Switch xorg to modular, so that it fits with the prebuilt packages.
[dragonfly.git] / share / man / man5 / rc.conf.5
CommitLineData
984263bc
MD
1.\" Copyright (c) 1995
2.\" Jordan K. Hubbard
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\" notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\" notice, this list of conditions and the following disclaimer in the
11.\" documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
445243bf 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $
fb013651
SW
26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.39 2007/06/02 23:53:26 swildner Exp $
27.Dd June 2, 2007
984263bc
MD
28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
445243bf
RG
38started up at system initial boot time.
39In new installations, the
984263bc 40.Nm
d566b9ec 41file is generally initialized by the installer.
984263bc
MD
42.Pp
43The purpose of
44.Nm
45is not to run commands or perform system startup actions
445243bf
RG
46directly.
47Instead, it is included by the
984263bc
MD
48various generic startup scripts in
49.Pa /etc
50which conditionalize their
51internal actions according to the settings found there.
52.Pp
53The
54.Pa /etc/rc.conf
55file is included from the file
56.Pa /etc/defaults/rc.conf ,
57which specifies the default settings for all the available options.
445243bf 58Options need only be specified in
984263bc
MD
59.Pa /etc/rc.conf
60when the system administrator wishes to override these defaults.
61The file
62.Pa /etc/rc.conf.local
63is used to override settings in
64.Pa /etc/rc.conf
65for historical reasons.
66See the
445243bf
RG
67.Va rc_conf_files
68variable below.
984263bc
MD
69.Pp
70The following list provides a name and short description for each
71variable that can be set in the
72.Nm
73file:
445243bf
RG
74.Bl -tag -width indent-two
75.It Va rc_debug
76.Pq Vt bool
77If set to
78.Dq Li YES ,
79enable output of debug messages from rc scripts.
80This variable can be helpful in diagnosing mistakes when
81editing or integrating new scripts.
82Beware that this produces copious output to the terminal and
83.Xr syslog 3 .
84.It Va rc_info
85.Pq Vt bool
86If set to
87.Dq Li NO ,
88disable informational messages from the rc scripts.
89Informational messages are displayed when
90a condition that is not serious enough to warrant a warning or
91an error occurs.
984263bc
MD
92.It Va swapfile
93.Pq Vt str
94If set to
445243bf
RG
95.Dq Li NO ,
96no swapfile is installed, otherwise the value is used as the full
984263bc
MD
97pathname to a file to use for additional swap space.
98.It Va apm_enable
99.Pq Vt bool
100If set to
445243bf 101.Dq Li YES ,
984263bc
MD
102enable support for Automatic Power Management with
103the
104.Xr apm 8
105command.
106.It Va apmd_enable
107.Pq Vt bool
108Run
109.Xr apmd 8
110to handle APM event from userland.
445243bf 111This also enables support for APM.
984263bc
MD
112.It Va apmd_flags
113.Pq Vt str
114If
115.Va apmd_enable
116is set to
445243bf 117.Dq Li YES ,
984263bc
MD
118these are the flags to pass to the
119.Xr apmd 8
120daemon.
50449d08
LF
121.It Va battd_enable
122Enable
fd5819c4 123.Xr battd 8
50449d08
LF
124to monitor the status of batteries present in the system.
125This also enables support for APM.
126.It Va battd_flags
127.Pq Vt str
128If
129.Va battd_enable
130is set to
131.Dq Li YES ,
132these are the flags to pass to the
fd5819c4 133.Xr battd 8
50449d08 134daemon.
984263bc
MD
135.It Va pccard_ifconfig
136.Pq Vt str
137List of arguments to be passed to
138.Xr ifconfig 8
139at boot time or on
445243bf
RG
140insertion of the card (e.g.\&
141.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0
142for a fixed address or
143.Dq Li DHCP
144for a DHCP client).
984263bc
MD
145.It Va pccard_ether_delay
146.Pq Vt str
147Set the delay before starting
148.Xr dhclient 8
445243bf
RG
149in the
150.Pa /etc/pccard_ether
984263bc
MD
151script.
152This defaults to 5 seconds to work around a bug in the
153.Xr ed 4
154driver which can lead to system hangs when using some newer
155.Xr ed 4
156based cards.
445243bf
RG
157.It Va removable_interfaces
158.Pq Vt str
159List of removable network interfaces to be supported by
160.Pa /etc/pccard_ether .
984263bc
MD
161.It Va local_startup
162.Pq Vt str
163List of directories to search for startup script files.
164.It Va script_name_sep
165.Pq Vt str
166The field separator to use for breaking down the list of startup script files
167into individual filenames.
168The default is a space.
169It is not necessary to change this unless there are startup scripts with names
170containing spaces.
171.It Va hostname
172.Pq Vt str
445243bf 173The fully qualified domain name (FQDN) of this host on the network.
984263bc
MD
174This should almost certainly be set to something meaningful, even if
175there is no network connection.
176If
177.Xr dhclient 8
178is used to set the hostname via DHCP,
179this variable should be set to an empty string.
445243bf
RG
180.It Va ipv6_enable
181.Pq Vt bool
182Enable support for IPv6 networking.
183Note that this requires that the kernel have been compiled with
184.Cd "options INET6" .
984263bc
MD
185.It Va nisdomainname
186.Pq Vt str
187The NIS domain name of this host, or
445243bf 188.Dq Li NO
984263bc 189if NIS is not used.
445243bf 190.It Va dhclient_program
984263bc
MD
191.Pq Vt str
192Path to the DHCP client program
193.Pa ( /sbin/dhclient ,
194the ISC DHCP client,
195is the default).
445243bf 196.It Va dhclient_flags
984263bc
MD
197.Pq Vt str
198Additional flags to pass to the DHCP client program.
199For the ISC DHCP client, see the
200.Xr dhclient 8
445243bf
RG
201manpage for a description of the command line options available.
202.It Va background_dhclient
203.Pq Vt bool
204Set to
205.Dq Li YES
850afac2 206to start the DHCP client in background.
445243bf
RG
207This can cause trouble with applications depending on
208a working network, but it will provide a faster startup
209in many cases.
850afac2
SW
210.It Va dhcpd_enable
211.Pq Vt bool
212Set to
213.Dq Li YES
214to run
215.Xr dhcpd 8
216at system boot time.
217.It Va dhcrelay_enable
218.Pq Vt bool
219Set to
220.Dq Li YES
221to run
222.Xr dhcrelay 8
27e9fed5
SW
223.It Va pf_enable
224.Pq Vt bool
225Set to
226.Dq Li YES
227to load
228.Xr pf 4
229at startup.
230If the kernel was not built with
231.Cd "device pf" ,
232the
233.Pa pf.ko
234kernel module will be loaded.
235See also
236.Va firewall_enable
237and
238.Va ipfilter_enable .
239.It Va pf_rules
240.Pq Vt str
241Path to the
242.Xr pf 4
243ruleset definition file.
244.It Va pf_program
245.Pq Vt str
246Path to
247.Xr pfctl 8 .
248.It Va pf_flags
249.Pq Vt str
250If
251.Va pf_enable
252is set to
253.Dq Li YES ,
254these are the flags to pass to
255.Xr pfctl 8
256when loading the ruleset.
257.It Va pflog_enable
258.Pq Vt bool
259Set this to
260.Dq Li YES
261to enable
262.Xr pflogd 8
263which logs packets from
264.Xr pf 4 .
265.It Va pflog_logfile
266.Pq Vt str
267If
268.Va pflog_enable
269is set to
270.Dq Li YES
271this specifies the path of the log file.
272.It Va pflog_program
273.Pq Vt str
274Path to
275.Xr pflogd 8 .
276.It Va pflog_flags
277.Pq Vt str
278If
279.Va pflog_enable
280is set to
281.Dq Li YES ,
282these are the flags to pass to
283.Xr pflogd 8 .
984263bc
MD
284.It Va firewall_enable
285.Pq Vt bool
286Set to
445243bf 287.Dq Li YES
984263bc
MD
288to load firewall rules at startup.
289If the kernel was not built with
445243bf
RG
290.Cd "options IPFIREWALL" ,
291the
292.Pa ipfw.ko
984263bc
MD
293kernel module will be loaded.
294See also
27e9fed5
SW
295.Va pf_enable
296and
984263bc 297.Va ipfilter_enable .
445243bf
RG
298.It Va ipv6_firewall_enable
299.Pq Vt bool
300The IPv6 equivalent of
301.Va firewall_enable .
302Set to
303.Dq Li YES
304to load IPv6 firewall rules at startup.
305If the kernel was not built with
306.Cd "options IPV6FIREWALL" ,
307the
308.Pa ip6fw.ko
309kernel module will be loaded.
984263bc
MD
310.It Va firewall_script
311.Pq Vt str
312This variable specifies the full path to the firewall script to run.
313The default is
314.Pa /etc/rc.firewall .
445243bf
RG
315.It Va ipv6_firewall_script
316.Pq Vt str
317The IPv6 equivalent of
318.Va firewall_script .
984263bc
MD
319.It Va firewall_type
320.Pq Vt str
321Names the firewall type from the selection in
322.Pa /etc/rc.firewall ,
445243bf
RG
323or the file which contains the local firewall ruleset.
324Valid selections from
325.Pa /etc/rc.firewall
326are:
327.Pp
328.Bl -tag -width ".Li simple" -compact
329.It Li open
330unrestricted IP access
331.It Li closed
332all IP services disabled, except via
333.Dq Li lo0
334.It Li client
d7b5790d 335basic protection for a workstation on a LAN
445243bf 336.It Li simple
d7b5790d
SW
337alias for
338.Li client .
445243bf
RG
339.El
340.Pp
341If a filename is specified, the full path
984263bc 342must be given.
d7b5790d 343.It Va firewall_trusted_nets
9534e380 344.Pq Vt str
d7b5790d
SW
345List of trusted networks (if
346.Va firewall_type
347is set to
348.Li client ) .
349.It Va firewall_trusted_interfaces
9534e380 350.Pq Vt str
d7b5790d
SW
351List of trusted network interfaces (if
352.Va firewall_type
353is set to
354.Li client ) .
355.It Va firewall_allowed_icmp_types
9534e380 356.Pq Vt str
d7b5790d
SW
357List of allowed ICMP types (if
358.Va firewall_type
359is set to
360.Li client ) .
361.It Va firewall_open_tcp_ports
9534e380 362.Pq Vt str
d7b5790d
SW
363List of TCP ports to open (if
364.Va firewall_type
365is set to
366.Li client ) .
367.It Va firewall_open_udp_ports
9534e380 368.Pq Vt str
d7b5790d
SW
369List of UDP ports to open (if
370.Va firewall_type
371is set to
372.Li client ) .
445243bf
RG
373.It Va ipv6_firewall_type
374.Pq Vt str
375The IPv6 equivalent of
376.Va firewall_type .
984263bc
MD
377.It Va firewall_quiet
378.Pq Vt bool
379Set to
445243bf
RG
380.Dq Li YES
381to disable the display of firewall rules on the console during boot.
382.It Va ipv6_firewall_quiet
383.Pq Vt bool
384The IPv6 equivalent of
385.Va firewall_quiet .
984263bc
MD
386.It Va firewall_logging
387.Pq Vt bool
388Set to
445243bf
RG
389.Dq Li YES
390to enable firewall event logging.
984263bc
MD
391This is equivalent to the
392.Dv IPFIREWALL_VERBOSE
393kernel option.
445243bf
RG
394.It Va ipv6_firewall_logging
395.Pq Vt bool
396The IPv6 equivalent of
397.Va firewall_logging .
984263bc
MD
398.It Va firewall_flags
399.Pq Vt str
400Flags passed to
401.Xr ipfw 8
402if
403.Va firewall_type
404specifies a filename.
445243bf
RG
405.It Va ipv6_firewall_flags
406.Pq Vt str
407The IPv6 equivalent of
408.Va firewall_flags .
984263bc
MD
409.It Va natd_program
410.Pq Vt str
411Path to
412.Xr natd 8 .
413.It Va natd_enable
414.Pq Vt bool
415Set to
445243bf
RG
416.Dq Li YES
417to enable
418.Xr natd 8 .
984263bc
MD
419.Va firewall_enable
420must also be set to
445243bf 421.Dq Li YES ,
984263bc
MD
422and
423.Xr divert 4
424sockets must be enabled in the kernel.
425.It Va natd_interface
426.Pq Vt str
445243bf
RG
427This is the name of the public interface on which
428.Xr natd 8
429should run.
984263bc
MD
430The interface may be given as an interface name or as an IP address.
431.It Va natd_flags
432.Pq Vt str
445243bf
RG
433Additional
434.Xr natd 8
435flags should be placed here.
436The
984263bc
MD
437.Fl n
438or
439.Fl a
440flag is automatically added with the above
441.Va natd_interface
442as an argument.
443.\" ----- ipfilter_enable setting --------------------------------
444.It Va ipfilter_enable
445.Pq Vt bool
446Set to
445243bf 447.Dq Li NO
984263bc
MD
448by default.
449Setting this to
445243bf 450.Dq Li YES
984263bc
MD
451enables
452.Xr ipf 8
453packet filtering.
454.Pp
455Typical usage will require putting
456.Bd -literal
457ipfilter_enable="YES"
458ipnat_enable="YES"
459ipmon_enable="YES"
460ipfs_enable="YES"
461.Ed
462.Pp
463into
464.Pa /etc/rc.conf
465and editing
466.Pa /etc/ipf.rules
467and
468.Pa /etc/ipnat.rules
469appropriately.
470.Pp
471Note that
472.Va ipfilter_enable
473and
474.Va ipnat_enable
475can be enabled independently.
476.Va ipmon_enable
477and
478.Va ipfs_enable
479both require at least one of
480.Va ipfilter_enable
481and
482.Va ipnat_enable
483to be enabled.
484.Pp
485Having
486.Bd -literal
445243bf
RG
487options IPFILTER
488options IPFILTER_LOG
489options IPFILTER_DEFAULT_BLOCK
984263bc
MD
490.Ed
491.Pp
492in the kernel configuration file is a good idea, too.
27e9fed5
SW
493See also
494.Va pf_enable
495and
496.Va firewall_enable .
984263bc
MD
497.\" ----- ipfilter_program setting ------------------------------
498.It Va ipfilter_program
499.Pq Vt str
500Path to
501.Xr ipf 8
502(default
503.Pa /sbin/ipf ) .
504.\" ----- ipfilter_rules setting --------------------------------
505.It Va ipfilter_rules
506.Pq Vt str
507Set to
445243bf 508.Pa /etc/ipf.rules
984263bc
MD
509by default.
510This variable contains the name of the filter rule definition file.
511The file is expected to be readable for the
512.Xr ipf 8
513command to execute.
445243bf
RG
514.\" ----- ipv6_ipfilter_rules setting ---------------------------
515.It Va ipv6_ipfilter_rules
516.Pq Vt str
517Set to
518.Pa /etc/ipf6.rules
519by default.
520This variable contains the IPv6 filter rule definition file.
521The file is expected to be readable for the
522.Xr ipf 8
523command to execute.
984263bc
MD
524.\" ----- ipfilter_flags setting --------------------------------
525.It Va ipfilter_flags
526.Pq Vt str
527Empty by default.
528This variable contains flags passed to the
529.Xr ipf 8
530program.
531.\" ----- ipnat_enable setting ----------------------------------
532.It Va ipnat_enable
533.Pq Vt bool
534Set to
445243bf 535.Dq Li NO
984263bc
MD
536by default.
537Set it to
445243bf 538.Dq Li YES
984263bc 539to enable
a523caf4 540.Xr ipnat 8
984263bc
MD
541network address translation.
542See
543.Va ipfilter_enable
544for a detailed discussion.
545.\" ----- ipnat_program setting ---------------------------------
546.It Va ipnat_program
547.Pq Vt str
548Path to
a523caf4 549.Xr ipnat 8
984263bc
MD
550(default
551.Pa /sbin/ipnat ) .
552.\" ----- ipnat_rules setting -----------------------------------
553.It Va ipnat_rules
554.Pq Vt str
555Set to
445243bf 556.Pa /etc/ipnat.rules
984263bc
MD
557by default.
558This variable contains the name of the file
559holding the network address translation definition.
560This file is expected to be readable for the
a523caf4 561.Xr ipnat 8
984263bc
MD
562command to execute.
563.\" ----- ipnat_flags setting -----------------------------------
564.It Va ipnat_flags
565.Pq Vt str
566Empty by default.
567This variable contains flags passed to the
a523caf4 568.Xr ipnat 8
984263bc
MD
569program.
570.\" ----- ipmon_enable setting ----------------------------------
571.It Va ipmon_enable
572.Pq Vt bool
573Set to
445243bf 574.Dq Li NO
984263bc
MD
575by default.
576Set it to
445243bf 577.Dq Li YES
984263bc
MD
578to enable
579.Xr ipmon 8
580monitoring (logging
581.Xr ipf 8
582and
a523caf4 583.Xr ipnat 8
984263bc
MD
584events).
585Setting this variable needs setting
586.Va ipfilter_enable
587or
588.Va ipnat_enable
589too.
590See
591.Va ipfilter_enable
592for a detailed discussion.
593.\" ----- ipmon_program setting ---------------------------------
594.It Va ipmon_program
595.Pq Vt str
596Path to
597.Xr ipmon 8
598(default
599.Pa /sbin/ipmon ) .
600.\" ----- ipmon_flags setting -----------------------------------
601.It Va ipmon_flags
602.Pq Vt str
603Set to
445243bf 604.Dq Li -Ds
984263bc
MD
605by default.
606This variable contains flags passed to the
607.Xr ipmon 8
608program.
609Another typical example would be
445243bf 610.Dq Fl D Pa /var/log/ipflog
984263bc
MD
611to have
612.Xr ipmon 8
613log directly to a file bypassing
614.Xr syslogd 8 .
615Make sure to adjust
616.Pa /etc/newsyslog.conf
617in such case like this:
618.Bd -literal
619/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
620.Ed
621.\" ----- ipfs_enable setting -----------------------------------
622.It Va ipfs_enable
623.Pq Vt bool
624Set to
445243bf 625.Dq Li NO
984263bc
MD
626by default.
627Set it to
445243bf 628.Dq Li YES
984263bc
MD
629to enable
630.Xr ipfs 8
631saving the filter and NAT state tables during shutdown
632and reloading them during startup again.
633Setting this variable needs setting
634.Va ipfilter_enable
635or
636.Va ipnat_enable
637to
445243bf 638.Dq Li YES
984263bc
MD
639too.
640See
641.Va ipfilter_enable
642for a detailed discussion.
643Note that if
644.Va kern_securelevel
645is set to 3,
646.Va ipfs_enable
647cannot be used
648because the raised securelevel will prevent
649.Xr ipfs 8
650from saving the state tables at shutdown time.
651.\" ----- ipfs_program setting ----------------------------------
652.It Va ipfs_program
653.Pq Vt str
654Path to
655.Xr ipfs 8
656(default
657.Pa /sbin/ipfs ) .
658.\" ----- ipfs_flags setting ------------------------------------
659.It Va ipfs_flags
660.Pq Vt str
661Empty by default.
662This variable contains flags passed to the
663.Xr ipfs 8
664program.
665.\" ----- end of added ipf hook ---------------------------------
666.It Va tcp_extensions
667.Pq Vt bool
668Set to
445243bf 669.Dq Li YES
984263bc 670by default.
445243bf
RG
671Setting this to
672.Dq Li NO
673disables certain TCP options as described by
984263bc 674.Rs
445243bf 675.%T "RFC 1323"
984263bc
MD
676.Re
677Setting this to
445243bf 678.Dq Li NO
984263bc
MD
679might help remedy such problems with connections as randomly hanging
680or other weird behavior.
681Some network devices are known
682to be broken with respect to these options.
683.It Va log_in_vain
684.Pq Vt int
685Set to 0 by default.
686The
687.Xr sysctl 8
688variables,
445243bf 689.Va net.inet.tcp.log_in_vain
984263bc 690and
445243bf 691.Va net.inet.udp.log_in_vain ,
984263bc
MD
692as described in
693.Xr tcp 4
694and
695.Xr udp 4 ,
696are set to the given value.
697.It Va tcp_keepalive
698.Pq Vt bool
699Set to
445243bf 700.Dq Li YES
984263bc 701by default.
445243bf
RG
702Setting to
703.Dq Li NO
704will disable probing idle TCP connections to verify that the
984263bc
MD
705peer is still up and reachable.
706.It Va tcp_drop_synfin
707.Pq Vt bool
708Set to
445243bf 709.Dq Li NO
984263bc 710by default.
445243bf
RG
711Setting to
712.Dq Li YES
713will cause the kernel to ignore TCP frames that have both
984263bc
MD
714the SYN and FIN flags set.
715This prevents OS fingerprinting, but may
716break some legitimate applications.
717This option is only available if the
718kernel was built with the
719.Dv TCP_DROP_SYNFIN
720option.
721.It Va icmp_drop_redirect
722.Pq Vt bool
723Set to
445243bf 724.Dq Li NO
984263bc 725by default.
445243bf
RG
726Setting to
727.Dq Li YES
728will cause the kernel to ignore ICMP REDIRECT packets.
729Refer to
730.Xr icmp 4
731for more information.
984263bc
MD
732.It Va icmp_log_redirect
733.Pq Vt bool
734Set to
445243bf 735.Dq Li NO
984263bc 736by default.
445243bf
RG
737Setting to
738.Dq Li YES
739will cause the kernel to log ICMP REDIRECT packets.
984263bc
MD
740Note that
741the log messages are not rate-limited, so this option should only be used
742for troubleshooting networks.
445243bf
RG
743Refer to
744.Xr icmp 4
745for more information.
746.It Va icmp_bmcastecho
747.Pq Vt bool
748Set to
749.Dq Li YES
750to respond to broadcast or multicast ICMP ping packets.
751Refer to
752.Xr icmp 4
753for more information.
754.It Va ip_portrange_first
755.Pq Vt int
756If not set to
757.Dq Li NO ,
758this is the first port in the default portrange.
759Refer to
760.Xr ip 4
761for more information.
762.It Va ip_portrange_last
763.Pq Vt int
764If not set to
765.Dq Li NO ,
766this is the last port in the default portrange.
767Refer to
768.Xr ip 4
769for more information.
984263bc
MD
770.It Va network_interfaces
771.Pq Vt str
772Set to the list of network interfaces to configure on this host.
773For example, if the only network devices in the system are the loopback
774device
445243bf
RG
775.Pq Li lo0
776and a NIC using the
777.Xr ed 4
778driver,
984263bc 779this could be set to
445243bf 780.Dq Li "lo0 ed0" .
984263bc
MD
781An
782.Va ifconfig_ Ns Aq Ar interface
783variable is also assumed to exist for each value of
784.Ar interface .
445243bf 785It is also possible to add IP alias entries here in cases where
984263bc
MD
786multiple IP addresses registered against a single interface
787are desired.
445243bf
RG
788Assuming that the interface in question was
789.Li ed0 ,
790it might look
984263bc
MD
791something like this:
792.Bd -literal
793ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
794ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
795.Ed
796.Pp
797And so on.
798For each
799.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
800entry that is found,
801its contents are passed to
802.Xr ifconfig 8 .
803Execution stops at the first unsuccessful access, so if
804something like this is present:
805.Bd -literal
806ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
807ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
808ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
809ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
810.Ed
811.Pp
812Then note that alias4 would
813.Em not
814be added since the search would
815stop with the missing alias3 entry.
816.Pp
445243bf
RG
817If the
818.Pa /etc/start_if. Ns Aq Ar interface
819file is present, it is read and executed by the
820.Xr sh 1
821interpreter
822before configuring the interface as specified in the
823.Va ifconfig_ Ns Aq Ar interface
824and
825.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
826variables.
827.Pp
984263bc
MD
828It is possible to bring up an interface with DHCP by setting the
829.Va ifconfig_ Ns Aq Ar interface
830variable to
445243bf
RG
831.Dq Li DHCP .
832For instance, to initialize the
833.Li ed0
834device via DHCP,
984263bc
MD
835it is possible to use something like:
836.Bd -literal
837ifconfig_ed0="DHCP"
838.Ed
445243bf
RG
839.It Va ipv6_network_interfaces
840.Pq Vt str
841This is the IPv6 equivalent of
842.Va network_interfaces .
843Instead of setting the ifconfig variables as
844.Va ifconfig_ Ns Aq Ar interface
845they should be set as
846.Va ipv6_ifconfig_ Ns Aq Ar interface .
847Aliases should be set as
848.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
849.Va ipv6_prefix_ Ns Aq Ar interface
850does something.
851Interfaces that do not have a
852.Va ipv6_ifconfig_ Ns Aq Ar interface
853setting will be auto configured by
854.Xr rtsol 8
855if the
856.Va ipv6_gateway_enable
857is set to
858.Dq Li NO .
859Note that the IPv6 networking code does not support the
860.Pa /etc/start_if. Ns Aq Ar interface
861files.
862.It Va ipv6_default_interface
863.Pq Vt str
864If not set to
865.Dq Li NO ,
866this is the default output interface for scoped addresses.
867Now this works only for IPv6 link local multicast addresses.
984263bc
MD
868.It Va cloned_interfaces
869.Pq Vt str
870Set to the list of clonable network interfaces to create on this host.
871Entries in
872.Va cloned_interfaces
873are automatically appended to
874.Va network_interfaces
875for configuration.
876.It Va gif_interfaces
877.Pq Vt str
878Set to the list of
879.Xr gif 4
880tunnel interfaces to configure on this host.
881A
882.Va gifconfig_ Ns Aq Ar interface
883variable is assumed to exist for each value of
884.Ar interface .
885The value of this variable is used to configure the link layer of the
886tunnel according to the syntax of the
887.Cm tunnel
888option to
889.Xr ifconfig 8 .
445243bf 890Additionally, this option ensures that each listed interface is created
984263bc
MD
891via the
892.Cm create
893option to
894.Xr ifconfig 8
895before attempting to configure it.
445243bf
RG
896.It Va sppp_interfaces
897.Pq Vt str
898Set to the list of
899.Xr sppp 4
900interfaces to configure on this host.
901A
902.Va spppconfig_ Ns Aq Ar interface
903variable is assumed to exist for each value of
904.Ar interface .
905Each interface should also be configured by a general
906.Va ifconfig_ Ns Aq Ar interface
907setting.
908Refer to
909.Xr spppcontrol 8
910for more information about available options.
984263bc
MD
911.It Va ppp_enable
912.Pq Vt bool
913If set to
445243bf 914.Dq Li YES ,
984263bc
MD
915run the
916.Xr ppp 8
917daemon.
918.It Va ppp_mode
919.Pq Vt str
920Mode in which to run the
921.Xr ppp 8
445243bf
RG
922daemon.
923Accepted modes are
924.Dq Li auto ,
925.Dq Li ddial ,
926.Dq Li direct
984263bc 927and
445243bf 928.Dq Li dedicated .
984263bc
MD
929See the manual for a full description.
930.It Va ppp_nat
931.Pq Vt bool
932If set to
445243bf
RG
933.Dq Li YES ,
934enables network address translation.
984263bc
MD
935Used in conjunction with
936.Va gateway_enable
937allows hosts on private network addresses access to the Internet using
938this host as a network address translating router.
939.It Va ppp_profile
940.Pq Vt str
941The name of the profile to use from
942.Pa /etc/ppp/ppp.conf .
943.It Va ppp_user
944.Pq Vt str
445243bf
RG
945The name of the user under which
946.Xr ppp 8
947should be started.
984263bc 948By
445243bf
RG
949default,
950.Xr ppp 8
951is started as
952.Dq Li root .
984263bc
MD
953.It Va rc_conf_files
954.Pq Vt str
955This option is used to specify a list of files that will override
956the settings in
957.Pa /etc/defaults/rc.conf .
958The files will be read in the order in which they are specified and should
959include the full path to the file.
960By default, the files specified are
961.Pa /etc/rc.conf
962and
963.Pa /etc/rc.conf.local
964.It Va fsck_y_enable
965.Pq Vt bool
966If set to
445243bf 967.Dq Li YES ,
984263bc 968.Xr fsck 8
445243bf
RG
969will be run with the
970.Fl y
971flag if the initial preen
972of the file systems fails.
973.It Va netfs_types
974.Pq Vt str
975List of file system types that are network-based.
976This list should generally not be modified by end users.
977Use
978.Va extra_netfs_types
979instead.
980.It Va extra_netfs_types
981.Pq Vt str
982If set to something other than
983.Dq Li NO
984(the default),
985this variable extends the list of file system types
986for which automatic mounting at startup by
987.Xr rc 8
988should be delayed until the network is initialized.
989It should contain
990a whitespace-separated list of network file system descriptor pairs,
991each consisting of a file system type as passed to
992.Xr mount 8
993and a human-readable, one-word description,
994joined with a colon
995.Pq Ql \&: .
996Extending the default list in this way is only necessary
997when third party file system types are used.
984263bc
MD
998.It Va syslogd_enable
999.Pq Vt bool
1000If set to
445243bf 1001.Dq Li YES ,
984263bc
MD
1002run the
1003.Xr syslogd 8
1004daemon.
1005.It Va syslogd_program
1006.Pq Vt str
1007Path to
1008.Xr syslogd 8
1009(default
1010.Pa /usr/sbin/syslogd ) .
1011.It Va syslogd_flags
1012.Pq Vt str
1013If
1014.Va syslogd_enable
1015is set to
445243bf 1016.Dq Li YES ,
984263bc
MD
1017these are the flags to pass to
1018.Xr syslogd 8 .
1019.It Va inetd_enable
1020.Pq Vt bool
1021If set to
445243bf 1022.Dq Li YES ,
984263bc
MD
1023run the
1024.Xr inetd 8
1025daemon.
1026.It Va inetd_program
1027.Pq Vt str
1028Path to
1029.Xr inetd 8
1030(default
1031.Pa /usr/sbin/inetd ) .
1032.It Va inetd_flags
1033.Pq Vt str
1034If
1035.Va inetd_enable
1036is set to
445243bf 1037.Dq Li YES ,
984263bc
MD
1038these are the flags to pass to
1039.Xr inetd 8 .
1040.It Va named_enable
1041.Pq Vt bool
1042If set to
445243bf 1043.Dq Li YES ,
984263bc
MD
1044run the
1045.Xr named 8
1046daemon.
1047.It Va named_program
1048.Pq Vt str
1049Path to
1050.Xr named 8
1051(default
1052.Pa /usr/sbin/named ) .
1053.It Va named_flags
1054.Pq Vt str
1055If
1056.Va named_enable
1057is set to
445243bf 1058.Dq Li YES ,
984263bc
MD
1059these are the flags to pass to
1060.Xr named 8 .
445243bf
RG
1061.It Va named_pidfile
1062.Pq Vt str
1063This is the default path to the
1064.Xr named 8
1065daemon's PID file.
1066Change it if you change the location in
a523caf4 1067.Pa /etc/namedb/named.conf .
445243bf
RG
1068.It Va named_chrootdir
1069.Pq Vt str
1070The root directory for a name server run in a
1071.Xr chroot 8
1072environment.
1073If left empty
1074.Xr named 8
1075will not be run in a
1076.Xr chroot 8
1077environment.
984263bc
MD
1078.It Va kerberos5_server_enable
1079.Pq Vt bool
1080Set to
445243bf 1081.Dq Li YES
984263bc
MD
1082to start a Kerberos 5 authentication server
1083at boot time.
221b91ff 1084.It Va kerberos5_server_program
445243bf
RG
1085.Pq Vt str
1086If
1087.Va kerberos5_server_enable
1088is set to
1089.Dq Li YES
1090this is the path to Kerberos 5 Authentication Server.
984263bc
MD
1091.It Va kadmind5_server_enable
1092.Pq Vt bool
1093Set to
445243bf 1094.Dq Li YES
984263bc 1095to start
445243bf 1096.Xr kadmind 8 ,
984263bc 1097the Kerberos 5 Administration Daemon; set to
445243bf 1098.Dq Li NO
984263bc 1099on a slave server.
221b91ff 1100.It Va kadmind5_server_program
445243bf
RG
1101.Pq Vt str
1102If
1103.Va kadmind5_server_enable
1104is set to
1105.Dq Li YES
1106this is the path to Kerberos 5 Administration Daemon.
1107.It Va kpasswdd_server_enable
1108.Pq Vt bool
1109Set to
1110.Dq Li YES
1111to start
1112.Xr kpasswdd 8 ,
1113the Kerberos 5 Password-Changing Daemon; set to
1114.Dq Li NO
1115on a slave server.
221b91ff 1116.It Va kpasswdd_server_program
445243bf
RG
1117.Pq Vt str
1118If
1119.Va kpasswdd_server_enable
1120is set to
1121.Dq Li YES
1122this is the path to Kerberos 5 Password-Changing Daemon.
984263bc
MD
1123.It Va rwhod_enable
1124.Pq Vt bool
1125If set to
445243bf 1126.Dq Li YES ,
984263bc
MD
1127run the
1128.Xr rwhod 8
1129daemon at boot time.
1130.It Va rwhod_flags
1131.Pq Vt str
1132If
1133.Va rwhod_enable
1134is set to
445243bf 1135.Dq Li YES ,
984263bc
MD
1136these are the flags to pass to it.
1137.It Va amd_enable
1138.Pq Vt bool
1139If set to
445243bf 1140.Dq Li YES ,
984263bc
MD
1141run the
1142.Xr amd 8
1143daemon at boot time.
1144.It Va amd_flags
1145.Pq Vt str
1146If
1147.Va amd_enable
1148is set to
445243bf 1149.Dq Li YES ,
984263bc
MD
1150these are the flags to pass to it.
1151See the
1152.Xr amd 8
445243bf 1153manpage for more information.
984263bc
MD
1154.It Va amd_map_program
1155.Pq Vt str
1156If set,
1157the specified program is run to get the list of
1158.Xr amd 8
1159maps.
1160For example, if the
1161.Xr amd 8
1162maps are stored in NIS, one can set this to
1163run
1164.Xr ypcat 1
1165to get a list of
1166.Xr amd 8
1167maps from the
1168.Pa amd.master
1169NIS map.
1170.It Va update_motd
1171.Pq Vt bool
1172If set to
445243bf 1173.Dq Li YES ,
984263bc
MD
1174.Pa /etc/motd
1175will be updated at boot time to reflect the kernel release
445243bf
RG
1176being run.
1177If set to
1178.Dq Li NO ,
984263bc 1179.Pa /etc/motd
445243bf 1180will not be updated.
984263bc
MD
1181.It Va nfs_client_enable
1182.Pq Vt bool
1183If set to
445243bf 1184.Dq Li YES ,
984263bc 1185run the NFS client daemons at boot time.
850afac2
SW
1186.It Va nfs_client_flags
1187.Pq Vt str
1188If
1189.Va nfs_client_enable
1190is set to
1191.Dq Li YES ,
1192these are the flags to pass to the
1193.Xr nfsiod 8
1194daemon.
984263bc
MD
1195.It Va nfs_access_cache
1196.Pq Vt int
1197If
1198.Va nfs_client_enable
1199is set to
445243bf 1200.Dq Li YES ,
984263bc 1201this can be set to
445243bf 1202.Dq Li 0
984263bc
MD
1203to disable NFS ACCESS RPC caching, or to the number of seconds for which
1204NFS ACCESS
1205results should be cached.
d615ff4f
MD
1206A value of 2-10 seconds will substantially reduce network traffic for
1207many NFS operations. The default is 5 seconds. Note that the attribute
3221afbe 1208cache holds stat information only. The NFS data cache is independent
d615ff4f
MD
1209of the attribute cache and is only invalidated when the client detects that
1210the server has modified the underlying file. This value specifies a
1211maximum timeout. The NFS client will automatically use a shorter timeout
1212for files which have been recently modified.
1213.It Va nfs_neg_cache
1214.Pq Vt int
1215If
1216.Va nfs_client_enable
1217is set to
1218.Dq Li YES ,
1219this can be set to
1220.Dq Li 0
3f5e28f4 1221to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent
d615ff4f
MD
1222filenames), or to the number of seconds for which negative lookups should
1223be cached.
984263bc 1224A value of 2-10 seconds will substantially reduce network
d615ff4f
MD
1225traffic for many NFS operations, especially source code builds. The
1226default is 3 seconds.
984263bc
MD
1227.It Va nfs_server_enable
1228.Pq Vt bool
1229If set to
445243bf 1230.Dq Li YES ,
984263bc
MD
1231run the NFS server daemons at boot time.
1232.It Va nfs_server_flags
1233.Pq Vt str
1234If
1235.Va nfs_server_enable
1236is set to
445243bf 1237.Dq Li YES ,
984263bc
MD
1238these are the flags to pass to the
1239.Xr nfsd 8
1240daemon.
445243bf 1241.It Va mountd_enable
984263bc
MD
1242.Pq Vt bool
1243If set to
445243bf 1244.Dq Li YES ,
984263bc
MD
1245and no
1246.Va nfs_server_enable
1247is set, start
1248.Xr mountd 8 ,
1249but not
1250.Xr nfsd 8
1251daemon.
1252It is commonly needed to run CFS without real NFS used.
1253.It Va mountd_flags
1254.Pq Vt str
1255If
1256.Va mountd_enable
1257is set to
1258.Dq Li YES ,
1259these are the flags to pass to the
445243bf 1260.Xr mountd 8
984263bc
MD
1261daemon.
1262.It Va weak_mountd_authentication
1263.Pq Vt bool
1264If set to
445243bf 1265.Dq Li YES ,
984263bc
MD
1266allow services like PCNFSD to make non-privileged mount
1267requests.
1268.It Va nfs_reserved_port_only
1269.Pq Vt bool
1270If set to
445243bf 1271.Dq Li YES ,
984263bc
MD
1272provide NFS services only on a secure port.
1273.It Va nfs_bufpackets
1274.Pq Vt int
1275If set to a number, indicates the number of packets worth of
1276socket buffer space to reserve on an NFS client.
1277The kernel default is typically 4.
1278Using a higher number may be
1279useful on gigabit networks to improve performance.
1280The minimum value is
12812 and the maximum is 64.
72067a39
MD
1282.It Va rpc_umntall_enable
1283.Pq Vt bool
1284If set to
1285.Dq Li YES
1286(default) and we are also an NFS client, run
1287.Xr rpc.umntall 8
1288at boot time to clear out old mounts on remote servers.
1289If set to
1290.Dq Li NO
1291then
1292.Xr rpc.umntall 8
1293will not be run at boot time.
984263bc
MD
1294.It Va rpc_lockd_enable
1295.Pq Vt bool
1296If set to
445243bf 1297.Dq Li YES
984263bc
MD
1298and also an NFS server, run
1299.Xr rpc.lockd 8
1300at boot time.
1301.It Va rpc_statd_enable
1302.Pq Vt bool
1303If set to
445243bf 1304.Dq Li YES
984263bc
MD
1305and also an NFS server, run
1306.Xr rpc.statd 8
1307at boot time.
445243bf 1308.It Va rpcbind_program
984263bc
MD
1309.Pq Vt str
1310Path to
445243bf 1311.Xr rpcbind 8
984263bc 1312(default
445243bf
RG
1313.Pa /usr/sbin/rpcbind ) .
1314.It Va rpcbind_enable
984263bc
MD
1315.Pq Vt bool
1316If set to
445243bf 1317.Dq Li YES ,
984263bc 1318run the
445243bf 1319.Xr rpcbind 8
984263bc 1320service at boot time.
445243bf 1321.It Va rpcbind_flags
984263bc
MD
1322.Pq Vt str
1323If
445243bf 1324.Va rpcbind_enable
984263bc 1325is set to
445243bf 1326.Dq Li YES ,
984263bc 1327these are the flags to pass to the
445243bf 1328.Xr rpcbind 8
984263bc 1329daemon.
445243bf 1330.It Va keyserv_enable
984263bc
MD
1331.Pq Vt bool
1332If set to
445243bf
RG
1333.Dq Li YES ,
1334run the
1335.Xr keyserv 8
1336daemon on boot for running Secure RPC.
1337.It Va keyserv_flags
984263bc
MD
1338.Pq Vt str
1339If
445243bf 1340.Va keyserv_enable
984263bc 1341is set to
445243bf
RG
1342.Dq Li YES ,
1343these are the flags to pass to
1344.Xr keyserv 8
984263bc
MD
1345daemon.
1346.It Va pppoed_enable
1347.Pq Vt bool
1348If set to
445243bf
RG
1349.Dq Li YES ,
1350run the
984263bc
MD
1351.Xr pppoed 8
1352daemon at boot time to provide PPP over Ethernet services.
850afac2 1353.It Va pppoed_provider
984263bc
MD
1354.Pq Vt str
1355.Xr pppoed 8
850afac2 1356listens to requests to this provider and ultimately runs
984263bc
MD
1357.Xr ppp 8
1358with a
1359.Ar system
1360argument of the same name.
1361.It Va pppoed_flags
1362.Pq Vt str
1363Additional flags to pass to
1364.Xr pppoed 8 .
1365.It Va pppoed_interface
1366.Pq Vt str
445243bf
RG
1367The network interface to run
1368.Xr pppoed 8
1369on.
1370This is mandatory when
984263bc
MD
1371.Va pppoed_enable
1372is set to
445243bf 1373.Dq Li YES .
984263bc 1374.It Va timed_enable
445243bf
RG
1375.Pq Vt bool
1376If set to
1377.Dq Li YES ,
1378run the
984263bc 1379.Xr timed 8
445243bf
RG
1380service at boot time.
1381This command is intended for networks of
984263bc 1382machines where a consistent
445243bf
RG
1383.Dq "network time"
1384for all hosts must be established.
1385This is often useful in large NFS
984263bc
MD
1386environments where time stamps on files are expected to be consistent
1387network-wide.
1388.It Va timed_flags
1389.Pq Vt str
1390If
1391.Va timed_enable
1392is set to
445243bf 1393.Dq Li YES ,
984263bc
MD
1394these are the flags to pass to the
1395.Xr timed 8
1396service.
445243bf 1397.It Va ntpd_enable
984263bc
MD
1398.Pq Vt bool
1399If set to
445243bf
RG
1400.Dq Li YES ,
1401run the
984263bc
MD
1402.Xr ntpd 8
1403command at boot time.
445243bf 1404.It Va ntpd_program
984263bc
MD
1405.Pq Vt str
1406Path to
1407.Xr ntpd 8
1408(default
1409.Pa /usr/sbin/ntpd ) .
445243bf 1410.It Va ntpd_flags
984263bc
MD
1411.Pq Vt str
1412If
445243bf 1413.Va ntpd_enable
984263bc 1414is set to
445243bf 1415.Dq Li YES ,
984263bc
MD
1416these are the flags to pass to the
1417.Xr ntpd 8
52630837
SW
1418daemon. Set to
1419.Dq Li -s
1420by default which sets the time immediately at startup if the
1421local clock is off by more than 180 seconds. To prevent
1422.Xr ntpd 8
1423from doing this, set
1424.Va ntpd_flags
1425to
1426.Dq Li -S .
850afac2
SW
1427.It Va dntpd_enable
1428.Pq Vt bool
1429If set to
1430.Dq Li YES ,
1431run
1432.Xr dntpd 8
1433at system boot time.
1434.It Va dntpd_program
1435.Pq Vt str
1436Path to
1437.Xr dntpd 8
1438(default
1439.Pa /usr/sbin/dntpd ) .
1440.It Va dntpd_flags
1441.Pq Vt str
1442If
1443.Va dntpd_enable
1444is set to
1445.Dq Li YES ,
1446these are the flags to pass to the
1447.Xr dntpd 8
1448daemon.
984263bc
MD
1449.It Va nis_client_enable
1450.Pq Vt bool
1451If set to
445243bf
RG
1452.Dq Li YES ,
1453run the
984263bc
MD
1454.Xr ypbind 8
1455service at system boot time.
1456.It Va nis_client_flags
1457.Pq Vt str
1458If
1459.Va nis_client_enable
1460is set to
445243bf 1461.Dq Li YES ,
984263bc
MD
1462these are the flags to pass to the
1463.Xr ypbind 8
1464service.
1465.It Va nis_ypset_enable
1466.Pq Vt bool
1467If set to
445243bf
RG
1468.Dq Li YES ,
1469run the
984263bc
MD
1470.Xr ypset 8
1471daemon at system boot time.
1472.It Va nis_ypset_flags
1473.Pq Vt str
1474If
1475.Va nis_ypset_enable
1476is set to
445243bf 1477.Dq Li YES ,
984263bc
MD
1478these are the flags to pass to the
1479.Xr ypset 8
1480daemon.
1481.It Va nis_server_enable
1482.Pq Vt bool
1483If set to
445243bf
RG
1484.Dq Li YES ,
1485run the
984263bc
MD
1486.Xr ypserv 8
1487daemon at system boot time.
1488.It Va nis_server_flags
1489.Pq Vt str
1490If
1491.Va nis_server_enable
1492is set to
445243bf 1493.Dq Li YES ,
984263bc
MD
1494these are the flags to pass to the
1495.Xr ypserv 8
1496daemon.
1497.It Va nis_ypxfrd_enable
1498.Pq Vt bool
1499If set to
445243bf
RG
1500.Dq Li YES ,
1501run the
984263bc
MD
1502.Xr rpc.ypxfrd 8
1503daemon at system boot time.
1504.It Va nis_ypxfrd_flags
1505.Pq Vt str
1506If
1507.Va nis_ypxfrd_enable
1508is set to
445243bf 1509.Dq Li YES ,
984263bc
MD
1510these are the flags to pass to the
1511.Xr rpc.ypxfrd 8
1512daemon.
1513.It Va nis_yppasswdd_enable
1514.Pq Vt bool
1515If set to
445243bf
RG
1516.Dq Li YES ,
1517run the
984263bc
MD
1518.Xr rpc.yppasswdd 8
1519daemon at system boot time.
1520.It Va nis_yppasswdd_flags
1521.Pq Vt str
1522If
1523.Va nis_yppasswdd_enable
1524is set to
445243bf 1525.Dq Li YES ,
984263bc
MD
1526these are the flags to pass to the
1527.Xr rpc.yppasswdd 8
1528daemon.
445243bf
RG
1529.It Va rpc_ypupdated_enable
1530.Pq Vt bool
1531If set to
1532.Dq Li YES ,
1533run the
1534.Nm rpc.ypupdated
1535daemon at system boot time.
984263bc
MD
1536.It Va defaultrouter
1537.Pq Vt str
1538If not set to
445243bf
RG
1539.Dq Li NO ,
1540create a default route to this host name or IP address
984263bc
MD
1541(use an IP address if this router is also required to get to the
1542name server!).
445243bf
RG
1543.It Va ipv6_defaultrouter
1544.Pq Vt str
1545The IPv6 equivalent of
1546.Va defaultrouter .
984263bc
MD
1547.It Va static_routes
1548.Pq Vt str
1549Set to the list of static routes that are to be added at system
445243bf
RG
1550boot time.
1551If not set to
1552.Dq Li NO
984263bc
MD
1553then for each whitespace separated
1554.Ar element
1555in the value, a
1556.Va route_ Ns Aq Ar element
1557variable is assumed to exist
1558whose contents will later be passed to a
445243bf
RG
1559.Dq Nm route Cm add
1560operation.
1561.It Va ipv6_static_routes
1562.Pq Vt str
1563The IPv6 equivalent of
1564.Va static_routes .
1565If not set to
1566.Dq Li NO
1567then for each whitespace separated
1568.Ar element
1569in the value, a
1570.Va ipv6_route_ Ns Aq Ar element
1571variable is assumed to exist
1572whose contents will later be passed to a
1573.Dq Nm route Cm add Fl inet6
984263bc
MD
1574operation.
1575.It Va gateway_enable
1576.Pq Vt bool
1577If set to
445243bf
RG
1578.Dq Li YES ,
1579configure host to act as an IP router, e.g. to forward packets
984263bc 1580between interfaces.
445243bf
RG
1581.It Va ipv6_gateway_enable
1582.Pq Vt bool
1583The IPv6 equivalent of
1584.Va gateway_enable .
984263bc
MD
1585.It Va router_enable
1586.Pq Vt bool
1587If set to
445243bf
RG
1588.Dq Li YES ,
1589run a routing daemon of some sort, based on the
984263bc 1590settings of
221b91ff 1591.Va router_program
984263bc
MD
1592and
1593.Va router_flags .
445243bf
RG
1594.It Va ipv6_router_enable
1595.Pq Vt bool
1596The IPv6 equivalent of
1597.Va router_enable .
1598If set to
1599.Dq Li YES ,
1600run a routing daemon of some sort, based on the
1601settings of
221b91ff 1602.Va ipv6_router_program
445243bf
RG
1603and
1604.Va ipv6_router_flags .
221b91ff 1605.It Va router_program
984263bc
MD
1606.Pq Vt str
1607If
1608.Va router_enable
1609is set to
445243bf 1610.Dq Li YES ,
984263bc 1611this is the name of the routing daemon to use.
221b91ff 1612.It Va ipv6_router_program
445243bf
RG
1613.Pq Vt str
1614The IPv6 equivalent of
221b91ff 1615.Va router_program .
984263bc
MD
1616.It Va router_flags
1617.Pq Vt str
1618If
1619.Va router_enable
1620is set to
445243bf 1621.Dq Li YES ,
984263bc 1622these are the flags to pass to the routing daemon.
445243bf
RG
1623.It Va ipv6_router_flags
1624.Pq Vt str
1625The IPv6 equivalent of
1626.Va router_flags .
984263bc
MD
1627.It Va mrouted_enable
1628.Pq Vt bool
1629If set to
445243bf
RG
1630.Dq Li YES ,
1631run the multicast routing daemon,
984263bc 1632.Xr mrouted 8 .
445243bf
RG
1633.It Va mroute6d_enable
1634.Pq Vt bool
1635The IPv6 equivalent of
1636.Va mrouted_enable .
1637If set to
1638.Dq Li YES ,
1639run the IPv6 multicast routing daemon.
1640Note that no IPv6 multicast routing daemon is included in the
9bb2a92d 1641.Dx
445243bf
RG
1642base system but
1643.Xr pim6dd 8
28feafc7
SW
1644can be installed from the
1645.Xr pkgsrc 7
1646collection.
984263bc
MD
1647.It Va mrouted_flags
1648.Pq Vt str
1649If
1650.Va mrouted_enable
1651is set to
445243bf
RG
1652.Dq Li YES ,
1653these are the flags to pass to the
1654.Xr mrouted 8
1655daemon.
1656.It Va mroute6d_flags
1657.Pq Vt str
1658The IPv6 equivalent of
1659.Va mrouted_flags .
1660If
1661.Va mroute6d_enable
1662is set to
1663.Dq Li YES ,
1664these are the flags passed to the IPv6 multicast routing daemon.
1665.It Va mroute6d_program
1666.Pq Vt str
1667If
1668.Va mroute6d_enable
1669is set to
1670.Dq Li YES ,
1671this is the path to the IPv6 multicast routing daemon.
1672.It Va rtadvd_enable
1673.Pq Vt bool
1674If set to
1675.Dq Li YES ,
1676run the
1677.Xr rtadvd 8
1678daemon at boot time.
1679.Xr rtadvd 8
1680will only run if
1681.Va ipv6_gateway_enable
1682is also set to
1683.Dq Li YES .
1684The
1685.Xr rtadvd 8
1686utility sends router advertisement packets to the interfaces specified in
1687.Va rtadvd_interfaces .
1688.Xr rtadvd 8
1689and should only be enabled with great care.
1690You may want to fine-tune
1691.Xr rtadvd.conf 5 .
1692.It Va rtadvd_interfaces
1693.Pq Vt str
1694If
1695.Va rtadvd_enable
1696is set to
1697.Dq Li YES
1698this is the list of interfaces to use.
984263bc
MD
1699.It Va ipxgateway_enable
1700.Pq Vt bool
1701If set to
445243bf
RG
1702.Dq Li YES ,
1703enable the routing of IPX traffic.
984263bc
MD
1704.It Va ipxrouted_enable
1705.Pq Vt bool
1706If set to
445243bf
RG
1707.Dq Li YES ,
1708run the
984263bc
MD
1709.Xr IPXrouted 8
1710daemon at system boot time.
1711.It Va ipxrouted_flags
1712.Pq Vt str
1713If
1714.Va ipxrouted_enable
1715is set to
445243bf 1716.Dq Li YES ,
984263bc
MD
1717these are the flags to pass to the
1718.Xr IPXrouted 8
1719daemon.
1720.It Va arpproxy_all
1721.Pq Vt bool
1722If set to
445243bf
RG
1723.Dq Li YES ,
1724enable global proxy ARP.
984263bc
MD
1725.It Va forward_sourceroute
1726.Pq Vt bool
1727If set to
445243bf
RG
1728.Dq Li YES
1729and
984263bc
MD
1730.Va gateway_enable
1731is also set to
445243bf
RG
1732.Dq Li YES ,
1733source-routed packets are forwarded.
984263bc
MD
1734.It Va accept_sourceroute
1735.Pq Vt bool
1736If set to
445243bf
RG
1737.Dq Li YES ,
1738the system will accept source-routed packets directed at it.
984263bc
MD
1739.It Va rarpd_enable
1740.Pq Vt bool
1741If set to
445243bf
RG
1742.Dq Li YES ,
1743run the
984263bc
MD
1744.Xr rarpd 8
1745daemon at system boot time.
1746.It Va rarpd_flags
1747.Pq Vt str
1748If
1749.Va rarpd_enable
1750is set to
445243bf 1751.Dq Li YES ,
984263bc
MD
1752these are the flags to pass to the
1753.Xr rarpd 8
1754daemon.
445243bf
RG
1755.It Va bootparamd_enable
1756.Pq Vt bool
1757If set to
1758.Dq Li YES ,
1759run the
1760.Xr bootparamd 8
1761daemon at system boot time.
1762.It Va bootparamd_flags
1763.Pq Vt str
1764If
1765.Va bootparamd_enable
1766is set to
1767.Dq Li YES ,
1768these are the flags to pass to the
1769.Xr bootparamd 8
1770daemon.
1771.It Va stf_interface_ipv4addr
1772.Pq Vt str
1773If not set to
1774.Dq Li NO ,
1775this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling
1776interface).
1777Specify this entry to enable the 6to4 interface.
1778.It Va stf_interface_ipv4plen
1779.Pq Vt int
1780Prefix length for 6to4 IPv4 addresses, to limit peer address range.
1781An effective value is 0-31.
1782.It Va stf_interface_ipv6_ifid
1783.Pq Vt str
1784IPv6 interface ID for
1785.Xr stf 4 .
1786This can be set to
1787.Dq Li AUTO .
1788.It Va stf_interface_ipv6_slaid
1789.Pq Vt str
1790IPv6 Site Level Aggregator for
1791.Xr stf 4 .
1792.It Va ipv6_faith_prefix
1793.Pq Vt str
1794If not set to
1795.Dq Li NO ,
1796this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP
1797translator.
1798You also need
1799.Xr faithd 8
1800setup.
1801.It Va ipv6_ipv4mapping
1802.Pq Vt bool
1803If set to
1804.Dq Li YES
1805this enables IPv4 mapped IPv6 address communication (like
1806.Li ::ffff:a.b.c.d ) .
984263bc
MD
1807.It Va atm_enable
1808.Pq Vt bool
1809Set to
445243bf 1810.Dq Li YES
984263bc
MD
1811to enable the configuration of ATM interfaces at system boot time.
1812For all of the ATM variables described below, please refer to the
1813.Xr atm 8
1814man page for further details on the available command parameters.
1815Also refer to the files in
1816.Pa /usr/share/examples/atm
1817for more detailed configuration information.
445243bf
RG
1818.It Va atm_load
1819.Pq Vt str
1820This is a list of physical ATM interface drivers to load. Typical values are
1821.Dq Li hfa_pci
1822and/or
1823.Dq Li hea_pci .
1824.It Va atm_netif_ Ns Aq Ar intf
984263bc
MD
1825.Pq Vt str
1826For the ATM physical interface
445243bf
RG
1827.Ar intf ,
1828this variable defines the name prefix and count for the ATM network
1829interfaces to be created.
984263bc 1830The value will be passed as the parameters of an
445243bf 1831.Dq Nm atm Cm "set netif" Ar intf
984263bc 1832command.
445243bf 1833.It Va atm_sigmgr_ Ns Aq Ar intf
984263bc
MD
1834.Pq Vt str
1835For the ATM physical interface
445243bf 1836.Ar intf ,
984263bc
MD
1837this variable defines the ATM signalling manager to be used.
1838The value will be passed as the parameters of an
445243bf 1839.Dq Nm atm Cm attach Ar intf
984263bc 1840command.
445243bf 1841.It Va atm_prefix_ Ns Aq Ar intf
984263bc
MD
1842.Pq Vt str
1843For the ATM physical interface
445243bf 1844.Ar intf ,
984263bc 1845this variable defines the NSAP prefix for interfaces using a UNI signalling
445243bf
RG
1846manager.
1847If set to
1848.Dq Li ILMI ,
1849the prefix will automatically be set via the
984263bc 1850.Xr ilmid 8
445243bf
RG
1851daemon.
1852Otherwise, the value will be passed as the parameters of an
1853.Dq Nm atm Cm "set prefix" Ar intf
984263bc 1854command.
445243bf 1855.It Va atm_macaddr_ Ns Aq Ar intf
984263bc
MD
1856.Pq Vt str
1857For the ATM physical interface
445243bf 1858.Ar intf ,
984263bc 1859this variable defines the MAC address for interfaces using a UNI signalling
445243bf
RG
1860manager.
1861If set to
1862.Dq Li NO ,
1863the hardware MAC address contained in the ATM interface card will be used.
984263bc 1864Otherwise, the value will be passed as the parameters of an
445243bf 1865.Dq Nm atm Cm "set mac" Ar intf
984263bc 1866command.
445243bf 1867.It Va atm_arpserver_ Ns Aq Ar netif
984263bc
MD
1868.Pq Vt str
1869For the ATM network interface
445243bf 1870.Ar netif ,
984263bc 1871this variable defines the ATM address for a host which is to provide ATMARP
445243bf
RG
1872service.
1873This variable is only applicable to interfaces using a UNI signalling
1874manager.
1875If set to
1876.Dq Li local ,
1877this host will become an ATMARP server.
984263bc 1878The value will be passed as the parameters of an
445243bf 1879.Dq Nm atm Cm "set arpserver" Ar netif
984263bc 1880command.
445243bf 1881.It Va atm_scsparp_ Ns Aq Ar netif
984263bc
MD
1882.Pq Vt bool
1883If set to
445243bf
RG
1884.Dq Li YES ,
1885SCSP/ATMARP service for the network interface
1886.Ar netif
984263bc
MD
1887will be initiated using the
1888.Xr scspd 8
1889and
1890.Xr atmarpd 8
445243bf
RG
1891daemons.
1892This variable is only applicable if
984263bc 1893.Va atm_arpserver_ Ns Aq Ar netif
445243bf
RG
1894is set to
1895.Dq Li local .
984263bc
MD
1896.It Va atm_pvcs
1897.Pq Vt str
1898Set to the list of ATM PVCs to be added at system
445243bf
RG
1899boot time.
1900For each whitespace separated
984263bc
MD
1901.Ar element
1902in the value, an
1903.Va atm_pvc_ Ns Aq Ar element
445243bf
RG
1904variable is assumed to exist.
1905The value of each of these variables
984263bc 1906will be passed as the parameters of an
445243bf 1907.Dq Nm atm Cm "add pvc"
984263bc
MD
1908command.
1909.It Va atm_arps
1910.Pq Vt str
1911Set to the list of permanent ATM ARP entries to be added
445243bf
RG
1912at system boot time.
1913For each whitespace separated
984263bc
MD
1914.Ar element
1915in the value, an
1916.Va atm_arp_ Ns Aq Ar element
445243bf
RG
1917variable is assumed to exist.
1918The value of each of these variables
984263bc 1919will be passed as the parameters of an
445243bf 1920.Dq Nm atm Cm "add arp"
984263bc 1921command.
445243bf
RG
1922.It Va natm_interfaces
1923.Pq Vt str
1924Set to the list of
1925.Xr natm 4
1926interfaces that will also be used for HARP through
1927.Xr harp 4 .
1928If this list is not empty all interfaces in the list will be brought up
1929with
1930.Xr ifconfig 9
1931and
1932.Xr harp 4
1933will be loaded.
1934For this to work the interface drivers must be either compiled into the
1935kernel or must reside on the root partition.
1936.It Va keybell
1937.Pq Vt str
1938The keyboard bell sound.
1939Set to
1940.Dq Li normal ,
1941.Dq Li visual ,
1942.Dq Li off ,
1943or
1944.Dq Li NO
1945if the default behavior is desired.
1946For details, refer to the
1947.Xr kbdcontrol 1
1948manpage.
984263bc
MD
1949.It Va keymap
1950.Pq Vt str
1951If set to
445243bf
RG
1952.Dq Li NO ,
1953no keymap is installed, otherwise the value is used to install
984263bc 1954the keymap file in
445243bf 1955.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
984263bc
MD
1956.It Va keyrate
1957.Pq Vt str
445243bf
RG
1958The keyboard repeat speed.
1959Set to
1960.Dq Li slow ,
1961.Dq Li normal ,
1962.Dq Li fast ,
984263bc 1963or
445243bf 1964.Dq Li NO
984263bc
MD
1965if the default behavior is desired.
1966.It Va keychange
1967.Pq Vt str
1968If not set to
445243bf
RG
1969.Dq Li NO ,
1970attempt to program the function keys with the value.
1971The value should
984263bc 1972be a single string of the form:
445243bf 1973.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
984263bc
MD
1974.It Va cursor
1975.Pq Vt str
1976Can be set to the value of
445243bf
RG
1977.Dq Li normal ,
1978.Dq Li blink ,
1979.Dq Li destructive ,
984263bc 1980or
445243bf 1981.Dq Li NO
984263bc
MD
1982to set the cursor behavior explicitly or choose the default behavior.
1983.It Va scrnmap
1984.Pq Vt str
1985If set to
445243bf
RG
1986.Dq Li NO ,
1987no screen map is installed, otherwise the value is used to install
984263bc 1988the screen map file in
445243bf 1989.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
984263bc
MD
1990.It Va font8x16
1991.Pq Vt str
1992If set to
445243bf
RG
1993.Dq Li NO ,
1994the default 8x16 font value is used for screen size requests, otherwise
984263bc 1995the value in
445243bf 1996.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
984263bc
MD
1997is used.
1998.It Va font8x14
1999.Pq Vt str
2000If set to
445243bf
RG
2001.Dq Li NO ,
2002the default 8x14 font value is used for screen size requests, otherwise
984263bc 2003the value in
445243bf 2004.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
984263bc
MD
2005is used.
2006.It Va font8x8
2007.Pq Vt str
2008If set to
445243bf
RG
2009.Dq Li NO ,
2010the default 8x8 font value is used for screen size requests, otherwise
984263bc 2011the value in
445243bf 2012.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
984263bc
MD
2013is used.
2014.It Va blanktime
2015.Pq Vt int
2016If set to
445243bf
RG
2017.Dq Li NO ,
2018the default screen blanking interval is used, otherwise it is set
984263bc
MD
2019to
2020.Ar value
2021seconds.
2022.It Va saver
2023.Pq Vt str
2024If not set to
445243bf
RG
2025.Dq Li NO ,
2026this is the actual screen saver to use
2027.Li ( blank , snake , daemon ,
2028etc).
984263bc
MD
2029.It Va moused_enable
2030.Pq Vt str
2031If set to
445243bf 2032.Dq Li YES ,
984263bc
MD
2033the
2034.Xr moused 8
2035daemon is started for doing cut/paste selection on the console.
2036.It Va moused_type
2037.Pq Vt str
2038This is the protocol type of the mouse connected to this host.
2039This variable must be set if
2040.Va moused_enable
2041is set to
445243bf 2042.Dq Li YES .
984263bc
MD
2043The
2044.Xr moused 8
2045daemon
2046is able to detect the appropriate mouse type automatically in many cases.
2047Set this variable to
445243bf 2048.Dq Li auto
984263bc
MD
2049to let the daemon detect it, or
2050select one from the following list if the automatic detection fails.
2051.Pp
2052If the mouse is attached to the PS/2 mouse port, choose
445243bf 2053.Dq Li auto
984263bc 2054or
445243bf
RG
2055.Dq Li ps/2 ,
2056regardless of the brand and model of the mouse.
2057Likewise, if the
984263bc 2058mouse is attached to the bus mouse port, choose
445243bf 2059.Dq Li auto
984263bc 2060or
445243bf 2061.Dq Li busmouse .
984263bc
MD
2062All other protocols are for serial mice and will not work with
2063the PS/2 and bus mice.
2064If this is a USB mouse,
445243bf 2065.Dq Li auto
984263bc 2066is the only protocol type which will work.
445243bf
RG
2067.Pp
2068.Bl -tag -width ".Li x10mouseremote" -compact
2069.It Li microsoft
2070Microsoft mouse (serial)
2071.It Li intellimouse
2072Microsoft IntelliMouse (serial)
2073.It Li mousesystems
2074Mouse systems Corp. mouse (serial)
2075.It Li mmseries
2076MM Series mouse (serial)
2077.It Li logitech
2078Logitech mouse (serial)
2079.It Li busmouse
2080A bus mouse
2081.It Li mouseman
2082Logitech MouseMan and TrackMan (serial)
2083.It Li glidepoint
2084ALPS GlidePoint (serial)
2085.It Li thinkingmouse
2086Kensington ThinkingMouse (serial)
2087.It Li ps/2
2088PS/2 mouse
2089.It Li mmhittab
2090MM HitTablet (serial)
2091.It Li x10mouseremote
2092X10 MouseRemote (serial)
2093.It Li versapad
2094Interlink VersaPad (serial)
2095.El
984263bc
MD
2096.Pp
2097Even if the mouse is not in the above list, it may be compatible
2098with one in the list.
2099Refer to the man page for
2100.Xr moused 8
2101for compatibility information.
2102.Pp
2103It should also be noted that while this is enabled, any
2104other client of the mouse (such as an X server) should access
445243bf
RG
2105the mouse through the virtual mouse device,
2106.Pa /dev/sysmouse ,
2107and configure it as a
2108.Dq Li sysmouse
2109type mouse, since all
984263bc
MD
2110mouse data is converted to this single canonical format when
2111using
2112.Xr moused 8 .
445243bf
RG
2113If the client program does not support the
2114.Dq Li sysmouse
2115type,
2116specify the
2117.Dq Li mousesystems
2118type.
984263bc
MD
2119It is the second preferred type.
2120.It Va moused_port
2121.Pq Vt str
2122If
2123.Va moused_enable
2124is set to
445243bf 2125.Dq Li YES ,
984263bc
MD
2126this is the actual port the mouse is on.
2127It might be
2128.Pa /dev/cuaa0
2129for a COM1 serial mouse,
2130.Pa /dev/psm0
2131for a PS/2 mouse or
2132.Pa /dev/mse0
2133for a bus mouse, for example.
2134.It Va moused_flags
2135.Pq Vt str
2136If
2137.Va moused_type
2138is set, these are the additional flags to pass to the
2139.Xr moused 8
2140daemon.
445243bf
RG
2141.It Va mousechar_start
2142.Pq Vt int
2143If set to
2144.Dq Li NO ,
2145the default mouse cursor character range
2146.Li 0xd0 Ns - Ns Li 0xd3
2147is used,
2148otherwise the range start is set
2149to
2150.Ar value
2151character, see
2152.Xr vidcontrol 1 .
2153Use if the default range is occupied in the language code table.
850afac2
SW
2154.It Va vidhistory
2155.Pq Vt int
2156Set the size of the history (scrollback) buffer in lines.
984263bc
MD
2157.It Va allscreens_flags
2158.Pq Vt str
2159If set,
2160.Xr vidcontrol 1
2161is run with these options for each of the virtual terminals
2162.Pq Pa /dev/ttyv* .
2163For example,
445243bf 2164.Dq Fl m Cm on
984263bc
MD
2165will enable the mouse pointer on all virtual terminals
2166if
2167.Va moused_enable
2168is set to
445243bf
RG
2169.Dq Li YES .
2170.It Va allscreens_kbdflags
2171.Pq Vt str
2172If set,
2173.Xr kbdcontrol 1
2174is run with these options for each of the virtual terminals
2175.Pq Pa /dev/ttyv* .
2176For example,
2177.Dq Fl h Li 200
2178will set the
2179.Xr syscons 4
2180scrollback (history) buffer to 200 lines.
984263bc
MD
2181.It Va cron_enable
2182.Pq Vt bool
2183If set to
445243bf
RG
2184.Dq Li YES ,
2185run the
984263bc
MD
2186.Xr cron 8
2187daemon at system boot time.
2188.It Va cron_program
2189.Pq Vt str
2190Path to
2191.Xr cron 8
2192(default
2193.Pa /usr/sbin/cron ) .
2194.It Va cron_flags
2195.Pq Vt str
2196If
2197.Va cron_enable
2198is set to
445243bf 2199.Dq Li YES ,
984263bc
MD
2200these are the flags to pass to
2201.Xr cron 8 .
2202.It Va lpd_program
2203.Pq Vt str
2204Path to
2205.Xr lpd 8
2206(default
2207.Pa /usr/sbin/lpd ) .
2208.It Va lpd_enable
2209.Pq Vt bool
2210If set to
445243bf
RG
2211.Dq Li YES ,
2212run the
984263bc
MD
2213.Xr lpd 8
2214daemon at system boot time.
2215.It Va lpd_flags
2216.Pq Vt str
2217If
2218.Va lpd_enable
2219is set to
445243bf 2220.Dq Li YES ,
984263bc
MD
2221these are the flags to pass to the
2222.Xr lpd 8
2223daemon.
850afac2
SW
2224.It Va mixer_enable
2225.Pq Vt bool
2226If set to
2227.Dq Li YES ,
2228preserve
2229.Xr mixer 8
2230settings across reboots.
984263bc
MD
2231.It Va mta_start_script
2232.Pq Vt str
2233This variable specifies the full path to the script to run to start
2234a mail transfer agent.
2235The default is
2236.Pa /etc/rc.sendmail .
2237The
2238.Va sendmail_*
2239variables which
2240.Pa /etc/rc.sendmail
2241uses are documented in the
2242.Xr rc.sendmail 8
2243man page.
2244.It Va dumpdev
2245.Pq Vt str
2246Indicates the device (usually a swap partition) to which a crash dump
2247should be written in the event of a system crash.
2248The value of this variable is passed as the argument to
2249.Xr dumpon 8 .
2250To disable crash dumps, set this variable to
445243bf 2251.Dq Li NO .
984263bc
MD
2252.It Va dumpdir
2253.Pq Vt str
2254When the system reboots after a crash and a crash dump is found on the
2255device specified by the
2256.Va dumpdev
2257variable,
2258.Xr savecore 8
2259will save that crash dump and a copy of the kernel to the directory
2260specified by the
2261.Va dumpdir
2262variable.
2263The default value is
445243bf 2264.Pa /var/crash .
984263bc 2265Set to
445243bf 2266.Dq Li NO
984263bc
MD
2267to not run
2268.Xr savecore 8
2269at boot time when
2270.Va dumpdir
2271is set.
2272.It Va savecore_flags
2273.Pq Vt str
2274If crash dumps are enabled, these are the flags to pass to the
2275.Xr savecore 8
2276utility.
2277.It Va enable_quotas
2278.Pq Vt bool
2279Set to
445243bf 2280.Dq Li YES
984263bc
MD
2281to turn on user disk quotas on system startup via the
2282.Xr quotaon 8
2283command.
2284.It Va check_quotas
2285.Pq Vt bool
2286Set to
445243bf 2287.Dq Li YES
984263bc
MD
2288to enable user disk quota checking via the
2289.Xr quotacheck 8
2290command.
2291.It Va accounting_enable
2292.Pq Vt bool
2293Set to
445243bf 2294.Dq Li YES
984263bc
MD
2295to enable system accounting through the
2296.Xr accton 8
2297facility.
984263bc
MD
2298.It Va linux_enable
2299.Pq Vt bool
2300Set to
445243bf 2301.Dq Li YES
984263bc
MD
2302to enable Linux/ELF binary emulation at system initial
2303boot time.
445243bf
RG
2304.It Va sysvipc_enable
2305.Pq Vt bool
2306If set to
2307.Dq Li YES ,
2308load System V IPC primitives at boot time.
de5b97b6
MD
2309.\" ----- cleanvar_enable setting--------------------------------
2310.It Va cleanvar_enable
2311.Pq Vt bool
2312Set to
2313.Dq Li YES
2314to have
2315.Pa /var/run ,
2316.Pa /var/spool/lock
2317and
2318.Pa /var/spool/uucp/.Temp/*
2319cleaned at startup.
2320.\" ----- clear_tmp_enable setting-------------------------------
984263bc
MD
2321.It Va clear_tmp_enable
2322.Pq Vt bool
2323Set to
445243bf 2324.Dq Li YES
984263bc
MD
2325to have
2326.Pa /tmp
2327cleaned at startup.
de5b97b6 2328.\" ----- ldconfig_paths setting --------------------------------
984263bc
MD
2329.It Va ldconfig_paths
2330.Pq Vt str
2331Set to the list of shared library paths to use with
2332.Xr ldconfig 8 .
2333NOTE:
2334.Pa /usr/lib
2335will always be added first, so it need not appear in this list.
2336.It Va ldconfig_insecure
2337.Pq Vt bool
2338The
2339.Xr ldconfig 8
2340utility normally refuses to use directories
2341which are writable by anyone except root.
2342Set this variable to
445243bf 2343.Dq Li YES
984263bc 2344to disable that security check during system startup.
984263bc
MD
2345.It Va kern_securelevel
2346.Pq Vt int
2347The kernel security level to set at startup.
2348The allowed range of
2349.Ar value
445243bf
RG
2350ranges from \-1 (the compile time default) to 3 (the
2351most secure).
2352See
984263bc
MD
2353.Xr init 8
2354for the list of possible security levels and their effect
2355on system operation.
445243bf
RG
2356.It Va lomac_enable
2357.Pq Vt bool
2358Set to
2359.Dq Li YES
2360to enable Low Watermark Mandatory Access Control (LOMAC) at boot time.
2361This security model enforces integrity constraints for system processes;
2362see
2363.Xr lomac 4
2364for a complete description of the LOMAC model, as well as its impact
2365on system operation.
984263bc
MD
2366.It Va start_vinum
2367.Pq Vt bool
2368Set to
445243bf 2369.Dq Li YES
984263bc
MD
2370to start
2371.Xr vinum 8
2372at system boot time.
984263bc
MD
2373.It Va sshd_enable
2374.Pq Vt bool
2375Set to
445243bf 2376.Dq Li YES
984263bc
MD
2377to start
2378.Xr sshd 8
2379at system boot time.
850afac2
SW
2380.It Va sshd_program
2381.Pq Vt str
2382Path to the SSH server program
2383.Pa ( /usr/sbin/sshd
2384is the default).
984263bc
MD
2385.It Va sshd_flags
2386.Pq Vt str
2387If
2388.Va sshd_enable
2389is set to
445243bf 2390.Dq Li YES ,
984263bc
MD
2391these are the flags to pass to the
2392.Xr sshd 8
2393daemon.
850afac2
SW
2394.It Va ftpd_enable
2395.Pq Vt bool
2396Set to
2397.Dq Li YES
2398to start
2399.Xr ftpd 8
2400at system boot time.
2401.It Va ftpd_flags
2402.Pq Vt str
2403If
2404.Va ftpd_enable
2405is set to
2406.Dq Li YES ,
2407these are the flags to pass to the
2408.Xr ftpd 8
2409daemon.
445243bf
RG
2410.It Va usbd_enable
2411.Pq Vt bool
2412If set to
2413.Dq Li YES ,
2414run the
2415.Xr usbd 8
2416daemon at boot time.
2417.It Va usbd_flags
2418.Pq Vt str
2419If
2420.Va usbd_enable
2421is set to
2422.Dq Li YES ,
2423these are the flags passed to
2424.Xr usbd 8
2425daemon.
2426.It Va watchdogd_enable
2427.Pq Vt bool
2428If set to
2429.Dq Li YES ,
2430start the
2431.Xr watchdogd 8
2432daemon at boot time.
2433This requires that the kernel have been compiled with
2434.Cd "options WATCHDOG" .
2435.It Va jail_enable
2436.Pq Vt bool
2437If set to
2438.Dq Li NO ,
2439any configured jails will not be started.
2440.It Va jail_list
2441.Pq Vt str
2442A space separated list of names for jails.
2443This is purely a configuration aid to help identify and
2444configure multiple jails.
2445The names specified in this list will be used to
2446identify settings common to an instance of a jail.
2447Assuming that the jail in question was named
2448.Li vjail ,
56be8454 2449you would have the following dependent variables:
445243bf
RG
2450.Bd -literal
2451jail_vjail_hostname="jail.example.com"
2452jail_vjail_ip="192.168.1.100"
2453jail_vjail_rootdir="/var/jails/vjail/root"
2454jail_vjail_exec="/bin/sh /etc/rc"
2455.Ed
2456.Pp
2457The last one is optional.
2458It defaults to
2459.Pa /etc/rc
2460if it is not set.
2461.It Va jail_set_hostname_allow
2462.Pq Vt bool
2463If set to
2464.Dq Li NO ,
2465do not allow the root user in a jail to set its hostname.
2466.It Va jail_socket_unixiproute_only
2467.Pq Vt bool
2468If set to
2469.Dq Li NO ,
2470do not allow any protocol,
2471besides TCP/IP,
2472to be used within a jail.
2473.It Va jail_sysvipc_allow
2474.Pq Vt bool
2475If set to
2476.Dq Li YES ,
2477allow applications within a jail to use System V IPC.
850afac2
SW
2478.It Va resident_enable
2479.Pq Vt bool
2480If set to
2481.Dq Li YES ,
2482make the dynamic binaries listed in
2483.Pa /etc/resident.conf
2484resident.
2485.It Va varsym_enable
2486.Pq Vt bool
2487If set to
2488.Dq Li YES ,
2489process
2490.Pa /etc/varsym.conf
2491to set system-wide variables for variant symlinks.
705d55f1 2492.It Va rand_irqs
850afac2
SW
2493.Pq Vt str
2494Set either to
2495.Dq Li NO
2496or a whitespace separated list of IRQ numbers which will be used as a source of
2497randomness.
984263bc
MD
2498.\" ----- isdn settings ---------------------------------
2499.It Va isdn_enable
2500.Pq Vt bool
2501Set to
445243bf 2502.Dq Li NO
984263bc
MD
2503by default.
2504When set to
445243bf
RG
2505.Dq Li YES ,
2506starts the
2507.Xr isdnd 8
2508daemon
984263bc
MD
2509at system boot time.
2510.It Va isdn_flags
2511.Pq Vt str
2512Set to
445243bf 2513.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9
984263bc
MD
2514by default.
2515Additional flags to pass to
2516.Xr isdnd 8
2517(but see
2518.Va isdn_fsdev
2519and
2520.Va isdn_ttype
2521for certain tunable parameters).
2522.It Va isdn_ttype
2523.Pq Vt str
2524Set to
445243bf 2525.Dq Li cons25
984263bc
MD
2526by default.
2527The terminal type of the output device when
2528.Xr isdnd 8
445243bf 2529operates in full-screen mode.
984263bc
MD
2530.It Va isdn_screenflags
2531.Pq Vt str
2532Set to
445243bf 2533.Dq Li NO
984263bc 2534by default.
445243bf 2535The video mode for full-screen mode (only for
984263bc
MD
2536.Xr syscons 4
2537console driver, see
2538.Xr vidcontrol 1
2539for valid modes).
2540.It Va isdn_fsdev
2541.Pq Vt str
2542Set to
445243bf 2543.Dq Li NO
984263bc
MD
2544by default.
2545The output device for
2546.Xr isdnd 8
445243bf
RG
2547in full-screen mode (or
2548.Dq Li NO
984263bc
MD
2549for daemon mode).
2550.It Va isdn_trace
2551.Pq Vt bool
2552Set to
445243bf 2553.Dq Li NO
984263bc
MD
2554by default.
2555When set to
445243bf 2556.Dq Li YES ,
984263bc 2557enables the ISDN protocol trace utility
445243bf 2558.Xr isdntrace 8
984263bc
MD
2559at system boot time.
2560.It Va isdn_traceflags
2561.Pq Vt str
2562Set to
445243bf 2563.Dq Fl f Pa /var/tmp/isdntrace0
984263bc
MD
2564by default.
2565Flags for
445243bf 2566.Xr isdntrace 8 .
984263bc 2567.\" -----------------------------------------------------
445243bf
RG
2568.It Va entropy_dir
2569.Pq Vt str
2570Set to
2571.Dq Li NO
2572to disable caching entropy via
2573.Xr cron 8 .
2574Otherwise set to the directory used to store entropy files in.
2575.It Va entropy_file
2576.Pq Vt str
2577Set to
2578.Dq Li NO
2579to disable caching entropy through reboots.
2580Otherwise set to the filename used to store cached entropy through
2581reboots.
2582This file should be located on the root file system to seed the
2583.Xr random 4
2584device as early as possible in the boot process.
2585.It Va entropy_save_sz
2586.Pq Vt int
2587Size of the entropy cache files saved by
2588.Nm save-entropy
2589periodically.
2590.It Va entropy_save_num
2591.Pq Vt int
2592Number of entropy cache files to save by
2593.Nm save-entropy
2594periodically.
2595.It Va ipsec_enable
2596.Pq Vt bool
2597Set to
2598.Dq Li YES
2599to run
2600.Xr setkey 8
2601on
2602.Va ipsec_file
2603at boot time.
2604.It Va ipsec_file
2605.Pq Vt str
2606Configuration file for
2607.Xr setkey 8 .
2608.It Va dmesg_enable
2609.Pq Vt bool
2610Set to
2611.Dq Li YES
2612to save
2613.Xr dmesg 8
2614to
2615.Pa /var/run/dmesg.boot
2616on boot.
2617.It Va rcshutdown_timeout
2618.Pq Vt int
2619If set, start a watchdog timer in the background which will terminate
2620.Pa rc.shutdown
2621if
2622.Xr shutdown 8
2623has not completed within the specified time (in seconds).
984263bc
MD
2624.El
2625.Sh FILES
445243bf 2626.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
984263bc
MD
2627.It Pa /etc/defaults/rc.conf
2628.It Pa /etc/rc.conf
2629.It Pa /etc/rc.conf.local
2630.El
2631.Sh SEE ALSO
2632.Xr catman 1 ,
2633.Xr gdb 1 ,
2634.Xr info 1 ,
445243bf 2635.Xr kbdcontrol 1 ,
850afac2 2636.Xr varsym 1 ,
984263bc 2637.Xr vidcontrol 1 ,
445243bf 2638.Xr ip 4 ,
27e9fed5
SW
2639.Xr ipf 4 ,
2640.Xr ipfw 4 ,
445243bf 2641.Xr kld 4 ,
27e9fed5 2642.Xr pf 4 ,
984263bc
MD
2643.Xr tcp 4 ,
2644.Xr udp 4 ,
2645.Xr exports 5 ,
2646.Xr motd 5 ,
850afac2
SW
2647.Xr resident.conf 5 ,
2648.Xr varsym.conf 5 ,
984263bc
MD
2649.Xr accton 8 ,
2650.Xr amd 8 ,
2651.Xr apm 8 ,
2652.Xr atm 8 ,
2653.Xr cron 8 ,
2654.Xr dhclient 8 ,
850afac2
SW
2655.Xr dhcpd 8 ,
2656.Xr dhcrelay 8 ,
c54db4b1 2657.Xr dntpd 8 ,
850afac2 2658.Xr ftpd 8 ,
984263bc
MD
2659.Xr ifconfig 8 ,
2660.Xr inetd 8 ,
2661.Xr isdnd 8 ,
2662.Xr isdntrace 8 ,
445243bf 2663.Xr kldxref 8 ,
984263bc 2664.Xr lpd 8 ,
375d1659 2665.Xr makewhatis 8 ,
445243bf 2666.Xr mdconfig 8 ,
850afac2 2667.Xr mixer 8 ,
984263bc
MD
2668.Xr mountd 8 ,
2669.Xr moused 8 ,
2670.Xr mrouted 8 ,
2671.Xr named 8 ,
2672.Xr nfsd 8 ,
984263bc 2673.Xr ntpd 8 ,
984263bc 2674.Xr pcnfsd 8 ,
27e9fed5
SW
2675.Xr pfctl 8 ,
2676.Xr pflogd 8 ,
984263bc
MD
2677.Xr quotacheck 8 ,
2678.Xr quotaon 8 ,
2679.Xr rc 8 ,
2680.Xr rc.sendmail 8 ,
850afac2
SW
2681.Xr resident 8 ,
2682.Xr rndcontrol 8 ,
984263bc
MD
2683.Xr route 8 ,
2684.Xr routed 8 ,
2685.Xr rpc.lockd 8 ,
2686.Xr rpc.statd 8 ,
2687.Xr rpcbind 8 ,
2688.Xr rwhod 8 ,
2689.Xr savecore 8 ,
2690.Xr sshd 8 ,
2691.Xr swapon 8 ,
2692.Xr sysctl 8 ,
2693.Xr syslogd 8 ,
2694.Xr timed 8 ,
445243bf 2695.Xr usbd 8 ,
984263bc 2696.Xr vinum 8 ,
984263bc
MD
2697.Xr yp 8 ,
2698.Xr ypbind 8 ,
2699.Xr ypserv 8 ,
2700.Xr ypset 8
2701.Sh HISTORY
2702The
2703.Nm
2704file appeared in
2705.Fx 2.2.2 .
2706.Sh AUTHORS
2707.An Jordan K. Hubbard .