Major CUPS Configuration Files
CUPS does its good work based on the configuration files in the /etc/cups directory. Available configuration options go beyond what most administrators need. When the CUPS service starts, it loads the parallel printer module by default, as specified in the /etc/default/cupsys configuration file. (Yes, some computers—including two of mine— still have parallel ports.)
The basic functionality of other CUPS configuration files is described in Table 9-3. These files reflect the features available in CUPS version 1.3.6, included with the Ubuntu Hardy Heron release. In addition, the / etc/cups/printers.conf or / etc/cups/classes.conf
|
/etc/cups File |
Description |
|
acroread.conf |
Adapts CUPS for the Adobe Acrobat Reader |
|
classes.conf |
Lists print classes, which consist of one or more printers |
|
cupsd.conf |
Includes the main CUPS configuration file |
|
Configures a virtual printer that creates PDF files | |
|
mime.convs |
Adds file format filters |
|
mime.types |
Specifies allowable file types |
|
/etc/printcap |
Sets a share list; can be included via /etc/cups/cupsd.conf when the CUPS service is run and is used by Samba |
|
pdftops.conf |
Adapts CUPS for the xpdf Acrobat file reader |
|
ppd/ |
Inserts configured PPD (PostScript Printer Description) print drivers |
|
printers.conf |
Documents configured printers |
|
raw.convs |
Adds file format filter for raw input |
|
raw.types |
Specifies allowable file type for raw input |
|
snmp.conf |
Configures automated network printer discovery |
|
ssl/ |
Sets a directory with SSL certificates |
|
Table 9-3. CUPS Configuration Files | |
files might not exist until appropriate printers or print classes have been configured. Specialty packages can add more configuration files not described here. All but the /etc/ printcap configuration file are in the /etc/cups directory.
For most services, it's best to edit configuration files directly from the command line. This is also true for CUPS—if you know the commands and directives well.
In my opinion, CUPS directives are more cryptic than those for the average Linux service. I've found that the comments in /etc/cups files aren't as descriptive as those for other services. The available GUI editing tools are excellent. If you don't want to install a GUI on a print server, the GUI tools can still be used from a remote client.
Administrators can configure services remotely. I'll describe the few minor changes required based on the default version of the main CUPS configuration file, /etc/cups/ cupsd.conf. Other critical CUPS configuration files include /etc/cups/printers.conf, /etc/cups/classes.conf, and /etc/printcap.
/etc/cups/cupsd.conf
Even if you don't learn the CUPS configuration files in detail, it is important to understand a few key directives. The default Ubuntu version of the cupsd.conf file is excellent and the comments make it easier to make those few critical changes. But before moving on to the file, examine some implicit default directives.
For example, the default ServerRoot directive sets the default top-level directory for CUPS configuration files:
ServerRoot /etc/cups
In addition, log files are normally stored in the /var/log/cups directory, and the default options for these directives specify their types and locations:
ErrorLog /var/log/cups/error_log AccessLog /var/log/cups/access_log PageLog /var/log/cups/page_log
There used to be a default reference to the /etc/printcap configuration file, designed to help share printers with the Linux Samba file server, as described in Chapter 16. It was created by using the standard CUPS configuration file. That is no longer the case; if you intend to share CUPS-configured printers in this way on a Microsoft-based network, you'll need to add the following directive:
Printcap /etc/printcap
The file is created when the CUPS service is restarted.
NOTE Sharing on a Microsoft-based network is no longer required for printers, as Microsoft clients can connect directly to printers using the IPP protocol.
Now examine the settings in the default version of the cupsd.conf configuration file. The Ubuntu configuration is much simpler than what you might see on other
Linux distributions. Specifically, it makes it easy to configure dedicated print administrators. The following directive limits administrative access to members of the lpadmin group, as defined in /etc/group. Of course, you can change this definition or add selected printer administrators to the lpadmin group in /etc/group.
SystemGroup lpadmin
The configuration of the lpadmin group is described later in this chapter in the "Configure Print Administrators" section.
The following directives specify where connections can be made. The default settings limit access to the localhost system, and only when CUPS is running:
Listen localhost:631
Listen /var/run/cups/cups.sock
Of course, you may want to allow access to all systems at least on the local network. Port 631, as shown in /etc/services, is the default TCP/IP port for IPP. But the Listen directive sometimes confuses people. It should also be set to the IP address of the applicable local network card. For example, as my print server connects to my LAN via a network card configured to IP address 192.168.0.50, I want to change the first Listen directive to this:
Listen 192.168.0.50:631
Generally, most print administrators will want to search configured printers on the LAN. By default, this is enabled in the Ubuntu implementation of /etc/cups/cupsd.conf with the following directive:
Browsing On
The default Browse* directives that follow are optimized for sharing. The BrowseOrder directive shown looks first to the BrowseAllow directive, and then to a BrowseDeny directive if it exists. If you want to make sure to limit these directives to the local network, change the value associated with the BrowseAllow directive from all to a network address such as 192.168.0.0/24.
BrowseOrder allow,deny BrowseAllow all
The network address is not required. The BrowseAddress directive shown here allows broadcast access to allowed clients on the local network.
BrowseAddress @LOCAL
The DefaultAuthType Basic directive uses the /etc/passwd and /etc/group configuration files to search for allowed users. It works with the SystemGroup directive described earlier. Other authentication options may be preferable, as this setting allows passwords of print administrators to be transmitted over the network in clear text. However, if print administration occurs behind a secure firewall, clear text authentication might be acceptable.
DefaultAuthType Basic
One option to clear text passwords is Digest encrypted authentication, based on the following directive:
DefaultAuthType Digest
Digest authentication depends on usernames and passwords in /etc/cups/passwd .md5, which can be created with the lppasswd command. For more information see the "Configure Print Administrators" section later in this chapter. For alternative authentication levels, review the AuthType directive in the CUPS documentation.
The following stanza is encapsulated by the <Location /> container. As it relates to the top-level CUPS directory, it determines whether CUPS-configured printers are shared. By default, they are not.
Order allow,deny </Location>
This stanza limits access to the local system with an implicit Allow localhost directive. If you want to allow access to systems on the local network, you could add the Allow @LOCAL directive.
Order allow,deny Allow localhost Allow @LOCAL </Location>
Alternatively, if you want to allow access to all systems even on remote networks, change Allow @LOCAL to Allow all.
The next stanza relates to remote administrative access. The default shown here allows only administrative access from the local system:
<Location /admin>
Order allow,deny </Location>
To allow administrative access from other systems on the network, you could add the Allow @LOCAL directive. I prefer to specify the IP addresses of the local network; one example is the bolded directive:
<Location /admin> Order allow,deny Allow localhost Allow 192.168.0.0/24
</Location>
Similar action is required with the next stanza, which regulates network access to the CUPS configuration files using a CUPS configuration tool. The AuthType Default directive refers back to the value of DefaultAuthType. The Require user @SYSTEM directive refers back to the SystemGroup directive. I add the same Allow directive shown in the preceding stanza to limit access to systems on the noted network:
<Location /admin/conf> AuthType Default Require user @SYSTEM Order allow,deny Allow localhost Allow 192.168.0.0/24 </Location>
NOTE Most of the remaining directives in the default Ubuntu version of the CUPS configuration file relate to print job policies, and allow configuration by members of the lpadmin group. More information is available in the CUPS documentation.
Once you're satisfied with the changes, the following command makes the CUPS daemon read the new version of the /etc/cups/cupsd.conf configuration file:
$ sudo /etc/init.d/cupsys reload
Of course, you could restart the service, but that might cut off any pending print jobs in the local printer spool.
/etc/cups/printers.conf
Once a CUPS printer is configured, key settings are written to the /etc/cups/printers .conf configuration file. After you've configured some printers, examine this file on the print server. Examine how key directives can be used. For example, the following directive specifies a stanza associated with the default printer:
<DefaultPrinter LaserJet_4L>
Of course, without the Default, this directive just becomes a stanza container for a regular configured printer.
The DeviceURI specifies the URI of the printer. The URI can specify local printers; the following example of an URI from one of my printers.conf files specifies a parallel port device:
DeviceURI hp:/par/LaserJet_4L?device=/dev/parport0
The DeviceURI can also specify a network port. The following examples specify a connection via a Samba server, a connection to a dedicated print server, and a direct IPP connection. Of course, you should see only one DeviceURI for any configured printer.
DeviceURI smb://user:[email protected]/UBUNTUSERVER/LaserJet-4L DeviceURI http://192.168.0.5/lp1
DeviceURI ipp://192.16 8.0.50:631/printers/UbuntuPrinter
The file is often updated dynamically. For example, the State directive can be set to Idle or Stopped; this indicates whether the printer queue is active. The State can also be changed with the cupsaccept or cupsreject command. Similarly, the Accepting directive can be set to Yes or No, which indicates whether the printer is active and accepting jobs, or disabled. The value of the directive can be changed with the cupsenable and cupsdisable commands.
etccupsclasses.conf
CUPS can accommodate printers in groups, also known as a CUPS class. Once configured, they're listed in a container in the classes.conf file. The directives in this file are similar to those in printers.conf. And that's consistent, since a print group functions like an individual printer.
The differences between individual printers and print classes are straightforward: While individual printers are configured in Printer containers, print classes are configured in Class containers. The printers that are configured in the group are defined by the Printer directive. For example, the following directives
Printer HPLaserJet4 Printer LaserJonHP
specify that the HPLaserJet4 and LaserJonHP printers are both members of the specified class in the printers.conf file. Any job sent to this print class are sent to the first available member printer of that class.
/etc/printcap
As CUPS is designed to replace the LPD/LPRng print services, it uses many of the same configuration files. LPD/LPRng printers are configured in the /etc/printcap configuration file. If the Printcap directive is active, CUPS printers are also included in the /etc/ printcap configuration file. In either case, /etc/printcap provides a list of detected and configured printers.
Continue reading here: Lpq Line Print Query
Was this article helpful?