1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd April 8, 2006 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Li name=value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va early_late_divider 99.Pq Vt str 100The name of the script that should be used as the 101delimiter between the 102.Dq early 103and 104.Dq late 105stages of the boot process. 106The early stage should contain all the services needed to 107get the disks (local or remote) mounted so that the late 108stage can include scripts contained in the directories 109listed in the 110.Va local_startup 111variable (see below). 112Thus, the two likely candidates for this value are 113mountcritlocal for the typical system, 114and mountcritremote if the system needs remote file 115systems mounted to get access to the 116.Va local_startup 117directories; for example when 118.Pa /usr/local 119is NFS mounted. 120For 121.Pa rc.conf 122within a 123.Xr jail 8 124NETWORKING is likely to be an appropriate value. 125Extreme care should be taken when changing this value, 126and before changing it one should ensure that there are 127adequate provisions to recover from a failed boot 128(such as physical contact with the machine, 129or reliable remote console access). 130.It Va swapfile 131.Pq Vt str 132If set to 133.Dq Li NO , 134no swapfile is installed, otherwise the value is used as the full 135pathname to a file to use for additional swap space. 136.It Va apm_enable 137.Pq Vt bool 138If set to 139.Dq Li YES , 140enable support for Automatic Power Management with 141the 142.Xr apm 8 143command. 144.It Va apmd_enable 145.Pq Vt bool 146Run 147.Xr apmd 8 148to handle APM event from userland. 149This also enables support for APM. 150.It Va apmd_flags 151.Pq Vt str 152If 153.Va apmd_enable 154is set to 155.Dq Li YES , 156these are the flags to pass to the 157.Xr apmd 8 158daemon. 159.It Va devd_enable 160.Pq Vt bool 161Run 162.Xr devd 8 163to handle device added, removed or unknown events from the kernel. 164.It Va kldxref_enable 165.Pq Vt bool 166Set to 167.Dq Li NO 168by default. 169Set to 170.Dq Li YES 171to automatically rebuild 172.Pa linker.hints 173files with 174.Xr kldxref 8 175at boot time. 176.It Va kldxref_clobber 177.Pq Vt bool 178Set to 179.Dq Li NO 180by default. 181If 182.Va kldxref_enable 183is true, 184setting to 185.Dq Li YES 186will overwrite existing 187.Pa linker.hints 188files at boot time. 189Otherwise, 190only missing 191.Pa linker.hints 192files are generated. 193.It Va kldxref_module_path 194.Pq Vt str 195Empty by default. 196A semi-colon 197.Pq Ql \&; 198delimited list of paths containing 199.Xr kld 4 200modules. 201If empty, 202the contents of the 203.Va kern.module_path 204.Xr sysctl 8 205are used. 206.It Va powerd_enable 207.Pq Vt bool 208If set to 209.Dq Li YES , 210enable the system power control facility with the 211.Xr powerd 8 212daemon. 213.It Va powerd_flags 214.Pq Vt str 215If 216.Va powerd_enable 217is set to 218.Dq Li YES , 219these are the flags to pass to the 220.Xr powerd 8 221daemon. 222.It Va tmpmfs 223Controls the creation of a 224.Pa /tmp 225memory file system. 226Always happens if set to 227.Dq Li YES 228and never happens if set to 229.Dq Li NO . 230If set to anything else, a memory file system is created if 231.Pa /tmp 232is not writable. 233.It Va tmpsize 234Controls the size of a created 235.Pa /tmp 236memory file system. 237.It Va tmpmfs_flags 238Extra options passed to the 239.Xr mdmfs 8 240utility when the memory file system for 241.Pa /tmp 242is created. 243The default is 244.Dq Li "-S -M" , 245which inhibits the use of softupdates on 246.Pa /tmp 247to waste as little space as possible 248and creates a pure memory backed disk, which will never be swapped out, 249for maximum performance and system stability at low memory conditions. 250See 251.Xr mdmfs 8 252for other options you can use in 253.Va tmpmfs_flags . 254.It Va varmfs 255Controls the creation of a 256.Pa /var 257memory file system. 258Always happens if set to 259.Dq Li YES 260and never happens if set to 261.Dq Li NO . 262If set to anything else, a memory file system is created if 263.Pa /var 264is not writable. 265.It Va varsize 266Controls the size of a created 267.Pa /var 268memory file system. 269.It Va varmfs_flags 270Extra options passed to the 271.Xr mdmfs 8 272utility when the memory file system for 273.Pa /var 274is created. 275The default is 276.Dq Li "-S -M" , 277which inhibits the use of softupdates on 278.Pa /var 279to waste as little space as possible 280and creates a pure memory backed disk, which will never be swapped out, 281for maximum performance and system stability at low memory conditions. 282See 283.Xr mdmfs 8 284for other options you can use in 285.Va varmfs_flags . 286.It Va populate_var 287Controls the automatic population of the 288.Pa /var 289file system. 290Always happens if set to 291.Dq Li YES 292and never happens if set to 293.Dq Li NO . 294If set to anything else, a memory file system is created if 295.Pa /var 296is not writable. 297Note that this process requires access to certain commands in 298.Pa /usr 299before 300.Pa /usr 301is mounted on normal systems. 302.It Va cleanvar_enable 303.Pq Vt bool 304Clean the 305.Pa /var 306directory. 307.It Va local_startup 308.Pq Vt str 309List of directories to search for startup script files. 310.It Va script_name_sep 311.Pq Vt str 312The field separator to use for breaking down the list of startup script files 313into individual filenames. 314The default is a space. 315It is not necessary to change this unless there are startup scripts with names 316containing spaces. 317.It Va hostapd_enable 318.Pq Vt bool 319Set to 320.Dq Li YES 321to start 322.Xr hostapd 8 323at system boot time. 324.It Va hostname 325.Pq Vt str 326The fully qualified domain name (FQDN) of this host on the network. 327This should almost certainly be set to something meaningful, even if 328there is no network connection. 329If 330.Xr dhclient 8 331is used to set the hostname via DHCP, 332this variable should be set to an empty string. 333.It Va ipv6_enable 334.Pq Vt bool 335Enable support for IPv6 networking. 336Note that this requires that the kernel has been compiled with 337.Cd "options INET6" . 338.It Va nisdomainname 339.Pq Vt str 340The NIS domain name of this host, or 341.Dq Li NO 342if NIS is not used. 343.It Va dhclient_program 344.Pq Vt str 345Path to the DHCP client program 346.Pa ( /sbin/dhclient , 347the 348.Ox 349DHCP client, 350is the default). 351.It Va dhclient_flags 352.Pq Vt str 353Additional flags to pass to the DHCP client program. 354For the 355.Ox 356DHCP client, see the 357.Xr dhclient 8 358manpage for a description of the command line options available. 359.It Va background_dhclient 360.Pq Vt bool 361Set to 362.Dq Li YES 363to start the DHCP client in background. 364This can cause trouble with applications depending on 365a working network, but it will provide a faster startup 366in many cases. 367.It Va firewall_enable 368.Pq Vt bool 369Set to 370.Dq Li YES 371to load firewall rules at startup. 372If the kernel was not built with 373.Cd "options IPFIREWALL" , 374the 375.Pa ipfw.ko 376kernel module will be loaded. 377See also 378.Va ipfilter_enable . 379.It Va ipv6_firewall_enable 380.Pq Vt bool 381The IPv6 equivalent of 382.Va firewall_enable . 383Set to 384.Dq Li YES 385to load IPv6 firewall rules at startup. 386If the kernel was not built with 387.Cd "options IPV6FIREWALL" , 388the 389.Pa ip6fw.ko 390kernel module will be loaded. 391.It Va firewall_script 392.Pq Vt str 393This variable specifies the full path to the firewall script to run. 394The default is 395.Pa /etc/rc.firewall . 396.It Va ipv6_firewall_script 397.Pq Vt str 398The IPv6 equivalent of 399.Va firewall_script . 400.It Va firewall_type 401.Pq Vt str 402Names the firewall type from the selection in 403.Pa /etc/rc.firewall , 404or the file which contains the local firewall ruleset. 405Valid selections from 406.Pa /etc/rc.firewall 407are: 408.Pp 409.Bl -tag -width ".Li simple" -compact 410.It Li open 411unrestricted IP access 412.It Li closed 413all IP services disabled, except via 414.Dq Li lo0 415.It Li client 416basic protection for a workstation 417.It Li simple 418basic protection for a LAN. 419.El 420.Pp 421If a filename is specified, the full path 422must be given. 423.It Va ipv6_firewall_type 424.Pq Vt str 425The IPv6 equivalent of 426.Va firewall_type . 427.It Va firewall_quiet 428.Pq Vt bool 429Set to 430.Dq Li YES 431to disable the display of firewall rules on the console during boot. 432.It Va ipv6_firewall_quiet 433.Pq Vt bool 434The IPv6 equivalent of 435.Va firewall_quiet . 436.It Va firewall_logging 437.Pq Vt bool 438Set to 439.Dq Li YES 440to enable firewall event logging. 441This is equivalent to the 442.Dv IPFIREWALL_VERBOSE 443kernel option. 444.It Va ipv6_firewall_logging 445.Pq Vt bool 446The IPv6 equivalent of 447.Va firewall_logging . 448.It Va firewall_flags 449.Pq Vt str 450Flags passed to 451.Xr ipfw 8 452if 453.Va firewall_type 454specifies a filename. 455.It Va ipv6_firewall_flags 456.Pq Vt str 457The IPv6 equivalent of 458.Va firewall_flags . 459.It Va natd_program 460.Pq Vt str 461Path to 462.Xr natd 8 . 463.It Va natd_enable 464.Pq Vt bool 465Set to 466.Dq Li YES 467to enable 468.Xr natd 8 . 469.Va firewall_enable 470must also be set to 471.Dq Li YES , 472and 473.Xr divert 4 474sockets must be enabled in the kernel. 475If the kernel was not built with 476.Cd "options IPDIVERT" , 477the 478.Pa ipdivert.ko 479kernel module will be loaded. 480.It Va natd_interface 481.Pq Vt str 482This is the name of the public interface on which 483.Xr natd 8 484should run. 485The interface may be given as an interface name or as an IP address. 486.It Va natd_flags 487.Pq Vt str 488Additional 489.Xr natd 8 490flags should be placed here. 491The 492.Fl n 493or 494.Fl a 495flag is automatically added with the above 496.Va natd_interface 497as an argument. 498.\" ----- ipfilter_enable setting -------------------------------- 499.It Va ipfilter_enable 500.Pq Vt bool 501Set to 502.Dq Li NO 503by default. 504Setting this to 505.Dq Li YES 506enables 507.Xr ipf 8 508packet filtering. 509.Pp 510Typical usage will require putting 511.Bd -literal 512ipfilter_enable="YES" 513ipnat_enable="YES" 514ipmon_enable="YES" 515ipfs_enable="YES" 516.Ed 517.Pp 518into 519.Pa /etc/rc.conf 520and editing 521.Pa /etc/ipf.rules 522and 523.Pa /etc/ipnat.rules 524appropriately. 525.Pp 526Note that 527.Va ipfilter_enable 528and 529.Va ipnat_enable 530can be enabled independently. 531.Va ipmon_enable 532and 533.Va ipfs_enable 534both require at least one of 535.Va ipfilter_enable 536and 537.Va ipnat_enable 538to be enabled. 539.Pp 540Having 541.Bd -literal 542options IPFILTER 543options IPFILTER_LOG 544options IPFILTER_DEFAULT_BLOCK 545.Ed 546.Pp 547in the kernel configuration file is a good idea, too. 548.\" ----- ipfilter_program setting ------------------------------ 549.It Va ipfilter_program 550.Pq Vt str 551Path to 552.Xr ipf 8 553(default 554.Pa /sbin/ipf ) . 555.\" ----- ipfilter_rules setting -------------------------------- 556.It Va ipfilter_rules 557.Pq Vt str 558Set to 559.Pa /etc/ipf.rules 560by default. 561This variable contains the name of the filter rule definition file. 562The file is expected to be readable for the 563.Xr ipf 8 564command to execute. 565.\" ----- ipv6_ipfilter_rules setting --------------------------- 566.It Va ipv6_ipfilter_rules 567.Pq Vt str 568Set to 569.Pa /etc/ipf6.rules 570by default. 571This variable contains the IPv6 filter rule definition file. 572The file is expected to be readable for the 573.Xr ipf 8 574command to execute. 575.\" ----- ipfilter_flags setting -------------------------------- 576.It Va ipfilter_flags 577.Pq Vt str 578Empty by default. 579This variable contains flags passed to the 580.Xr ipf 8 581program. 582.\" ----- ipnat_enable setting ---------------------------------- 583.It Va ipnat_enable 584.Pq Vt bool 585Set to 586.Dq Li NO 587by default. 588Set it to 589.Dq Li YES 590to enable 591.Xr ipnat 8 592network address translation. 593See 594.Va ipfilter_enable 595for a detailed discussion. 596.\" ----- ipnat_program setting --------------------------------- 597.It Va ipnat_program 598.Pq Vt str 599Path to 600.Xr ipnat 8 601(default 602.Pa /sbin/ipnat ) . 603.\" ----- ipnat_rules setting ----------------------------------- 604.It Va ipnat_rules 605.Pq Vt str 606Set to 607.Pa /etc/ipnat.rules 608by default. 609This variable contains the name of the file 610holding the network address translation definition. 611This file is expected to be readable for the 612.Xr ipnat 8 613command to execute. 614.\" ----- ipnat_flags setting ----------------------------------- 615.It Va ipnat_flags 616.Pq Vt str 617Empty by default. 618This variable contains flags passed to the 619.Xr ipnat 8 620program. 621.\" ----- ipmon_enable setting ---------------------------------- 622.It Va ipmon_enable 623.Pq Vt bool 624Set to 625.Dq Li NO 626by default. 627Set it to 628.Dq Li YES 629to enable 630.Xr ipmon 8 631monitoring (logging 632.Xr ipf 8 633and 634.Xr ipnat 8 635events). 636Setting this variable needs setting 637.Va ipfilter_enable 638or 639.Va ipnat_enable 640too. 641See 642.Va ipfilter_enable 643for a detailed discussion. 644.\" ----- ipmon_program setting --------------------------------- 645.It Va ipmon_program 646.Pq Vt str 647Path to 648.Xr ipmon 8 649(default 650.Pa /sbin/ipmon ) . 651.\" ----- ipmon_flags setting ----------------------------------- 652.It Va ipmon_flags 653.Pq Vt str 654Set to 655.Dq Li -Ds 656by default. 657This variable contains flags passed to the 658.Xr ipmon 8 659program. 660Another typical example would be 661.Dq Fl D Pa /var/log/ipflog 662to have 663.Xr ipmon 8 664log directly to a file bypassing 665.Xr syslogd 8 . 666Make sure to adjust 667.Pa /etc/newsyslog.conf 668in such case like this: 669.Bd -literal 670/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 671.Ed 672.\" ----- ipfs_enable setting ----------------------------------- 673.It Va ipfs_enable 674.Pq Vt bool 675Set to 676.Dq Li NO 677by default. 678Set it to 679.Dq Li YES 680to enable 681.Xr ipfs 8 682saving the filter and NAT state tables during shutdown 683and reloading them during startup again. 684Setting this variable needs setting 685.Va ipfilter_enable 686or 687.Va ipnat_enable 688to 689.Dq Li YES 690too. 691See 692.Va ipfilter_enable 693for a detailed discussion. 694Note that if 695.Va kern_securelevel 696is set to 3, 697.Va ipfs_enable 698cannot be used 699because the raised securelevel will prevent 700.Xr ipfs 8 701from saving the state tables at shutdown time. 702.\" ----- ipfs_program setting ---------------------------------- 703.It Va ipfs_program 704.Pq Vt str 705Path to 706.Xr ipfs 8 707(default 708.Pa /sbin/ipfs ) . 709.\" ----- ipfs_flags setting ------------------------------------ 710.It Va ipfs_flags 711.Pq Vt str 712Empty by default. 713This variable contains flags passed to the 714.Xr ipfs 8 715program. 716.\" ----- end of added ipf hook --------------------------------- 717.It Va pf_enable 718.Pq Vt bool 719Set to 720.Dq Li NO 721by default. 722Setting this to 723.Dq Li YES 724enables 725.Xr pf 4 726packet filtering. 727.Pp 728Typical usage will require putting 729.Pp 730.Dl pf_enable="YES" 731.Pp 732into 733.Pa /etc/rc.conf 734and editing 735.Pa /etc/pf.conf 736appropriately. 737.Pp 738.Dl "device pf" 739.Pp 740builds 741.Xr pf 4 742into the kernel. 743Otherwise it is loaded from a module. 744.It Va pf_rules 745.Pq Vt str 746Path to 747.Xr pf 4 748ruleset configuration file 749(default 750.Pa /etc/pf.conf ) . 751.It Va pf_program 752.Pq Vt str 753Path to 754.Xr pfctl 8 755(default 756.Pa /sbin/pfctl ) . 757.It Va pf_flags 758.Pq Vt str 759If 760.Va pf_enable 761is set to 762.Dq Li YES , 763these flags are passed to the 764.Xr pfctl 8 765program when loading the ruleset. 766.It Va pflog_enable 767.Pq Vt bool 768Set to 769.Dq Li NO 770by default. 771Setting this to 772.Dq Li YES 773enables 774.Xr pflogd 8 775which logs packets from the 776.Xr pf 4 777packet filter. 778.It Va pflog_logfile 779.Pq Vt str 780If 781.Va pflog_enable 782is set to 783.Dq Li YES 784this controls where 785.Xr pflogd 8 786stores the logfile 787(default 788.Pa /var/log/pflog ) . 789Check 790.Pa /etc/newsyslog.conf 791to adjust logfile rotation for this. 792.It Va pflog_program 793.Pq Vt str 794Path to 795.Xr pflogd 8 796(default 797.Pa /sbin/pflogd ) . 798.It Va pflog_flags 799.Pq Vt str 800Empty by default. 801This variable contains additional flags passed to the 802.Xr pflogd 8 803program. 804.It Va pfsync_enable 805.Pq Vt bool 806Set to 807.Dq Li NO 808by default. 809Setting this to 810.Dq Li YES 811enables exposing 812.Xr pf 4 813state changes to other hosts over the network by means of 814.Xr pfsync 4 . 815The 816.Va pfsync_syncdev 817variable 818must also be set then. 819.It Va pfsync_syncdev 820.Pq Vt str 821Empty by default. 822This variable specifies the name of the network interface 823.Xr pfsync 4 824should operate through. 825It must be set accordingly if 826.Va pfsync_enable 827is set to 828.Dq Li YES . 829.It Va pfsync_ifconfig 830.Pq Vt str 831Empty by default. 832This variable can contain additional options to be passed to the 833.Xr ifconfig 8 834command used to set up 835.Xr pfsync 4 . 836.It Va tcp_extensions 837.Pq Vt bool 838Set to 839.Dq Li YES 840by default. 841Setting this to 842.Dq Li NO 843disables certain TCP options as described by 844.Rs 845.%T "RFC 1323" 846.Re 847Setting this to 848.Dq Li NO 849might help remedy such problems with connections as randomly hanging 850or other weird behavior. 851Some network devices are known 852to be broken with respect to these options. 853.It Va log_in_vain 854.Pq Vt int 855Set to 0 by default. 856The 857.Xr sysctl 8 858variables, 859.Va net.inet.tcp.log_in_vain 860and 861.Va net.inet.udp.log_in_vain , 862as described in 863.Xr tcp 4 864and 865.Xr udp 4 , 866are set to the given value. 867.It Va tcp_keepalive 868.Pq Vt bool 869Set to 870.Dq Li YES 871by default. 872Setting to 873.Dq Li NO 874will disable probing idle TCP connections to verify that the 875peer is still up and reachable. 876.It Va tcp_drop_synfin 877.Pq Vt bool 878Set to 879.Dq Li NO 880by default. 881Setting to 882.Dq Li YES 883will cause the kernel to ignore TCP frames that have both 884the SYN and FIN flags set. 885This prevents OS fingerprinting, but may 886break some legitimate applications. 887This option is only available if the 888kernel was built with the 889.Dv TCP_DROP_SYNFIN 890option. 891.It Va icmp_drop_redirect 892.Pq Vt bool 893Set to 894.Dq Li NO 895by default. 896Setting to 897.Dq Li YES 898will cause the kernel to ignore ICMP REDIRECT packets. 899Refer to 900.Xr icmp 4 901for more information. 902.It Va icmp_log_redirect 903.Pq Vt bool 904Set to 905.Dq Li NO 906by default. 907Setting to 908.Dq Li YES 909will cause the kernel to log ICMP REDIRECT packets. 910Note that 911the log messages are not rate-limited, so this option should only be used 912for troubleshooting networks. 913Refer to 914.Xr icmp 4 915for more information. 916.It Va icmp_bmcastecho 917.Pq Vt bool 918Set to 919.Dq Li YES 920to respond to broadcast or multicast ICMP ping packets. 921Refer to 922.Xr icmp 4 923for more information. 924.It Va ip_portrange_first 925.Pq Vt int 926If not set to 927.Dq Li NO , 928this is the first port in the default portrange. 929Refer to 930.Xr ip 4 931for more information. 932.It Va ip_portrange_last 933.Pq Vt int 934If not set to 935.Dq Li NO , 936this is the last port in the default portrange. 937Refer to 938.Xr ip 4 939for more information. 940.It Va network_interfaces 941.Pq Vt str 942Set to the list of network interfaces to configure on this host or 943.Dq Li AUTO 944(the default) for all current interfaces. 945For example, if the only active network devices in the system 946are the loopback device 947.Pq Li lo0 948and a NIC using the 949.Xr ed 4 950driver, 951this could be set to 952.Dq Li "lo0 ed0" . 953.Pp 954An 955.Va ifconfig_ Ns Aq Ar interface 956variable is also assumed to exist for each value of 957.Ar interface . 958The variable can contain arguments to 959.Xr ifconfig 8 , 960as well as special case-insensitive keywords described below. 961Such keywords are removed before passing the value to 962.Xr ifconfig 8 963while the order of the other arguments is preserved. 964.Pp 965One can configure more than one IPv4 address with the 966.Va ipv4_addrs_ Ns Aq Ar interface 967variable. 968One or more IP addresses must be provided in Classless Inter-Domain 969Routing (CIDR) address notation, whose last byte can be a range like 970192.168.0.5-23/24. 971In this case the address 192.168.0.5 will be configured with the 972netmask /24 and the addresses 192.168.0.6 to 192.168.0.23 with 973the non-conflicting netmask /32 as explained in the 974.Xr ifconfig 8 975alias section. 976With the interface in question being 977.Li ed0 , 978an example could look like: 979.Bd -literal 980ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28" 981.Ed 982.Pp 983It is also possible to add IP alias entries using 984.Xr ifconfig 8 985syntax. 986Assuming that the interface in question was 987.Li ed0 , 988it might look 989something like this: 990.Bd -literal 991ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 992ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 993.Ed 994.Pp 995And so on. 996For each 997.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 998entry that is found, 999its contents are passed to 1000.Xr ifconfig 8 . 1001Execution stops at the first unsuccessful access, so if 1002something like this is present: 1003.Bd -literal 1004ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1005ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1006ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1007ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1008.Ed 1009.Pp 1010Then note that alias4 would 1011.Em not 1012be added since the search would 1013stop with the missing 1014.Dq Li alias3 1015entry. 1016Due to this difficult to manage behavior, the 1017.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1018form is deprecated. 1019.Pp 1020If the 1021.Pa /etc/start_if. Ns Aq Ar interface 1022file is present, it is read and executed by the 1023.Xr sh 1 1024interpreter 1025before configuring the interface as specified in the 1026.Va ifconfig_ Ns Aq Ar interface 1027and 1028.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1029variables. 1030.Pp 1031If the 1032.Va ifconfig_ Ns Aq Ar interface 1033contains the keyword 1034.Dq Li NOAUTO 1035then the interface will not be configured 1036at boot or by 1037.Pa /etc/pccard_ether 1038when 1039.Va network_interfaces 1040is set to 1041.Dq Li AUTO . 1042.Pp 1043It is possible to bring up an interface with DHCP by adding 1044.Dq Li DHCP 1045to the 1046.Va ifconfig_ Ns Aq Ar interface 1047variable. 1048For instance, to initialize the 1049.Li ed0 1050device via DHCP, 1051it is possible to use something like: 1052.Bd -literal 1053ifconfig_ed0="DHCP" 1054.Ed 1055.Pp 1056Also, if your interface needs WPA authentication, it is possible to add 1057.Dq Li WPA 1058to the 1059.Va ifconfig_ Ns Aq Ar interface 1060variable. 1061.Pp 1062Finally, you can add 1063.Xr ifconfig 8 1064options in this variable, in addition to the 1065.Pa /etc/start_if. Ns Aq Ar interface 1066file. 1067For instance, to initialize the 1068.Li wi0 1069device via DHCP, using WPA authentication and 802.11b mode, it is 1070possible to use something like: 1071.Bd -literal 1072ifconfig_wi0="DHCP WPA mode 11b" 1073.Ed 1074.Pp 1075In addition to the 1076.Va ifconfig_ Ns Aq Ar interface 1077form, a fallback variable 1078.Va ifconfig_DEFAULT 1079may be configured. 1080It will be used for all interfaces with no 1081.Va ifconfig_ Ns Aq Ar interface 1082variable. 1083This is intended to replace the no longer supported 1084.Va pccard_ifconfig 1085variable. 1086.Pp 1087It is also possible to rename interface by doing: 1088.Bd -literal 1089ifconfig_ed0_name="net0" 1090ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 1091.Ed 1092.It Va ipv6_network_interfaces 1093.Pq Vt str 1094This is the IPv6 equivalent of 1095.Va network_interfaces . 1096Instead of setting the ifconfig variables as 1097.Va ifconfig_ Ns Aq Ar interface 1098they should be set as 1099.Va ipv6_ifconfig_ Ns Aq Ar interface . 1100Aliases should be set as 1101.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 1102.Va ipv6_prefix_ Ns Aq Ar interface 1103does something. 1104Interfaces that do not have a 1105.Va ipv6_ifconfig_ Ns Aq Ar interface 1106setting will be auto configured by 1107.Xr rtsol 8 1108if the 1109.Va ipv6_gateway_enable 1110is set to 1111.Dq Li NO . 1112Note that the IPv6 networking code does not support the 1113.Pa /etc/start_if. Ns Aq Ar interface 1114files. 1115.It Va ipv6_default_interface 1116.Pq Vt str 1117If not set to 1118.Dq Li NO , 1119this is the default output interface for scoped addresses. 1120Now this works only for IPv6 link local multicast addresses. 1121.It Va cloned_interfaces 1122.Pq Vt str 1123Set to the list of clonable network interfaces to create on this host. 1124Entries in 1125.Va cloned_interfaces 1126are automatically appended to 1127.Va network_interfaces 1128for configuration. 1129.It Va gif_interfaces 1130.Pq Vt str 1131Set to the list of 1132.Xr gif 4 1133tunnel interfaces to configure on this host. 1134A 1135.Va gifconfig_ Ns Aq Ar interface 1136variable is assumed to exist for each value of 1137.Ar interface . 1138The value of this variable is used to configure the link layer of the 1139tunnel according to the syntax of the 1140.Cm tunnel 1141option to 1142.Xr ifconfig 8 . 1143Additionally, this option ensures that each listed interface is created 1144via the 1145.Cm create 1146option to 1147.Xr ifconfig 8 1148before attempting to configure it. 1149.It Va sppp_interfaces 1150.Pq Vt str 1151Set to the list of 1152.Xr sppp 4 1153interfaces to configure on this host. 1154A 1155.Va spppconfig_ Ns Aq Ar interface 1156variable is assumed to exist for each value of 1157.Ar interface . 1158Each interface should also be configured by a general 1159.Va ifconfig_ Ns Aq Ar interface 1160setting. 1161Refer to 1162.Xr spppcontrol 8 1163for more information about available options. 1164.It Va ppp_enable 1165.Pq Vt bool 1166If set to 1167.Dq Li YES , 1168run the 1169.Xr ppp 8 1170daemon. 1171.It Va ppp_mode 1172.Pq Vt str 1173Mode in which to run the 1174.Xr ppp 8 1175daemon. 1176Accepted modes are 1177.Dq Li auto , 1178.Dq Li ddial , 1179.Dq Li direct 1180and 1181.Dq Li dedicated . 1182See the manual for a full description. 1183.It Va ppp_nat 1184.Pq Vt bool 1185If set to 1186.Dq Li YES , 1187enables network address translation. 1188Used in conjunction with 1189.Va gateway_enable 1190allows hosts on private network addresses access to the Internet using 1191this host as a network address translating router. 1192.It Va ppp_profile 1193.Pq Vt str 1194The name of the profile to use from 1195.Pa /etc/ppp/ppp.conf . 1196.It Va ppp_user 1197.Pq Vt str 1198The name of the user under which 1199.Xr ppp 8 1200should be started. 1201By 1202default, 1203.Xr ppp 8 1204is started as 1205.Dq Li root . 1206.It Va rc_conf_files 1207.Pq Vt str 1208This option is used to specify a list of files that will override 1209the settings in 1210.Pa /etc/defaults/rc.conf . 1211The files will be read in the order in which they are specified and should 1212include the full path to the file. 1213By default, the files specified are 1214.Pa /etc/rc.conf 1215and 1216.Pa /etc/rc.conf.local 1217.It Va gbde_autoattach_all 1218.Pq Vt bool 1219If set to 1220.Dq Li YES , 1221.Pa /etc/rc.d/gbde 1222will attempt to automatically initialize your .bde devices in 1223.Pa /etc/fstab . 1224.It Va gbde_devices 1225.Pq Vt str 1226List the devices that the script should try to attach, 1227or 1228.Dq Li AUTO . 1229.It Va gbde_lockdir 1230.Pq Vt str 1231The directory where the 1232.Xr gbde 4 1233lockfiles are located. 1234The default lockfile directory is 1235.Pa /etc . 1236.Pp 1237The lockfile for each individual 1238.Xr gbde 4 1239device can be overridden by setting the variable 1240.Va gbde_lock_ Ns Aq Ar device , 1241where 1242.Ar device 1243is the encrypted device without the 1244.Dq Pa /dev/ 1245and 1246.Dq Pa .bde 1247parts. 1248.It Va gbde_attach_attempts 1249.Pq Vt int 1250Number of times to attempt attaching to a 1251.Xr gbde 4 1252device, i.e., how many times the user is asked for the pass-phrase. 1253Default is 3. 1254.It Va geli_devices 1255.Pq Vt str 1256List of devices to automatically attach on boot. 1257Note that .eli devices from 1258.Pa /etc/fstab 1259are automatically appended to this list. 1260.It Va geli_tries 1261.Pq Vt int 1262Number of times user is asked for the pass-phrase. 1263If empty, it will be taken from 1264.Va kern.geom.eli.tries 1265sysctl variable. 1266.It Va geli_default_flags 1267.Pq Vt str 1268Default flags to use by 1269.Xr geli 8 1270when configuring disk encryption. 1271Flags can be configured for every device separately by defining 1272.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1273variable. 1274.It Va geli_autodetach 1275.Pq Vt str 1276Specifies if GELI devices should be marked for detach on last close after 1277file systems are mounted. 1278Default is 1279.Dq Li YES . 1280This can be changed for every device separately by defining 1281.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1282variable. 1283.It Va geli_swap_flags 1284Options passed to the 1285.Xr geli 8 1286utility when encrypted GEOM providers for swap partitions are created. 1287The default is 1288.Dq Li "-a aes -l 256 -s 4096 -d" . 1289.It Va root_rw_mount 1290.Pq Vt bool 1291Set to 1292.Dq Li YES 1293by default. 1294After the file systems are checked at boot time, the root file system 1295is remounted as read-write if this is set to 1296.Dq Li YES . 1297Diskless systems that mount their root file system from a read-only remote 1298NFS share should set this to 1299.Dq Li NO 1300in their 1301.Pa rc.conf . 1302.It Va fsck_y_enable 1303.Pq Vt bool 1304If set to 1305.Dq Li YES , 1306.Xr fsck 8 1307will be run with the 1308.Fl y 1309flag if the initial preen 1310of the file systems fails. 1311.It Va background_fsck 1312.Pq Vt bool 1313If set to 1314.Dq Li YES , 1315the system will attempt to run 1316.Xr fsck 8 1317in the background where possible. 1318.It Va background_fsck_delay 1319.Pq Vt int 1320The amount of time in seconds to sleep before starting a background 1321.Xr fsck 8 . 1322It defaults to sixty seconds to allow large applications such as 1323the X server to start before disk I/O bandwidth is monopolized by 1324.Xr fsck 8 . 1325.It Va netfs_types 1326.Pq Vt str 1327List of file system types that are network-based. 1328This list should generally not be modified by end users. 1329Use 1330.Va extra_netfs_types 1331instead. 1332.It Va extra_netfs_types 1333.Pq Vt str 1334If set to something other than 1335.Dq Li NO 1336(the default), 1337this variable extends the list of file system types 1338for which automatic mounting at startup by 1339.Xr rc 8 1340should be delayed until the network is initialized. 1341It should contain 1342a whitespace-separated list of network file system descriptor pairs, 1343each consisting of a file system type as passed to 1344.Xr mount 8 1345and a human-readable, one-word description, 1346joined with a colon 1347.Pq Ql \&: . 1348Extending the default list in this way is only necessary 1349when third party file system types are used. 1350.It Va syslogd_enable 1351.Pq Vt bool 1352If set to 1353.Dq Li YES , 1354run the 1355.Xr syslogd 8 1356daemon. 1357.It Va syslogd_program 1358.Pq Vt str 1359Path to 1360.Xr syslogd 8 1361(default 1362.Pa /usr/sbin/syslogd ) . 1363.It Va syslogd_flags 1364.Pq Vt str 1365If 1366.Va syslogd_enable 1367is set to 1368.Dq Li YES , 1369these are the flags to pass to 1370.Xr syslogd 8 . 1371.It Va inetd_enable 1372.Pq Vt bool 1373If set to 1374.Dq Li YES , 1375run the 1376.Xr inetd 8 1377daemon. 1378.It Va inetd_program 1379.Pq Vt str 1380Path to 1381.Xr inetd 8 1382(default 1383.Pa /usr/sbin/inetd ) . 1384.It Va inetd_flags 1385.Pq Vt str 1386If 1387.Va inetd_enable 1388is set to 1389.Dq Li YES , 1390these are the flags to pass to 1391.Xr inetd 8 . 1392.It Va named_enable 1393.Pq Vt bool 1394If set to 1395.Dq Li YES , 1396run the 1397.Xr named 8 1398daemon. 1399.It Va named_program 1400.Pq Vt str 1401Path to 1402.Xr named 8 1403(default 1404.Pa /usr/sbin/named ) . 1405.It Va named_flags 1406.Pq Vt str 1407If 1408.Va named_enable 1409is set to 1410.Dq Li YES , 1411these are the flags to pass to 1412.Xr named 8 . 1413.It Va named_pidfile 1414.Pq Vt str 1415This is the default path to the 1416.Xr named 8 1417daemon's PID file. 1418This must match the location in 1419.Xr named.conf 5 . 1420.It Va named_uid 1421.Pq Vt str 1422The user that the named process should be run as. 1423.It Va named_chrootdir 1424.Pq Vt str 1425The root directory for a name server run in a 1426.Xr chroot 8 1427environment (default 1428.Pa /var/named ) . 1429If left empty 1430.Xr named 8 1431will not be run in a 1432.Xr chroot 8 1433environment. 1434.It Va named_chroot_autoupdate 1435.Pq Vt bool 1436Set to 1437.Dq Li NO 1438to disable automatic update of the 1439.Xr chroot 8 1440environment. 1441.It Va named_symlink_enable 1442.Pq Vt bool 1443Set to 1444.Dq Li NO 1445to disable symlinking of 1446daemon's PID file 1447into the 1448.Xr chroot 8 1449environment. 1450.It Va kerberos5_server_enable 1451.Pq Vt bool 1452Set to 1453.Dq Li YES 1454to start a Kerberos 5 authentication server 1455at boot time. 1456.It Va kerberos5_server 1457.Pq Vt str 1458If 1459.Va kerberos5_server_enable 1460is set to 1461.Dq Li YES 1462this is the path to Kerberos 5 Authentication Server. 1463.It Va kerberos5_server_flags 1464.Pq Vt str 1465Empty by default. 1466This variable contains additional flags to be passed to the Kerberos 5 1467authentication server. 1468.It Va kadmind5_server_enable 1469.Pq Vt bool 1470Set to 1471.Dq Li YES 1472to start 1473.Xr kadmind 8 , 1474the Kerberos 5 Administration Daemon; set to 1475.Dq Li NO 1476on a slave server. 1477.It Va kadmind5_server 1478.Pq Vt str 1479If 1480.Va kadmind5_server_enable 1481is set to 1482.Dq Li YES 1483this is the path to Kerberos 5 Administration Daemon. 1484.It Va kpasswdd_server_enable 1485.Pq Vt bool 1486Set to 1487.Dq Li YES 1488to start 1489.Xr kpasswdd 8 , 1490the Kerberos 5 Password-Changing Daemon; set to 1491.Dq Li NO 1492on a slave server. 1493.It Va kpasswdd_server 1494.Pq Vt str 1495If 1496.Va kpasswdd_server_enable 1497is set to 1498.Dq Li YES 1499this is the path to Kerberos 5 Password-Changing Daemon. 1500.It Va rwhod_enable 1501.Pq Vt bool 1502If set to 1503.Dq Li YES , 1504run the 1505.Xr rwhod 8 1506daemon at boot time. 1507.It Va rwhod_flags 1508.Pq Vt str 1509If 1510.Va rwhod_enable 1511is set to 1512.Dq Li YES , 1513these are the flags to pass to it. 1514.It Va amd_enable 1515.Pq Vt bool 1516If set to 1517.Dq Li YES , 1518run the 1519.Xr amd 8 1520daemon at boot time. 1521.It Va amd_flags 1522.Pq Vt str 1523If 1524.Va amd_enable 1525is set to 1526.Dq Li YES , 1527these are the flags to pass to it. 1528See the 1529.Xr amd 8 1530manpage for more information. 1531.It Va amd_map_program 1532.Pq Vt str 1533If set, 1534the specified program is run to get the list of 1535.Xr amd 8 1536maps. 1537For example, if the 1538.Xr amd 8 1539maps are stored in NIS, one can set this to 1540run 1541.Xr ypcat 1 1542to get a list of 1543.Xr amd 8 1544maps from the 1545.Pa amd.master 1546NIS map. 1547.It Va update_motd 1548.Pq Vt bool 1549If set to 1550.Dq Li YES , 1551.Pa /etc/motd 1552will be updated at boot time to reflect the kernel release 1553being run. 1554If set to 1555.Dq Li NO , 1556.Pa /etc/motd 1557will not be updated. 1558.It Va nfs_client_enable 1559.Pq Vt bool 1560If set to 1561.Dq Li YES , 1562run the NFS client daemons at boot time. 1563.It Va nfs_access_cache 1564.Pq Vt int 1565If 1566.Va nfs_client_enable 1567is set to 1568.Dq Li YES , 1569this can be set to 1570.Dq Li 0 1571to disable NFS ACCESS RPC caching, or to the number of seconds for which 1572NFS ACCESS 1573results should be cached. 1574A value of 2-10 seconds will substantially reduce network 1575traffic for many NFS operations. 1576.It Va nfs_server_enable 1577.Pq Vt bool 1578If set to 1579.Dq Li YES , 1580run the NFS server daemons at boot time. 1581.It Va nfs_server_flags 1582.Pq Vt str 1583If 1584.Va nfs_server_enable 1585is set to 1586.Dq Li YES , 1587these are the flags to pass to the 1588.Xr nfsd 8 1589daemon. 1590.It Va mountd_enable 1591.Pq Vt bool 1592If set to 1593.Dq Li YES , 1594and no 1595.Va nfs_server_enable 1596is set, start 1597.Xr mountd 8 , 1598but not 1599.Xr nfsd 8 1600daemon. 1601It is commonly needed to run CFS without real NFS used. 1602.It Va mountd_flags 1603.Pq Vt str 1604If 1605.Va mountd_enable 1606is set to 1607.Dq Li YES , 1608these are the flags to pass to the 1609.Xr mountd 8 1610daemon. 1611.It Va weak_mountd_authentication 1612.Pq Vt bool 1613If set to 1614.Dq Li YES , 1615allow services like PCNFSD to make non-privileged mount 1616requests. 1617.It Va nfs_reserved_port_only 1618.Pq Vt bool 1619If set to 1620.Dq Li YES , 1621provide NFS services only on a secure port. 1622.It Va nfs_bufpackets 1623.Pq Vt int 1624If set to a number, indicates the number of packets worth of 1625socket buffer space to reserve on an NFS client. 1626The kernel default is typically 4. 1627Using a higher number may be 1628useful on gigabit networks to improve performance. 1629The minimum value is 16302 and the maximum is 64. 1631.It Va rpc_lockd_enable 1632.Pq Vt bool 1633If set to 1634.Dq Li YES 1635and also an NFS server or client, run 1636.Xr rpc.lockd 8 1637at boot time. 1638.It Va rpc_statd_enable 1639.Pq Vt bool 1640If set to 1641.Dq Li YES 1642and also an NFS server or client, run 1643.Xr rpc.statd 8 1644at boot time. 1645.It Va rpcbind_program 1646.Pq Vt str 1647Path to 1648.Xr rpcbind 8 1649(default 1650.Pa /usr/sbin/rpcbind ) . 1651.It Va rpcbind_enable 1652.Pq Vt bool 1653If set to 1654.Dq Li YES , 1655run the 1656.Xr rpcbind 8 1657service at boot time. 1658.It Va rpcbind_flags 1659.Pq Vt str 1660If 1661.Va rpcbind_enable 1662is set to 1663.Dq Li YES , 1664these are the flags to pass to the 1665.Xr rpcbind 8 1666daemon. 1667.It Va keyserv_enable 1668.Pq Vt bool 1669If set to 1670.Dq Li YES , 1671run the 1672.Xr keyserv 8 1673daemon on boot for running Secure RPC. 1674.It Va keyserv_flags 1675.Pq Vt str 1676If 1677.Va keyserv_enable 1678is set to 1679.Dq Li YES , 1680these are the flags to pass to 1681.Xr keyserv 8 1682daemon. 1683.It Va pppoed_enable 1684.Pq Vt bool 1685If set to 1686.Dq Li YES , 1687run the 1688.Xr pppoed 8 1689daemon at boot time to provide PPP over Ethernet services. 1690.It Va pppoed_ Ns Ar provider 1691.Pq Vt str 1692.Xr pppoed 8 1693listens to requests to this 1694.Ar provider 1695and ultimately runs 1696.Xr ppp 8 1697with a 1698.Ar system 1699argument of the same name. 1700.It Va pppoed_flags 1701.Pq Vt str 1702Additional flags to pass to 1703.Xr pppoed 8 . 1704.It Va pppoed_interface 1705.Pq Vt str 1706The network interface to run 1707.Xr pppoed 8 1708on. 1709This is mandatory when 1710.Va pppoed_enable 1711is set to 1712.Dq Li YES . 1713.It Va timed_enable 1714.Pq Vt bool 1715If set to 1716.Dq Li YES , 1717run the 1718.Xr timed 8 1719service at boot time. 1720This command is intended for networks of 1721machines where a consistent 1722.Dq "network time" 1723for all hosts must be established. 1724This is often useful in large NFS 1725environments where time stamps on files are expected to be consistent 1726network-wide. 1727.It Va timed_flags 1728.Pq Vt str 1729If 1730.Va timed_enable 1731is set to 1732.Dq Li YES , 1733these are the flags to pass to the 1734.Xr timed 8 1735service. 1736.It Va ntpdate_enable 1737.Pq Vt bool 1738If set to 1739.Dq Li YES , 1740run 1741.Xr ntpdate 8 1742at system startup. 1743This command is intended to 1744synchronize the system clock only 1745.Em once 1746from some standard reference. 1747An option to set this up initially 1748(from a list of known servers) is also provided by the 1749.Xr sysinstall 8 1750program when the system is first installed. 1751.It Va ntpdate_hosts 1752.Pq Vt str 1753A whitespace-separated list of NTP servers to synchronize with at startup. 1754The default is to use the servers listed in 1755.Pa /etc/ntp.conf , 1756if that file exists. 1757.It Va ntpdate_program 1758.Pq Vt str 1759Path to 1760.Xr ntpdate 8 1761(default 1762.Pa /usr/sbin/ntpdate ) . 1763.It Va ntpdate_flags 1764.Pq Vt str 1765If 1766.Va ntpdate_enable 1767is set to 1768.Dq Li YES , 1769these are the flags to pass to the 1770.Xr ntpdate 8 1771command (typically a hostname). 1772.It Va ntpd_enable 1773.Pq Vt bool 1774If set to 1775.Dq Li YES , 1776run the 1777.Xr ntpd 8 1778command at boot time. 1779.It Va ntpd_program 1780.Pq Vt str 1781Path to 1782.Xr ntpd 8 1783(default 1784.Pa /usr/sbin/ntpd ) . 1785.It Va ntpd_flags 1786.Pq Vt str 1787If 1788.Va ntpd_enable 1789is set to 1790.Dq Li YES , 1791these are the flags to pass to the 1792.Xr ntpd 8 1793daemon. 1794.It Va ntpd_sync_on_start 1795.Pq Vt bool 1796If set to 1797.Dq Li YES , 1798.Xr ntpd 8 1799is run with the 1800.Fl g 1801flag, which syncs the system's clock on startup. 1802See 1803.Xr ntpd 8 1804for more information regarding the 1805.Fl g 1806option. 1807This is a preferred alternative to using 1808.Xr ntpdate 8 1809or specifying the 1810.Va ntpdate_enable 1811variable. 1812.It Va nis_client_enable 1813.Pq Vt bool 1814If set to 1815.Dq Li YES , 1816run the 1817.Xr ypbind 8 1818service at system boot time. 1819.It Va nis_client_flags 1820.Pq Vt str 1821If 1822.Va nis_client_enable 1823is set to 1824.Dq Li YES , 1825these are the flags to pass to the 1826.Xr ypbind 8 1827service. 1828.It Va nis_ypset_enable 1829.Pq Vt bool 1830If set to 1831.Dq Li YES , 1832run the 1833.Xr ypset 8 1834daemon at system boot time. 1835.It Va nis_ypset_flags 1836.Pq Vt str 1837If 1838.Va nis_ypset_enable 1839is set to 1840.Dq Li YES , 1841these are the flags to pass to the 1842.Xr ypset 8 1843daemon. 1844.It Va nis_server_enable 1845.Pq Vt bool 1846If set to 1847.Dq Li YES , 1848run the 1849.Xr ypserv 8 1850daemon at system boot time. 1851.It Va nis_server_flags 1852.Pq Vt str 1853If 1854.Va nis_server_enable 1855is set to 1856.Dq Li YES , 1857these are the flags to pass to the 1858.Xr ypserv 8 1859daemon. 1860.It Va nis_ypxfrd_enable 1861.Pq Vt bool 1862If set to 1863.Dq Li YES , 1864run the 1865.Xr rpc.ypxfrd 8 1866daemon at system boot time. 1867.It Va nis_ypxfrd_flags 1868.Pq Vt str 1869If 1870.Va nis_ypxfrd_enable 1871is set to 1872.Dq Li YES , 1873these are the flags to pass to the 1874.Xr rpc.ypxfrd 8 1875daemon. 1876.It Va nis_yppasswdd_enable 1877.Pq Vt bool 1878If set to 1879.Dq Li YES , 1880run the 1881.Xr rpc.yppasswdd 8 1882daemon at system boot time. 1883.It Va nis_yppasswdd_flags 1884.Pq Vt str 1885If 1886.Va nis_yppasswdd_enable 1887is set to 1888.Dq Li YES , 1889these are the flags to pass to the 1890.Xr rpc.yppasswdd 8 1891daemon. 1892.It Va rpc_ypupdated_enable 1893.Pq Vt bool 1894If set to 1895.Dq Li YES , 1896run the 1897.Nm rpc.ypupdated 1898daemon at system boot time. 1899.It Va bsnmpd_enable 1900.Pq Vt bool 1901If set to 1902.Dq Li YES , 1903run the 1904.Xr bsnmpd 1 1905daemon at system boot time. 1906Be sure to understand the security implications of running SNMP daemon 1907on your host. 1908.It Va bsnmpd_flags 1909.Pq Vt str 1910If 1911.Va bsnmpd_enable 1912is set to 1913.Dq Li YES , 1914these are the flags to pass to the 1915.Xr bsnmpd 1 1916daemon. 1917.It Va defaultrouter 1918.Pq Vt str 1919If not set to 1920.Dq Li NO , 1921create a default route to this host name or IP address 1922(use an IP address if this router is also required to get to the 1923name server!). 1924.It Va ipv6_defaultrouter 1925.Pq Vt str 1926The IPv6 equivalent of 1927.Va defaultrouter . 1928.It Va static_routes 1929.Pq Vt str 1930Set to the list of static routes that are to be added at system 1931boot time. 1932If not set to 1933.Dq Li NO 1934then for each whitespace separated 1935.Ar element 1936in the value, a 1937.Va route_ Ns Aq Ar element 1938variable is assumed to exist 1939whose contents will later be passed to a 1940.Dq Nm route Cm add 1941operation. 1942For example: 1943.Bd -literal 1944static_routes="mcast gif0local" 1945route_mcast="-net 224.0.0.0/4 -iface gif0" 1946route_gif0local="-host 169.254.1.1 -iface lo0" 1947.Ed 1948.It Va ipv6_static_routes 1949.Pq Vt str 1950The IPv6 equivalent of 1951.Va static_routes . 1952If not set to 1953.Dq Li NO 1954then for each whitespace separated 1955.Ar element 1956in the value, a 1957.Va ipv6_route_ Ns Aq Ar element 1958variable is assumed to exist 1959whose contents will later be passed to a 1960.Dq Nm route Cm add Fl inet6 1961operation. 1962.It Va natm_static_routes 1963.Pq Vt str 1964The 1965.Xr natmip 4 1966equivalent of 1967.Va static_routes . 1968If not empty then for each whitespace separated 1969.Ar element 1970in the value, a 1971.Va route_ Ns Aq Ar element 1972variable is assumed to exist whose contents will later be passed to a 1973.Dq Nm atmconfig Cm natm Cm add 1974operation. 1975.It Va gateway_enable 1976.Pq Vt bool 1977If set to 1978.Dq Li YES , 1979configure host to act as an IP router, e.g.\& to forward packets 1980between interfaces. 1981.It Va ipv6_gateway_enable 1982.Pq Vt bool 1983The IPv6 equivalent of 1984.Va gateway_enable . 1985.It Va router_enable 1986.Pq Vt bool 1987If set to 1988.Dq Li YES , 1989run a routing daemon of some sort, based on the 1990settings of 1991.Va router 1992and 1993.Va router_flags . 1994.It Va ipv6_router_enable 1995.Pq Vt bool 1996The IPv6 equivalent of 1997.Va router_enable . 1998If set to 1999.Dq Li YES , 2000run a routing daemon of some sort, based on the 2001settings of 2002.Va ipv6_router 2003and 2004.Va ipv6_router_flags . 2005.It Va router 2006.Pq Vt str 2007If 2008.Va router_enable 2009is set to 2010.Dq Li YES , 2011this is the name of the routing daemon to use. 2012.It Va ipv6_router 2013.Pq Vt str 2014The IPv6 equivalent of 2015.Va router . 2016.It Va router_flags 2017.Pq Vt str 2018If 2019.Va router_enable 2020is set to 2021.Dq Li YES , 2022these are the flags to pass to the routing daemon. 2023.It Va ipv6_router_flags 2024.Pq Vt str 2025The IPv6 equivalent of 2026.Va router_flags . 2027.It Va mrouted_enable 2028.Pq Vt bool 2029If set to 2030.Dq Li YES , 2031run the multicast routing daemon, 2032.Xr mrouted 8 . 2033.It Va mroute6d_enable 2034.Pq Vt bool 2035The IPv6 equivalent of 2036.Va mrouted_enable . 2037If set to 2038.Dq Li YES , 2039run the IPv6 multicast routing daemon. 2040Note that no IPv6 multicast routing daemon is included in the 2041.Fx 2042base system but 2043.Xr pim6dd 8 2044can be installed from the 2045.Fx 2046Ports Collection. 2047.It Va mrouted_flags 2048.Pq Vt str 2049If 2050.Va mrouted_enable 2051is set to 2052.Dq Li YES , 2053these are the flags to pass to the 2054.Xr mrouted 8 2055daemon. 2056.It Va mroute6d_flags 2057.Pq Vt str 2058The IPv6 equivalent of 2059.Va mrouted_flags . 2060If 2061.Va mroute6d_enable 2062is set to 2063.Dq Li YES , 2064these are the flags passed to the IPv6 multicast routing daemon. 2065.It Va mroute6d_program 2066.Pq Vt str 2067If 2068.Va mroute6d_enable 2069is set to 2070.Dq Li YES , 2071this is the path to the IPv6 multicast routing daemon. 2072.It Va rtadvd_enable 2073.Pq Vt bool 2074If set to 2075.Dq Li YES , 2076run the 2077.Xr rtadvd 8 2078daemon at boot time. 2079.Xr rtadvd 8 2080will only run if 2081.Va ipv6_gateway_enable 2082is also set to 2083.Dq Li YES . 2084The 2085.Xr rtadvd 8 2086utility sends router advertisement packets to the interfaces specified in 2087.Va rtadvd_interfaces 2088and should only be enabled with great care. 2089You may want to fine-tune 2090.Xr rtadvd.conf 5 . 2091.It Va rtadvd_interfaces 2092.Pq Vt str 2093If 2094.Va rtadvd_enable 2095is set to 2096.Dq Li YES 2097this is the list of interfaces to use. 2098.It Va ipxgateway_enable 2099.Pq Vt bool 2100If set to 2101.Dq Li YES , 2102enable the routing of IPX traffic. 2103.It Va ipxrouted_enable 2104.Pq Vt bool 2105If set to 2106.Dq Li YES , 2107run the 2108.Xr IPXrouted 8 2109daemon at system boot time. 2110.It Va ipxrouted_flags 2111.Pq Vt str 2112If 2113.Va ipxrouted_enable 2114is set to 2115.Dq Li YES , 2116these are the flags to pass to the 2117.Xr IPXrouted 8 2118daemon. 2119.It Va arpproxy_all 2120.Pq Vt bool 2121If set to 2122.Dq Li YES , 2123enable global proxy ARP. 2124.It Va forward_sourceroute 2125.Pq Vt bool 2126If set to 2127.Dq Li YES 2128and 2129.Va gateway_enable 2130is also set to 2131.Dq Li YES , 2132source-routed packets are forwarded. 2133.It Va accept_sourceroute 2134.Pq Vt bool 2135If set to 2136.Dq Li YES , 2137the system will accept source-routed packets directed at it. 2138.It Va rarpd_enable 2139.Pq Vt bool 2140If set to 2141.Dq Li YES , 2142run the 2143.Xr rarpd 8 2144daemon at system boot time. 2145.It Va rarpd_flags 2146.Pq Vt str 2147If 2148.Va rarpd_enable 2149is set to 2150.Dq Li YES , 2151these are the flags to pass to the 2152.Xr rarpd 8 2153daemon. 2154.It Va bootparamd_enable 2155.Pq Vt bool 2156If set to 2157.Dq Li YES , 2158run the 2159.Xr bootparamd 8 2160daemon at system boot time. 2161.It Va bootparamd_flags 2162.Pq Vt str 2163If 2164.Va bootparamd_enable 2165is set to 2166.Dq Li YES , 2167these are the flags to pass to the 2168.Xr bootparamd 8 2169daemon. 2170.It Va stf_interface_ipv4addr 2171.Pq Vt str 2172If not set to 2173.Dq Li NO , 2174this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2175interface). 2176Specify this entry to enable the 6to4 interface. 2177.It Va stf_interface_ipv4plen 2178.Pq Vt int 2179Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2180An effective value is 0-31. 2181.It Va stf_interface_ipv6_ifid 2182.Pq Vt str 2183IPv6 interface ID for 2184.Xr stf 4 . 2185This can be set to 2186.Dq Li AUTO . 2187.It Va stf_interface_ipv6_slaid 2188.Pq Vt str 2189IPv6 Site Level Aggregator for 2190.Xr stf 4 . 2191.It Va ipv6_faith_prefix 2192.Pq Vt str 2193If not set to 2194.Dq Li NO , 2195this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2196translator. 2197You also need 2198.Xr faithd 8 2199setup. 2200.It Va ipv6_ipv4mapping 2201.Pq Vt bool 2202If set to 2203.Dq Li YES 2204this enables IPv4 mapped IPv6 address communication (like 2205.Li ::ffff:a.b.c.d ) . 2206.It Va atm_enable 2207.Pq Vt bool 2208Set to 2209.Dq Li YES 2210to enable the configuration of ATM interfaces at system boot time. 2211For all of the ATM variables described below, please refer to the 2212.Xr atm 8 2213manual page for further details on the available command parameters. 2214Also refer to the files in 2215.Pa /usr/share/examples/atm 2216for more detailed configuration information. 2217.It Va atm_load 2218.Pq Vt str 2219This is a list of physical ATM interface drivers to load. 2220Typical values are 2221.Dq Li hfa_pci 2222and/or 2223.Dq Li hea_pci . 2224.It Va atm_netif_ Ns Aq Ar intf 2225.Pq Vt str 2226For the ATM physical interface 2227.Ar intf , 2228this variable defines the name prefix and count for the ATM network 2229interfaces to be created. 2230The value will be passed as the parameters of an 2231.Dq Nm atm Cm "set netif" Ar intf 2232command. 2233.It Va atm_sigmgr_ Ns Aq Ar intf 2234.Pq Vt str 2235For the ATM physical interface 2236.Ar intf , 2237this variable defines the ATM signalling manager to be used. 2238The value will be passed as the parameters of an 2239.Dq Nm atm Cm attach Ar intf 2240command. 2241.It Va atm_prefix_ Ns Aq Ar intf 2242.Pq Vt str 2243For the ATM physical interface 2244.Ar intf , 2245this variable defines the NSAP prefix for interfaces using a UNI signalling 2246manager. 2247If set to 2248.Dq Li ILMI , 2249the prefix will automatically be set via the 2250.Xr ilmid 8 2251daemon. 2252Otherwise, the value will be passed as the parameters of an 2253.Dq Nm atm Cm "set prefix" Ar intf 2254command. 2255.It Va atm_macaddr_ Ns Aq Ar intf 2256.Pq Vt str 2257For the ATM physical interface 2258.Ar intf , 2259this variable defines the MAC address for interfaces using a UNI signalling 2260manager. 2261If set to 2262.Dq Li NO , 2263the hardware MAC address contained in the ATM interface card will be used. 2264Otherwise, the value will be passed as the parameters of an 2265.Dq Nm atm Cm "set mac" Ar intf 2266command. 2267.It Va atm_arpserver_ Ns Aq Ar netif 2268.Pq Vt str 2269For the ATM network interface 2270.Ar netif , 2271this variable defines the ATM address for a host which is to provide ATMARP 2272service. 2273This variable is only applicable to interfaces using a UNI signalling 2274manager. 2275If set to 2276.Dq Li local , 2277this host will become an ATMARP server. 2278The value will be passed as the parameters of an 2279.Dq Nm atm Cm "set arpserver" Ar netif 2280command. 2281.It Va atm_scsparp_ Ns Aq Ar netif 2282.Pq Vt bool 2283If set to 2284.Dq Li YES , 2285SCSP/ATMARP service for the network interface 2286.Ar netif 2287will be initiated using the 2288.Xr scspd 8 2289and 2290.Xr atmarpd 8 2291daemons. 2292This variable is only applicable if 2293.Va atm_arpserver_ Ns Aq Ar netif 2294is set to 2295.Dq Li local . 2296.It Va atm_pvcs 2297.Pq Vt str 2298Set to the list of ATM PVCs to be added at system 2299boot time. 2300For each whitespace separated 2301.Ar element 2302in the value, an 2303.Va atm_pvc_ Ns Aq Ar element 2304variable is assumed to exist. 2305The value of each of these variables 2306will be passed as the parameters of an 2307.Dq Nm atm Cm "add pvc" 2308command. 2309.It Va atm_arps 2310.Pq Vt str 2311Set to the list of permanent ATM ARP entries to be added 2312at system boot time. 2313For each whitespace separated 2314.Ar element 2315in the value, an 2316.Va atm_arp_ Ns Aq Ar element 2317variable is assumed to exist. 2318The value of each of these variables 2319will be passed as the parameters of an 2320.Dq Nm atm Cm "add arp" 2321command. 2322.It Va natm_interfaces 2323.Pq Vt str 2324Set to the list of 2325.Xr natm 4 2326interfaces that will also be used for HARP through 2327.Xr harp 4 . 2328If this list is not empty all interfaces in the list will be brought up 2329with 2330.Xr ifconfig 8 2331and 2332.Xr harp 4 2333will be loaded. 2334For this to work the interface drivers must be either compiled into the 2335kernel or must reside on the root partition. 2336.It Va keybell 2337.Pq Vt str 2338The keyboard bell sound. 2339Set to 2340.Dq Li normal , 2341.Dq Li visual , 2342.Dq Li off , 2343or 2344.Dq Li NO 2345if the default behavior is desired. 2346For details, refer to the 2347.Xr kbdcontrol 1 2348manpage. 2349.It Va keyboard 2350.Pq Vt str 2351If set to a non-null string, the virtual console's keyboard input is 2352set to this device. 2353.It Va keymap 2354.Pq Vt str 2355If set to 2356.Dq Li NO , 2357no keymap is installed, otherwise the value is used to install 2358the keymap file in 2359.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2360.It Va keyrate 2361.Pq Vt str 2362The keyboard repeat speed. 2363Set to 2364.Dq Li slow , 2365.Dq Li normal , 2366.Dq Li fast , 2367or 2368.Dq Li NO 2369if the default behavior is desired. 2370.It Va keychange 2371.Pq Vt str 2372If not set to 2373.Dq Li NO , 2374attempt to program the function keys with the value. 2375The value should 2376be a single string of the form: 2377.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2378.It Va cursor 2379.Pq Vt str 2380Can be set to the value of 2381.Dq Li normal , 2382.Dq Li blink , 2383.Dq Li destructive , 2384or 2385.Dq Li NO 2386to set the cursor behavior explicitly or choose the default behavior. 2387.It Va scrnmap 2388.Pq Vt str 2389If set to 2390.Dq Li NO , 2391no screen map is installed, otherwise the value is used to install 2392the screen map file in 2393.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2394.It Va font8x16 2395.Pq Vt str 2396If set to 2397.Dq Li NO , 2398the default 8x16 font value is used for screen size requests, otherwise 2399the value in 2400.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2401is used. 2402.It Va font8x14 2403.Pq Vt str 2404If set to 2405.Dq Li NO , 2406the default 8x14 font value is used for screen size requests, otherwise 2407the value in 2408.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2409is used. 2410.It Va font8x8 2411.Pq Vt str 2412If set to 2413.Dq Li NO , 2414the default 8x8 font value is used for screen size requests, otherwise 2415the value in 2416.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2417is used. 2418.It Va blanktime 2419.Pq Vt int 2420If set to 2421.Dq Li NO , 2422the default screen blanking interval is used, otherwise it is set 2423to 2424.Ar value 2425seconds. 2426.It Va saver 2427.Pq Vt str 2428If not set to 2429.Dq Li NO , 2430this is the actual screen saver to use 2431.Li ( blank , snake , daemon , 2432etc). 2433.It Va moused_nondefault_enable 2434.Pq Vt str 2435If set to 2436.Dq Li NO , 2437the mouse device specified on 2438the command line is not automatically treated as enabled by the 2439.Pa /etc/rc.d/moused 2440script. 2441Having this variable set to 2442.Dq Li YES 2443allows a 2444.Xr usb 4 2445mouse, 2446for example, 2447to be enabled as soon as it is plugged in. 2448.It Va moused_enable 2449.Pq Vt str 2450If set to 2451.Dq Li YES , 2452the 2453.Xr moused 8 2454daemon is started for doing cut/paste selection on the console. 2455.It Va moused_type 2456.Pq Vt str 2457This is the protocol type of the mouse connected to this host. 2458This variable must be set if 2459.Va moused_enable 2460is set to 2461.Dq Li YES . 2462The 2463.Xr moused 8 2464daemon 2465is able to detect the appropriate mouse type automatically in many cases. 2466Set this variable to 2467.Dq Li auto 2468to let the daemon detect it, or 2469select one from the following list if the automatic detection fails. 2470.Pp 2471If the mouse is attached to the PS/2 mouse port, choose 2472.Dq Li auto 2473or 2474.Dq Li ps/2 , 2475regardless of the brand and model of the mouse. 2476Likewise, if the 2477mouse is attached to the bus mouse port, choose 2478.Dq Li auto 2479or 2480.Dq Li busmouse . 2481All other protocols are for serial mice and will not work with 2482the PS/2 and bus mice. 2483If this is a USB mouse, 2484.Dq Li auto 2485is the only protocol type which will work. 2486.Pp 2487.Bl -tag -width ".Li x10mouseremote" -compact 2488.It Li microsoft 2489Microsoft mouse (serial) 2490.It Li intellimouse 2491Microsoft IntelliMouse (serial) 2492.It Li mousesystems 2493Mouse systems Corp.\& mouse (serial) 2494.It Li mmseries 2495MM Series mouse (serial) 2496.It Li logitech 2497Logitech mouse (serial) 2498.It Li busmouse 2499A bus mouse 2500.It Li mouseman 2501Logitech MouseMan and TrackMan (serial) 2502.It Li glidepoint 2503ALPS GlidePoint (serial) 2504.It Li thinkingmouse 2505Kensington ThinkingMouse (serial) 2506.It Li ps/2 2507PS/2 mouse 2508.It Li mmhittab 2509MM HitTablet (serial) 2510.It Li x10mouseremote 2511X10 MouseRemote (serial) 2512.It Li versapad 2513Interlink VersaPad (serial) 2514.El 2515.Pp 2516Even if the mouse is not in the above list, it may be compatible 2517with one in the list. 2518Refer to the manual page for 2519.Xr moused 8 2520for compatibility information. 2521.Pp 2522It should also be noted that while this is enabled, any 2523other client of the mouse (such as an X server) should access 2524the mouse through the virtual mouse device, 2525.Pa /dev/sysmouse , 2526and configure it as a 2527.Dq Li sysmouse 2528type mouse, since all 2529mouse data is converted to this single canonical format when 2530using 2531.Xr moused 8 . 2532If the client program does not support the 2533.Dq Li sysmouse 2534type, 2535specify the 2536.Dq Li mousesystems 2537type. 2538It is the second preferred type. 2539.It Va moused_port 2540.Pq Vt str 2541If 2542.Va moused_enable 2543is set to 2544.Dq Li YES , 2545this is the actual port the mouse is on. 2546It might be 2547.Pa /dev/cuad0 2548for a COM1 serial mouse, 2549.Pa /dev/psm0 2550for a PS/2 mouse or 2551.Pa /dev/mse0 2552for a bus mouse, for example. 2553.It Va moused_flags 2554.Pq Vt str 2555If 2556.Va moused_type 2557is set, these are the additional flags to pass to the 2558.Xr moused 8 2559daemon. 2560.It Va mousechar_start 2561.Pq Vt int 2562If set to 2563.Dq Li NO , 2564the default mouse cursor character range 2565.Li 0xd0 Ns - Ns Li 0xd3 2566is used, 2567otherwise the range start is set 2568to 2569.Ar value 2570character, see 2571.Xr vidcontrol 1 . 2572Use if the default range is occupied in the language code table. 2573.It Va allscreens_flags 2574.Pq Vt str 2575If set, 2576.Xr vidcontrol 1 2577is run with these options for each of the virtual terminals 2578.Pq Pa /dev/ttyv* . 2579For example, 2580.Dq Fl m Cm on 2581will enable the mouse pointer on all virtual terminals 2582if 2583.Va moused_enable 2584is set to 2585.Dq Li YES . 2586.It Va allscreens_kbdflags 2587.Pq Vt str 2588If set, 2589.Xr kbdcontrol 1 2590is run with these options for each of the virtual terminals 2591.Pq Pa /dev/ttyv* . 2592For example, 2593.Dq Fl h Li 200 2594will set the 2595.Xr syscons 4 2596scrollback (history) buffer to 200 lines. 2597.It Va cron_enable 2598.Pq Vt bool 2599If set to 2600.Dq Li YES , 2601run the 2602.Xr cron 8 2603daemon at system boot time. 2604.It Va cron_program 2605.Pq Vt str 2606Path to 2607.Xr cron 8 2608(default 2609.Pa /usr/sbin/cron ) . 2610.It Va cron_flags 2611.Pq Vt str 2612If 2613.Va cron_enable 2614is set to 2615.Dq Li YES , 2616these are the flags to pass to 2617.Xr cron 8 . 2618.It Va cron_dst 2619.Pq Vt bool 2620If set to 2621.Dq Li YES , 2622enable the special handling of transitions to and from the 2623Daylight Saving Time in 2624.Xr cron 8 2625(equivalent to using the flag 2626.Fl s ) . 2627.It Va lpd_program 2628.Pq Vt str 2629Path to 2630.Xr lpd 8 2631(default 2632.Pa /usr/sbin/lpd ) . 2633.It Va lpd_enable 2634.Pq Vt bool 2635If set to 2636.Dq Li YES , 2637run the 2638.Xr lpd 8 2639daemon at system boot time. 2640.It Va lpd_flags 2641.Pq Vt str 2642If 2643.Va lpd_enable 2644is set to 2645.Dq Li YES , 2646these are the flags to pass to the 2647.Xr lpd 8 2648daemon. 2649.It Va chkprintcap_enable 2650.Pq Vt bool 2651If set to 2652.Dq Li YES , 2653run the 2654.Xr chkprintcap 8 2655command before starting the 2656.Xr lpd 8 2657daemon. 2658.It Va chkprintcap_flags 2659.Pq Vt str 2660If 2661.Va lpd_enable 2662and 2663.Va chkprintcap_enable 2664are set to 2665.Dq Li YES , 2666these are the flags to pass to the 2667.Xr chkprintcap 8 2668program. 2669The default is 2670.Dq Li -d , 2671which causes missing directories to be created. 2672.It Va mta_start_script 2673.Pq Vt str 2674This variable specifies the full path to the script to run to start 2675a mail transfer agent. 2676The default is 2677.Pa /etc/rc.sendmail . 2678The 2679.Va sendmail_* 2680variables which 2681.Pa /etc/rc.sendmail 2682uses are documented in the 2683.Xr rc.sendmail 8 2684manual page. 2685.It Va dumpdev 2686.Pq Vt str 2687Indicates the device (usually a swap partition) to which a crash dump 2688should be written in the event of a system crash. 2689If the value of this variable is 2690.Dq Li AUTO , 2691the first suitable swap device listed in 2692.Pa /etc/fstab 2693will be used as dump device. 2694Otherwise, the value of this variable is passed as the argument to 2695.Xr dumpon 8 . 2696To disable crash dumps, set this variable to 2697.Dq Li NO . 2698.It Va dumpdir 2699.Pq Vt str 2700When the system reboots after a crash and a crash dump is found on the 2701device specified by the 2702.Va dumpdev 2703variable, 2704.Xr savecore 8 2705will save that crash dump and a copy of the kernel to the directory 2706specified by the 2707.Va dumpdir 2708variable. 2709The default value is 2710.Pa /var/crash . 2711Set to 2712.Dq Li NO 2713to not run 2714.Xr savecore 8 2715at boot time when 2716.Va dumpdir 2717is set. 2718.It Va savecore_flags 2719.Pq Vt str 2720If crash dumps are enabled, these are the flags to pass to the 2721.Xr savecore 8 2722utility. 2723.It Va enable_quotas 2724.Pq Vt bool 2725Set to 2726.Dq Li YES 2727to turn on user disk quotas on system startup via the 2728.Xr quotaon 8 2729command. 2730.It Va check_quotas 2731.Pq Vt bool 2732Set to 2733.Dq Li YES 2734to enable user disk quota checking via the 2735.Xr quotacheck 8 2736command. 2737.It Va accounting_enable 2738.Pq Vt bool 2739Set to 2740.Dq Li YES 2741to enable system accounting through the 2742.Xr accton 8 2743facility. 2744.It Va ibcs2_enable 2745.Pq Vt bool 2746Set to 2747.Dq Li YES 2748to enable iBCS2 (SCO) binary emulation at system initial boot 2749time. 2750.It Va ibcs2_loaders 2751.Pq Vt str 2752If not set to 2753.Dq Li NO 2754and if 2755.Va ibcs2_enable 2756is set to 2757.Dq Li YES , 2758this specifies a list of additional iBCS2 loaders to enable. 2759.It Va linux_enable 2760.Pq Vt bool 2761Set to 2762.Dq Li YES 2763to enable Linux/ELF binary emulation at system initial 2764boot time. 2765.It Va osf1_enable 2766.Pq Vt bool 2767Set to 2768.Dq Li YES 2769to enable OSF/1 (Digital UNIX) binary emulation at system 2770initial boot time. 2771(alpha) 2772.It Va svr4_enable 2773.Pq Vt bool 2774If set to 2775.Dq Li YES , 2776enable SysVR4 emulation at boot time. 2777.It Va sysvipc_enable 2778.Pq Vt bool 2779If set to 2780.Dq Li YES , 2781load System V IPC primitives at boot time. 2782.It Va clear_tmp_enable 2783.Pq Vt bool 2784Set to 2785.Dq Li YES 2786to have 2787.Pa /tmp 2788cleaned at startup. 2789.It Va clear_tmp_X 2790.Pq Vt bool 2791Set to 2792.Dq Li NO 2793to disable removing of X11 lock files, 2794and the removal and (secure) recreation 2795of the various socket directories for X11 2796related programs. 2797.It Va ldconfig_paths 2798.Pq Vt str 2799Set to the list of shared library paths to use with 2800.Xr ldconfig 8 . 2801NOTE: 2802.Pa /usr/lib 2803will always be added first, so it need not appear in this list. 2804.It Va ldconfig32_paths 2805.Pq Vt str 2806Set to the list of 32-bit compatibility shared library paths to 2807use with 2808.Xr ldconfig 8 . 2809.It Va ldconfig_paths_aout 2810.Pq Vt str 2811Set to the list of shared library paths to use with 2812.Xr ldconfig 8 2813legacy 2814.Xr a.out 5 2815support. 2816.It Va ldconfig_insecure 2817.Pq Vt bool 2818The 2819.Xr ldconfig 8 2820utility normally refuses to use directories 2821which are writable by anyone except root. 2822Set this variable to 2823.Dq Li YES 2824to disable that security check during system startup. 2825.It Va ldconfig_local_dirs 2826.Pq Vt str 2827Set to the list of local 2828.Xr ldconfig 8 2829directories. 2830The names of all files in the directories listed will be 2831passed as arguments to 2832.Xr ldconfig 8 . 2833.It Va ldconfig_local32_dirs 2834.Pq Vt str 2835Set to the list of local 32-bit compatibility 2836.Xr ldconfig 8 2837directories. 2838The names of all files in the directories listed will be 2839passed as arguments to 2840.Xr ldconfig 8 2841.Fl 32 . 2842.It Va kern_securelevel_enable 2843.Pq Vt bool 2844Set to 2845.Dq Li YES 2846to set the kernel security level at system startup. 2847.It Va kern_securelevel 2848.Pq Vt int 2849The kernel security level to set at startup. 2850The allowed range of 2851.Ar value 2852ranges from \-1 (the compile time default) to 3 (the 2853most secure). 2854See 2855.Xr init 8 2856for the list of possible security levels and their effect 2857on system operation. 2858.It Va sshd_program 2859.Pq Vt str 2860Path to the SSH server program 2861.Pa ( /usr/sbin/sshd 2862is the default). 2863.It Va sshd_enable 2864.Pq Vt bool 2865Set to 2866.Dq Li YES 2867to start 2868.Xr sshd 8 2869at system boot time. 2870.It Va sshd_flags 2871.Pq Vt str 2872If 2873.Va sshd_enable 2874is set to 2875.Dq Li YES , 2876these are the flags to pass to the 2877.Xr sshd 8 2878daemon. 2879.It Va ftpd_program 2880.Pq Vt str 2881Path to the FTP server program 2882.Pa ( /usr/libexec/ftpd 2883is the default). 2884.It Va ftpd_enable 2885.Pq Vt bool 2886Set to 2887.Dq Li YES 2888to start 2889.Xr ftpd 8 2890as a stand-alone daemon at system boot time. 2891.It Va ftpd_flags 2892.Pq Vt str 2893If 2894.Va ftpd_enable 2895is set to 2896.Dq Li YES , 2897these are the additional flags to pass to the 2898.Xr ftpd 8 2899daemon. 2900.It Va watchdogd_enable 2901.Pq Vt bool 2902If set to 2903.Dq Li YES , 2904start the 2905.Xr watchdogd 8 2906daemon at boot time. 2907This requires that the kernel have been compiled with a 2908.Xr watchdog 4 2909compatible device. 2910.It Va watchdogd_flags 2911.Pq Vt str 2912If 2913.Va watchdogd_enable 2914is set to 2915.Dq Li YES , 2916these are the flags passed to the 2917.Xr watchdogd 8 2918daemon. 2919.It Va performance_cx_lowest 2920.Pq Vt str 2921CPU idle state to use while on AC power. 2922The string 2923.Dq Li LOW 2924indicates that 2925.Xr acpi 4 2926should use the lowest power state available while 2927.Dq Li HIGH 2928indicates that the lowest latency state (less power savings) should be used. 2929.It Va performance_cpu_freq 2930.Pq Vt str 2931CPU clock frequency to use while on AC power. 2932The string 2933.Dq Li LOW 2934indicates that 2935.Xr cpufreq 4 2936should use the lowest frequency available while 2937.Dq Li HIGH 2938indicates that the highest frequency (less power savings) should be used. 2939.It Va economy_cx_lowest 2940.Pq Vt str 2941CPU idle state to use when off AC power. 2942The string 2943.Dq Li LOW 2944indicates that 2945.Xr acpi 4 2946should use the lowest power state available while 2947.Dq Li HIGH 2948indicates that the lowest latency state (less power savings) should be used. 2949.It Va economy_cpu_freq 2950.Pq Vt str 2951CPU clock frequency to use when off AC power. 2952The string 2953.Dq Li LOW 2954indicates that 2955.Xr cpufreq 4 2956should use the lowest frequency available while 2957.Dq Li HIGH 2958indicates that the highest frequency (less power savings) should be used. 2959.It Va jail_enable 2960.Pq Vt bool 2961If set to 2962.Dq Li NO , 2963any configured jails will not be started. 2964.It Va jail_list 2965.Pq Vt str 2966A space separated list of names for jails. 2967This is purely a configuration aid to help identify and 2968configure multiple jails. 2969The names specified in this list will be used to 2970identify settings common to an instance of a jail. 2971Assuming that the jail in question was named 2972.Li vjail , 2973you would have the following dependent variables: 2974.Bd -literal 2975jail_vjail_hostname="jail.example.com" 2976jail_vjail_ip="192.168.1.100" 2977jail_vjail_rootdir="/var/jails/vjail/root" 2978.Ed 2979.Pp 2980.It Va jail_flags 2981.Pq Vt str 2982Unset by default. 2983When set, use as default value for 2984.Va jail_ Ns Ao Ar jid Ac Ns Va _flags 2985for every jail in 2986.Va jail_list . 2987.It Va jail_interface 2988.Pq Vt str 2989Unset by default. 2990When set, use as default value for 2991.Va jail_ Ns Ao Ar jid Ac Ns Va _interface 2992for every jail in 2993.Va jail_list . 2994.It Va jail_fstab 2995.Pq Vt str 2996Unset by default. 2997When set, use as default value for 2998.Va jail_ Ns Ao Ar jid Ac Ns Va _fstab 2999for every jail in 3000.Va jail_list . 3001.It Va jail_mount_enable 3002.Pq Vt bool 3003Set to 3004.Dq Li NO 3005by default. 3006When set to 3007.Dq Li YES , 3008sets 3009.Va jail_ Ns Ao Ar jid Ac Ns Va _mount_enable 3010to YES by default for every jail in 3011.Va jail_list . 3012.It Va jail_devfs_ruleset 3013.Pq Vt str 3014Unset by default. 3015When set, sets 3016.Va jail_ Ns Ao Ar jid Ac Ns Va _devfs_ruleset 3017to given value for every jail in 3018.Va jail_list . 3019.It Va jail_devfs_enable 3020.Pq Vt bool 3021Set to 3022.Dq Li NO 3023by default. 3024When set to 3025.Dq Li YES , 3026sets 3027.Va jail_ Ns Ao Ar jid Ac Ns Va _devfs_enable 3028to YES by default for every jail in 3029.Va jail_list . 3030.It Va jail_fdescfs_enable 3031.Pq Vt bool 3032Set to 3033.Dq Li NO 3034by default. 3035When set to 3036.Dq Li YES , 3037sets 3038.Va jail_ Ns Ao Ar jid Ac Ns Va _fdescfs_enable 3039to YES by default for every jail in 3040.Va jail_list . 3041.It Va jail_procfs_enable 3042.Pq Vt bool 3043Set to 3044.Dq Li NO 3045by default. 3046When set to 3047.Dq Li YES , 3048sets 3049.Va jail_ Ns Ao Ar jid Ac Ns Va _fdescfs_enable 3050to YES by default for every jail in 3051.Va jail_list . 3052.It Va jail_exec_start 3053.Pq Vt str 3054Unset by default. 3055When set, use as default value for 3056.Va jail_ Ns Ao Ar jid Ac Ns Va _exec_start 3057for every jail in 3058.Va jail_list . 3059.It Va jail_exec_stop 3060Unset by default. 3061When set, use as default value for 3062.Va jail_ Ns Ao Ar jid Ac Ns Va _exec_stop 3063for every jail in 3064.Va jail_list . 3065.It Va jail_ Ns Ao Ar jid Ac Ns Va _rootdir 3066.Pq Vt str 3067Unset by default. 3068Set to the root directory used by jail 3069.Va jid . 3070.It Va jail_ Ns Ao Ar jid Ac Ns Va _hostname 3071.Pq Vt str 3072Unset by default. 3073Set to the fully qualified domain name (FQDN) assigned to jail 3074.Va jid . 3075.It Va jail_ Ns Ao Ar jid Ac Ns Va _ip 3076.Pq Vt str 3077Unset by default. 3078Set to the IP address assigned to jail 3079.Va jid . 3080.It Va jail_ Ns Ao Ar jid Ac Ns Va _flags 3081.Pq Vt str 3082Set to 3083.Dq Li -l -U root 3084by default. 3085These are flags to pass to 3086.Xr jail . 3087.It Va jail_ Ns Ao Ar jid Ac Ns Va _interface 3088.Pq Vt str 3089Unset by default. 3090When set, sets the interface to use when setting IP address alias. 3091Note that the alias is created at jail startup and removed at jail shutdown. 3092.It Va jail_ Ns Ao Ar jid Ac Ns Va _fstab 3093.Pq Vt str 3094Set to 3095.Pa /etc/fstab. Ns Ao Ar jid Ac 3096by default. 3097This is the file system information file to use for jail 3098.Va jid . 3099.It Va jail_ Ns Ao Ar jid Ac Ns Va _mount_enable 3100.Pq Vt bool 3101Set to 3102.Dq Li NO 3103by default. 3104When set to 3105.Dq Li YES , 3106mount all file systems from 3107.Va jail_ Ns Ao Ar jid Ac Ns Va _fstab 3108at jail startup. 3109.It Va jail_ Ns Ao Ar jid Ac Ns Va _devfs_ruleset 3110.Pq Vt str 3111Unset by default. 3112When set, defines the device file system ruleset file to use for jail 3113.Va jid . 3114.It Va jail_ Ns Ao Ar jid Ac Ns Va _devfs_enable 3115.Pq Vt bool 3116Set to 3117.Dq Li NO 3118by default. 3119When set to 3120.Dq Li YES , 3121mount the device file system inside jail 3122.Ar jid 3123at jail startup. 3124.It Va jail_ Ns Ao Ar jid Ac Ns Va _fdescfs_enable 3125.Pq Vt bool 3126Set to 3127.Dq Li NO 3128by default. 3129When set to 3130.Dq Li YES , 3131mount the file-descriptor file system inside jail 3132.Ar jid 3133at jail startup. 3134.It Va jail_ Ns Ao Ar jid Ac Ns Va _procfs_enable 3135.Pq Vt bool 3136Set to 3137.Dq Li NO 3138by default. 3139When set to 3140.Dq Li YES , 3141mount the process file system inside jail 3142.Ar jid 3143at jail startup. 3144.It Va jail_ Ns Ao Ar jid Ac Ns Va _exec_start 3145.Pq Vt str 3146Set to 3147.Dq Li /bin/sh /etc/rc 3148by default. 3149This is the command executed at jail startup. 3150.It Va jail_ Ns Ao Ar jid Ac Ns Va _exec_stop 3151.Pq Vt str 3152Set to 3153.Dq Li /bin/sh /etc/rc.shutdown 3154by default. 3155This is the command executed at jail shutdown. 3156.It Va jail_set_hostname_allow 3157.Pq Vt bool 3158If set to 3159.Dq Li NO , 3160do not allow the root user in a jail to set its hostname. 3161.It Va jail_socket_unixiproute_only 3162.Pq Vt bool 3163If set to 3164.Dq Li YES , 3165do not allow any sockets, 3166besides UNIX/IP/route sockets, 3167to be used within a jail. 3168.It Va jail_sysvipc_allow 3169.Pq Vt bool 3170If set to 3171.Dq Li YES , 3172allow applications within a jail to use System V IPC. 3173.It Va unaligned_print 3174.Pq Vt bool 3175If set to 3176.Dq Li NO , 3177unaligned access warnings will not be printed. 3178(alpha) 3179.\" ----- ISDN settings --------------------------------- 3180.It Va isdn_enable 3181.Pq Vt bool 3182Set to 3183.Dq Li NO 3184by default. 3185When set to 3186.Dq Li YES , 3187starts the 3188.Xr isdnd 8 3189daemon 3190at system boot time. 3191.It Va isdn_flags 3192.Pq Vt str 3193Set to 3194.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 3195by default. 3196Additional flags to pass to 3197.Xr isdnd 8 3198(but see 3199.Va isdn_fsdev 3200and 3201.Va isdn_ttype 3202for certain tunable parameters). 3203.It Va isdn_ttype 3204.Pq Vt str 3205Set to 3206.Dq Li cons25 3207by default. 3208The terminal type of the output device when 3209.Xr isdnd 8 3210operates in full-screen mode. 3211.It Va isdn_screenflags 3212.Pq Vt str 3213Set to 3214.Dq Li NO 3215by default. 3216The video mode for full-screen mode (only for 3217.Xr syscons 4 3218console driver, see 3219.Xr vidcontrol 1 3220for valid modes). 3221.It Va isdn_fsdev 3222.Pq Vt str 3223Set to 3224.Dq Li NO 3225by default. 3226The output device for 3227.Xr isdnd 8 3228in full-screen mode (or 3229.Dq Li NO 3230for daemon mode). 3231.It Va isdn_trace 3232.Pq Vt bool 3233Set to 3234.Dq Li NO 3235by default. 3236When set to 3237.Dq Li YES , 3238enables the ISDN protocol trace utility 3239.Xr isdntrace 8 3240at system boot time. 3241.It Va isdn_traceflags 3242.Pq Vt str 3243Set to 3244.Dq Fl f Pa /var/tmp/isdntrace0 3245by default. 3246Flags for 3247.Xr isdntrace 8 . 3248.\" ----------------------------------------------------- 3249.It Va pcvt_verbose 3250.Pq Vt bool 3251Set to 3252.Dq Li NO 3253by default. 3254When set to 3255.Dq Li YES , 3256verbose messages about the actions done by the start script are displayed. 3257.Em Note : 3258the 3259.Xr pcvt 4 3260driver must be compiled into the kernel before the 3261.Xr pcvt 4 3262related 3263options described here take any effect. 3264.It Va pcvt_keymap 3265.Pq Vt str 3266Set to 3267.Dq Li NO 3268by default. 3269Use this to configure a national keyboard mapping found in the 3270.Pa /usr/share/misc/keycap.pcvt 3271file of keyboard mappings. 3272(See also the manual pages 3273.Xr keycap 5 3274and 3275.Xr keycap 3 3276for usage of 3277.Xr pcvt 4 Ns 's 3278keycap database and the manual page 3279.Xr kcon 1 3280option 3281.Fl m 3282for national keyboard mapping configuration.) 3283.It Va pcvt_keydel 3284.Pq Vt int 3285Set to 3286.Dq Li NO 3287by default. 3288Used to set the keyboard key repeat delay value. 3289Valid values are 3290in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 3291(See also the 3292.Xr kcon 1 3293manual page.) 3294.It Va pcvt_keyrate 3295.Pq Vt int 3296Set to 3297.Dq Li NO 3298by default. 3299Used to set the keyboard key repetition rate value. 3300Valid values are 3301in the range 0..31 for repetition values of 2..30 characters per second. 3302.It Va pcvt_keyrepeat 3303.Pq Vt bool 3304Set to 3305.Dq Li NO 3306by default. 3307Set to 3308.Dq Li YES 3309to enable automatic keyboard key repeating. 3310.It Va pcvt_force24 3311.Pq Vt bool 3312Set to 3313.Dq Li NO 3314by default. 3315Set to 3316.Dq Li YES 3317to force 3318.Xr pcvt 4 3319to use 24 lines only (in 25 lines mode) for compatibility 3320with the original 3321.Tn VT220 3322terminal. 3323.It Va pcvt_hpext 3324.Pq Vt bool 3325Set to 3326.Dq Li NO 3327by default. 3328Set to 3329.Dq Li YES 3330to enable the display and functionality of function key labels (as found 3331on 3332.Tn Hewlett-Packard 3333terminals such as the 3334.Tn HP2392A 3335and the 3336.Tn HP700/92 3337in 3338.Tn ANSI 3339mode). 3340.It Va pcvt_lines 3341.Pq Vt int 3342Set to 3343.Dq Li NO 3344by default resulting in a value of 25. 3345Used to set the number of lines on the screen. 3346For VGA displays, valid 3347values are 25, 28, 40 and 50 lines. 3348(See also the 3349.Xr scon 1 3350manual page.) 3351.It Va pcvt_blanktime 3352.Pq Vt int 3353Set to 3354.Dq Li NO 3355by default. 3356Used to set the screen saver timeout in seconds for values greater than 3357zero. 3358.It Va pcvt_cursorh 3359.Pq Vt int 3360Set to 3361.Dq Li NO 3362by default. 3363Used to set the cursor top scanline. 3364(See also the 3365.Xr cursor 1 3366manual page.) 3367.It Va pcvt_cursorl 3368.Pq Vt int 3369Set to 3370.Dq Li NO 3371by default. 3372Used to set the cursor bottom scanline. 3373.It Va pcvt_monohigh 3374.Pq Vt bool 3375Set to 3376.Dq Li NO 3377by default. 3378Set to 3379.Dq Li YES 3380to set intensity to high on monochrome monitors. 3381(See also the 3382.Xr scon 1 3383manual page, option 3384.Fl p , 3385for more information on changing VGA palette 3386values.) 3387.It Va harvest_interrupt 3388.Pq Vt bool 3389Set to 3390.Dq Li YES 3391to use hardware interrupts as an entropy source. 3392Refer to 3393.Xr random 4 3394for more information. 3395.It Va harvest_ethernet 3396.Pq Vt bool 3397Set to 3398.Dq Li YES 3399to use LAN traffic as an entropy source. 3400Refer to 3401.Xr random 4 3402for more information. 3403.It Va harvest_p_to_p 3404.Pq Vt bool 3405Set to 3406.Dq Li YES 3407to use serial line traffic as an entropy source. 3408Refer to 3409.Xr random 4 3410for more information. 3411.It Va entropy_dir 3412.Pq Vt str 3413Set to 3414.Dq Li NO 3415to disable caching entropy via 3416.Xr cron 8 . 3417Otherwise set to the directory used to store entropy files in. 3418.It Va entropy_file 3419.Pq Vt str 3420Set to 3421.Dq Li NO 3422to disable caching entropy through reboots. 3423Otherwise set to the filename used to store cached entropy through 3424reboots. 3425This file should be located on the root file system to seed the 3426.Xr random 4 3427device as early as possible in the boot process. 3428.It Va entropy_save_sz 3429.Pq Vt int 3430Size of the entropy cache files saved by 3431.Nm save-entropy 3432periodically. 3433.It Va entropy_save_num 3434.Pq Vt int 3435Number of entropy cache files to save by 3436.Nm save-entropy 3437periodically. 3438.It Va ipsec_enable 3439.Pq Vt bool 3440Set to 3441.Dq Li YES 3442to run 3443.Xr setkey 8 3444on 3445.Va ipsec_file 3446at boot time. 3447.It Va ipsec_file 3448.Pq Vt str 3449Configuration file for 3450.Xr setkey 8 . 3451.It Va dmesg_enable 3452.Pq Vt bool 3453Set to 3454.Dq Li YES 3455to save 3456.Xr dmesg 8 3457to 3458.Pa /var/run/dmesg.boot 3459on boot. 3460.It Va rcshutdown_timeout 3461.Pq Vt int 3462If set, start a watchdog timer in the background which will terminate 3463.Pa rc.shutdown 3464if 3465.Xr shutdown 8 3466has not completed within the specified time (in seconds). 3467Notice that in addition to this soft timeout, 3468.Xr init 8 3469also applies a hard timeout for the execution of 3470.Pa rc.shutdown . 3471This is configured via 3472.Xr sysctl 8 3473variable 3474.Va kern.init_shutdown_timeout 3475and defaults to 120 seconds. 3476Setting the value of 3477.Va rcshutdown_timeout 3478to more than 120 seconds will have no effect until the 3479.Xr sysctl 8 3480variable 3481.Va kern.init_shutdown_timeout 3482is also increased. 3483.It Va virecover_enable 3484.Pq Vt bool 3485Set to 3486.Dq Li NO 3487to prevent the system from trying to 3488recover pre-maturely terminated 3489.Xr vi 1 3490sessions. 3491.It Va ugidfw_enable 3492.Pq Vt bool 3493Set to 3494.Dq Li YES 3495to load the 3496.Xr mac_bsdextended 4 3497module upon system initialization and load a default 3498ruleset file. 3499.It Va bsdextended_script 3500.Pq Vt str 3501The default 3502.Xr mac_bsdextended 4 3503ruleset file to load. 3504The default value of this variable is 3505.Pa /etc/rc.bsdextended . 3506.It Va newsyslog_enable 3507.Pq Vt bool 3508If set to 3509.Dq Li YES , 3510run 3511.Xr newsyslog 8 3512command at startup. 3513.It Va newsyslog_flags 3514.Pq Vt str 3515If 3516.Va newsyslog_enable 3517is set to 3518.Dq Li YES , 3519these are the flags to pass to the 3520.Xr newsyslog 8 3521program. 3522The default is 3523.Dq Li -CN , 3524which causes log files flagged with a 3525.Cm C 3526to be created. 3527.It Va ramdisk_units 3528.Pq Vt str 3529A list of one or more ramdisk units to configure with 3530.Xr mdconfig 8 3531and 3532.Xr newfs 8 3533in time to be mounted from 3534.Xr fstab 5 . 3535Each listed unit 3536.Ar X 3537must specify at least a 3538.Ar type 3539in a 3540.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3541variable. 3542.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3543.Pq Vt str 3544Arguments to 3545.Xr mdconfig 8 3546for ramdisk 3547.Ar X . 3548At minimum a 3549.Fl t Ar type 3550must be specified, where 3551.Ar type 3552must be one of 3553.Cm malloc 3554or 3555.Cm swap . 3556.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3557.Pq Vt str 3558Optional arguments passed to 3559.Xr newfs 8 3560to initialize ramdisk 3561.Ar X . 3562.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3563.Pq Vt str 3564An ownership specification passed to 3565.Xr chown 8 3566after the specified ramdisk unit 3567.Ar X 3568has been mounted. 3569Both the 3570.Xr md 4 3571device and the mount point will be changed. 3572.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3573.Pq Vt str 3574A mode string passed to 3575.Xr chmod 1 3576after the specified ramdisk unit 3577.Ar X 3578has been mounted. 3579Both the 3580.Xr md 4 3581device and the mount point will be changed. 3582.El 3583.Sh FILES 3584.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3585.It Pa /etc/defaults/rc.conf 3586.It Pa /etc/rc.conf 3587.It Pa /etc/rc.conf.local 3588.El 3589.Sh SEE ALSO 3590.Xr catman 1 , 3591.Xr chmod 1 , 3592.Xr gdb 1 , 3593.Xr info 1 , 3594.Xr kbdcontrol 1 , 3595.Xr makewhatis 1 , 3596.Xr sh 1 , 3597.Xr vi 1 , 3598.Xr vidcontrol 1 , 3599.Xr ip 4 , 3600.Xr ipf 4 , 3601.Xr ipfw 4 , 3602.Xr ipnat 4 , 3603.Xr kld 4 , 3604.Xr pf 4 , 3605.Xr pflog 4 , 3606.Xr pfsync 4 , 3607.Xr tcp 4 , 3608.Xr udp 4 , 3609.Xr exports 5 , 3610.Xr ipf 5 , 3611.Xr ipnat 5 , 3612.Xr motd 5 , 3613.Xr newsyslog.conf 5 , 3614.Xr pf.conf 5 , 3615.Xr accton 8 , 3616.Xr amd 8 , 3617.Xr apm 8 , 3618.Xr atm 8 , 3619.Xr chkprintcap 8 , 3620.Xr chown 8 , 3621.Xr cron 8 , 3622.Xr dhclient 8 , 3623.Xr ftpd 8 , 3624.Xr geli 8 , 3625.Xr ifconfig 8 , 3626.Xr inetd 8 , 3627.Xr ipf 8 , 3628.Xr ipfw 8 , 3629.Xr ipnat 8 , 3630.Xr isdnd 8 , 3631.Xr isdntrace 8 , 3632.Xr jail 8 , 3633.Xr kldxref 8 , 3634.Xr lpd 8 , 3635.Xr mdconfig 8 , 3636.Xr mdmfs 8 , 3637.Xr mountd 8 , 3638.Xr moused 8 , 3639.Xr mrouted 8 , 3640.Xr named 8 , 3641.Xr newfs 8 , 3642.Xr newsyslog 8 , 3643.Xr nfsd 8 , 3644.Xr ntpd 8 , 3645.Xr ntpdate 8 , 3646.Xr pcnfsd 8 , 3647.Xr pfctl 8 , 3648.Xr pflogd 8 , 3649.Xr powerd 8 , 3650.Xr quotacheck 8 , 3651.Xr quotaon 8 , 3652.Xr rc 8 , 3653.Xr rc.sendmail 8 , 3654.Xr route 8 , 3655.Xr routed 8 , 3656.Xr rpcbind 8 , 3657.Xr rpc.lockd 8 , 3658.Xr rpc.statd 8 , 3659.Xr rwhod 8 , 3660.Xr savecore 8 , 3661.Xr sshd 8 , 3662.Xr swapon 8 , 3663.Xr sysctl 8 , 3664.Xr syslogd 8 , 3665.Xr timed 8 , 3666.Xr yp 8 , 3667.Xr ypbind 8 , 3668.Xr ypserv 8 , 3669.Xr ypset 8 3670.Sh HISTORY 3671The 3672.Nm 3673file appeared in 3674.Fx 2.2.2 . 3675.Sh AUTHORS 3676.An Jordan K. Hubbard . 3677