root / pykota / trunk / conf / pykota.conf.sample @ 1400

Revision 1373, 19.5 kB (checked in by jalet, 21 years ago)

Bad doc

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1# PyKota sample configuration file
2#
3# Copy this file into the /etc/pykota/ directory
4# under the name /etc/pykota/pykota.conf
5#
6# PyKota - Print Quotas for CUPS and LPRng
7#
8# (c) 2003-2004 Jerome Alet <alet@librelogiciel.com>
9# This program is free software; you can redistribute it and/or modify
10# it under the terms of the GNU General Public License as published by
11# the Free Software Foundation; either version 2 of the License, or
12# (at your option) any later version.
13#
14# This program is distributed in the hope that it will be useful,
15# but WITHOUT ANY WARRANTY; without even the implied warranty of
16# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17# GNU General Public License for more details.
18#
19# You should have received a copy of the GNU General Public License
20# along with this program; if not, write to the Free Software
21# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
22#
23# $Id$
24#
25
26[global]
27# Storage backend for quotas
28# only PGStorage (PostgreSQL) and LDAPStorage (OpenLDAP) are supported.
29# MySQL and BerkeleyDB are planned.
30
31# the 'postgresql' value is deprecated, use 'pgstorage' instead.
32storagebackend: pgstorage
33
34# Quota Storage Server hostname (and optional port)
35# e.g. db.example.com:5432
36storageserver: localhost
37
38#
39# name of the Quota Storage Database
40storagename: pykota
41
42#
43# Quota Storage normal user's name and password
44# These two fields contain a username and optional password
45# which may give readonly access to your print quota database.
46#
47# PLEASE ENSURE THAT THIS USER CAN'T WRITE TO YOUR PRINT QUOTA
48# DATABASE, OTHERWISE ANY USER WHO COULD READ THIS CONFIGURATION
49# FILE COULD CHANGE HIS PRINT QUOTA.
50#
51storageuser: pykotauser
52# storageuserpw: Comment out if unused, or set to Quota Storage user password
53
54# Should the database caching mechanism be enabled or not ?
55# If unset, caching is disabled. Possible values Y/N/YES/NO
56# caching mechanism works with both PostgreSQL and OpenLDAP backends
57# but may be really interesting only with OpenLDAP.
58#
59# ACTIVATING CACHE MAY CAUSE PRECISION PROBLEMS IN PRINT ACCOUNTING
60# IF AN USER PRINTS ON SEVERAL PRINTERS AT THE SAME TIME.
61# YOU MAY FIND IT INTERESTING ANYWAY, ESPECIALLY FOR LDAP.
62#
63# FYI, I ALWAYS SET IT TO YES !
64#
65storagecaching: No
66
67# Should full job history be disabled ?
68# If unset or set to No, full job history is kept in the database.
69# This will be useful in the future when the report generator
70# will be written.
71# Disabling the job history can be useful with heavily loaded
72# LDAP servers, to not make the LDAP tree grow out of control.
73# Disabling the job history with the PostgreSQL backend works too
74# but it's probably less useful than with LDAP.
75disablehistory: No
76
77# LDAP example, uncomment and adapt it to your own configuration :
78#storagebackend: ldapstorage
79#storageserver: ldap://ldap.librelogiciel.com:389
80#storagename: dc=librelogiciel,dc=com
81#storageuser: cn=notadmin,dc=librelogiciel,dc=com
82#storageuserpw: abc.123
83#
84# Here we define some helpers to know where
85# to plug into an existing LDAP directory
86#userbase: ou=People,dc=librelogiciel,dc=com
87#userrdn: uid
88#balancebase: ou=People,dc=librelogiciel,dc=com
89#balancerdn: uid
90#groupbase: ou=Groups,dc=librelogiciel,dc=com
91#grouprdn: cn
92#printerbase: ou=Printers,ou=PyKota,dc=librelogiciel,dc=com
93#printerrdn: cn
94#jobbase: ou=Jobs,ou=PyKota,dc=librelogiciel,dc=com
95#userquotabase: ou=UQuotas,ou=PyKota,dc=librelogiciel,dc=com
96#groupquotabase: ou=GQuotas,ou=PyKota,dc=librelogiciel,dc=com
97#lastjobbase: ou=LastJobs,ou=PyKota,dc=librelogiciel,dc=com
98#
99# How to create new accounts and groups
100# authorized values are "below" and "attach(objectclass name)"
101#
102# "below" creates the new accounts/groups as standalone entries
103# below the above defined 'userbase' ou
104#
105# attach(objectclass name) tries to find some existing user/group
106# using the above defined 'userrdn' or 'grouprdn' and 'userbase'
107# 'groupbase', and attach the PyKota specific entries to it.
108#
109# a possible value:  newuser: attach(posixAccount)
110#newuser : below
111#newgroup : below
112#
113# LDAP attribute which stores the user's email address
114#usermail : mail
115
116#
117# Choose what attribute contains the list of group members
118# common values are : memberUid, uniqueMember, member
119#groupmembers: memberUid
120
121# Activate low-level LDAP cache yes/no
122# Nothing to do with "storagecaching" which is higher level
123# and database independant.
124# This saves some search queries and may help with heavily
125# loaded LDAP servers.
126# This is EXPERIMENTAL.
127#
128# BEWARE : SETTING THIS TO 'YES' CAUSES PROBLEMS FOR NOW
129# BETTER TO LET IT SET TO 'NO'
130ldapcache: no
131
132# Where to log ?
133# supported values : stderr, system (system means syslog, but don't use 'syslog' here)
134# if the value is not set then the default SYSTEM applies.
135logger: system
136
137# Enable debugging ? Put YES or NO there.
138# From now on, YES is the default in this sample
139# configuration file, so that debugging is activated
140# when configuring PyKota. After all works, just
141# put NO instead to save some disk space in your
142# logs.
143# Actually only database queries are logged.
144debug : Yes
145
146# Mail server to use to warn users
147# If the value is not set then localhost is used.
148smtpserver: localhost
149
150# Email domain
151# If the value is not set, and the mail attribute for the user
152# is not set in the PyKota storage, be it LDAP (see usermail directive
153# above) or PostgreSQL, then email messages are sent to
154# username@smtpserver
155#
156# If the value is set, then email messages are sent to
157# username@maildomain using the SMTP server defined above
158#
159# Set the appropriate value below, example.com set as per RFC2606.
160maildomain: example.com
161
162# Should we force usernames to be all lowercase when printing ?
163# Default is No.
164# This is a global option only.
165# Some people reported that WinXP sends mixed case usernames
166# setting 'utolower: Yes' solves the problem.
167# Of course you have to user lowercase only when adding
168# users with edpykota, because ALL database accesses are
169# still case sensitive.
170#
171# If utolower is Yes, the usernames received from the printing
172# system is converted to lowercase at the start of the cupspykota
173# backend or of the pykota filter.
174#
175# If utolower is No, which is the default, strict case checking
176# is done, this means that users 'Jerome' and 'jerome' are
177# different. Printer and groups names are ALWAYS case sensitive.
178utolower: No
179
180# What is the accounting backend to use
181#
182# supported values :
183#
184#    - querying : asks the printer for its lifetime page counter
185#                 via either SNMP, AppleTalk, or any external
186#                 command. This method is the method used by
187#                 default in PyKota since its beginning.
188#
189#    - external : delegates the job's size computation to any
190#                 external command of your choice. A stupid and
191#                 completely unreliable example, but which
192#                 shows what this command may be is :
193#
194#                   accounter: external(/bin/grep -c showpage)
195#
196#                 Another one, which should work with all DSC
197#                 compliant Postscript files :
198#
199#                   accounter: external(/bin/grep -c "%%Page:")
200#
201#    - stupid : counts the occurences of the 'showpage' postscript
202#               statement in the document to be printed.
203#               THIS IS NOT RELIABLE. This is just to serve as
204#               an example on how to implement your own accounting
205#               method.
206#
207# This value can be set either globally or on a per printer basis
208# If both are defined, the printer option has priority.
209# if not set it defaults to 'querying'.
210#
211# A script which seems to be accurate, copy it from the
212# untested/postscript directory to another place.
213# accounter: external(/usr/local/bin/pagecount.sh)
214# WARNING : it may not work when multiple copies are asked.
215#           this breaks ghostscript, I don't know why yet.
216#
217# default value
218accounter: querying
219
220# Print Quota administrator
221# These values can be set either globally or per printer or both.
222# If both are defined, the printer option has priority.
223# If these values are not set, the default admin root
224# and the default adminmail root@localhost are used.
225admin: John Doe
226adminmail: root@localhost
227
228#
229# Who should we send an email to in case a quota is reached ?
230# possible values are : DevNull, User, Admin, Both, External(some command)
231# The Both value means that the User and the Admin will receive
232# an email message.
233# The DevNull value means no email message will be sent.
234# This value can be set either globally or per printer or both.
235# If both are defined, the printer option has priority.
236# If the value is not set, then the default BOTH applies.
237#
238#   Format of the external syntax :
239#
240#       mailto: external(/usr/bin/mycommand >/dev/null)
241#
242#   You can use :
243#
244#       '%(action)s'            will contain either WARN or DENY
245#       '%(username)s'          will contain the user's name
246#       '%(printername)s'       will contain the printer's name
247#       '%(email)s'             will contain the user's email address
248#       '%(message)s'           will contain the message if you want
249#                               to use it.
250#
251#   On your command line, to pass arguments to your command.
252#   Example :
253#
254#       mailto: external(/usr/bin/callpager %(username)s "Quota problem on %(printername)s" >/dev/null)
255#
256#   To automatically send a WinPopup message (this may only work with a PDC,
257#   here the same machine does Samba as PDC + CUPS) :
258#
259#       mailto: external(echo "%(message)s"  | /usr/bin/iconv --to-code utf-8 --from-code iso-8859-15 | /usr/bin/smbclient -M "%(username)s" 2>&1 >/dev/null)
260#
261#   NB : I use ISO-8859-15, but Windows expects UTF-8, so we pipe the message
262#        into iconv before sending it to the Windows user.
263#
264# or more simply :
265#
266#       mailto: external(/usr/share/pykota/mailandpopup.sh %(username)s %(printername)s "%(email)s" "%(message)s" 2>&1 >/dev/null)
267#
268#   NB : The mailandpopup.sh shell script is now included in PyKota
269#
270#   NB : in ANY case, don't forget to redirect your command's standard output
271#        somewhere (e.g. >/dev/null) so that there's no perturbation to the
272#        underlying layer (filter or backend)
273#
274mailto: both
275
276#
277# Grace delay in days
278# This value can be set either globally or per printer or both.
279# If both are defined, the printer option has priority.
280# If the value is not set then the default seven (7) days applies.
281gracedelay: 7
282
283#
284# Poor man's threshold
285# If account balance reaches below this amount,
286# a warning message is sent by email
287#
288# If unset, default poor man's threshold is 1.0.
289# This option can only appear in the global section
290poorman: 2.0
291
292# Poor man's warning message
293# The warning message that is sent if the "poorman" value is reached
294# Again this must appear in the global section
295poorwarn: Your Print Quota account balance is low.
296 Soon you'll not be allowed to print anymore.
297
298# Soft limit reached warning message
299# The warning message that is sent if the soft quota limit is reached
300# May appear either globally or on a per-printer basis
301softwarn: Your Print Quota Soft Limit is reached.
302 This means that you may still be allowed to print for some
303 time, but you must contact your administrator to purchase
304 more print quota.
305 
306# Hard limit reached error message
307# The error message that is sent if the hard quota limit is reached
308# May appear either globally or on a per-printer basis
309hardwarn: Your Print Quota Hard Limit is reached.
310 This means that you are not allowed to print anymore.
311 Please contact your administrator at root@localhost
312 as soon as possible to solve the problem.
313
314# one section per printer, or no other section at all if all options
315# are defined globally.
316# Each section's name must be the same as the printer's queue name as defined
317# in your printing system, be it CUPS or LPRng.
318# If you don't want any special printer section, just comment out
319# the line below so that following options are global.
320[hpmarketing]
321
322# How to query the hpmarketing printer for its page counter.
323# THIS IS ONLY USED IF YOU HAVE SET 'accounter' TO 'querying'
324# JUST COMMENT IT OUT IF YOU USE ANY OTHER ACCOUNTING METHOD.
325# (it would be ignored anyway)
326#
327# In the lines below "%(printer)s" is automatically replaced
328# at run time with your printer's Fully Qualified Domain Name
329# e.g. myprinter.example.com
330#
331# Only snmp(community, oid) and external(command) are supported
332#
333# Example :
334#     requester: external(/usr/bin/snmpget -v1 -c public -Ov %(printer)s mib-2.43.10.2.1.4.1.1 | cut -f 2,2 -d " ")
335# and :
336#     requester: snmp(public, mib-2.43.10.2.1.4.1.1)
337# are equivalent
338#
339#################################################
340# NB : the 'snmp()' requester is now deprecated #
341# because it has some accuracy problems.        #
342# please use 'external()' instead.              #
343#################################################
344#
345# Another untested example, using npadmin :
346#     requester: external(/usr/bin/npadmin --pagecount %(printer)s)
347#
348# Another example, for AppleTalk printers which works fine :
349# (You may need the pap CUPS backend installed, and copy the
350# pagecount.ps file from untested/netatalk into /etc or any
351# appropriate location)
352#     requester: external(/usr/share/pykota/papwaitprinter.sh "MyPrinter:LaserWriter@*" && /usr/bin/pap -p "MyPrinter:LaserWriter@*" /usr/share/pykota/pagecount.ps  2>/dev/null | /bin/grep -v status | /bin/grep -v Connect | /usr/bin/tail -1)
353#
354# An example for parallel printers like the HP Laserjet 5MP :
355#
356#     requester: external(/bin/cat /usr/share/pykota/pagecount.pjl >/dev/lp0 && /usr/bin/head -2 </dev/lp0 | /usr/bin/tail -1)
357#
358#
359# This value can be set either globally or per printer or both.
360# If both are defined, the printer option has priority.
361#
362# NB : The SNMP oid mib-2.43.10.2.1.4.1.1 works on HP Laserjet Printers, but it may
363#      be different with other brands, refer to your printer's documentation
364#      for details. Also you may have to specify -v2c or -v3 depending on your
365#      printer's support for different versions of the SNMP specification.
366#
367#
368# Some examples and comments provided by Bob Martel from csuohio.edu
369#
370# For several printers I could not get the page count using snmpget.  I
371# resorted to snmpwalk:
372#
373# requester: external(/opt/local/net-snmp/bin/snmpwalk -v 1 -Cc -c public %(printer)s | grep mib-2.43.10.2.1.4.1.1 | cut -d " " -f4)
374#
375# The last example is still more ugly, some of the printers only provided
376# their counters without names, but at least always on the same line:
377#
378# requester: external(/opt/local/net-snmp/bin/snmpwalk -v 1 -Cc -c public -Ov %(printer)s | grep Counter32 | tail -2 | head -1 | cut -d " " -f2)
379#
380#
381# An example using netcat and a preformatted PJL job which you can find
382# in the untested/pjl directory, which is sent to a JetDirect print
383# server on port 9100 :
384#
385# requester: external(/bin/nc -w 2 %(printer)s 9100 </usr/share/pykota/pagecount.pjl | /usr/bin/tail -2)
386#
387#
388# An example using the contributed pagecount.pl script which does
389# the same as above, but should work on more printers :
390#
391# requester: external(/usr/share/pykota/pagecount.pl %(printer)s 9100)
392#
393#
394# WARNING : In any case, when using an external requester, please test the command line outside
395#           of PyKota before. This will save you some headaches in case it doesn't work as expected.
396#
397# The waitprinter.sh is there to wait until the printer is idle again.
398# This should prevent a job to be sent to the printer while another one is
399# not yet finished (not all pages are printed, but the complete job is in
400# the printer)
401requester: external(/usr/share/pykota/waitprinter.sh %(printer)s && /usr/bin/snmpget -v1 -c public -Ov %(printer)s mib-2.43.10.2.1.4.1.1 | cut -f 2,2 -d " ")
402
403# Default policy for inexistant users (e.g. root)
404# either allow or deny or external(some command here)
405# This value can be set either globally or per printer or both.
406# If both are defined, the printer option has priority.
407# If the value is not set then the default policy DENY applies.
408# ATTENTION :
409#     Before 1.04 the default value was ALLOW, but unknown users
410#     allowed to print causes accuracy problems : their jobs are
411#     charged to the next person who prints on the same printer.
412# There's no policy wrt inexistant groups, they are ignored.
413#
414# external policy can be used to launch any external command of your choice,
415# for example to automatically add the user to the quota storage
416# if he is unknown. Example :
417#
418#       policy: external(/usr/bin/edpykota --add --printer %(printername)s --softlimit 50 --hardlimit 60 %(username)s >/dev/null)
419#
420# Of course you can launch any command of your choice with this, e.g. :
421#
422#       policy: external(/usr/local/bin/myadminscript.sh %(username)s >/dev/null)
423
424# You can use :
425#
426#       '%(username)s'          will contain the user's name
427#       '%(printername)s'       will contain the printer's name
428#
429#   On your command line, to pass arguments to your command.
430#
431#   NB : Don't forget to redirect your command's standard output somewhere
432#        (e.g. >/dev/null) so that there's no perturbation to the underlying
433#        layer (filter or backend)
434#
435# If the user still doesn't exist after external policy command was
436# launched (the external command didn't add it), or if an error occured
437# during the execution of the external policy command, the job is rejected.
438#
439policy: deny
440
441# Pre and Post Hooks
442# These directives allow the easy plug-in of any command of your choice
443# at different phases of PyKota's execution.
444# Pre and Post Hooks can access some of PyKota's internal information
445# by reading environment variables as described below.
446# The actual phase of PyKota's execution is available in the
447# PYKOTAPHASE environment variable.
448# Pre and Post Hooks can be defined either globally, per printer,
449# or both if both are defined, the printer specific hook has
450# priority.
451#
452# List of available environment variables :
453# NB : Most of these variables are also available during the execution
454# of external commands defined in the accounter, requester or mailto
455# directives.
456#
457# PYKOTAPHASE : BEFORE or AFTER the job is sent to the printer
458# PYKOTACTION : ALLOW or DENY or WARN for current print job
459# PYKOTAUSERNAME : user's name
460# PYKOTAPRINTERNAME : printer's name
461# PYKOTAJOBID : job's id
462# PYKOTATITLE : job's title
463# PYKOTAFILENAME : job's filename
464# PYKOTACOPIES : number of copies
465# PYKOTAOPTIONS : job's options
466# PYKOTABALANCE : user's account balance
467# PYKOTALIFETIMEPAID : user's grand total paid
468# PYKOTAPAGECOUNTER : user's page counter on this printer
469# PYKOTALIFEPAGECOUNTER : user's life time page counter on this printer
470# PYKOTASOFTLIMIT : user's soft page limit on this printer
471# PYKOTAHARDLIMIT : user's hard page limit on this printer
472# PYKOTADATELIMIT : user's soft to hard limit date limit on this printer
473
474# PreHook : gets executed after being sure the user, printer and user quota
475# entry on the printer both exist in the PyKota database, and after
476# checking if the user is allowed to print or not, but just before
477# the job is sent to the printer (if allowed)
478# prehook has access to many environment variables :
479#
480# PYKOTAACTION contains either "ALLOW", "WARN" or "DENY" and
481# represents the action which is to be done wrt the print job.
482# PYKOTAPHASE contains 'BEFORE' during execution of prehook
483#
484# uncomment the line below to see what environment variables are available
485# prehook: /usr/bin/printenv >/tmp/before
486
487# PostHook : gets executed after the job has been added to the history.
488# posthook has access to all the environment variables defined above,
489# as well as two additionnal environment variables : PYKOTAJOBPRICE
490# and PYKOTAJOBSIZE.
491# PYKOTAPHASE contains 'AFTER' during execution of posthook.
492#
493# uncomment the line below to see what environment variables are available
494#posthook: /usr/bin/printenv >/tmp/after
Note: See TracBrowser for help on using the browser.