root / pykota / trunk / conf / pykota.conf.sample @ 1220

Revision 1197, 14.1 kB (checked in by jalet, 21 years ago)

Bad example on external policy. Now fixed.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1# PyKota sample configuration file
2#
3# Copy this file into the /etc/pykota/ directory
4# under the name /etc/pykota/pykota.conf
5#
6# PyKota - Print Quotas for CUPS and LPRng
7#
8# (c) 2003 Jerome Alet <alet@librelogiciel.com>
9# This program is free software; you can redistribute it and/or modify
10# it under the terms of the GNU General Public License as published by
11# the Free Software Foundation; either version 2 of the License, or
12# (at your option) any later version.
13#
14# This program is distributed in the hope that it will be useful,
15# but WITHOUT ANY WARRANTY; without even the implied warranty of
16# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17# GNU General Public License for more details.
18#
19# You should have received a copy of the GNU General Public License
20# along with this program; if not, write to the Free Software
21# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
22#
23# $Id$
24#
25
26[global]
27# Storage backend for quotas
28# only PGStorage (PostgreSQL) and LDAPStorage (OpenLDAP) are supported.
29# MySQL and BerkeleyDB are planned.
30
31# the 'postgresql' value is deprecated, use 'pgstorage' instead.
32storagebackend: pgstorage
33
34# Quota Storage Server hostname (and optional port)
35# e.g. db.mydomain.com:5432
36storageserver: localhost
37
38#
39# name of the Quota Storage Database
40storagename: pykota
41
42#
43# Quota Storage normal user's name and password
44# These two fields contain a username and optional password
45# which may give readonly access to your print quota database.
46#
47# PLEASE ENSURE THAT THIS USER CAN'T WRITE TO YOUR PRINT QUOTA
48# DATABASE, OTHERWISE ANY USER WHO COULD READ THIS CONFIGURATION
49# FILE COULD CHANGE HIS PRINT QUOTA.
50#
51storageuser: pykotauser
52# storageuserpw: Comment out if unused, or set to Quota Storage user password
53
54# Should the database caching mechanism be enabled or not ?
55# If unset, caching is disabled. Possible values Y/N/YES/NO
56# caching mechanism works with both PostgreSQL and OpenLDAP backends
57# but may be really interesting only with OpenLDAP.
58#
59# ACTIVATING CACHE MAY CAUSE PRECISION PROBLEMS IN PRINT ACCOUNTING
60# IF AN USER PRINTS ON SEVERAL PRINTERS AT THE SAME TIME.
61# YOU MAY FIND IT INTERESTING ANYWAY, ESPECIALLY FOR LDAP.
62#
63storagecaching: No
64
65# Should full job history be disabled ?
66# If unset or set to No, full job history is kept in the database.
67# This will be useful in the future when the report generator
68# will be written.
69# Disabling the job history can be useful with heavily loaded
70# LDAP servers, to not make the LDAP tree grow out of control.
71# Disabling the job history with the PostgreSQL backend works too
72# but it's probably less useful than with LDAP.
73disablehistory: No
74
75# LDAP example, uncomment and adapt it to your own configuration :
76#storagebackend: ldapstorage
77#storageserver: ldap://ldap.librelogiciel.com:389
78#storagename: dc=librelogiciel,dc=com
79#storageuser: cn=notadmin,dc=librelogiciel,dc=com
80#storageuserpw: abc.123
81#
82# Here we define some helpers to know where
83# to plug into an existing LDAP directory
84#userbase: ou=People,dc=librelogiciel,dc=com
85#userrdn: uid
86#balancebase: ou=People,dc=librelogiciel,dc=com
87#balancerdn: uid
88#groupbase: ou=Groups,dc=librelogiciel,dc=com
89#grouprdn: cn
90#printerbase: ou=Printers,ou=PyKota,dc=librelogiciel,dc=com
91#printerrdn: cn
92#jobbase: ou=Jobs,ou=PyKota,dc=librelogiciel,dc=com
93#userquotabase: ou=UQuotas,ou=PyKota,dc=librelogiciel,dc=com
94#groupquotabase: ou=GQuotas,ou=PyKota,dc=librelogiciel,dc=com
95#lastjobbase: ou=LastJobs,ou=PyKota,dc=librelogiciel,dc=com
96#
97# How to create new accounts and groups
98# authorized values are "below" and "attach(objectclass name)"
99#
100# "below" creates the new accounts/groups as standalone entries
101# below the above defined 'userbase' ou
102#
103# attach(objectclass name) tries to find some existing user/group
104# using the above defined 'userrdn' or 'grouprdn' and 'userbase'
105# 'groupbase', and attach the PyKota specific entries to it.
106#
107# a possible value:  newuser: attach(posixAccount)
108#newuser : below
109#newgroup : below
110#
111# LDAP attribute which stores the user's email address
112#usermail : mail
113
114#
115# Choose what attribute contains the list of group members
116# common values are : memberUid, uniqueMember, member
117#groupmembers: memberUid
118
119# Where to log ?
120# supported values : stderr, system (system means syslog, but don't use 'syslog' here)
121# if the value is not set then the default SYSTEM applies.
122logger: system
123
124# Enable debugging ? Put YES or NO there.
125# From now on, YES is the default in this sample
126# configuration file, so that debugging is activated
127# when configuring PyKota. After all works, just
128# put NO instead to save some disk space in your
129# logs.
130# Actually only database queries are logged.
131debug : No
132
133# Mail server to use to warn users
134# If the value is not set then localhost is used.
135smtpserver: localhost
136
137# What is the accounting backend to use
138#
139# supported values :
140#
141#    - querying : asks the printer for its lifetime page counter
142#                 via either SNMP, AppleTalk, or any external
143#                 command. This method is the method used by
144#                 default in PyKota since its beginning.
145#
146#    - external : delegates the job's size computation to any
147#                 external command of your choice. A stupid and
148#                 completely unreliable example, but which
149#                 shows what this command may be is :
150#
151#                   accounter: external(/bin/grep -c showpage)
152#
153#                 Another one, which should work with all DSC
154#                 compliant Postscript files :
155#
156#                   accounter: external(/bin/grep -c "%%Page:")
157#
158#    - stupid : counts the occurences of the 'showpage' postscript
159#               statement in the document to be printed.
160#               THIS IS NOT RELIABLE. This is just to serve as
161#               an example on how to implement your own accounting
162#               method.
163#
164# This value can be set either globally or on a per printer basis
165# If both are defined, the printer option has priority.
166# if not set it defaults to 'querying'.
167#
168# A script which seems to be accurate, copy it from the
169# untested/postscript directory to another place.
170# accounter: external(/usr/local/bin/pagecount.sh)
171# WARNING : it may not work when multiple copies are asked.
172#           this breaks ghostscript, I don't know why yet.
173#
174# default value
175accounter: querying
176
177# Print Quota administrator
178# These values can be set either globally or per printer or both.
179# If both are defined, the printer option has priority.
180# If these values are not set, the default admin root
181# and the default adminmail root@localhost are used.
182admin: John Doe
183adminmail: root@localhost
184
185#
186# Who should we send an email to in case a quota is reached ?
187# possible values are : DevNull, User, Admin, Both, External(some command)
188# The Both value means that the User and the Admin will receive
189# an email message.
190# The DevNull value means no email message will be sent.
191# This value can be set either globally or per printer or both.
192# If both are defined, the printer option has priority.
193# If the value is not set, then the default BOTH applies.
194#
195#   For mailto: external(/usr/bin/mycommand >/dev/null)
196#
197#   You can use :
198#
199#       '%(action)s'            will contain either WARN or DENY
200#       '%(username)s'          will contain the user's name
201#       '%(printername)s'       will contain the printer's name
202#       '%(email)s'             will contain the user's email address
203#       '%(message)s'           will contain the message if you want
204#                               use it.
205#
206#   On your command line, to pass arguments to your command.
207#   Example :
208#
209#       mailto: external(/usr/bin/callpager %(username)s "Quota problem on %(printername)s" >/dev/null)
210#
211#   NB : Don't forget to redirect your command's standard output somewhere
212#        (e.g. >/dev/null) so that there's no perturbation to the underlying
213#        layer (filter or backend)
214#
215mailto: both
216
217#
218# Grace delay in days
219# This value can be set either globally or per printer or both.
220# If both are defined, the printer option has priority.
221# If the value is not set then the default seven (7) days applies.
222gracedelay: 7
223
224#
225# Poor man's threshold
226# If account balance reaches below this amount,
227# a warning message is sent by email
228#
229# If unset, default poor man's threshold is 1.0.
230# This option can only appear in the global section
231poorman: 2.0
232
233# Poor man's warning message
234# The warning message that is sent if the "poorman" value is reached
235# Again this must appear in the global section
236poorwarn: Your Print Quota account balance is low.
237 Soon you'll not be allowed to print anymore.
238
239# Soft limit reached warning message
240# The warning message that is sent if the soft quota limit is reached
241# May appear either globally or on a per-printer basis
242softwarn: Your Print Quota Soft Limit is reached.
243 This means that you may still be allowed to print for some
244 time, but you must contact your administrator to purchase
245 more print quota.
246 
247# Hard limit reached error message
248# The error message that is sent if the hard quota limit is reached
249# May appear either globally or on a per-printer basis
250hardwarn: Your Print Quota Hard Limit is reached.
251 This means that you are not allowed to print anymore.
252 Please contact your administrator at root@localhost
253 as soon as possible to solve the problem.
254
255# one section per printer, or no other section at all if all options
256# are defined globally.
257# Each section's name must be the same as the printer's queue name as defined
258# in your printing system, be it CUPS or LPRng.
259# If you don't want any special printer section, just comment out
260# the line below so that following options are global.
261[hpmarketing]
262
263# How to query the hpmarketing printer for its page counter.
264# THIS IS ONLY USED IF YOU HAVE SET 'accounter' TO 'querying'
265# JUST COMMENT IT OUT IF YOU USE ANY OTHER ACCOUNTING METHOD.
266# (it would be ignored anyway)
267#
268# In the lines below "%(printer)s" is automatically replaced
269# at run time with your printer's Fully Qualified Domain Name
270# e.g. myprinter.domain.com
271#
272# Only snmp(community, oid) and external(command) are supported
273#
274# Example :
275#     requester: external(/usr/bin/snmpget -v1 -c public -Ov %(printer)s mib-2.43.10.2.1.4.1.1 | cut -f 2,2 -d " ")
276# and :
277#     requester: snmp(public, mib-2.43.10.2.1.4.1.1)
278# are equivalent
279#
280# Another untested example, using npadmin :
281#     requester: external(/usr/bin/npadmin --pagecount %(printer)s)
282#
283# Another example, for AppleTalk printers which works fine :
284# (You may need the pap CUPS backend installed, and copy the
285# pagecount.ps file from untested/netatalk into /etc or any
286# appropriate location)
287#     requester: external(/usr/bin/pap -p "MyPrinter:LaserWriter" /etc/pagecount.ps  2>/dev/null | grep -v status | grep -v Connect | tail -1)
288#
289# This value can be set either globally or per printer or both.
290# If both are defined, the printer option has priority.
291#
292# NB : The SNMP oid mib-2.43.10.2.1.4.1.1 works on HP Laserjet Printers, but it may
293#      be different with other brands, refer to your printer's documentation
294#      for details. Also you may have to specify -v2c or -v3 depending on your
295#      printer's support for different versions of the SNMP specification.
296#
297#
298# Some examples and comments provided by Bob Martel from csuohio.edu
299#
300# For several printers I could not get the page count using snmpget.  I
301# resorted to snmpwalk:
302#
303# requester: external(/opt/local/net-snmp/bin/snmpwalk -v 1 -Cc -c public %(printer)s | grep mib-2.43.10.2.1.4.1.1 | cut -d " " -f4)
304#
305# The last example is still more ugly, some of the printers only provided
306# their counters without names, but at least always on the same line:
307#
308# requester: external(/opt/local/net-snmp/bin/snmpwalk -v 1 -Cc -c public -Ov %(printer)s | grep Counter32 | tail -2 | head -1 | cut -d " " -f2)
309#
310#
311# An example using netcat and a preformatted PJL job which you can find
312# in the untested/pjl directory, which is sent to a JetDirect print
313# server on port 9100 :
314#
315# requester: external(/bin/nc -w 2 %(printer)s 9100 <pagecount.pjl | /usr/bin/tail -2)
316#
317#
318# WARNING : In any case, when using an external requester, please test the command line outside
319#           of PyKota before. This will save you some headaches in case it doesn't work as expected.
320#
321# The waitprinter.sh is there to wait until the printer is idle again.
322# This should prevent a job to be sent to the printer while another one is
323# not yet finished (not all pages are printed, but the complete job is in
324# the printer)
325requester: external(/usr/bin/waitprinter.sh %(printer)s && /usr/bin/snmpget -v1 -c public -Ov %(printer)s mib-2.43.10.2.1.4.1.1 | cut -f 2,2 -d " ")
326
327# Default policy for inexistant users (e.g. root)
328# either allow or deny or external(some command here)
329# This value can be set either globally or per printer or both.
330# If both are defined, the printer option has priority.
331# If the value is not set then the default policy DENY applies.
332# ATTENTION :
333#     Before 1.04 the default value was ALLOW, but unknown users
334#     allowed to print causes accuracy problems : their jobs are
335#     charged to the next person who prints on the same printer.
336# There's no policy wrt inexistant groups, they are ignored.
337#
338# external policy can be used to launch any external command of your choice,
339# for example to automatically add the user to the quota storage
340# if he is unknown. Example :
341#
342#       policy: external(/usr/bin/edpykota --add --printer %(printername)s --softlimit 50 --hardlimit 60 %(username)s >/dev/null)
343#
344# Of course you can launch any command of your choice with this, e.g. :
345#
346#       policy: external(/usr/local/bin/myadminscript.sh %(username)s >/dev/null)
347
348# You can use :
349#
350#       '%(username)s'          will contain the user's name
351#       '%(printername)s'       will contain the printer's name
352#
353#   On your command line, to pass arguments to your command.
354#
355#   NB : Don't forget to redirect your command's standard output somewhere
356#        (e.g. >/dev/null) so that there's no perturbation to the underlying
357#        layer (filter or backend)
358#
359# If the user still doesn't exist after external policy command was
360# launched (the external command didn't add it), or if an error occured
361# during the execution of the external policy command, the job is rejected.
362#
363policy: deny
Note: See TracBrowser for help on using the browser.