guix.texi

    (plain-file "hosts"
                (string-append (local-host-aliases host-name)
                               %facebook-host-aliases))))
@end example

This mechanism can prevent programs running locally, such as Web
browsers, from accessing Facebook.
@end defvr

The @code{(gnu services avahi)} provides the following definition.

@deffn {Scheme Procedure} avahi-service [#:avahi @var{avahi}] @
          [#:host-name #f] [#:publish? #t] [#:ipv4? #t] @
          [#:ipv6? #t] [#:wide-area? #f] @
          [#:domains-to-browse '()] [#:debug? #f]
Return a service that runs @command{avahi-daemon}, a system-wide
mDNS/DNS-SD responder that allows for service discovery and
"zero-configuration" host name lookups (see @uref{http://avahi.org/}), and
extends the name service cache daemon (nscd) so that it can resolve
@code{.local} host names using
@uref{http://0pointer.de/lennart/projects/nss-mdns/, nss-mdns}.  Additionally,
add the @var{avahi} package to the system profile so that commands such as
@command{avahi-browse} are directly usable.

If @var{host-name} is different from @code{#f}, use that as the host name to
publish for this machine; otherwise, use the machine's actual host name.

When @var{publish?} is true, publishing of host names and services is allowed;
in particular, avahi-daemon will publish the machine's host name and IP
address via mDNS on the local network.

When @var{wide-area?} is true, DNS-SD over unicast DNS is enabled.

Boolean values @var{ipv4?} and @var{ipv6?} determine whether to use IPv4/IPv6
sockets.
@end deffn

@deffn {Scheme Variable} openvswitch-service-type
This is the type of the @uref{http://www.openvswitch.org, Open vSwitch}
service, whose value should be an @code{openvswitch-configuration}
object.
@end deffn

@deftp {Data Type} openvswitch-configuration
Data type representing the configuration of Open vSwitch, a multilayer
virtual switch which is designed to enable massive network automation
through programmatic extension.

@table @asis
@item @code{package} (default: @var{openvswitch})
Package object of the Open vSwitch.

@end table
@end deftp

@node X Window
@subsubsection X Window

@cindex X11
@cindex X Window System
@cindex login manager
Support for the X Window graphical display system---specifically
Xorg---is provided by the @code{(gnu services xorg)} module.  Note that
there is no @code{xorg-service} procedure.  Instead, the X server is
started by the @dfn{login manager}, by default SLiM.

@cindex window manager
To use X11, you must install at least one @dfn{window manager}---for
example the @code{windowmaker} or @code{openbox} packages---preferably
by adding it to the @code{packages} field of your operating system
definition (@pxref{operating-system Reference, system-wide packages}).

@defvr {Scheme Variable} slim-service-type
This is the type for the SLiM graphical login manager for X11.

@cindex session types (X11)
@cindex X11 session types
SLiM looks for @dfn{session types} described by the @file{.desktop} files in
@file{/run/current-system/profile/share/xsessions} and allows users to
choose a session from the log-in screen using @kbd{F1}.  Packages such
as @code{xfce}, @code{sawfish}, and @code{ratpoison} provide
@file{.desktop} files; adding them to the system-wide set of packages
automatically makes them available at the log-in screen.

In addition, @file{~/.xsession} files are honored.  When available,
@file{~/.xsession} must be an executable that starts a window manager
and/or other X clients.
@end defvr

@deftp {Data Type} slim-configuration
Data type representing the configuration of @code{slim-service-type}.

@table @asis
@item @code{allow-empty-passwords?} (default: @code{#t})
Whether to allow logins with empty passwords.

@item @code{auto-login?} (default: @code{#f})
@itemx @code{default-user} (default: @code{""})
When @code{auto-login?} is false, SLiM presents a log-in screen.

When @code{auto-login?} is true, SLiM logs in directly as
@code{default-user}.

@item @code{theme} (default: @code{%default-slim-theme})
@itemx @code{theme-name} (default: @code{%default-slim-theme-name})
The graphical theme to use and its name.

@item @code{auto-login-session} (default: @code{#f})
If true, this must be the name of the executable to start as the default
session---e.g., @code{(file-append windowmaker "/bin/windowmaker")}.

If false, a session described by one of the available @file{.desktop}
files in @code{/run/current-system/profile} and @code{~/.guix-profile}
will be used.

@quotation Note
You must install at least one window manager in the system profile or in
your user profile.  Failing to do that, if @code{auto-login-session} is
false, you will be unable to log in.
@end quotation

@item @code{startx} (default: @code{(xorg-start-command)})
The command used to start the X11 graphical server.

@item @code{xauth} (default: @code{xauth})
The XAuth package to use.

@item @code{shepherd} (default: @code{shepherd})
The Shepherd package used when invoking @command{halt} and
@command{reboot}.

@item @code{slim} (default: @code{slim})
The SLiM package to use.
@end table
@end deftp

@defvr {Scheme Variable} %default-theme
@defvrx {Scheme Variable} %default-theme-name
The default SLiM theme and its name.
@end defvr


@deftp {Data Type} sddm-configuration
This is the data type representing the sddm service configuration.

@table @asis
@item @code{display-server} (default: "x11")
Select display server to use for the greeter. Valid values are "x11"
or "wayland".

@item @code{numlock} (default: "on")
Valid values are "on", "off" or "none".

@item @code{halt-command} (default @code{#~(string-apppend #$shepherd "/sbin/halt")})
Command to run when halting.

@item @code{reboot-command} (default @code{#~(string-append #$shepherd "/sbin/reboot")})
Command to run when rebooting.

@item @code{theme} (default "maldives")
Theme to use. Default themes provided by SDDM are "elarun" or "maldives".

@item @code{themes-directory} (default "/run/current-system/profile/share/sddm/themes")
Directory to look for themes.

@item @code{faces-directory} (default "/run/current-system/profile/share/sddm/faces")
Directory to look for faces.

@item @code{default-path} (default "/run/current-system/profile/bin")
Default PATH to use.

@item @code{minimum-uid} (default 1000)
Minimum UID to display in SDDM.

@item @code{maximum-uid} (default 2000)
Maximum UID to display in SDDM

@item @code{remember-last-user?} (default #t)
Remember last user.

@item @code{remember-last-session?} (default #t)
Remember last session.

@item @code{hide-users} (default "")
Usernames to hide from SDDM greeter.

@item @code{hide-shells} (default @code{#~(string-append #$shadow "/sbin/nologin")})
Users with shells listed will be hidden from the SDDM greeter.

@item @code{session-command} (default @code{#~(string-append #$sddm "/share/sddm/scripts/wayland-session")})
Script to run before starting a wayland session.

@item @code{sessions-directory} (default "/run/current-system/profile/share/wayland-sessions")
Directory to look for desktop files starting wayland sessions.

@item @code{xorg-server-path} (default @code{xorg-start-command})
Path to xorg-server.

@item @code{xauth-path} (default @code{#~(string-append #$xauth "/bin/xauth")})
Path to xauth.

@item @code{xephyr-path} (default @code{#~(string-append #$xorg-server "/bin/Xephyr")})
Path to Xephyr.

@item @code{xdisplay-start} (default @code{#~(string-append #$sddm "/share/sddm/scripts/Xsetup")})
Script to run after starting xorg-server.

@item @code{xdisplay-stop} (default @code{#~(string-append #$sddm "/share/sddm/scripts/Xstop")})
Script to run before stopping xorg-server.

@item @code{xsession-command} (default: @code{xinitr })
Script to run before starting a X session.

@item @code{xsessions-directory} (default: "/run/current-system/profile/share/xsessions")
Directory to look for desktop files starting X sessions.

@item @code{minimum-vt} (default: 7)
Minimum VT to use.

@item @code{xserver-arguments} (default "-nolisten tcp")
Arguments to pass to xorg-server.

@item @code{auto-login-user} (default "")
User to use for auto-login.

@item @code{auto-login-session} (default "")
Desktop file to use for auto-login.

@item @code{relogin?} (default #f)
Relogin after logout.

@end table
@end deftp

@cindex login manager
@cindex X11 login
@deffn {Scheme Procedure} sddm-service config
Return a service that spawns the SDDM graphical login manager for config of
type @code{<sddm-configuration>}.

@example
  (sddm-service (sddm-configuration
                 (auto-login-user "Alice")
                 (auto-login-session "xfce.desktop")))
@end example
@end deffn

@deffn {Scheme Procedure} xorg-start-command [#:guile] @
  [#:modules %default-xorg-modules] @
  [#:fonts %default-xorg-fonts] @
  [#:configuration-file (xorg-configuration-file @dots{})] @
  [#:xorg-server @var{xorg-server}]
Return a @code{startx} script in which @var{modules}, a list of X module
packages, and @var{fonts}, a list of X font directories, are available.  See
@code{xorg-wrapper} for more details on the arguments.  The result should be
used in place of @code{startx}.

Usually the X server is started by a login manager.
@end deffn

@deffn {Scheme Procedure} xorg-configuration-file @
  [#:modules %default-xorg-modules] @
  [#:fonts %default-xorg-fonts] @
  [#:drivers '()] [#:resolutions '()] [#:extra-config '()]
Return a configuration file for the Xorg server containing search paths for
all the common drivers.

@var{modules} must be a list of @dfn{module packages} loaded by the Xorg
server---e.g., @code{xf86-video-vesa}, @code{xf86-input-keyboard}, and so on.
@var{fonts} must be a list of font directories to add to the server's
@dfn{font path}.

@var{drivers} must be either the empty list, in which case Xorg chooses a
graphics driver automatically, or a list of driver names that will be tried in
this order---e.g., @code{("modesetting" "vesa")}.

Likewise, when @var{resolutions} is the empty list, Xorg chooses an
appropriate screen resolution; otherwise, it must be a list of
resolutions---e.g., @code{((1024 768) (640 480))}.

Last, @var{extra-config} is a list of strings or objects appended to the
configuration file.  It is used to pass extra text to be
added verbatim to the configuration file.
@end deffn

@deffn {Scheme Procedure} screen-locker-service @var{package} [@var{name}]
Add @var{package}, a package for a screen-locker or screen-saver whose
command is @var{program}, to the set of setuid programs and add a PAM entry
for it.  For example:

@lisp
(screen-locker-service xlockmore "xlock")
@end lisp

makes the good ol' XlockMore usable.
@end deffn


@node Printing Services
@subsubsection Printing Services

@cindex printer support with CUPS
The @code{(gnu services cups)} module provides a Guix service definition
for the CUPS printing service.  To add printer support to a GuixSD
system, add a @code{cups-service} to the operating system definition:

@deffn {Scheme Variable} cups-service-type
The service type for the CUPS print server.  Its value should be a valid
CUPS configuration (see below).  To use the default settings, simply
write:
@example
(service cups-service-type)
@end example
@end deffn

The CUPS configuration controls the basic things about your CUPS
installation: what interfaces it listens on, what to do if a print job
fails, how much logging to do, and so on.  To actually add a printer,
you have to visit the @url{http://localhost:631} URL, or use a tool such
as GNOME's printer configuration services.  By default, configuring a
CUPS service will generate a self-signed certificate if needed, for
secure connections to the print server.

Suppose you want to enable the Web interface of CUPS and also add
support for Epson printers @i{via} the @code{escpr} package and for HP
printers @i{via} the @code{hplip} package.  You can do that directly,
like this (you need to use the @code{(gnu packages cups)} module):

@example
(service cups-service-type
         (cups-configuration
           (web-interface? #t)
           (extensions
             (list cups-filters escpr hplip))))
@end example

The available configuration parameters follow.  Each parameter
definition is preceded by its type; for example, @samp{string-list foo}
indicates that the @code{foo} parameter should be specified as a list of
strings.  There is also a way to specify the configuration as a string,
if you have an old @code{cupsd.conf} file that you want to port over
from some other system; see the end for more details.

@c The following documentation was initially generated by
@c (generate-documentation) in (gnu services cups).  Manually maintained
@c documentation is better, so we shouldn't hesitate to edit below as
@c needed.  However if the change you want to make to this documentation
@c can be done in an automated way, it's probably easier to change
@c (generate-documentation) than to make it below and have to deal with
@c the churn as CUPS updates.


Available @code{cups-configuration} fields are:

@deftypevr {@code{cups-configuration} parameter} package cups
The CUPS package.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} package-list extensions
Drivers and other extensions to the CUPS package.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} files-configuration files-configuration
Configuration of where to write logs, what directories to use for print
spools, and related privileged configuration parameters.

Available @code{files-configuration} fields are:

@deftypevr {@code{files-configuration} parameter} log-location access-log
Defines the access log filename.  Specifying a blank filename disables
access log generation.  The value @code{stderr} causes log entries to be
sent to the standard error file when the scheduler is running in the
foreground, or to the system log daemon when run in the background.  The
value @code{syslog} causes log entries to be sent to the system log
daemon.  The server name may be included in filenames using the string
@code{%s}, as in @code{/var/log/cups/%s-access_log}.

Defaults to @samp{"/var/log/cups/access_log"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} file-name cache-dir
Where CUPS should cache data.

Defaults to @samp{"/var/cache/cups"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} string config-file-perm
Specifies the permissions for all configuration files that the scheduler
writes.

Note that the permissions for the printers.conf file are currently
masked to only allow access from the scheduler user (typically root).
This is done because printer device URIs sometimes contain sensitive
authentication information that should not be generally known on the
system.  There is no way to disable this security feature.

Defaults to @samp{"0640"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} log-location error-log
Defines the error log filename.  Specifying a blank filename disables
access log generation.  The value @code{stderr} causes log entries to be
sent to the standard error file when the scheduler is running in the
foreground, or to the system log daemon when run in the background.  The
value @code{syslog} causes log entries to be sent to the system log
daemon.  The server name may be included in filenames using the string
@code{%s}, as in @code{/var/log/cups/%s-error_log}.

Defaults to @samp{"/var/log/cups/error_log"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} string fatal-errors
Specifies which errors are fatal, causing the scheduler to exit.  The
kind strings are:

@table @code
@item none
No errors are fatal.

@item all
All of the errors below are fatal.

@item browse
Browsing initialization errors are fatal, for example failed connections
to the DNS-SD daemon.

@item config
Configuration file syntax errors are fatal.

@item listen
Listen or Port errors are fatal, except for IPv6 failures on the
loopback or @code{any} addresses.

@item log
Log file creation or write errors are fatal.

@item permissions
Bad startup file permissions are fatal, for example shared TLS
certificate and key files with world-read permissions.
@end table

Defaults to @samp{"all -browse"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} boolean file-device?
Specifies whether the file pseudo-device can be used for new printer
queues.  The URI @uref{file:///dev/null} is always allowed.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} string group
Specifies the group name or ID that will be used when executing external
programs.

Defaults to @samp{"lp"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} string log-file-perm
Specifies the permissions for all log files that the scheduler writes.

Defaults to @samp{"0644"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} log-location page-log
Defines the page log filename.  Specifying a blank filename disables
access log generation.  The value @code{stderr} causes log entries to be
sent to the standard error file when the scheduler is running in the
foreground, or to the system log daemon when run in the background.  The
value @code{syslog} causes log entries to be sent to the system log
daemon.  The server name may be included in filenames using the string
@code{%s}, as in @code{/var/log/cups/%s-page_log}.

Defaults to @samp{"/var/log/cups/page_log"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} string remote-root
Specifies the username that is associated with unauthenticated accesses
by clients claiming to be the root user.  The default is @code{remroot}.

Defaults to @samp{"remroot"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} file-name request-root
Specifies the directory that contains print jobs and other HTTP request
data.

Defaults to @samp{"/var/spool/cups"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} sandboxing sandboxing
Specifies the level of security sandboxing that is applied to print
filters, backends, and other child processes of the scheduler; either
@code{relaxed} or @code{strict}.  This directive is currently only
used/supported on macOS.

Defaults to @samp{strict}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} file-name server-keychain
Specifies the location of TLS certificates and private keys.  CUPS will
look for public and private keys in this directory: a @code{.crt} files
for PEM-encoded certificates and corresponding @code{.key} files for
PEM-encoded private keys.

Defaults to @samp{"/etc/cups/ssl"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} file-name server-root
Specifies the directory containing the server configuration files.

Defaults to @samp{"/etc/cups"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} boolean sync-on-close?
Specifies whether the scheduler calls fsync(2) after writing
configuration or state files.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} space-separated-string-list system-group
Specifies the group(s) to use for @code{@@SYSTEM} group authentication.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} file-name temp-dir
Specifies the directory where temporary files are stored.

Defaults to @samp{"/var/spool/cups/tmp"}.
@end deftypevr

@deftypevr {@code{files-configuration} parameter} string user
Specifies the user name or ID that is used when running external
programs.

Defaults to @samp{"lp"}.
@end deftypevr
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} access-log-level access-log-level
Specifies the logging level for the AccessLog file.  The @code{config}
level logs when printers and classes are added, deleted, or modified and
when configuration files are accessed or updated.  The @code{actions}
level logs when print jobs are submitted, held, released, modified, or
canceled, and any of the conditions for @code{config}.  The @code{all}
level logs all requests.

Defaults to @samp{actions}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean auto-purge-jobs?
Specifies whether to purge job history data automatically when it is no
longer required for quotas.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} browse-local-protocols browse-local-protocols
Specifies which protocols to use for local printer sharing.

Defaults to @samp{dnssd}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean browse-web-if?
Specifies whether the CUPS web interface is advertised.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean browsing?
Specifies whether shared printers are advertised.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} string classification
Specifies the security classification of the server.  Any valid banner
name can be used, including "classified", "confidential", "secret",
"topsecret", and "unclassified", or the banner can be omitted to disable
secure printing functions.

Defaults to @samp{""}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean classify-override?
Specifies whether users may override the classification (cover page) of
individual print jobs using the @code{job-sheets} option.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} default-auth-type default-auth-type
Specifies the default type of authentication to use.

Defaults to @samp{Basic}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} default-encryption default-encryption
Specifies whether encryption will be used for authenticated requests.

Defaults to @samp{Required}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} string default-language
Specifies the default language to use for text and web content.

Defaults to @samp{"en"}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} string default-paper-size
Specifies the default paper size for new print queues.  @samp{"Auto"}
uses a locale-specific default, while @samp{"None"} specifies there is
no default paper size.  Specific size names are typically
@samp{"Letter"} or @samp{"A4"}.

Defaults to @samp{"Auto"}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} string default-policy
Specifies the default access policy to use.

Defaults to @samp{"default"}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean default-shared?
Specifies whether local printers are shared by default.

Defaults to @samp{#t}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer dirty-clean-interval
Specifies the delay for updating of configuration and state files, in
seconds.  A value of 0 causes the update to happen as soon as possible,
typically within a few milliseconds.

Defaults to @samp{30}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} error-policy error-policy
Specifies what to do when an error occurs.  Possible values are
@code{abort-job}, which will discard the failed print job;
@code{retry-job}, which will retry the job at a later time;
@code{retry-this-job}, which retries the failed job immediately; and
@code{stop-printer}, which stops the printer.

Defaults to @samp{stop-printer}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer filter-limit
Specifies the maximum cost of filters that are run concurrently, which
can be used to minimize disk, memory, and CPU resource problems.  A
limit of 0 disables filter limiting.  An average print to a
non-PostScript printer needs a filter limit of about 200.  A PostScript
printer needs about half that (100).  Setting the limit below these
thresholds will effectively limit the scheduler to printing a single job
at any time.

Defaults to @samp{0}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer filter-nice
Specifies the scheduling priority of filters that are run to print a
job.  The nice value ranges from 0, the highest priority, to 19, the
lowest priority.

Defaults to @samp{0}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} host-name-lookups host-name-lookups
Specifies whether to do reverse lookups on connecting clients.  The
@code{double} setting causes @code{cupsd} to verify that the hostname
resolved from the address matches one of the addresses returned for that
hostname.  Double lookups also prevent clients with unregistered
addresses from connecting to your server.  Only set this option to
@code{#t} or @code{double} if absolutely required.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer job-kill-delay
Specifies the number of seconds to wait before killing the filters and
backend associated with a canceled or held job.

Defaults to @samp{30}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer job-retry-interval
Specifies the interval between retries of jobs in seconds.  This is
typically used for fax queues but can also be used with normal print
queues whose error policy is @code{retry-job} or
@code{retry-current-job}.

Defaults to @samp{30}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer job-retry-limit
Specifies the number of retries that are done for jobs.  This is
typically used for fax queues but can also be used with normal print
queues whose error policy is @code{retry-job} or
@code{retry-current-job}.

Defaults to @samp{5}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean keep-alive?
Specifies whether to support HTTP keep-alive connections.

Defaults to @samp{#t}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer keep-alive-timeout
Specifies how long an idle client connection remains open, in seconds.

Defaults to @samp{30}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer limit-request-body
Specifies the maximum size of print files, IPP requests, and HTML form
data.  A limit of 0 disables the limit check.

Defaults to @samp{0}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} multiline-string-list listen
Listens on the specified interfaces for connections.  Valid values are
of the form @var{address}:@var{port}, where @var{address} is either an
IPv6 address enclosed in brackets, an IPv4 address, or @code{*} to
indicate all addresses.  Values can also be file names of local UNIX
domain sockets.  The Listen directive is similar to the Port directive
but allows you to restrict access to specific interfaces or networks.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer listen-back-log
Specifies the number of pending connections that will be allowed.  This
normally only affects very busy servers that have reached the MaxClients
limit, but can also be triggered by large numbers of simultaneous
connections.  When the limit is reached, the operating system will
refuse additional connections until the scheduler can accept the pending
ones.

Defaults to @samp{128}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} location-access-control-list location-access-controls
Specifies a set of additional access controls.

Available @code{location-access-controls} fields are:

@deftypevr {@code{location-access-controls} parameter} file-name path
Specifies the URI path to which the access control applies.
@end deftypevr

@deftypevr {@code{location-access-controls} parameter} access-control-list access-controls
Access controls for all access to this path, in the same format as the
@code{access-controls} of @code{operation-access-control}.

Defaults to @samp{()}.
@end deftypevr

@deftypevr {@code{location-access-controls} parameter} method-access-control-list method-access-controls
Access controls for method-specific access to this path.

Defaults to @samp{()}.

Available @code{method-access-controls} fields are:

@deftypevr {@code{method-access-controls} parameter} boolean reverse?
If @code{#t}, apply access controls to all methods except the listed
methods.  Otherwise apply to only the listed methods.

Defaults to @samp{#f}.
@end deftypevr

@deftypevr {@code{method-access-controls} parameter} method-list methods
Methods to which this access control applies.

Defaults to @samp{()}.
@end deftypevr

@deftypevr {@code{method-access-controls} parameter} access-control-list access-controls
Access control directives, as a list of strings.  Each string should be
one directive, such as "Order allow,deny".

Defaults to @samp{()}.
@end deftypevr
@end deftypevr
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer log-debug-history
Specifies the number of debugging messages that are retained for logging
if an error occurs in a print job.  Debug messages are logged regardless
of the LogLevel setting.

Defaults to @samp{100}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} log-level log-level
Specifies the level of logging for the ErrorLog file.  The value
@code{none} stops all logging while @code{debug2} logs everything.

Defaults to @samp{info}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} log-time-format log-time-format
Specifies the format of the date and time in the log files.  The value
@code{standard} logs whole seconds while @code{usecs} logs microseconds.

Defaults to @samp{standard}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-clients
Specifies the maximum number of simultaneous clients that are allowed by
the scheduler.

Defaults to @samp{100}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-clients-per-host
Specifies the maximum number of simultaneous clients that are allowed
from a single address.

Defaults to @samp{100}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-copies
Specifies the maximum number of copies that a user can print of each
job.

Defaults to @samp{9999}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-hold-time
Specifies the maximum time a job may remain in the @code{indefinite}
hold state before it is canceled.  A value of 0 disables cancellation of
held jobs.

Defaults to @samp{0}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-jobs
Specifies the maximum number of simultaneous jobs that are allowed.  Set
to 0 to allow an unlimited number of jobs.

Defaults to @samp{500}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-jobs-per-printer
Specifies the maximum number of simultaneous jobs that are allowed per
printer.  A value of 0 allows up to MaxJobs jobs per printer.

Defaults to @samp{0}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-jobs-per-user
Specifies the maximum number of simultaneous jobs that are allowed per
user.  A value of 0 allows up to MaxJobs jobs per user.

Defaults to @samp{0}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-job-time
Specifies the maximum time a job may take to print before it is
canceled, in seconds.  Set to 0 to disable cancellation of "stuck" jobs.

Defaults to @samp{10800}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-log-size
Specifies the maximum size of the log files before they are rotated, in
bytes.  The value 0 disables log rotation.

Defaults to @samp{1048576}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} non-negative-integer multiple-operation-timeout
Specifies the maximum amount of time to allow between files in a
multiple file print job, in seconds.

Defaults to @samp{300}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} string page-log-format
Specifies the format of PageLog lines.  Sequences beginning with percent
(@samp{%}) characters are replaced with the corresponding information,
while all other characters are copied literally.  The following percent
sequences are recognized:

@table @samp
@item %%
insert a single percent character

@item %@{name@}
insert the value of the specified IPP attribute

@item %C
insert the number of copies for the current page

@item %P
insert the current page number

@item %T
insert the current date and time in common log format

@item %j
insert the job ID

@item %p
insert the printer name

@item %u
insert the username
@end table

A value of the empty string disables page logging.  The string @code{%p
%u %j %T %P %C %@{job-billing@} %@{job-originating-host-name@}
%@{job-name@} %@{media@} %@{sides@}} creates a page log with the
standard items.

Defaults to @samp{""}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} environment-variables environment-variables
Passes the specified environment variable(s) to child processes; a list
of strings.

Defaults to @samp{()}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} policy-configuration-list policies
Specifies named access control policies.

Available @code{policy-configuration} fields are:

@deftypevr {@code{policy-configuration} parameter} string name
Name of the policy.
@end deftypevr

@deftypevr {@code{policy-configuration} parameter} string job-private-access
Specifies an access list for a job's private values.  @code{@@ACL} maps
to the printer's requesting-user-name-allowed or
requesting-user-name-denied values.  @code{@@OWNER} maps to the job's
owner.  @code{@@SYSTEM} maps to the groups listed for the
@code{system-group} field of the @code{files-config} configuration,
which is reified into the @code{cups-files.conf(5)} file.  Other
possible elements of the access list include specific user names, and
@code{@@@var{group}} to indicate members of a specific group.  The
access list may also be simply @code{all} or @code{default}.

Defaults to @samp{"@@OWNER @@SYSTEM"}.
@end deftypevr

@deftypevr {@code{policy-configuration} parameter} string job-private-values
Specifies the list of job values to make private, or @code{all},
@code{default}, or @code{none}.

Defaults to @samp{"job-name job-originating-host-name
job-originating-user-name phone"}.
@end deftypevr

@deftypevr {@code{policy-configuration} parameter} string subscription-private-access
Specifies an access list for a subscription's private values.
@code{@@ACL} maps to the printer's requesting-user-name-allowed or
requesting-user-name-denied values.  @code{@@OWNER} maps to the job's
owner.  @code{@@SYSTEM} maps to the groups listed for the
@code{system-group} field of the @code{files-config} configuration,
which is reified into the @code{cups-files.conf(5)} file.  Other
possible elements of the access list include specific user names, and
@code{@@@var{group}} to indicate members of a specific group.  The
access list may also be simply @code{all} or @code{default}.

Defaults to @samp{"@@OWNER @@SYSTEM"}.
@end deftypevr

@deftypevr {@code{policy-configuration} parameter} string subscription-private-values
Specifies the list of job values to make private, or @code{all},
@code{default}, or @code{none}.

Defaults to @samp{"notify-events notify-pull-method notify-recipient-uri
notify-subscriber-user-name notify-user-data"}.
@end deftypevr

@deftypevr {@code{policy-configuration} parameter} operation-access-control-list access-controls
Access control by IPP operation.

Defaults to @samp{()}.
@end deftypevr
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean-or-non-negative-integer preserve-job-files
Specifies whether job files (documents) are preserved after a job is
printed.  If a numeric value is specified, job files are preserved for
the indicated number of seconds after printing.  Otherwise a boolean
value applies indefinitely.

Defaults to @samp{86400}.
@end deftypevr

@deftypevr {@code{cups-configuration} parameter} boolean-or-non-negative-integer preserve-job-history
Specifies whether the job history is preserved after a job is printed.
If a numeric value is specified, the job history is preserved for the