1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd March 3, 2002 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va swapfile 77.Pq Vt str 78If set to 79.Dq Li NO , 80no swapfile is installed, otherwise the value is used as the full 81pathname to a file to use for additional swap space. 82.It Va apm_enable 83.Pq Vt bool 84If set to 85.Dq Li YES , 86enable support for Automatic Power Management with 87the 88.Xr apm 8 89command. 90.It Va apmd_enable 91.Pq Vt bool 92Run 93.Xr apmd 8 94to handle APM event from userland. 95This also enables support for APM. 96.It Va apmd_flags 97.Pq Vt str 98If 99.Va apmd_enable 100is set to 101.Dq Li YES , 102these are the flags to pass to the 103.Xr apmd 8 104daemon. 105.It Va pccard_enable 106.Pq Vt bool 107If set to 108.Dq Li YES , 109enable PCCARD support at boot time. 110.It Va pccard_mem 111.Pq Vt str 112Set to PCCARD controller memory address or 113.Dq Li DEFAULT 114for the default value. 115.It Va pccard_ifconfig 116.Pq Vt str 117List of arguments to be passed to 118.Xr ifconfig 8 119at boot time or on 120insertion of the card (e.g.\& 121.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 122for a fixed address or 123.Dq Li DHCP 124for a DHCP client). 125.It Va pccard_beep 126.Pq Vt int 127If 0, 128set the PCCARD controller to silent mode. 129If 1, 130set it to beep mode. 131If 2, 132set it to melody mode. 133.It Va pccard_conf 134.Pq Vt str 135Path to the configuration file for the 136.Xr pccardd 8 137daemon (e.g.\& 138.Pa /etc/pccard.conf.sample ) . 139.It Va pccardd_flags 140.Pq Vt str 141If 142.Va pccard_enable 143is set to 144.Dq Li YES , 145these are the flags to pass to the 146.Xr pccardd 8 147daemon. 148.It Va pccard_ether_delay 149.Pq Vt str 150Set the delay before starting 151.Xr dhclient 8 152in 153.Xr pccard_ether 8 154script. 155This defaults to 5 seconds to work around a bug in the 156.Xr ed 4 157driver which can lead to system hangs when using some newer 158.Xr ed 4 159based cards. 160.It Va removable_interfaces 161.Pq Vt str 162List of removable network interfaces to be supported by 163.Pa /etc/pccard_ether . 164.It Va local_startup 165.Pq Vt str 166List of directories to search for startup script files. 167.It Va script_name_sep 168.Pq Vt str 169The field separator to use for breaking down the list of startup script files 170into individual filenames. 171The default is a space. 172It is not necessary to change this unless there are startup scripts with names 173containing spaces. 174.It Va hostname 175.Pq Vt str 176The fully qualified domain name (FQDN) of this host on the network. 177This should almost certainly be set to something meaningful, even if 178there is no network connection. 179If 180.Xr dhclient 8 181is used to set the hostname via DHCP, 182this variable should be set to an empty string. 183.It Va nisdomainname 184.Pq Vt str 185The NIS domain name of this host, or 186.Dq Li NO 187if NIS is not used. 188.It Va dhcp_program 189.Pq Vt str 190Path to the DHCP client program 191.Pa ( /sbin/dhclient , 192the ISC DHCP client, 193is the default). 194.It Va dhcp_flags 195.Pq Vt str 196Additional flags to pass to the DHCP client program. 197For the ISC DHCP client, see the 198.Xr dhclient 8 199manpage for a description of the command line options available. 200.It Va firewall_enable 201.Pq Vt bool 202Set to 203.Dq Li YES 204to load firewall rules at startup. 205If the kernel was not built with 206.Cd "options IPFIREWALL" , 207the 208.Pa ipfw.ko 209kernel module will be loaded. 210See also 211.Va ipfilter_enable . 212.It Va firewall_script 213.Pq Vt str 214This variable specifies the full path to the firewall script to run. 215The default is 216.Pa /etc/rc.firewall . 217.It Va firewall_type 218.Pq Vt str 219Names the firewall type from the selection in 220.Pa /etc/rc.firewall , 221or the file which contains the local firewall ruleset. 222Valid selections from 223.Pa /etc/rc.firewall 224are: 225.Pp 226.Bl -tag -width ".Li simple" -compact 227.It Li open 228unrestricted IP access 229.It Li closed 230all IP services disabled, except via 231.Dq Li lo0 232.It Li client 233basic protection for a workstation 234.It Li simple 235basic protection for a LAN. 236.El 237.Pp 238If a filename is specified, the full path 239must be given. 240.It Va firewall_quiet 241.Pq Vt bool 242Set to 243.Dq Li YES 244to disable the display of firewall rules on the console during boot. 245.It Va firewall_logging 246.Pq Vt bool 247Set to 248.Dq Li YES 249to enable firewall event logging. 250This is equivalent to the 251.Dv IPFIREWALL_VERBOSE 252kernel option. 253.It Va firewall_flags 254.Pq Vt str 255Flags passed to 256.Xr ipfw 8 257if 258.Va firewall_type 259specifies a filename. 260.It Va natd_program 261.Pq Vt str 262Path to 263.Xr natd 8 . 264.It Va natd_enable 265.Pq Vt bool 266Set to 267.Dq Li YES 268to enable 269.Xr natd 8 . 270.Va firewall_enable 271must also be set to 272.Dq Li YES , 273and 274.Xr divert 4 275sockets must be enabled in the kernel. 276.It Va natd_interface 277.Pq Vt str 278This is the name of the public interface on which 279.Xr natd 8 280should run. 281The interface may be given as an interface name or as an IP address. 282.It Va natd_flags 283.Pq Vt str 284Additional 285.Xr natd 8 286flags should be placed here. 287The 288.Fl n 289or 290.Fl a 291flag is automatically added with the above 292.Va natd_interface 293as an argument. 294.\" ----- ipfilter_enable setting -------------------------------- 295.It Va ipfilter_enable 296.Pq Vt bool 297Set to 298.Dq Li NO 299by default. 300Setting this to 301.Dq Li YES 302enables 303.Xr ipf 8 304packet filtering. 305.Pp 306Typical usage will require putting 307.Bd -literal 308ipfilter_enable="YES" 309ipnat_enable="YES" 310ipmon_enable="YES" 311ipfs_enable="YES" 312.Ed 313.Pp 314into 315.Pa /etc/rc.conf 316and editing 317.Pa /etc/ipf.rules 318and 319.Pa /etc/ipnat.rules 320appropriately. 321.Pp 322Note that 323.Va ipfilter_enable 324and 325.Va ipnat_enable 326can be enabled independently. 327.Va ipmon_enable 328and 329.Va ipfs_enable 330both require at least one of 331.Va ipfilter_enable 332and 333.Va ipnat_enable 334to be enabled. 335.Pp 336Having 337.Bd -literal 338options IPFILTER 339options IPFILTER_LOG 340options IPFILTER_DEFAULT_BLOCK 341.Ed 342.Pp 343in the kernel configuration file is a good idea, too. 344.\" ----- ipfilter_program setting ------------------------------ 345.It Va ipfilter_program 346.Pq Vt str 347Path to 348.Xr ipf 8 349(default 350.Pa /sbin/ipf ) . 351.\" ----- ipfilter_rules setting -------------------------------- 352.It Va ipfilter_rules 353.Pq Vt str 354Set to 355.Pa /etc/ipf.rules 356by default. 357This variable contains the name of the filter rule definition file. 358The file is expected to be readable for the 359.Xr ipf 8 360command to execute. 361.\" ----- ipfilter_flags setting -------------------------------- 362.It Va ipfilter_flags 363.Pq Vt str 364Empty by default. 365This variable contains flags passed to the 366.Xr ipf 8 367program. 368.\" ----- ipnat_enable setting ---------------------------------- 369.It Va ipnat_enable 370.Pq Vt bool 371Set to 372.Dq Li NO 373by default. 374Set it to 375.Dq Li YES 376to enable 377.Xr ipnat 1 378network address translation. 379See 380.Va ipfilter_enable 381for a detailed discussion. 382.\" ----- ipnat_program setting --------------------------------- 383.It Va ipnat_program 384.Pq Vt str 385Path to 386.Xr ipnat 1 387(default 388.Pa /sbin/ipnat ) . 389.\" ----- ipnat_rules setting ----------------------------------- 390.It Va ipnat_rules 391.Pq Vt str 392Set to 393.Pa /etc/ipnat.rules 394by default. 395This variable contains the name of the file 396holding the network address translation definition. 397This file is expected to be readable for the 398.Xr ipnat 1 399command to execute. 400.\" ----- ipnat_flags setting ----------------------------------- 401.It Va ipnat_flags 402.Pq Vt str 403Empty by default. 404This variable contains flags passed to the 405.Xr ipnat 1 406program. 407.\" ----- ipmon_enable setting ---------------------------------- 408.It Va ipmon_enable 409.Pq Vt bool 410Set to 411.Dq Li NO 412by default. 413Set it to 414.Dq Li YES 415to enable 416.Xr ipmon 8 417monitoring (logging 418.Xr ipf 8 419and 420.Xr ipnat 1 421events). 422Setting this variable needs setting 423.Va ipfilter_enable 424or 425.Va ipnat_enable 426too. 427See 428.Va ipfilter_enable 429for a detailed discussion. 430.\" ----- ipmon_program setting --------------------------------- 431.It Va ipmon_program 432.Pq Vt str 433Path to 434.Xr ipmon 8 435(default 436.Pa /sbin/ipmon ) . 437.\" ----- ipmon_flags setting ----------------------------------- 438.It Va ipmon_flags 439.Pq Vt str 440Set to 441.Dq Li -Ds 442by default. 443This variable contains flags passed to the 444.Xr ipmon 8 445program. 446Another typical example would be 447.Dq Fl D Pa /var/log/ipflog 448to have 449.Xr ipmon 8 450log directly to a file bypassing 451.Xr syslogd 8 . 452Make sure to adjust 453.Pa /etc/newsyslog.conf 454in such case like this: 455.Bd -literal 456/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 457.Ed 458.\" ----- ipfs_enable setting ----------------------------------- 459.It Va ipfs_enable 460.Pq Vt bool 461Set to 462.Dq Li NO 463by default. 464Set it to 465.Dq Li YES 466to enable 467.Xr ipfs 8 468saving the filter and NAT state tables during shutdown 469and reloading them during startup again. 470Setting this variable needs setting 471.Va ipfilter_enable 472or 473.Va ipnat_enable 474to 475.Dq Li YES 476too. 477See 478.Va ipfilter_enable 479for a detailed discussion. 480Note that if 481.Va kern_securelevel 482is set to 3, 483.Va ipfs_enable 484cannot be used 485because the raised securelevel will prevent 486.Xr ipfs 8 487from saving the state tables at shutdown time. 488.\" ----- ipfs_program setting ---------------------------------- 489.It Va ipfs_program 490.Pq Vt str 491Path to 492.Xr ipfs 8 493(default 494.Pa /sbin/ipfs ) . 495.\" ----- ipfs_flags setting ------------------------------------ 496.It Va ipfs_flags 497.Pq Vt str 498Empty by default. 499This variable contains flags passed to the 500.Xr ipfs 8 501program. 502.\" ----- end of added ipf hook --------------------------------- 503.It Va tcp_extensions 504.Pq Vt bool 505Set to 506.Dq Li YES 507by default. 508Setting this to 509.Dq Li NO 510disables certain TCP options as described by 511.Rs 512.%T "RFC 1323" 513.Re 514Setting this to 515.Dq Li NO 516might help remedy such problems with connections as randomly hanging 517or other weird behavior. 518Some network devices are known 519to be broken with respect to these options. 520.It Va log_in_vain 521.Pq Vt int 522Set to 0 by default. 523The 524.Xr sysctl 8 525variables, 526.Va net.inet.tcp.log_in_vain 527and 528.Va net.inet.udp.log_in_vain , 529as described in 530.Xr tcp 4 531and 532.Xr udp 4 , 533are set to the given value. 534.It Va tcp_keepalive 535.Pq Vt bool 536Set to 537.Dq Li YES 538by default. 539Setting to 540.Dq Li NO 541will disable probing idle TCP connections to verify that the 542peer is still up and reachable. 543.It Va tcp_drop_synfin 544.Pq Vt bool 545Set to 546.Dq Li NO 547by default. 548Setting to 549.Dq Li YES 550will cause the kernel to ignore TCP frames that have both 551the SYN and FIN flags set. 552This prevents OS fingerprinting, but may 553break some legitimate applications. 554This option is only available if the 555kernel was built with the 556.Dv TCP_DROP_SYNFIN 557option. 558.It Va icmp_drop_redirect 559.Pq Vt bool 560Set to 561.Dq Li NO 562by default. 563Setting to 564.Dq Li YES 565will cause the kernel to ignore ICMP REDIRECT packets. 566.It Va icmp_log_redirect 567.Pq Vt bool 568Set to 569.Dq Li NO 570by default. 571Setting to 572.Dq Li YES 573will cause the kernel to log ICMP REDIRECT packets. 574Note that 575the log messages are not rate-limited, so this option should only be used 576for troubleshooting networks. 577.It Va network_interfaces 578.Pq Vt str 579Set to the list of network interfaces to configure on this host. 580For example, if the only network devices in the system are the loopback 581device 582.Pq Li lo0 583and a NIC using the 584.Xr ed 4 585driver, 586this could be set to 587.Dq Li "lo0 ed0" . 588An 589.Va ifconfig_ Ns Aq Ar interface 590variable is also assumed to exist for each value of 591.Ar interface . 592It is also possible to add IP alias entries here in cases where 593multiple IP addresses registered against a single interface 594are desired. 595Assuming that the interface in question was 596.Li ed0 , 597it might look 598something like this: 599.Bd -literal 600ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 601ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 602.Ed 603.Pp 604And so on. 605For each 606.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 607entry that is found, 608its contents are passed to 609.Xr ifconfig 8 . 610Execution stops at the first unsuccessful access, so if 611something like this is present: 612.Bd -literal 613ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 614ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 615ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 616ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 617.Ed 618.Pp 619Then note that alias4 would 620.Em not 621be added since the search would 622stop with the missing alias3 entry. 623.Pp 624It is possible to bring up an interface with DHCP by setting the 625.Va ifconfig_ Ns Aq Ar interface 626variable to 627.Dq Li DHCP . 628For instance, to initialize the 629.Li ed0 630device via DHCP, 631it is possible to use something like: 632.Bd -literal 633ifconfig_ed0="DHCP" 634.Ed 635.It Va cloned_interfaces 636.Pq Vt str 637Set to the list of clonable network interfaces to create on this host. 638Entries in 639.Va cloned_interfaces 640are automatically appended to 641.Va network_interfaces 642for configuration. 643.It Va gif_interfaces 644.Pq Vt str 645Set to the list of 646.Xr gif 4 647tunnel interfaces to configure on this host. 648A 649.Va gifconfig_ Ns Aq Ar interface 650variable is assumed to exist for each value of 651.Ar interface . 652The value of this variable is used to configure the link layer of the 653tunnel according to the syntax of the 654.Cm tunnel 655option to 656.Xr ifconfig 8 . 657Additionally, this option ensures that each listed interface is created 658via the 659.Cm create 660option to 661.Xr ifconfig 8 662before attempting to configure it. 663.It Va ppp_enable 664.Pq Vt bool 665If set to 666.Dq Li YES , 667run the 668.Xr ppp 8 669daemon. 670.It Va ppp_mode 671.Pq Vt str 672Mode in which to run the 673.Xr ppp 8 674daemon. 675Accepted modes are 676.Dq Li auto , 677.Dq Li ddial , 678.Dq Li direct 679and 680.Dq Li dedicated . 681See the manual for a full description. 682.It Va ppp_nat 683.Pq Vt bool 684If set to 685.Dq Li YES , 686enables network address translation. 687Used in conjunction with 688.Va gateway_enable 689allows hosts on private network addresses access to the Internet using 690this host as a network address translating router. 691.It Va ppp_profile 692.Pq Vt str 693The name of the profile to use from 694.Pa /etc/ppp/ppp.conf . 695.It Va ppp_user 696.Pq Vt str 697The name of the user under which 698.Xr ppp 8 699should be started. 700By 701default, 702.Xr ppp 8 703is started as 704.Dq Li root . 705.It Va rc_conf_files 706.Pq Vt str 707This option is used to specify a list of files that will override 708the settings in 709.Pa /etc/defaults/rc.conf . 710The files will be read in the order in which they are specified and should 711include the full path to the file. 712By default, the files specified are 713.Pa /etc/rc.conf 714and 715.Pa /etc/rc.conf.local 716.It Va fsck_y_enable 717.Pq Vt bool 718If set to 719.Dq Li YES , 720.Xr fsck 8 721will be run with the 722.Fl y 723flag if the initial preen 724of the filesystems fails. 725.It Va background_fsck 726.Pq Vt bool 727If set to 728.Dq Li YES , 729the system will attempt to run 730.Xr fsck 8 731in the background where possible. 732.It Va extra_netfs_types 733.Pq Vt str 734If set to something other than 735.Dq Li NO 736(the default), 737this variable extends the list of filesystem types 738for which automatic mounting at startup by 739.Xr rc 8 740should be delayed until the network is initialized. 741It should contain 742a whitespace-separated list of network filesystem descriptor pairs, 743each consisting of a filesystem type as passed to 744.Xr mount 8 745and a human-readable, one-word description, 746joined with a colon 747.Pq Ql \&: . 748Extending the default list in this way is only necessary 749when third party filesystem types are used. 750.It Va syslogd_enable 751.Pq Vt bool 752If set to 753.Dq Li YES , 754run the 755.Xr syslogd 8 756daemon. 757.It Va syslogd_program 758.Pq Vt str 759Path to 760.Xr syslogd 8 761(default 762.Pa /usr/sbin/syslogd ) . 763.It Va syslogd_flags 764.Pq Vt str 765If 766.Va syslogd_enable 767is set to 768.Dq Li YES , 769these are the flags to pass to 770.Xr syslogd 8 . 771.It Va inetd_enable 772.Pq Vt bool 773If set to 774.Dq Li YES , 775run the 776.Xr inetd 8 777daemon. 778.It Va inetd_program 779.Pq Vt str 780Path to 781.Xr inetd 8 782(default 783.Pa /usr/sbin/inetd ) . 784.It Va inetd_flags 785.Pq Vt str 786If 787.Va inetd_enable 788is set to 789.Dq Li YES , 790these are the flags to pass to 791.Xr inetd 8 . 792.It Va named_enable 793.Pq Vt bool 794If set to 795.Dq Li YES , 796run the 797.Xr named 8 798daemon. 799.It Va named_program 800.Pq Vt str 801Path to 802.Xr named 8 803(default 804.Pa /usr/sbin/named ) . 805.It Va named_flags 806.Pq Vt str 807If 808.Va named_enable 809is set to 810.Dq Li YES , 811these are the flags to pass to 812.Xr named 8 . 813.It Va kerberos4_server_enable 814.Pq Vt bool 815Set to 816.Dq Li YES 817to start a Kerberos IV authentication server 818at boot time. 819.It Va kadmind4_server_enable 820.Pq Vt bool 821Set to 822.Dq Li YES 823to start 824.Xr kadmind 8 , 825the Kerberos IV Administration Daemon; set to 826.Dq Li NO 827on a slave server. 828.It Va kerberos_stash 829.Pq Vt str 830If 831.Dq Li YES , 832instruct the Kerberos servers to use the stashed master key instead of 833prompting for it (only if 834.Va kerberos_server_enable 835is set to 836.Dq Li YES , 837and is used for both 838.Xr kerberos 1 839and 840.Xr kadmind 8 ) . 841.It Va kerberos5_server_enable 842.Pq Vt bool 843Set to 844.Dq Li YES 845to start a Kerberos 5 authentication server 846at boot time. 847.It Va kadmind5_server_enable 848.Pq Vt bool 849Set to 850.Dq Li YES 851to start 852.Xr k5admind 8 , 853the Kerberos 5 Administration Daemon; set to 854.Dq Li NO 855on a slave server. 856.It Va rwhod_enable 857.Pq Vt bool 858If set to 859.Dq Li YES , 860run the 861.Xr rwhod 8 862daemon at boot time. 863.It Va rwhod_flags 864.Pq Vt str 865If 866.Va rwhod_enable 867is set to 868.Dq Li YES , 869these are the flags to pass to it. 870.It Va amd_enable 871.Pq Vt bool 872If set to 873.Dq Li YES , 874run the 875.Xr amd 8 876daemon at boot time. 877.It Va amd_flags 878.Pq Vt str 879If 880.Va amd_enable 881is set to 882.Dq Li YES , 883these are the flags to pass to it. 884See the 885.Xr amd 8 886manpage for more information. 887.It Va amd_map_program 888.Pq Vt str 889If set, 890the specified program is run to get the list of 891.Xr amd 8 892maps. 893For example, if the 894.Xr amd 8 895maps are stored in NIS, one can set this to 896run 897.Xr ypcat 1 898to get a list of 899.Xr amd 8 900maps from the 901.Pa amd.master 902NIS map. 903.It Va update_motd 904.Pq Vt bool 905If set to 906.Dq Li YES , 907.Pa /etc/motd 908will be updated at boot time to reflect the kernel release 909being run. 910If set to 911.Dq Li NO , 912.Pa /etc/motd 913will not be updated. 914.It Va nfs_client_enable 915.Pq Vt bool 916If set to 917.Dq Li YES , 918run the NFS client daemons at boot time. 919.It Va nfs_access_cache 920.Pq Vt int 921If 922.Va nfs_client_enable 923is set to 924.Dq Li YES , 925this can be set to 926.Dq Li 0 927to disable NFS ACCESS RPC caching, or to the number of seconds for which 928NFS ACCESS 929results should be cached. 930A value of 2-10 seconds will substantially reduce network 931traffic for many NFS operations. 932.It Va nfs_server_enable 933.Pq Vt bool 934If set to 935.Dq Li YES , 936run the NFS server daemons at boot time. 937.It Va nfs_server_flags 938.Pq Vt str 939If 940.Va nfs_server_enable 941is set to 942.Dq Li YES , 943these are the flags to pass to the 944.Xr nfsd 8 945daemon. 946.It Va single_mountd_enable 947.Pq Vt bool 948If set to 949.Dq Li YES , 950and no 951.Va nfs_server_enable 952is set, start 953.Xr mountd 8 , 954but not 955.Xr nfsd 8 956daemon. 957It is commonly needed to run CFS without real NFS used. 958.It Va weak_mountd_authentication 959.Pq Vt bool 960If set to 961.Dq Li YES , 962allow services like PCNFSD to make non-privileged mount 963requests. 964.It Va nfs_privport 965.Pq Vt bool 966If set to 967.Dq Li YES , 968provide NFS services only on a secure port. 969.It Va nfs_bufpackets 970.Pq Vt int 971If set to a number, indicates the number of packets worth of 972socket buffer space to reserve on an NFS client. 973If set to 974.Dq Li DEFAULT , 975the kernel default is used (typically 4). 976Using a higher number may be 977useful on gigabit networks to improve performance. 978The minimum value is 9792 and the maximum is 64. 980.It Va rpc_lockd_enable 981.Pq Vt bool 982If set to 983.Dq Li YES 984and also an NFS server, run 985.Xr rpc.lockd 8 986at boot time. 987.It Va rpc_statd_enable 988.Pq Vt bool 989If set to 990.Dq Li YES 991and also an NFS server, run 992.Xr rpc.statd 8 993at boot time. 994.It Va portmap_program 995.Pq Vt str 996Path to 997.Xr rpcbind 8 998(default 999.Pa /usr/sbin/rpcbind ) . 1000.It Va portmap_enable 1001.Pq Vt bool 1002If set to 1003.Dq Li YES , 1004run the 1005.Xr rpcbind 8 1006service at boot time. 1007.It Va portmap_flags 1008.Pq Vt str 1009If 1010.Va portmap_enable 1011is set to 1012.Dq Li YES , 1013these are the flags to pass to the 1014.Xr rpcbind 8 1015daemon. 1016.It Va xtend_enable 1017.Pq Vt bool 1018If set to 1019.Dq Li YES , 1020run the 1021.Xr xtend 8 1022daemon at boot time. 1023.It Va xtend_flags 1024.Pq Vt str 1025If 1026.Va xtend_enable 1027is set to 1028.Dq Li YES , 1029these are the flags to pass to the 1030.Xr xtend 8 1031daemon. 1032.It Va pppoed_enable 1033.Pq Vt bool 1034If set to 1035.Dq Li YES , 1036run the 1037.Xr pppoed 8 1038daemon at boot time to provide PPP over Ethernet services. 1039.It Va pppoed_ Ns Ar provider 1040.Pq Vt str 1041.Xr pppoed 8 1042listens to requests to this 1043.Ar provider 1044and ultimately runs 1045.Xr ppp 8 1046with a 1047.Ar system 1048argument of the same name. 1049.It Va pppoed_flags 1050.Pq Vt str 1051Additional flags to pass to 1052.Xr pppoed 8 . 1053.It Va pppoed_interface 1054.Pq Vt str 1055The network interface to run 1056.Xr pppoed 8 1057on. 1058This is mandatory when 1059.Va pppoed_enable 1060is set to 1061.Dq Li YES . 1062.It Va timed_enable 1063.Pq Vt boot 1064If set to 1065.Dq Li YES , 1066run the 1067.Xr timed 8 1068service at boot time. 1069This command is intended for networks of 1070machines where a consistent 1071.Dq "network time" 1072for all hosts must be established. 1073This is often useful in large NFS 1074environments where time stamps on files are expected to be consistent 1075network-wide. 1076.It Va timed_flags 1077.Pq Vt str 1078If 1079.Va timed_enable 1080is set to 1081.Dq Li YES , 1082these are the flags to pass to the 1083.Xr timed 8 1084service. 1085.It Va ntpdate_enable 1086.Pq Vt bool 1087If set to 1088.Dq Li YES , 1089run 1090.Xr ntpdate 8 1091at system startup. 1092This command is intended to 1093synchronize the system clock only 1094.Em once 1095from some standard reference. 1096An option to set this up initially 1097(from a list of known servers) is also provided by the 1098.Xr sysinstall 8 1099program when the system is first installed. 1100.It Va ntpdate_program 1101.Pq Vt str 1102Path to 1103.Xr ntpdate 8 1104(default 1105.Pa /usr/sbin/ntpdate ) . 1106.It Va ntpdate_flags 1107.Pq Vt str 1108If 1109.Va ntpdate_enable 1110is set to 1111.Dq Li YES , 1112these are the flags to pass to the 1113.Xr ntpdate 8 1114command (typically a hostname). 1115.It Va xntpd_enable 1116.Pq Vt bool 1117If set to 1118.Dq Li YES , 1119run the 1120.Xr ntpd 8 1121command at boot time. 1122.It Va xntpd_program 1123.Pq Vt str 1124Path to 1125.Xr ntpd 8 1126(default 1127.Pa /usr/sbin/ntpd ) . 1128.It Va xntpd_flags 1129.Pq Vt str 1130If 1131.Va xntpd_enable 1132is set to 1133.Dq Li YES , 1134these are the flags to pass to the 1135.Xr ntpd 8 1136daemon. 1137.It Va nis_client_enable 1138.Pq Vt bool 1139If set to 1140.Dq Li YES , 1141run the 1142.Xr ypbind 8 1143service at system boot time. 1144.It Va nis_client_flags 1145.Pq Vt str 1146If 1147.Va nis_client_enable 1148is set to 1149.Dq Li YES , 1150these are the flags to pass to the 1151.Xr ypbind 8 1152service. 1153.It Va nis_ypset_enable 1154.Pq Vt bool 1155If set to 1156.Dq Li YES , 1157run the 1158.Xr ypset 8 1159daemon at system boot time. 1160.It Va nis_ypset_flags 1161.Pq Vt str 1162If 1163.Va nis_ypset_enable 1164is set to 1165.Dq Li YES , 1166these are the flags to pass to the 1167.Xr ypset 8 1168daemon. 1169.It Va nis_server_enable 1170.Pq Vt bool 1171If set to 1172.Dq Li YES , 1173run the 1174.Xr ypserv 8 1175daemon at system boot time. 1176.It Va nis_server_flags 1177.Pq Vt str 1178If 1179.Va nis_server_enable 1180is set to 1181.Dq Li YES , 1182these are the flags to pass to the 1183.Xr ypserv 8 1184daemon. 1185.It Va nis_ypxfrd_enable 1186.Pq Vt bool 1187If set to 1188.Dq Li YES , 1189run the 1190.Xr rpc.ypxfrd 8 1191daemon at system boot time. 1192.It Va nis_ypxfrd_flags 1193.Pq Vt str 1194If 1195.Va nis_ypxfrd_enable 1196is set to 1197.Dq Li YES , 1198these are the flags to pass to the 1199.Xr rpc.ypxfrd 8 1200daemon. 1201.It Va nis_yppasswdd_enable 1202.Pq Vt bool 1203If set to 1204.Dq Li YES , 1205run the 1206.Xr rpc.yppasswdd 8 1207daemon at system boot time. 1208.It Va nis_yppasswdd_flags 1209.Pq Vt str 1210If 1211.Va nis_yppasswdd_enable 1212is set to 1213.Dq Li YES , 1214these are the flags to pass to the 1215.Xr rpc.yppasswdd 8 1216daemon. 1217.It Va defaultrouter 1218.Pq Vt str 1219If not set to 1220.Dq Li NO , 1221create a default route to this host name or IP address 1222(use an IP address if this router is also required to get to the 1223name server!). 1224.It Va static_routes 1225.Pq Vt str 1226Set to the list of static routes that are to be added at system 1227boot time. 1228If not set to 1229.Dq Li NO 1230then for each whitespace separated 1231.Ar element 1232in the value, a 1233.Va route_ Ns Aq Ar element 1234variable is assumed to exist 1235whose contents will later be passed to a 1236.Dq Nm route Cm add 1237operation. 1238.It Va gateway_enable 1239.Pq Vt bool 1240If set to 1241.Dq Li YES , 1242configure host to act as an IP router, e.g. to forward packets 1243between interfaces. 1244.It Va router_enable 1245.Pq Vt bool 1246If set to 1247.Dq Li YES , 1248run a routing daemon of some sort, based on the 1249settings of 1250.Va router 1251and 1252.Va router_flags . 1253.It Va router 1254.Pq Vt str 1255If 1256.Va router_enable 1257is set to 1258.Dq Li YES , 1259this is the name of the routing daemon to use. 1260.It Va router_flags 1261.Pq Vt str 1262If 1263.Va router_enable 1264is set to 1265.Dq Li YES , 1266these are the flags to pass to the routing daemon. 1267.It Va mrouted_enable 1268.Pq Vt bool 1269If set to 1270.Dq Li YES , 1271run the multicast routing daemon, 1272.Xr mrouted 8 . 1273.It Va mrouted_flags 1274.Pq Vt str 1275If 1276.Va mrouted_enable 1277is set to 1278.Dq Li YES , 1279these are the flags to pass to the 1280.Xr mrouted 8 1281daemon. 1282.It Va ipxgateway_enable 1283.Pq Vt bool 1284If set to 1285.Dq Li YES , 1286enable the routing of IPX traffic. 1287.It Va ipxrouted_enable 1288.Pq Vt bool 1289If set to 1290.Dq Li YES , 1291run the 1292.Xr IPXrouted 8 1293daemon at system boot time. 1294.It Va ipxrouted_flags 1295.Pq Vt str 1296If 1297.Va ipxrouted_enable 1298is set to 1299.Dq Li YES , 1300these are the flags to pass to the 1301.Xr IPXrouted 8 1302daemon. 1303.It Va arpproxy_all 1304.Pq Vt bool 1305If set to 1306.Dq Li YES , 1307enable global proxy ARP. 1308.It Va forward_sourceroute 1309.Pq Vt bool 1310If set to 1311.Dq Li YES 1312and 1313.Va gateway_enable 1314is also set to 1315.Dq Li YES , 1316source-routed packets are forwarded. 1317.It Va accept_sourceroute 1318.Pq Vt bool 1319If set to 1320.Dq Li YES , 1321the system will accept source-routed packets directed at it. 1322.It Va rarpd_enable 1323.Pq Vt bool 1324If set to 1325.Dq Li YES , 1326run the 1327.Xr rarpd 8 1328daemon at system boot time. 1329.It Va rarpd_flags 1330.Pq Vt str 1331If 1332.Va rarpd_enable 1333is set to 1334.Dq Li YES , 1335these are the flags to pass to the 1336.Xr rarpd 8 1337daemon. 1338.It Va atm_enable 1339.Pq Vt bool 1340Set to 1341.Dq Li YES 1342to enable the configuration of ATM interfaces at system boot time. 1343For all of the ATM variables described below, please refer to the 1344.Xr atm 8 1345man page for further details on the available command parameters. 1346Also refer to the files in 1347.Pa /usr/share/examples/atm 1348for more detailed configuration information. 1349.It Va atm_netif_ Ns Aq Ar intf 1350.Pq Vt str 1351For the ATM physical interface 1352.Ar intf , 1353this variable defines the name prefix and count for the ATM network 1354interfaces to be created. 1355The value will be passed as the parameters of an 1356.Dq Nm atm Cm "set netif" Ar intf 1357command. 1358.It Va atm_sigmgr_ Ns Aq Ar intf 1359.Pq Vt str 1360For the ATM physical interface 1361.Ar intf , 1362this variable defines the ATM signalling manager to be used. 1363The value will be passed as the parameters of an 1364.Dq Nm atm Cm attach Ar intf 1365command. 1366.It Va atm_prefix_ Ns Aq Ar intf 1367.Pq Vt str 1368For the ATM physical interface 1369.Ar intf , 1370this variable defines the NSAP prefix for interfaces using a UNI signalling 1371manager. 1372If set to 1373.Dq Li ILMI , 1374the prefix will automatically be set via the 1375.Xr ilmid 8 1376daemon. 1377Otherwise, the value will be passed as the parameters of an 1378.Dq Nm atm Cm "set prefix" Ar intf 1379command. 1380.It Va atm_macaddr_ Ns Aq Ar intf 1381.Pq Vt str 1382For the ATM physical interface 1383.Ar intf , 1384this variable defines the MAC address for interfaces using a UNI signalling 1385manager. 1386If set to 1387.Dq Li NO , 1388the hardware MAC address contained in the ATM interface card will be used. 1389Otherwise, the value will be passed as the parameters of an 1390.Dq Nm atm Cm "set mac" Ar intf 1391command. 1392.It Va atm_arpserver_ Ns Aq Ar netif 1393.Pq Vt str 1394For the ATM network interface 1395.Ar netif , 1396this variable defines the ATM address for a host which is to provide ATMARP 1397service. 1398This variable is only applicable to interfaces using a UNI signalling 1399manager. 1400If set to 1401.Dq Li local , 1402this host will become an ATMARP server. 1403The value will be passed as the parameters of an 1404.Dq Nm atm Cm "set arpserver" Ar netif 1405command. 1406.It Va atm_scsparp_ Ns Aq Ar netif 1407.Pq Vt bool 1408If set to 1409.Dq Li YES , 1410SCSP/ATMARP service for the network interface 1411.Ar netif 1412will be initiated using the 1413.Xr scspd 8 1414and 1415.Xr atmarpd 8 1416daemons. 1417This variable is only applicable if 1418.Va atm_arpserver_ Ns Aq Ar netif 1419is set to 1420.Dq Li local . 1421.It Va atm_pvcs 1422.Pq Vt str 1423Set to the list of ATM PVCs to be added at system 1424boot time. 1425For each whitespace separated 1426.Ar element 1427in the value, an 1428.Va atm_pvc_ Ns Aq Ar element 1429variable is assumed to exist. 1430The value of each of these variables 1431will be passed as the parameters of an 1432.Dq Nm atm Cm "add pvc" 1433command. 1434.It Va atm_arps 1435.Pq Vt str 1436Set to the list of permanent ATM ARP entries to be added 1437at system boot time. 1438For each whitespace separated 1439.Ar element 1440in the value, an 1441.Va atm_arp_ Ns Aq Ar element 1442variable is assumed to exist. 1443The value of each of these variables 1444will be passed as the parameters of an 1445.Dq Nm atm Cm "add arp" 1446command. 1447.It Va keymap 1448.Pq Vt str 1449If set to 1450.Dq Li NO , 1451no keymap is installed, otherwise the value is used to install 1452the keymap file in 1453.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1454.It Va keyrate 1455.Pq Vt str 1456The keyboard repeat speed. 1457Set to 1458.Dq Li slow , 1459.Dq Li normal , 1460.Dq Li fast , 1461or 1462.Dq Li NO 1463if the default behavior is desired. 1464.It Va keychange 1465.Pq Vt str 1466If not set to 1467.Dq Li NO , 1468attempt to program the function keys with the value. 1469The value should 1470be a single string of the form: 1471.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1472.It Va cursor 1473.Pq Vt str 1474Can be set to the value of 1475.Dq Li normal , 1476.Dq Li blink , 1477.Dq Li destructive , 1478or 1479.Dq Li NO 1480to set the cursor behavior explicitly or choose the default behavior. 1481.It Va scrnmap 1482.Pq Vt str 1483If set to 1484.Dq Li NO , 1485no screen map is installed, otherwise the value is used to install 1486the screen map file in 1487.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1488.It Va font8x16 1489.Pq Vt str 1490If set to 1491.Dq Li NO , 1492the default 8x16 font value is used for screen size requests, otherwise 1493the value in 1494.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1495is used. 1496.It Va font8x14 1497.Pq Vt str 1498If set to 1499.Dq Li NO , 1500the default 8x14 font value is used for screen size requests, otherwise 1501the value in 1502.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1503is used. 1504.It Va font8x8 1505.Pq Vt str 1506If set to 1507.Dq Li NO , 1508the default 8x8 font value is used for screen size requests, otherwise 1509the value in 1510.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1511is used. 1512.It Va blanktime 1513.Pq Vt int 1514If set to 1515.Dq Li NO , 1516the default screen blanking interval is used, otherwise it is set 1517to 1518.Ar value 1519seconds. 1520.It Va saver 1521.Pq Vt str 1522If not set to 1523.Dq Li NO , 1524this is the actual screen saver to use 1525.Li ( blank , snake , daemon , 1526etc). 1527.It Va moused_enable 1528.Pq Vt str 1529If set to 1530.Dq Li YES , 1531the 1532.Xr moused 8 1533daemon is started for doing cut/paste selection on the console. 1534.It Va moused_type 1535.Pq Vt str 1536This is the protocol type of the mouse connected to this host. 1537This variable must be set if 1538.Va moused_enable 1539is set to 1540.Dq Li YES . 1541The 1542.Xr moused 8 1543daemon 1544is able to detect the appropriate mouse type automatically in many cases. 1545Set this variable to 1546.Dq Li auto 1547to let the daemon detect it, or 1548select one from the following list if the automatic detection fails. 1549.Pp 1550If the mouse is attached to the PS/2 mouse port, choose 1551.Dq Li auto 1552or 1553.Dq Li ps/2 , 1554regardless of the brand and model of the mouse. 1555Likewise, if the 1556mouse is attached to the bus mouse port, choose 1557.Dq Li auto 1558or 1559.Dq Li busmouse . 1560All other protocols are for serial mice and will not work with 1561the PS/2 and bus mice. 1562If this is a USB mouse, 1563.Dq Li auto 1564is the only protocol type which will work. 1565.Pp 1566.Bl -tag -width ".Li x10mouseremote" -compact 1567.It Li microsoft 1568Microsoft mouse (serial) 1569.It Li intellimouse 1570Microsoft IntelliMouse (serial) 1571.It Li mousesystems 1572Mouse systems Corp. mouse (serial) 1573.It Li mmseries 1574MM Series mouse (serial) 1575.It Li logitech 1576Logitech mouse (serial) 1577.It Li busmouse 1578A bus mouse 1579.It Li mouseman 1580Logitech MouseMan and TrackMan (serial) 1581.It Li glidepoint 1582ALPS GlidePoint (serial) 1583.It Li thinkingmouse 1584Kensington ThinkingMouse (serial) 1585.It Li ps/2 1586PS/2 mouse 1587.It Li mmhittab 1588MM HitTablet (serial) 1589.It Li x10mouseremote 1590X10 MouseRemote (serial) 1591.It Li versapad 1592Interlink VersaPad (serial) 1593.El 1594.Pp 1595Even if the mouse is not in the above list, it may be compatible 1596with one in the list. 1597Refer to the man page for 1598.Xr moused 8 1599for compatibility information. 1600.Pp 1601It should also be noted that while this is enabled, any 1602other client of the mouse (such as an X server) should access 1603the mouse through the virtual mouse device, 1604.Pa /dev/sysmouse , 1605and configure it as a 1606.Dq Li sysmouse 1607type mouse, since all 1608mouse data is converted to this single canonical format when 1609using 1610.Xr moused 8 . 1611If the client program does not support the 1612.Dq Li sysmouse 1613type, 1614specify the 1615.Dq Li mousesystems 1616type. 1617It is the second preferred type. 1618.It Va moused_port 1619.Pq Vt str 1620If 1621.Va moused_enable 1622is set to 1623.Dq Li YES , 1624this is the actual port the mouse is on. 1625It might be 1626.Pa /dev/cuaa0 1627for a COM1 serial mouse, 1628.Pa /dev/psm0 1629for a PS/2 mouse or 1630.Pa /dev/mse0 1631for a bus mouse, for example. 1632.It Va moused_flags 1633.Pq Vt str 1634If 1635.Va moused_type 1636is set, these are the additional flags to pass to the 1637.Xr moused 8 1638daemon. 1639.It Va mousechar_start 1640.Pq Vt int 1641If set to 1642.Dq Li NO , 1643the default mouse cursor character range 1644.Li 0xd0 Ns - Ns Li 0xd3 1645is used, 1646otherwise the range start is set 1647to 1648.Ar value 1649character, see 1650.Xr vidcontrol 1 . 1651Use if the default range is occupied in the language code table. 1652.It Va allscreens_flags 1653.Pq Vt str 1654If set, 1655.Xr vidcontrol 1 1656is run with these options for each of the virtual terminals 1657.Pq Pa /dev/ttyv* . 1658For example, 1659.Dq Fl m Cm on 1660will enable the mouse pointer on all virtual terminals 1661if 1662.Va moused_enable 1663is set to 1664.Dq Li YES . 1665.It Va allscreens_kbdflags 1666.Pq Vt str 1667If set, 1668.Xr kbdcontrol 1 1669is run with these options for each of the virtual terminals 1670.Pq Pa /dev/ttyv* . 1671For example, 1672.Dq Fl h Li 200 1673will set the 1674.Xr syscons 4 1675scrollback (history) buffer to 200 lines. 1676.It Va cron_enable 1677.Pq Vt bool 1678If set to 1679.Dq Li YES , 1680run the 1681.Xr cron 8 1682daemon at system boot time. 1683.It Va cron_program 1684.Pq Vt str 1685Path to 1686.Xr cron 8 1687(default 1688.Pa /usr/sbin/cron ) . 1689.It Va cron_flags 1690.Pq Vt str 1691If 1692.Va cron_enable 1693is set to 1694.Dq Li YES , 1695these are the flags to pass to 1696.Xr cron 8 . 1697.It Va lpd_program 1698.Pq Vt str 1699Path to 1700.Xr lpd 8 1701(default 1702.Pa /usr/sbin/lpd ) . 1703.It Va lpd_enable 1704.Pq Vt bool 1705If set to 1706.Dq Li YES , 1707run the 1708.Xr lpd 8 1709daemon at system boot time. 1710.It Va lpd_flags 1711.Pq Vt str 1712If 1713.Va lpd_enable 1714is set to 1715.Dq Li YES , 1716these are the flags to pass to the 1717.Xr lpd 8 1718daemon. 1719.It Va mta_start_script 1720.Pq Vt str 1721This variable specifies the full path to the script to run to start 1722a mail transfer agent. 1723The default is 1724.Pa /etc/rc.sendmail . 1725The 1726.Va sendmail_* 1727variables which 1728.Pa /etc/rc.sendmail 1729uses are documented in the 1730.Xr rc.sendmail 8 1731man page. 1732.It Va dumpdev 1733.Pq Vt str 1734Indicates the device (usually a swap partition) to which a crash dump 1735should be written in the event of a system crash. 1736The value of this variable is passed as the argument to 1737.Xr dumpon 8 . 1738To disable crash dumps, set this variable to 1739.Dq Li NO . 1740.It Va dumpdir 1741.Pq Vt str 1742When the system reboots after a crash and a crash dump is found on the 1743device specified by the 1744.Va dumpdev 1745variable, 1746.Xr savecore 8 1747will save that crash dump and a copy of the kernel to the directory 1748specified by the 1749.Va dumpdir 1750variable. 1751The default value is 1752.Pa /var/crash . 1753Set to 1754.Dq Li NO 1755to not run 1756.Xr savecore 8 1757at boot time when 1758.Va dumpdir 1759is set. 1760.It Va savecore_flags 1761.Pq Vt str 1762If crash dumps are enabled, these are the flags to pass to the 1763.Xr savecore 8 1764utility. 1765.It Va enable_quotas 1766.Pq Vt bool 1767Set to 1768.Dq Li YES 1769to turn on user disk quotas on system startup via the 1770.Xr quotaon 8 1771command. 1772.It Va check_quotas 1773.Pq Vt bool 1774Set to 1775.Dq Li YES 1776to enable user disk quota checking via the 1777.Xr quotacheck 8 1778command. 1779.It Va accounting_enable 1780.Pq Vt bool 1781Set to 1782.Dq Li YES 1783to enable system accounting through the 1784.Xr accton 8 1785facility. 1786.It Va ibcs2_enable 1787.Pq Vt bool 1788Set to 1789.Dq Li YES 1790to enable iBCS2 (SCO) binary emulation at system initial boot 1791time. 1792.It Va ibcs2_loaders 1793.Pq Vt str 1794If not set to 1795.Dq Li NO 1796and if 1797.Va ibcs2_enable 1798is set to 1799.Dq Li YES , 1800this specifies a list of additional iBCS2 loaders to enable. 1801.It Va linux_enable 1802.Pq Vt bool 1803Set to 1804.Dq Li YES 1805to enable Linux/ELF binary emulation at system initial 1806boot time. 1807.It Va osf1_enable 1808.Pq Vt bool 1809Set to 1810.Dq Li YES 1811to enable OSF/1 (Digital UNIX) binary emulation at system 1812initial boot time. 1813(alpha) 1814.It Va clear_tmp_enable 1815.Pq Vt bool 1816Set to 1817.Dq Li YES 1818to have 1819.Pa /tmp 1820cleaned at startup. 1821.It Va ldconfig_paths 1822.Pq Vt str 1823Set to the list of shared library paths to use with 1824.Xr ldconfig 8 . 1825NOTE: 1826.Pa /usr/lib 1827will always be added first, so it need not appear in this list. 1828.It Va ldconfig_insecure 1829.Pq Vt bool 1830The 1831.Xr ldconfig 8 1832utility normally refuses to use directories 1833which are writable by anyone except root. 1834Set this variable to 1835.Dq Li YES 1836to disable that security check during system startup. 1837.It Va kern_securelevel_enable 1838.Pq Vt bool 1839Set to 1840.Dq Li YES 1841to set the kernel security level at system startup. 1842.It Va kern_securelevel 1843.Pq Vt int 1844The kernel security level to set at startup. 1845The allowed range of 1846.Ar value 1847ranges from \-1 (the compile time default) to 3 (the 1848most secure). 1849See 1850.Xr init 8 1851for the list of possible security levels and their effect 1852on system operation. 1853.It Va lomac_enable 1854.Pq Vt bool 1855Set to 1856.Dq Li YES 1857to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 1858This security model enforces integrity constraints for system processes; 1859see 1860.Xr lomac 4 1861for a complete description of the LOMAC model, as well as its impact 1862on system operation. 1863.It Va start_vinum 1864.Pq Vt bool 1865Set to 1866.Dq Li YES 1867to start 1868.Xr vinum 8 1869at system boot time. 1870.It Va sshd_program 1871.Pq Vt str 1872Path to the SSH server program 1873.Pa ( /usr/sbin/sshd 1874is the default). 1875.It Va sshd_enable 1876.Pq Vt bool 1877Set to 1878.Dq Li YES 1879to start 1880.Xr sshd 8 1881at system boot time. 1882.It Va sshd_flags 1883.Pq Vt str 1884If 1885.Va sshd_enable 1886is set to 1887.Dq Li YES , 1888these are the flags to pass to the 1889.Xr sshd 8 1890daemon. 1891.It Va unaligned_print 1892.Pq Vt bool 1893If set to 1894.Dq Li NO , 1895unaligned access warnings will not be printed. 1896(alpha) 1897.\" ----- isdn settings --------------------------------- 1898.It Va isdn_enable 1899.Pq Vt bool 1900Set to 1901.Dq Li NO 1902by default. 1903When set to 1904.Dq Li YES , 1905starts the 1906.Xr isdnd 8 1907daemon 1908at system boot time. 1909.It Va isdn_flags 1910.Pq Vt str 1911Set to 1912.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 1913by default. 1914Additional flags to pass to 1915.Xr isdnd 8 1916(but see 1917.Va isdn_fsdev 1918and 1919.Va isdn_ttype 1920for certain tunable parameters). 1921.It Va isdn_ttype 1922.Pq Vt str 1923Set to 1924.Dq Li cons25 1925by default. 1926The terminal type of the output device when 1927.Xr isdnd 8 1928operates in full-screen mode. 1929.It Va isdn_screenflags 1930.Pq Vt str 1931Set to 1932.Dq Li NO 1933by default. 1934The video mode for full-screen mode (only for 1935.Xr syscons 4 1936console driver, see 1937.Xr vidcontrol 1 1938for valid modes). 1939.It Va isdn_fsdev 1940.Pq Vt str 1941Set to 1942.Dq Li NO 1943by default. 1944The output device for 1945.Xr isdnd 8 1946in full-screen mode (or 1947.Dq Li NO 1948for daemon mode). 1949.It Va isdn_trace 1950.Pq Vt bool 1951Set to 1952.Dq Li NO 1953by default. 1954When set to 1955.Dq Li YES , 1956enables the ISDN protocol trace utility 1957.Xr isdntrace 8 1958at system boot time. 1959.It Va isdn_traceflags 1960.Pq Vt str 1961Set to 1962.Dq Fl f Pa /var/tmp/isdntrace0 1963by default. 1964Flags for 1965.Xr isdntrace 8 . 1966.\" ----------------------------------------------------- 1967.El 1968.Sh FILES 1969.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 1970.It Pa /etc/defaults/rc.conf 1971.It Pa /etc/rc.conf 1972.It Pa /etc/rc.conf.local 1973.El 1974.Sh SEE ALSO 1975.Xr catman 1 , 1976.Xr gdb 1 , 1977.Xr info 1 , 1978.Xr makewhatis 1 , 1979.Xr vidcontrol 1 , 1980.Xr tcp 4 , 1981.Xr udp 4 , 1982.Xr exports 5 , 1983.Xr motd 5 , 1984.Xr accton 8 , 1985.Xr amd 8 , 1986.Xr apm 8 , 1987.Xr atm 8 , 1988.Xr cron 8 , 1989.Xr dhclient 8 , 1990.Xr gated 8 , 1991.Xr ifconfig 8 , 1992.Xr inetd 8 , 1993.Xr isdnd 8 , 1994.Xr isdntrace 8 , 1995.Xr lpd 8 , 1996.Xr mdconfig 8 , 1997.Xr moused 8 , 1998.Xr mrouted 8 , 1999.Xr named 8 , 2000.Xr nfsd 8 , 2001.Xr ntpd 8 , 2002.Xr ntpdate 8 , 2003.Xr pcnfsd 8 , 2004.Xr quotacheck 8 , 2005.Xr quotaon 8 , 2006.Xr rc 8 , 2007.Xr rc.sendmail 8 , 2008.Xr route 8 , 2009.Xr routed 8 , 2010.Xr rpc.lockd 8 , 2011.Xr rpc.statd 8 , 2012.Xr rpcbind 8 , 2013.Xr rwhod 8 , 2014.Xr savecore 8 , 2015.Xr sshd 8 , 2016.Xr swapon 8 , 2017.Xr sysctl 8 , 2018.Xr syslogd 8 , 2019.Xr timed 8 , 2020.Xr vinum 8 , 2021.Xr xtend 8 , 2022.Xr yp 8 , 2023.Xr ypbind 8 , 2024.Xr ypserv 8 , 2025.Xr ypset 8 2026.Sh HISTORY 2027The 2028.Nm 2029file appeared in 2030.Fx 2.2.2 . 2031.Sh AUTHORS 2032.An Jordan K. Hubbard . 2033