4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
13 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE
17 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 .\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.64.2.52 2003/05/03 22:15:27 keramida Exp $
32 .Nd system configuration information
36 contains descriptive information about the local host name, configuration
37 details for any potential network interfaces and which services should be
38 started up at system initial boot time. In new installations, the
40 file is generally initialized by the system installation utility:
41 .Pa /stand/sysinstall .
45 is not to run commands or perform system startup actions
46 directly. Instead, it is included by the
47 various generic startup scripts in
49 which conditionalize their
50 internal actions according to the settings found there.
54 file is included from the file
55 .Pa /etc/defaults/rc.conf ,
56 which specifies the default settings for all the available options.
58 need only be specified in
60 when the system administrator wishes to override these defaults.
62 .Pa /etc/rc.conf.local
63 is used to override settings in
65 for historical reasons.
70 The following list provides a name and short description for each
71 variable that can be set in the
79 then no swapfile is installed, otherwise the value is used as the full
80 pathname to a file to use for additional swap space.
85 enable support for Automatic Power Management with
93 to handle APM event from userland.
94 This also enable support for APM.
101 these are the flags to pass to the
108 enable PCCARD support at boot time.
111 Set to PCCARD controller memory address or
113 for the default value.
114 .It Va pccard_ifconfig
116 List of arguments to be passed to
119 insertion of the card (e.g. "inet 192.168.1.1 netmask 255.255.255.0"
120 for a fixed address or "DHCP" for a DHCP client).
124 set the PCCARD controller to silent mode.
128 set it to melody mode.
131 Path to the configuration file for the
140 these are the flags to pass to the
143 .It Va pccard_ether_delay
145 Set the delay before starting
150 This defaults to 5 seconds to work around a bug in the
152 driver which can lead to system hangs when using some newer
157 List of directories to search for startup script files.
158 .It Va script_name_sep
160 The field separator to use for breaking down the list of startup script files
161 into individual filenames.
162 The default is a space.
163 It is not necessary to change this unless there are startup scripts with names
167 The Fully Qualified Domain Name of this host on the network.
168 This should almost certainly be set to something meaningful, even if
169 there is no network connection.
172 is used to set the hostname via DHCP,
173 this variable should be set to an empty string.
176 The NIS domain name of this host, or
181 Path to the DHCP client program
182 .Pa ( /sbin/dhclient ,
187 Additional flags to pass to the DHCP client program.
188 For the ISC DHCP client, see the
190 page for a description of the command line options available.
191 .It Va firewall_enable
195 to load firewall rules at startup.
196 If the kernel was not built with
199 kernel module will be loaded.
201 .Va ipfilter_enable .
202 .It Va firewall_script
204 This variable specifies the full path to the firewall script to run.
206 .Pa /etc/rc.firewall .
209 Names the firewall type from the selection in
210 .Pa /etc/rc.firewall ,
211 or the file which contains the local firewall ruleset. Valid selections
213 .Pa /etc/rc.firewall ,
216 - unrestricted IP access;
218 - all IP services disabled, except via lo0;
220 - basic protection for a workstation;
222 - basic protection for a LAN. If a filename is specified, the full path
224 .It Va firewall_quiet
228 to disable the display of ipfw rules on the console during boot.
229 .It Va firewall_logging
233 to enable ipfw event logging.
234 This is equivalent to the
235 .Dv IPFIREWALL_VERBOSE
237 .It Va firewall_flags
243 specifies a filename.
258 sockets must be enabled in the kernel.
259 .It Va natd_interface
261 This is the name of the public interface on which natd should run.
262 The interface may be given as an interface name or as an IP address.
265 Additional natd flags should be placed here. The
269 flag is automatically added with the above
272 .\" ----- ipfilter_enable setting --------------------------------
273 .It Va ipfilter_enable
284 Typical usage will require putting
286 ipfilter_enable="YES"
304 can be enabled independently.
308 both require at least one of
318 options IPFILTER_DEFAULT_BLOCK
321 in the kernel configuration file is a good idea, too.
322 .\" ----- ipfilter_program setting ------------------------------
323 .It Va ipfilter_program
329 .\" ----- ipfilter_rules setting --------------------------------
330 .It Va ipfilter_rules
335 This variable contains the name of the filter rule definition file.
336 The file is expected to be readable for the
339 .\" ----- ipfilter_flags setting --------------------------------
340 .It Va ipfilter_flags
343 This variable contains flags passed to the
346 .\" ----- ipnat_enable setting ----------------------------------
356 network address translation.
359 for a detailed discussion.
360 .\" ----- ipnat_program setting ---------------------------------
367 .\" ----- ipnat_rules setting -----------------------------------
373 This variable contains the name of the file
374 holding the network address translation definition.
375 This file is expected to be readable for the
378 .\" ----- ipnat_flags setting -----------------------------------
382 This variable contains flags passed to the
385 .\" ----- ipmon_enable setting ----------------------------------
400 Setting this variable needs setting
407 for a detailed discussion.
408 .\" ----- ipmon_program setting ---------------------------------
415 .\" ----- ipmon_flags setting -----------------------------------
421 This variable contains flags passed to the
424 Another typical example would be
425 .Dq -D /var/log/ipflog
428 log directly to a file bypassing
431 .Pa /etc/newsyslog.conf
432 in such case like this:
434 /var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
436 .\" ----- ipfs_enable setting -----------------------------------
446 saving the filter and NAT state tables during shutdown
447 and reloading them during startup again.
448 Setting this variable needs setting
457 for a detailed discussion.
463 because the raised securelevel will prevent
465 from saving the state tables at shutdown time.
466 .\" ----- ipfs_program setting ----------------------------------
473 .\" ----- ipfs_flags setting ------------------------------------
477 This variable contains flags passed to the
480 .\" ----- end of added ipf hook ---------------------------------
481 .It Va tcp_extensions
486 Setting this to NO disables certain TCP options as described by
492 might help remedy such problems with connections as randomly hanging
493 or other weird behavior.
494 Some network devices are known
495 to be broken with respect to these options.
502 .Sy net.inet.tcp.log_in_vain
504 .Sy net.inet.udp.log_in_vain
509 are set to the given value.
515 Setting to NO will disable probing idle TCP connections to verify that the
516 peer is still up and reachable.
517 .It Va tcp_drop_synfin
522 Setting to YES will cause the kernel to ignore TCP frames that have both
523 the SYN and FIN flags set.
524 This prevents OS fingerprinting, but may
525 break some legitimate applications.
526 This option is only available if the
527 kernel was built with the
530 .It Va icmp_drop_redirect
535 Setting to YES will cause the kernel to ignore ICMP REDIRECT packets.
536 .It Va icmp_log_redirect
541 Setting to YES will cause the kernel to log ICMP REDIRECT packets.
543 the log messages are not rate-limited, so this option should only be used
544 for troubleshooting networks.
545 .It Va network_interfaces
547 Set to the list of network interfaces to configure on this host.
548 For example, if the only network devices in the system are the loopback
551 and a NIC using the ed0 driver,
555 .Va ifconfig_ Ns Aq Ar interface
556 variable is also assumed to exist for each value of
558 It is also possible to add IP alias entires here in cases where
559 multiple IP addresses registered against a single interface
561 Assuming that the interface in question was ed0, it might look
564 ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
565 ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
570 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
572 its contents are passed to
574 Execution stops at the first unsuccessful access, so if
575 something like this is present:
577 ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
578 ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
579 ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
580 ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
583 Then note that alias4 would
585 be added since the search would
586 stop with the missing alias3 entry.
588 It is possible to bring up an interface with DHCP by setting the
589 .Va ifconfig_ Ns Aq Ar interface
592 For instance, to initialize the ed0 device via DHCP,
593 it is possible to use something like:
597 .It Va cloned_interfaces
599 Set to the list of clonable network interfaces to create on this host.
601 .Va cloned_interfaces
602 are automatically appended to
603 .Va network_interfaces
605 .It Va gif_interfaces
609 tunnel interfaces to configure on this host.
611 .Va gifconfig_ Ns Aq Ar interface
612 variable is assumed to exist for each value of
614 The value of this variable is used to configure the link layer of the
615 tunnel according to the syntax of the
619 Additionaly, this option ensures that each listed interface is created
624 before attempting to configure it.
634 Mode in which to run the
636 daemon. Accepted modes are
642 See the manual for a full description.
647 enables packet aliasing.
648 Used in conjunction with
650 allows hosts on private network addresses access to the Internet using
651 this host as a network address translating router.
654 The name of the profile to use from
655 .Pa /etc/ppp/ppp.conf .
658 The name of the user under which ppp should be started.
660 default, ppp is started as
664 This option is used to specify a list of files that will override
666 .Pa /etc/defaults/rc.conf .
667 The files will be read in the order in which they are specified and should
668 include the full path to the file.
669 By default, the files specified are
672 .Pa /etc/rc.conf.local
678 will be run with the -y flag if the initial preen
679 of the filesystems fails.
680 .It Va syslogd_enable
687 .It Va syslogd_program
692 .Pa /usr/sbin/syslogd ) .
699 these are the flags to pass to
713 .Pa /usr/sbin/inetd ) .
720 these are the flags to pass to
734 .Pa /usr/sbin/named ) .
741 these are the flags to pass to
743 .It Va kerberos_server_enable
747 to start a Kerberos IV authentication server
749 .It Va kadmind_server_enable
755 the Kerberos IV Administration Daemon; set to
758 .It Va kerberos_stash
762 instruct the Kerberos servers to use the stashed master key instead of
763 prompting for it (only if
764 .Va kerberos_server_enable
771 .It Va kerberos5_server_enable
775 to start a Kerberos 5 authentication server
777 .It Va kadmind5_server_enable
783 the Kerberos 5 Administration Daemon; set to
799 these are the flags to pass to it.
813 these are the flags to pass to it.
817 page for more information.
818 .It Va amd_map_program
821 the specified program is run to get the list of
826 maps are stored in NIS, one can set this to
839 will be updated at boot time to reflect the kernel release
844 .It Va nfs_client_enable
848 run the NFS client daemons at boot time.
849 .It Va nfs_client_flags
852 .Va nfs_client_enable
855 these are the flags to pass to the
858 .It Va nfs_access_cache
861 .Va nfs_client_enable
866 to disable NFS ACCESS RPC caching, or to the number of seconds for which
868 results should be cached.
869 A value of 2-10 seconds will substantially reduce network
870 traffic for many NFS operations.
871 .It Va nfs_server_enable
875 run the NFS server daemons at boot time.
876 .It Va nfs_server_flags
879 .Va nfs_server_enable
882 these are the flags to pass to the
885 .It Va single_mountd_enable
890 .Va nfs_server_enable
896 It is commonly needed to run CFS without real NFS used.
903 these are the flags to pass to the
906 .It Va weak_mountd_authentication
910 allow services like PCNFSD to make non-privileged mount
912 .It Va nfs_reserved_port_only
916 provide NFS services only on a secure port.
917 .It Va nfs_bufpackets
919 If set to a number, indicates the number of packets worth of
920 socket buffer space to reserve on an NFS client.
921 The kernel default is typically 4.
922 Using a higher number may be
923 useful on gigabit networks to improve performance.
925 2 and the maximum is 64.
926 .It Va rpc_lockd_enable
930 and also an NFS server, run
933 .It Va rpc_statd_enable
937 and also an NFS server, run
940 .It Va portmap_program
945 .Pa /usr/sbin/portmap ) .
946 .It Va portmap_enable
952 service at boot time.
959 these are the flags to pass to the
975 these are the flags to pass to the
984 daemon at boot time to provide PPP over Ethernet services.
985 .It Va pppoed_ Ns Ar provider
988 listens to requests to this
994 argument of the same name.
997 Additional flags to pass to
999 .It Va pppoed_interface
1001 The network interface to run pppoed on. This is mandatory when
1011 service at boot time. This command is intended for networks of
1012 machines where a consistent
1014 for all hosts must be established. This is often useful in large NFS
1015 environments where time stamps on files are expected to be consistent
1023 these are the flags to pass to the
1026 .It Va ntpdate_enable
1030 run ntpdate at system startup. This command is intended to
1031 synchronize the system clock only
1033 from some standard reference. An option to set this up initially
1034 (from a list of known servers) is also provided by the
1035 .Pa /stand/sysinstall
1036 program when the system is first installed.
1037 .It Va ntpdate_program
1042 .Pa /usr/sbin/ntpdate ) .
1043 .It Va ntpdate_flags
1049 these are the flags to pass to the
1051 command (typically a hostname).
1058 command at boot time.
1059 .It Va xntpd_program
1064 .Pa /usr/sbin/ntpd ) .
1071 these are the flags to pass to the
1074 .It Va nis_client_enable
1080 service at system boot time.
1081 .It Va nis_client_flags
1084 .Va nis_client_enable
1087 these are the flags to pass to the
1090 .It Va nis_ypset_enable
1096 daemon at system boot time.
1097 .It Va nis_ypset_flags
1100 .Va nis_ypset_enable
1103 these are the flags to pass to the
1106 .It Va nis_server_enable
1112 daemon at system boot time.
1113 .It Va nis_server_flags
1116 .Va nis_server_enable
1119 these are the flags to pass to the
1122 .It Va nis_ypxfrd_enable
1128 daemon at system boot time.
1129 .It Va nis_ypxfrd_flags
1132 .Va nis_ypxfrd_enable
1135 these are the flags to pass to the
1138 .It Va nis_yppasswdd_enable
1144 daemon at system boot time.
1145 .It Va nis_yppasswdd_flags
1148 .Va nis_yppasswdd_enable
1151 these are the flags to pass to the
1154 .It Va defaultrouter
1158 then create a default route to this host name or IP address
1159 (use an IP address if this router is also required to get to the
1161 .It Va static_routes
1163 Set to the list of static routes that are to be added at system
1164 boot time. If not set to
1166 then for each whitespace separated
1169 .Va route_ Ns Aq Ar element
1170 variable is assumed to exist
1171 whose contents will later be passed to a
1174 .It Va gateway_enable
1178 then configure host to at as an IP router, e.g. to forward packets
1180 .It Va router_enable
1184 then run a routing daemon of some sort, based on the
1195 this is the name of the routing daemon to use.
1202 these are the flags to pass to the routing daemon.
1203 .It Va mrouted_enable
1207 then run the multicast routing daemon,
1209 .It Va mrouted_flags
1215 these are the flags to pass to the multicast routing daemon.
1216 .It Va ipxgateway_enable
1220 then enable the routing of IPX traffic.
1221 .It Va ipxrouted_enable
1227 daemon at system boot time.
1228 .It Va ipxrouted_flags
1231 .Va ipxrouted_enable
1234 these are the flags to pass to the
1241 then enable global proxy ARP.
1242 .It Va forward_sourceroute
1250 source routed packets are forwarded.
1251 .It Va accept_sourceroute
1255 then the system will accept source routed packets directed at it.
1262 daemon at system boot time.
1269 these are the flags to pass to the
1276 to enable the configuration of ATM interfaces at system boot time.
1277 For all of the ATM variables described below, please refer to the
1279 man page for further details on the available command parameters.
1280 Also refer to the files in
1281 .Pa /usr/share/examples/atm
1282 for more detailed configuration information.
1283 .It Va atm_netif_<intf>
1285 For the ATM physical interface
1287 this variable defines the name prefix and count for the ATM network interfaces to be created.
1288 The value will be passed as the parameters of an
1289 .Dq atm set netif Va <intf>
1291 .It Va atm_sigmgr_<intf>
1293 For the ATM physical interface
1295 this variable defines the ATM signalling manager to be used.
1296 The value will be passed as the parameters of an
1297 .Dq atm attach Va <intf>
1299 .It Va atm_prefix_<intf>
1301 For the ATM physical interface
1303 this variable defines the NSAP prefix for interfaces using a UNI signalling
1306 then the prefix will automatically be set via the
1308 daemon. Otherwise, the value will be passed as the parameters of an
1309 .Dq atm set prefix Va <intf>
1311 .It Va atm_macaddr_<intf>
1313 For the ATM physical interface
1315 this variable defines the MAC address for interfaces using a UNI signalling
1318 then the hardware MAC address contained in the ATM interface card will be used.
1319 Otherwise, the value will be passed as the parameters of an
1320 .Dq atm set mac Va <intf>
1322 .It Va atm_arpserver_<netif>
1324 For the ATM network interface
1326 this variable defines the ATM address for a host which is to provide ATMARP
1327 service. This variable is only applicable to interfaces using a UNI signalling
1330 then this host will become an ATMARP server.
1331 The value will be passed as the parameters of an
1332 .Dq atm set arpserver Va <netif>
1334 .It Va atm_scsparp_<netif>
1338 then SCSP/ATMARP service for the network interface
1340 will be initiated using the
1344 daemons. This variable is only applicable if
1346 .Va atm_arpserver_ Ns Aq Ar netif
1352 Set to the list of ATM PVCs to be added at system
1353 boot time. For each whitespace separated
1356 .Va atm_pvc_ Ns Aq Ar element
1357 variable is assumed to exist. The value of each of these variables
1358 will be passed as the parameters of an
1363 Set to the list of permanent ATM ARP entries to be added
1364 at system boot time. For each whitespace separated
1367 .Va atm_arp_ Ns Aq Ar element
1368 variable is assumed to exist. The value of each of these variables
1369 will be passed as the parameters of an
1376 then no keymap is installed, otherwise the value is used to install
1378 .Pa /usr/share/syscons/keymaps/<value>.kbd
1381 The keyboard repeat speed. Set to
1387 if the default behavior is desired.
1392 attempt to program the function keys with the value. The value should
1393 be a single string of the form:
1394 .Qq Ar "<funkey_number> <new_value> [<funkey_number> <new_value>]..."
1397 Can be set to the value of
1403 to set the cursor behavior explicitly or choose the default behavior.
1408 then no screen map is installed, otherwise the value is used to install
1409 the screen map file in
1410 .Pa /usr/share/syscons/scrnmaps/<value> .
1415 then the default 8x16 font value is used for screen size requests, otherwise
1417 .Pa /usr/share/syscons/fonts/<value>
1423 then the default 8x14 font value is used for screen size requests, otherwise
1425 .Pa /usr/share/syscons/fonts/<value>
1431 then the default 8x8 font value is used for screen size requests, otherwise
1433 .Pa /usr/share/syscons/fonts/<value>
1439 then the default screen blanking interval is used, otherwise it is set
1447 this is the actual screen saver to use (blank, snake, daemon, etc).
1448 .It Va moused_enable
1454 daemon is started for doing cut/paste selection on the console.
1457 This is the protocol type of the mouse connected to this host.
1458 This variable must be set if
1465 is able to detect the appropriate mouse type automatically in many cases.
1466 Set this variable to
1468 to let the daemon detect it, or
1469 select one from the following list if the automatic detection fails.
1471 If the mouse is attached to the PS/2 mouse port, choose
1475 regardless of the brand and model of the mouse. Likewise, if the
1476 mouse is attached to the bus mouse port, choose
1480 All other protocols are for serial mice and will not work with
1481 the PS/2 and bus mice.
1482 If this is a USB mouse,
1484 is the only protocol type which will work.
1486 microsoft Microsoft mouse (serial)
1487 intellimouse Microsoft IntelliMouse (serial)
1488 mousesystems Mouse systems Corp mouse (serial)
1489 mmseries MM Series mouse (serial)
1490 logitech Logitech mouse (serial)
1491 busmouse A bus mouse
1492 mouseman Logitech MouseMan and TrackMan (serial)
1493 glidepoint ALPS GlidePoint (serial)
1494 thinkingmouse Kensington ThinkingMouse (serial)
1496 mmhittab MM HitTablet (serial)
1497 x10mouseremote X10 MouseRemote (serial)
1498 versapad Interlink VersaPad (serial)
1501 Even if the mouse is not in the above list, it may be compatible
1502 with one in the list.
1503 Refer to the man page for
1505 for compatibility information.
1507 It should also be noted that while this is enabled, any
1508 other client of the mouse (such as an X server) should access
1509 the mouse through the virtual mouse device:
1511 and configure it as a sysmouse type mouse, since all
1512 mouse data is converted to this single canonical format when
1515 If the client program does not support the sysmouse type,
1516 specify the mousesystems type.
1517 It is the second preferred type.
1524 this is the actual port the mouse is on.
1527 for a COM1 serial mouse,
1531 for a bus mouse, for example.
1536 is set, these are the additional flags to pass to the
1539 .It Va allscreens_flags
1543 is run with these options for each of the virtual terminals
1547 will enable the mouse pointer on all virtual terminals
1558 daemon at system boot time.
1564 .Pa /usr/sbin/cron ) .
1571 these are the flags to pass to
1578 .Pa /usr/sbin/lpd ) .
1585 daemon at system boot time.
1592 these are the flags to pass to the
1595 .It Va mta_start_script
1597 This variable specifies the full path to the script to run to start
1598 a mail transfer agent.
1600 .Pa /etc/rc.sendmail .
1604 .Pa /etc/rc.sendmail
1605 uses are documented in the
1610 Indicates the device (usually a swap partition) to which a crash dump
1611 should be written in the event of a system crash.
1612 The value of this variable is passed as the argument to
1614 To disable crash dumps, set this variable to
1618 When the system reboots after a crash and a crash dump is found on the
1619 device specified by the
1623 will save that crash dump and a copy of the kernel to the directory
1627 The default value is
1636 .It Va savecore_flags
1638 If crash dumps are enabled, these are the flags to pass to the
1641 .It Va enable_quotas
1645 to turn on user disk quotas on system startup via the
1652 to enable user disk quota checking via the
1655 .It Va accounting_enable
1659 to enable system accounting through the
1666 to enable iBCS2 (SCO) binary emulation at system initial boot
1668 .It Va ibcs2_loaders
1676 this specifies a list of additional iBCS2 loaders to enable.
1681 to enable Linux/ELF binary emulation at system initial
1687 to enable OSF/1 (Digital UNIX) binary emulation at system
1692 Set to the list of IRQs to monitor for random number creation
1693 (see the man page for
1694 .Xr rndcontrol 8 ) .
1695 .It Va clear_tmp_enable
1702 .It Va ldconfig_paths
1704 Set to the list of shared library paths to use with
1708 will always be added first, so it need not appear in this list.
1709 .It Va ldconfig_insecure
1713 utility normally refuses to use directories
1714 which are writable by anyone except root.
1715 Set this variable to
1717 to disable that security check during system startup.
1718 .It Va kern_securelevel_enable
1722 to set the kernel security level at system startup.
1723 .It Va kern_securelevel
1725 The kernel security level to set at startup.
1726 The allowed range of
1728 ranges from -1 (the compile time default) to 3 (the
1731 for the list of possible security levels and their effect
1732 on system operation.
1739 at system boot time.
1742 Path to the SSH server program
1743 .Pa ( /usr/sbin/sshd
1751 at system boot time.
1758 these are the flags to pass to the
1761 .It Va unaligned_print
1765 then unaligned access warnings will not be printed.
1767 .\" ----- isdn settings ---------------------------------
1775 starts the isdn daemon
1777 at system boot time.
1783 Additional flags to pass to
1789 for certain tunable parameters).
1795 The terminal type of the output device when
1797 operates in fullscreen mode.
1798 .It Va isdn_screenflags
1803 The video mode for fullscreen mode (only for
1813 The output device for
1815 in fullscreen mode (or
1825 enables the ISDN protocol trace utility
1826 .Pa /usr/sbin/isdntrace
1827 at system boot time.
1828 .It Va isdn_traceflags
1831 .Dq -f /var/tmp/isdntrace0
1834 .Pa /usr/sbin/isdntrace .
1835 .\" -----------------------------------------------------
1838 .Bl -tag -width /etc/defaults/rc.conf -compact
1839 .It Pa /etc/defaults/rc.conf
1841 .It Pa /etc/rc.conf.local
1905 .An Jordan K. Hubbard .