xref: /freebsd/sbin/sysctl/sysctl.8 (revision f5463265955b829775bbb32e1fd0bc11dafc36ce)
1.\" Copyright (c) 1993
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.Dd August 18, 2023
29.Dt SYSCTL 8
30.Os
31.Sh NAME
32.Nm sysctl
33.Nd get or set kernel state
34.Sh SYNOPSIS
35.Nm
36.Op Fl bdeFhilNnoTtqWx
37.Op Fl B Ar bufsize
38.Op Fl f Ar filename
39.Ar name Ns Op = Ns Ar value Ns Op , Ns Ar value
40.Ar ...
41.Nm
42.Op Fl bdeFhlNnoTtqWx
43.Op Fl B Ar bufsize
44.Fl a
45.Sh DESCRIPTION
46The
47.Nm
48utility retrieves kernel state and allows processes with appropriate
49privilege to set kernel state.
50The state to be retrieved or set is described using a
51.Dq Management Information Base
52.Pq Dq MIB
53style name, described as a dotted set of
54components.
55.Pp
56The following options are available:
57.Bl -tag -width indent
58.It Fl A
59Equivalent to
60.Fl o a
61(for compatibility).
62.It Fl a
63List all the currently available values except for those which are
64opaque or excluded from listing via the
65.Dv CTLFLAG_SKIP
66flag.
67This option is ignored if one or more variable names are specified on
68the command line.
69.It Fl b
70Force the value of the variable(s) to be output in raw, binary format.
71No names are printed and no terminating newlines are output.
72This is mostly useful with a single variable.
73.It Fl B Ar bufsize
74Set the buffer size to read from the
75.Nm
76to
77.Ar bufsize .
78This is necessary for a
79.Nm
80that has variable length, and the probe value of 0 is a valid length, such as
81.Va kern.arandom .
82.It Fl d
83Print the description of the variable instead of its value.
84.It Fl e
85Separate the name and the value of the variable(s) with
86.Ql = .
87This is useful for producing output which can be fed back to the
88.Nm
89utility.
90This option is ignored if either
91.Fl N
92or
93.Fl n
94is specified, or a variable is being set.
95.It Fl f Ar filename
96Specify a file which contains a pair of name and value in each line.
97.Nm
98reads and processes the specified file first and then processes the name
99and value pairs in the command line argument.
100.It Fl F
101Print the format of the variable.
102This is additional information to describe the type of the variable and
103most useful with struct types such as clockinfo, timeval, and loadavg.
104.It Fl h
105Format output for human, rather than machine, readability.
106.It Fl i
107Ignore unknown OIDs.
108The purpose is to make use of
109.Nm
110for collecting data from a variety of machines (not all of which
111are necessarily running exactly the same software) easier.
112.It Fl l
113Show the length of variables along with their values.
114This option cannot be combined with the
115.Fl N
116option.
117.It Fl N
118Show only variable names, not their values.
119This is particularly useful with shells that offer programmable
120completion.
121To enable completion of variable names in
122.Xr zsh 1 Pq Pa ports/shells/zsh ,
123use the following code:
124.Bd -literal -offset indent
125listsysctls () { set -A reply $(sysctl -AN ${1%.*}) }
126compctl -K listsysctls sysctl
127.Ed
128.Pp
129To enable completion of variable names in
130.Xr tcsh 1 ,
131use:
132.Pp
133.Dl "complete sysctl 'n/*/`sysctl -Na`/'"
134.It Fl n
135Do not show variable names.
136This option is useful for setting shell variables.
137For instance, to save the pagesize in variable
138.Va psize ,
139use:
140.Pp
141.Dl "set psize=`sysctl -n hw.pagesize`"
142.It Fl o
143Show opaque variables (which are normally suppressed).
144The format and length are printed, as well as a hex dump of the first
145sixteen bytes of the value.
146.It Fl q
147Suppress some warnings generated by
148.Nm
149to standard error.
150.It Fl T
151Display only variables that are settable via loader (CTLFLAG_TUN).
152.It Fl t
153Print the type of the variable.
154.It Fl W
155Display only writable variables that are not statistical.
156Useful for determining the set of runtime tunable sysctls.
157.It Fl X
158Equivalent to
159.Fl x a
160(for compatibility).
161.It Fl x
162As
163.Fl o ,
164but prints a hex dump of the entire value instead of just the first
165few bytes.
166.El
167.Pp
168The information available from
169.Nm
170consists of integers, strings, and opaque types.
171The
172.Nm
173utility
174only knows about a couple of opaque types, and will resort to hexdumps
175for the rest.
176The opaque information is much more useful if retrieved by special
177purpose programs such as
178.Xr ps 1 ,
179.Xr systat 1 ,
180and
181.Xr netstat 1 .
182.Pp
183Some of the variables which cannot be modified during normal system
184operation can be initialized via
185.Xr loader 8
186tunables.
187This can for example be done by setting them in
188.Xr loader.conf 5 .
189Please refer to
190.Xr loader.conf 5
191for more information on which tunables are available and how to set them.
192.Pp
193The string and integer information is summarized below.
194For a detailed description of these variables see
195.Xr sysctl 3
196and
197.Xr security 7 .
198.Pp
199The changeable column indicates whether a process with appropriate
200privilege can change the value.
201String and integer values can be set using
202.Nm .
203.Bl -column security.bsd.unprivileged_read_msgbuf integerxxx
204.It Sy "Name	Type	Changeable"
205.It "kern.ostype	string	no"
206.It "kern.osrelease	string	no"
207.It "kern.osrevision	integer	no"
208.It "kern.version	string	no"
209.It "kern.maxvnodes	integer	yes"
210.It "kern.maxproc	integer	no"
211.It "kern.maxprocperuid	integer	yes"
212.It "kern.maxfiles	integer	yes"
213.It "kern.maxfilesperproc	integer	yes"
214.It "kern.argmax	integer	no"
215.It "kern.securelevel	integer	raise only"
216.It "kern.hostname	string	yes"
217.It "kern.hostid	integer	yes"
218.It "kern.clockrate	struct	no"
219.It "kern.posix1version	integer	no"
220.It "kern.ngroups	integer	no"
221.It "kern.job_control	integer	no"
222.It "kern.saved_ids	integer	no"
223.It "kern.boottime	struct	no"
224.It "kern.domainname	string	yes"
225.It "kern.filedelay	integer	yes"
226.It "kern.dirdelay	integer	yes"
227.It "kern.metadelay	integer	yes"
228.It "kern.osreldate	integer	no"
229.It "kern.bootfile	string	yes"
230.It "kern.corefile	string	yes"
231.It "kern.logsigexit	integer	yes"
232.It "security.bsd.suser_enabled	integer	yes"
233.It "security.bsd.see_other_uids	integer	yes"
234.It "security.bsd.see_other_gids	integer	yes"
235.It "security.bsd.see_jail_proc	integer	yes"
236.It "security.bsd.unprivileged_proc_debug	integer	yes"
237.It "security.bsd.unprivileged_read_msgbuf	integer	yes"
238.It "vm.loadavg	struct	no"
239.It "hw.machine	string	no"
240.It "hw.model	string	no"
241.It "hw.ncpu	integer	no"
242.It "hw.byteorder	integer	no"
243.It "hw.physmem	integer	no"
244.It "hw.usermem	integer	no"
245.It "hw.pagesize	integer	no"
246.It "hw.floatingpoint	integer	no"
247.It "hw.machine_arch	string	no"
248.It "hw.realmem	integer	no"
249.It "machdep.adjkerntz	integer	yes"
250.It "machdep.disable_rtc_set	integer	yes"
251.It "machdep.guessed_bootdev	string	no"
252.It "user.cs_path	string	no"
253.It "user.bc_base_max	integer	no"
254.It "user.bc_dim_max	integer	no"
255.It "user.bc_scale_max	integer	no"
256.It "user.bc_string_max	integer	no"
257.It "user.coll_weights_max	integer	no"
258.It "user.expr_nest_max	integer	no"
259.It "user.line_max	integer	no"
260.It "user.re_dup_max	integer	no"
261.It "user.posix2_version	integer	no"
262.It "user.posix2_c_bind	integer	no"
263.It "user.posix2_c_dev	integer	no"
264.It "user.posix2_char_term	integer	no"
265.It "user.posix2_fort_dev	integer	no"
266.It "user.posix2_fort_run	integer	no"
267.It "user.posix2_localedef	integer	no"
268.It "user.posix2_sw_dev	integer	no"
269.It "user.posix2_upe	integer	no"
270.It "user.stream_max	integer	no"
271.It "user.tzname_max	integer	no"
272.It "user.localbase	string	no"
273.El
274.Sh FILES
275.Bl -tag -width ".In netinet/icmp_var.h" -compact
276.It In sys/sysctl.h
277definitions for top level identifiers, second level kernel and hardware
278identifiers, and user level identifiers
279.It In sys/socket.h
280definitions for second level network identifiers
281.It In sys/gmon.h
282definitions for third level profiling identifiers
283.It In vm/vm_param.h
284definitions for second level virtual memory identifiers
285.It In netinet/in.h
286definitions for third level Internet identifiers and
287fourth level IP identifiers
288.It In netinet/icmp_var.h
289definitions for fourth level ICMP identifiers
290.It In netinet/udp_var.h
291definitions for fourth level UDP identifiers
292.El
293.Sh EXIT STATUS
294.Ex -std
295.Sh EXAMPLES
296For example, to retrieve the maximum number of processes allowed
297in the system, one would use the following request:
298.Pp
299.Dl "sysctl kern.maxproc"
300.Pp
301To set the maximum number of processes allowed
302per uid to 1000, one would use the following request:
303.Pp
304.Dl "sysctl kern.maxprocperuid=1000"
305.Pp
306Information about the system clock rate may be obtained with:
307.Pp
308.Dl "sysctl kern.clockrate"
309.Pp
310Information about the load average history may be obtained with:
311.Pp
312.Dl "sysctl vm.loadavg"
313.Pp
314More variables than these exist, and the best and likely only place
315to search for their deeper meaning is undoubtedly the source where
316they are defined.
317.Sh COMPATIBILITY
318The
319.Fl w
320option has been deprecated and is silently ignored.
321.Sh SEE ALSO
322.Xr sysctl 3 ,
323.Xr loader.conf 5 ,
324.Xr sysctl.conf 5 ,
325.Xr security 7 ,
326.Xr loader 8
327.Sh HISTORY
328A
329.Nm
330utility first appeared in
331.Bx 4.4 .
332.Pp
333In
334.Fx 2.2 ,
335.Nm
336was significantly remodeled.
337.Sh BUGS
338The
339.Nm
340utility presently exploits an undocumented interface to the kernel
341.Xr sysctl 9
342facility to traverse the sysctl tree and to retrieve format
343and name information.
344This correct interface is being thought about for the time being.
345