xref: /freebsd/share/man/man5/rc.conf.5 (revision c98323078dede7579020518ec84cdcb478e5c142)
1.\" Copyright (c) 1995
2.\"	Jordan K. Hubbard
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.\" $FreeBSD$
26.\"
27.Dd April 25, 2004
28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
38started up at system initial boot time.
39In new installations, the
40.Nm
41file is generally initialized by the system installation utility,
42.Xr sysinstall 8 .
43.Pp
44The purpose of
45.Nm
46is not to run commands or perform system startup actions
47directly.
48Instead, it is included by the
49various generic startup scripts in
50.Pa /etc
51which conditionalize their
52internal actions according to the settings found there.
53.Pp
54The
55.Pa /etc/rc.conf
56file is included from the file
57.Pa /etc/defaults/rc.conf ,
58which specifies the default settings for all the available options.
59Options need only be specified in
60.Pa /etc/rc.conf
61when the system administrator wishes to override these defaults.
62The file
63.Pa /etc/rc.conf.local
64is used to override settings in
65.Pa /etc/rc.conf
66for historical reasons.
67See the
68.Va rc_conf_files
69variable below.
70.Pp
71The following list provides a name and short description for each
72variable that can be set in the
73.Nm
74file:
75.Bl -tag -width indent-two
76.It Va rc_debug
77.Pq Vt bool
78If set to
79.Dq Li YES ,
80enable output of debug messages from rc scripts.
81This variable can be helpful in diagnosing mistakes when
82editing or integrating new scripts.
83Beware that this produces copious output to the terminal and
84.Xr syslog 3 .
85.It Va rc_info
86.Pq Vt bool
87If set to
88.Dq Li NO ,
89disable informational messages from the rc scripts.
90Informational messages are displayed when
91a condition that is not serious enough to warrant a warning or
92an error occurs.
93.It Va swapfile
94.Pq Vt str
95If set to
96.Dq Li NO ,
97no swapfile is installed, otherwise the value is used as the full
98pathname to a file to use for additional swap space.
99.It Va apm_enable
100.Pq Vt bool
101If set to
102.Dq Li YES ,
103enable support for Automatic Power Management with
104the
105.Xr apm 8
106command.
107.It Va apmd_enable
108.Pq Vt bool
109Run
110.Xr apmd 8
111to handle APM event from userland.
112This also enables support for APM.
113.It Va apmd_flags
114.Pq Vt str
115If
116.Va apmd_enable
117is set to
118.Dq Li YES ,
119these are the flags to pass to the
120.Xr apmd 8
121daemon.
122.It Va devd_enable
123.Pq Vt bool
124Run
125.Xr devd 8
126to handle device added, removed or unknown events from the kernel.
127.It Va kldxref_enable
128.Pq Vt bool
129Set to
130.Dq Li NO
131by default.
132Set to
133.Dq Li YES
134to automatically rebuild
135.Pa linker.hints
136files with
137.Xr kldxref 8
138at boot time.
139.It Va kldxref_clobber
140.Pq Vt bool
141Set to
142.Dq Li NO
143by default.
144If
145.Va kldxref_enable
146is true,
147setting to
148.Dq Li YES
149will overwrite existing
150.Pa linker.hints
151files at boot time.
152Otherwise,
153only missing
154.Pa linker.hints
155files are generated.
156.It Va kldxref_module_path
157.Pq Vt str
158Empty by default.
159A semi-colon
160.Pq Ql \&;
161delimited list of paths containing
162.Xr kld 4
163modules.
164If empty,
165the contents of the
166.Va kern.module_path
167.Xr sysctl 8
168are used.
169.It Va pccard_enable
170.Pq Vt bool
171If set to
172.Dq Li YES ,
173enable PCCARD support at boot time.
174.It Va pccard_mem
175.Pq Vt str
176Set to PCCARD controller memory address or
177.Dq Li DEFAULT
178for the default value.
179.It Va pccard_ifconfig
180.Pq Vt str
181List of arguments to be passed to
182.Xr ifconfig 8
183at boot time or on
184insertion of the card (e.g.\&
185.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0
186for a fixed address or
187.Dq Li DHCP
188for a DHCP client).
189.It Va pccard_beep
190.Pq Vt int
191If 0,
192set the PCCARD controller to silent mode.
193If 1,
194set it to beep mode.
195If 2,
196set it to melody mode.
197.It Va pccard_conf
198.Pq Vt str
199Path to the configuration file for the
200.Xr pccardd 8
201daemon (e.g.\&
202.Pa /etc/pccard.conf.sample ) .
203.It Va pccardd_flags
204.Pq Vt str
205If
206.Va pccard_enable
207is set to
208.Dq Li YES ,
209these are the flags to pass to the
210.Xr pccardd 8
211daemon.
212.It Va pccard_ether_delay
213.Pq Vt str
214Set the delay before starting
215.Xr dhclient 8
216in the
217.Pa /etc/pccard_ether
218script.
219This defaults to 5 seconds to work around a bug in the
220.Xr ed 4
221driver which can lead to system hangs when using some newer
222.Xr ed 4
223based cards.
224.It Va removable_interfaces
225.Pq Vt str
226List of removable network interfaces to be supported by
227.Pa /etc/pccard_ether .
228.It Va tmpmfs
229Controls the creation of a
230.Pa /tmp
231memory file system.
232Always happens if set to
233.Dq Li YES
234and never happens if set to
235.Dq Li NO .
236If set to anything else, a memory file system is created if
237.Pa /tmp
238is not writable.
239.It Va tmpsize
240Controls the size of a created
241.Pa /tmp
242memory file system.
243.It Va varmfs
244Controls the creation of a
245.Pa /var
246memory file system.
247Always happens if set to
248.Dq Li YES
249and never happens if set to
250.Dq Li NO .
251If set to anything else, a memory file system is created if
252.Pa /var
253is not writable.
254.It Va varsize
255Controls the size of a created
256.Pa /var
257memory file system.
258.It Va populate_var
259Controls the automatic population of the
260.Pa /var
261file system.
262Always happens if set to
263.Dq Li YES
264and never happens if set to
265.Dq Li NO .
266If set to anything else, a memory file system is created if
267.Pa /tmp
268is not writable.
269Note that this process requires access to certain commands in
270.Pa /usr
271before
272.Pa /usr
273is mounted on normal systems.
274.It Va local_startup
275.Pq Vt str
276List of directories to search for startup script files.
277.It Va script_name_sep
278.Pq Vt str
279The field separator to use for breaking down the list of startup script files
280into individual filenames.
281The default is a space.
282It is not necessary to change this unless there are startup scripts with names
283containing spaces.
284.It Va hostname
285.Pq Vt str
286The fully qualified domain name (FQDN) of this host on the network.
287This should almost certainly be set to something meaningful, even if
288there is no network connection.
289If
290.Xr dhclient 8
291is used to set the hostname via DHCP,
292this variable should be set to an empty string.
293.It Va ipv6_enable
294.Pq Vt bool
295Enable support for IPv6 networking.
296Note that this requires that the kernel have been compiled with
297.Cd "options INET6" .
298.It Va nisdomainname
299.Pq Vt str
300The NIS domain name of this host, or
301.Dq Li NO
302if NIS is not used.
303.It Va dhclient_program
304.Pq Vt str
305Path to the DHCP client program
306.Pa ( /sbin/dhclient ,
307the ISC DHCP client,
308is the default).
309.It Va dhclient_flags
310.Pq Vt str
311Additional flags to pass to the DHCP client program.
312For the ISC DHCP client, see the
313.Xr dhclient 8
314manpage for a description of the command line options available.
315.It Va background_dhclient
316.Pq Vt bool
317Set to
318.Dq Li YES
319to start the dhcp client in background.
320This can cause trouble with applications depending on
321a working network, but it will provide a faster startup
322in many cases.
323.It Va firewall_enable
324.Pq Vt bool
325Set to
326.Dq Li YES
327to load firewall rules at startup.
328If the kernel was not built with
329.Cd "options IPFIREWALL" ,
330the
331.Pa ipfw.ko
332kernel module will be loaded.
333See also
334.Va ipfilter_enable .
335.It Va ipv6_firewall_enable
336.Pq Vt bool
337The IPv6 equivalent of
338.Va firewall_enable .
339Set to
340.Dq Li YES
341to load IPv6 firewall rules at startup.
342If the kernel was not built with
343.Cd "options IPV6FIREWALL" ,
344the
345.Pa ip6fw.ko
346kernel module will be loaded.
347.It Va firewall_script
348.Pq Vt str
349This variable specifies the full path to the firewall script to run.
350The default is
351.Pa /etc/rc.firewall .
352.It Va ipv6_firewall_script
353.Pq Vt str
354The IPv6 equivalent of
355.Va firewall_script .
356.It Va firewall_type
357.Pq Vt str
358Names the firewall type from the selection in
359.Pa /etc/rc.firewall ,
360or the file which contains the local firewall ruleset.
361Valid selections from
362.Pa /etc/rc.firewall
363are:
364.Pp
365.Bl -tag -width ".Li simple" -compact
366.It Li open
367unrestricted IP access
368.It Li closed
369all IP services disabled, except via
370.Dq Li lo0
371.It Li client
372basic protection for a workstation
373.It Li simple
374basic protection for a LAN.
375.El
376.Pp
377If a filename is specified, the full path
378must be given.
379.It Va ipv6_firewall_type
380.Pq Vt str
381The IPv6 equivalent of
382.Va firewall_type .
383.It Va firewall_quiet
384.Pq Vt bool
385Set to
386.Dq Li YES
387to disable the display of firewall rules on the console during boot.
388.It Va ipv6_firewall_quiet
389.Pq Vt bool
390The IPv6 equivalent of
391.Va firewall_quiet .
392.It Va firewall_logging
393.Pq Vt bool
394Set to
395.Dq Li YES
396to enable firewall event logging.
397This is equivalent to the
398.Dv IPFIREWALL_VERBOSE
399kernel option.
400.It Va ipv6_firewall_logging
401.Pq Vt bool
402The IPv6 equivalent of
403.Va firewall_logging .
404.It Va firewall_flags
405.Pq Vt str
406Flags passed to
407.Xr ipfw 8
408if
409.Va firewall_type
410specifies a filename.
411.It Va ipv6_firewall_flags
412.Pq Vt str
413The IPv6 equivalent of
414.Va firewall_flags .
415.It Va natd_program
416.Pq Vt str
417Path to
418.Xr natd 8 .
419.It Va natd_enable
420.Pq Vt bool
421Set to
422.Dq Li YES
423to enable
424.Xr natd 8 .
425.Va firewall_enable
426must also be set to
427.Dq Li YES ,
428and
429.Xr divert 4
430sockets must be enabled in the kernel.
431.It Va natd_interface
432.Pq Vt str
433This is the name of the public interface on which
434.Xr natd 8
435should run.
436The interface may be given as an interface name or as an IP address.
437.It Va natd_flags
438.Pq Vt str
439Additional
440.Xr natd 8
441flags should be placed here.
442The
443.Fl n
444or
445.Fl a
446flag is automatically added with the above
447.Va natd_interface
448as an argument.
449.\" ----- ipfilter_enable setting --------------------------------
450.It Va ipfilter_enable
451.Pq Vt bool
452Set to
453.Dq Li NO
454by default.
455Setting this to
456.Dq Li YES
457enables
458.Xr ipf 8
459packet filtering.
460.Pp
461Typical usage will require putting
462.Bd -literal
463ipfilter_enable="YES"
464ipnat_enable="YES"
465ipmon_enable="YES"
466ipfs_enable="YES"
467.Ed
468.Pp
469into
470.Pa /etc/rc.conf
471and editing
472.Pa /etc/ipf.rules
473and
474.Pa /etc/ipnat.rules
475appropriately.
476.Pp
477Note that
478.Va ipfilter_enable
479and
480.Va ipnat_enable
481can be enabled independently.
482.Va ipmon_enable
483and
484.Va ipfs_enable
485both require at least one of
486.Va ipfilter_enable
487and
488.Va ipnat_enable
489to be enabled.
490.Pp
491Having
492.Bd -literal
493options IPFILTER
494options IPFILTER_LOG
495options IPFILTER_DEFAULT_BLOCK
496.Ed
497.Pp
498in the kernel configuration file is a good idea, too.
499.\" ----- ipfilter_program setting ------------------------------
500.It Va ipfilter_program
501.Pq Vt str
502Path to
503.Xr ipf 8
504(default
505.Pa /sbin/ipf ) .
506.\" ----- ipfilter_rules setting --------------------------------
507.It Va ipfilter_rules
508.Pq Vt str
509Set to
510.Pa /etc/ipf.rules
511by default.
512This variable contains the name of the filter rule definition file.
513The file is expected to be readable for the
514.Xr ipf 8
515command to execute.
516.\" ----- ipv6_ipfilter_rules setting ---------------------------
517.It Va ipv6_ipfilter_rules
518.Pq Vt str
519Set to
520.Pa /etc/ipf6.rules
521by default.
522This variable contains the IPv6 filter rule definition file.
523The file is expected to be readable for the
524.Xr ipf 8
525command to execute.
526.\" ----- ipfilter_flags setting --------------------------------
527.It Va ipfilter_flags
528.Pq Vt str
529Empty by default.
530This variable contains flags passed to the
531.Xr ipf 8
532program.
533.\" ----- ipnat_enable setting ----------------------------------
534.It Va ipnat_enable
535.Pq Vt bool
536Set to
537.Dq Li NO
538by default.
539Set it to
540.Dq Li YES
541to enable
542.Xr ipnat 1
543network address translation.
544See
545.Va ipfilter_enable
546for a detailed discussion.
547.\" ----- ipnat_program setting ---------------------------------
548.It Va ipnat_program
549.Pq Vt str
550Path to
551.Xr ipnat 1
552(default
553.Pa /sbin/ipnat ) .
554.\" ----- ipnat_rules setting -----------------------------------
555.It Va ipnat_rules
556.Pq Vt str
557Set to
558.Pa /etc/ipnat.rules
559by default.
560This variable contains the name of the file
561holding the network address translation definition.
562This file is expected to be readable for the
563.Xr ipnat 1
564command to execute.
565.\" ----- ipnat_flags setting -----------------------------------
566.It Va ipnat_flags
567.Pq Vt str
568Empty by default.
569This variable contains flags passed to the
570.Xr ipnat 1
571program.
572.\" ----- ipmon_enable setting ----------------------------------
573.It Va ipmon_enable
574.Pq Vt bool
575Set to
576.Dq Li NO
577by default.
578Set it to
579.Dq Li YES
580to enable
581.Xr ipmon 8
582monitoring (logging
583.Xr ipf 8
584and
585.Xr ipnat 1
586events).
587Setting this variable needs setting
588.Va ipfilter_enable
589or
590.Va ipnat_enable
591too.
592See
593.Va ipfilter_enable
594for a detailed discussion.
595.\" ----- ipmon_program setting ---------------------------------
596.It Va ipmon_program
597.Pq Vt str
598Path to
599.Xr ipmon 8
600(default
601.Pa /sbin/ipmon ) .
602.\" ----- ipmon_flags setting -----------------------------------
603.It Va ipmon_flags
604.Pq Vt str
605Set to
606.Dq Li -Ds
607by default.
608This variable contains flags passed to the
609.Xr ipmon 8
610program.
611Another typical example would be
612.Dq Fl D Pa /var/log/ipflog
613to have
614.Xr ipmon 8
615log directly to a file bypassing
616.Xr syslogd 8 .
617Make sure to adjust
618.Pa /etc/newsyslog.conf
619in such case like this:
620.Bd -literal
621/var/log/ipflog  640  10  100  *  Z  /var/run/ipmon.pid
622.Ed
623.\" ----- ipfs_enable setting -----------------------------------
624.It Va ipfs_enable
625.Pq Vt bool
626Set to
627.Dq Li NO
628by default.
629Set it to
630.Dq Li YES
631to enable
632.Xr ipfs 8
633saving the filter and NAT state tables during shutdown
634and reloading them during startup again.
635Setting this variable needs setting
636.Va ipfilter_enable
637or
638.Va ipnat_enable
639to
640.Dq Li YES
641too.
642See
643.Va ipfilter_enable
644for a detailed discussion.
645Note that if
646.Va kern_securelevel
647is set to 3,
648.Va ipfs_enable
649cannot be used
650because the raised securelevel will prevent
651.Xr ipfs 8
652from saving the state tables at shutdown time.
653.\" ----- ipfs_program setting ----------------------------------
654.It Va ipfs_program
655.Pq Vt str
656Path to
657.Xr ipfs 8
658(default
659.Pa /sbin/ipfs ) .
660.\" ----- ipfs_flags setting ------------------------------------
661.It Va ipfs_flags
662.Pq Vt str
663Empty by default.
664This variable contains flags passed to the
665.Xr ipfs 8
666program.
667.\" ----- end of added ipf hook ---------------------------------
668.It Va pf_enable
669.Pq Vt bool
670Set to
671.Dq Li NO
672by default.
673Setting this to
674.Dq Li YES
675enables
676.Xr pf 4
677packet filtering.
678.Pp
679Typical usage will require putting
680.Pp
681.Dl pf_enable="YES"
682.Pp
683into
684.Pa /etc/rc.conf
685and editing
686.Pa /etc/pf.conf
687appropriately.
688.Pp
689Having
690.Bd -literal -offset indent
691options PFIL_HOOKS
692options RANDOM_IP_ID
693.Ed
694.Pp
695in the kernel configuration file is required for use as a
696.Xr kld 4
697module.
698.Pp
699.Dl "device pf"
700.Pp
701builds it into the kernel.
702.It Va pf_rules
703.Pq Vt str
704Path to
705.Xr pf 4
706ruleset configuration file
707(default
708.Pa /etc/pf.conf ) .
709.It Va pf_program
710.Pq Vt str
711Path to
712.Xr pfctl 8
713(default
714.Pa /sbin/pfctl ) .
715.It Va pf_flags
716.Pq Vt str
717If
718.Va pf_enable
719is set to
720.Dq Li YES ,
721these flags are passed to the
722.Xr pfctl 8
723program when loading the ruleset.
724.It Va pflog_enable
725.Pq Vt bool
726Set to
727.Dq Li NO
728by default.
729Setting this to
730.Dq Li YES
731enables
732.Xr pflogd 8
733which logs packtes from the
734.Xr pf 4
735packet filter.
736.It Va pflog_logfile
737.Pq Vt str
738If
739.Va pflog_enable
740is set to
741.Dq Li YES
742this controls where
743.Xr pflogd 8
744stores the logfile
745(default
746.Pa /var/log/pflog ) .
747Check
748.Pa /etc/newsyslog.conf
749to adjust logfile rotation for this.
750.It Va pflog_program
751.Pq Vt str
752Path to
753.Xr pflogd 8
754(default
755.Pa /sbin/pflogd ) .
756.It Va pflog_flags
757.Pq Vt str
758Empty by default.
759This variable contains additional flags passed to the
760.Xr pflogd 8
761program.
762.It Va tcp_extensions
763.Pq Vt bool
764Set to
765.Dq Li YES
766by default.
767Setting this to
768.Dq Li NO
769disables certain TCP options as described by
770.Rs
771.%T "RFC 1323"
772.Re
773Setting this to
774.Dq Li NO
775might help remedy such problems with connections as randomly hanging
776or other weird behavior.
777Some network devices are known
778to be broken with respect to these options.
779.It Va log_in_vain
780.Pq Vt int
781Set to 0 by default.
782The
783.Xr sysctl 8
784variables,
785.Va net.inet.tcp.log_in_vain
786and
787.Va net.inet.udp.log_in_vain ,
788as described in
789.Xr tcp 4
790and
791.Xr udp 4 ,
792are set to the given value.
793.It Va tcp_keepalive
794.Pq Vt bool
795Set to
796.Dq Li YES
797by default.
798Setting to
799.Dq Li NO
800will disable probing idle TCP connections to verify that the
801peer is still up and reachable.
802.It Va tcp_drop_synfin
803.Pq Vt bool
804Set to
805.Dq Li NO
806by default.
807Setting to
808.Dq Li YES
809will cause the kernel to ignore TCP frames that have both
810the SYN and FIN flags set.
811This prevents OS fingerprinting, but may
812break some legitimate applications.
813This option is only available if the
814kernel was built with the
815.Dv TCP_DROP_SYNFIN
816option.
817.It Va icmp_drop_redirect
818.Pq Vt bool
819Set to
820.Dq Li NO
821by default.
822Setting to
823.Dq Li YES
824will cause the kernel to ignore ICMP REDIRECT packets.
825Refer to
826.Xr icmp 4
827for more information.
828.It Va icmp_log_redirect
829.Pq Vt bool
830Set to
831.Dq Li NO
832by default.
833Setting to
834.Dq Li YES
835will cause the kernel to log ICMP REDIRECT packets.
836Note that
837the log messages are not rate-limited, so this option should only be used
838for troubleshooting networks.
839Refer to
840.Xr icmp 4
841for more information.
842.It Va icmp_bmcastecho
843.Pq Vt bool
844Set to
845.Dq Li YES
846to respond to broadcast or multicast ICMP ping packets.
847Refer to
848.Xr icmp 4
849for more information.
850.It Va ip_portrange_first
851.Pq Vt int
852If not set to
853.Dq Li NO ,
854this is the first port in the default portrange.
855Refer to
856.Xr ip 4
857for more information.
858.It Va ip_portrange_last
859.Pq Vt int
860If not set to
861.Dq Li NO ,
862this is the last port in the default portrange.
863Refer to
864.Xr ip 4
865for more information.
866.It Va network_interfaces
867.Pq Vt str
868Set to the list of network interfaces to configure on this host.
869For example, if the only network devices in the system are the loopback
870device
871.Pq Li lo0
872and a NIC using the
873.Xr ed 4
874driver,
875this could be set to
876.Dq Li "lo0 ed0" .
877An
878.Va ifconfig_ Ns Aq Ar interface
879variable is also assumed to exist for each value of
880.Ar interface .
881It is also possible to add IP alias entries here in cases where
882multiple IP addresses registered against a single interface
883are desired.
884Assuming that the interface in question was
885.Li ed0 ,
886it might look
887something like this:
888.Bd -literal
889ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
890ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
891.Ed
892.Pp
893And so on.
894For each
895.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
896entry that is found,
897its contents are passed to
898.Xr ifconfig 8 .
899Execution stops at the first unsuccessful access, so if
900something like this is present:
901.Bd -literal
902ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
903ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
904ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
905ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
906.Ed
907.Pp
908Then note that alias4 would
909.Em not
910be added since the search would
911stop with the missing alias3 entry.
912.Pp
913If the
914.Pa /etc/start_if. Ns Aq Ar interface
915file is present, it is read and executed by the
916.Xr sh 1
917interpreter
918before configuring the interface as specified in the
919.Va ifconfig_ Ns Aq Ar interface
920and
921.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
922variables.
923.Pp
924It is possible to bring up an interface with DHCP by setting the
925.Va ifconfig_ Ns Aq Ar interface
926variable to
927.Dq Li DHCP .
928For instance, to initialize the
929.Li ed0
930device via DHCP,
931it is possible to use something like:
932.Bd -literal
933ifconfig_ed0="DHCP"
934.Ed
935.It Va ipv6_network_interfaces
936.Pq Vt str
937This is the IPv6 equivalent of
938.Va network_interfaces .
939Instead of setting the ifconfig variables as
940.Va ifconfig_ Ns Aq Ar interface
941they should be set as
942.Va ipv6_ifconfig_ Ns Aq Ar interface .
943Aliases should be set as
944.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
945.Va ipv6_prefix_ Ns Aq Ar interface
946does something.
947Interfaces that do not have a
948.Va ipv6_ifconfig_ Ns Aq Ar interface
949setting will be auto configured by
950.Xr rtsol 8
951if the
952.Va ipv6_gateway_enable
953is set to
954.Dq Li NO .
955Note that the IPv6 networking code does not support the
956.Pa /etc/start_if. Ns Aq Ar interface
957files.
958.It Va ipv6_default_interface
959.Pq Vt str
960If not set to
961.Dq Li NO ,
962this is the default output interface for scoped addresses.
963Now this works only for IPv6 link local multicast addresses.
964.It Va cloned_interfaces
965.Pq Vt str
966Set to the list of clonable network interfaces to create on this host.
967Entries in
968.Va cloned_interfaces
969are automatically appended to
970.Va network_interfaces
971for configuration.
972.It Va gif_interfaces
973.Pq Vt str
974Set to the list of
975.Xr gif 4
976tunnel interfaces to configure on this host.
977A
978.Va gifconfig_ Ns Aq Ar interface
979variable is assumed to exist for each value of
980.Ar interface .
981The value of this variable is used to configure the link layer of the
982tunnel according to the syntax of the
983.Cm tunnel
984option to
985.Xr ifconfig 8 .
986Additionally, this option ensures that each listed interface is created
987via the
988.Cm create
989option to
990.Xr ifconfig 8
991before attempting to configure it.
992.It Va sppp_interfaces
993.Pq Vt str
994Set to the list of
995.Xr sppp 4
996interfaces to configure on this host.
997A
998.Va spppconfig_ Ns Aq Ar interface
999variable is assumed to exist for each value of
1000.Ar interface .
1001Each interface should also be configured by a general
1002.Va ifconfig_ Ns Aq Ar interface
1003setting.
1004Refer to
1005.Xr spppcontrol 8
1006for more information about available options.
1007.It Va ppp_enable
1008.Pq Vt bool
1009If set to
1010.Dq Li YES ,
1011run the
1012.Xr ppp 8
1013daemon.
1014.It Va ppp_mode
1015.Pq Vt str
1016Mode in which to run the
1017.Xr ppp 8
1018daemon.
1019Accepted modes are
1020.Dq Li auto ,
1021.Dq Li ddial ,
1022.Dq Li direct
1023and
1024.Dq Li dedicated .
1025See the manual for a full description.
1026.It Va ppp_nat
1027.Pq Vt bool
1028If set to
1029.Dq Li YES ,
1030enables network address translation.
1031Used in conjunction with
1032.Va gateway_enable
1033allows hosts on private network addresses access to the Internet using
1034this host as a network address translating router.
1035.It Va ppp_profile
1036.Pq Vt str
1037The name of the profile to use from
1038.Pa /etc/ppp/ppp.conf .
1039.It Va ppp_user
1040.Pq Vt str
1041The name of the user under which
1042.Xr ppp 8
1043should be started.
1044By
1045default,
1046.Xr ppp 8
1047is started as
1048.Dq Li root .
1049.It Va rc_conf_files
1050.Pq Vt str
1051This option is used to specify a list of files that will override
1052the settings in
1053.Pa /etc/defaults/rc.conf .
1054The files will be read in the order in which they are specified and should
1055include the full path to the file.
1056By default, the files specified are
1057.Pa /etc/rc.conf
1058and
1059.Pa /etc/rc.conf.local
1060.It Va gbde_autoattach_all
1061.Pq Vt bool
1062If set to
1063.Dq Li YES ,
1064.Pa /etc/rc.d/gbde
1065will attempt to automatically initialize your .bde devices in
1066.Pa /etc/fstab .
1067.It Va gbde_devices
1068.Pq Vt str
1069List the devices that the script should try to attach,
1070or
1071.Dq Li AUTO .
1072.It Va gbde_lockdir
1073.Pq Vt str
1074The directory where the
1075.Xr gbde 4
1076lockfiles are located.
1077The default lockfile directory is
1078.Pa /etc .
1079.Pp
1080The lockfile for each individual
1081.Xr gbde 4
1082device can be overridden by setting the variable
1083.Va gbde_lock_ Ns Aq Ar device ,
1084where
1085.Ar device
1086is the encrypted device without the
1087.Dq Pa /dev/
1088and
1089.Dq Pa .bde
1090parts.
1091.It Va gbde_attach_attempts
1092.Pq Vt int
1093Number of times to attempt attaching to a
1094.Xr gbde 4
1095device, i.e. how many times the user is asked for the pass-phrase.
1096Default is 3.
1097.It Va gbde_swap_enable
1098.Pq Vt bool
1099If set to
1100.Dq Li YES ,
1101any .bde swap devices listed in
1102.Pa /etc/fstab
1103will be initialized with a random, one-shot key.
1104Note that this makes recovery of kernel dumps impossible.
1105.It Va fsck_y_enable
1106.Pq Vt bool
1107If set to
1108.Dq Li YES ,
1109.Xr fsck 8
1110will be run with the
1111.Fl y
1112flag if the initial preen
1113of the file systems fails.
1114.It Va background_fsck
1115.Pq Vt bool
1116If set to
1117.Dq Li YES ,
1118the system will attempt to run
1119.Xr fsck 8
1120in the background where possible.
1121.It Va background_fsck_delay
1122.Pq Vt int
1123The amount of time in seconds to sleep before starting a background
1124.Xr fsck 8 .
1125It defaults to sixty seconds to allow large applications such as
1126the X server to start before disk I/O bandwidth is monopolized by
1127.Xr fsck 8 .
1128.It Va netfs_types
1129.Pq Vt str
1130List of file system types that are network-based.
1131This list should generally not be modified by end users.
1132Use
1133.Va extra_netfs_types
1134instead.
1135.It Va extra_netfs_types
1136.Pq Vt str
1137If set to something other than
1138.Dq Li NO
1139(the default),
1140this variable extends the list of file system types
1141for which automatic mounting at startup by
1142.Xr rc 8
1143should be delayed until the network is initialized.
1144It should contain
1145a whitespace-separated list of network file system descriptor pairs,
1146each consisting of a file system type as passed to
1147.Xr mount 8
1148and a human-readable, one-word description,
1149joined with a colon
1150.Pq Ql \&: .
1151Extending the default list in this way is only necessary
1152when third party file system types are used.
1153.It Va syslogd_enable
1154.Pq Vt bool
1155If set to
1156.Dq Li YES ,
1157run the
1158.Xr syslogd 8
1159daemon.
1160.It Va syslogd_program
1161.Pq Vt str
1162Path to
1163.Xr syslogd 8
1164(default
1165.Pa /usr/sbin/syslogd ) .
1166.It Va syslogd_flags
1167.Pq Vt str
1168If
1169.Va syslogd_enable
1170is set to
1171.Dq Li YES ,
1172these are the flags to pass to
1173.Xr syslogd 8 .
1174.It Va inetd_enable
1175.Pq Vt bool
1176If set to
1177.Dq Li YES ,
1178run the
1179.Xr inetd 8
1180daemon.
1181.It Va inetd_program
1182.Pq Vt str
1183Path to
1184.Xr inetd 8
1185(default
1186.Pa /usr/sbin/inetd ) .
1187.It Va inetd_flags
1188.Pq Vt str
1189If
1190.Va inetd_enable
1191is set to
1192.Dq Li YES ,
1193these are the flags to pass to
1194.Xr inetd 8 .
1195.It Va named_enable
1196.Pq Vt bool
1197If set to
1198.Dq Li YES ,
1199run the
1200.Xr named 8
1201daemon.
1202.It Va named_program
1203.Pq Vt str
1204Path to
1205.Xr named 8
1206(default
1207.Pa /usr/sbin/named ) .
1208.It Va named_flags
1209.Pq Vt str
1210If
1211.Va named_enable
1212is set to
1213.Dq Li YES ,
1214these are the flags to pass to
1215.Xr named 8 .
1216.It Va named_pidfile
1217.Pq Vt str
1218This is the default path to the
1219.Xr named 8
1220daemon's PID file.
1221Change it if you change the location in
1222.Xr named.conf 5 .
1223.It Va named_chrootdir
1224.Pq Vt str
1225The root directory for a name server run in a
1226.Xr chroot 8
1227environment.
1228If left empty
1229.Xr named 8
1230will not be run in a
1231.Xr chroot 8
1232environment.
1233This variable has no effect if
1234.Va named_rcng
1235is not enabled.
1236This variable is experimental.
1237It may be removed or changed in the near future.
1238.It Va named_chroot_autoupdate
1239.Pq Vt bool
1240Set to
1241.Dq Li NO
1242to disable automatic syncing of libraries and
1243other system files between the root file system and the
1244.Xr chroot 8 .
1245This variable has no effect if
1246.Va named_rcng
1247is not enabled.
1248This variable is experimental.
1249It may be removed or changed in the near future.
1250.It Va named_symlink_enable
1251.Pq Vt bool
1252Set to
1253.Dq Li NO
1254to disable symlinking of
1255.Va named_pidfile
1256and
1257.Pa /var/run/ndc
1258into the
1259.Xr chroot 8
1260environment in which
1261.Xr named 8
1262is running.
1263This variable has no effect if
1264.Va named_rcng
1265is not enabled.
1266This variable is experimental.
1267It may be removed or changed in the near future.
1268.It Va kerberos5_server_enable
1269.Pq Vt bool
1270Set to
1271.Dq Li YES
1272to start a Kerberos 5 authentication server
1273at boot time.
1274.It Va kerberos5_server
1275.Pq Vt str
1276If
1277.Va kerberos5_server_enable
1278is set to
1279.Dq Li YES
1280this is the path to Kerberos 5 Authentication Server.
1281.It Va kadmind5_server_enable
1282.Pq Vt bool
1283Set to
1284.Dq Li YES
1285to start
1286.Xr kadmind 8 ,
1287the Kerberos 5 Administration Daemon; set to
1288.Dq Li NO
1289on a slave server.
1290.It Va kadmind5_server
1291.Pq Vt str
1292If
1293.Va kadmind5_server_enable
1294is set to
1295.Dq Li YES
1296this is the path to Kerberos 5 Administration Daemon.
1297.It Va kpasswdd_server_enable
1298.Pq Vt bool
1299Set to
1300.Dq Li YES
1301to start
1302.Xr kpasswdd 8 ,
1303the Kerberos 5 Password-Changing Daemon; set to
1304.Dq Li NO
1305on a slave server.
1306.It Va kpasswdd_server
1307.Pq Vt str
1308If
1309.Va kpasswdd_server_enable
1310is set to
1311.Dq Li YES
1312this is the path to Kerberos 5 Password-Changing Daemon.
1313.It Va rwhod_enable
1314.Pq Vt bool
1315If set to
1316.Dq Li YES ,
1317run the
1318.Xr rwhod 8
1319daemon at boot time.
1320.It Va rwhod_flags
1321.Pq Vt str
1322If
1323.Va rwhod_enable
1324is set to
1325.Dq Li YES ,
1326these are the flags to pass to it.
1327.It Va amd_enable
1328.Pq Vt bool
1329If set to
1330.Dq Li YES ,
1331run the
1332.Xr amd 8
1333daemon at boot time.
1334.It Va amd_flags
1335.Pq Vt str
1336If
1337.Va amd_enable
1338is set to
1339.Dq Li YES ,
1340these are the flags to pass to it.
1341See the
1342.Xr amd 8
1343manpage for more information.
1344.It Va amd_map_program
1345.Pq Vt str
1346If set,
1347the specified program is run to get the list of
1348.Xr amd 8
1349maps.
1350For example, if the
1351.Xr amd 8
1352maps are stored in NIS, one can set this to
1353run
1354.Xr ypcat 1
1355to get a list of
1356.Xr amd 8
1357maps from the
1358.Pa amd.master
1359NIS map.
1360.It Va update_motd
1361.Pq Vt bool
1362If set to
1363.Dq Li YES ,
1364.Pa /etc/motd
1365will be updated at boot time to reflect the kernel release
1366being run.
1367If set to
1368.Dq Li NO ,
1369.Pa /etc/motd
1370will not be updated.
1371.It Va nfs_client_enable
1372.Pq Vt bool
1373If set to
1374.Dq Li YES ,
1375run the NFS client daemons at boot time.
1376.It Va nfs_access_cache
1377.Pq Vt int
1378If
1379.Va nfs_client_enable
1380is set to
1381.Dq Li YES ,
1382this can be set to
1383.Dq Li 0
1384to disable NFS ACCESS RPC caching, or to the number of seconds for which
1385NFS ACCESS
1386results should be cached.
1387A value of 2-10 seconds will substantially reduce network
1388traffic for many NFS operations.
1389.It Va nfs_server_enable
1390.Pq Vt bool
1391If set to
1392.Dq Li YES ,
1393run the NFS server daemons at boot time.
1394.It Va nfs_server_flags
1395.Pq Vt str
1396If
1397.Va nfs_server_enable
1398is set to
1399.Dq Li YES ,
1400these are the flags to pass to the
1401.Xr nfsd 8
1402daemon.
1403.It Va mountd_enable
1404.Pq Vt bool
1405If set to
1406.Dq Li YES ,
1407and no
1408.Va nfs_server_enable
1409is set, start
1410.Xr mountd 8 ,
1411but not
1412.Xr nfsd 8
1413daemon.
1414It is commonly needed to run CFS without real NFS used.
1415.It Va mountd_flags
1416.Pq Vt str
1417If
1418.Va mountd_enable
1419is set to
1420.Dq Li YES ,
1421these are the flags to pass to the
1422.Xr mountd 8
1423daemon.
1424.It Va weak_mountd_authentication
1425.Pq Vt bool
1426If set to
1427.Dq Li YES ,
1428allow services like PCNFSD to make non-privileged mount
1429requests.
1430.It Va nfs_reserved_port_only
1431.Pq Vt bool
1432If set to
1433.Dq Li YES ,
1434provide NFS services only on a secure port.
1435.It Va nfs_bufpackets
1436.Pq Vt int
1437If set to a number, indicates the number of packets worth of
1438socket buffer space to reserve on an NFS client.
1439The kernel default is typically 4.
1440Using a higher number may be
1441useful on gigabit networks to improve performance.
1442The minimum value is
14432 and the maximum is 64.
1444.It Va rpc_lockd_enable
1445.Pq Vt bool
1446If set to
1447.Dq Li YES
1448and also an NFS server, run
1449.Xr rpc.lockd 8
1450at boot time.
1451.It Va rpc_statd_enable
1452.Pq Vt bool
1453If set to
1454.Dq Li YES
1455and also an NFS server, run
1456.Xr rpc.statd 8
1457at boot time.
1458.It Va rpcbind_program
1459.Pq Vt str
1460Path to
1461.Xr rpcbind 8
1462(default
1463.Pa /usr/sbin/rpcbind ) .
1464.It Va rpcbind_enable
1465.Pq Vt bool
1466If set to
1467.Dq Li YES ,
1468run the
1469.Xr rpcbind 8
1470service at boot time.
1471.It Va rpcbind_flags
1472.Pq Vt str
1473If
1474.Va rpcbind_enable
1475is set to
1476.Dq Li YES ,
1477these are the flags to pass to the
1478.Xr rpcbind 8
1479daemon.
1480.It Va keyserv_enable
1481.Pq Vt bool
1482If set to
1483.Dq Li YES ,
1484run the
1485.Xr keyserv 8
1486daemon on boot for running Secure RPC.
1487.It Va keyserv_flags
1488.Pq Vt str
1489If
1490.Va keyserv_enable
1491is set to
1492.Dq Li YES ,
1493these are the flags to pass to
1494.Xr keyserv 8
1495daemon.
1496.It Va pppoed_enable
1497.Pq Vt bool
1498If set to
1499.Dq Li YES ,
1500run the
1501.Xr pppoed 8
1502daemon at boot time to provide PPP over Ethernet services.
1503.It Va pppoed_ Ns Ar provider
1504.Pq Vt str
1505.Xr pppoed 8
1506listens to requests to this
1507.Ar provider
1508and ultimately runs
1509.Xr ppp 8
1510with a
1511.Ar system
1512argument of the same name.
1513.It Va pppoed_flags
1514.Pq Vt str
1515Additional flags to pass to
1516.Xr pppoed 8 .
1517.It Va pppoed_interface
1518.Pq Vt str
1519The network interface to run
1520.Xr pppoed 8
1521on.
1522This is mandatory when
1523.Va pppoed_enable
1524is set to
1525.Dq Li YES .
1526.It Va timed_enable
1527.Pq Vt bool
1528If set to
1529.Dq Li YES ,
1530run the
1531.Xr timed 8
1532service at boot time.
1533This command is intended for networks of
1534machines where a consistent
1535.Dq "network time"
1536for all hosts must be established.
1537This is often useful in large NFS
1538environments where time stamps on files are expected to be consistent
1539network-wide.
1540.It Va timed_flags
1541.Pq Vt str
1542If
1543.Va timed_enable
1544is set to
1545.Dq Li YES ,
1546these are the flags to pass to the
1547.Xr timed 8
1548service.
1549.It Va ntpdate_enable
1550.Pq Vt bool
1551If set to
1552.Dq Li YES ,
1553run
1554.Xr ntpdate 8
1555at system startup.
1556This command is intended to
1557synchronize the system clock only
1558.Em once
1559from some standard reference.
1560An option to set this up initially
1561(from a list of known servers) is also provided by the
1562.Xr sysinstall 8
1563program when the system is first installed.
1564.It Va ntpdate_hosts
1565.Pq Vt str
1566A whitespace-separated list of NTP servers to synchronize with at startup.
1567The default is to use the servers listed in
1568.Pa /etc/ntp.conf ,
1569if that file exists.
1570.It Va ntpdate_program
1571.Pq Vt str
1572Path to
1573.Xr ntpdate 8
1574(default
1575.Pa /usr/sbin/ntpdate ) .
1576.It Va ntpdate_flags
1577.Pq Vt str
1578If
1579.Va ntpdate_enable
1580is set to
1581.Dq Li YES ,
1582these are the flags to pass to the
1583.Xr ntpdate 8
1584command (typically a hostname).
1585.It Va ntpd_enable
1586.Pq Vt bool
1587If set to
1588.Dq Li YES ,
1589run the
1590.Xr ntpd 8
1591command at boot time.
1592.It Va ntpd_program
1593.Pq Vt str
1594Path to
1595.Xr ntpd 8
1596(default
1597.Pa /usr/sbin/ntpd ) .
1598.It Va ntpd_flags
1599.Pq Vt str
1600If
1601.Va ntpd_enable
1602is set to
1603.Dq Li YES ,
1604these are the flags to pass to the
1605.Xr ntpd 8
1606daemon.
1607.It Va nis_client_enable
1608.Pq Vt bool
1609If set to
1610.Dq Li YES ,
1611run the
1612.Xr ypbind 8
1613service at system boot time.
1614.It Va nis_client_flags
1615.Pq Vt str
1616If
1617.Va nis_client_enable
1618is set to
1619.Dq Li YES ,
1620these are the flags to pass to the
1621.Xr ypbind 8
1622service.
1623.It Va nis_ypset_enable
1624.Pq Vt bool
1625If set to
1626.Dq Li YES ,
1627run the
1628.Xr ypset 8
1629daemon at system boot time.
1630.It Va nis_ypset_flags
1631.Pq Vt str
1632If
1633.Va nis_ypset_enable
1634is set to
1635.Dq Li YES ,
1636these are the flags to pass to the
1637.Xr ypset 8
1638daemon.
1639.It Va nis_server_enable
1640.Pq Vt bool
1641If set to
1642.Dq Li YES ,
1643run the
1644.Xr ypserv 8
1645daemon at system boot time.
1646.It Va nis_server_flags
1647.Pq Vt str
1648If
1649.Va nis_server_enable
1650is set to
1651.Dq Li YES ,
1652these are the flags to pass to the
1653.Xr ypserv 8
1654daemon.
1655.It Va nis_ypxfrd_enable
1656.Pq Vt bool
1657If set to
1658.Dq Li YES ,
1659run the
1660.Xr rpc.ypxfrd 8
1661daemon at system boot time.
1662.It Va nis_ypxfrd_flags
1663.Pq Vt str
1664If
1665.Va nis_ypxfrd_enable
1666is set to
1667.Dq Li YES ,
1668these are the flags to pass to the
1669.Xr rpc.ypxfrd 8
1670daemon.
1671.It Va nis_yppasswdd_enable
1672.Pq Vt bool
1673If set to
1674.Dq Li YES ,
1675run the
1676.Xr rpc.yppasswdd 8
1677daemon at system boot time.
1678.It Va nis_yppasswdd_flags
1679.Pq Vt str
1680If
1681.Va nis_yppasswdd_enable
1682is set to
1683.Dq Li YES ,
1684these are the flags to pass to the
1685.Xr rpc.yppasswdd 8
1686daemon.
1687.It Va rpc_ypupdated_enable
1688.Pq Vt bool
1689If set to
1690.Dq Li YES ,
1691run the
1692.Nm rpc.ypupdated
1693daemon at system boot time.
1694.It Va defaultrouter
1695.Pq Vt str
1696If not set to
1697.Dq Li NO ,
1698create a default route to this host name or IP address
1699(use an IP address if this router is also required to get to the
1700name server!).
1701.It Va ipv6_defaultrouter
1702.Pq Vt str
1703The IPv6 equivalent of
1704.Va defaultrouter .
1705.It Va static_routes
1706.Pq Vt str
1707Set to the list of static routes that are to be added at system
1708boot time.
1709If not set to
1710.Dq Li NO
1711then for each whitespace separated
1712.Ar element
1713in the value, a
1714.Va route_ Ns Aq Ar element
1715variable is assumed to exist
1716whose contents will later be passed to a
1717.Dq Nm route Cm add
1718operation.
1719For example:
1720.Bd -literal
1721static_routes="mcast gif0local"
1722route_mcast="-net 224.0.0.0/4 -iface gif0"
1723route_gif0local="-host 169.254.1.1 -iface lo0"
1724.Ed
1725.It Va ipv6_static_routes
1726.Pq Vt str
1727The IPv6 equivalent of
1728.Va static_routes .
1729If not set to
1730.Dq Li NO
1731then for each whitespace separated
1732.Ar element
1733in the value, a
1734.Va ipv6_route_ Ns Aq Ar element
1735variable is assumed to exist
1736whose contents will later be passed to a
1737.Dq Nm route Cm add Fl inet6
1738operation.
1739.It Va natm_static_routes
1740.Pq Vt str
1741The
1742.Xr natmip 4
1743equivalent of
1744.Va static_routes .
1745If not empty then for each whitespace separated
1746.Ar element
1747in the value, a
1748.Va route_ Ns Aq Ar element
1749variable is assumed to exist whose contents will later be passed to a
1750.Dq Nm atmconfig Cm natm Cm add
1751operation.
1752.It Va gateway_enable
1753.Pq Vt bool
1754If set to
1755.Dq Li YES ,
1756configure host to act as an IP router, e.g.\& to forward packets
1757between interfaces.
1758.It Va ipv6_gateway_enable
1759.Pq Vt bool
1760The IPv6 equivalent of
1761.Va gateway_enable .
1762.It Va router_enable
1763.Pq Vt bool
1764If set to
1765.Dq Li YES ,
1766run a routing daemon of some sort, based on the
1767settings of
1768.Va router
1769and
1770.Va router_flags .
1771.It Va ipv6_router_enable
1772.Pq Vt bool
1773The IPv6 equivalent of
1774.Va router_enable .
1775If set to
1776.Dq Li YES ,
1777run a routing daemon of some sort, based on the
1778settings of
1779.Va ipv6_router
1780and
1781.Va ipv6_router_flags .
1782.It Va router
1783.Pq Vt str
1784If
1785.Va router_enable
1786is set to
1787.Dq Li YES ,
1788this is the name of the routing daemon to use.
1789.It Va ipv6_router
1790.Pq Vt str
1791The IPv6 equivalent of
1792.Va router .
1793.It Va router_flags
1794.Pq Vt str
1795If
1796.Va router_enable
1797is set to
1798.Dq Li YES ,
1799these are the flags to pass to the routing daemon.
1800.It Va ipv6_router_flags
1801.Pq Vt str
1802The IPv6 equivalent of
1803.Va router_flags .
1804.It Va mrouted_enable
1805.Pq Vt bool
1806If set to
1807.Dq Li YES ,
1808run the multicast routing daemon,
1809.Xr mrouted 8 .
1810.It Va mroute6d_enable
1811.Pq Vt bool
1812The IPv6 equivalent of
1813.Va mrouted_enable .
1814If set to
1815.Dq Li YES ,
1816run the IPv6 multicast routing daemon.
1817Note that no IPv6 multicast routing daemon is included in the
1818.Fx
1819base system but
1820.Xr pim6dd 8
1821can be installed from the
1822.Fx
1823Ports Collection.
1824.It Va mrouted_flags
1825.Pq Vt str
1826If
1827.Va mrouted_enable
1828is set to
1829.Dq Li YES ,
1830these are the flags to pass to the
1831.Xr mrouted 8
1832daemon.
1833.It Va mroute6d_flags
1834.Pq Vt str
1835The IPv6 equivalent of
1836.Va mrouted_flags .
1837If
1838.Va mroute6d_enable
1839is set to
1840.Dq Li YES ,
1841these are the flags passed to the IPv6 multicast routing daemon.
1842.It Va mroute6d_program
1843.Pq Vt str
1844If
1845.Va mroute6d_enable
1846is set to
1847.Dq Li YES ,
1848this is the path to the IPv6 multicast routing daemon.
1849.It Va rtadvd_enable
1850.Pq Vt bool
1851If set to
1852.Dq Li YES ,
1853run the
1854.Xr rtadvd 8
1855daemon at boot time.
1856.Xr rtadvd 8
1857will only run if
1858.Va ipv6_gateway_enable
1859is also set to
1860.Dq Li YES .
1861The
1862.Xr rtadvd 8
1863utility sends router advertisement packets to the interfaces specified in
1864.Va rtadvd_interfaces
1865and should only be enabled with great care.
1866You may want to fine-tune
1867.Xr rtadvd.conf 5 .
1868.It Va rtadvd_interfaces
1869.Pq Vt str
1870If
1871.Va rtadvd_enable
1872is set to
1873.Dq Li YES
1874this is the list of interfaces to use.
1875.It Va ipxgateway_enable
1876.Pq Vt bool
1877If set to
1878.Dq Li YES ,
1879enable the routing of IPX traffic.
1880.It Va ipxrouted_enable
1881.Pq Vt bool
1882If set to
1883.Dq Li YES ,
1884run the
1885.Xr IPXrouted 8
1886daemon at system boot time.
1887.It Va ipxrouted_flags
1888.Pq Vt str
1889If
1890.Va ipxrouted_enable
1891is set to
1892.Dq Li YES ,
1893these are the flags to pass to the
1894.Xr IPXrouted 8
1895daemon.
1896.It Va arpproxy_all
1897.Pq Vt bool
1898If set to
1899.Dq Li YES ,
1900enable global proxy ARP.
1901.It Va forward_sourceroute
1902.Pq Vt bool
1903If set to
1904.Dq Li YES
1905and
1906.Va gateway_enable
1907is also set to
1908.Dq Li YES ,
1909source-routed packets are forwarded.
1910.It Va accept_sourceroute
1911.Pq Vt bool
1912If set to
1913.Dq Li YES ,
1914the system will accept source-routed packets directed at it.
1915.It Va rarpd_enable
1916.Pq Vt bool
1917If set to
1918.Dq Li YES ,
1919run the
1920.Xr rarpd 8
1921daemon at system boot time.
1922.It Va rarpd_flags
1923.Pq Vt str
1924If
1925.Va rarpd_enable
1926is set to
1927.Dq Li YES ,
1928these are the flags to pass to the
1929.Xr rarpd 8
1930daemon.
1931.It Va bootparamd_enable
1932.Pq Vt bool
1933If set to
1934.Dq Li YES ,
1935run the
1936.Xr bootparamd 8
1937daemon at system boot time.
1938.It Va bootparamd_flags
1939.Pq Vt str
1940If
1941.Va bootparamd_enable
1942is set to
1943.Dq Li YES ,
1944these are the flags to pass to the
1945.Xr bootparamd 8
1946daemon.
1947.It Va stf_interface_ipv4addr
1948.Pq Vt str
1949If not set to
1950.Dq Li NO ,
1951this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling
1952interface).
1953Specify this entry to enable the 6to4 interface.
1954.It Va stf_interface_ipv4plen
1955.Pq Vt int
1956Prefix length for 6to4 IPv4 addresses, to limit peer address range.
1957An effective value is 0-31.
1958.It Va stf_interface_ipv6_ifid
1959.Pq Vt str
1960IPv6 interface ID for
1961.Xr stf 4 .
1962This can be set to
1963.Dq Li AUTO .
1964.It Va stf_interface_ipv6_slaid
1965.Pq Vt str
1966IPv6 Site Level Aggregator for
1967.Xr stf 4 .
1968.It Va ipv6_faith_prefix
1969.Pq Vt str
1970If not set to
1971.Dq Li NO ,
1972this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP
1973translator.
1974You also need
1975.Xr faithd 8
1976setup.
1977.It Va ipv6_ipv4mapping
1978.Pq Vt bool
1979If set to
1980.Dq Li YES
1981this enables IPv4 mapped IPv6 address communication (like
1982.Li ::ffff:a.b.c.d ) .
1983.It Va atm_enable
1984.Pq Vt bool
1985Set to
1986.Dq Li YES
1987to enable the configuration of ATM interfaces at system boot time.
1988For all of the ATM variables described below, please refer to the
1989.Xr atm 8
1990man page for further details on the available command parameters.
1991Also refer to the files in
1992.Pa /usr/share/examples/atm
1993for more detailed configuration information.
1994.It Va atm_load
1995.Pq Vt str
1996This is a list of physical ATM interface drivers to load.
1997Typical values are
1998.Dq Li hfa_pci
1999and/or
2000.Dq Li hea_pci .
2001.It Va atm_netif_ Ns Aq Ar intf
2002.Pq Vt str
2003For the ATM physical interface
2004.Ar intf ,
2005this variable defines the name prefix and count for the ATM network
2006interfaces to be created.
2007The value will be passed as the parameters of an
2008.Dq Nm atm Cm "set netif" Ar intf
2009command.
2010.It Va atm_sigmgr_ Ns Aq Ar intf
2011.Pq Vt str
2012For the ATM physical interface
2013.Ar intf ,
2014this variable defines the ATM signalling manager to be used.
2015The value will be passed as the parameters of an
2016.Dq Nm atm Cm attach Ar intf
2017command.
2018.It Va atm_prefix_ Ns Aq Ar intf
2019.Pq Vt str
2020For the ATM physical interface
2021.Ar intf ,
2022this variable defines the NSAP prefix for interfaces using a UNI signalling
2023manager.
2024If set to
2025.Dq Li ILMI ,
2026the prefix will automatically be set via the
2027.Xr ilmid 8
2028daemon.
2029Otherwise, the value will be passed as the parameters of an
2030.Dq Nm atm Cm "set prefix" Ar intf
2031command.
2032.It Va atm_macaddr_ Ns Aq Ar intf
2033.Pq Vt str
2034For the ATM physical interface
2035.Ar intf ,
2036this variable defines the MAC address for interfaces using a UNI signalling
2037manager.
2038If set to
2039.Dq Li NO ,
2040the hardware MAC address contained in the ATM interface card will be used.
2041Otherwise, the value will be passed as the parameters of an
2042.Dq Nm atm Cm "set mac" Ar intf
2043command.
2044.It Va atm_arpserver_ Ns Aq Ar netif
2045.Pq Vt str
2046For the ATM network interface
2047.Ar netif ,
2048this variable defines the ATM address for a host which is to provide ATMARP
2049service.
2050This variable is only applicable to interfaces using a UNI signalling
2051manager.
2052If set to
2053.Dq Li local ,
2054this host will become an ATMARP server.
2055The value will be passed as the parameters of an
2056.Dq Nm atm Cm "set arpserver" Ar netif
2057command.
2058.It Va atm_scsparp_ Ns Aq Ar netif
2059.Pq Vt bool
2060If set to
2061.Dq Li YES ,
2062SCSP/ATMARP service for the network interface
2063.Ar netif
2064will be initiated using the
2065.Xr scspd 8
2066and
2067.Xr atmarpd 8
2068daemons.
2069This variable is only applicable if
2070.Va atm_arpserver_ Ns Aq Ar netif
2071is set to
2072.Dq Li local .
2073.It Va atm_pvcs
2074.Pq Vt str
2075Set to the list of ATM PVCs to be added at system
2076boot time.
2077For each whitespace separated
2078.Ar element
2079in the value, an
2080.Va atm_pvc_ Ns Aq Ar element
2081variable is assumed to exist.
2082The value of each of these variables
2083will be passed as the parameters of an
2084.Dq Nm atm Cm "add pvc"
2085command.
2086.It Va atm_arps
2087.Pq Vt str
2088Set to the list of permanent ATM ARP entries to be added
2089at system boot time.
2090For each whitespace separated
2091.Ar element
2092in the value, an
2093.Va atm_arp_ Ns Aq Ar element
2094variable is assumed to exist.
2095The value of each of these variables
2096will be passed as the parameters of an
2097.Dq Nm atm Cm "add arp"
2098command.
2099.It Va natm_interfaces
2100.Pq Vt str
2101Set to the list of
2102.Xr natm 4
2103interfaces that will also be used for HARP through
2104.Xr harp 4 .
2105If this list is not empty all interfaces in the list will be brought up
2106with
2107.Xr ifconfig 8
2108and
2109.Xr harp 4
2110will be loaded.
2111For this to work the interface drivers must be either compiled into the
2112kernel or must reside on the root partition.
2113.It Va keybell
2114.Pq Vt str
2115The keyboard bell sound.
2116Set to
2117.Dq Li normal ,
2118.Dq Li visual ,
2119.Dq Li off ,
2120or
2121.Dq Li NO
2122if the default behavior is desired.
2123For details, refer to the
2124.Xr kbdcontrol 1
2125manpage.
2126.It Va keyboard
2127.Pq Vt str
2128If set to a non-null string, the virtual console's keyboard input is
2129set to this device.
2130.It Va keymap
2131.Pq Vt str
2132If set to
2133.Dq Li NO ,
2134no keymap is installed, otherwise the value is used to install
2135the keymap file in
2136.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
2137.It Va keyrate
2138.Pq Vt str
2139The keyboard repeat speed.
2140Set to
2141.Dq Li slow ,
2142.Dq Li normal ,
2143.Dq Li fast ,
2144or
2145.Dq Li NO
2146if the default behavior is desired.
2147.It Va keychange
2148.Pq Vt str
2149If not set to
2150.Dq Li NO ,
2151attempt to program the function keys with the value.
2152The value should
2153be a single string of the form:
2154.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
2155.It Va cursor
2156.Pq Vt str
2157Can be set to the value of
2158.Dq Li normal ,
2159.Dq Li blink ,
2160.Dq Li destructive ,
2161or
2162.Dq Li NO
2163to set the cursor behavior explicitly or choose the default behavior.
2164.It Va scrnmap
2165.Pq Vt str
2166If set to
2167.Dq Li NO ,
2168no screen map is installed, otherwise the value is used to install
2169the screen map file in
2170.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
2171.It Va font8x16
2172.Pq Vt str
2173If set to
2174.Dq Li NO ,
2175the default 8x16 font value is used for screen size requests, otherwise
2176the value in
2177.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2178is used.
2179.It Va font8x14
2180.Pq Vt str
2181If set to
2182.Dq Li NO ,
2183the default 8x14 font value is used for screen size requests, otherwise
2184the value in
2185.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2186is used.
2187.It Va font8x8
2188.Pq Vt str
2189If set to
2190.Dq Li NO ,
2191the default 8x8 font value is used for screen size requests, otherwise
2192the value in
2193.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2194is used.
2195.It Va blanktime
2196.Pq Vt int
2197If set to
2198.Dq Li NO ,
2199the default screen blanking interval is used, otherwise it is set
2200to
2201.Ar value
2202seconds.
2203.It Va saver
2204.Pq Vt str
2205If not set to
2206.Dq Li NO ,
2207this is the actual screen saver to use
2208.Li ( blank , snake , daemon ,
2209etc).
2210.It Va moused_enable
2211.Pq Vt str
2212If set to
2213.Dq Li YES ,
2214the
2215.Xr moused 8
2216daemon is started for doing cut/paste selection on the console.
2217.It Va moused_type
2218.Pq Vt str
2219This is the protocol type of the mouse connected to this host.
2220This variable must be set if
2221.Va moused_enable
2222is set to
2223.Dq Li YES .
2224The
2225.Xr moused 8
2226daemon
2227is able to detect the appropriate mouse type automatically in many cases.
2228Set this variable to
2229.Dq Li auto
2230to let the daemon detect it, or
2231select one from the following list if the automatic detection fails.
2232.Pp
2233If the mouse is attached to the PS/2 mouse port, choose
2234.Dq Li auto
2235or
2236.Dq Li ps/2 ,
2237regardless of the brand and model of the mouse.
2238Likewise, if the
2239mouse is attached to the bus mouse port, choose
2240.Dq Li auto
2241or
2242.Dq Li busmouse .
2243All other protocols are for serial mice and will not work with
2244the PS/2 and bus mice.
2245If this is a USB mouse,
2246.Dq Li auto
2247is the only protocol type which will work.
2248.Pp
2249.Bl -tag -width ".Li x10mouseremote" -compact
2250.It Li microsoft
2251Microsoft mouse (serial)
2252.It Li intellimouse
2253Microsoft IntelliMouse (serial)
2254.It Li mousesystems
2255Mouse systems Corp.\& mouse (serial)
2256.It Li mmseries
2257MM Series mouse (serial)
2258.It Li logitech
2259Logitech mouse (serial)
2260.It Li busmouse
2261A bus mouse
2262.It Li mouseman
2263Logitech MouseMan and TrackMan (serial)
2264.It Li glidepoint
2265ALPS GlidePoint (serial)
2266.It Li thinkingmouse
2267Kensington ThinkingMouse (serial)
2268.It Li ps/2
2269PS/2 mouse
2270.It Li mmhittab
2271MM HitTablet (serial)
2272.It Li x10mouseremote
2273X10 MouseRemote (serial)
2274.It Li versapad
2275Interlink VersaPad (serial)
2276.El
2277.Pp
2278Even if the mouse is not in the above list, it may be compatible
2279with one in the list.
2280Refer to the man page for
2281.Xr moused 8
2282for compatibility information.
2283.Pp
2284It should also be noted that while this is enabled, any
2285other client of the mouse (such as an X server) should access
2286the mouse through the virtual mouse device,
2287.Pa /dev/sysmouse ,
2288and configure it as a
2289.Dq Li sysmouse
2290type mouse, since all
2291mouse data is converted to this single canonical format when
2292using
2293.Xr moused 8 .
2294If the client program does not support the
2295.Dq Li sysmouse
2296type,
2297specify the
2298.Dq Li mousesystems
2299type.
2300It is the second preferred type.
2301.It Va moused_port
2302.Pq Vt str
2303If
2304.Va moused_enable
2305is set to
2306.Dq Li YES ,
2307this is the actual port the mouse is on.
2308It might be
2309.Pa /dev/cuaa0
2310for a COM1 serial mouse,
2311.Pa /dev/psm0
2312for a PS/2 mouse or
2313.Pa /dev/mse0
2314for a bus mouse, for example.
2315.It Va moused_flags
2316.Pq Vt str
2317If
2318.Va moused_type
2319is set, these are the additional flags to pass to the
2320.Xr moused 8
2321daemon.
2322.It Va mousechar_start
2323.Pq Vt int
2324If set to
2325.Dq Li NO ,
2326the default mouse cursor character range
2327.Li 0xd0 Ns - Ns Li 0xd3
2328is used,
2329otherwise the range start is set
2330to
2331.Ar value
2332character, see
2333.Xr vidcontrol 1 .
2334Use if the default range is occupied in the language code table.
2335.It Va allscreens_flags
2336.Pq Vt str
2337If set,
2338.Xr vidcontrol 1
2339is run with these options for each of the virtual terminals
2340.Pq Pa /dev/ttyv* .
2341For example,
2342.Dq Fl m Cm on
2343will enable the mouse pointer on all virtual terminals
2344if
2345.Va moused_enable
2346is set to
2347.Dq Li YES .
2348.It Va allscreens_kbdflags
2349.Pq Vt str
2350If set,
2351.Xr kbdcontrol 1
2352is run with these options for each of the virtual terminals
2353.Pq Pa /dev/ttyv* .
2354For example,
2355.Dq Fl h Li 200
2356will set the
2357.Xr syscons 4
2358scrollback (history) buffer to 200 lines.
2359.It Va cron_enable
2360.Pq Vt bool
2361If set to
2362.Dq Li YES ,
2363run the
2364.Xr cron 8
2365daemon at system boot time.
2366.It Va cron_program
2367.Pq Vt str
2368Path to
2369.Xr cron 8
2370(default
2371.Pa /usr/sbin/cron ) .
2372.It Va cron_flags
2373.Pq Vt str
2374If
2375.Va cron_enable
2376is set to
2377.Dq Li YES ,
2378these are the flags to pass to
2379.Xr cron 8 .
2380.It Va cron_dst
2381.Pq Vt bool
2382If set to
2383.Dq Li YES ,
2384enable the special handling of transitions to and from the
2385Daylight Saving Time in
2386.Xr cron 8
2387(equivalent to using the flag
2388.Fl s ) .
2389.It Va lpd_program
2390.Pq Vt str
2391Path to
2392.Xr lpd 8
2393(default
2394.Pa /usr/sbin/lpd ) .
2395.It Va lpd_enable
2396.Pq Vt bool
2397If set to
2398.Dq Li YES ,
2399run the
2400.Xr lpd 8
2401daemon at system boot time.
2402.It Va lpd_flags
2403.Pq Vt str
2404If
2405.Va lpd_enable
2406is set to
2407.Dq Li YES ,
2408these are the flags to pass to the
2409.Xr lpd 8
2410daemon.
2411.It Va mta_start_script
2412.Pq Vt str
2413This variable specifies the full path to the script to run to start
2414a mail transfer agent.
2415The default is
2416.Pa /etc/rc.sendmail .
2417The
2418.Va sendmail_*
2419variables which
2420.Pa /etc/rc.sendmail
2421uses are documented in the
2422.Xr rc.sendmail 8
2423man page.
2424.It Va dumpdev
2425.Pq Vt str
2426Indicates the device (usually a swap partition) to which a crash dump
2427should be written in the event of a system crash.
2428The value of this variable is passed as the argument to
2429.Xr dumpon 8 .
2430To disable crash dumps, set this variable to
2431.Dq Li NO .
2432.It Va dumpdir
2433.Pq Vt str
2434When the system reboots after a crash and a crash dump is found on the
2435device specified by the
2436.Va dumpdev
2437variable,
2438.Xr savecore 8
2439will save that crash dump and a copy of the kernel to the directory
2440specified by the
2441.Va dumpdir
2442variable.
2443The default value is
2444.Pa /var/crash .
2445Set to
2446.Dq Li NO
2447to not run
2448.Xr savecore 8
2449at boot time when
2450.Va dumpdir
2451is set.
2452.It Va savecore_flags
2453.Pq Vt str
2454If crash dumps are enabled, these are the flags to pass to the
2455.Xr savecore 8
2456utility.
2457.It Va enable_quotas
2458.Pq Vt bool
2459Set to
2460.Dq Li YES
2461to turn on user disk quotas on system startup via the
2462.Xr quotaon 8
2463command.
2464.It Va check_quotas
2465.Pq Vt bool
2466Set to
2467.Dq Li YES
2468to enable user disk quota checking via the
2469.Xr quotacheck 8
2470command.
2471.It Va accounting_enable
2472.Pq Vt bool
2473Set to
2474.Dq Li YES
2475to enable system accounting through the
2476.Xr accton 8
2477facility.
2478.It Va ibcs2_enable
2479.Pq Vt bool
2480Set to
2481.Dq Li YES
2482to enable iBCS2 (SCO) binary emulation at system initial boot
2483time.
2484.It Va ibcs2_loaders
2485.Pq Vt str
2486If not set to
2487.Dq Li NO
2488and if
2489.Va ibcs2_enable
2490is set to
2491.Dq Li YES ,
2492this specifies a list of additional iBCS2 loaders to enable.
2493.It Va linux_enable
2494.Pq Vt bool
2495Set to
2496.Dq Li YES
2497to enable Linux/ELF binary emulation at system initial
2498boot time.
2499.It Va osf1_enable
2500.Pq Vt bool
2501Set to
2502.Dq Li YES
2503to enable OSF/1 (Digital UNIX) binary emulation at system
2504initial boot time.
2505(alpha)
2506.It Va svr4_enable
2507.Pq Vt bool
2508If set to
2509.Dq Li YES ,
2510enable SysVR4 emulation at boot time.
2511.It Va sysvipc_enable
2512.Pq Vt bool
2513If set to
2514.Dq Li YES ,
2515load System V IPC primitives at boot time.
2516.It Va clear_tmp_enable
2517.Pq Vt bool
2518Set to
2519.Dq Li YES
2520to have
2521.Pa /tmp
2522cleaned at startup.
2523.It Va ldconfig_paths
2524.Pq Vt str
2525Set to the list of shared library paths to use with
2526.Xr ldconfig 8 .
2527NOTE:
2528.Pa /usr/lib
2529will always be added first, so it need not appear in this list.
2530.It Va ldconfig_paths_aout
2531.Pq Vt str
2532Set to the list of shared library paths to use with
2533.Xr ldconfig 8
2534legacy
2535.Xr a.out 5
2536support.
2537.It Va ldconfig_insecure
2538.Pq Vt bool
2539The
2540.Xr ldconfig 8
2541utility normally refuses to use directories
2542which are writable by anyone except root.
2543Set this variable to
2544.Dq Li YES
2545to disable that security check during system startup.
2546.It Va kern_securelevel_enable
2547.Pq Vt bool
2548Set to
2549.Dq Li YES
2550to set the kernel security level at system startup.
2551.It Va kern_securelevel
2552.Pq Vt int
2553The kernel security level to set at startup.
2554The allowed range of
2555.Ar value
2556ranges from \-1 (the compile time default) to 3 (the
2557most secure).
2558See
2559.Xr init 8
2560for the list of possible security levels and their effect
2561on system operation.
2562.It Va lomac_enable
2563.Pq Vt bool
2564Set to
2565.Dq Li YES
2566to enable Low Watermark Mandatory Access Control (LOMAC) at boot time.
2567This security model enforces integrity constraints for system processes;
2568see
2569.Xr lomac 4
2570for a complete description of the LOMAC model, as well as its impact
2571on system operation.
2572.It Va start_vinum
2573.Pq Vt bool
2574Set to
2575.Dq Li YES
2576to start
2577.Xr vinum 8
2578at system boot time.
2579.It Va sshd_program
2580.Pq Vt str
2581Path to the SSH server program
2582.Pa ( /usr/sbin/sshd
2583is the default).
2584.It Va sshd_enable
2585.Pq Vt bool
2586Set to
2587.Dq Li YES
2588to start
2589.Xr sshd 8
2590at system boot time.
2591.It Va sshd_flags
2592.Pq Vt str
2593If
2594.Va sshd_enable
2595is set to
2596.Dq Li YES ,
2597these are the flags to pass to the
2598.Xr sshd 8
2599daemon.
2600.It Va usbd_enable
2601.Pq Vt bool
2602If set to
2603.Dq Li YES ,
2604run the
2605.Xr usbd 8
2606daemon at boot time.
2607.It Va usbd_flags
2608.Pq Vt str
2609If
2610.Va usbd_enable
2611is set to
2612.Dq Li YES ,
2613these are the flags passed to the
2614.Xr usbd 8
2615daemon.
2616.It Va watchdogd_enable
2617.Pq Vt bool
2618If set to
2619.Dq Li YES ,
2620start the
2621.Xr watchdogd 8
2622daemon at boot time.
2623This requires that the kernel have been compiled with a
2624.Xr watchdog 4
2625compatible device.
2626.It Va watchdogd_flags
2627.Pq Vt str
2628If
2629.Va watchdogd_enable
2630is set to
2631.Dq Li YES ,
2632these are the flags passed to the
2633.Xr watchdogd 8
2634daemon.
2635.It Va jail_enable
2636.Pq Vt bool
2637If set to
2638.Dq Li NO ,
2639any configured jails will not be started.
2640.It Va jail_list
2641.Pq Vt str
2642A space separated list of names for jails.
2643This is purely a configuration aid to help identify and
2644configure multiple jails.
2645The names specified in this list will be used to
2646identify settings common to an instance of a jail.
2647Assuming that the jail in question was named
2648.Li vjail ,
2649you would have the following dependant variables:
2650.Bd -literal
2651jail_vjail_hostname="jail.example.com"
2652jail_vjail_ip="192.168.1.100"
2653jail_vjail_rootdir="/var/jails/vjail/root"
2654jail_vjail_exec="/bin/sh /etc/rc"
2655.Ed
2656.Pp
2657The last one is optional.
2658It defaults to
2659.Pa /etc/rc
2660if it is not set.
2661.It Va jail_set_hostname_allow
2662.Pq Vt bool
2663If set to
2664.Dq Li NO ,
2665do not allow the root user in a jail to set its hostname.
2666.It Va jail_socket_unixiproute_only
2667.Pq Vt bool
2668If set to
2669.Dq Li NO ,
2670do not allow any protocol,
2671besides TCP/IP,
2672to be used within a jail.
2673.It Va jail_sysvipc_allow
2674.Pq Vt bool
2675If set to
2676.Dq Li YES ,
2677allow applications within a jail to use System V IPC.
2678.It Va unaligned_print
2679.Pq Vt bool
2680If set to
2681.Dq Li NO ,
2682unaligned access warnings will not be printed.
2683(alpha)
2684.\" ----- isdn settings ---------------------------------
2685.It Va isdn_enable
2686.Pq Vt bool
2687Set to
2688.Dq Li NO
2689by default.
2690When set to
2691.Dq Li YES ,
2692starts the
2693.Xr isdnd 8
2694daemon
2695at system boot time.
2696.It Va isdn_flags
2697.Pq Vt str
2698Set to
2699.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9
2700by default.
2701Additional flags to pass to
2702.Xr isdnd 8
2703(but see
2704.Va isdn_fsdev
2705and
2706.Va isdn_ttype
2707for certain tunable parameters).
2708.It Va isdn_ttype
2709.Pq Vt str
2710Set to
2711.Dq Li cons25
2712by default.
2713The terminal type of the output device when
2714.Xr isdnd 8
2715operates in full-screen mode.
2716.It Va isdn_screenflags
2717.Pq Vt str
2718Set to
2719.Dq Li NO
2720by default.
2721The video mode for full-screen mode (only for
2722.Xr syscons 4
2723console driver, see
2724.Xr vidcontrol 1
2725for valid modes).
2726.It Va isdn_fsdev
2727.Pq Vt str
2728Set to
2729.Dq Li NO
2730by default.
2731The output device for
2732.Xr isdnd 8
2733in full-screen mode (or
2734.Dq Li NO
2735for daemon mode).
2736.It Va isdn_trace
2737.Pq Vt bool
2738Set to
2739.Dq Li NO
2740by default.
2741When set to
2742.Dq Li YES ,
2743enables the ISDN protocol trace utility
2744.Xr isdntrace 8
2745at system boot time.
2746.It Va isdn_traceflags
2747.Pq Vt str
2748Set to
2749.Dq Fl f Pa /var/tmp/isdntrace0
2750by default.
2751Flags for
2752.Xr isdntrace 8 .
2753.\" -----------------------------------------------------
2754.It Va pcvt_verbose
2755.Pq Vt bool
2756Set to
2757.Dq Li NO
2758by default.
2759When set to
2760.Dq Li YES ,
2761verbose messages about the actions done by the start script are displayed.
2762.Em Note :
2763the
2764.Xr pcvt 4
2765driver must be compiled into the kernel before the
2766.Xr pcvt 4
2767related
2768options described here take any effect.
2769.It Va pcvt_keymap
2770.Pq Vt str
2771Set to
2772.Dq Li NO
2773by default.
2774Use this to configure a national keyboard mapping found in the
2775.Pa /usr/share/misc/keycap.pcvt
2776file of keyboard mappings.
2777(See also the manual pages
2778.Xr keycap 5
2779and
2780.Xr keycap 3
2781for usage of
2782.Xr pcvt 4 Ns 's
2783keycap database and the manual page
2784.Xr kcon 1
2785option
2786.Fl m
2787for national keyboard mapping configuration.)
2788.It Va pcvt_keydel
2789.Pq Vt int
2790Set to
2791.Dq Li NO
2792by default.
2793Used to set the keyboard key repeat delay value.
2794Valid values are
2795in the range 0..3 for delay values of 250, 500, 750 and 1000 msec.
2796(See also the
2797.Xr kcon 1
2798manual page.)
2799.It Va pcvt_keyrate
2800.Pq Vt int
2801Set to
2802.Dq Li NO
2803by default.
2804Used to set the keyboard key repetition rate value.
2805Valid values are
2806in the range 0..31 for repetition values of 2..30 characters per second.
2807.It Va pcvt_keyrepeat
2808.Pq Vt bool
2809Set to
2810.Dq Li NO
2811by default.
2812Set to
2813.Dq Li YES
2814to enable automatic keyboard key repeating.
2815.It Va pcvt_force24
2816.Pq Vt bool
2817Set to
2818.Dq Li NO
2819by default.
2820Set to
2821.Dq Li YES
2822to force
2823.Xr pcvt 4
2824to use 24 lines only (in 25 lines mode) for compatibility
2825with the original
2826.Tn VT220
2827terminal.
2828.It Va pcvt_hpext
2829.Pq Vt bool
2830Set to
2831.Dq Li NO
2832by default.
2833Set to
2834.Dq Li YES
2835to enable the display and functionality of function key labels (as found
2836on
2837.Tn Hewlett-Packard
2838terminals such as the
2839.Tn HP2392A
2840and the
2841.Tn HP700/92
2842in
2843.Tn ANSI
2844mode).
2845.It Va pcvt_lines
2846.Pq Vt int
2847Set to
2848.Dq Li NO
2849by default resulting in a value of 25.
2850Used to set the number of lines on the screen.
2851For VGA displays, valid
2852values are 25, 28, 40 and 50 lines.
2853(See also the
2854.Xr scon 1
2855manual page.)
2856.It Va pcvt_blanktime
2857.Pq Vt int
2858Set to
2859.Dq Li NO
2860by default.
2861Used to set the screen saver timeout in seconds for values greater than
2862zero.
2863.It Va pcvt_cursorh
2864.Pq Vt int
2865Set to
2866.Dq Li NO
2867by default.
2868Used to set the cursor top scanline.
2869(See also the
2870.Xr cursor 1
2871manual page.)
2872.It Va pcvt_cursorl
2873.Pq Vt int
2874Set to
2875.Dq Li NO
2876by default.
2877Used to set the cursor bottom scanline.
2878.It Va pcvt_monohigh
2879.Pq Vt bool
2880Set to
2881.Dq Li NO
2882by default.
2883Set to
2884.Dq Li YES
2885to set intensity to high on monochrome monitors.
2886(See also the
2887.Xr scon 1
2888manual page, option
2889.Fl p ,
2890for more information on changing VGA palette
2891values.)
2892.It Va harvest_interrupt
2893.Pq Vt bool
2894Set to
2895.Dq Li YES
2896to use hardware interrupts as an entropy source.
2897Refer to
2898.Xr random 4
2899for more information.
2900.It Va harvest_ethernet
2901.Pq Vt bool
2902Set to
2903.Dq Li YES
2904to use LAN traffic as an entropy source.
2905Refer to
2906.Xr random 4
2907for more information.
2908.It Va harvest_p_to_p
2909.Pq Vt bool
2910Set to
2911.Dq Li YES
2912to use serial line traffic as an entropy source.
2913Refer to
2914.Xr random 4
2915for more information.
2916.It Va entropy_dir
2917.Pq Vt str
2918Set to
2919.Dq Li NO
2920to disable caching entropy via
2921.Xr cron 8 .
2922Otherwise set to the directory used to store entropy files in.
2923.It Va entropy_file
2924.Pq Vt str
2925Set to
2926.Dq Li NO
2927to disable caching entropy through reboots.
2928Otherwise set to the filename used to store cached entropy through
2929reboots.
2930This file should be located on the root file system to seed the
2931.Xr random 4
2932device as early as possible in the boot process.
2933.It Va entropy_save_sz
2934.Pq Vt int
2935Size of the entropy cache files saved by
2936.Nm save-entropy
2937periodically.
2938.It Va entropy_save_num
2939.Pq Vt int
2940Number of entropy cache files to save by
2941.Nm save-entropy
2942periodically.
2943.It Va ipsec_enable
2944.Pq Vt bool
2945Set to
2946.Dq Li YES
2947to run
2948.Xr setkey 8
2949on
2950.Va ipsec_file
2951at boot time.
2952.It Va ipsec_file
2953.Pq Vt str
2954Configuration file for
2955.Xr setkey 8 .
2956.It Va dmesg_enable
2957.Pq Vt bool
2958Set to
2959.Dq Li YES
2960to save
2961.Xr dmesg 8
2962to
2963.Pa /var/run/dmesg.boot
2964on boot.
2965.It Va rcshutdown_timeout
2966.Pq Vt int
2967If set, start a watchdog timer in the background which will terminate
2968.Pa rc.shutdown
2969if
2970.Xr shutdown 8
2971has not completed within the specified time (in seconds).
2972.It Va virecover_enable
2973.Pq Vt bool
2974Set to
2975.Dq Li NO
2976to prevent the system from trying to
2977recover pre-maturely terminated
2978.Xr vi 1
2979sessions.
2980.It Va ramdisk_units
2981.Pq Vt str
2982A list of one or more ramdisk units to configure with
2983.Xr mdconfig 8
2984and
2985.Xr newfs 8
2986in time to be mounted from
2987.Xr fstab 5 .
2988Each listed unit
2989.Ar X
2990must specify at least a
2991.Ar type
2992in a
2993.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config
2994variable.
2995.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config
2996.Pq Vt str
2997Arguments to
2998.Xr mdconfig 8
2999for ramdisk
3000.Ar X .
3001At minimum a
3002.Fl t Ar type
3003must be specified, where
3004.Ar type
3005must be one of
3006.Cm malloc
3007or
3008.Cm swap .
3009.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs
3010.Pq Vt str
3011Optional arguments passed to
3012.Xr newfs 8
3013to initialize ramdisk
3014.Ar X .
3015.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner
3016.Pq Vt str
3017An ownership specification passed to
3018.Xr chown 8
3019after the specified ramdisk unit
3020.Ar X
3021has been mounted.
3022Both the
3023.Xr md 4
3024device and the mount point will be changed.
3025.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms
3026.Pq Vt str
3027A mode string passed to
3028.Xr chmod 1
3029after the specified ramdisk unit
3030.Ar X
3031has been mounted.
3032Both the
3033.Xr md 4
3034device and the mount point will be changed.
3035.El
3036.Sh FILES
3037.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
3038.It Pa /etc/defaults/rc.conf
3039.It Pa /etc/rc.conf
3040.It Pa /etc/rc.conf.local
3041.El
3042.Sh SEE ALSO
3043.Xr catman 1 ,
3044.Xr chmod 1 ,
3045.Xr gdb 1 ,
3046.Xr info 1 ,
3047.Xr kbdcontrol 1 ,
3048.Xr makewhatis 1 ,
3049.Xr vi 1 ,
3050.Xr vidcontrol 1 ,
3051.Xr ip 4 ,
3052.Xr kld 4 ,
3053.Xr tcp 4 ,
3054.Xr udp 4 ,
3055.Xr exports 5 ,
3056.Xr motd 5 ,
3057.Xr newsyslog.conf 5 ,
3058.Xr accton 8 ,
3059.Xr amd 8 ,
3060.Xr apm 8 ,
3061.Xr atm 8 ,
3062.Xr chown 8 ,
3063.Xr cron 8 ,
3064.Xr dhclient 8 ,
3065.Xr ifconfig 8 ,
3066.Xr inetd 8 ,
3067.Xr isdnd 8 ,
3068.Xr isdntrace 8 ,
3069.Xr kldxref 8 ,
3070.Xr lpd 8 ,
3071.Xr mdconfig 8 ,
3072.Xr mountd 8 ,
3073.Xr moused 8 ,
3074.Xr mrouted 8 ,
3075.Xr named 8 ,
3076.Xr newfs 8 ,
3077.Xr nfsd 8 ,
3078.Xr ntpd 8 ,
3079.Xr ntpdate 8 ,
3080.Xr pcnfsd 8 ,
3081.Xr quotacheck 8 ,
3082.Xr quotaon 8 ,
3083.Xr rc 8 ,
3084.Xr rc.sendmail 8 ,
3085.Xr route 8 ,
3086.Xr routed 8 ,
3087.Xr rpcbind 8 ,
3088.Xr rpc.lockd 8 ,
3089.Xr rpc.statd 8 ,
3090.Xr rwhod 8 ,
3091.Xr savecore 8 ,
3092.Xr sshd 8 ,
3093.Xr swapon 8 ,
3094.Xr sysctl 8 ,
3095.Xr syslogd 8 ,
3096.Xr timed 8 ,
3097.Xr usbd 8 ,
3098.Xr vinum 8 ,
3099.Xr yp 8 ,
3100.Xr ypbind 8 ,
3101.Xr ypserv 8 ,
3102.Xr ypset 8
3103.Sh HISTORY
3104The
3105.Nm
3106file appeared in
3107.Fx 2.2.2 .
3108.Sh AUTHORS
3109.An Jordan K. Hubbard .
3110