies that a user can print of each job.
MaxHoldTime seconds
Specifies the maximum time a job may remain in the "indefinite" hold state before it
is canceled. Set to 0 to disable cancellation of held jobs.
MaxJobs number
Specifies the maximum number of simultaneous jobs to support.
MaxJobsPerPrinter number
Specifies the maximum number of simultaneous jobs per printer to support.
MaxJobsPerUser number
Specifies the maximum number of simultaneous jobs per user to support.
MaxJobTime seconds
Specifies the maximum time a job may take to print before it is canceled. The default
is 10800 seconds (3 hours). Set to 0 to disable cancellation of "stuck" jobs.
MaxLogSize number-bytes
Specifies the maximum size of the log files before they are rotated (0 to disable
rotation)
MaxRequestSize number-bytes
Specifies the maximum request/file size in bytes (0 for no limit)
MultipleOperationTimeout seconds
Specifies the maximum amount of time to allow between files in a multiple file print
job.
Order allow,deny
Order deny,allow
Specifies the order of HTTP access control (allow,deny or deny,allow)
PageLogFormat format string
Specifies the format of page log lines.
<Policy name> ... </Policy>
Specifies access control for the named policy.
Port number
Specifies a port number to listen to for HTTP requests.
PreserveJobFiles Yes
PreserveJobFiles No
Specifies whether or not to preserve job files after they are printed.
PreserveJobHistory Yes
PreserveJobHistory No
Specifies whether or not to preserve the job history after they are printed.
PrintcapFormat bsd
PrintcapFormat plist
PrintcapFormat solaris
Specifies the format of the printcap file.
ReloadTimeout seconds
Specifies the amount of time to wait for job completion before restarting the
scheduler.
Require group group-name-list
Require user user-name-list
Require valid-user
Specifies that user or group authentication is required.
RIPCache bytes
Specifies the maximum amount of memory to use when converting images and PostScript
files to bitmaps for a printer.
Satisfy all
Satisfy any
Specifies whether all or any limits set for a Location must be satisfied to allow
access.
ServerAdmin user@domain.com
Specifies the email address of the server administrator.
ServerAlias hostname [... hostname]
ServerAlias *
Specifies an alternate name that the server is known by. The special name "*" allows
any name to be used.
ServerName hostname-or-ip-address
Specifies the fully-qualified hostname of the server.
ServerTokens Full
ServerTokens Major
ServerTokens Minimal
ServerTokens Minor
ServerTokens None
ServerTokens OS
ServerTokens ProductOnly
Specifies what information is included in the Server header of HTTP responses.
SSLListen
Listens on the specified address and port for encrypted connections.
SSLOptions None
SSLOptions [NoEmptyFragments] [AllowRC4] [Allow SSL3]
Sets SSL/TLS protocol options for encrypted connections. By default, CUPS only
supports encryption using TLS v1.0 or higher using known secure cipher suites. The
NoEmptyFragments option allows CUPS to work with Microsoft Windows with the FIPS
conformance mode enabled. The AllowRC4 option enables the 128-bit RC4 cipher suites,
which are required for some older clients that do not implement newer ones. The
AllowSSL3 option enables SSL v3.0, which is required for some older clients that do
not support TLS v1.0.
SSLPort
Listens on the specified port for encrypted connections.
StrictConformance Yes
StrictConformance No
Specifies whether the scheduler requires clients to strictly adhere to the IPP
specifications. The default is No.
SubscriptionPrivateAccess all
SubscriptionPrivateAccess default
SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM}+
Specifies an access list for a subscription's private values. The "default" access
list is "@OWNER @SYSTEM". "@ACL" maps to the printer's requesting-user-name-allowed
or requesting-user-name-denied values.
SubscriptionPrivateValues all
SubscriptionPrivateValues default
SubscriptionPrivateValues none
SubscriptionPrivateValues attribute-name-1 [ ... attribute-name-N ]
Specifies the list of job values to make private. The "default" values are "notify-
events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name",
and "notify-user-data".
Timeout seconds
Specifies the HTTP request timeout in seconds.
WebInterface yes
WebInterface no
Specifies whether the web interface is enabled.
SEE ALSO
classes.conf(5), cups-files.conf(5), cupsd(8), mime.convs(5), mime.types(5),
printers.conf(5), subscriptions.conf(5),
http://localhost:631/help
COPYRIGHT
Copyright 2007-2013 by Apple Inc.