4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
13 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE
17 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 .\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $
32 .Nd system configuration information
36 contains descriptive information about the local host name, configuration
37 details for any potential network interfaces and which services should be
38 started up at system initial boot time.
39 In new installations, the
41 file is generally initialized by the installer.
45 is not to run commands or perform system startup actions directly.
46 Instead, it is included by the various generic startup scripts in
48 which conditionalize their
49 internal actions according to the settings found there.
52 .Pa /etc/defaults/rc.conf
53 file specifies the default settings for all the available options,
56 file specifies override settings.
57 Options need only be specified in
59 when the system administrator wishes to override the defaults.
61 .Pa /etc/rc.conf.local
62 is used to override settings in
64 for historical reasons.
66 .Pa /etc/rc.conf.local
67 you can also place smaller configuration files for each
71 directory, which will be included by the
74 For jail configurations you could use the file
75 .Pa /etc/rc.conf.d/jail
76 to store jail specific configuration options.
81 The following list provides a name and short description for each
82 variable that can be set in the
99 These values are case insensitive.
102 postfix in the name of a variable for starting a service can be
105 .Bl -tag -width indent-two
110 enable output of debug messages from rc scripts.
111 This variable can be helpful in diagnosing mistakes when
112 editing or integrating new scripts.
113 Beware that this produces copious output to the terminal and
119 disable informational messages from the rc scripts.
120 Informational messages are displayed when
121 a condition that is not serious enough to warrant a warning or an error occurs.
126 no swapfile is installed, otherwise the value is used as the full
127 pathname to a file to use for additional swap space.
132 enable support for Automatic Power Management with the
139 to handle APM event from userland.
140 This also enables support for APM.
147 these are the flags to pass to the
153 to monitor the status of batteries present in the system.
154 This also enables support for APM.
161 these are the flags to pass to the
168 to handle device added, removed or unknown events from the kernel.
175 these are the flags to pass to the
187 a CPU speed control daemon.
188 .It Va sensorsd_enable
197 a sensors monitoring and logging daemon.
198 .It Va sensorsd_flags
201 Additional flags passed to the
204 .It Va hotplugd_enable
213 a devices hot plugging monitoring daemon.
214 .It Va hotplugd_flags
217 Additional flags passed to the
220 .It Va pccard_ifconfig
222 List of arguments to be passed to
224 at boot time or on insertion of the card (e.g.\&
225 .Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0
226 for a fixed address or
229 .It Va pccard_ether_delay
231 Set the delay before starting
234 .Pa /etc/pccard_ether
236 This defaults to 5 seconds to work around a bug in the
238 driver which can lead to system hangs when using some newer
241 .It Va removable_interfaces
243 List of removable network interfaces to be supported by
244 .Pa /etc/pccard_ether .
247 List of directories to search for startup script files.
248 .It Va script_name_sep
250 The field separator to use for breaking down the list of startup script files
251 into individual filenames.
252 The default is a space.
253 It is not necessary to change this unless there are startup scripts with names
255 .It Va hostapd_enable
264 The fully qualified domain name (FQDN) of this host on the network.
265 This should almost certainly be set to something meaningful, even if
266 there is no network connection.
269 is used to set the hostname via DHCP,
270 this variable should be set to an empty string.
273 Enable support for IPv6 networking.
274 Note that this requires that the kernel have been compiled with
275 .Cd "options INET6" .
278 The NIS domain name of this host, or
281 .It Va dhclient_program
283 Path to the DHCP client program
285 .Pa /sbin/dhclient ) .
286 .It Va dhclient_flags
288 Additional flags to pass to the DHCP client program.
296 If the kernel was not built with
300 kernel module will be loaded.
302 .Va firewall_enable .
307 ruleset definition file.
318 these are the flags to pass to
320 when loading the ruleset.
327 which logs packets from
335 this specifies the path of the log file.
346 these are the flags to pass to
348 .It Va firewall_enable
352 to load firewall rules at startup.
353 If the kernel was not built with
354 .Cd "options IPFIREWALL" ,
357 kernel module will be loaded.
360 .It Va ipv6_firewall_enable
362 The IPv6 equivalent of
363 .Va firewall_enable .
366 to load IPv6 firewall rules at startup.
367 If the kernel was not built with
368 .Cd "options IPV6FIREWALL" ,
371 kernel module will be loaded.
372 .It Va firewall_script
374 The full path to the firewall script to run
376 .Pa /etc/rc.firewall ) .
377 .It Va ipv6_firewall_script
379 The IPv6 equivalent of
380 .Va firewall_script .
383 Names the firewall type from the selection in
384 .Pa /etc/rc.firewall ,
385 or the file which contains the local firewall ruleset.
386 Valid selections from
390 .Bl -tag -width ".Li simple" -compact
392 unrestricted IP access
394 all IP services disabled, except via
397 basic protection for a workstation on a LAN
403 If a filename is specified, the full path must be given.
404 .It Va firewall_trusted_nets
406 List of trusted networks (if
410 .It Va firewall_trusted_interfaces
412 List of trusted network interfaces (if
416 .It Va firewall_allowed_icmp_types
418 List of allowed ICMP types (if
422 .It Va firewall_open_tcp_ports
424 List of TCP ports to open (if
428 .It Va firewall_open_udp_ports
430 List of UDP ports to open (if
434 .It Va ipv6_firewall_type
436 The IPv6 equivalent of
438 .It Va firewall_quiet
442 to disable the display of firewall rules on the console during boot.
443 .It Va ipv6_firewall_quiet
445 The IPv6 equivalent of
447 .It Va firewall_logging
451 to enable firewall event logging.
452 This is equivalent to the
453 .Dv IPFIREWALL_VERBOSE
455 .It Va ipv6_firewall_logging
457 The IPv6 equivalent of
458 .Va firewall_logging .
459 .It Va firewall_flags
465 specifies a filename.
466 .It Va ipv6_firewall_flags
468 The IPv6 equivalent of
485 sockets must be enabled in the kernel.
486 .It Va natd_interface
488 This is the name of the public interface on which
491 The interface may be given as an interface name or as an IP address.
496 flags should be placed here.
501 flag is automatically added with the above
504 .It Va tcp_extensions
511 disables certain TCP options as described by
517 might help remedy such problems with connections as randomly hanging
518 or other weird behavior.
519 Some network devices are known to be broken with respect to these options.
526 .Va net.inet.tcp.log_in_vain
528 .Va net.inet.udp.log_in_vain ,
533 are set to the given value.
541 will disable probing idle TCP connections to verify that the
542 peer is still up and reachable.
543 .It Va tcp_drop_synfin
550 will cause the kernel to ignore TCP frames that have both
551 the SYN and FIN flags set.
552 This prevents OS fingerprinting, but may break some legitimate applications.
553 This option is only available if the kernel was built with the
556 .It Va icmp_drop_redirect
563 will cause the kernel to ignore ICMP REDIRECT packets.
566 for more information.
567 .It Va icmp_log_redirect
574 will cause the kernel to log ICMP REDIRECT packets.
576 the log messages are not rate-limited, so this option should only be used
577 for troubleshooting networks.
580 for more information.
581 .It Va icmp_bmcastecho
585 to respond to broadcast or multicast ICMP ping packets.
588 for more information.
589 .It Va ip_portrange_first
593 this is the first port in the default portrange.
596 for more information.
597 .It Va ip_portrange_last
601 this is the last port in the default portrange.
604 for more information.
606 .It Va ifconfig_ Ns Aq Ar interface
610 Typically includes IP address.
611 Assuming that the interface in question was
613 it might look something like this:
615 ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000"
619 .Pa /etc/start_if. Ns Aq Ar interface
620 file is present, it is read and executed by the
622 interpreter before configuring the interface as specified in the
623 .Va ifconfig_ Ns Aq Ar interface
625 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
628 It is possible to bring up an interface with DHCP by adding
631 .Va ifconfig_ Ns Aq Ar interface
633 For instance, to initialize the
635 device via DHCP, it is possible to use something like:
641 .Va wlans_ Ns Aq Ar interface
645 interface will be created for each item in the list with the
649 Further wlan cloning arguments may be passed to the
652 command by setting the
653 .Va create_args_ Ns Aq Ar interface
657 devices must be created for each wireless devices as of
663 may be specified with an
664 .Va wlandebug_ Ns Aq Ar interface
666 The contents of this variable will be passed directly to
669 Also, if your interface needs WPA authentication, it is possible to add
672 .Va ifconfig_ Ns Aq Ar interface
675 .Xr wpa_supplicant 8 .
677 .Xr wpa_supplicant.conf 5
678 for configuring authentication information.
682 options in this variable, in addition to the
683 .Pa /etc/start_if. Ns Aq Ar interface
685 For instance, to initialize the
687 device via DHCP, using WPA authentication and 802.11b mode, it is
688 possible to use something like:
691 ifconfig_wlan0="up DHCP WPA mode 11b"
695 .It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
697 Configuration to establish an additional network address for
699 Assuming that the interface in question was
701 it might look something like this:
703 ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
704 ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
709 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
710 entry that is found, its contents are passed to
712 Execution stops at the first unsuccessful access, so if
713 something like this is present:
715 ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
716 ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
717 ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
718 ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
721 Then note that alias4 would
723 be added since the search would stop with the missing alias3 entry.
726 .It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name
730 It is possible to rename interface by doing:
732 ifconfig_ed0_name="net0"
733 ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
735 .It Va network_interfaces
737 The list of network interfaces to configure on this host,
740 to configure all network interfaces
743 For example, if the only network devices to be configured are the loopback device
747 driver, this could be set to
750 .Va ifconfig_ Ns Aq Ar interface
751 variable is assumed to exist for each value of
753 .It Va ipv6_network_interfaces
755 This is the IPv6 equivalent of
756 .Va network_interfaces .
757 Instead of setting the ifconfig variables as
758 .Va ifconfig_ Ns Aq Ar interface
759 they should be set as
760 .Va ipv6_ifconfig_ Ns Aq Ar interface .
761 Aliases should be set as
762 .Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
763 Interfaces that do not have a
764 .Va ipv6_ifconfig_ Ns Aq Ar interface
765 setting will be auto configured by
768 .Va ipv6_gateway_enable
771 Note that the IPv6 networking code does not support the
772 .Pa /etc/start_if. Ns Aq Ar interface
774 .It Va ipv6_prefix_ Ns Aq Ar interface
778 prefixlen 64 is used.
779 .It Va ipv6_default_interface
783 this is the default output interface for scoped addresses.
784 Now this works only for IPv6 link local multicast addresses.
785 .It Va cloned_interfaces
787 Set to the list of clonable network interfaces to create on this host.
789 .Va cloned_interfaces
790 are automatically appended to
791 .Va network_interfaces
793 .It Va gif_interfaces
797 tunnel interfaces to configure on this host.
799 .Va gifconfig_ Ns Aq Ar interface
800 variable is assumed to exist for each value of
802 The value of this variable is used to configure the link layer of the
803 tunnel according to the syntax of the
807 Additionally, this option ensures that each listed interface is created via the
811 before attempting to configure it.
812 .It Va sppp_interfaces
816 interfaces to configure on this host.
818 .Va spppconfig_ Ns Aq Ar interface
819 variable is assumed to exist for each value of
821 Each interface should also be configured by a general
822 .Va ifconfig_ Ns Aq Ar interface
826 for more information about available options.
836 Mode in which to run the
845 See the manual for a full description.
850 enables network address translation.
851 Used in conjunction with
853 allows hosts on private network addresses access to the Internet using
854 this host as a network address translating router.
857 The name of the profile to use from
858 .Pa /etc/ppp/ppp.conf .
861 The name of the user under which
870 This option is used to specify a list of files that will override
872 .Pa /etc/defaults/rc.conf .
873 The files will be read in the order in which they are specified and should
874 include the full path to the file.
875 By default, the files specified are
878 .Pa /etc/rc.conf.local
886 flag if the initial preen of the file systems fails.
889 List of file system types that are network-based.
890 This list should generally not be modified by end users.
892 .Va extra_netfs_types
894 .It Va extra_netfs_types
896 If set to something other than
898 (the default), this variable extends the list of file system types
899 for which automatic mounting at startup by
901 should be delayed until the network is initialized.
903 a whitespace-separated list of network file system descriptor pairs,
904 each consisting of a file system type as passed to
906 and a human-readable, one-word description, joined with a colon
908 Extending the default list in this way is only necessary
909 when third party file system types are used.
910 .It Va devfs_config_files
912 This option is used to specify a list of configuration files containing
914 rules that will be applied by
916 in the order in which they are specified and must include the full path
918 .It Va syslogd_enable
925 .It Va syslogd_program
930 .Pa /usr/sbin/syslogd ) .
937 these are the flags to pass to
951 .Pa /usr/sbin/inetd ) .
958 these are the flags to pass to
973 these are the flags to pass to it.
987 these are the flags to pass to it.
990 manpage for more information.
991 .It Va amd_map_program
993 If set, the specified program is run to get the list of
998 maps are stored in NIS, one can set this to run
1010 will be updated at boot time to reflect the kernel release being run.
1014 will not be updated.
1015 .It Va nfs_client_enable
1019 setup NFS client parameters at boot time.
1020 .It Va nfs_access_cache
1023 .Va nfs_client_enable
1028 to disable NFS ACCESS RPC caching, or to the number of seconds for which
1029 NFS ACCESS results should be cached.
1030 A value of 2-10 seconds will substantially reduce network traffic for
1031 many NFS operations.
1032 The default is 5 seconds.
1033 Note that the attribute cache holds stat information only.
1034 The NFS data cache is independent of the attribute cache and is only
1035 invalidated when the client detects that the server has modified the
1037 This value specifies a maximum timeout.
1038 The NFS client will automatically use a shorter timeout for files which
1039 have been recently modified.
1040 .It Va nfs_neg_cache
1043 .Va nfs_client_enable
1048 to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent
1049 filenames), or to the number of seconds for which negative lookups should
1051 A value of 2-10 seconds will substantially reduce network
1052 traffic for many NFS operations, especially source code builds.
1053 The default is 3 seconds.
1054 .It Va nfs_server_enable
1058 run the NFS server daemons at boot time.
1059 .It Va nfs_server_flags
1062 .Va nfs_server_enable
1065 these are the flags to pass to the
1068 .It Va mountd_enable
1073 .Va nfs_server_enable
1079 It is commonly needed to run CFS without real NFS used.
1086 these are the flags to pass to the
1089 .It Va weak_mountd_authentication
1093 allow services like PCNFSD to make non-privileged mount requests.
1094 .It Va nfs_reserved_port_only
1098 provide NFS services only on a secure port.
1099 .It Va nfs_bufpackets
1101 If set to a number, indicates the number of packets worth of
1102 socket buffer space to reserve on an NFS client.
1103 The kernel default is typically 4.
1104 Using a higher number may be useful on gigabit networks to improve performance.
1105 The minimum value is 2 and the maximum is 64.
1106 .It Va rpc_umntall_enable
1110 (default) and we are also an NFS client, run
1112 at boot time to clear out old mounts on remote servers.
1117 will not be run at boot time.
1118 .It Va rpc_lockd_enable
1122 and also an NFS server, run
1125 .It Va rpc_lockd_flags
1128 .Va rpc_lockd_enable
1131 these are the flags to pass to
1133 .It Va rpc_statd_enable
1137 and also an NFS server, run
1140 .It Va rpc_statd_flags
1143 .Va rpc_statd_enable
1146 these are the flags to pass to
1148 .It Va rpcbind_program
1150 Path to program for rpcbind daemon
1152 .Pa /usr/sbin/rpcbind ) .
1153 .It Va rpcbind_enable
1160 .It Va rpcbind_flags
1166 these are the flags to pass to
1167 .Va rpcbind_program .
1168 .It Va keyserv_enable
1174 daemon on boot for running Secure RPC.
1175 .It Va keyserv_flags
1181 these are the flags to pass to
1184 .It Va pppoed_enable
1190 daemon at boot time to provide PPP over Ethernet services.
1191 .It Va pppoed_provider
1194 listens to requests to this provider and ultimately runs
1198 argument of the same name.
1201 Additional flags to pass to
1203 .It Va pppoed_interface
1205 The network interface to run
1208 This is mandatory when
1218 service at boot time.
1219 This command is intended for networks of machines where a consistent
1221 for all hosts must be established.
1222 This is often useful in large NFS environments where time stamps on
1223 files are expected to be consistent network-wide.
1230 these are the flags to pass to the
1239 at system boot time.
1240 .It Va dntpd_program
1245 .Pa /usr/sbin/dntpd ) .
1252 these are the flags to pass to the
1255 .It Va btconfig_enable
1259 configure Bluetooth devices via
1261 at system boot time.
1262 .It Va btconfig_devices
1268 this is the list of Bluetooth devices to configure.
1270 .Va btconfig_devices
1271 is not specified, all devices known to the system will be configured.
1273 .Va btconfig_ Ns Aq Ar device
1274 variable can be set to specify parameters to be passed to
1276 .It Va btconfig_args
1282 this is the list of configuration parameters to pass to all Bluetooth
1288 run the Service Discovery Profile daemon
1290 at system boot time.
1297 these are the flags to pass to the
1300 .It Va bthcid_enable
1304 run the Bluetooth Link Key/PIN Code Manager daemon
1306 at system boot time.
1313 these are the flags to pass to the
1316 .It Va nis_client_enable
1322 service at system boot time.
1323 .It Va nis_client_flags
1326 .Va nis_client_enable
1329 these are the flags to pass to the
1332 .It Va nis_ypset_enable
1338 daemon at system boot time.
1339 .It Va nis_ypset_flags
1342 .Va nis_ypset_enable
1345 these are the flags to pass to the
1348 .It Va nis_server_enable
1354 daemon at system boot time.
1355 .It Va nis_server_flags
1358 .Va nis_server_enable
1361 these are the flags to pass to the
1364 .It Va nis_ypxfrd_enable
1370 daemon at system boot time.
1371 .It Va nis_ypxfrd_flags
1374 .Va nis_ypxfrd_enable
1377 these are the flags to pass to the
1380 .It Va nis_yppasswdd_enable
1386 daemon at system boot time.
1387 .It Va nis_yppasswdd_flags
1390 .Va nis_yppasswdd_enable
1393 these are the flags to pass to the
1396 .It Va rpc_ypupdated_enable
1402 daemon at system boot time.
1403 .It Va defaultrouter
1407 create a default route to this host name or IP address
1408 (use an IP address if this router is also required to get to the
1410 .It Va ipv6_defaultrouter
1412 The IPv6 equivalent of
1414 .It Va static_routes
1416 Set to the list of static routes that are to be added at system boot time.
1419 then for each whitespace separated
1422 .Va route_ Ns Aq Ar element
1423 variable is assumed to exist whose contents will later be passed to a
1426 .It Va change_routes
1428 Set to the list of static routes that are to be changed at system boot time
1429 (such as those added by the kernel).
1432 then for each whitespace separated
1435 .Va change_route_ Ns Aq Ar element
1436 variable is assumed to exist whose contents will later be passed to a
1437 .Dq Nm route Cm change
1439 .It Va ipv6_static_routes
1441 The IPv6 equivalent of
1445 then for each whitespace separated
1448 .Va ipv6_route_ Ns Aq Ar element
1449 variable is assumed to exist whose contents will later be passed to a
1450 .Dq Nm route Cm add Fl inet6
1452 .It Va gateway_enable
1456 configure host to act as an IP router, e.g. to forward packets
1458 .It Va ipv6_gateway_enable
1460 The IPv6 equivalent of
1461 .Va gateway_enable .
1462 .It Va router_enable
1466 run a routing daemon of some sort, based on the settings of
1470 .It Va ipv6_router_enable
1472 The IPv6 equivalent of
1476 run a routing daemon of some sort, based on the settings of
1477 .Va ipv6_router_program
1479 .Va ipv6_router_flags .
1480 .It Va router_program
1486 this is the name of the routing daemon to use
1488 .Pa /sbin/routed ) .
1489 .It Va ipv6_router_program
1491 The IPv6 equivalent of
1494 .Pa /sbin/route6d ) .
1501 these are the flags to pass to the routing daemon.
1502 .It Va ipv6_router_flags
1504 The IPv6 equivalent of
1506 .It Va mrouted_enable
1510 run the multicast routing daemon,
1512 .It Va mroute6d_enable
1514 The IPv6 equivalent of
1515 .Va mrouted_enable .
1518 run the IPv6 multicast routing daemon.
1519 Note that no IPv6 multicast routing daemon is included in the
1523 can be installed from the
1526 .It Va mrouted_flags
1532 these are the flags to pass to the
1535 .It Va mroute6d_flags
1537 The IPv6 equivalent of
1543 these are the flags passed to the IPv6 multicast routing daemon.
1544 .It Va mroute6d_program
1550 this is the path to the IPv6 multicast routing daemon.
1551 .It Va rtadvd_enable
1557 daemon at boot time.
1560 .Va ipv6_gateway_enable
1565 utility sends router advertisement packets to the interfaces specified in
1566 .Va rtadvd_interfaces .
1568 and should only be enabled with great care.
1569 You may want to fine-tune
1571 .It Va rtadvd_interfaces
1577 this is the list of interfaces to use.
1578 .It Va rtsold_enable
1584 daemon at boot time.
1587 daemon is used for automatic discovery of non-link local addresses.
1594 these are the flags to pass to the
1597 .It Va ipxgateway_enable
1601 enable the routing of IPX traffic.
1602 .It Va ipxrouted_enable
1608 daemon at system boot time.
1609 .It Va ipxrouted_flags
1612 .Va ipxrouted_enable
1615 these are the flags to pass to the
1622 enable global proxy ARP.
1623 .It Va forward_sourceroute
1631 source-routed packets are forwarded.
1632 .It Va accept_sourceroute
1636 the system will accept source-routed packets directed at it.
1643 daemon at system boot time.
1650 these are the flags to pass to the
1653 .It Va bootparamd_enable
1659 daemon at system boot time.
1660 .It Va bootparamd_flags
1663 .Va bootparamd_enable
1666 these are the flags to pass to the
1669 .It Va stf_interface_ipv4addr
1673 this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface).
1674 Specify this entry to enable the 6to4 interface.
1675 .It Va stf_interface_ipv4plen
1677 Prefix length for 6to4 IPv4 addresses, to limit peer address range.
1678 An effective value is 0-31.
1679 .It Va stf_interface_ipv6_ifid
1681 IPv6 interface ID for
1685 .It Va stf_interface_ipv6_slaid
1687 IPv6 Site Level Aggregator for
1689 .It Va ipv6_faith_prefix
1693 this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator.
1697 .It Va ipv6_ipv4mapping
1701 this enables IPv4 mapped IPv6 address communication (like
1702 .Li ::ffff:a.b.c.d ) .
1707 to enable the configuration of ATM interfaces at system boot time.
1708 For all of the ATM variables described below, please refer to the
1710 man page for further details on the available command parameters.
1711 Also refer to the files in
1712 .Pa /usr/share/examples/atm
1713 for more detailed configuration information.
1714 .It Va atm_netif_ Ns Aq Ar intf
1716 For the ATM physical interface
1718 this variable defines the name prefix and count for the ATM network
1719 interfaces to be created.
1720 The value will be passed as the parameters of an
1721 .Dq Nm atm Cm "set netif" Ar intf
1723 .It Va atm_sigmgr_ Ns Aq Ar intf
1725 For the ATM physical interface
1727 this variable defines the ATM signalling manager to be used.
1728 The value will be passed as the parameters of an
1729 .Dq Nm atm Cm attach Ar intf
1731 .It Va atm_prefix_ Ns Aq Ar intf
1733 For the ATM physical interface
1735 this variable defines the NSAP prefix for interfaces using a UNI signalling
1739 the prefix will automatically be set via the
1742 Otherwise, the value will be passed as the parameters of an
1743 .Dq Nm atm Cm "set prefix" Ar intf
1745 .It Va atm_macaddr_ Ns Aq Ar intf
1747 For the ATM physical interface
1749 this variable defines the MAC address for interfaces using a UNI signalling
1753 the hardware MAC address contained in the ATM interface card will be used.
1754 Otherwise, the value will be passed as the parameters of an
1755 .Dq Nm atm Cm "set mac" Ar intf
1757 .It Va atm_arpserver_ Ns Aq Ar netif
1759 For the ATM network interface
1761 this variable defines the ATM address for a host which is to provide ATMARP
1763 This variable is only applicable to interfaces using a UNI signalling manager.
1766 this host will become an ATMARP server.
1767 The value will be passed as the parameters of an
1768 .Dq Nm atm Cm "set arpserver" Ar netif
1770 .It Va atm_scsparp_ Ns Aq Ar netif
1774 SCSP/ATMARP service for the network interface
1776 will be initiated using the
1781 This variable is only applicable if
1782 .Va atm_arpserver_ Ns Aq Ar netif
1787 Set to the list of permanent ATM ARP entries to be added at system boot time.
1788 For each whitespace separated
1791 .Va atm_arp_ Ns Aq Ar element
1792 variable is assumed to exist.
1793 The value of each of these variables will be passed as the parameters of an
1794 .Dq Nm atm Cm "add arp"
1798 The keyboard bell sound.
1805 if the default behavior is desired.
1806 For details, refer to the
1813 no keymap is installed, otherwise the value is used to install
1815 .Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
1818 The keyboard repeat speed.
1825 if the default behavior is desired.
1830 attempt to program the function keys with the value.
1831 The value should be a single string of the form:
1832 .Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
1835 Can be set to the value of
1838 .Dq Li destructive ,
1841 to set the cursor behavior explicitly or choose the default behavior.
1846 no screen map is installed, otherwise the value is used to install
1847 the screen map file in
1848 .Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
1853 the default 8x16 font value is used for screen size requests, otherwise
1855 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1861 the default 8x14 font value is used for screen size requests, otherwise
1863 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1869 the default 8x8 font value is used for screen size requests, otherwise
1871 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1877 the default screen blanking interval is used, otherwise it is set to
1884 this is the actual screen saver to use
1885 .Li ( blank , snake , daemon ,
1887 .It Va moused_enable
1893 daemon is started for doing cut/paste selection on the console.
1896 This is the protocol type of the mouse connected to this host.
1897 This variable must be set if
1904 is able to detect the appropriate mouse type automatically in many cases.
1905 Set this variable to
1907 to let the daemon detect it, or
1908 select one from the following list if the automatic detection fails.
1910 If the mouse is attached to the PS/2 mouse port, choose
1914 regardless of the brand and model of the mouse.
1915 Likewise, if the mouse is attached to the bus mouse port, choose
1919 All other protocols are for serial mice and will not work with
1920 the PS/2 and bus mice.
1921 If this is a USB mouse,
1923 is the only protocol type which will work.
1925 .Bl -tag -width ".Li x10mouseremote" -compact
1927 Microsoft mouse (serial)
1929 Microsoft IntelliMouse (serial)
1931 Mouse systems Corp. mouse (serial)
1933 MM Series mouse (serial)
1935 Logitech mouse (serial)
1939 Logitech MouseMan and TrackMan (serial)
1941 ALPS GlidePoint (serial)
1942 .It Li thinkingmouse
1943 Kensington ThinkingMouse (serial)
1947 MM HitTablet (serial)
1948 .It Li x10mouseremote
1949 X10 MouseRemote (serial)
1951 Interlink VersaPad (serial)
1954 Even if the mouse is not in the above list, it may be compatible
1955 with one in the list.
1956 Refer to the man page for
1958 for compatibility information.
1960 It should also be noted that while this is enabled, any
1961 other client of the mouse (such as an X server) should access
1962 the mouse through the virtual mouse device,
1964 and configure it as a
1966 type mouse, since all
1967 mouse data is converted to this single canonical format when using
1969 If the client program does not support the
1974 It is the second preferred type.
1981 this is the actual port the mouse is on.
1984 for a COM1 serial mouse or
1986 for a PS/2 mouse, for example.
1991 is set, these are the additional flags to pass to the
1994 .It Va mousechar_start
1998 the default mouse cursor character range
1999 .Li 0xd0 Ns - Ns Li 0xd3
2000 is used, otherwise the range start is set to
2004 Use if the default range is occupied in the language code table.
2007 Set the size of the history (scrollback) buffer in lines.
2008 .It Va allscreens_flags
2012 is run with these options for each of the virtual terminals
2016 will enable the mouse pointer on all virtual terminals if
2020 .It Va allscreens_kbdflags
2024 is run with these options for each of the virtual terminals
2030 scrollback (history) buffer to 200 lines.
2037 daemon at system boot time.
2043 .Pa /usr/sbin/cron ) .
2050 these are the flags to pass to
2057 .Pa /usr/sbin/lpd ) .
2064 daemon at system boot time.
2071 these are the flags to pass to the
2080 daemon at system boot time.
2087 settings across reboots.
2088 .It Va mta_start_script
2090 The full path to the script to run to start
2091 a mail transfer agent.
2093 .Pa /etc/rc.sendmail .
2097 .Pa /etc/rc.sendmail
2098 uses are documented in the
2104 .Sq HAMMER ROOT with UFS /boot
2105 setup, the boot loader will not set up the
2108 The system will attempt to fix this on its own.
2109 Set this variable to
2111 to turn this behavior off.
2114 Indicates the device (usually a swap partition) to which a crash dump
2115 should be written in the event of a system crash.
2116 The value of this variable is passed as the argument to
2120 To disable crash dumps, set this variable to
2124 When the system reboots after a crash and a crash dump is found on the
2125 device specified by the
2129 will save that crash dump and a copy of the kernel to the directory
2133 The default value is
2142 .It Va savecore_flags
2144 If crash dumps are enabled, these are the flags to pass to the
2147 .It Va crashinfo_enable
2151 to turn on automatic crash dump summary generation using the utility
2153 .Va crashinfo_program
2155 .It Va crashinfo_program
2157 Program to run to generate a crash dump summary if the variable
2158 .Va crashinfo_enable
2161 The default value is
2162 .Pa /usr/sbin/crashinfo .
2163 .It Va enable_quotas
2167 to turn on user disk quotas on system startup via the
2174 to enable user disk quota checking via the
2177 .It Va accounting_enable
2181 to enable system accounting through the
2188 to enable Linux/ELF binary emulation at system initial boot time.
2189 .It Va sysvipc_enable
2193 load System V IPC primitives at boot time.
2194 .\" ----- cleanvar_enable setting--------------------------------
2195 .It Va cleanvar_enable
2203 .Pa /var/spool/uucp/.Temp/*
2205 .\" ----- clear_tmp_enable setting-------------------------------
2206 .It Va clear_tmp_enable
2213 .\" ----- ldconfig_paths setting --------------------------------
2214 .It Va ldconfig_paths
2216 Set to the list of shared library paths to use with
2220 will always be added first, so it need not appear in this list.
2221 .It Va ldconfig_insecure
2225 utility normally refuses to use directories
2226 which are writable by anyone except root.
2227 Set this variable to
2229 to disable that security check during system startup.
2230 .It Va kern_securelevel
2232 The kernel security level to set at startup.
2233 The allowed range of
2235 ranges from \-1 (the compile time default) to 3 (the most secure).
2238 for the list of possible security levels and their effect on system operation.
2245 at system boot time.
2252 at system boot time.
2255 Path to the SSH server program
2257 .Pa /usr/sbin/sshd ) .
2264 these are the flags to pass to the
2273 at system boot time.
2280 these are the flags to pass to the
2289 daemon at boot time.
2296 these are the flags passed to
2299 .It Va watchdogd_enable
2305 daemon at boot time.
2306 This requires that the kernel have been compiled with
2307 .Cd "options WATCHDOG" .
2312 any configured jails will not be started.
2315 A space separated list of names for jails.
2316 This is purely a configuration aid to help identify and
2317 configure multiple jails.
2318 The names specified in this list will be used to
2319 identify settings common to an instance of a jail.
2320 Assuming that the jail in question was named
2322 you would have the following dependent variables:
2324 jail_vjail_hostname="jail.example.com"
2325 jail_vjail_ip="192.168.1.100"
2326 jail_vjail_rootdir="/var/jails/vjail/root"
2332 When set, use as default value for
2333 .Va jail_ Ns Ao Ar jname Ac Ns Va _flags
2336 .It Va jail_interface
2339 When set, use as default value for
2340 .Va jail_ Ns Ao Ar jname Ac Ns Va _interface
2346 When set, use as default value for
2347 .Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2350 .It Va jail_mount_enable
2358 .Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
2361 by default for every jail in
2363 .It Va jail_fdesc_enable
2371 .Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable
2374 by default for every jail in
2376 .It Va jail_procfs_enable
2384 .Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
2387 by default for every jail in
2389 .It Va jail_devfs_enable
2397 .Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
2400 by default for every jail in
2402 .It Va jail_exec_start
2405 When set, use as default value for
2406 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
2409 .It Va jail_exec_stop
2411 When set, use as default value for
2412 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
2415 .It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
2418 Set to the root directory used by jail
2420 .It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
2423 Set to the fully qualified domain name (FQDN) assigned to jail
2425 .It Va jail_ Ns Ao Ar jname Ac Ns Va _ip
2428 Set to the IP address assigned to jail
2430 .It Va jail_ Ns Ao Ar jname Ac Ns Va _flags
2435 These are flags to pass to
2437 .It Va jail_ Ns Ao Ar jname Ac Ns Va _interface
2440 When set, sets the interface to use when setting IP address alias.
2441 Note that the alias is created at jail startup and removed at jail shutdown.
2442 .It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2445 .Pa /etc/fstab. Ns Aq Ar jname
2447 This is the file system information file to use for jail
2449 .It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
2456 mount all file systems from
2457 .Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2459 .It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable
2466 mount the file-descriptor file system inside jail
2469 .It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
2476 mount the process file system inside jail
2479 .It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
2486 mount the device file system inside jail
2489 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
2492 .Dq Li /bin/sh /etc/rc
2494 This is the command executed at jail startup.
2495 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
2498 .Dq Li /bin/sh /etc/rc.shutdown
2500 This is the command executed at jail shutdown.
2501 .It Va jail_set_hostname_allow
2505 do not allow the root user in a jail to set its hostname.
2506 .It Va jail_socket_unixiproute_only
2510 do not allow any sockets,
2511 besides UNIX/IP/route sockets,
2512 to be used within a jail.
2513 .It Va jail_sysvipc_allow
2517 allow applications within a jail to use System V IPC.
2522 LVM volumes will be discovered and configured on boot.
2523 .It Va newsyslog_enable
2529 before syslogd starts.
2530 .It Va newsyslog_flags
2533 .Va newsyslog_enable
2536 these are the flags passed to
2538 .It Va resident_enable
2542 make the dynamic binaries listed in
2543 .Pa /etc/resident.conf
2545 .It Va varsym_enable
2550 .Pa /etc/varsym.conf
2551 to set system-wide variables for variant symlinks.
2556 or a whitespace separated list of IRQ numbers which will be used as a source of
2558 .\" -----------------------------------------------------
2563 to disable caching entropy via
2565 Otherwise set to the directory used to store entropy files in.
2570 to disable caching entropy through reboots.
2571 Otherwise set to the filename used to store cached entropy through reboots.
2572 This file should be located on the root file system to seed the
2574 device as early as possible in the boot process.
2586 Configuration file for
2595 .Pa /var/run/dmesg.boot
2597 .It Va rcshutdown_timeout
2599 If set, start a watchdog timer in the background which will terminate
2603 has not completed within the specified time (in seconds).
2604 Notice that in addition to this soft timeout,
2606 also applies a hard timeout for the execution of
2608 This is configured via
2611 .Va kern.init_shutdown_timeout
2612 and defaults to 120 seconds. Setting the value of
2613 .Va rcshutdown_timeout
2614 to more than 120 seconds will have no effect until the
2617 .Va kern.init_shutdown_timeout
2623 the udevd daemon will be started on boot.
2624 .It Va vfs_quota_enable
2628 vfs quota rc.d scripts will be run on boot.
2629 .It Va vfs_quota_sync
2631 List of mount points whose counters are to be synchronized with on-disk
2632 usage during system startup. See also
2634 .It Va vknetd_enable
2639 will be started on boot.
2642 Additional flags passed to
2644 Usually address/cidrbits is specified here.
2645 When no flags are passed, default option
2648 .It Va vkernel_enable
2652 any configured vkernels will not be started.
2653 .It Va vkernel_kill_timeout
2655 This defines the default number of seconds that we will wait for the
2656 vkernel to shut down on it's own. If after this time it's still alive,
2657 it will be killed with SIGKILL.
2660 Defines the default path to the vkernel binary.
2663 A space separated list of names for vkernels.
2664 This is purely a configuration aid to help identify and
2665 configure multiple vkernels.
2666 The names specified in this list will be used to
2667 identify settings common to a vkernel instance.
2668 Assuming that the vkernel in question was named
2670 you would have the following dependent variables
2671 (filled with reference values in this text):
2673 vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL/kernel.debug"
2674 vkernel_example_memsize="64m"
2675 vkernel_example_rootimg_list="/var/vkernel/rootimg.01"
2676 vkernel_example_iface_list="auto:bridge0"
2677 vkernel_example_logfile="/dev/null"
2678 vkernel_example_flags="-U"
2679 vkernel_example_kill_timeout="45"
2682 The last five are optional.
2683 They default to an empty string if not set, except for logfile which defaults to
2688 .Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact
2689 .It Pa /etc/defaults/rc.conf
2691 .It Pa /etc/rc.conf.local
2692 .It Pa /etc/start_if. Ns Aq Ar interface
2709 .Xr resident.conf 5 ,
2770 .An Jordan K. Hubbard .