xref: /freebsd/share/man/man5/rc.conf.5 (revision 03550c9c2554c264840d17d7759e41cff19dc20d) 
1.\" Copyright (c) 1995
2.\"	Jordan K. Hubbard
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.\" $FreeBSD$
26.\"
27.Dd June 8, 2005
28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
38started up at system initial boot time.
39In new installations, the
40.Nm
41file is generally initialized by the system installation utility,
42.Xr sysinstall 8 .
43.Pp
44The purpose of
45.Nm
46is not to run commands or perform system startup actions
47directly.
48Instead, it is included by the
49various generic startup scripts in
50.Pa /etc
51which conditionalize their
52internal actions according to the settings found there.
53.Pp
54The
55.Pa /etc/rc.conf
56file is included from the file
57.Pa /etc/defaults/rc.conf ,
58which specifies the default settings for all the available options.
59Options need only be specified in
60.Pa /etc/rc.conf
61when the system administrator wishes to override these defaults.
62The file
63.Pa /etc/rc.conf.local
64is used to override settings in
65.Pa /etc/rc.conf
66for historical reasons.
67See the
68.Va rc_conf_files
69variable below.
70.Pp
71The following list provides a name and short description for each
72variable that can be set in the
73.Nm
74file:
75.Bl -tag -width indent-two
76.It Va rc_debug
77.Pq Vt bool
78If set to
79.Dq Li YES ,
80enable output of debug messages from rc scripts.
81This variable can be helpful in diagnosing mistakes when
82editing or integrating new scripts.
83Beware that this produces copious output to the terminal and
84.Xr syslog 3 .
85.It Va rc_info
86.Pq Vt bool
87If set to
88.Dq Li NO ,
89disable informational messages from the rc scripts.
90Informational messages are displayed when
91a condition that is not serious enough to warrant a warning or
92an error occurs.
93.It Va swapfile
94.Pq Vt str
95If set to
96.Dq Li NO ,
97no swapfile is installed, otherwise the value is used as the full
98pathname to a file to use for additional swap space.
99.It Va apm_enable
100.Pq Vt bool
101If set to
102.Dq Li YES ,
103enable support for Automatic Power Management with
104the
105.Xr apm 8
106command.
107.It Va apmd_enable
108.Pq Vt bool
109Run
110.Xr apmd 8
111to handle APM event from userland.
112This also enables support for APM.
113.It Va apmd_flags
114.Pq Vt str
115If
116.Va apmd_enable
117is set to
118.Dq Li YES ,
119these are the flags to pass to the
120.Xr apmd 8
121daemon.
122.It Va devd_enable
123.Pq Vt bool
124Run
125.Xr devd 8
126to handle device added, removed or unknown events from the kernel.
127.It Va kldxref_enable
128.Pq Vt bool
129Set to
130.Dq Li NO
131by default.
132Set to
133.Dq Li YES
134to automatically rebuild
135.Pa linker.hints
136files with
137.Xr kldxref 8
138at boot time.
139.It Va kldxref_clobber
140.Pq Vt bool
141Set to
142.Dq Li NO
143by default.
144If
145.Va kldxref_enable
146is true,
147setting to
148.Dq Li YES
149will overwrite existing
150.Pa linker.hints
151files at boot time.
152Otherwise,
153only missing
154.Pa linker.hints
155files are generated.
156.It Va kldxref_module_path
157.Pq Vt str
158Empty by default.
159A semi-colon
160.Pq Ql \&;
161delimited list of paths containing
162.Xr kld 4
163modules.
164If empty,
165the contents of the
166.Va kern.module_path
167.Xr sysctl 8
168are used.
169.It Va pccard_enable
170.Pq Vt bool
171If set to
172.Dq Li YES ,
173enable PCCARD support at boot time.
174.It Va pccard_mem
175.Pq Vt str
176Set to PCCARD controller memory address or
177.Dq Li DEFAULT
178for the default value.
179.It Va pccard_ifconfig
180.Pq Vt str
181This variable has the same format as the
182.Va ifconfig_ Ns Aq Ar interface
183variable
184(see
185.Va network_interfaces
186below).
187It is used as a fallback variable when there is no
188.Va ifconfig_ Ns Aq Ar interface
189is defined and only if the interface name is listed in
190.Va removable_interfaces .
191.It Va pccard_beep
192.Pq Vt int
193If 0,
194set the PCCARD controller to silent mode.
195If 1,
196set it to beep mode.
197If 2,
198set it to melody mode.
199.It Va pccard_conf
200.Pq Vt str
201Path to the configuration file for the
202.Xr pccardd 8
203daemon (e.g.\&
204.Pa /etc/pccard.conf.sample ) .
205.It Va pccardd_flags
206.Pq Vt str
207If
208.Va pccard_enable
209is set to
210.Dq Li YES ,
211these are the flags to pass to the
212.Xr pccardd 8
213daemon.
214.It Va powerd_enable
215.Pq Vt bool
216If set to
217.Dq Li YES ,
218enable the system power control facility with the
219.Xr powerd 8
220daemon.
221.It Va powerd_flags
222.Pq Vt str
223If
224.Va powerd_enable
225is set to
226.Dq Li YES ,
227these are the flags to pass to the
228.Xr powerd 8
229daemon.
230.It Va removable_interfaces
231.Pq Vt str
232List of removable network interfaces to be supported by
233.Pa /etc/pccard_ether .
234This also determines which interfaces will be able to use the
235.Va pccard_ifconfig
236fallback variable.
237.It Va tmpmfs
238Controls the creation of a
239.Pa /tmp
240memory file system.
241Always happens if set to
242.Dq Li YES
243and never happens if set to
244.Dq Li NO .
245If set to anything else, a memory file system is created if
246.Pa /tmp
247is not writable.
248.It Va tmpsize
249Controls the size of a created
250.Pa /tmp
251memory file system.
252.It Va tmpmfs_flags
253Extra options passed to the
254.Xr mdmfs 8
255utility when the memory file system for
256.Pa /tmp
257is created.
258The default is
259.Dq Li -S ,
260which inhibits the use of softupdates on
261.Pa /tmp
262to waste as little space as possible.
263See
264.Xr mdmfs 8
265for other options you can use in
266.Va tmpmfs_flags .
267.It Va varmfs
268Controls the creation of a
269.Pa /var
270memory file system.
271Always happens if set to
272.Dq Li YES
273and never happens if set to
274.Dq Li NO .
275If set to anything else, a memory file system is created if
276.Pa /var
277is not writable.
278.It Va varsize
279Controls the size of a created
280.Pa /var
281memory file system.
282.It Va varmfs_flags
283Extra options passed to the
284.Xr mdmfs 8
285utility when the memory file system for
286.Pa /var
287is created.
288The default is
289.Dq Li -S ,
290which inhibits the use of softupdates on
291.Pa /var
292to waste as little space as possible.
293See
294.Xr mdmfs 8
295for other options you can use in
296.Va varmfs_flags .
297.It Va populate_var
298Controls the automatic population of the
299.Pa /var
300file system.
301Always happens if set to
302.Dq Li YES
303and never happens if set to
304.Dq Li NO .
305If set to anything else, a memory file system is created if
306.Pa /var
307is not writable.
308Note that this process requires access to certain commands in
309.Pa /usr
310before
311.Pa /usr
312is mounted on normal systems.
313.It Va local_startup
314.Pq Vt str
315List of directories to search for startup script files.
316.It Va script_name_sep
317.Pq Vt str
318The field separator to use for breaking down the list of startup script files
319into individual filenames.
320The default is a space.
321It is not necessary to change this unless there are startup scripts with names
322containing spaces.
323.It Va hostname
324.Pq Vt str
325The fully qualified domain name (FQDN) of this host on the network.
326This should almost certainly be set to something meaningful, even if
327there is no network connection.
328If
329.Xr dhclient 8
330is used to set the hostname via DHCP,
331this variable should be set to an empty string.
332.It Va ipv6_enable
333.Pq Vt bool
334Enable support for IPv6 networking.
335Note that this requires that the kernel have been compiled with
336.Cd "options INET6" .
337.It Va nisdomainname
338.Pq Vt str
339The NIS domain name of this host, or
340.Dq Li NO
341if NIS is not used.
342.It Va dhclient_program
343.Pq Vt str
344Path to the DHCP client program
345.Pa ( /sbin/dhclient ,
346the ISC DHCP client,
347is the default).
348.It Va dhclient_flags
349.Pq Vt str
350Additional flags to pass to the DHCP client program.
351For the ISC DHCP client, see the
352.Xr dhclient 8
353manpage for a description of the command line options available.
354.It Va background_dhclient
355.Pq Vt bool
356Set to
357.Dq Li YES
358to start the dhcp client in background.
359This can cause trouble with applications depending on
360a working network, but it will provide a faster startup
361in many cases.
362.It Va firewall_enable
363.Pq Vt bool
364Set to
365.Dq Li YES
366to load firewall rules at startup.
367If the kernel was not built with
368.Cd "options IPFIREWALL" ,
369the
370.Pa ipfw.ko
371kernel module will be loaded.
372See also
373.Va ipfilter_enable .
374.It Va ipv6_firewall_enable
375.Pq Vt bool
376The IPv6 equivalent of
377.Va firewall_enable .
378Set to
379.Dq Li YES
380to load IPv6 firewall rules at startup.
381If the kernel was not built with
382.Cd "options IPV6FIREWALL" ,
383the
384.Pa ip6fw.ko
385kernel module will be loaded.
386.It Va firewall_script
387.Pq Vt str
388This variable specifies the full path to the firewall script to run.
389The default is
390.Pa /etc/rc.firewall .
391.It Va ipv6_firewall_script
392.Pq Vt str
393The IPv6 equivalent of
394.Va firewall_script .
395.It Va firewall_type
396.Pq Vt str
397Names the firewall type from the selection in
398.Pa /etc/rc.firewall ,
399or the file which contains the local firewall ruleset.
400Valid selections from
401.Pa /etc/rc.firewall
402are:
403.Pp
404.Bl -tag -width ".Li simple" -compact
405.It Li open
406unrestricted IP access
407.It Li closed
408all IP services disabled, except via
409.Dq Li lo0
410.It Li client
411basic protection for a workstation
412.It Li simple
413basic protection for a LAN.
414.El
415.Pp
416If a filename is specified, the full path
417must be given.
418.It Va ipv6_firewall_type
419.Pq Vt str
420The IPv6 equivalent of
421.Va firewall_type .
422.It Va firewall_quiet
423.Pq Vt bool
424Set to
425.Dq Li YES
426to disable the display of firewall rules on the console during boot.
427.It Va ipv6_firewall_quiet
428.Pq Vt bool
429The IPv6 equivalent of
430.Va firewall_quiet .
431.It Va firewall_logging
432.Pq Vt bool
433Set to
434.Dq Li YES
435to enable firewall event logging.
436This is equivalent to the
437.Dv IPFIREWALL_VERBOSE
438kernel option.
439.It Va ipv6_firewall_logging
440.Pq Vt bool
441The IPv6 equivalent of
442.Va firewall_logging .
443.It Va firewall_flags
444.Pq Vt str
445Flags passed to
446.Xr ipfw 8
447if
448.Va firewall_type
449specifies a filename.
450.It Va ipv6_firewall_flags
451.Pq Vt str
452The IPv6 equivalent of
453.Va firewall_flags .
454.It Va natd_program
455.Pq Vt str
456Path to
457.Xr natd 8 .
458.It Va natd_enable
459.Pq Vt bool
460Set to
461.Dq Li YES
462to enable
463.Xr natd 8 .
464.Va firewall_enable
465must also be set to
466.Dq Li YES ,
467and
468.Xr divert 4
469sockets must be enabled in the kernel.
470If the kernel was not built with
471.Cd "options IPDIVERT" ,
472the
473.Pa ipdivert.ko
474kernel module will be loaded.
475.It Va natd_interface
476.Pq Vt str
477This is the name of the public interface on which
478.Xr natd 8
479should run.
480The interface may be given as an interface name or as an IP address.
481.It Va natd_flags
482.Pq Vt str
483Additional
484.Xr natd 8
485flags should be placed here.
486The
487.Fl n
488or
489.Fl a
490flag is automatically added with the above
491.Va natd_interface
492as an argument.
493.\" ----- ipfilter_enable setting --------------------------------
494.It Va ipfilter_enable
495.Pq Vt bool
496Set to
497.Dq Li NO
498by default.
499Setting this to
500.Dq Li YES
501enables
502.Xr ipf 8
503packet filtering.
504.Pp
505Typical usage will require putting
506.Bd -literal
507ipfilter_enable="YES"
508ipnat_enable="YES"
509ipmon_enable="YES"
510ipfs_enable="YES"
511.Ed
512.Pp
513into
514.Pa /etc/rc.conf
515and editing
516.Pa /etc/ipf.rules
517and
518.Pa /etc/ipnat.rules
519appropriately.
520.Pp
521Note that
522.Va ipfilter_enable
523and
524.Va ipnat_enable
525can be enabled independently.
526.Va ipmon_enable
527and
528.Va ipfs_enable
529both require at least one of
530.Va ipfilter_enable
531and
532.Va ipnat_enable
533to be enabled.
534.Pp
535Having
536.Bd -literal
537options IPFILTER
538options IPFILTER_LOG
539options IPFILTER_DEFAULT_BLOCK
540.Ed
541.Pp
542in the kernel configuration file is a good idea, too.
543.\" ----- ipfilter_program setting ------------------------------
544.It Va ipfilter_program
545.Pq Vt str
546Path to
547.Xr ipf 8
548(default
549.Pa /sbin/ipf ) .
550.\" ----- ipfilter_rules setting --------------------------------
551.It Va ipfilter_rules
552.Pq Vt str
553Set to
554.Pa /etc/ipf.rules
555by default.
556This variable contains the name of the filter rule definition file.
557The file is expected to be readable for the
558.Xr ipf 8
559command to execute.
560.\" ----- ipv6_ipfilter_rules setting ---------------------------
561.It Va ipv6_ipfilter_rules
562.Pq Vt str
563Set to
564.Pa /etc/ipf6.rules
565by default.
566This variable contains the IPv6 filter rule definition file.
567The file is expected to be readable for the
568.Xr ipf 8
569command to execute.
570.\" ----- ipfilter_flags setting --------------------------------
571.It Va ipfilter_flags
572.Pq Vt str
573Empty by default.
574This variable contains flags passed to the
575.Xr ipf 8
576program.
577.\" ----- ipnat_enable setting ----------------------------------
578.It Va ipnat_enable
579.Pq Vt bool
580Set to
581.Dq Li NO
582by default.
583Set it to
584.Dq Li YES
585to enable
586.Xr ipnat 1
587network address translation.
588See
589.Va ipfilter_enable
590for a detailed discussion.
591.\" ----- ipnat_program setting ---------------------------------
592.It Va ipnat_program
593.Pq Vt str
594Path to
595.Xr ipnat 1
596(default
597.Pa /sbin/ipnat ) .
598.\" ----- ipnat_rules setting -----------------------------------
599.It Va ipnat_rules
600.Pq Vt str
601Set to
602.Pa /etc/ipnat.rules
603by default.
604This variable contains the name of the file
605holding the network address translation definition.
606This file is expected to be readable for the
607.Xr ipnat 1
608command to execute.
609.\" ----- ipnat_flags setting -----------------------------------
610.It Va ipnat_flags
611.Pq Vt str
612Empty by default.
613This variable contains flags passed to the
614.Xr ipnat 1
615program.
616.\" ----- ipmon_enable setting ----------------------------------
617.It Va ipmon_enable
618.Pq Vt bool
619Set to
620.Dq Li NO
621by default.
622Set it to
623.Dq Li YES
624to enable
625.Xr ipmon 8
626monitoring (logging
627.Xr ipf 8
628and
629.Xr ipnat 1
630events).
631Setting this variable needs setting
632.Va ipfilter_enable
633or
634.Va ipnat_enable
635too.
636See
637.Va ipfilter_enable
638for a detailed discussion.
639.\" ----- ipmon_program setting ---------------------------------
640.It Va ipmon_program
641.Pq Vt str
642Path to
643.Xr ipmon 8
644(default
645.Pa /sbin/ipmon ) .
646.\" ----- ipmon_flags setting -----------------------------------
647.It Va ipmon_flags
648.Pq Vt str
649Set to
650.Dq Li -Ds
651by default.
652This variable contains flags passed to the
653.Xr ipmon 8
654program.
655Another typical example would be
656.Dq Fl D Pa /var/log/ipflog
657to have
658.Xr ipmon 8
659log directly to a file bypassing
660.Xr syslogd 8 .
661Make sure to adjust
662.Pa /etc/newsyslog.conf
663in such case like this:
664.Bd -literal
665/var/log/ipflog  640  10  100  *  Z  /var/run/ipmon.pid
666.Ed
667.\" ----- ipfs_enable setting -----------------------------------
668.It Va ipfs_enable
669.Pq Vt bool
670Set to
671.Dq Li NO
672by default.
673Set it to
674.Dq Li YES
675to enable
676.Xr ipfs 8
677saving the filter and NAT state tables during shutdown
678and reloading them during startup again.
679Setting this variable needs setting
680.Va ipfilter_enable
681or
682.Va ipnat_enable
683to
684.Dq Li YES
685too.
686See
687.Va ipfilter_enable
688for a detailed discussion.
689Note that if
690.Va kern_securelevel
691is set to 3,
692.Va ipfs_enable
693cannot be used
694because the raised securelevel will prevent
695.Xr ipfs 8
696from saving the state tables at shutdown time.
697.\" ----- ipfs_program setting ----------------------------------
698.It Va ipfs_program
699.Pq Vt str
700Path to
701.Xr ipfs 8
702(default
703.Pa /sbin/ipfs ) .
704.\" ----- ipfs_flags setting ------------------------------------
705.It Va ipfs_flags
706.Pq Vt str
707Empty by default.
708This variable contains flags passed to the
709.Xr ipfs 8
710program.
711.\" ----- end of added ipf hook ---------------------------------
712.It Va pf_enable
713.Pq Vt bool
714Set to
715.Dq Li NO
716by default.
717Setting this to
718.Dq Li YES
719enables
720.Xr pf 4
721packet filtering.
722.Pp
723Typical usage will require putting
724.Pp
725.Dl pf_enable="YES"
726.Pp
727into
728.Pa /etc/rc.conf
729and editing
730.Pa /etc/pf.conf
731appropriately.
732.Pp
733.Dl "device pf"
734.Pp
735builds
736.Xr pf 4
737into the kernel.
738Otherwise it is loaded from a module.
739.It Va pf_rules
740.Pq Vt str
741Path to
742.Xr pf 4
743ruleset configuration file
744(default
745.Pa /etc/pf.conf ) .
746.It Va pf_program
747.Pq Vt str
748Path to
749.Xr pfctl 8
750(default
751.Pa /sbin/pfctl ) .
752.It Va pf_flags
753.Pq Vt str
754If
755.Va pf_enable
756is set to
757.Dq Li YES ,
758these flags are passed to the
759.Xr pfctl 8
760program when loading the ruleset.
761.It Va pflog_enable
762.Pq Vt bool
763Set to
764.Dq Li NO
765by default.
766Setting this to
767.Dq Li YES
768enables
769.Xr pflogd 8
770which logs packets from the
771.Xr pf 4
772packet filter.
773.It Va pflog_logfile
774.Pq Vt str
775If
776.Va pflog_enable
777is set to
778.Dq Li YES
779this controls where
780.Xr pflogd 8
781stores the logfile
782(default
783.Pa /var/log/pflog ) .
784Check
785.Pa /etc/newsyslog.conf
786to adjust logfile rotation for this.
787.It Va pflog_program
788.Pq Vt str
789Path to
790.Xr pflogd 8
791(default
792.Pa /sbin/pflogd ) .
793.It Va pflog_flags
794.Pq Vt str
795Empty by default.
796This variable contains additional flags passed to the
797.Xr pflogd 8
798program.
799.It Va tcp_extensions
800.Pq Vt bool
801Set to
802.Dq Li YES
803by default.
804Setting this to
805.Dq Li NO
806disables certain TCP options as described by
807.Rs
808.%T "RFC 1323"
809.Re
810Setting this to
811.Dq Li NO
812might help remedy such problems with connections as randomly hanging
813or other weird behavior.
814Some network devices are known
815to be broken with respect to these options.
816.It Va log_in_vain
817.Pq Vt int
818Set to 0 by default.
819The
820.Xr sysctl 8
821variables,
822.Va net.inet.tcp.log_in_vain
823and
824.Va net.inet.udp.log_in_vain ,
825as described in
826.Xr tcp 4
827and
828.Xr udp 4 ,
829are set to the given value.
830.It Va tcp_keepalive
831.Pq Vt bool
832Set to
833.Dq Li YES
834by default.
835Setting to
836.Dq Li NO
837will disable probing idle TCP connections to verify that the
838peer is still up and reachable.
839.It Va tcp_drop_synfin
840.Pq Vt bool
841Set to
842.Dq Li NO
843by default.
844Setting to
845.Dq Li YES
846will cause the kernel to ignore TCP frames that have both
847the SYN and FIN flags set.
848This prevents OS fingerprinting, but may
849break some legitimate applications.
850This option is only available if the
851kernel was built with the
852.Dv TCP_DROP_SYNFIN
853option.
854.It Va icmp_drop_redirect
855.Pq Vt bool
856Set to
857.Dq Li NO
858by default.
859Setting to
860.Dq Li YES
861will cause the kernel to ignore ICMP REDIRECT packets.
862Refer to
863.Xr icmp 4
864for more information.
865.It Va icmp_log_redirect
866.Pq Vt bool
867Set to
868.Dq Li NO
869by default.
870Setting to
871.Dq Li YES
872will cause the kernel to log ICMP REDIRECT packets.
873Note that
874the log messages are not rate-limited, so this option should only be used
875for troubleshooting networks.
876Refer to
877.Xr icmp 4
878for more information.
879.It Va icmp_bmcastecho
880.Pq Vt bool
881Set to
882.Dq Li YES
883to respond to broadcast or multicast ICMP ping packets.
884Refer to
885.Xr icmp 4
886for more information.
887.It Va ip_portrange_first
888.Pq Vt int
889If not set to
890.Dq Li NO ,
891this is the first port in the default portrange.
892Refer to
893.Xr ip 4
894for more information.
895.It Va ip_portrange_last
896.Pq Vt int
897If not set to
898.Dq Li NO ,
899this is the last port in the default portrange.
900Refer to
901.Xr ip 4
902for more information.
903.It Va network_interfaces
904.Pq Vt str
905Set to the list of network interfaces to configure on this host.
906For example, if the only network devices in the system are the loopback
907device
908.Pq Li lo0
909and a NIC using the
910.Xr ed 4
911driver,
912this could be set to
913.Dq Li "lo0 ed0" .
914An
915.Va ifconfig_ Ns Aq Ar interface
916variable is also assumed to exist for each value of
917.Ar interface .
918It is also possible to add IP alias entries here in cases where
919multiple IP addresses registered against a single interface
920are desired.
921Assuming that the interface in question was
922.Li ed0 ,
923it might look
924something like this:
925.Bd -literal
926ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
927ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
928.Ed
929.Pp
930And so on.
931For each
932.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
933entry that is found,
934its contents are passed to
935.Xr ifconfig 8 .
936Execution stops at the first unsuccessful access, so if
937something like this is present:
938.Bd -literal
939ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
940ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
941ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
942ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
943.Ed
944.Pp
945Then note that alias4 would
946.Em not
947be added since the search would
948stop with the missing alias3 entry.
949.Pp
950If the
951.Pa /etc/start_if. Ns Aq Ar interface
952file is present, it is read and executed by the
953.Xr sh 1
954interpreter
955before configuring the interface as specified in the
956.Va ifconfig_ Ns Aq Ar interface
957and
958.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
959variables.
960.Pp
961It is possible to bring up an interface with DHCP by adding
962.Dq Li DHCP
963to the
964.Va ifconfig_ Ns Aq Ar interface
965variable.
966For instance, to initialize the
967.Li ed0
968device via DHCP,
969it is possible to use something like:
970.Bd -literal
971ifconfig_ed0="DHCP"
972.Ed
973.Pp
974Also, if your interface needs WPA authentication, it is possible to add
975.Dq Li WPA
976to the
977.Va ifconfig_ Ns Aq Ar interface
978variable.
979.Pp
980Finally, you can add
981.Xr ifconfig 8
982options in this variable, in addition to the
983.Pa /etc/start_if. Ns Aq Ar interface
984file.
985For instance, to initialize the
986.Li wi0
987device via DHCP, using WPA authentication and 802.11b mode, it is
988possible to use something like:
989.Bd -literal
990ifconfig_wi0="DHCP WPA mode 11b"
991.Ed
992.Pp
993It is also possible to rename interface by doing:
994.Bd -literal
995ifconfig_ed0_name="net0"
996ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
997.Ed
998.It Va ipv6_network_interfaces
999.Pq Vt str
1000This is the IPv6 equivalent of
1001.Va network_interfaces .
1002Instead of setting the ifconfig variables as
1003.Va ifconfig_ Ns Aq Ar interface
1004they should be set as
1005.Va ipv6_ifconfig_ Ns Aq Ar interface .
1006Aliases should be set as
1007.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
1008.Va ipv6_prefix_ Ns Aq Ar interface
1009does something.
1010Interfaces that do not have a
1011.Va ipv6_ifconfig_ Ns Aq Ar interface
1012setting will be auto configured by
1013.Xr rtsol 8
1014if the
1015.Va ipv6_gateway_enable
1016is set to
1017.Dq Li NO .
1018Note that the IPv6 networking code does not support the
1019.Pa /etc/start_if. Ns Aq Ar interface
1020files.
1021.It Va ipv6_default_interface
1022.Pq Vt str
1023If not set to
1024.Dq Li NO ,
1025this is the default output interface for scoped addresses.
1026Now this works only for IPv6 link local multicast addresses.
1027.It Va cloned_interfaces
1028.Pq Vt str
1029Set to the list of clonable network interfaces to create on this host.
1030Entries in
1031.Va cloned_interfaces
1032are automatically appended to
1033.Va network_interfaces
1034for configuration.
1035.It Va gif_interfaces
1036.Pq Vt str
1037Set to the list of
1038.Xr gif 4
1039tunnel interfaces to configure on this host.
1040A
1041.Va gifconfig_ Ns Aq Ar interface
1042variable is assumed to exist for each value of
1043.Ar interface .
1044The value of this variable is used to configure the link layer of the
1045tunnel according to the syntax of the
1046.Cm tunnel
1047option to
1048.Xr ifconfig 8 .
1049Additionally, this option ensures that each listed interface is created
1050via the
1051.Cm create
1052option to
1053.Xr ifconfig 8
1054before attempting to configure it.
1055.It Va sppp_interfaces
1056.Pq Vt str
1057Set to the list of
1058.Xr sppp 4
1059interfaces to configure on this host.
1060A
1061.Va spppconfig_ Ns Aq Ar interface
1062variable is assumed to exist for each value of
1063.Ar interface .
1064Each interface should also be configured by a general
1065.Va ifconfig_ Ns Aq Ar interface
1066setting.
1067Refer to
1068.Xr spppcontrol 8
1069for more information about available options.
1070.It Va ppp_enable
1071.Pq Vt bool
1072If set to
1073.Dq Li YES ,
1074run the
1075.Xr ppp 8
1076daemon.
1077.It Va ppp_mode
1078.Pq Vt str
1079Mode in which to run the
1080.Xr ppp 8
1081daemon.
1082Accepted modes are
1083.Dq Li auto ,
1084.Dq Li ddial ,
1085.Dq Li direct
1086and
1087.Dq Li dedicated .
1088See the manual for a full description.
1089.It Va ppp_nat
1090.Pq Vt bool
1091If set to
1092.Dq Li YES ,
1093enables network address translation.
1094Used in conjunction with
1095.Va gateway_enable
1096allows hosts on private network addresses access to the Internet using
1097this host as a network address translating router.
1098.It Va ppp_profile
1099.Pq Vt str
1100The name of the profile to use from
1101.Pa /etc/ppp/ppp.conf .
1102.It Va ppp_user
1103.Pq Vt str
1104The name of the user under which
1105.Xr ppp 8
1106should be started.
1107By
1108default,
1109.Xr ppp 8
1110is started as
1111.Dq Li root .
1112.It Va rc_conf_files
1113.Pq Vt str
1114This option is used to specify a list of files that will override
1115the settings in
1116.Pa /etc/defaults/rc.conf .
1117The files will be read in the order in which they are specified and should
1118include the full path to the file.
1119By default, the files specified are
1120.Pa /etc/rc.conf
1121and
1122.Pa /etc/rc.conf.local
1123.It Va gbde_autoattach_all
1124.Pq Vt bool
1125If set to
1126.Dq Li YES ,
1127.Pa /etc/rc.d/gbde
1128will attempt to automatically initialize your .bde devices in
1129.Pa /etc/fstab .
1130.It Va gbde_devices
1131.Pq Vt str
1132List the devices that the script should try to attach,
1133or
1134.Dq Li AUTO .
1135.It Va gbde_lockdir
1136.Pq Vt str
1137The directory where the
1138.Xr gbde 4
1139lockfiles are located.
1140The default lockfile directory is
1141.Pa /etc .
1142.Pp
1143The lockfile for each individual
1144.Xr gbde 4
1145device can be overridden by setting the variable
1146.Va gbde_lock_ Ns Aq Ar device ,
1147where
1148.Ar device
1149is the encrypted device without the
1150.Dq Pa /dev/
1151and
1152.Dq Pa .bde
1153parts.
1154.It Va gbde_attach_attempts
1155.Pq Vt int
1156Number of times to attempt attaching to a
1157.Xr gbde 4
1158device, i.e., how many times the user is asked for the pass-phrase.
1159Default is 3.
1160.It Va gbde_swap_enable
1161.Pq Vt bool
1162If set to
1163.Dq Li YES ,
1164any .bde swap devices listed in
1165.Pa /etc/fstab
1166will be initialized with a random, one-shot key.
1167Note that this makes recovery of kernel dumps impossible.
1168.It Va root_rw_mount
1169.Pq Vt bool
1170Set to
1171.Dq Li YES
1172by default.
1173After the file systems are checked at boot time, the root file system
1174is remounted as read-write if this is set to
1175.Dq Li YES .
1176Diskless systems that mount their root file system from a read-only remote
1177NFS share should set this to
1178.Dq Li NO
1179in their
1180.Pa rc.conf .
1181.It Va fsck_y_enable
1182.Pq Vt bool
1183If set to
1184.Dq Li YES ,
1185.Xr fsck 8
1186will be run with the
1187.Fl y
1188flag if the initial preen
1189of the file systems fails.
1190.It Va background_fsck
1191.Pq Vt bool
1192If set to
1193.Dq Li YES ,
1194the system will attempt to run
1195.Xr fsck 8
1196in the background where possible.
1197.It Va background_fsck_delay
1198.Pq Vt int
1199The amount of time in seconds to sleep before starting a background
1200.Xr fsck 8 .
1201It defaults to sixty seconds to allow large applications such as
1202the X server to start before disk I/O bandwidth is monopolized by
1203.Xr fsck 8 .
1204.It Va netfs_types
1205.Pq Vt str
1206List of file system types that are network-based.
1207This list should generally not be modified by end users.
1208Use
1209.Va extra_netfs_types
1210instead.
1211.It Va extra_netfs_types
1212.Pq Vt str
1213If set to something other than
1214.Dq Li NO
1215(the default),
1216this variable extends the list of file system types
1217for which automatic mounting at startup by
1218.Xr rc 8
1219should be delayed until the network is initialized.
1220It should contain
1221a whitespace-separated list of network file system descriptor pairs,
1222each consisting of a file system type as passed to
1223.Xr mount 8
1224and a human-readable, one-word description,
1225joined with a colon
1226.Pq Ql \&: .
1227Extending the default list in this way is only necessary
1228when third party file system types are used.
1229.It Va syslogd_enable
1230.Pq Vt bool
1231If set to
1232.Dq Li YES ,
1233run the
1234.Xr syslogd 8
1235daemon.
1236.It Va syslogd_program
1237.Pq Vt str
1238Path to
1239.Xr syslogd 8
1240(default
1241.Pa /usr/sbin/syslogd ) .
1242.It Va syslogd_flags
1243.Pq Vt str
1244If
1245.Va syslogd_enable
1246is set to
1247.Dq Li YES ,
1248these are the flags to pass to
1249.Xr syslogd 8 .
1250.It Va inetd_enable
1251.Pq Vt bool
1252If set to
1253.Dq Li YES ,
1254run the
1255.Xr inetd 8
1256daemon.
1257.It Va inetd_program
1258.Pq Vt str
1259Path to
1260.Xr inetd 8
1261(default
1262.Pa /usr/sbin/inetd ) .
1263.It Va inetd_flags
1264.Pq Vt str
1265If
1266.Va inetd_enable
1267is set to
1268.Dq Li YES ,
1269these are the flags to pass to
1270.Xr inetd 8 .
1271.It Va named_enable
1272.Pq Vt bool
1273If set to
1274.Dq Li YES ,
1275run the
1276.Xr named 8
1277daemon.
1278.It Va named_program
1279.Pq Vt str
1280Path to
1281.Xr named 8
1282(default
1283.Pa /usr/sbin/named ) .
1284.It Va named_flags
1285.Pq Vt str
1286If
1287.Va named_enable
1288is set to
1289.Dq Li YES ,
1290these are the flags to pass to
1291.Xr named 8 .
1292.It Va named_pidfile
1293.Pq Vt str
1294This is the default path to the
1295.Xr named 8
1296daemon's PID file.
1297Change it if you change the location in
1298.Xr named.conf 5 .
1299.It Va named_chrootdir
1300.Pq Vt str
1301The root directory for a name server run in a
1302.Xr chroot 8
1303environment (default
1304.Pa /var/named ) .
1305If left empty
1306.Xr named 8
1307will not be run in a
1308.Xr chroot 8
1309environment.
1310.It Va named_chroot_autoupdate
1311.Pq Vt bool
1312Set to
1313.Dq Li NO
1314to disable automatic update of the
1315.Xr chroot 8
1316environment.
1317.It Va named_symlink_enable
1318.Pq Vt bool
1319Set to
1320.Dq Li NO
1321to disable symlinking of
1322daemon's PID file
1323into the
1324.Xr chroot 8
1325environment.
1326.It Va kerberos5_server_enable
1327.Pq Vt bool
1328Set to
1329.Dq Li YES
1330to start a Kerberos 5 authentication server
1331at boot time.
1332.It Va kerberos5_server
1333.Pq Vt str
1334If
1335.Va kerberos5_server_enable
1336is set to
1337.Dq Li YES
1338this is the path to Kerberos 5 Authentication Server.
1339.It Va kadmind5_server_enable
1340.Pq Vt bool
1341Set to
1342.Dq Li YES
1343to start
1344.Xr kadmind 8 ,
1345the Kerberos 5 Administration Daemon; set to
1346.Dq Li NO
1347on a slave server.
1348.It Va kadmind5_server
1349.Pq Vt str
1350If
1351.Va kadmind5_server_enable
1352is set to
1353.Dq Li YES
1354this is the path to Kerberos 5 Administration Daemon.
1355.It Va kpasswdd_server_enable
1356.Pq Vt bool
1357Set to
1358.Dq Li YES
1359to start
1360.Xr kpasswdd 8 ,
1361the Kerberos 5 Password-Changing Daemon; set to
1362.Dq Li NO
1363on a slave server.
1364.It Va kpasswdd_server
1365.Pq Vt str
1366If
1367.Va kpasswdd_server_enable
1368is set to
1369.Dq Li YES
1370this is the path to Kerberos 5 Password-Changing Daemon.
1371.It Va rwhod_enable
1372.Pq Vt bool
1373If set to
1374.Dq Li YES ,
1375run the
1376.Xr rwhod 8
1377daemon at boot time.
1378.It Va rwhod_flags
1379.Pq Vt str
1380If
1381.Va rwhod_enable
1382is set to
1383.Dq Li YES ,
1384these are the flags to pass to it.
1385.It Va amd_enable
1386.Pq Vt bool
1387If set to
1388.Dq Li YES ,
1389run the
1390.Xr amd 8
1391daemon at boot time.
1392.It Va amd_flags
1393.Pq Vt str
1394If
1395.Va amd_enable
1396is set to
1397.Dq Li YES ,
1398these are the flags to pass to it.
1399See the
1400.Xr amd 8
1401manpage for more information.
1402.It Va amd_map_program
1403.Pq Vt str
1404If set,
1405the specified program is run to get the list of
1406.Xr amd 8
1407maps.
1408For example, if the
1409.Xr amd 8
1410maps are stored in NIS, one can set this to
1411run
1412.Xr ypcat 1
1413to get a list of
1414.Xr amd 8
1415maps from the
1416.Pa amd.master
1417NIS map.
1418.It Va update_motd
1419.Pq Vt bool
1420If set to
1421.Dq Li YES ,
1422.Pa /etc/motd
1423will be updated at boot time to reflect the kernel release
1424being run.
1425If set to
1426.Dq Li NO ,
1427.Pa /etc/motd
1428will not be updated.
1429.It Va nfs_client_enable
1430.Pq Vt bool
1431If set to
1432.Dq Li YES ,
1433run the NFS client daemons at boot time.
1434.It Va nfs_access_cache
1435.Pq Vt int
1436If
1437.Va nfs_client_enable
1438is set to
1439.Dq Li YES ,
1440this can be set to
1441.Dq Li 0
1442to disable NFS ACCESS RPC caching, or to the number of seconds for which
1443NFS ACCESS
1444results should be cached.
1445A value of 2-10 seconds will substantially reduce network
1446traffic for many NFS operations.
1447.It Va nfs_server_enable
1448.Pq Vt bool
1449If set to
1450.Dq Li YES ,
1451run the NFS server daemons at boot time.
1452.It Va nfs_server_flags
1453.Pq Vt str
1454If
1455.Va nfs_server_enable
1456is set to
1457.Dq Li YES ,
1458these are the flags to pass to the
1459.Xr nfsd 8
1460daemon.
1461.It Va mountd_enable
1462.Pq Vt bool
1463If set to
1464.Dq Li YES ,
1465and no
1466.Va nfs_server_enable
1467is set, start
1468.Xr mountd 8 ,
1469but not
1470.Xr nfsd 8
1471daemon.
1472It is commonly needed to run CFS without real NFS used.
1473.It Va mountd_flags
1474.Pq Vt str
1475If
1476.Va mountd_enable
1477is set to
1478.Dq Li YES ,
1479these are the flags to pass to the
1480.Xr mountd 8
1481daemon.
1482.It Va weak_mountd_authentication
1483.Pq Vt bool
1484If set to
1485.Dq Li YES ,
1486allow services like PCNFSD to make non-privileged mount
1487requests.
1488.It Va nfs_reserved_port_only
1489.Pq Vt bool
1490If set to
1491.Dq Li YES ,
1492provide NFS services only on a secure port.
1493.It Va nfs_bufpackets
1494.Pq Vt int
1495If set to a number, indicates the number of packets worth of
1496socket buffer space to reserve on an NFS client.
1497The kernel default is typically 4.
1498Using a higher number may be
1499useful on gigabit networks to improve performance.
1500The minimum value is
15012 and the maximum is 64.
1502.It Va rpc_lockd_enable
1503.Pq Vt bool
1504If set to
1505.Dq Li YES
1506and also an NFS server, run
1507.Xr rpc.lockd 8
1508at boot time.
1509.It Va rpc_statd_enable
1510.Pq Vt bool
1511If set to
1512.Dq Li YES
1513and also an NFS server, run
1514.Xr rpc.statd 8
1515at boot time.
1516.It Va rpcbind_program
1517.Pq Vt str
1518Path to
1519.Xr rpcbind 8
1520(default
1521.Pa /usr/sbin/rpcbind ) .
1522.It Va rpcbind_enable
1523.Pq Vt bool
1524If set to
1525.Dq Li YES ,
1526run the
1527.Xr rpcbind 8
1528service at boot time.
1529.It Va rpcbind_flags
1530.Pq Vt str
1531If
1532.Va rpcbind_enable
1533is set to
1534.Dq Li YES ,
1535these are the flags to pass to the
1536.Xr rpcbind 8
1537daemon.
1538.It Va keyserv_enable
1539.Pq Vt bool
1540If set to
1541.Dq Li YES ,
1542run the
1543.Xr keyserv 8
1544daemon on boot for running Secure RPC.
1545.It Va keyserv_flags
1546.Pq Vt str
1547If
1548.Va keyserv_enable
1549is set to
1550.Dq Li YES ,
1551these are the flags to pass to
1552.Xr keyserv 8
1553daemon.
1554.It Va pppoed_enable
1555.Pq Vt bool
1556If set to
1557.Dq Li YES ,
1558run the
1559.Xr pppoed 8
1560daemon at boot time to provide PPP over Ethernet services.
1561.It Va pppoed_ Ns Ar provider
1562.Pq Vt str
1563.Xr pppoed 8
1564listens to requests to this
1565.Ar provider
1566and ultimately runs
1567.Xr ppp 8
1568with a
1569.Ar system
1570argument of the same name.
1571.It Va pppoed_flags
1572.Pq Vt str
1573Additional flags to pass to
1574.Xr pppoed 8 .
1575.It Va pppoed_interface
1576.Pq Vt str
1577The network interface to run
1578.Xr pppoed 8
1579on.
1580This is mandatory when
1581.Va pppoed_enable
1582is set to
1583.Dq Li YES .
1584.It Va timed_enable
1585.Pq Vt bool
1586If set to
1587.Dq Li YES ,
1588run the
1589.Xr timed 8
1590service at boot time.
1591This command is intended for networks of
1592machines where a consistent
1593.Dq "network time"
1594for all hosts must be established.
1595This is often useful in large NFS
1596environments where time stamps on files are expected to be consistent
1597network-wide.
1598.It Va timed_flags
1599.Pq Vt str
1600If
1601.Va timed_enable
1602is set to
1603.Dq Li YES ,
1604these are the flags to pass to the
1605.Xr timed 8
1606service.
1607.It Va ntpdate_enable
1608.Pq Vt bool
1609If set to
1610.Dq Li YES ,
1611run
1612.Xr ntpdate 8
1613at system startup.
1614This command is intended to
1615synchronize the system clock only
1616.Em once
1617from some standard reference.
1618An option to set this up initially
1619(from a list of known servers) is also provided by the
1620.Xr sysinstall 8
1621program when the system is first installed.
1622.It Va ntpdate_hosts
1623.Pq Vt str
1624A whitespace-separated list of NTP servers to synchronize with at startup.
1625The default is to use the servers listed in
1626.Pa /etc/ntp.conf ,
1627if that file exists.
1628.It Va ntpdate_program
1629.Pq Vt str
1630Path to
1631.Xr ntpdate 8
1632(default
1633.Pa /usr/sbin/ntpdate ) .
1634.It Va ntpdate_flags
1635.Pq Vt str
1636If
1637.Va ntpdate_enable
1638is set to
1639.Dq Li YES ,
1640these are the flags to pass to the
1641.Xr ntpdate 8
1642command (typically a hostname).
1643.It Va ntpd_enable
1644.Pq Vt bool
1645If set to
1646.Dq Li YES ,
1647run the
1648.Xr ntpd 8
1649command at boot time.
1650.It Va ntpd_program
1651.Pq Vt str
1652Path to
1653.Xr ntpd 8
1654(default
1655.Pa /usr/sbin/ntpd ) .
1656.It Va ntpd_flags
1657.Pq Vt str
1658If
1659.Va ntpd_enable
1660is set to
1661.Dq Li YES ,
1662these are the flags to pass to the
1663.Xr ntpd 8
1664daemon.
1665.It Va ntpd_sync_on_start
1666.Pq Vt bool
1667If set to
1668.Dq Li YES ,
1669.Xr ntpd 8
1670is run with the
1671.Fl g
1672flag, which syncs the system's clock on startup.
1673See
1674.Xr ntpd 8
1675for more information regarding the
1676.Fl g
1677option.
1678This is a preferred alternative to using
1679.Xr ntpdate 8
1680or specifying the
1681.Va ntpdate_enable
1682variable.
1683.It Va nis_client_enable
1684.Pq Vt bool
1685If set to
1686.Dq Li YES ,
1687run the
1688.Xr ypbind 8
1689service at system boot time.
1690.It Va nis_client_flags
1691.Pq Vt str
1692If
1693.Va nis_client_enable
1694is set to
1695.Dq Li YES ,
1696these are the flags to pass to the
1697.Xr ypbind 8
1698service.
1699.It Va nis_ypset_enable
1700.Pq Vt bool
1701If set to
1702.Dq Li YES ,
1703run the
1704.Xr ypset 8
1705daemon at system boot time.
1706.It Va nis_ypset_flags
1707.Pq Vt str
1708If
1709.Va nis_ypset_enable
1710is set to
1711.Dq Li YES ,
1712these are the flags to pass to the
1713.Xr ypset 8
1714daemon.
1715.It Va nis_server_enable
1716.Pq Vt bool
1717If set to
1718.Dq Li YES ,
1719run the
1720.Xr ypserv 8
1721daemon at system boot time.
1722.It Va nis_server_flags
1723.Pq Vt str
1724If
1725.Va nis_server_enable
1726is set to
1727.Dq Li YES ,
1728these are the flags to pass to the
1729.Xr ypserv 8
1730daemon.
1731.It Va nis_ypxfrd_enable
1732.Pq Vt bool
1733If set to
1734.Dq Li YES ,
1735run the
1736.Xr rpc.ypxfrd 8
1737daemon at system boot time.
1738.It Va nis_ypxfrd_flags
1739.Pq Vt str
1740If
1741.Va nis_ypxfrd_enable
1742is set to
1743.Dq Li YES ,
1744these are the flags to pass to the
1745.Xr rpc.ypxfrd 8
1746daemon.
1747.It Va nis_yppasswdd_enable
1748.Pq Vt bool
1749If set to
1750.Dq Li YES ,
1751run the
1752.Xr rpc.yppasswdd 8
1753daemon at system boot time.
1754.It Va nis_yppasswdd_flags
1755.Pq Vt str
1756If
1757.Va nis_yppasswdd_enable
1758is set to
1759.Dq Li YES ,
1760these are the flags to pass to the
1761.Xr rpc.yppasswdd 8
1762daemon.
1763.It Va rpc_ypupdated_enable
1764.Pq Vt bool
1765If set to
1766.Dq Li YES ,
1767run the
1768.Nm rpc.ypupdated
1769daemon at system boot time.
1770.It Va bsnmpd_enable
1771.Pq Vt bool
1772If set to
1773.Dq Li YES ,
1774run the
1775.Xr bsnmpd 1
1776daemon at system boot time.
1777Be sure to understand the security implications of running SNMP daemon
1778on your host.
1779.It Va bsnmpd_flags
1780.Pq Vt str
1781If
1782.Va bsnmpd_enable
1783is set to
1784.Dq Li YES ,
1785these are the flags to pass to the
1786.Xr bsnmpd 1
1787daemon.
1788.It Va defaultrouter
1789.Pq Vt str
1790If not set to
1791.Dq Li NO ,
1792create a default route to this host name or IP address
1793(use an IP address if this router is also required to get to the
1794name server!).
1795.It Va ipv6_defaultrouter
1796.Pq Vt str
1797The IPv6 equivalent of
1798.Va defaultrouter .
1799.It Va static_routes
1800.Pq Vt str
1801Set to the list of static routes that are to be added at system
1802boot time.
1803If not set to
1804.Dq Li NO
1805then for each whitespace separated
1806.Ar element
1807in the value, a
1808.Va route_ Ns Aq Ar element
1809variable is assumed to exist
1810whose contents will later be passed to a
1811.Dq Nm route Cm add
1812operation.
1813For example:
1814.Bd -literal
1815static_routes="mcast gif0local"
1816route_mcast="-net 224.0.0.0/4 -iface gif0"
1817route_gif0local="-host 169.254.1.1 -iface lo0"
1818.Ed
1819.It Va ipv6_static_routes
1820.Pq Vt str
1821The IPv6 equivalent of
1822.Va static_routes .
1823If not set to
1824.Dq Li NO
1825then for each whitespace separated
1826.Ar element
1827in the value, a
1828.Va ipv6_route_ Ns Aq Ar element
1829variable is assumed to exist
1830whose contents will later be passed to a
1831.Dq Nm route Cm add Fl inet6
1832operation.
1833.It Va natm_static_routes
1834.Pq Vt str
1835The
1836.Xr natmip 4
1837equivalent of
1838.Va static_routes .
1839If not empty then for each whitespace separated
1840.Ar element
1841in the value, a
1842.Va route_ Ns Aq Ar element
1843variable is assumed to exist whose contents will later be passed to a
1844.Dq Nm atmconfig Cm natm Cm add
1845operation.
1846.It Va gateway_enable
1847.Pq Vt bool
1848If set to
1849.Dq Li YES ,
1850configure host to act as an IP router, e.g.\& to forward packets
1851between interfaces.
1852.It Va ipv6_gateway_enable
1853.Pq Vt bool
1854The IPv6 equivalent of
1855.Va gateway_enable .
1856.It Va router_enable
1857.Pq Vt bool
1858If set to
1859.Dq Li YES ,
1860run a routing daemon of some sort, based on the
1861settings of
1862.Va router
1863and
1864.Va router_flags .
1865.It Va ipv6_router_enable
1866.Pq Vt bool
1867The IPv6 equivalent of
1868.Va router_enable .
1869If set to
1870.Dq Li YES ,
1871run a routing daemon of some sort, based on the
1872settings of
1873.Va ipv6_router
1874and
1875.Va ipv6_router_flags .
1876.It Va router
1877.Pq Vt str
1878If
1879.Va router_enable
1880is set to
1881.Dq Li YES ,
1882this is the name of the routing daemon to use.
1883.It Va ipv6_router
1884.Pq Vt str
1885The IPv6 equivalent of
1886.Va router .
1887.It Va router_flags
1888.Pq Vt str
1889If
1890.Va router_enable
1891is set to
1892.Dq Li YES ,
1893these are the flags to pass to the routing daemon.
1894.It Va ipv6_router_flags
1895.Pq Vt str
1896The IPv6 equivalent of
1897.Va router_flags .
1898.It Va mrouted_enable
1899.Pq Vt bool
1900If set to
1901.Dq Li YES ,
1902run the multicast routing daemon,
1903.Xr mrouted 8 .
1904.It Va mroute6d_enable
1905.Pq Vt bool
1906The IPv6 equivalent of
1907.Va mrouted_enable .
1908If set to
1909.Dq Li YES ,
1910run the IPv6 multicast routing daemon.
1911Note that no IPv6 multicast routing daemon is included in the
1912.Fx
1913base system but
1914.Xr pim6dd 8
1915can be installed from the
1916.Fx
1917Ports Collection.
1918.It Va mrouted_flags
1919.Pq Vt str
1920If
1921.Va mrouted_enable
1922is set to
1923.Dq Li YES ,
1924these are the flags to pass to the
1925.Xr mrouted 8
1926daemon.
1927.It Va mroute6d_flags
1928.Pq Vt str
1929The IPv6 equivalent of
1930.Va mrouted_flags .
1931If
1932.Va mroute6d_enable
1933is set to
1934.Dq Li YES ,
1935these are the flags passed to the IPv6 multicast routing daemon.
1936.It Va mroute6d_program
1937.Pq Vt str
1938If
1939.Va mroute6d_enable
1940is set to
1941.Dq Li YES ,
1942this is the path to the IPv6 multicast routing daemon.
1943.It Va rtadvd_enable
1944.Pq Vt bool
1945If set to
1946.Dq Li YES ,
1947run the
1948.Xr rtadvd 8
1949daemon at boot time.
1950.Xr rtadvd 8
1951will only run if
1952.Va ipv6_gateway_enable
1953is also set to
1954.Dq Li YES .
1955The
1956.Xr rtadvd 8
1957utility sends router advertisement packets to the interfaces specified in
1958.Va rtadvd_interfaces
1959and should only be enabled with great care.
1960You may want to fine-tune
1961.Xr rtadvd.conf 5 .
1962.It Va rtadvd_interfaces
1963.Pq Vt str
1964If
1965.Va rtadvd_enable
1966is set to
1967.Dq Li YES
1968this is the list of interfaces to use.
1969.It Va ipxgateway_enable
1970.Pq Vt bool
1971If set to
1972.Dq Li YES ,
1973enable the routing of IPX traffic.
1974.It Va ipxrouted_enable
1975.Pq Vt bool
1976If set to
1977.Dq Li YES ,
1978run the
1979.Xr IPXrouted 8
1980daemon at system boot time.
1981.It Va ipxrouted_flags
1982.Pq Vt str
1983If
1984.Va ipxrouted_enable
1985is set to
1986.Dq Li YES ,
1987these are the flags to pass to the
1988.Xr IPXrouted 8
1989daemon.
1990.It Va arpproxy_all
1991.Pq Vt bool
1992If set to
1993.Dq Li YES ,
1994enable global proxy ARP.
1995.It Va forward_sourceroute
1996.Pq Vt bool
1997If set to
1998.Dq Li YES
1999and
2000.Va gateway_enable
2001is also set to
2002.Dq Li YES ,
2003source-routed packets are forwarded.
2004.It Va accept_sourceroute
2005.Pq Vt bool
2006If set to
2007.Dq Li YES ,
2008the system will accept source-routed packets directed at it.
2009.It Va rarpd_enable
2010.Pq Vt bool
2011If set to
2012.Dq Li YES ,
2013run the
2014.Xr rarpd 8
2015daemon at system boot time.
2016.It Va rarpd_flags
2017.Pq Vt str
2018If
2019.Va rarpd_enable
2020is set to
2021.Dq Li YES ,
2022these are the flags to pass to the
2023.Xr rarpd 8
2024daemon.
2025.It Va bootparamd_enable
2026.Pq Vt bool
2027If set to
2028.Dq Li YES ,
2029run the
2030.Xr bootparamd 8
2031daemon at system boot time.
2032.It Va bootparamd_flags
2033.Pq Vt str
2034If
2035.Va bootparamd_enable
2036is set to
2037.Dq Li YES ,
2038these are the flags to pass to the
2039.Xr bootparamd 8
2040daemon.
2041.It Va stf_interface_ipv4addr
2042.Pq Vt str
2043If not set to
2044.Dq Li NO ,
2045this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling
2046interface).
2047Specify this entry to enable the 6to4 interface.
2048.It Va stf_interface_ipv4plen
2049.Pq Vt int
2050Prefix length for 6to4 IPv4 addresses, to limit peer address range.
2051An effective value is 0-31.
2052.It Va stf_interface_ipv6_ifid
2053.Pq Vt str
2054IPv6 interface ID for
2055.Xr stf 4 .
2056This can be set to
2057.Dq Li AUTO .
2058.It Va stf_interface_ipv6_slaid
2059.Pq Vt str
2060IPv6 Site Level Aggregator for
2061.Xr stf 4 .
2062.It Va ipv6_faith_prefix
2063.Pq Vt str
2064If not set to
2065.Dq Li NO ,
2066this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP
2067translator.
2068You also need
2069.Xr faithd 8
2070setup.
2071.It Va ipv6_ipv4mapping
2072.Pq Vt bool
2073If set to
2074.Dq Li YES
2075this enables IPv4 mapped IPv6 address communication (like
2076.Li ::ffff:a.b.c.d ) .
2077.It Va atm_enable
2078.Pq Vt bool
2079Set to
2080.Dq Li YES
2081to enable the configuration of ATM interfaces at system boot time.
2082For all of the ATM variables described below, please refer to the
2083.Xr atm 8
2084man page for further details on the available command parameters.
2085Also refer to the files in
2086.Pa /usr/share/examples/atm
2087for more detailed configuration information.
2088.It Va atm_load
2089.Pq Vt str
2090This is a list of physical ATM interface drivers to load.
2091Typical values are
2092.Dq Li hfa_pci
2093and/or
2094.Dq Li hea_pci .
2095.It Va atm_netif_ Ns Aq Ar intf
2096.Pq Vt str
2097For the ATM physical interface
2098.Ar intf ,
2099this variable defines the name prefix and count for the ATM network
2100interfaces to be created.
2101The value will be passed as the parameters of an
2102.Dq Nm atm Cm "set netif" Ar intf
2103command.
2104.It Va atm_sigmgr_ Ns Aq Ar intf
2105.Pq Vt str
2106For the ATM physical interface
2107.Ar intf ,
2108this variable defines the ATM signalling manager to be used.
2109The value will be passed as the parameters of an
2110.Dq Nm atm Cm attach Ar intf
2111command.
2112.It Va atm_prefix_ Ns Aq Ar intf
2113.Pq Vt str
2114For the ATM physical interface
2115.Ar intf ,
2116this variable defines the NSAP prefix for interfaces using a UNI signalling
2117manager.
2118If set to
2119.Dq Li ILMI ,
2120the prefix will automatically be set via the
2121.Xr ilmid 8
2122daemon.
2123Otherwise, the value will be passed as the parameters of an
2124.Dq Nm atm Cm "set prefix" Ar intf
2125command.
2126.It Va atm_macaddr_ Ns Aq Ar intf
2127.Pq Vt str
2128For the ATM physical interface
2129.Ar intf ,
2130this variable defines the MAC address for interfaces using a UNI signalling
2131manager.
2132If set to
2133.Dq Li NO ,
2134the hardware MAC address contained in the ATM interface card will be used.
2135Otherwise, the value will be passed as the parameters of an
2136.Dq Nm atm Cm "set mac" Ar intf
2137command.
2138.It Va atm_arpserver_ Ns Aq Ar netif
2139.Pq Vt str
2140For the ATM network interface
2141.Ar netif ,
2142this variable defines the ATM address for a host which is to provide ATMARP
2143service.
2144This variable is only applicable to interfaces using a UNI signalling
2145manager.
2146If set to
2147.Dq Li local ,
2148this host will become an ATMARP server.
2149The value will be passed as the parameters of an
2150.Dq Nm atm Cm "set arpserver" Ar netif
2151command.
2152.It Va atm_scsparp_ Ns Aq Ar netif
2153.Pq Vt bool
2154If set to
2155.Dq Li YES ,
2156SCSP/ATMARP service for the network interface
2157.Ar netif
2158will be initiated using the
2159.Xr scspd 8
2160and
2161.Xr atmarpd 8
2162daemons.
2163This variable is only applicable if
2164.Va atm_arpserver_ Ns Aq Ar netif
2165is set to
2166.Dq Li local .
2167.It Va atm_pvcs
2168.Pq Vt str
2169Set to the list of ATM PVCs to be added at system
2170boot time.
2171For each whitespace separated
2172.Ar element
2173in the value, an
2174.Va atm_pvc_ Ns Aq Ar element
2175variable is assumed to exist.
2176The value of each of these variables
2177will be passed as the parameters of an
2178.Dq Nm atm Cm "add pvc"
2179command.
2180.It Va atm_arps
2181.Pq Vt str
2182Set to the list of permanent ATM ARP entries to be added
2183at system boot time.
2184For each whitespace separated
2185.Ar element
2186in the value, an
2187.Va atm_arp_ Ns Aq Ar element
2188variable is assumed to exist.
2189The value of each of these variables
2190will be passed as the parameters of an
2191.Dq Nm atm Cm "add arp"
2192command.
2193.It Va natm_interfaces
2194.Pq Vt str
2195Set to the list of
2196.Xr natm 4
2197interfaces that will also be used for HARP through
2198.Xr harp 4 .
2199If this list is not empty all interfaces in the list will be brought up
2200with
2201.Xr ifconfig 8
2202and
2203.Xr harp 4
2204will be loaded.
2205For this to work the interface drivers must be either compiled into the
2206kernel or must reside on the root partition.
2207.It Va keybell
2208.Pq Vt str
2209The keyboard bell sound.
2210Set to
2211.Dq Li normal ,
2212.Dq Li visual ,
2213.Dq Li off ,
2214or
2215.Dq Li NO
2216if the default behavior is desired.
2217For details, refer to the
2218.Xr kbdcontrol 1
2219manpage.
2220.It Va keyboard
2221.Pq Vt str
2222If set to a non-null string, the virtual console's keyboard input is
2223set to this device.
2224.It Va keymap
2225.Pq Vt str
2226If set to
2227.Dq Li NO ,
2228no keymap is installed, otherwise the value is used to install
2229the keymap file in
2230.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
2231.It Va keyrate
2232.Pq Vt str
2233The keyboard repeat speed.
2234Set to
2235.Dq Li slow ,
2236.Dq Li normal ,
2237.Dq Li fast ,
2238or
2239.Dq Li NO
2240if the default behavior is desired.
2241.It Va keychange
2242.Pq Vt str
2243If not set to
2244.Dq Li NO ,
2245attempt to program the function keys with the value.
2246The value should
2247be a single string of the form:
2248.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
2249.It Va cursor
2250.Pq Vt str
2251Can be set to the value of
2252.Dq Li normal ,
2253.Dq Li blink ,
2254.Dq Li destructive ,
2255or
2256.Dq Li NO
2257to set the cursor behavior explicitly or choose the default behavior.
2258.It Va scrnmap
2259.Pq Vt str
2260If set to
2261.Dq Li NO ,
2262no screen map is installed, otherwise the value is used to install
2263the screen map file in
2264.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
2265.It Va font8x16
2266.Pq Vt str
2267If set to
2268.Dq Li NO ,
2269the default 8x16 font value is used for screen size requests, otherwise
2270the value in
2271.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2272is used.
2273.It Va font8x14
2274.Pq Vt str
2275If set to
2276.Dq Li NO ,
2277the default 8x14 font value is used for screen size requests, otherwise
2278the value in
2279.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2280is used.
2281.It Va font8x8
2282.Pq Vt str
2283If set to
2284.Dq Li NO ,
2285the default 8x8 font value is used for screen size requests, otherwise
2286the value in
2287.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2288is used.
2289.It Va blanktime
2290.Pq Vt int
2291If set to
2292.Dq Li NO ,
2293the default screen blanking interval is used, otherwise it is set
2294to
2295.Ar value
2296seconds.
2297.It Va saver
2298.Pq Vt str
2299If not set to
2300.Dq Li NO ,
2301this is the actual screen saver to use
2302.Li ( blank , snake , daemon ,
2303etc).
2304.It Va moused_nondefault_enable
2305.Pq Vt str
2306If set to
2307.Dq Li NO ,
2308the mouse device specified on
2309the command line is not automatically treated as enabled by the
2310.Pa /etc/rc.d/moused
2311script.
2312Having this variable set to
2313.Dq Li YES
2314allows a
2315.Xr usb 4
2316mouse,
2317for example,
2318to be enabled as soon as it is plugged in.
2319.It Va moused_enable
2320.Pq Vt str
2321If set to
2322.Dq Li YES ,
2323the
2324.Xr moused 8
2325daemon is started for doing cut/paste selection on the console.
2326.It Va moused_type
2327.Pq Vt str
2328This is the protocol type of the mouse connected to this host.
2329This variable must be set if
2330.Va moused_enable
2331is set to
2332.Dq Li YES .
2333The
2334.Xr moused 8
2335daemon
2336is able to detect the appropriate mouse type automatically in many cases.
2337Set this variable to
2338.Dq Li auto
2339to let the daemon detect it, or
2340select one from the following list if the automatic detection fails.
2341.Pp
2342If the mouse is attached to the PS/2 mouse port, choose
2343.Dq Li auto
2344or
2345.Dq Li ps/2 ,
2346regardless of the brand and model of the mouse.
2347Likewise, if the
2348mouse is attached to the bus mouse port, choose
2349.Dq Li auto
2350or
2351.Dq Li busmouse .
2352All other protocols are for serial mice and will not work with
2353the PS/2 and bus mice.
2354If this is a USB mouse,
2355.Dq Li auto
2356is the only protocol type which will work.
2357.Pp
2358.Bl -tag -width ".Li x10mouseremote" -compact
2359.It Li microsoft
2360Microsoft mouse (serial)
2361.It Li intellimouse
2362Microsoft IntelliMouse (serial)
2363.It Li mousesystems
2364Mouse systems Corp.\& mouse (serial)
2365.It Li mmseries
2366MM Series mouse (serial)
2367.It Li logitech
2368Logitech mouse (serial)
2369.It Li busmouse
2370A bus mouse
2371.It Li mouseman
2372Logitech MouseMan and TrackMan (serial)
2373.It Li glidepoint
2374ALPS GlidePoint (serial)
2375.It Li thinkingmouse
2376Kensington ThinkingMouse (serial)
2377.It Li ps/2
2378PS/2 mouse
2379.It Li mmhittab
2380MM HitTablet (serial)
2381.It Li x10mouseremote
2382X10 MouseRemote (serial)
2383.It Li versapad
2384Interlink VersaPad (serial)
2385.El
2386.Pp
2387Even if the mouse is not in the above list, it may be compatible
2388with one in the list.
2389Refer to the man page for
2390.Xr moused 8
2391for compatibility information.
2392.Pp
2393It should also be noted that while this is enabled, any
2394other client of the mouse (such as an X server) should access
2395the mouse through the virtual mouse device,
2396.Pa /dev/sysmouse ,
2397and configure it as a
2398.Dq Li sysmouse
2399type mouse, since all
2400mouse data is converted to this single canonical format when
2401using
2402.Xr moused 8 .
2403If the client program does not support the
2404.Dq Li sysmouse
2405type,
2406specify the
2407.Dq Li mousesystems
2408type.
2409It is the second preferred type.
2410.It Va moused_port
2411.Pq Vt str
2412If
2413.Va moused_enable
2414is set to
2415.Dq Li YES ,
2416this is the actual port the mouse is on.
2417It might be
2418.Pa /dev/cuad0
2419for a COM1 serial mouse,
2420.Pa /dev/psm0
2421for a PS/2 mouse or
2422.Pa /dev/mse0
2423for a bus mouse, for example.
2424.It Va moused_flags
2425.Pq Vt str
2426If
2427.Va moused_type
2428is set, these are the additional flags to pass to the
2429.Xr moused 8
2430daemon.
2431.It Va mousechar_start
2432.Pq Vt int
2433If set to
2434.Dq Li NO ,
2435the default mouse cursor character range
2436.Li 0xd0 Ns - Ns Li 0xd3
2437is used,
2438otherwise the range start is set
2439to
2440.Ar value
2441character, see
2442.Xr vidcontrol 1 .
2443Use if the default range is occupied in the language code table.
2444.It Va allscreens_flags
2445.Pq Vt str
2446If set,
2447.Xr vidcontrol 1
2448is run with these options for each of the virtual terminals
2449.Pq Pa /dev/ttyv* .
2450For example,
2451.Dq Fl m Cm on
2452will enable the mouse pointer on all virtual terminals
2453if
2454.Va moused_enable
2455is set to
2456.Dq Li YES .
2457.It Va allscreens_kbdflags
2458.Pq Vt str
2459If set,
2460.Xr kbdcontrol 1
2461is run with these options for each of the virtual terminals
2462.Pq Pa /dev/ttyv* .
2463For example,
2464.Dq Fl h Li 200
2465will set the
2466.Xr syscons 4
2467scrollback (history) buffer to 200 lines.
2468.It Va cron_enable
2469.Pq Vt bool
2470If set to
2471.Dq Li YES ,
2472run the
2473.Xr cron 8
2474daemon at system boot time.
2475.It Va cron_program
2476.Pq Vt str
2477Path to
2478.Xr cron 8
2479(default
2480.Pa /usr/sbin/cron ) .
2481.It Va cron_flags
2482.Pq Vt str
2483If
2484.Va cron_enable
2485is set to
2486.Dq Li YES ,
2487these are the flags to pass to
2488.Xr cron 8 .
2489.It Va cron_dst
2490.Pq Vt bool
2491If set to
2492.Dq Li YES ,
2493enable the special handling of transitions to and from the
2494Daylight Saving Time in
2495.Xr cron 8
2496(equivalent to using the flag
2497.Fl s ) .
2498.It Va lpd_program
2499.Pq Vt str
2500Path to
2501.Xr lpd 8
2502(default
2503.Pa /usr/sbin/lpd ) .
2504.It Va lpd_enable
2505.Pq Vt bool
2506If set to
2507.Dq Li YES ,
2508run the
2509.Xr lpd 8
2510daemon at system boot time.
2511.It Va lpd_flags
2512.Pq Vt str
2513If
2514.Va lpd_enable
2515is set to
2516.Dq Li YES ,
2517these are the flags to pass to the
2518.Xr lpd 8
2519daemon.
2520.It Va chkprintcap_enable
2521.Pq Vt bool
2522If set to
2523.Dq Li YES ,
2524run the
2525.Xr chkprintcap 8
2526command before starting the
2527.Xr lpd 8
2528daemon.
2529.It Va chkprintcap_flags
2530.Pq Vt str
2531If
2532.Va lpd_enable
2533and
2534.Va chkprintcap_enable
2535are set to
2536.Dq Li YES ,
2537these are the flags to pass to the
2538.Xr chkprintcap 8
2539program.
2540The default is
2541.Dq Li -d ,
2542which causes missing directories to be created.
2543.It Va mta_start_script
2544.Pq Vt str
2545This variable specifies the full path to the script to run to start
2546a mail transfer agent.
2547The default is
2548.Pa /etc/rc.sendmail .
2549The
2550.Va sendmail_*
2551variables which
2552.Pa /etc/rc.sendmail
2553uses are documented in the
2554.Xr rc.sendmail 8
2555man page.
2556.It Va dumpdev
2557.Pq Vt str
2558Indicates the device (usually a swap partition) to which a crash dump
2559should be written in the event of a system crash.
2560If the value of this variable is
2561.Dq Li AUTO ,
2562the first suitable swap device listed in
2563.Pa /etc/fstab
2564will be used as dump device.
2565Otherwise, the value of this variable is passed as the argument to
2566.Xr dumpon 8 .
2567To disable crash dumps, set this variable to
2568.Dq Li NO .
2569.It Va dumpdir
2570.Pq Vt str
2571When the system reboots after a crash and a crash dump is found on the
2572device specified by the
2573.Va dumpdev
2574variable,
2575.Xr savecore 8
2576will save that crash dump and a copy of the kernel to the directory
2577specified by the
2578.Va dumpdir
2579variable.
2580The default value is
2581.Pa /var/crash .
2582Set to
2583.Dq Li NO
2584to not run
2585.Xr savecore 8
2586at boot time when
2587.Va dumpdir
2588is set.
2589.It Va savecore_flags
2590.Pq Vt str
2591If crash dumps are enabled, these are the flags to pass to the
2592.Xr savecore 8
2593utility.
2594.It Va enable_quotas
2595.Pq Vt bool
2596Set to
2597.Dq Li YES
2598to turn on user disk quotas on system startup via the
2599.Xr quotaon 8
2600command.
2601.It Va check_quotas
2602.Pq Vt bool
2603Set to
2604.Dq Li YES
2605to enable user disk quota checking via the
2606.Xr quotacheck 8
2607command.
2608.It Va accounting_enable
2609.Pq Vt bool
2610Set to
2611.Dq Li YES
2612to enable system accounting through the
2613.Xr accton 8
2614facility.
2615.It Va ibcs2_enable
2616.Pq Vt bool
2617Set to
2618.Dq Li YES
2619to enable iBCS2 (SCO) binary emulation at system initial boot
2620time.
2621.It Va ibcs2_loaders
2622.Pq Vt str
2623If not set to
2624.Dq Li NO
2625and if
2626.Va ibcs2_enable
2627is set to
2628.Dq Li YES ,
2629this specifies a list of additional iBCS2 loaders to enable.
2630.It Va linux_enable
2631.Pq Vt bool
2632Set to
2633.Dq Li YES
2634to enable Linux/ELF binary emulation at system initial
2635boot time.
2636.It Va osf1_enable
2637.Pq Vt bool
2638Set to
2639.Dq Li YES
2640to enable OSF/1 (Digital UNIX) binary emulation at system
2641initial boot time.
2642(alpha)
2643.It Va svr4_enable
2644.Pq Vt bool
2645If set to
2646.Dq Li YES ,
2647enable SysVR4 emulation at boot time.
2648.It Va sysvipc_enable
2649.Pq Vt bool
2650If set to
2651.Dq Li YES ,
2652load System V IPC primitives at boot time.
2653.It Va clear_tmp_enable
2654.Pq Vt bool
2655Set to
2656.Dq Li YES
2657to have
2658.Pa /tmp
2659cleaned at startup.
2660.It Va ldconfig_paths
2661.Pq Vt str
2662Set to the list of shared library paths to use with
2663.Xr ldconfig 8 .
2664NOTE:
2665.Pa /usr/lib
2666will always be added first, so it need not appear in this list.
2667.It Va ldconfig_paths_aout
2668.Pq Vt str
2669Set to the list of shared library paths to use with
2670.Xr ldconfig 8
2671legacy
2672.Xr a.out 5
2673support.
2674.It Va ldconfig_insecure
2675.Pq Vt bool
2676The
2677.Xr ldconfig 8
2678utility normally refuses to use directories
2679which are writable by anyone except root.
2680Set this variable to
2681.Dq Li YES
2682to disable that security check during system startup.
2683.It Va kern_securelevel_enable
2684.Pq Vt bool
2685Set to
2686.Dq Li YES
2687to set the kernel security level at system startup.
2688.It Va kern_securelevel
2689.Pq Vt int
2690The kernel security level to set at startup.
2691The allowed range of
2692.Ar value
2693ranges from \-1 (the compile time default) to 3 (the
2694most secure).
2695See
2696.Xr init 8
2697for the list of possible security levels and their effect
2698on system operation.
2699.It Va sshd_program
2700.Pq Vt str
2701Path to the SSH server program
2702.Pa ( /usr/sbin/sshd
2703is the default).
2704.It Va sshd_enable
2705.Pq Vt bool
2706Set to
2707.Dq Li YES
2708to start
2709.Xr sshd 8
2710at system boot time.
2711.It Va sshd_flags
2712.Pq Vt str
2713If
2714.Va sshd_enable
2715is set to
2716.Dq Li YES ,
2717these are the flags to pass to the
2718.Xr sshd 8
2719daemon.
2720.It Va usbd_enable
2721.Pq Vt bool
2722If set to
2723.Dq Li YES ,
2724run the
2725.Xr usbd 8
2726daemon at boot time.
2727.It Va usbd_flags
2728.Pq Vt str
2729If
2730.Va usbd_enable
2731is set to
2732.Dq Li YES ,
2733these are the flags passed to the
2734.Xr usbd 8
2735daemon.
2736.It Va watchdogd_enable
2737.Pq Vt bool
2738If set to
2739.Dq Li YES ,
2740start the
2741.Xr watchdogd 8
2742daemon at boot time.
2743This requires that the kernel have been compiled with a
2744.Xr watchdog 4
2745compatible device.
2746.It Va watchdogd_flags
2747.Pq Vt str
2748If
2749.Va watchdogd_enable
2750is set to
2751.Dq Li YES ,
2752these are the flags passed to the
2753.Xr watchdogd 8
2754daemon.
2755.It Va performance_cx_lowest
2756.Pq Vt str
2757CPU idle state to use while on AC power.
2758The string
2759.Dq Li LOW
2760indicates that
2761.Xr acpi 4
2762should use the lowest power state available while
2763.Dq Li HIGH
2764indicates that the lowest latency state (less power savings) should be used.
2765.It Va performance_cpu_freq
2766.Pq Vt str
2767CPU clock frequency to use while on AC power.
2768The string
2769.Dq Li LOW
2770indicates that
2771.Xr cpufreq 4
2772should use the lowest frequency available while
2773.Dq Li HIGH
2774indicates that the highest frequency (less power savings) should be used.
2775.It Va economy_cx_lowest
2776.Pq Vt str
2777CPU idle state to use when off AC power.
2778The string
2779.Dq Li LOW
2780indicates that
2781.Xr acpi 4
2782should use the lowest power state available while
2783.Dq Li HIGH
2784indicates that the lowest latency state (less power savings) should be used.
2785.It Va economy_cpu_freq
2786.Pq Vt str
2787CPU clock frequency to use when off AC power.
2788The string
2789.Dq Li LOW
2790indicates that
2791.Xr cpufreq 4
2792should use the lowest frequency available while
2793.Dq Li HIGH
2794indicates that the highest frequency (less power savings) should be used.
2795.It Va jail_enable
2796.Pq Vt bool
2797If set to
2798.Dq Li NO ,
2799any configured jails will not be started.
2800.It Va jail_list
2801.Pq Vt str
2802A space separated list of names for jails.
2803This is purely a configuration aid to help identify and
2804configure multiple jails.
2805The names specified in this list will be used to
2806identify settings common to an instance of a jail.
2807Assuming that the jail in question was named
2808.Li vjail ,
2809you would have the following dependant variables:
2810.Bd -literal
2811jail_vjail_hostname="jail.example.com"
2812jail_vjail_ip="192.168.1.100"
2813jail_vjail_rootdir="/var/jails/vjail/root"
2814jail_vjail_exec="/bin/sh /etc/rc"
2815.Ed
2816.Pp
2817The last one is optional.
2818It defaults to
2819.Pa /etc/rc
2820if it is not set.
2821.It Va jail_set_hostname_allow
2822.Pq Vt bool
2823If set to
2824.Dq Li NO ,
2825do not allow the root user in a jail to set its hostname.
2826.It Va jail_socket_unixiproute_only
2827.Pq Vt bool
2828If set to
2829.Dq Li NO ,
2830do not allow any protocol,
2831besides TCP/IP,
2832to be used within a jail.
2833.It Va jail_sysvipc_allow
2834.Pq Vt bool
2835If set to
2836.Dq Li YES ,
2837allow applications within a jail to use System V IPC.
2838.It Va unaligned_print
2839.Pq Vt bool
2840If set to
2841.Dq Li NO ,
2842unaligned access warnings will not be printed.
2843(alpha)
2844.\" ----- isdn settings ---------------------------------
2845.It Va isdn_enable
2846.Pq Vt bool
2847Set to
2848.Dq Li NO
2849by default.
2850When set to
2851.Dq Li YES ,
2852starts the
2853.Xr isdnd 8
2854daemon
2855at system boot time.
2856.It Va isdn_flags
2857.Pq Vt str
2858Set to
2859.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9
2860by default.
2861Additional flags to pass to
2862.Xr isdnd 8
2863(but see
2864.Va isdn_fsdev
2865and
2866.Va isdn_ttype
2867for certain tunable parameters).
2868.It Va isdn_ttype
2869.Pq Vt str
2870Set to
2871.Dq Li cons25
2872by default.
2873The terminal type of the output device when
2874.Xr isdnd 8
2875operates in full-screen mode.
2876.It Va isdn_screenflags
2877.Pq Vt str
2878Set to
2879.Dq Li NO
2880by default.
2881The video mode for full-screen mode (only for
2882.Xr syscons 4
2883console driver, see
2884.Xr vidcontrol 1
2885for valid modes).
2886.It Va isdn_fsdev
2887.Pq Vt str
2888Set to
2889.Dq Li NO
2890by default.
2891The output device for
2892.Xr isdnd 8
2893in full-screen mode (or
2894.Dq Li NO
2895for daemon mode).
2896.It Va isdn_trace
2897.Pq Vt bool
2898Set to
2899.Dq Li NO
2900by default.
2901When set to
2902.Dq Li YES ,
2903enables the ISDN protocol trace utility
2904.Xr isdntrace 8
2905at system boot time.
2906.It Va isdn_traceflags
2907.Pq Vt str
2908Set to
2909.Dq Fl f Pa /var/tmp/isdntrace0
2910by default.
2911Flags for
2912.Xr isdntrace 8 .
2913.\" -----------------------------------------------------
2914.It Va pcvt_verbose
2915.Pq Vt bool
2916Set to
2917.Dq Li NO
2918by default.
2919When set to
2920.Dq Li YES ,
2921verbose messages about the actions done by the start script are displayed.
2922.Em Note :
2923the
2924.Xr pcvt 4
2925driver must be compiled into the kernel before the
2926.Xr pcvt 4
2927related
2928options described here take any effect.
2929.It Va pcvt_keymap
2930.Pq Vt str
2931Set to
2932.Dq Li NO
2933by default.
2934Use this to configure a national keyboard mapping found in the
2935.Pa /usr/share/misc/keycap.pcvt
2936file of keyboard mappings.
2937(See also the manual pages
2938.Xr keycap 5
2939and
2940.Xr keycap 3
2941for usage of
2942.Xr pcvt 4 Ns 's
2943keycap database and the manual page
2944.Xr kcon 1
2945option
2946.Fl m
2947for national keyboard mapping configuration.)
2948.It Va pcvt_keydel
2949.Pq Vt int
2950Set to
2951.Dq Li NO
2952by default.
2953Used to set the keyboard key repeat delay value.
2954Valid values are
2955in the range 0..3 for delay values of 250, 500, 750 and 1000 msec.
2956(See also the
2957.Xr kcon 1
2958manual page.)
2959.It Va pcvt_keyrate
2960.Pq Vt int
2961Set to
2962.Dq Li NO
2963by default.
2964Used to set the keyboard key repetition rate value.
2965Valid values are
2966in the range 0..31 for repetition values of 2..30 characters per second.
2967.It Va pcvt_keyrepeat
2968.Pq Vt bool
2969Set to
2970.Dq Li NO
2971by default.
2972Set to
2973.Dq Li YES
2974to enable automatic keyboard key repeating.
2975.It Va pcvt_force24
2976.Pq Vt bool
2977Set to
2978.Dq Li NO
2979by default.
2980Set to
2981.Dq Li YES
2982to force
2983.Xr pcvt 4
2984to use 24 lines only (in 25 lines mode) for compatibility
2985with the original
2986.Tn VT220
2987terminal.
2988.It Va pcvt_hpext
2989.Pq Vt bool
2990Set to
2991.Dq Li NO
2992by default.
2993Set to
2994.Dq Li YES
2995to enable the display and functionality of function key labels (as found
2996on
2997.Tn Hewlett-Packard
2998terminals such as the
2999.Tn HP2392A
3000and the
3001.Tn HP700/92
3002in
3003.Tn ANSI
3004mode).
3005.It Va pcvt_lines
3006.Pq Vt int
3007Set to
3008.Dq Li NO
3009by default resulting in a value of 25.
3010Used to set the number of lines on the screen.
3011For VGA displays, valid
3012values are 25, 28, 40 and 50 lines.
3013(See also the
3014.Xr scon 1
3015manual page.)
3016.It Va pcvt_blanktime
3017.Pq Vt int
3018Set to
3019.Dq Li NO
3020by default.
3021Used to set the screen saver timeout in seconds for values greater than
3022zero.
3023.It Va pcvt_cursorh
3024.Pq Vt int
3025Set to
3026.Dq Li NO
3027by default.
3028Used to set the cursor top scanline.
3029(See also the
3030.Xr cursor 1
3031manual page.)
3032.It Va pcvt_cursorl
3033.Pq Vt int
3034Set to
3035.Dq Li NO
3036by default.
3037Used to set the cursor bottom scanline.
3038.It Va pcvt_monohigh
3039.Pq Vt bool
3040Set to
3041.Dq Li NO
3042by default.
3043Set to
3044.Dq Li YES
3045to set intensity to high on monochrome monitors.
3046(See also the
3047.Xr scon 1
3048manual page, option
3049.Fl p ,
3050for more information on changing VGA palette
3051values.)
3052.It Va harvest_interrupt
3053.Pq Vt bool
3054Set to
3055.Dq Li YES
3056to use hardware interrupts as an entropy source.
3057Refer to
3058.Xr random 4
3059for more information.
3060.It Va harvest_ethernet
3061.Pq Vt bool
3062Set to
3063.Dq Li YES
3064to use LAN traffic as an entropy source.
3065Refer to
3066.Xr random 4
3067for more information.
3068.It Va harvest_p_to_p
3069.Pq Vt bool
3070Set to
3071.Dq Li YES
3072to use serial line traffic as an entropy source.
3073Refer to
3074.Xr random 4
3075for more information.
3076.It Va entropy_dir
3077.Pq Vt str
3078Set to
3079.Dq Li NO
3080to disable caching entropy via
3081.Xr cron 8 .
3082Otherwise set to the directory used to store entropy files in.
3083.It Va entropy_file
3084.Pq Vt str
3085Set to
3086.Dq Li NO
3087to disable caching entropy through reboots.
3088Otherwise set to the filename used to store cached entropy through
3089reboots.
3090This file should be located on the root file system to seed the
3091.Xr random 4
3092device as early as possible in the boot process.
3093.It Va entropy_save_sz
3094.Pq Vt int
3095Size of the entropy cache files saved by
3096.Nm save-entropy
3097periodically.
3098.It Va entropy_save_num
3099.Pq Vt int
3100Number of entropy cache files to save by
3101.Nm save-entropy
3102periodically.
3103.It Va ipsec_enable
3104.Pq Vt bool
3105Set to
3106.Dq Li YES
3107to run
3108.Xr setkey 8
3109on
3110.Va ipsec_file
3111at boot time.
3112.It Va ipsec_file
3113.Pq Vt str
3114Configuration file for
3115.Xr setkey 8 .
3116.It Va dmesg_enable
3117.Pq Vt bool
3118Set to
3119.Dq Li YES
3120to save
3121.Xr dmesg 8
3122to
3123.Pa /var/run/dmesg.boot
3124on boot.
3125.It Va rcshutdown_timeout
3126.Pq Vt int
3127If set, start a watchdog timer in the background which will terminate
3128.Pa rc.shutdown
3129if
3130.Xr shutdown 8
3131has not completed within the specified time (in seconds).
3132.It Va virecover_enable
3133.Pq Vt bool
3134Set to
3135.Dq Li NO
3136to prevent the system from trying to
3137recover pre-maturely terminated
3138.Xr vi 1
3139sessions.
3140.It Va ugidfw_enable
3141.Pq Vt bool
3142Set to
3143.Dq Li YES
3144to load the
3145.Xr mac_bsdextended 4
3146module upon system initialization and load a default
3147ruleset file.
3148.It Va bsdextended_script
3149.Pq Vt str
3150The default
3151.Xr mac_bsdextended 4
3152ruleset file to load.
3153The default value of this variable is
3154.Pa /etc/rc.bsdextended .
3155.It Va newsyslog_enable
3156.Pq Vt bool
3157If set to
3158.Dq Li YES ,
3159run
3160.Xr newsyslog 8
3161command at startup.
3162.It Va newsyslog_flags
3163.Pq Vt str
3164If
3165.Va newsyslog_enable
3166is set to
3167.Dq Li YES ,
3168these are the flags to pass to the
3169.Xr newsyslog 8
3170program.
3171The default is
3172.Dq Li -CN ,
3173which causes log files flagged with a
3174.Cm C
3175to be created.
3176.It Va ramdisk_units
3177.Pq Vt str
3178A list of one or more ramdisk units to configure with
3179.Xr mdconfig 8
3180and
3181.Xr newfs 8
3182in time to be mounted from
3183.Xr fstab 5 .
3184Each listed unit
3185.Ar X
3186must specify at least a
3187.Ar type
3188in a
3189.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config
3190variable.
3191.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config
3192.Pq Vt str
3193Arguments to
3194.Xr mdconfig 8
3195for ramdisk
3196.Ar X .
3197At minimum a
3198.Fl t Ar type
3199must be specified, where
3200.Ar type
3201must be one of
3202.Cm malloc
3203or
3204.Cm swap .
3205.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs
3206.Pq Vt str
3207Optional arguments passed to
3208.Xr newfs 8
3209to initialize ramdisk
3210.Ar X .
3211.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner
3212.Pq Vt str
3213An ownership specification passed to
3214.Xr chown 8
3215after the specified ramdisk unit
3216.Ar X
3217has been mounted.
3218Both the
3219.Xr md 4
3220device and the mount point will be changed.
3221.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms
3222.Pq Vt str
3223A mode string passed to
3224.Xr chmod 1
3225after the specified ramdisk unit
3226.Ar X
3227has been mounted.
3228Both the
3229.Xr md 4
3230device and the mount point will be changed.
3231.El
3232.Sh FILES
3233.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
3234.It Pa /etc/defaults/rc.conf
3235.It Pa /etc/rc.conf
3236.It Pa /etc/rc.conf.local
3237.El
3238.Sh SEE ALSO
3239.Xr catman 1 ,
3240.Xr chmod 1 ,
3241.Xr gdb 1 ,
3242.Xr info 1 ,
3243.Xr kbdcontrol 1 ,
3244.Xr makewhatis 1 ,
3245.Xr vi 1 ,
3246.Xr vidcontrol 1 ,
3247.Xr ip 4 ,
3248.Xr kld 4 ,
3249.Xr tcp 4 ,
3250.Xr udp 4 ,
3251.Xr exports 5 ,
3252.Xr motd 5 ,
3253.Xr newsyslog.conf 5 ,
3254.Xr accton 8 ,
3255.Xr amd 8 ,
3256.Xr apm 8 ,
3257.Xr atm 8 ,
3258.Xr chkprintcap 8 ,
3259.Xr chown 8 ,
3260.Xr cron 8 ,
3261.Xr dhclient 8 ,
3262.Xr ifconfig 8 ,
3263.Xr inetd 8 ,
3264.Xr isdnd 8 ,
3265.Xr isdntrace 8 ,
3266.Xr kldxref 8 ,
3267.Xr lpd 8 ,
3268.Xr mdconfig 8 ,
3269.Xr mdmfs 8 ,
3270.Xr mountd 8 ,
3271.Xr moused 8 ,
3272.Xr mrouted 8 ,
3273.Xr named 8 ,
3274.Xr newfs 8 ,
3275.Xr newsyslog 8 ,
3276.Xr nfsd 8 ,
3277.Xr ntpd 8 ,
3278.Xr ntpdate 8 ,
3279.Xr pcnfsd 8 ,
3280.Xr powerd 8 ,
3281.Xr quotacheck 8 ,
3282.Xr quotaon 8 ,
3283.Xr rc 8 ,
3284.Xr rc.sendmail 8 ,
3285.Xr route 8 ,
3286.Xr routed 8 ,
3287.Xr rpcbind 8 ,
3288.Xr rpc.lockd 8 ,
3289.Xr rpc.statd 8 ,
3290.Xr rwhod 8 ,
3291.Xr savecore 8 ,
3292.Xr sshd 8 ,
3293.Xr swapon 8 ,
3294.Xr sysctl 8 ,
3295.Xr syslogd 8 ,
3296.Xr timed 8 ,
3297.Xr usbd 8 ,
3298.Xr yp 8 ,
3299.Xr ypbind 8 ,
3300.Xr ypserv 8 ,
3301.Xr ypset 8
3302.Sh HISTORY
3303The
3304.Nm
3305file appeared in
3306.Fx 2.2.2 .
3307.Sh AUTHORS
3308.An Jordan K. Hubbard .
3309