cupsd.conf(5) — Linux manual page

NAME | DESCRIPTION | NOTES | CONFORMING TO | EXAMPLES | SEE ALSO | COPYRIGHT | COLOPHON

cupsd.conf(5)                  Apple Inc.                  cupsd.conf(5)

NAME         top

       cupsd.conf - server configuration file for cups

DESCRIPTION         top

       The cupsd.conf file configures the CUPS scheduler, cupsd(8).  It
       is normally located in the /etc/cups directory.  Each line in the
       file can be a configuration directive, a blank line, or a
       comment.  Configuration directives typically consist of a name
       and zero or more values separated by whitespace.  The
       configuration directive name and values are case-insensitive.
       Comment lines start with the # character.

   TOP-LEVEL DIRECTIVES
       The following top-level directives are understood by cupsd(8):

       AccessLogLevel config

       AccessLogLevel actions

       AccessLogLevel all
            Specifies the logging level for the AccessLog file.  The
            "config" level logs when printers and classes are added,
            deleted, or modified and when configuration files are
            accessed or updated.  The "actions" level logs when print
            jobs are submitted, held, released, modified, or canceled,
            and any of the conditions for "config".  The "all" level
            logs all requests.  The default access log level is
            "actions".

       AutoPurgeJobs Yes

       AutoPurgeJobs No
            Specifies whether to purge job history data automatically
            when it is no longer required for quotas.  The default is
            "No".

       BrowseDNSSDSubTypes_subtype[,...]
            Specifies a list of Bonjour sub-types to advertise for each
            shared printer.  For example, "BrowseDNSSDSubTypes
            _cups,_print" will tell network clients that both CUPS
            sharing and IPP Everywhere are supported.  The default is
            "_cups" which is necessary for printer sharing to work
            between systems using CUPS.

       BrowseLocalProtocols all

       BrowseLocalProtocols dnssd

       BrowseLocalProtocols none
            Specifies which protocols to use for local printer sharing.
            The default is "dnssd" on systems that support Bonjour and
            "none" otherwise.

       BrowseWebIF Yes

       BrowseWebIF No
            Specifies whether the CUPS web interface is advertised.  The
            default is "No".

       Browsing Yes

       Browsing No
            Specifies whether shared printers are advertised.  The
            default is "No".

       DefaultAuthType Basic

       DefaultAuthType Negotiate
            Specifies the default type of authentication to use.  The
            default is "Basic".

       DefaultEncryption Never

       DefaultEncryption IfRequested

       DefaultEncryption Required
            Specifies whether encryption will be used for authenticated
            requests.  The default is "Required".

       DefaultLanguage locale
            Specifies the default language to use for text and web
            content.  The default is "en".

       DefaultPaperSize Auto

       DefaultPaperSize None

       DefaultPaperSize sizename
            Specifies the default paper size for new print queues.
            "Auto" uses a locale-specific default, while "None"
            specifies there is no default paper size.  Specific size
            names are typically "Letter" or "A4".  The default is
            "Auto".

       DefaultPolicy policy-name
            Specifies the default access policy to use.  The default
            access policy is "default".

       DefaultShared Yes

       DefaultShared No
            Specifies whether local printers are shared by default.  The
            default is "Yes".

       DirtyCleanInterval seconds
            Specifies the delay for updating of configuration and state
            files.  A value of 0 causes the update to happen as soon as
            possible, typically within a few milliseconds.  The default
            value is "30".

       DNSSDHostNamehostname.example.com
            Specifies the fully-qualified domain name for the server
            that is used for Bonjour sharing.  The default is typically
            the server's ".local" hostname.

       ErrorPolicy abort-job
            Specifies that a failed print job should be aborted
            (discarded) unless otherwise specified for the printer.

       ErrorPolicy retry-current-job
            Specifies that a failed print job should be retried
            immediately unless otherwise specified for the printer.

       ErrorPolicy retry-job
            Specifies that a failed print job should be retried at a
            later time unless otherwise specified for the printer.

       ErrorPolicy stop-printer
            Specifies that a failed print job should stop the printer
            unless otherwise specified for the printer. The 'stop-
            printer' error policy is the default.

       FilterLimit limit
            Specifies the maximum cost of filters that are run
            concurrently, which can be used to minimize disk, memory,
            and CPU resource problems.  A limit of 0 disables filter
            limiting.  An average print to a non-PostScript printer
            needs a filter limit of about 200.  A PostScript printer
            needs about half that (100).  Setting the limit below these
            thresholds will effectively limit the scheduler to printing
            a single job at any time.  The default limit is "0".

       FilterNice nice-value
            Specifies the scheduling priority ( nice(8) value) of
            filters that are run to print a job.  The nice value ranges
            from 0, the highest priority, to 19, the lowest priority.
            The default is 0.

       GSSServiceName name
            Specifies the service name when using Kerberos
            authentication.  The default service name is "http."

       HostNameLookups On

       HostNameLookups Off

       HostNameLookups Double
            Specifies whether to do reverse lookups on connecting
            clients.  The "Double" setting causes cupsd(8) to verify
            that the hostname resolved from the address matches one of
            the addresses returned for that hostname.  Double lookups
            also prevent clients with unregistered addresses from
            connecting to your server.  The default is "Off" to avoid
            the potential server performance problems with hostname
            lookups.  Only set this option to "On" or "Double" if
            absolutely required.

       IdleExitTimeout seconds
            Specifies the length of time to wait before shutting down
            due to inactivity.  The default is "60" seconds.  Note: Only
            applicable when cupsd(8) is run on-demand (e.g., with -l).

       JobKillDelay seconds
            Specifies the number of seconds to wait before killing the
            filters and backend associated with a canceled or held job.
            The default is "30".

       JobRetryInterval seconds
            Specifies the interval between retries of jobs in seconds.
            This is typically used for fax queues but can also be used
            with normal print queues whose error policy is "retry-job"
            or "retry-current-job".  The default is "30".

       JobRetryLimit count
            Specifies the number of retries that are done for jobs.
            This is typically used for fax queues but can also be used
            with normal print queues whose error policy is "retry-job"
            or "retry-current-job".  The default is "5".

       KeepAlive Yes

       KeepAlive No
            Specifies whether to support HTTP keep-alive connections.
            The default is "Yes".

       <Limit operation ...> ... </Limit>
            Specifies the IPP operations that are being limited inside a
            Policy section. IPP operation names are listed below in the
            section "IPP OPERATION NAMES".

       <Limit method ...> ... </Limit>

       <LimitExcept method ...> ... </LimitExcept>
            Specifies the HTTP methods that are being limited inside a
            Location section. HTTP method names are listed below in the
            section "HTTP METHOD NAMES".

       LimitRequestBody size
            Specifies the maximum size of print files, IPP requests, and
            HTML form data.  The default is "0" which disables the limit
            check.

       Listen ipv4-address:port

       Listen [ipv6-address]:port

       Listen *:port

       Listen /path/to/domain/socket
            Listens to the specified address and port or domain socket
            path for connections.  Multiple Listen directives can be
            provided to listen on multiple addresses.  The Listen
            directive is similar to the Port directive but allows you to
            restrict access to specific interfaces or networks.

       <Location /path> ... </Location>
            Specifies access control for the named location.  Paths are
            documented below in the section "LOCATION PATHS".

       LogDebugHistory number
            Specifies the number of debugging messages that are retained
            for logging if an error occurs in a print job. Debug
            messages are logged regardless of the LogLevel setting.

       LogLevel none

       LogLevel emerg

       LogLevel alert

       LogLevel crit

       LogLevel error

       LogLevel warn

       LogLevel notice

       LogLevel info

       LogLevel debug

       LogLevel debug2
            Specifies the level of logging for the ErrorLog file.  The
            value "none" stops all logging while "debug2" logs
            everything.  The default is "warn".

       LogTimeFormat standard

       LogTimeFormat usecs
            Specifies the format of the date and time in the log files.
            The value "standard" is the default and logs whole seconds
            while "usecs" logs microseconds.

       MaxClients number
            Specifies the maximum number of simultaneous clients that
            are allowed by the scheduler.  The default is "100".

       MaxClientsPerHost number
            Specifies the maximum number of simultaneous clients that
            are allowed from a single address.  The default is the
            MaxClients value.

       MaxCopies number
            Specifies the maximum number of copies that a user can print
            of each job.  The default is "9999".

       MaxHoldTime seconds
            Specifies the maximum time a job may remain in the
            "indefinite" hold state before it is canceled.  The default
            is "0" which disables cancellation of held jobs.

       MaxJobs number
            Specifies the maximum number of simultaneous jobs that are
            allowed.  Set to "0" to allow an unlimited number of jobs.
            The default is "500".

       MaxJobsPerPrinter number
            Specifies the maximum number of simultaneous jobs that are
            allowed per printer.  The default is "0" which allows up to
            MaxJobs jobs per printer.

       MaxJobsPerUser number
            Specifies the maximum number of simultaneous jobs that are
            allowed per user.  The default is "0" which allows up to
            MaxJobs jobs per user.

       MaxJobTime seconds
            Specifies the maximum time a job may take to print before it
            is canceled.  Set to "0" to disable cancellation of "stuck"
            jobs.  The default is "10800" (3 hours).

       MaxLogSize size
            Specifies the maximum size of the log files before they are
            rotated.  The value "0" disables log rotation.  The default
            is "1048576" (1MB).

       MultipleOperationTimeout seconds
            Specifies the maximum amount of time to allow between files
            in a multiple file print job.  The default is "900" (15
            minutes).

       <Policy name> ... </Policy>
            Specifies access control for the named policy.

       Port number
            Listens to the specified port number for connections.

       PreserveJobFiles Yes

       PreserveJobFiles No

       PreserveJobFiles seconds
            Specifies whether job files (documents) are preserved after
            a job is printed.  If a numeric value is specified, job
            files are preserved for the indicated number of seconds
            after printing.  The default is "86400" (preserve 1 day).

       PreserveJobHistory Yes

       PreserveJobHistory No

       PreserveJobHistory seconds
            Specifies whether the job history is preserved after a job
            is printed.  If a numeric value is specified, the job
            history is preserved for the indicated number of seconds
            after printing.  If "Yes", the job history is preserved
            until the MaxJobs limit is reached.  The default is "Yes".

       ReloadTimeout seconds
            Specifies the amount of time to wait for job completion
            before restarting the scheduler.  The default is "30".

       ServerAdmin email-address
            Specifies the email address of the server administrator.
            The default value is "root@ServerName".

       ServerAlias hostname [ ... hostname ]

       ServerAlias *
            The ServerAlias directive is used for HTTP Host header
            validation when clients connect to the scheduler from
            external interfaces.  Using the special name "*" can expose
            your system to known browser-based DNS rebinding attacks,
            even when accessing sites through a firewall.  If the auto-
            discovery of alternate names does not work, we recommend
            listing each alternate name with a ServerAlias directive
            instead of using "*".

       ServerName hostname
            Specifies the fully-qualified hostname of the server.  The
            default is the value reported by the hostname(1) command.

       ServerTokens None

       ServerTokens ProductOnly

       ServerTokens Major

       ServerTokens Minor

       ServerTokens Minimal

       ServerTokens OS

       ServerTokens Full
            Specifies what information is included in the Server header
            of HTTP responses.  "None" disables the Server header.
            "ProductOnly" reports "CUPS".  "Major" reports "CUPS/major
            IPP/2".  "Minor" reports "CUPS/major.minor IPP/2.1".
            "Minimal" reports "CUPS/major.minor.patch IPP/2.1".  "OS"
            reports "CUPS/major.minor.path (osname osversion) IPP/2.1".
            "Full" reports "CUPS/major.minor.path (osname osversion;
            architecture) IPP/2.1".  The default is "Minimal".

       SSLListen ipv4-address:port

       SSLListen [ipv6-address]:port

       SSLListen *:port
            Listens on the specified address and port for encrypted
            connections.

       SSLOptions [AllowDH] [AllowRC4] [AllowSSL3] [DenyCBC]
       [DenyTLS1.0] [MaxTLS1.0] [MaxTLS1.1] [MaxTLS1.2] [MaxTLS1.3]
       [MinTLS1.0] [MinTLS1.1] [MinTLS1.2] [MinTLS1.3]

       SSLOptions None
            Sets encryption options (only in /etc/cups/client.conf).  By
            default, CUPS only supports encryption using TLS v1.0 or
            higher using known secure cipher suites.  Security is
            reduced when Allow options are used.  Security is enhanced
            when Deny options are used.  The AllowDH option enables
            cipher suites using plain Diffie-Hellman key negotiation
            (not supported on systems using GNU TLS).  The AllowRC4
            option enables the 128-bit RC4 cipher suites, which are
            required for some older clients.  The AllowSSL3 option
            enables SSL v3.0, which is required for some older clients
            that do not support TLS v1.0.  The DenyCBC option disables
            all CBC cipher suites.  The DenyTLS1.0 option disables TLS
            v1.0 support - this sets the minimum protocol version to TLS
            v1.1.  The MinTLS options set the minimum TLS version to
            support.  The MaxTLS options set the maximum TLS version to
            support.  Not all operating systems support TLS 1.3 at this
            time.

       SSLPort port
            Listens on the specified port for encrypted connections.

       StrictConformance Yes

       StrictConformance No
            Specifies whether the scheduler requires clients to strictly
            adhere to the IPP specifications.  The default is "No".

       Timeout seconds
            Specifies the HTTP request timeout.  The default is "900"
            (15 minutes).

       WebInterface yes

       WebInterface no
            Specifies whether the web interface is enabled.  The default
            is "No".

   HTTP METHOD NAMES
       The following HTTP methods are supported by cupsd(8):

       GET  Used by a client to download icons and other printer
            resources and to access the CUPS web interface.

       HEAD Used by a client to get the type, size, and modification
            date of resources.

       OPTIONS
            Used by a client to establish a secure (SSL/TLS) connection.

       POST Used by a client to submit IPP requests and HTML forms from
            the CUPS web interface.

       PUT  Used by a client to upload configuration files.

   IPP OPERATION NAMES
       The following IPP operations are supported by cupsd(8):

       CUPS-Accept-Jobs
            Allows a printer to accept new jobs.

       CUPS-Add-Modify-Class
            Adds or modifies a printer class.

       CUPS-Add-Modify-Printer
            Adds or modifies a printer.

       CUPS-Authenticate-Job
            Releases a job that is held for authentication.

       CUPS-Delete-Class
            Deletes a printer class.

       CUPS-Delete-Printer
            Deletes a printer.

       CUPS-Get-Classes
            Gets a list of printer classes.

       CUPS-Get-Default
            Gets the server default printer or printer class.

       CUPS-Get-Devices
            Gets a list of devices that are currently available.

       CUPS-Get-Document
            Gets a document file for a job.

       CUPS-Get-PPD
            Gets a PPD file.

       CUPS-Get-PPDs
            Gets a list of installed PPD files.

       CUPS-Get-Printers
            Gets a list of printers.

       CUPS-Move-Job
            Moves a job.

       CUPS-Reject-Jobs
            Prevents a printer from accepting new jobs.

       CUPS-Set-Default
            Sets the server default printer or printer class.

       Cancel-Job
            Cancels a job.

       Cancel-Jobs
            Cancels one or more jobs.

       Cancel-My-Jobs
            Cancels one or more jobs creates by a user.

       Cancel-Subscription
            Cancels a subscription.

       Close-Job
            Closes a job that is waiting for more documents.

       Create-Job
            Creates a new job with no documents.

       Create-Job-Subscriptions
            Creates a subscription for job events.

       Create-Printer-Subscriptions
            Creates a subscription for printer events.

       Get-Job-Attributes
            Gets information about a job.

       Get-Jobs
            Gets a list of jobs.

       Get-Notifications
            Gets a list of event notifications for a subscription.

       Get-Printer-Attributes
            Gets information about a printer or printer class.

       Get-Subscription-Attributes
            Gets information about a subscription.

       Get-Subscriptions
            Gets a list of subscriptions.

       Hold-Job
            Holds a job from printing.

       Hold-New-Jobs
            Holds all new jobs from printing.

       Pause-Printer
            Stops processing of jobs by a printer or printer class.

       Pause-Printer-After-Current-Job
            Stops processing of jobs by a printer or printer class after
            the current job is finished.

       Print-Job
            Creates a new job with a single document.

       Purge-Jobs
            Cancels one or more jobs and deletes the job history.

       Release-Held-New-Jobs
            Allows previously held jobs to print.

       Release-Job
            Allows a job to print.

       Renew-Subscription
            Renews a subscription.

       Restart-Job
            Reprints a job, if possible.

       Send-Document
            Adds a document to a job.

       Set-Job-Attributes
            Changes job information.

       Set-Printer-Attributes
            Changes printer or printer class information.

       Validate-Job
            Validates options for a new job.

   LOCATION PATHS
       The following paths are commonly used when configuring cupsd(8):

       /    The path for all get operations (get-printers, get-jobs,
            etc.)

       /admin
            The path for all administration operations (add-printer,
            delete-printer, start-printer, etc.)

       /admin/conf
            The path for access to the CUPS configuration files
            (cupsd.conf, client.conf, etc.)

       /admin/log
            The path for access to the CUPS log files (access_log,
            error_log, page_log)

       /classes
            The path for all printer classes

       /classes/name
            The resource for the named printer class

       /jobs
            The path for all jobs (hold-job, release-job, etc.)

       /jobs/id
            The path for the specified job

       /printers
            The path for all printers

       /printers/name
            The path for the named printer

       /printers/name.png
            The icon file path for the named printer

       /printers/name.ppd
            The PPD file path for the named printer

   DIRECTIVES VALID WITHIN LOCATION AND LIMIT SECTIONS
       The following directives may be placed inside Location and Limit
       sections in the cupsd.conf file:

       Allow all

       Allow none

       Allow host.domain.com

       Allow *.domain.com

       Allow ipv4-address

       Allow ipv4-address/netmask

       Allow ipv4-address/mm

       Allow [ipv6-address]

       Allow [ipv6-address]/mm

       Allow @IF(name)

       Allow @LOCAL
            Allows access from the named hosts, domains, addresses, or
            interfaces.  The @IF(name) form uses the current subnets
            configured for the named interface.  The @LOCAL form uses
            the current subnets configured for all interfaces that are
            not point-to-point, for example Ethernet and Wi-Fi
            interfaces are used but DSL and VPN interfaces are not.  The
            Order directive controls whether Allow lines are evaluated
            before or after Deny lines.

       AuthType None

       AuthType Basic

       AuthType Default

       AuthType Negotiate
            Specifies the type of authentication required.  The value
            "Default" corresponds to the DefaultAuthType value.

       Deny all

       Deny none

       Deny host.domain.com

       Deny *.domain.com

       Deny ipv4-address

       Deny ipv4-address/netmask

       Deny ipv4-address/mm

       Deny [ipv6-address]

       Deny [ipv6-address]/mm

       Deny @IF(name)

       Deny @LOCAL
            Denies access from the named hosts, domains, addresses, or
            interfaces.  The @IF(name) form uses the current subnets
            configured for the named interface.  The @LOCAL form uses
            the current subnets configured for all interfaces that are
            not point-to-point, for example Ethernet and Wi-Fi
            interfaces are used but DSL and VPN interfaces are not.  The
            Order directive controls whether Deny lines are evaluated
            before or after Allow lines.

       Encryption IfRequested

       Encryption Never

       Encryption Required
            Specifies the level of encryption that is required for a
            particular location.  The default value is "IfRequested".

       Order allow,deny
            Specifies that access is denied by default. Allow lines are
            then processed followed by Deny lines to determine whether a
            client may access a particular resource.

       Order deny,allow
            Specifies that access is allowed by default. Deny lines are
            then processed followed by Allow lines to determine whether
            a client may access a particular resource.

       Require group group-name [ group-name ... ]
            Specifies that an authenticated user must be a member of one
            of the named groups.

       Require user {user-name|@group-name} ...
            Specifies that an authenticated user must match one of the
            named users or be a member of one of the named groups.  The
            group name "@SYSTEM" corresponds to the list of groups
            defined by the SystemGroup directive in the
            cups-files.conf(5) file.  The group name "@OWNER"
            corresponds to the owner of the resource, for example the
            person that submitted a print job.  Note: The 'root' user is
            not special and must be granted privileges like any other
            user account.

       Require valid-user
            Specifies that any authenticated user is acceptable.

       Satisfy all
            Specifies that all Allow, AuthType, Deny, Order, and Require
            conditions must be satisfied to allow access.

       Satisfy any
            Specifies that any a client may access a resource if either
            the authentication (AuthType/Require) or address
            (Allow/Deny/Order) conditions are satisfied.  For example,
            this can be used to require authentication only for remote
            accesses.

   DIRECTIVES VALID WITHIN POLICY SECTIONS
       The following directives may be placed inside Policy sections in
       the cupsd.conf file:

       JobPrivateAccess all

       JobPrivateAccess default

       JobPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM} ...
            Specifies an access list for a job's private values.  The
            "default" access list is "@OWNER @SYSTEM".  "@ACL" maps to
            the printer's requesting-user-name-allowed or requesting-
            user-name-denied values.  "@OWNER" maps to the job's owner.
            "@SYSTEM" maps to the groups listed for the SystemGroup
            directive in the cups-files.conf(5) file.

       JobPrivateValues all

       JobPrivateValues default

       JobPrivateValues none

       JobPrivateValues attribute-name [ ... attribute-name ]
            Specifies the list of job values to make private.  The
            "default" values are "job-name", "job-originating-host-
            name", "job-originating-user-name", and "phone".

       SubscriptionPrivateAccess all

       SubscriptionPrivateAccess default

       SubscriptionPrivateAccess {user|@group|@ACL|@OWNER|@SYSTEM} ...
            Specifies an access list for a subscription's private
            values.  The "default" access list is "@OWNER @SYSTEM".
            "@ACL" maps to the printer's requesting-user-name-allowed or
            requesting-user-name-denied values.  "@OWNER" maps to the
            job's owner.  "@SYSTEM" maps to the groups listed for the
            SystemGroup directive in the cups-files.conf(5) file.

       SubscriptionPrivateValues all

       SubscriptionPrivateValues default

       SubscriptionPrivateValues none

       SubscriptionPrivateValues attribute-name [ ... attribute-name ]
            Specifies the list of subscription values to make private.
            The "default" values are "notify-events", "notify-pull-
            method", "notify-recipient-uri", "notify-subscriber-user-
            name", and "notify-user-data".

   DEPRECATED DIRECTIVES
       The following directives are deprecated and will be removed in a
       future release of CUPS:

       Classification banner
            Specifies the security classification of the server.  Any
            valid banner name can be used, including "classified",
            "confidential", "secret", "topsecret", and "unclassified",
            or the banner can be omitted to disable secure printing
            functions.  The default is no classification banner.

       ClassifyOverride Yes

       ClassifyOverride No
            Specifies whether users may override the classification
            (cover page) of individual print jobs using the "job-sheets"
            option.  The default is "No".

       ListenBackLog number
            Specified the number of pending connections that will be
            allowed.  The scheduler now uses the value "128" on all
            platforms.

       PageLogFormat format-string
            Specifies the format of PageLog lines.  Sequences beginning
            with percent (%) characters are replaced with the
            corresponding information, while all other characters are
            copied literally.  The following percent sequences are
            recognized:

                "%%" inserts a single percent character.
                "%{name}" inserts the value of the specified IPP attribute.
                "%C" inserts the number of copies for the current page.
                "%P" inserts the current page number.
                "%T" inserts the current date and time in common log format.
                "%j" inserts the job ID.
                "%p" inserts the printer name.
                "%u" inserts the username.

            The default is the empty string, which disables page
            logging.  The string "%p %u %j %T %P %C %{job-billing}
            %{job-originating-host-name} %{job-name} %{media} %{sides}"
            creates a page log with the standard items.  Use "%{job-
            impressions-completed}" to insert the number of pages
            (sides) that were printed, or "%{job-media-sheets-
            completed}" to insert the number of sheets that were
            printed.

       RIPCache size
            Specifies the maximum amount of memory to use when
            converting documents into bitmaps for a printer.  The
            default is "128m".

NOTES         top

       File, directory, and user configuration directives that used to
       be allowed in the cupsd.conf file are now stored in the
       cups-files.conf(5) file instead in order to prevent certain types
       of privilege escalation attacks.

       The scheduler MUST be restarted manually after making changes to
       the cupsd.conf file.  On Linux this is typically done using the
       systemctl(8) command, while on macOS the launchctl(8) command is
       used instead.

       The @LOCAL macro name can be confusing since the system running
       cupsd often belongs to a different set of subnets from its
       clients.

CONFORMING TO         top

       The cupsd.conf file format is based on the Apache HTTP Server
       configuration file format.

EXAMPLES         top

       Log everything with a maximum log file size of 32 megabytes:

           AccessLogLevel all
           LogLevel debug2
           MaxLogSize 32m

       Require authentication for accesses from outside the 10. network:

           <Location />
           Order allow,deny
           Allow from 10./8
           AuthType Basic
           Require valid-user
           Satisfy any
           </Location>

SEE ALSO         top

       classes.conf(5), cups-files.conf(5), cupsd(8), mime.convs(5),
       mime.types(5), printers.conf(5), subscriptions.conf(5), CUPS
       Online Help (http://localhost:631/help)

COPYRIGHT         top

       Copyright © 2007-2021 by Apple Inc.

COLOPHON         top

       This page is part of the CUPS (a standards-based, open source
       printing system) project.  Information about the project can be
       found at ⟨http://www.cups.org/⟩.  If you have a bug report for
       this manual page, see ⟨http://www.cups.org/⟩.  This page was
       obtained from the project's upstream Git repository
       ⟨https://github.com/apple/cups⟩ on 2024-06-14.  (At that time,
       the date of the most recent commit that was found in the
       repository was 2023-10-27.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       [email protected]

1 October 2021                    CUPS                     cupsd.conf(5)

Pages that refer to this page: cancel(1)classes.conf(5)cupsd-logs(5)cups-files.conf(5)mime.convs(5)mime.types(5)printers.conf(5)subscriptions.conf(5)cupsctl(8)cupsd(8)cupsd-helper(8)cupsfilter(8)cups-lpd(8)