Add the DragonFly cvs id and perform general cleanups on cvs/rcs/sccs ids. Most

[dragonfly.git] / share / man / man5 / rc.conf.5

.\" Copyright (c) 1995
.\"     Jordan K. Hubbard
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.64.2.52 2003/05/03 22:15:27 keramida Exp $
.\"
.Dd March 3, 2002
.Dt RC.CONF 5
.Os
.Sh NAME
.Nm rc.conf
.Nd system configuration information
.Sh DESCRIPTION
The file
.Nm
contains descriptive information about the local host name, configuration
details for any potential network interfaces and which services should be
started up at system initial boot time.  In new installations, the
.Nm
file is generally initialized by the system installation utility:
.Pa /stand/sysinstall .
.Pp
The purpose of
.Nm
is not to run commands or perform system startup actions
directly.  Instead, it is included by the
various generic startup scripts in
.Pa /etc
which conditionalize their
internal actions according to the settings found there.
.Pp
The
.Pa /etc/rc.conf
file is included from the file
.Pa /etc/defaults/rc.conf ,
which specifies the default settings for all the available options.
Options
need only be specified in
.Pa /etc/rc.conf
when the system administrator wishes to override these defaults.
The file
.Pa /etc/rc.conf.local
is used to override settings in
.Pa /etc/rc.conf
for historical reasons.
See the
.Dq rc_conf_files
option below.
.Pp
The following list provides a name and short description for each
variable that can be set in the
.Nm
file:
.Bl -tag -width Ar
.It Va swapfile
.Pq Vt str
If set to
.Dq NO
then no swapfile is installed, otherwise the value is used as the full
pathname to a file to use for additional swap space.
.It Va apm_enable
.Pq Vt bool
If set to
.Dq YES ,
enable support for Automatic Power Management with
the
.Xr apm 8
command.
.It Va apmd_enable
.Pq Vt bool
Run
.Xr apmd 8
to handle APM event from userland.
This also enable support for APM.
.It Va apmd_flags
.Pq Vt str
If
.Va apmd_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr apmd 8
daemon.
.It Va pccard_enable
.Pq Vt bool
If set to
.Dq YES ,
enable PCCARD support at boot time.
.It Va pccard_mem
.Pq Vt str
Set to PCCARD controller memory address or
.Dq DEFAULT
for the default value.
.It Va pccard_ifconfig
.Pq Vt str
List of arguments to be passed to
.Xr ifconfig 8
at boot time or on
insertion of the card (e.g. "inet 192.168.1.1 netmask 255.255.255.0"
for a fixed address or "DHCP" for a DHCP client).
.It Va pccard_beep
.Pq Vt int
If 0,
set the PCCARD controller to silent mode.
If 1,
set it to beep mode.
If 2,
set it to melody mode.
.It Va pccard_conf
.Pq Vt str
Path to the configuration file for the
.Xr pccardd 8
daemon.
.It Va pccardd_flags
.Pq Vt str
If
.Va pccard_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr pccardd 8
daemon.
.It Va pccard_ether_delay
.Pq Vt str
Set the delay before starting
.Xr dhclient 8
in
.Xr pccard_ether 8
script.
This defaults to 5 seconds to work around a bug in the
.Xr ed 4
driver which can lead to system hangs when using some newer
.Xr ed 4
based cards.
.It Va local_startup
.Pq Vt str
List of directories to search for startup script files.
.It Va script_name_sep
.Pq Vt str
The field separator to use for breaking down the list of startup script files
into individual filenames.
The default is a space.
It is not necessary to change this unless there are startup scripts with names
containing spaces.
.It Va hostname
.Pq Vt str
The Fully Qualified Domain Name of this host on the network.
This should almost certainly be set to something meaningful, even if
there is no network connection.
If
.Xr dhclient 8
is used to set the hostname via DHCP,
this variable should be set to an empty string.
.It Va nisdomainname
.Pq Vt str
The NIS domain name of this host, or
.Dq NO
if NIS is not used.
.It Va dhcp_program
.Pq Vt str
Path to the DHCP client program
.Pa ( /sbin/dhclient ,
the ISC DHCP client,
is the default).
.It Va dhcp_flags
.Pq Vt str
Additional flags to pass to the DHCP client program.
For the ISC DHCP client, see the
.Xr dhclient 8
page for a description of the command line options available.
.It Va firewall_enable
.Pq Vt bool
Set to
.Dq YES
to load firewall rules at startup.
If the kernel was not built with
.Dv IPFIREWALL ,
the ipfw
kernel module will be loaded.
See also
.Va ipfilter_enable .
.It Va firewall_script
.Pq Vt str
This variable specifies the full path to the firewall script to run.
The default is
.Pa /etc/rc.firewall .
.It Va firewall_type
.Pq Vt str
Names the firewall type from the selection in
.Pa /etc/rc.firewall ,
or the file which contains the local firewall ruleset.  Valid selections
from
.Pa /etc/rc.firewall ,
are
.Dq open
- unrestricted IP access;
.Dq closed
- all IP services disabled, except via lo0;
.Dq client
- basic protection for a workstation;
.Dq simple
- basic protection for a LAN.  If a filename is specified, the full path
must be given.
.It Va firewall_quiet
.Pq Vt bool
Set to
.Dq YES
to disable the display of ipfw rules on the console during boot.
.It Va firewall_logging
.Pq Vt bool
Set to
.Dq YES
to enable ipfw event logging.
This is equivalent to the
.Dv IPFIREWALL_VERBOSE
kernel option.
.It Va firewall_flags
.Pq Vt str
Flags passed to
.Xr ipfw 8
if
.Va firewall_type
specifies a filename.
.It Va natd_program
.Pq Vt str
Path to
.Xr natd 8 .
.It Va natd_enable
.Pq Vt bool
Set to
.Dq YES
to enable natd.
.Va firewall_enable
must also be set to
.Dq YES ,
and
.Xr divert 4
sockets must be enabled in the kernel.
.It Va natd_interface
.Pq Vt str
This is the name of the public interface on which natd should run.
The interface may be given as an interface name or as an IP address.
.It Va natd_flags
.Pq Vt str
Additional natd flags should be placed here.  The
.Fl n
or
.Fl a
flag is automatically added with the above
.Va natd_interface
as an argument.
.\" ----- ipfilter_enable setting --------------------------------
.It Va ipfilter_enable
.Pq Vt bool
Set to
.Dq NO
by default.
Setting this to
.Dq YES
enables
.Xr ipf 8
packet filtering.
.Pp
Typical usage will require putting
.Bd -literal
ipfilter_enable="YES"
ipnat_enable="YES"
ipmon_enable="YES"
ipfs_enable="YES"
.Ed
.Pp
into
.Pa /etc/rc.conf
and editing
.Pa /etc/ipf.rules
and
.Pa /etc/ipnat.rules
appropriately.
.Pp
Note that
.Va ipfilter_enable
and
.Va ipnat_enable
can be enabled independently.
.Va ipmon_enable
and
.Va ipfs_enable
both require at least one of
.Va ipfilter_enable
and
.Va ipnat_enable
to be enabled.
.Pp
Having
.Bd -literal
options  IPFILTER
options  IPFILTER_LOG
options  IPFILTER_DEFAULT_BLOCK
.Ed
.Pp
in the kernel configuration file is a good idea, too.
.\" ----- ipfilter_program setting ------------------------------
.It Va ipfilter_program
.Pq Vt str
Path to
.Xr ipf 8
(default
.Pa /sbin/ipf ) .
.\" ----- ipfilter_rules setting --------------------------------
.It Va ipfilter_rules
.Pq Vt str
Set to
.Dq /etc/ipf.rules
by default.
This variable contains the name of the filter rule definition file.
The file is expected to be readable for the
.Xr ipf 8
command to execute.
.\" ----- ipfilter_flags setting --------------------------------
.It Va ipfilter_flags
.Pq Vt str
Empty by default.
This variable contains flags passed to the
.Xr ipf 8
program.
.\" ----- ipnat_enable setting ----------------------------------
.It Va ipnat_enable
.Pq Vt bool
Set to
.Dq NO
by default.
Set it to
.Dq YES
to enable
.Xr ipnat 1
network address translation.
See
.Va ipfilter_enable
for a detailed discussion.
.\" ----- ipnat_program setting ---------------------------------
.It Va ipnat_program
.Pq Vt str
Path to
.Xr ipnat 1
(default
.Pa /sbin/ipnat ) .
.\" ----- ipnat_rules setting -----------------------------------
.It Va ipnat_rules
.Pq Vt str
Set to
.Dq /etc/ipnat.rules
by default.
This variable contains the name of the file
holding the network address translation definition.
This file is expected to be readable for the
.Xr ipnat 1
command to execute.
.\" ----- ipnat_flags setting -----------------------------------
.It Va ipnat_flags
.Pq Vt str
Empty by default.
This variable contains flags passed to the
.Xr ipnat 1
program.
.\" ----- ipmon_enable setting ----------------------------------
.It Va ipmon_enable
.Pq Vt bool
Set to
.Dq NO
by default.
Set it to
.Dq YES
to enable
.Xr ipmon 8
monitoring (logging
.Xr ipf 8
and
.Xr ipnat 1
events).
Setting this variable needs setting
.Va ipfilter_enable
or
.Va ipnat_enable
too.
See
.Va ipfilter_enable
for a detailed discussion.
.\" ----- ipmon_program setting ---------------------------------
.It Va ipmon_program
.Pq Vt str
Path to
.Xr ipmon 8
(default
.Pa /sbin/ipmon ) .
.\" ----- ipmon_flags setting -----------------------------------
.It Va ipmon_flags
.Pq Vt str
Set to
.Dq -Ds
by default.
This variable contains flags passed to the
.Xr ipmon 8
program.
Another typical example would be
.Dq -D /var/log/ipflog
to have
.Xr ipmon 8
log directly to a file bypassing
.Xr syslogd 8 .
Make sure to adjust
.Pa /etc/newsyslog.conf
in such case like this:
.Bd -literal
/var/log/ipflog  640  10  100  *  Z  /var/run/ipmon.pid
.Ed
.\" ----- ipfs_enable setting -----------------------------------
.It Va ipfs_enable
.Pq Vt bool
Set to
.Dq NO
by default.
Set it to
.Dq YES
to enable
.Xr ipfs 8
saving the filter and NAT state tables during shutdown
and reloading them during startup again.
Setting this variable needs setting
.Va ipfilter_enable
or
.Va ipnat_enable
to
.Dq YES
too.
See
.Va ipfilter_enable
for a detailed discussion.
Note that if
.Va kern_securelevel
is set to 3,
.Va ipfs_enable
cannot be used
because the raised securelevel will prevent
.Xr ipfs 8
from saving the state tables at shutdown time.
.\" ----- ipfs_program setting ----------------------------------
.It Va ipfs_program
.Pq Vt str
Path to
.Xr ipfs 8
(default
.Pa /sbin/ipfs ) .
.\" ----- ipfs_flags setting ------------------------------------
.It Va ipfs_flags
.Pq Vt str
Empty by default.
This variable contains flags passed to the
.Xr ipfs 8
program.
.\" ----- end of added ipf hook ---------------------------------
.It Va tcp_extensions
.Pq Vt bool
Set to
.Dq YES
by default.
Setting this to NO disables certain TCP options as described by
.Rs
.%T RFC 1323
.Re
Setting this to
.Dq NO
might help remedy such problems with connections as randomly hanging
or other weird behavior.
Some network devices are known
to be broken with respect to these options.
.It Va log_in_vain
.Pq Vt int
Set to 0 by default.
The
.Xr sysctl 8
variables,
.Sy net.inet.tcp.log_in_vain
and
.Sy net.inet.udp.log_in_vain
as described in
.Xr tcp 4
and
.Xr udp 4 ,
are set to the given value.
.It Va tcp_keepalive
.Pq Vt bool
Set to
.Dq YES
by default.
Setting to NO will disable probing idle TCP connections to verify that the
peer is still up and reachable.
.It Va tcp_drop_synfin
.Pq Vt bool
Set to
.Dq NO
by default.
Setting to YES will cause the kernel to ignore TCP frames that have both
the SYN and FIN flags set.
This prevents OS fingerprinting, but may
break some legitimate applications.
This option is only available if the
kernel was built with the
.Dv TCP_DROP_SYNFIN
option.
.It Va icmp_drop_redirect
.Pq Vt bool
Set to
.Dq NO
by default.
Setting to YES will cause the kernel to ignore ICMP REDIRECT packets.
.It Va icmp_log_redirect
.Pq Vt bool
Set to
.Dq NO
by default.
Setting to YES will cause the kernel to log ICMP REDIRECT packets.
Note that
the log messages are not rate-limited, so this option should only be used
for troubleshooting networks.
.It Va network_interfaces
.Pq Vt str
Set to the list of network interfaces to configure on this host.
For example, if the only network devices in the system are the loopback
device
(lo0)
and a NIC using the ed0 driver,
this could be set to
.Dq "lo0 ed0"
An
.Va ifconfig_ Ns Aq Ar interface
variable is also assumed to exist for each value of
.Ar interface .
It is also possible to add IP alias entires here in cases where
multiple IP addresses registered against a single interface
are desired.
Assuming that the interface in question was ed0, it might look
something like this:
.Bd -literal
ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
.Ed
.Pp
And so on.
For each
.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
entry that is found,
its contents are passed to
.Xr ifconfig 8 .
Execution stops at the first unsuccessful access, so if
something like this is present:
.Bd -literal
ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
.Ed
.Pp
Then note that alias4 would
.Em not
be added since the search would
stop with the missing alias3 entry.
.Pp
It is possible to bring up an interface with DHCP by setting the
.Va ifconfig_ Ns Aq Ar interface
variable to
.Dq DHCP .
For instance, to initialize the ed0 device via DHCP,
it is possible to use something like:
.Bd -literal
ifconfig_ed0="DHCP"
.Ed
.It Va cloned_interfaces
.Pq Vt str
Set to the list of clonable network interfaces to create on this host.
Entries in
.Va cloned_interfaces
are automatically appended to
.Va network_interfaces
for configuration.
.It Va gif_interfaces
.Pq Vt str
Set to the list of
.Xr gif 4
tunnel interfaces to configure on this host.
A
.Va gifconfig_ Ns Aq Ar interface
variable is assumed to exist for each value of
.Ar interface .
The value of this variable is used to configure the link layer of the
tunnel according to the syntax of the
.Cm tunnel
option to
.Xr ifconfig 8 .
Additionaly, this option ensures that each listed interface is created
via the
.Cm create
option to
.Xr ifconfig 8
before attempting to configure it.
.It Va ppp_enable
.Pq Vt bool
If set to
.Dq YES ,
run the
.Xr ppp 8
daemon.
.It Va ppp_mode
.Pq Vt str
Mode in which to run the
.Xr ppp 8
daemon.  Accepted modes are
.Dq auto ,
.Dq ddial ,
.Dq direct
and
.Dq dedicated .
See the manual for a full description.
.It Va ppp_nat
.Pq Vt bool
If set to
.Dq YES ,
enables packet aliasing.
Used in conjunction with
.Va gateway_enable
allows hosts on private network addresses access to the Internet using
this host as a network address translating router.
.It Va ppp_profile
.Pq Vt str
The name of the profile to use from
.Pa /etc/ppp/ppp.conf .
.It Va ppp_user
.Pq Vt str
The name of the user under which ppp should be started.
By
default, ppp is started as
.Dq root .
.It Va rc_conf_files
.Pq Vt str
This option is used to specify a list of files that will override
the settings in
.Pa /etc/defaults/rc.conf .
The files will be read in the order in which they are specified and should
include the full path to the file.
By default, the files specified are
.Pa /etc/rc.conf
and
.Pa /etc/rc.conf.local
.It Va fsck_y_enable
.Pq Vt bool
If set to
.Dq YES ,
.Xr fsck 8
will be run with the -y flag if the initial preen
of the filesystems fails.
.It Va syslogd_enable
.Pq Vt bool
If set to
.Dq YES ,
run the
.Xr syslogd 8
daemon.
.It Va syslogd_program
.Pq Vt str
Path to
.Xr syslogd 8
(default
.Pa /usr/sbin/syslogd ) .
.It Va syslogd_flags
.Pq Vt str
If
.Va syslogd_enable
is set to
.Dq YES ,
these are the flags to pass to
.Xr syslogd 8 .
.It Va inetd_enable
.Pq Vt bool
If set to
.Dq YES ,
run the
.Xr inetd 8
daemon.
.It Va inetd_program
.Pq Vt str
Path to
.Xr inetd 8
(default
.Pa /usr/sbin/inetd ) .
.It Va inetd_flags
.Pq Vt str
If
.Va inetd_enable
is set to
.Dq YES ,
these are the flags to pass to
.Xr inetd 8 .
.It Va named_enable
.Pq Vt bool
If set to
.Dq YES ,
run the
.Xr named 8
daemon.
.It Va named_program
.Pq Vt str
Path to
.Xr named 8
(default
.Pa /usr/sbin/named ) .
.It Va named_flags
.Pq Vt str
If
.Va named_enable
is set to
.Dq YES ,
these are the flags to pass to
.Xr named 8 .
.It Va kerberos_server_enable
.Pq Vt bool
Set to
.Dq YES
to start a Kerberos IV authentication server
at boot time.
.It Va kadmind_server_enable
.Pq Vt bool
Set to
.Dq YES
to start
.Xr kadmind 8 ,
the Kerberos IV Administration Daemon; set to
.Dq NO
on a slave server.
.It Va kerberos_stash
.Pq Vt str
If
.Dq YES ,
instruct the Kerberos servers to use the stashed master key instead of
prompting for it (only if
.Va kerberos_server_enable
is set to
.Dq YES ,
and is used for both
.Xr kerberos 1
and
.Xr kadmind 8 ) .
.It Va kerberos5_server_enable
.Pq Vt bool
Set to
.Dq YES
to start a Kerberos 5 authentication server
at boot time.
.It Va kadmind5_server_enable
.Pq Vt bool
Set to
.Dq YES
to start
.Xr k5admind 8 ,
the Kerberos 5 Administration Daemon; set to
.Dq NO
on a slave server.
.It Va rwhod_enable
.Pq Vt bool
If set to
.Dq YES ,
run the
.Xr rwhod 8
daemon at boot time.
.It Va rwhod_flags
.Pq Vt str
If
.Va rwhod_enable
is set to
.Dq YES ,
these are the flags to pass to it.
.It Va amd_enable
.Pq Vt bool
If set to
.Dq YES ,
run the
.Xr amd 8
daemon at boot time.
.It Va amd_flags
.Pq Vt str
If
.Va amd_enable
is set to
.Dq YES ,
these are the flags to pass to it.
See the
.Xr amd 8
.Xr info 1
page for more information.
.It Va amd_map_program
.Pq Vt str
If set,
the specified program is run to get the list of
.Xr amd 8
maps.
For example, if the
.Xr amd 8
maps are stored in NIS, one can set this to
run
.Xr ypcat 1
to get a list of
.Xr amd 8
maps from the
.Pa amd.master
NIS map.
.It Va update_motd
.Pq Vt bool
If set to
.Dq YES ,
.Pa /etc/motd
will be updated at boot time to reflect the kernel release
being run.  If set to
.Dq NO ,
.Pa /etc/motd
will not be updated
.It Va nfs_client_enable
.Pq Vt bool
If set to
.Dq YES ,
run the NFS client daemons at boot time.
.It Va nfs_client_flags
.Pq Vt str
If
.Va nfs_client_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr nfsiod 8
daemon.
.It Va nfs_access_cache
.Pq Vt int
If
.Va nfs_client_enable
is set to
.Dq YES ,
this can be set to
.Dq 0
to disable NFS ACCESS RPC caching, or to the number of seconds for which
NFS ACCESS
results should be cached.
A value of 2-10 seconds will substantially reduce network
traffic for many NFS operations.
.It Va nfs_server_enable
.Pq Vt bool
If set to
.Dq YES ,
run the NFS server daemons at boot time.
.It Va nfs_server_flags
.Pq Vt str
If
.Va nfs_server_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr nfsd 8
daemon.
.It Va single_mountd_enable
.Pq Vt bool
If set to
.Dq YES ,
and no
.Va nfs_server_enable
is set, start
.Xr mountd 8 ,
but not
.Xr nfsd 8
daemon.
It is commonly needed to run CFS without real NFS used.
.It Va mountd_flags
.Pq Vt str
If
.Va mountd_enable
is set to
.Dq Li YES ,
these are the flags to pass to the
,Xr mountd 8
daemon.
.It Va weak_mountd_authentication
.Pq Vt bool
If set to
.Dq YES ,
allow services like PCNFSD to make non-privileged mount
requests.
.It Va nfs_reserved_port_only
.Pq Vt bool
If set to
.Dq YES ,
provide NFS services only on a secure port.
.It Va nfs_bufpackets
.Pq Vt int
If set to a number, indicates the number of packets worth of
socket buffer space to reserve on an NFS client.
The kernel default is typically 4.
Using a higher number may be
useful on gigabit networks to improve performance.
The minimum value is
2 and the maximum is 64.
.It Va rpc_lockd_enable
.Pq Vt bool
If set to
.Dq YES
and also an NFS server, run
.Xr rpc.lockd 8
at boot time.
.It Va rpc_statd_enable
.Pq Vt bool
If set to
.Dq YES
and also an NFS server, run
.Xr rpc.statd 8
at boot time.
.It Va portmap_program
.Pq Vt str
Path to
.Xr portmap 8
(default
.Pa /usr/sbin/portmap ) .
.It Va portmap_enable
.Pq Vt bool
If set to
.Dq YES ,
run the
.Xr portmap 8
service at boot time.
.It Va portmap_flags
.Pq Vt str
If
.Va portmap_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr portmap 8
daemon.
.It Va xtend_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr xtend 8
daemon at boot time.
.It Va xtend_flags
.Pq Vt str
If
.Va xtend_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr xtend 8
daemon.
.It Va pppoed_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr pppoed 8
daemon at boot time to provide PPP over Ethernet services.
.It Va pppoed_ Ns Ar provider
.Pq Vt str
.Xr pppoed 8
listens to requests to this
.Ar provider
and ultimately runs
.Xr ppp 8
with a
.Ar system
argument of the same name.
.It Va pppoed_flags
.Pq Vt str
Additional flags to pass to
.Xr pppoed 8 .
.It Va pppoed_interface
.Pq Vt str
The network interface to run pppoed on.  This is mandatory when
.Va pppoed_enable
is set to
.Dq YES .
.It Va timed_enable
.Pq Vt boot
If
.Dq YES
then run the
.Xr timed 8
service at boot time.  This command is intended for networks of
machines where a consistent
.Qq "network time"
for all hosts must be established.  This is often useful in large NFS
environments where time stamps on files are expected to be consistent
network-wide.
.It Va timed_flags
.Pq Vt str
If
.Va timed_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr timed 8
service.
.It Va ntpdate_enable
.Pq Vt bool
If set to
.Dq YES ,
run ntpdate at system startup.  This command is intended to
synchronize the system clock only
.Em once
from some standard reference.  An option to set this up initially
(from a list of known servers) is also provided by the
.Pa /stand/sysinstall
program when the system is first installed.
.It Va ntpdate_program
.Pq Vt str
Path to
.Xr ntpdate 8
(default
.Pa /usr/sbin/ntpdate ) .
.It Va ntpdate_flags
.Pq Vt str
If
.Va ntpdate_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr ntpdate 8
command (typically a hostname).
.It Va xntpd_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr ntpd 8
command at boot time.
.It Va xntpd_program
.Pq Vt str
Path to
.Xr ntpd 8
(default
.Pa /usr/sbin/ntpd ) .
.It Va xntpd_flags
.Pq Vt str
If
.Va xntpd_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr ntpd 8
daemon.
.It Va nis_client_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr ypbind 8
service at system boot time.
.It Va nis_client_flags
.Pq Vt str
If
.Va nis_client_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr ypbind 8
service.
.It Va nis_ypset_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr ypset 8
daemon at system boot time.
.It Va nis_ypset_flags
.Pq Vt str
If
.Va nis_ypset_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr ypset 8
daemon.
.It Va nis_server_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr ypserv 8
daemon at system boot time.
.It Va nis_server_flags
.Pq Vt str
If
.Va nis_server_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr ypserv 8
daemon.
.It Va nis_ypxfrd_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr rpc.ypxfrd 8
daemon at system boot time.
.It Va nis_ypxfrd_flags
.Pq Vt str
If
.Va nis_ypxfrd_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr rpc.ypxfrd 8
daemon.
.It Va nis_yppasswdd_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr rpc.yppasswdd 8
daemon at system boot time.
.It Va nis_yppasswdd_flags
.Pq Vt str
If
.Va nis_yppasswdd_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr rpc.yppasswdd 8
daemon.
.It Va defaultrouter
.Pq Vt str
If not set to
.Dq NO
then create a default route to this host name or IP address
(use an IP address if this router is also required to get to the
name server!).
.It Va static_routes
.Pq Vt str
Set to the list of static routes that are to be added at system
boot time.  If not set to
.Dq NO
then for each whitespace separated
.Ar element
in the value, a
.Va route_ Ns Aq Ar element
variable is assumed to exist
whose contents will later be passed to a
.Dq route add
operation.
.It Va gateway_enable
.Pq Vt bool
If set to
.Dq YES ,
then configure host to at as an IP router, e.g. to forward packets
between interfaces.
.It Va router_enable
.Pq Vt bool
If set to
.Dq YES
then run a routing daemon of some sort, based on the
settings of
.Va router
and
.Va router_flags .
.It Va router
.Pq Vt str
If
.Va router_enable
is set to
.Dq YES ,
this is the name of the routing daemon to use.
.It Va router_flags
.Pq Vt str
If
.Va router_enable
is set to
.Dq YES ,
these are the flags to pass to the routing daemon.
.It Va mrouted_enable
.Pq Vt bool
If set to
.Dq YES
then run the multicast routing daemon,
.Xr mrouted 8 .
.It Va mrouted_flags
.Pq Vt str
If
.Va mrouted_enable
is set to
.Dq YES ,
these are the flags to pass to the multicast routing daemon.
.It Va ipxgateway_enable
.Pq Vt bool
If set to
.Dq YES
then enable the routing of IPX traffic.
.It Va ipxrouted_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr IPXrouted 8
daemon at system boot time.
.It Va ipxrouted_flags
.Pq Vt str
If
.Va ipxrouted_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr IPXrouted 8
daemon.
.It Va arpproxy_all
.Pq Vt bool
If set to
.Dq YES
then enable global proxy ARP.
.It Va forward_sourceroute
.Pq Vt bool
If set to
.Dq YES
then when
.Va gateway_enable
is also set to
.Dq YES ,
source routed packets are forwarded.
.It Va accept_sourceroute
.Pq Vt bool
If set to
.Dq YES
then the system will accept source routed packets directed at it.
.It Va rarpd_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr rarpd 8
daemon at system boot time.
.It Va rarpd_flags
.Pq Vt str
If
.Va rarpd_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr rarpd 8
daemon.
.It Va atm_enable
.Pq Vt bool
Set to
.Dq YES
to enable the configuration of ATM interfaces at system boot time.
For all of the ATM variables described below, please refer to the
.Xr atm 8
man page for further details on the available command parameters.
Also refer to the files in
.Pa /usr/share/examples/atm
for more detailed configuration information.
.It Va atm_netif_<intf>
.Pq Vt str
For the ATM physical interface
.Va <intf> ,
this variable defines the name prefix and count for the ATM network interfaces to be created.
The value will be passed as the parameters of an
.Dq atm set netif Va <intf>
command.
.It Va atm_sigmgr_<intf>
.Pq Vt str
For the ATM physical interface
.Va <intf> ,
this variable defines the ATM signalling manager to be used.
The value will be passed as the parameters of an
.Dq atm attach Va <intf>
command.
.It Va atm_prefix_<intf>
.Pq Vt str
For the ATM physical interface
.Va <intf> ,
this variable defines the NSAP prefix for interfaces using a UNI signalling
manager.  If set to
.Em ILMI ,
then the prefix will automatically be set via the
.Xr ilmid 8
daemon.  Otherwise, the value will be passed as the parameters of an
.Dq atm set prefix Va <intf>
command.
.It Va atm_macaddr_<intf>
.Pq Vt str
For the ATM physical interface
.Va <intf> ,
this variable defines the MAC address for interfaces using a UNI signalling
manager.  If set to
.Dq NO ,
then the hardware MAC address contained in the ATM interface card will be used.
Otherwise, the value will be passed as the parameters of an
.Dq atm set mac Va <intf>
command.
.It Va atm_arpserver_<netif>
.Pq Vt str
For the ATM network interface
.Va <netif> ,
this variable defines the ATM address for a host which is to provide ATMARP
service.  This variable is only applicable to interfaces using a UNI signalling
manager.  If set to
.Em local ,
then this host will become an ATMARP server.
The value will be passed as the parameters of an
.Dq atm set arpserver Va <netif>
command.
.It Va atm_scsparp_<netif>
.Pq Vt bool
If set to
.Dq YES ,
then SCSP/ATMARP service for the network interface
.Va <netif>
will be initiated using the
.Xr scspd 8
and
.Xr atmarpd 8
daemons.  This variable is only applicable if
.So
.Va atm_arpserver_ Ns Aq Ar netif
.No = Ns Qq local
.Sc
is defined.
.It Va atm_pvcs
.Pq Vt str
Set to the list of ATM PVCs to be added at system
boot time.  For each whitespace separated
.Ar element
in the value, an
.Va atm_pvc_ Ns Aq Ar element
variable is assumed to exist.  The value of each of these variables
will be passed as the parameters of an
.Dq atm add pvc
command.
.It Va atm_arps
.Pq Vt str
Set to the list of permanent ATM ARP entries to be added
at system boot time.  For each whitespace separated
.Ar element
in the value, an
.Va atm_arp_ Ns Aq Ar element
variable is assumed to exist.  The value of each of these variables
will be passed as the parameters of an
.Dq atm add arp
command.
.It Va keymap
.Pq Vt str
If set to
.Dq NO
then no keymap is installed, otherwise the value is used to install
the keymap file in
.Pa /usr/share/syscons/keymaps/<value>.kbd
.It Va keyrate
.Pq Vt str
The keyboard repeat speed.  Set to
.Dq slow ,
.Dq normal ,
.Dq fast
or
.Dq NO
if the default behavior is desired.
.It Va keychange
.Pq Vt str
If not set to
.Dq NO ,
attempt to program the function keys with the value.  The value should
be a single string of the form:
.Qq Ar "<funkey_number> <new_value> [<funkey_number> <new_value>]..."
.It Va cursor
.Pq Vt str
Can be set to the value of
.Dq normal ,
.Dq blink ,
.Dq destructive
or
.Dq NO
to set the cursor behavior explicitly or choose the default behavior.
.It Va scrnmap
.Pq Vt str
If set to
.Dq NO
then no screen map is installed, otherwise the value is used to install
the screen map file in
.Pa /usr/share/syscons/scrnmaps/<value> .
.It Va font8x16
.Pq Vt str
If set to
.Dq NO
then the default 8x16 font value is used for screen size requests, otherwise
the value in
.Pa /usr/share/syscons/fonts/<value>
is used.
.It Va font8x14
.Pq Vt str
If set to
.Dq NO
then the default 8x14 font value is used for screen size requests, otherwise
the value in
.Pa /usr/share/syscons/fonts/<value>
is used.
.It Va font8x8
.Pq Vt str
If set to
.Dq NO
then the default 8x8 font value is used for screen size requests, otherwise
the value in
.Pa /usr/share/syscons/fonts/<value>
is used.
.It Va blanktime
.Pq Vt int
If set to
.Dq NO
then the default screen blanking interval is used, otherwise it is set
to
.Ar value
seconds.
.It Va saver
.Pq Vt str
If not set to
.Dq NO ,
this is the actual screen saver to use (blank, snake, daemon, etc).
.It Va moused_enable
.Pq Vt str
If set to
.Dq YES ,
the
.Xr moused 8
daemon is started for doing cut/paste selection on the console.
.It Va moused_type
.Pq Vt str
This is the protocol type of the mouse connected to this host.
This variable must be set if
.Va moused_enable
is set to
.Dq YES .
The
.Xr moused 8
daemon
is able to detect the appropriate mouse type automatically in many cases.
Set this variable to
.Dq auto
to let the daemon detect it, or
select one from the following list if the automatic detection fails.
.Pp
If the mouse is attached to the PS/2 mouse port, choose
.Dq auto
or
.Dq ps/2 ,
regardless of the brand and model of the mouse.  Likewise, if the
mouse is attached to the bus mouse port, choose
.Dq auto
or
.Dq busmouse .
All other protocols are for serial mice and will not work with
the PS/2 and bus mice.
If this is a USB mouse,
.Dq auto
is the only protocol type which will work.
.Bd -literal
microsoft        Microsoft mouse (serial)
intellimouse     Microsoft IntelliMouse (serial)
mousesystems     Mouse systems Corp mouse (serial)
mmseries         MM Series mouse (serial)
logitech         Logitech mouse (serial)
busmouse         A bus mouse
mouseman         Logitech MouseMan and TrackMan (serial)
glidepoint       ALPS GlidePoint (serial)
thinkingmouse    Kensington ThinkingMouse (serial)
ps/2             PS/2 mouse
mmhittab         MM HitTablet (serial)
x10mouseremote   X10 MouseRemote (serial)
versapad         Interlink VersaPad (serial)
.Ed
.Pp
Even if the mouse is not in the above list, it may be compatible
with one in the list.
Refer to the man page for
.Xr moused 8
for compatibility information.
.Pp
It should also be noted that while this is enabled, any
other client of the mouse (such as an X server) should access
the mouse through the virtual mouse device:
.Pa /dev/sysmouse
and configure it as a sysmouse type mouse, since all
mouse data is converted to this single canonical format when
using
.Xr moused 8 .
If the client program does not support the sysmouse type,
specify the mousesystems type.
It is the second preferred type.
.It Va moused_port
.Pq Vt str
If
.Va moused_enable
is set to
.Dq YES ,
this is the actual port the mouse is on.
It might be
.Pa /dev/cuaa0
for a COM1 serial mouse,
.Pa /dev/psm0
for a PS/2 mouse or
.Pa /dev/mse0
for a bus mouse, for example.
.It Va moused_flags
.Pq Vt str
If
.Va moused_type
is set, these are the additional flags to pass to the
.Xr moused 8
daemon.
.It Va allscreens_flags
.Pq Vt str
If set,
.Xr vidcontrol 1
is run with these options for each of the virtual terminals
.Pq Pa /dev/ttyv* .
For example,
.Dq -m on
will enable the mouse pointer on all virtual terminals
if
.Va moused_enable
is set to
.Dq YES .
.It Va cron_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr cron 8
daemon at system boot time.
.It Va cron_program
.Pq Vt str
Path to
.Xr cron 8
(default
.Pa /usr/sbin/cron ) .
.It Va cron_flags
.Pq Vt str
If
.Va cron_enable
is set to
.Dq YES ,
these are the flags to pass to
.Xr cron 8 .
.It Va lpd_program
.Pq Vt str
Path to
.Xr lpd 8
(default
.Pa /usr/sbin/lpd ) .
.It Va lpd_enable
.Pq Vt bool
If set to
.Dq YES
then run the
.Xr lpd 8
daemon at system boot time.
.It Va lpd_flags
.Pq Vt str
If
.Va lpd_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr lpd 8
daemon.
.It Va mta_start_script
.Pq Vt str
This variable specifies the full path to the script to run to start
a mail transfer agent.
The default is
.Pa /etc/rc.sendmail .
The
.Va sendmail_*
variables which
.Pa /etc/rc.sendmail
uses are documented in the
.Xr rc.sendmail 8
man page.
.It Va dumpdev
.Pq Vt str
Indicates the device (usually a swap partition) to which a crash dump
should be written in the event of a system crash.
The value of this variable is passed as the argument to
.Xr dumpon 8 .
To disable crash dumps, set this variable to
.Dq NO .
.It Va dumpdir
.Pq Vt str
When the system reboots after a crash and a crash dump is found on the
device specified by the
.Va dumpdev
variable,
.Xr savecore 8
will save that crash dump and a copy of the kernel to the directory
specified by the
.Va dumpdir
variable.
The default value is
.Dq /var/crash .
Set to
.Dq NO
to not run
.Xr savecore 8
at boot time when
.Va dumpdir
is set.
.It Va savecore_flags
.Pq Vt str
If crash dumps are enabled, these are the flags to pass to the
.Xr savecore 8
utility.
.It Va enable_quotas
.Pq Vt bool
Set to
.Dq YES
to turn on user disk quotas on system startup via the
.Xr quotaon 8
command.
.It Va check_quotas
.Pq Vt bool
Set to
.Dq YES
to enable user disk quota checking via the
.Xr quotacheck 8
command.
.It Va accounting_enable
.Pq Vt bool
Set to
.Dq YES
to enable system accounting through the
.Xr accton 8
facility.
.It Va ibcs2_enable
.Pq Vt bool
Set to
.Dq YES
to enable iBCS2 (SCO) binary emulation at system initial boot
time.
.It Va ibcs2_loaders
.Pq Vt str
If not set to
.Dq NO
and if
.Va ibcs2_enable
is set to
.Dq YES ,
this specifies a list of additional iBCS2 loaders to enable.
.It Va linux_enable
.Pq Vt bool
Set to
.Dq YES
to enable Linux/ELF binary emulation at system initial
boot time.
.It Va osf1_enable
.Pq Vt bool
Set to
.Dq YES
to enable OSF/1 (Digital UNIX) binary emulation at system
initial boot time.
(alpha)
.It Va rand_irqs
.Pq Vt str
Set to the list of IRQs to monitor for random number creation
(see the man page for
.Xr rndcontrol 8 ) .
.It Va clear_tmp_enable
.Pq Vt bool
Set to
.Dq YES
to have
.Pa /tmp
cleaned at startup.
.It Va ldconfig_paths
.Pq Vt str
Set to the list of shared library paths to use with
.Xr ldconfig 8 .
NOTE:
.Pa /usr/lib
will always be added first, so it need not appear in this list.
.It Va ldconfig_insecure
.Pq Vt bool
The
.Xr ldconfig 8
utility normally refuses to use directories
which are writable by anyone except root.
Set this variable to
.Dq YES
to disable that security check during system startup.
.It Va kern_securelevel_enable
.Pq Vt bool
Set to
.Dq YES
to set the kernel security level at system startup.
.It Va kern_securelevel
.Pq Vt int
The kernel security level to set at startup.
The allowed range of
.Ar value
ranges from -1 (the compile time default) to 3 (the
most secure).  See
.Xr init 8
for the list of possible security levels and their effect
on system operation.
.It Va start_vinum
.Pq Vt bool
Set to
.Dq YES
to start
.Xr vinum 8
at system boot time.
.It Va sshd_program
.Pq Vt str
Path to the SSH server program
.Pa ( /usr/sbin/sshd
is the default).
.It Va sshd_enable
.Pq Vt bool
Set to
.Dq YES
to start
.Xr sshd 8
at system boot time.
.It Va sshd_flags
.Pq Vt str
If
.Va sshd_enable
is set to
.Dq YES ,
these are the flags to pass to the
.Xr sshd 8
daemon.
.It Va unaligned_print
.Pq Vt bool
If set to
.Dq NO
then unaligned access warnings will not be printed.
(alpha)
.\" ----- isdn settings ---------------------------------
.It Va isdn_enable
.Pq Vt bool
Set to
.Dq NO
by default.
When set to
.Dq YES ,
starts the isdn daemon
.Pa /usr/sbin/isdnd
at system boot time.
.It Va isdn_flags
.Pq Vt str
Set to
.Dq -dn -d0x1f9
by default.
Additional flags to pass to
.Xr isdnd 8
(but see
.Va isdn_fsdev
and
.Va isdn_ttype
for certain tunable parameters).
.It Va isdn_ttype
.Pq Vt str
Set to
.Dq cons25
by default.
The terminal type of the output device when
.Xr isdnd 8
operates in fullscreen mode.
.It Va isdn_screenflags
.Pq Vt str
Set to
.Dq NO
by default.
The video mode for fullscreen mode (only for
.Xr syscons 4
console driver, see
.Xr vidcontrol 1
for valid modes).
.It Va isdn_fsdev
.Pq Vt str
Set to
.Dq /dev/ttyv4
by default.
The output device for
.Xr isdnd 8
in fullscreen mode (or
.Dq NO
for daemon mode).
.It Va isdn_trace
.Pq Vt bool
Set to
.Dq NO
by default.
When set to
.Dq YES ,
enables the ISDN protocol trace utility
.Pa /usr/sbin/isdntrace
at system boot time.
.It Va isdn_traceflags
.Pq Vt str
Set to
.Dq -f /var/tmp/isdntrace0
by default.
Flags for
.Pa /usr/sbin/isdntrace .
.\" -----------------------------------------------------
.El
.Sh FILES
.Bl -tag -width /etc/defaults/rc.conf -compact
.It Pa /etc/defaults/rc.conf
.It Pa /etc/rc.conf
.It Pa /etc/rc.conf.local
.El
.Sh SEE ALSO
.Xr catman 1 ,
.Xr gdb 1 ,
.Xr info 1 ,
.Xr makewhatis 1 ,
.Xr vidcontrol 1 ,
.Xr tcp 4 ,
.Xr udp 4 ,
.Xr exports 5 ,
.Xr motd 5 ,
.Xr accton 8 ,
.Xr amd 8 ,
.Xr apm 8 ,
.Xr atm 8 ,
.Xr cron 8 ,
.Xr dhclient 8 ,
.Xr gated 8 ,
.Xr ifconfig 8 ,
.Xr inetd 8 ,
.Xr isdnd 8 ,
.Xr isdntrace 8 ,
.Xr lpd 8 ,
.Xr mountd 8 ,
.Xr moused 8 ,
.Xr mrouted 8 ,
.Xr named 8 ,
.Xr nfsd 8 ,
.Xr nfsiod 8 ,
.Xr ntpd 8 ,
.Xr ntpdate 8 ,
.Xr pcnfsd 8 ,
.Xr portmap 8 ,
.Xr quotacheck 8 ,
.Xr quotaon 8 ,
.Xr rc 8 ,
.Xr rc.sendmail 8 ,
.Xr rndcontrol 8 ,
.Xr route 8 ,
.Xr routed 8 ,
.Xr rpc.lockd 8 ,
.Xr rpc.statd 8 ,
.Xr rpcbind 8 ,
.Xr rwhod 8 ,
.Xr savecore 8 ,
.Xr sshd 8 ,
.Xr swapon 8 ,
.Xr sysctl 8 ,
.Xr syslogd 8 ,
.Xr timed 8 ,
.Xr vinum 8 ,
.Xr vnconfig 8 ,
.Xr xtend 8 ,
.Xr yp 8 ,
.Xr ypbind 8 ,
.Xr ypserv 8 ,
.Xr ypset 8
.Sh HISTORY
The
.Nm
file appeared in
.Fx 2.2.2 .
.Sh AUTHORS
.An Jordan K. Hubbard .