CUPS
Original author(s) | Michael Sweet |
---|---|
Developer(s) | Apple Inc., who purchased it from Easy Software Products |
Initial release | 1999-06-09 |
Stable release | 1.3.9
/ October 9, 2008 |
Repository | |
Operating system | Unix-like |
Type | Print server |
License | GNU General Public License, GNU Lesser General Public License |
Website | www.cups.org |
The Common Unix Printing System (CUPS) is a modular printing system for Unix-like computer operating systems that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer.
CUPS consists of a print spooler and scheduler, a filter system that converts the print data to a format that the printer will understand, and a backend system that sends this data to the print device. CUPS uses the Internet Printing Protocol (IPP) as the basis for managing print jobs and queues. It also provides the traditional command line interfaces for the System V and Berkeley print systems, along with limited support for the server message block (SMB) protocol. The device drivers CUPS supplies can be configured by using text files in Adobe's PostScript Printer Description (PPD) format. There are a number of user interfaces for different platforms that can configure CUPS, and it has a built-in web-based interface. CUPS is free software, provided under the GNU General Public License and GNU Lesser General Public License, Version 2.
History
Michael Sweet, who owns Easy Software Products, started developing CUPS in 1997. The first public betas appeared in 1999.[1] The original design of CUPS used the LPD protocol, but due to limitations in LPD and vendor incompatibilities the Internet Printing Protocol (IPP) was chosen instead. CUPS was quickly adopted as the default printing system for several Linux distributions, including Red Hat Linux.[citation needed] In March 2002, Apple Inc. adopted CUPS as the printing system for Mac OS X 10.2.[2] In February 2007, Apple Inc. hired chief developer Michael Sweet and purchased the CUPS source code.[3]
Overview
CUPS provides a mechanism that allows print jobs to be sent to printers in a standard fashion. The data is sent to a scheduler[4] which sends jobs to a filter system that converts the print job into a format the printer will understand.[5] The filter system then passes the data on to a backend—a special filter that sends print data to a device or network connection.[6] The system makes extensive use of PostScript and rasterization of data to convert the data into a format that is suitable for the printer.
The primary advantage of CUPS is that it is a standard and modularised printing system that can process numerous data formats on the print server. Before CUPS, it was difficult to find a standard printer management system that would accommodate the very wide variety of printers on the market using their own printer languages and formats. For instance, the System V and Berkeley printing systems were largely incompatible with each other, and they required complicated scripts and workarounds to convert the program's data format to a printable format. They often could not detect the file format that was being sent to the printer and thus could not automatically and correctly convert the data stream. Additionally, data conversion was performed on individual workstations rather than a central server.
CUPS allows printer manufacturers and printer driver developers to more easily create drivers that work natively on the print server. Processing occurs on the server, allowing for easier network-based printing than with other Unix printing systems. When used with Samba, printers can be used on remote Windows computers and generic PostScript drivers can be used for printing across the network.
Scheduler
The CUPS scheduler implements IPP Internet Printing Protocol over HTTP/1.1. A helper application (cups-lpd) converts LPD Line Printer Daemon protocol requests to IPP. The scheduler also provides a web-based interface for managing print jobs, the configuration of the server, and for documentation about CUPS itself.[4]
An authorization module controls which IPP and HTTP messages can pass through the system.[7] Once the IPP/HTTP packets are authorised they are sent to the client module, which listens for and processes incoming connections. The client module is also responsible for executing external CGI programs as needed to support web-based printers, classes, and job status monitoring and administration.[8] Once this module has processed its requests, it sends them to the IPP module which performs Uniform Resource Identifier (URI) validation to prevent a client from sidestepping any access controls or authentication on the HTTP server.[9] The URI is a text string that indicates a name or address that can be used to refer to an abstract or physical resource on a network.
The scheduler allows for classes of printers. Applications can send requests to groups of printers in a class, allowing the scheduler to direct the job to the first available printer in that class.[10] A jobs module manages print jobs, sending them to the filter and backend processes for final conversion and printing, and monitoring the status messages from those processes.[11]
The CUPS scheduler utilizes a configuration module, this parses configuration files, initializes CUPS data structures, and starts and stops the CUPS program. The configuration module will stop CUPS services during configuration file processing and then restart the service when processing is complete.[12]
A logging module handles scheduler event logging for access, error, and page log files. The main module handles timeouts and dispatch of I/O requests for client connections, watching for signals, handling child process errors and exits, and reloading the server configuration files as needed.[13]
Other modules used by the scheduler are: the MIME module, which handles a Multipurpose Internet Mail Extensions (MIME) type and conversion database that is used in the filtering process that converts print data to a format suitable for a print device;[14] a PPD module that handles a list of Postscript Printer Description (PPD) files;[15] a devices module that manages a list of devices that are available in the system;[16] and a printers module that handles printers and PPDs within CUPS.[17]
Filter system
One of CUPS' main advantages is that it can process a variety of data formats on the print server. It converts the print job data into the final language/format of the printer via a series of filters.[18][19] It does this using MIME types, as this is an Internet Standard for the format of e-mail but is useful in allowing CUPS to determine the type of file that is being processed.
MIME databases
After the print job has been assigned to the scheduler, it is passed to the CUPS filter system. This converts the data to a format suitable for the printer. During start-up, the CUPS daemon loads two MIME databases: mime.types
that defines the known file types that CUPS can accept data for, and mime.convs
that defines the programs that process each particular MIME type.[20]
The mime.types
file has the syntax:
mimetype { [file-extensions] | [pattern-match] }
For example, to detect an HTML file, the following entry would be applicable:
text/html html htm \
printable(0,1024) + (string(0,"<HTML>") string(0,"<!DOCTYPE"))
The second line matches the file contents to the specified MIME type by determining that the first kilobyte of text in the file holds printable characters and that those characters include html markup. If the pattern above is matched the filter system would mark the file as the MIME type text/html.[21]
The mime.convs
file has the syntax:
source destination cost program
The source field is the MIME type that is determined by looking up the mime.types
file, while the destination field lists the type of output requested and determines what program should be used. This is also retrieved from mime.types
. The cost field assists in the selection of sets of filters when converting a file. The last field, program, determines which filter program to use to perform the data conversion.[22]
Some examples:
text/plain application/postscript 50 texttops application/vnd.cups-postscript application/vnd.cups-raster 50 pstoraster image/* application/vnd.cups-postscript 50 imagetops image/* application/vnd.cups-raster 50 imagetoraster
Filtering process
The filtering process works by taking input data preformatted with six arguments: the name of the printer queue or print filter, the job ID of the print job, the user-name, the job-name, the number of copies to print, any print options, and the filename (though this is unnecessary if it is has been redirected from standard input).[19] It then determines the type of data that is being input and the filter to be used through the use of the MIME databases, for instance image data will be detected and processed through a particular filter and HTML data detected and processed through another filter.
This data can then be either converted into PostScript data or directly into raster data. If it is converted into postscript data an additional filter is applied called a prefilter, which runs the PostScript data through another PostScript converter so that it can add printer specific options like selecting page ranges to print, setting n-up mode and other device specific things.[23] After the pre-filtering is done, the data can either be sent directly to a CUPS backend if using a PostScript printer, or it can be passed to another filter like Foomatic by linuxprinting.org. Alternatively, it can be passed to Ghostscript, which converts the PostScript into an intermediary CUPS-raster format.[24] The intermediary raster format is then passed onto a final filter which coverts the raster data to a printer specific format. The default filters included with CUPS are: raster to PCL, raster to ESC/P or ESC/P2 (an Epson printer language, now largely superseded by their new ESC/P-Raster format) and raster to Dymo (another printer company). Currently other proprietary languages like GDI or SPL (Samsung Printer Language) are supported by Splix, a raster to SPL translator.[25]
However, there are several other alternatives that can be used with CUPS. Easy Software Products (ESP), the creators of CUPS, have released their own CUPS filters; Gutenprint (previously known as Gimp-Print) is a range of high-quality printer drivers for (mostly) inkjet printers, and Turbo-Print for Linux has another range of quality printer drivers for a wide range of printers.
Backends
The backends are the ways in which data is sent to the printer. There are several backends available for CUPS: parallel, serial, and USB ports, as well as network backends that operate via the IPP, JetDirect (AppSocket), Line Printer Daemon ("LPD") and SMB protocols.
Compatibility
CUPS provides both the System V and Berkeley printing commands so the traditional commands for printing can be used for CUPS. CUPS listens on port 515, which is the traditional LPD port (it treats this as a 'backend'). When CUPS is installed the lp
System V printing system command and the lpr
Berkeley printing system commands are installed as compatible programs. This allows a standard interface to CUPS and allows maximum compatibility with existing applications that rely on these printing systems.
Apple Computer has used CUPS as printing system in their operating system Mac OS X from Version 10.2 (Jaguar) on.
User interface tools
There are several tools created to help set up CUPS.
CUPS web-based administration interface
CUPS has a web-based administration interface that runs on port 631.[26] It is extremely useful in organisations that need to monitor print jobs and add print queues and printers remotely.
CUPS 1.0 provided a simple class, job, and printer monitoring interface for web browsers. CUPS 1.1 replaced this interface with an enhanced administration interface that allows to add, modify, delete, configure, and control classes, jobs, and printers.
CUPS 1.2 provides a revamped web interface, which features improved readability and design, support for automatically discovered printers and a better access to system logs and advanced setting.
GNOME
The GNOME CUPS Manager can be used to add new CUPS printers, and to manage CUPS printers and queues. There are other third-party applications to manage printing, for example GtkLP and its associate tool GtkLPQ, or GtkPSproc.
The widget toolkit GTK+, on which GNOME is based, included integrated printing support based on CUPS on its version 2.10, which was released in 2006.
KDE
KDEPrint for KDE is a framework containing various GUI-tools that act as CUPS front-ends and allows the administration of classes, print queues and print jobs; it includes a printer wizard to assist with adding new printers amongst other features.[27] It was added in KDE 2.2.
KDEPrint supports several different printing platforms, amongst which CUPS is one of the best supported. It replaced a previous version of printing support in KDE, qtcups and is backwards compatible with this module of KDE. kprinter, a dialogue box program, is now the main tool for sending jobs to the print device; it can also be started from the command line. KDEPrint includes a system to pre-filter any jobs before they are handed over to CUPS, or to handle jobs all on itself, such as converting files to PDF. These filters are described by a pair of Desktop/XML files.
KDEPrint's main components are a Print Dialog box, which allows printer properties to be modified, a Print Manager, which allows management of printers, such as adding and removing printers, through an Add Printer Wizard. It also includes a Job Viewer/Manager, which manages printer jobs, such as hold/release, cancel and move to another printer. There is also a CUPS configuration module that is integrated into KDE.
Mac OS X
Mac OS X comes with a printer setup utility that offers many advanced features that are available in other Unix-based distributions. It offers a more in-depth modification than Mac OS X's System Preferences preference pane "Print and Fax".
Mandrake Linux
In Mandrake Linux 10.1 a GUI for printing has been created. It is basically an interface for CUPS and allows users to add, remove and update printers, as well as the control of print jobs. This is done from a centralised configuration program that allows for CUPS server configuration in a centralised set of screens.
PrinterSetup
PrinterSetup is a system for managing CUPS' queues. It takes the approach of assigning a text file to describe each print queue. These 'PrinterSetupFiles' may then be added to other text files called 'PrinterSetupLists'. This allows logical grouping of printers. The PrinterSetup project is still in its infancy.Cite error: The <ref>
tag has too many names (see the help page).
Red Hat Linux/Fedora
Starting with Red Hat Linux 9, an integrated print manager based on CUPS and integrated into GNOME was provided. This allowed adding printers via a user interface similar to the one Microsoft Windows uses, where a new printer could be added using an add new printer wizard, along with changing default printer properties in a window containing a list of installed printers. Jobs could also be started and stopped using a print manager and the printer could be paused using a context menu that pops up when the printer icon is right-clicked.
This system was criticised by Eric Raymond in his piece The Luxury of Ignorance. Raymond had attempted to install CUPS using the Fedora Core 1 print manager and found it non-intuitive and criticised the interface designers for not designing with the user's point of view in mind. He found the idea of printer queues was not obvious because users create queues on their local computer but these queues are actually created on the CUPS server.
He also found the plethora of queue type options confusing as he could choose from between networked CUPS (IPP), networked Unix (LPD), networked Windows (SMB), networked Novell (NCP) or networked JetDirect. He found the help file singularly unhelpful and largely irrelevant to a user's needs. Raymond used CUPS as a general topic to show that user interface design on Linux desktops needs rethinking and more careful design. He stated:[28]
The meta-problem here is that the configuration wizard does all the approved rituals (GUI with standardized clicky buttons, help popping up in a browser, etc. etc.) but doesn't have the central attribute these are supposed to achieve: discoverability. That is, the quality that every point in the interface has prompts and actions attached to it from which you can learn what to do next. Does your project have this quality?
ESP Print Pro
Easy Software Products, the original creators of CUPS, created a GUI, support for many printers and implemented a PostScript RIP. Their software solution ran on Windows, UNIX and Linux.
ESP Print Pro is no longer sold. Existing customers were able to receive support through December 31, 2007.[29]
ESP Print Pro was based on the Common UNIX Printing System and provided PostScript and image file RIPs to support non-PostScript printers. ESP Print Pro was a complete printing solution that prints international text, Adobe PostScript, PDF, HP-GL/2, GIF(SM), TIFF, PNG, JPEG/JFIF, SGI RGB, Sun Raster,PhotoCD, PBM, PGM, and PPM files transparently to over 5,400 printers via serial, parallel, and network connections.
Vulnerabilities
Published 2005-01-08: A denial of service exploit in the way that CUPS processes HTTP GET requests on the server has been found. If CUPS receives a GET request with the string '/..'. then it can cause an error that can be remotely exploited. This issue was introduced in the 1.1.21 release.[30]
On December 23, 2002, security firm iDefense found a security vulnerability in CUPS version 1.1.14-5 (or more specifically, xpdf 2.01). It involved passing an integer larger than 32 bits to CUPS in a PDF file, which is then processed by the pdftops filter (which comes with xpdf). This causes an integer overflow in the pdftops program and could cause CUPS to crash as pdftops tries to access an invalid memory address. An attacker could exploit this to create a denial of service attack. The security advisory also noted that if enough data was sent to CUPS then a buffer overflow attack could be exploited. iDefense successfully created a proof of concept program that exploited the vulnerability.[31] The SecuriTeam portal have also published several proof of concept programs that exploited the bug. They also provided the lines of code that were exploitable in their security advisory.[32]
See also
Notes and references
- Easy Software Products CUPS HTTP GET Denial Of Service Vulnerability (January 13, 2005). SecurityFocus.
- Multiple security vulnerabilities in Common UNIX Printing System (CUPS) (December 19, 2002). SecuriTeam.
- ThreatAlert > CUPS HTTP GET Denial Of Service Vulnerability (January 8, 2005). PacketAlarm.
- Sweet, Michael (July 10, 2000). CUPS overview. Easy Software Products.
- CUPS software administration manual : Managing printers from the web (version 1.1.21, 2004). Easy Software Products. Retrieved January 5, 2005.
- http://www.cups.org/articles.php How-to articles and FAQs about using CUPS
- Design of CUPS Filtering System — including the context for Mac OS X ("Jaguar"). LinuxPrinting.org. Retrieved January 5, 2005.
- KDE. KDEPrint information. KDE-printing website. Retrieved January 14, 2005.
- ^ Michael Sweet (June 9, 1999), "A Bright New Future for Printing on Linux", Linux Today & followup from Michael Sweet (June 11, 1999), "The Future Brightens for Linux Printing", Linux Today.
- ^ Easy Software Products, CUPS Licensed for Use in Apple Operating Systems! (press release), March 1, 2002.
- ^ "CUPS",CUPS Purchased by Apple Inc. (press release), July 11,2007.
- ^ a b Easy Software Products, CUPS Design Description, see section "Scheduler". Last accessed January 9th, 2007
- ^ Easy Software Products, CUPS Design Description, see section "Filters". Last accessed January 9th, 2007
- ^ Easy Software Products, CUPS Design Description, see section "Backend". Last accessed January 9th, 2007
- ^ Easy Software Products. CUPS Software Design, Authorization. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, Authorisation. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Design, IPP. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, Classes. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, Jobs. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Design, Configuration. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Design, Logging. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Design, MIME. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Design, PPD. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Design, Devices. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Design, Printers. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, Filters. Last accessed January 9th, 2007.
- ^ a b Easy Software Products. CUPS Software Design, Filters. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, File Typing and Filtering. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, mime.types. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, mime.convs. Last accessed January 9th, 2007.
- ^ Easy Software Products. CUPS Software Administrators Manual, pstops. Last accessed January 9th, 2007.
- ^ The MIME type for the CUPS raster format is application/vnd.cups-raster.
- ^ Aplix home page [1]
- ^ CUPS Software Administrators Manual, "Managing Printers from the Web"
- ^ printing.kde.org Webmaster (undated). "KDEPrint Homepage". Retrieved 2008-04-02.
{{cite web}}
: Check date values in:|year=
(help)CS1 maint: year (link) - ^ "The Luxury of Ignorance: An Open-Source Horror Story"
- ^ Easy Software Products' ESP Print Pro
- ^ CUPS HTTP GET Denial Of Service Vulnerability, packetAlarm.de & Easy Software Products CUPS HTTP GET Denial Of Service Vulnerability, SecuriTeam
- ^ iDefense vulnerability notification
- ^ Multiple Security Vulnerabilities in Common UNIX Printing System (CUPS), SecuriTeam