4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
13 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE
17 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 .\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $
32 .Nd system configuration information
36 contains descriptive information about the local host name, configuration
37 details for any potential network interfaces and which services should be
38 started up at system initial boot time.
39 In new installations, the
41 file is generally initialized by the installer.
45 is not to run commands or perform system startup actions directly.
46 Instead, it is included by the various generic startup scripts in
48 which conditionalize their
49 internal actions according to the settings found there.
52 .Pa /etc/defaults/rc.conf
53 file specifies the default settings for all the available options,
56 file specifies override settings.
57 Options need only be specified in
59 when the system administrator wishes to override the defaults.
61 .Pa /etc/rc.conf.local
62 is used to override settings in
64 for historical reasons.
66 .Pa /etc/rc.conf.local
67 you can also place smaller configuration files for each
71 directory, which will be included by the
74 For jail configurations you could use the file
75 .Pa /etc/rc.conf.d/jail
76 to store jail specific configuration options.
81 The following list provides a name and short description for each
82 variable that can be set in the
99 These values are case insensitive.
102 postfix in the name of a variable for starting a service can be
105 .Bl -tag -width indent-two
110 enable output of debug messages from rc scripts.
111 This variable can be helpful in diagnosing mistakes when
112 editing or integrating new scripts.
113 Beware that this produces copious output to the terminal and
119 disable informational messages from the rc scripts.
120 Informational messages are displayed when
121 a condition that is not serious enough to warrant a warning or an error occurs.
128 when faststart is used (e.g., at boot time).
133 no swapfile is installed, otherwise the value is used as the full
134 pathname to a file to use for additional swap space.
137 driver is needed for a swapfile and will be loaded if it is not
138 already compiled into the kernel or loaded via
140 .It Ao Ar module Ac Ns Ar _load
144 that kernel module will be loaded.
146 .Ao Ar module Ac Ns Ar _name
147 is defined (see below), the
148 module's name is taken to be
150 .It Ao Ar module Ac Ns Ar _name
152 Defines the name of the module.
157 to handle device added, removed or unknown events from the kernel.
164 these are the flags to pass to the
176 a CPU speed control daemon.
180 Additional flags passed to the
183 .It Va sensorsd_enable
192 a sensors monitoring and logging daemon.
193 .It Va sensorsd_flags
196 Additional flags passed to the
199 .It Va sysvipcd_enable
208 a daemon needed for the userspace implementation of the XSI Interprocess
209 Communication functions.
210 .It Va sysvipcd_flags
213 Additional flags passed to the
216 .It Va hotplugd_enable
225 a devices hot plugging monitoring daemon.
226 .It Va hotplugd_flags
229 Additional flags passed to the
232 .It Va pccard_ifconfig
234 List of arguments to be passed to
236 at boot time or on insertion of the card (e.g.\&
237 .Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0
238 for a fixed address or
241 .It Va pccard_ether_delay
243 Set the delay before starting
246 .Pa /etc/pccard_ether
248 This defaults to 5 seconds to work around a bug in the
250 driver which can lead to system hangs when using some newer
253 .It Va removable_interfaces
255 List of removable network interfaces to be supported by
256 .Pa /etc/pccard_ether .
259 List of directories to search for startup script files.
260 .It Va script_name_sep
262 The field separator to use for breaking down the list of startup script files
263 into individual filenames.
264 The default is a space.
265 It is not necessary to change this unless there are startup scripts with names
269 The fully qualified domain name (FQDN) of this host on the network.
270 This should almost certainly be set to something meaningful, even if
271 there is no network connection.
274 is used to set the hostname via DHCP,
275 this variable should be set to an empty string.
278 Enable support for IPv6 networking.
279 Note that this requires that the kernel have been compiled with
280 .Cd "options INET6" .
283 The NIS domain name of this host, or
286 .It Va dhclient_program
288 Path to the DHCP client program
290 .Pa /sbin/dhclient ) .
291 .It Va dhclient_flags
293 Additional flags to pass to the DHCP client program.
301 If the kernel was not built with
305 kernel module will be loaded.
307 .Va firewall_enable .
312 ruleset definition file.
323 these are the flags to pass to
325 when loading the ruleset.
332 which logs packets from
340 this specifies the path of the log file.
351 these are the flags to pass to
353 .It Va firewall_enable
357 to load firewall rules at startup.
358 If the kernel was not built with
359 .Cd "options IPFIREWALL" ,
362 kernel module will be loaded.
365 .It Va ipv6_firewall_enable
367 The IPv6 equivalent of
368 .Va firewall_enable .
371 to load IPv6 firewall rules at startup.
372 If the kernel was not built with
373 .Cd "options IPV6FIREWALL" ,
376 kernel module will be loaded.
377 .It Va firewall_script
379 The full path to the firewall script to run
381 .Pa /etc/rc.firewall ) .
382 .It Va ipv6_firewall_script
384 The IPv6 equivalent of
385 .Va firewall_script .
388 Names the firewall type from the selection in
389 .Pa /etc/rc.firewall ,
390 or the file which contains the local firewall ruleset.
391 Valid selections from
395 .Bl -tag -width ".Li simple" -compact
397 unrestricted IP access
399 all IP services disabled, except via
402 basic protection for a workstation on a LAN
408 If a filename is specified, the full path must be given.
409 .It Va firewall_trusted_nets
411 List of trusted networks (if
415 .It Va firewall_trusted_interfaces
417 List of trusted network interfaces (if
421 .It Va firewall_allowed_icmp_types
423 List of allowed ICMP types (if
427 .It Va firewall_open_tcp_ports
429 List of TCP ports to open (if
433 .It Va firewall_open_udp_ports
435 List of UDP ports to open (if
439 .It Va ipv6_firewall_type
441 The IPv6 equivalent of
443 .It Va firewall_quiet
447 to disable the display of firewall rules on the console during boot.
448 .It Va ipv6_firewall_quiet
450 The IPv6 equivalent of
452 .It Va firewall_logging
456 to enable firewall event logging.
457 This is equivalent to the
458 .Dv IPFIREWALL_VERBOSE
460 .It Va ipv6_firewall_logging
462 The IPv6 equivalent of
463 .Va firewall_logging .
464 .It Va firewall_flags
470 specifies a filename.
471 .It Va ipv6_firewall_flags
473 The IPv6 equivalent of
487 The full path to the shell script to run to set up the ipfw3
488 firewall rules (default
489 .Pa /etc/ipfw3.rules ) .
492 List of ipfw3 modules to be loaded before executing the above
495 .Dq Li ipfw3 ipfw3_basic ) .
511 sockets must be enabled in the kernel.
512 .It Va natd_interface
514 This is the name of the public interface on which
517 The interface may be given as an interface name or as an IP address.
522 flags should be placed here.
527 flag is automatically added with the above
530 .It Va tcp_extensions
537 disables certain TCP options as described by
543 might help remedy such problems with connections as randomly hanging
544 or other weird behavior.
545 Some network devices are known to be broken with respect to these options.
552 .Va net.inet.tcp.log_in_vain
554 .Va net.inet.udp.log_in_vain ,
559 are set to the given value.
567 will disable probing idle TCP connections to verify that the
568 peer is still up and reachable.
569 .It Va tcp_drop_synfin
576 will cause the kernel to ignore TCP frames that have both
577 the SYN and FIN flags set.
578 This prevents OS fingerprinting, but may break some legitimate applications.
579 This option is only available if the kernel was built with the
582 .It Va icmp_drop_redirect
589 will cause the kernel to ignore ICMP REDIRECT packets.
592 for more information.
593 .It Va icmp_log_redirect
600 will cause the kernel to log ICMP REDIRECT packets.
602 the log messages are not rate-limited, so this option should only be used
603 for troubleshooting networks.
606 for more information.
607 .It Va icmp_bmcastecho
611 to respond to broadcast or multicast ICMP ping packets.
614 for more information.
615 .It Va ip_portrange_first
619 this is the first port in the default portrange.
622 for more information.
623 .It Va ip_portrange_last
627 this is the last port in the default portrange.
630 for more information.
632 .It Va ifconfig_ Ns Aq Ar interface
636 Typically includes IP address.
637 Assuming that the interface in question was
639 it might look something like this:
641 ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000"
645 .Pa /etc/start_if. Ns Aq Ar interface
646 file is present, it is read and executed by the
648 interpreter before configuring the interface as specified in the
649 .Va ifconfig_ Ns Aq Ar interface
651 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
654 It is possible to bring up an interface with DHCP by adding
657 .Va ifconfig_ Ns Aq Ar interface
659 For instance, to initialize the
661 device via DHCP, it is possible to use something like:
667 .Va vlans_ Ns Aq Ar interface
671 interface will be created for each item in the list with the
675 If a vlan interface's name is a number,
676 then that number is used as the vlan tag and the new vlan interface is
678 .Ar interface . Ns Ar tag .
680 the vlan tag must be specified via a
683 .Va create_args_ Ns Aq Ar interface
686 To create a vlan device named
690 with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24:
693 ifconfig_em0_101="inet 192.0.2.1/24"
696 To create a vlan device named
700 with the vlan tag 102:
703 create_args_myvlan="vlan 102"
707 .Va wlans_ Ns Aq Ar interface
711 interface will be created for each item in the list with the
715 Further wlan cloning arguments may be passed to the
718 command by setting the
719 .Va create_args_ Ns Aq Ar interface
723 devices must be created for each wireless devices as of
729 may be specified with an
730 .Va wlandebug_ Ns Aq Ar interface
732 The contents of this variable will be passed directly to
735 Also, if your interface needs WPA authentication, it is possible to add
738 .Va ifconfig_ Ns Aq Ar interface
741 .Xr wpa_supplicant 8 .
743 .Xr wpa_supplicant.conf 5
744 for configuring authentication information.
748 options in this variable, in addition to the
749 .Pa /etc/start_if. Ns Aq Ar interface
751 For instance, to initialize the
753 device via DHCP, using WPA authentication and 802.11b mode, it is
754 possible to use something like:
757 ifconfig_wlan0="up DHCP WPA mode 11b"
759 .It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
761 Configuration to establish an additional network address for
763 Assuming that the interface in question was
765 it might look something like this:
767 ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
768 ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
773 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
774 entry that is found, its contents are passed to
776 Execution stops at the first unsuccessful access, so if
777 something like this is present:
779 ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
780 ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
781 ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
782 ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
785 Then note that alias4 would
787 be added since the search would stop with the missing alias3 entry.
788 .It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name
792 It is possible to rename interface by doing:
794 ifconfig_ed0_name="net0"
795 ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
797 .It Va network_interfaces
799 The list of network interfaces to configure on this host,
802 to configure all network interfaces
805 For example, if the only network devices to be configured are the loopback device
809 driver, this could be set to
812 .Va ifconfig_ Ns Aq Ar interface
813 variable is assumed to exist for each value of
815 .It Va ipv6_network_interfaces
817 This is the IPv6 equivalent of
818 .Va network_interfaces .
819 Instead of setting the ifconfig variables as
820 .Va ifconfig_ Ns Aq Ar interface
821 they should be set as
822 .Va ipv6_ifconfig_ Ns Aq Ar interface .
823 Aliases should be set as
824 .Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
825 Interfaces that do not have a
826 .Va ipv6_ifconfig_ Ns Aq Ar interface
827 setting will be auto configured by
830 .Va ipv6_gateway_enable
833 Note that the IPv6 networking code does not support the
834 .Pa /etc/start_if. Ns Aq Ar interface
836 .It Va ipv6_prefix_ Ns Aq Ar interface
840 prefixlen 64 is used.
841 .It Va ipv6_default_interface
845 this is the default output interface for scoped addresses.
846 Now this works only for IPv6 link local multicast addresses.
847 .It Va cloned_interfaces
849 Set to the list of clonable network interfaces to create on this host.
851 .Va cloned_interfaces
852 are automatically appended to
853 .Va network_interfaces
855 .It Va gif_interfaces
859 tunnel interfaces to configure on this host.
861 .Va gifconfig_ Ns Aq Ar interface
862 variable is assumed to exist for each value of
864 The value of this variable is used to configure the link layer of the
865 tunnel according to the syntax of the
869 Additionally, this option ensures that each listed interface is created via the
873 before attempting to configure it.
874 .It Va sppp_interfaces
878 interfaces to configure on this host.
880 .Va spppconfig_ Ns Aq Ar interface
881 variable is assumed to exist for each value of
883 Each interface should also be configured by a general
884 .Va ifconfig_ Ns Aq Ar interface
888 for more information about available options.
898 Mode in which to run the
907 See the manual for a full description.
912 enables network address translation.
913 Used in conjunction with
915 allows hosts on private network addresses access to the Internet using
916 this host as a network address translating router.
919 The name of the profile to use from
920 .Pa /etc/ppp/ppp.conf .
921 Also used for per-profile overrides of
922 .Va ppp_ Ns Ao Ar profile Ac Ns _unit .
923 Where the profile contains any of the characters
925 they are translated to
927 for the purposes of the override variable names.
928 .It Va ppp_ Ns Ao Ar profile Ac Ns _unit
930 Set the unit number to be used for this profile.
931 See the manual description of
938 The name of the user under which
947 This option is used to specify a list of files that will override
949 .Pa /etc/defaults/rc.conf .
950 The files will be read in the order in which they are specified and should
951 include the full path to the file.
952 By default, the files specified are
955 .Pa /etc/rc.conf.local
963 flag if the initial preen of the file systems fails.
966 List of file system types that are network-based.
967 This list should generally not be modified by end users.
969 .Va extra_netfs_types
971 .It Va extra_netfs_types
973 If set to something other than
975 (the default), this variable extends the list of file system types
976 for which automatic mounting at startup by
978 should be delayed until the network is initialized.
980 a whitespace-separated list of network file system descriptor pairs,
981 each consisting of a file system type as passed to
983 and a human-readable, one-word description, joined with a colon
985 Extending the default list in this way is only necessary
986 when third party file system types are used.
987 .It Va devfs_config_files
989 This option is used to specify a list of configuration files containing
991 rules that will be applied by
993 in the order in which they are specified and must include the full path
995 .It Va syslogd_enable
1002 .It Va syslogd_program
1007 .Pa /usr/sbin/syslogd ) .
1008 .It Va syslogd_flags
1014 these are the flags to pass to
1023 .It Va inetd_program
1028 .Pa /usr/sbin/inetd ) .
1035 these are the flags to pass to
1043 daemon at boot time.
1050 these are the flags to pass to it.
1056 will be updated at boot time to reflect the kernel release being run.
1060 will not be updated.
1061 .It Va nfs_client_enable
1065 setup NFS client parameters at boot time.
1066 .It Va nfs_access_cache
1069 .Va nfs_client_enable
1074 to disable NFS ACCESS RPC caching, or to the number of seconds for which
1075 NFS ACCESS results should be cached.
1076 A value of 2-10 seconds will substantially reduce network traffic for
1077 many NFS operations.
1078 The default is 5 seconds.
1079 Note that the attribute cache holds stat information only.
1080 The NFS data cache is independent of the attribute cache and is only
1081 invalidated when the client detects that the server has modified the
1083 This value specifies a maximum timeout.
1084 The NFS client will automatically use a shorter timeout for files which
1085 have been recently modified.
1086 .It Va nfs_neg_cache
1089 .Va nfs_client_enable
1094 to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent
1095 filenames), or to the number of seconds for which negative lookups should
1097 A value of 2-10 seconds will substantially reduce network
1098 traffic for many NFS operations, especially source code builds.
1099 The default is 3 seconds.
1100 .It Va nfs_server_enable
1104 run the NFS server daemons at boot time.
1105 .It Va nfs_server_flags
1108 .Va nfs_server_enable
1111 these are the flags to pass to the
1114 .It Va mountd_enable
1119 .Va nfs_server_enable
1125 It is commonly needed to run CFS without real NFS used.
1132 these are the flags to pass to the
1135 .It Va weak_mountd_authentication
1139 allow services like PCNFSD to make non-privileged mount requests.
1140 .It Va nfs_reserved_port_only
1144 provide NFS services only on a secure port.
1145 .It Va nfs_bufpackets
1147 If set to a number, indicates the number of packets worth of
1148 socket buffer space to reserve on an NFS client.
1149 The kernel default is typically 4.
1150 Using a higher number may be useful on gigabit networks to improve performance.
1151 The minimum value is 2 and the maximum is 64.
1152 .It Va rpc_umntall_enable
1156 (default) and we are also an NFS client, run
1158 at boot time to clear out old mounts on remote servers.
1163 will not be run at boot time.
1164 .It Va rpc_lockd_enable
1168 and also an NFS server, run
1171 .It Va rpc_lockd_flags
1174 .Va rpc_lockd_enable
1177 these are the flags to pass to
1179 .It Va rpc_statd_enable
1183 and also an NFS server, run
1186 .It Va rpc_statd_flags
1189 .Va rpc_statd_enable
1192 these are the flags to pass to
1194 .It Va rpcbind_program
1196 Path to program for rpcbind daemon
1198 .Pa /usr/sbin/rpcbind ) .
1199 .It Va rpcbind_enable
1206 .It Va rpcbind_flags
1212 these are the flags to pass to
1213 .Va rpcbind_program .
1214 .It Va keyserv_enable
1220 daemon on boot for running Secure RPC.
1221 .It Va keyserv_flags
1227 these are the flags to pass to
1230 .It Va pppoed_enable
1236 daemon at boot time to provide PPP over Ethernet services.
1237 .It Va pppoed_provider
1240 listens to requests to this provider and ultimately runs
1244 argument of the same name.
1247 Additional flags to pass to
1249 .It Va pppoed_interface
1251 The network interface to run
1254 This is mandatory when
1264 service at boot time.
1265 This command is intended for networks of machines where a consistent
1267 for all hosts must be established.
1268 This is often useful in large NFS environments where time stamps on
1269 files are expected to be consistent network-wide.
1276 these are the flags to pass to the
1285 at system boot time.
1286 .It Va dntpd_program
1291 .Pa /usr/sbin/dntpd ) .
1298 these are the flags to pass to the
1301 .It Va btconfig_enable
1305 configure Bluetooth devices via
1307 at system boot time.
1308 .It Va btconfig_devices
1314 this is the list of Bluetooth devices to configure.
1316 .Va btconfig_devices
1317 is not specified, all devices known to the system will be configured.
1319 .Va btconfig_ Ns Aq Ar device
1320 variable can be set to specify parameters to be passed to
1322 .It Va btconfig_args
1328 this is the list of configuration parameters to pass to all Bluetooth
1334 run the Service Discovery Profile daemon
1336 at system boot time.
1343 these are the flags to pass to the
1346 .It Va bthcid_enable
1350 run the Bluetooth Link Key/PIN Code Manager daemon
1352 at system boot time.
1359 these are the flags to pass to the
1362 .It Va nis_client_enable
1368 service at system boot time.
1369 .It Va nis_client_flags
1372 .Va nis_client_enable
1375 these are the flags to pass to the
1378 .It Va nis_ypset_enable
1384 daemon at system boot time.
1385 .It Va nis_ypset_flags
1388 .Va nis_ypset_enable
1391 these are the flags to pass to the
1394 .It Va nis_server_enable
1400 daemon at system boot time.
1401 .It Va nis_server_flags
1404 .Va nis_server_enable
1407 these are the flags to pass to the
1410 .It Va nis_ypxfrd_enable
1416 daemon at system boot time.
1417 .It Va nis_ypxfrd_flags
1420 .Va nis_ypxfrd_enable
1423 these are the flags to pass to the
1426 .It Va nis_yppasswdd_enable
1432 daemon at system boot time.
1433 .It Va nis_yppasswdd_flags
1436 .Va nis_yppasswdd_enable
1439 these are the flags to pass to the
1442 .It Va rpc_ypupdated_enable
1448 daemon at system boot time.
1449 .It Va defaultrouter
1453 create a default route to this host name or IP address
1454 (use an IP address if this router is also required to get to the
1456 .It Va ipv6_defaultrouter
1458 The IPv6 equivalent of
1460 .It Va static_routes
1462 Set to the list of static routes that are to be added at system boot time.
1465 then for each whitespace separated
1468 .Va route_ Ns Aq Ar element
1469 variable is assumed to exist whose contents will later be passed to a
1472 .It Va change_routes
1474 Set to the list of static routes that are to be changed at system boot time
1475 (such as those added by the kernel).
1478 then for each whitespace separated
1481 .Va change_route_ Ns Aq Ar element
1482 variable is assumed to exist whose contents will later be passed to a
1483 .Dq Nm route Cm change
1485 .It Va ipv6_static_routes
1487 The IPv6 equivalent of
1491 then for each whitespace separated
1494 .Va ipv6_route_ Ns Aq Ar element
1495 variable is assumed to exist whose contents will later be passed to a
1496 .Dq Nm route Cm add Fl inet6
1498 .It Va gateway_enable
1502 configure host to act as an IP router, e.g. to forward packets
1504 .It Va ipv6_gateway_enable
1506 The IPv6 equivalent of
1507 .Va gateway_enable .
1508 .It Va router_enable
1512 run a routing daemon of some sort, based on the settings of
1516 .It Va ipv6_router_enable
1518 The IPv6 equivalent of
1522 run a routing daemon of some sort, based on the settings of
1523 .Va ipv6_router_program
1525 .Va ipv6_router_flags .
1526 .It Va router_program
1532 this is the name of the routing daemon to use
1534 .Pa /sbin/routed ) .
1535 .It Va ipv6_router_program
1537 The IPv6 equivalent of
1540 .Pa /sbin/route6d ) .
1547 these are the flags to pass to the routing daemon.
1548 .It Va ipv6_router_flags
1550 The IPv6 equivalent of
1552 .It Va mrouted_enable
1556 run the multicast routing daemon,
1558 .It Va mroute6d_enable
1560 The IPv6 equivalent of
1561 .Va mrouted_enable .
1564 run the IPv6 multicast routing daemon.
1565 Note that no IPv6 multicast routing daemon is included in the
1569 can be installed from the
1572 .Pa ( net/mcast-tools ) .
1573 .It Va mrouted_flags
1579 these are the flags to pass to the
1582 .It Va mroute6d_flags
1584 The IPv6 equivalent of
1590 these are the flags passed to the IPv6 multicast routing daemon.
1591 .It Va mroute6d_program
1597 this is the path to the IPv6 multicast routing daemon.
1598 .It Va rtadvd_enable
1604 daemon at boot time.
1607 .Va ipv6_gateway_enable
1612 utility sends router advertisement packets to the interfaces specified in
1613 .Va rtadvd_interfaces .
1615 and should only be enabled with great care.
1616 You may want to fine-tune
1618 .It Va rtadvd_interfaces
1624 this is the list of interfaces to use.
1625 .It Va rtsold_enable
1631 daemon at boot time.
1634 daemon is used for automatic discovery of non-link local addresses.
1641 these are the flags to pass to the
1648 enable global proxy ARP.
1649 .It Va forward_sourceroute
1657 source-routed packets are forwarded.
1658 .It Va accept_sourceroute
1662 the system will accept source-routed packets directed at it.
1669 daemon at system boot time.
1676 these are the flags to pass to the
1679 .It Va bootparamd_enable
1685 daemon at system boot time.
1686 .It Va bootparamd_flags
1689 .Va bootparamd_enable
1692 these are the flags to pass to the
1695 .It Va stf_interface_ipv4addr
1699 this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface).
1700 Specify this entry to enable the 6to4 interface.
1701 .It Va stf_interface_ipv4plen
1703 Prefix length for 6to4 IPv4 addresses, to limit peer address range.
1704 An effective value is 0-31.
1705 .It Va stf_interface_ipv6_ifid
1707 IPv6 interface ID for
1711 .It Va stf_interface_ipv6_slaid
1713 IPv6 Site Level Aggregator for
1717 The keyboard bell sound.
1724 if the default behavior is desired.
1725 For details, refer to the
1732 no keymap is installed, otherwise the value is used to install
1734 .Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
1737 The keyboard repeat speed.
1744 if the default behavior is desired.
1749 attempt to program the function keys with the value.
1750 The value should be a single string of the form:
1751 .Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
1754 Can be set to the value of
1757 .Dq Li destructive ,
1760 to set the cursor behavior explicitly or choose the default behavior.
1765 no screen map is installed, otherwise the value is used to install
1766 the screen map file in
1767 .Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
1772 the default 8x16 font value is used for screen size requests, otherwise
1774 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1780 the default 8x14 font value is used for screen size requests, otherwise
1782 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1788 the default 8x8 font value is used for screen size requests, otherwise
1790 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1796 the default screen blanking interval is used, otherwise it is set to
1803 this is the actual screen saver to use
1804 .Li ( blank , snake , daemon ,
1806 .It Va moused_nondefault_enable
1810 the mouse device specified on
1811 the command line is not automatically treated as enabled by the
1812 .Pa /etc/rc.d/moused
1814 Having this variable set to
1820 to be enabled as soon as it is plugged in.
1821 .It Va moused_enable
1827 daemon is started for doing cut/paste selection on the console.
1834 this is the protocol type of the mouse connected to this host.
1840 is able to detect the appropriate mouse type automatically in many cases.
1841 Leave this variable at the default
1843 to let the daemon detect it, or
1844 select one from the following list if the automatic detection fails.
1846 If the mouse is attached to the PS/2 mouse port, leave the variable at the
1851 regardless of the brand and model of the mouse.
1852 Likewise, if the mouse is attached to the bus mouse port, leave it at
1856 All other protocols are for serial mice and will not work with
1857 the PS/2 and bus mice.
1858 If this is a USB mouse,
1860 is the only protocol type which will work.
1862 .Bl -tag -width ".Li x10mouseremote" -compact
1864 Microsoft mouse (serial)
1866 Microsoft IntelliMouse (serial)
1868 Mouse systems Corp. mouse (serial)
1870 MM Series mouse (serial)
1872 Logitech mouse (serial)
1876 Logitech MouseMan and TrackMan (serial)
1878 ALPS GlidePoint (serial)
1879 .It Li thinkingmouse
1880 Kensington ThinkingMouse (serial)
1884 MM HitTablet (serial)
1885 .It Li x10mouseremote
1886 X10 MouseRemote (serial)
1888 Interlink VersaPad (serial)
1891 Even if the mouse is not in the above list, it may be compatible
1892 with one in the list.
1893 Refer to the man page for
1895 for compatibility information.
1897 It should also be noted that while this is enabled, any
1898 other client of the mouse (such as an X server) should access
1899 the mouse through the virtual mouse device,
1901 and configure it as a
1903 type mouse, since all
1904 mouse data is converted to this single canonical format when using
1906 If the client program does not support the
1911 It is the second preferred type.
1918 this is the actual port the mouse is on.
1921 for a COM1 serial mouse or
1923 for a PS/2 mouse, for example.
1928 is set, these are the additional flags to pass to the
1931 .It Va mousechar_start
1935 the default mouse cursor character range
1936 .Li 0xd0 Ns - Ns Li 0xd3
1937 is used, otherwise the range start is set to
1941 Use if the default range is occupied in the language code table.
1944 Set the size of the history (scrollback) buffer in lines.
1945 .It Va allscreens_flags
1949 is run with these options for each of the virtual terminals
1953 will enable the mouse pointer on all virtual terminals if
1957 .It Va allscreens_kbdflags
1961 is run with these options for each of the virtual terminals
1967 scrollback (history) buffer to 200 lines.
1974 daemon at system boot time.
1980 .Pa /usr/sbin/cron ) .
1987 these are the flags to pass to
1994 .Pa /usr/sbin/lpd ) .
2001 daemon at system boot time.
2008 these are the flags to pass to the
2017 daemon at system boot time.
2024 settings across reboots.
2025 .It Va mta_start_script
2027 The full path to the script to run to start
2028 a mail transfer agent.
2030 .Pa /etc/rc.sendmail .
2034 .Pa /etc/rc.sendmail
2035 uses are documented in the
2041 .Sq HAMMER ROOT with UFS /boot
2042 setup, the boot loader will not set up the
2045 The system will attempt to fix this on its own.
2046 Set this variable to
2048 to turn this behavior off.
2051 Indicates the device (usually a swap partition) to which a crash dump
2052 should be written in the event of a system crash.
2053 The value of this variable is passed as the argument to
2057 To disable crash dumps, set this variable to
2061 When the system reboots after a crash and a crash dump is found on the
2062 device specified by the
2066 will save that crash dump and a copy of the kernel to the directory
2070 The default value is
2079 .It Va savecore_flags
2081 If crash dumps are enabled, these are the flags to pass to the
2084 .It Va crashinfo_enable
2088 to turn on automatic crash dump summary generation using the utility
2090 .Va crashinfo_program
2092 .It Va crashinfo_program
2094 Program to run to generate a crash dump summary if the variable
2095 .Va crashinfo_enable
2098 The default value is
2099 .Pa /usr/sbin/crashinfo .
2100 .It Va enable_quotas
2104 to turn on user disk quotas on system startup via the
2111 to enable user disk quota checking via the
2114 .It Va accounting_enable
2118 to enable system accounting through the
2121 .\" ----- cleanvar_enable setting--------------------------------
2122 .It Va cleanvar_enable
2130 .Pa /var/spool/uucp/.Temp/*
2132 .\" ----- clear_tmp_enable setting-------------------------------
2133 .It Va clear_tmp_enable
2140 .\" ----- ldconfig_paths setting --------------------------------
2141 .It Va ldconfig_paths
2143 Set to the list of shared library paths to use with
2147 will always be added first, so it need not appear in this list.
2148 .It Va ldconfig_insecure
2152 utility normally refuses to use directories
2153 which are writable by anyone except root.
2154 Set this variable to
2156 to disable that security check during system startup.
2157 .It Va ldconfig_local_dirs
2159 Set to the list of local
2162 The names of all files in the directories listed will be
2163 passed as arguments to
2165 .It Va kern_securelevel
2167 The kernel security level to set at startup.
2168 The allowed range of
2170 ranges from \-1 (the compile time default) to 3 (the most secure).
2173 for the list of possible security levels and their effect on system operation.
2180 at system boot time.
2187 at system boot time.
2190 Path to the SSH server program
2192 .Pa /usr/sbin/sshd ) .
2199 these are the flags to pass to the
2208 at system boot time.
2215 these are the flags to pass to the
2218 .It Va watchdogd_enable
2224 daemon at boot time.
2225 This requires that the kernel have been compiled with
2226 .Cd "options WATCHDOG" .
2231 any configured jails will not be started.
2234 A space separated list of names for jails.
2235 This is purely a configuration aid to help identify and
2236 configure multiple jails.
2237 The names specified in this list will be used to
2238 identify settings common to an instance of a jail.
2239 Assuming that the jail in question was named
2241 you would have the following dependent variables:
2243 jail_vjail_hostname="jail.example.com"
2244 jail_vjail_ip="192.168.1.100"
2245 jail_vjail_rootdir="/var/jails/vjail/root"
2250 When set, use as default value for
2251 .Va jail_ Ns Ao Ar jname Ac Ns Va _flags
2254 .It Va jail_interface
2257 When set, use as default value for
2258 .Va jail_ Ns Ao Ar jname Ac Ns Va _interface
2264 When set, use as default value for
2265 .Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2268 .It Va jail_mount_enable
2276 .Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
2279 by default for every jail in
2281 .It Va jail_procfs_enable
2289 .Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
2292 by default for every jail in
2294 .It Va jail_devfs_enable
2302 .Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
2305 by default for every jail in
2307 .It Va jail_exec_start
2310 When set, use as default value for
2311 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
2314 .It Va jail_exec_stop
2316 When set, use as default value for
2317 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
2320 .It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
2323 Set to the root directory used by jail
2325 .It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
2328 Set to the fully qualified domain name (FQDN) assigned to jail
2330 .It Va jail_ Ns Ao Ar jname Ac Ns Va _ip
2333 Set to the IP address assigned to jail
2335 .It Va jail_ Ns Ao Ar jname Ac Ns Va _flags
2340 These are flags to pass to
2342 .It Va jail_ Ns Ao Ar jname Ac Ns Va _interface
2345 When set, sets the interface to use when setting IP address alias.
2346 Note that the alias is created at jail startup and removed at jail shutdown.
2347 .It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2350 .Pa /etc/fstab. Ns Aq Ar jname
2352 This is the file system information file to use for jail
2354 .It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
2361 mount all file systems from
2362 .Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2364 .It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
2371 mount the process file system inside jail
2374 .It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
2381 mount the device file system inside jail
2384 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
2387 .Dq Li /bin/sh /etc/rc
2389 This is the command executed at jail startup.
2390 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
2393 .Dq Li /bin/sh /etc/rc.shutdown
2395 This is the command executed at jail shutdown.
2396 .It Va jail_set_hostname_allow
2400 do not allow the root user in a jail to set its hostname.
2401 .It Va jail_socket_unixiproute_only
2405 do not allow any sockets,
2406 besides UNIX/IP/route sockets,
2407 to be used within a jail.
2408 .It Va jail_sysvipc_allow
2412 allow applications within a jail to use System V IPC.
2417 LVM volumes will be discovered and configured on boot.
2418 .It Va newsyslog_enable
2424 before syslogd starts.
2425 .It Va newsyslog_flags
2428 .Va newsyslog_enable
2431 these are the flags passed to
2433 .It Va resident_enable
2437 make the dynamic binaries listed in
2438 .Pa /etc/resident.conf
2440 .It Va varsym_enable
2445 .Pa /etc/varsym.conf
2446 to set system-wide variables for variant symlinks.
2451 or a whitespace separated list of IRQ numbers which will be used as a source of
2453 .\" -----------------------------------------------------
2458 to disable caching entropy via
2460 Otherwise set to the directory used to store entropy files in.
2465 to disable caching entropy through reboots.
2466 Otherwise set to the filename used to store cached entropy through reboots.
2467 This file should be located on the root file system to seed the
2469 device as early as possible in the boot process.
2470 .It Va entropy_save_sz
2472 Determines the size of the entropy cache files used for entropy cached
2473 through reboots and also entropy cached via
2475 The entropy is fed to the system in blocks of 512 bytes, so this number
2476 should be large enough to fill as many of the entropy pools in the kernel
2478 By default, it is set to 16384, which should be able to seed all 32 entropy
2479 pools in the Fortuna CSPRNG.
2487 .Pa /var/run/dmesg.boot
2489 .It Va rcshutdown_timeout
2491 If set, start a watchdog timer in the background which will terminate
2495 has not completed within the specified time (in seconds).
2496 Notice that in addition to this soft timeout,
2498 also applies a hard timeout for the execution of
2500 This is configured via
2503 .Va kern.init_shutdown_timeout
2504 and defaults to 120 seconds. Setting the value of
2505 .Va rcshutdown_timeout
2506 to more than 120 seconds will have no effect until the
2509 .Va kern.init_shutdown_timeout
2515 the udevd daemon will be started on boot.
2516 .It Va vfs_quota_enable
2520 vfs quota rc.d scripts will be run on boot.
2521 .It Va vfs_quota_sync
2523 List of mount points whose counters are to be synchronized with on-disk
2524 usage during system startup.
2527 .It Va vknetd_enable
2532 will be started on boot.
2535 Additional flags passed to
2537 Usually address/cidrbits is specified here.
2538 When no flags are passed, default option
2541 .It Va vkernel_enable
2545 any configured vkernels will not be started.
2546 .It Va vkernel_kill_timeout
2548 This defines the default number of seconds that we will wait for the
2549 vkernel to shut down on its own.
2550 If after this time it's still alive,
2551 it will be killed with SIGKILL.
2554 Defines the default path to the vkernel binary.
2557 A space separated list of names for vkernels.
2558 This is purely a configuration aid to help identify and
2559 configure multiple vkernels.
2560 The names specified in this list will be used to
2561 identify settings common to a vkernel instance.
2562 Assuming that the vkernel in question was named
2564 you would have the following dependent variables
2565 (filled with reference values in this text):
2567 vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug"
2568 vkernel_example_memsize="64m"
2569 vkernel_example_rootimg_list="/var/vkernel/rootimg.01"
2570 vkernel_example_memimg="/var/vkernel/memimg.000001"
2571 vkernel_example_user="myuser"
2572 vkernel_example_iface_list="auto:bridge0"
2573 vkernel_example_logfile="/dev/null"
2574 vkernel_example_flags="-U"
2575 vkernel_example_kill_timeout="45"
2578 The last six are optional.
2579 They default to an empty string if not set, except for logfile which defaults to
2589 which is the vkernel's default directory for memory images,
2590 with permissions of 1777, i.e. world writable with the sticky bit set
2593 .It Va autofs_enable
2603 daemons at boot time.
2604 .It Va automount_flags
2610 these are the flags to pass to the
2613 By default no flags are passed.
2614 .It Va automountd_flags
2620 these are the flags to pass to the
2623 By default no flags are passed.
2624 .It Va autounmountd_flags
2630 these are the flags to pass to the
2633 By default no flags are passed.
2636 .Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact
2637 .It Pa /etc/defaults/rc.conf
2639 .It Pa /etc/rc.conf.local
2640 .It Pa /etc/start_if. Ns Aq Ar interface
2660 .Xr resident.conf 5 ,
2665 .Xr autounmountd 8 ,
2721 .An Jordan K. Hubbard .
projects / dragonfly.git / blob