1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd May 29, 2006 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Li name=value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va early_late_divider 99.Pq Vt str 100The name of the script that should be used as the 101delimiter between the 102.Dq early 103and 104.Dq late 105stages of the boot process. 106The early stage should contain all the services needed to 107get the disks (local or remote) mounted so that the late 108stage can include scripts contained in the directories 109listed in the 110.Va local_startup 111variable (see below). 112Thus, the two likely candidates for this value are 113mountcritlocal for the typical system, 114and mountcritremote if the system needs remote file 115systems mounted to get access to the 116.Va local_startup 117directories; for example when 118.Pa /usr/local 119is NFS mounted. 120For 121.Pa rc.conf 122within a 123.Xr jail 8 124NETWORKING is likely to be an appropriate value. 125Extreme care should be taken when changing this value, 126and before changing it one should ensure that there are 127adequate provisions to recover from a failed boot 128(such as physical contact with the machine, 129or reliable remote console access). 130.It Va swapfile 131.Pq Vt str 132If set to 133.Dq Li NO , 134no swapfile is installed, otherwise the value is used as the full 135pathname to a file to use for additional swap space. 136.It Va apm_enable 137.Pq Vt bool 138If set to 139.Dq Li YES , 140enable support for Automatic Power Management with 141the 142.Xr apm 8 143command. 144.It Va apmd_enable 145.Pq Vt bool 146Run 147.Xr apmd 8 148to handle APM event from userland. 149This also enables support for APM. 150.It Va apmd_flags 151.Pq Vt str 152If 153.Va apmd_enable 154is set to 155.Dq Li YES , 156these are the flags to pass to the 157.Xr apmd 8 158daemon. 159.It Va devd_enable 160.Pq Vt bool 161Run 162.Xr devd 8 163to handle device added, removed or unknown events from the kernel. 164.It Va kldxref_enable 165.Pq Vt bool 166Set to 167.Dq Li NO 168by default. 169Set to 170.Dq Li YES 171to automatically rebuild 172.Pa linker.hints 173files with 174.Xr kldxref 8 175at boot time. 176.It Va kldxref_clobber 177.Pq Vt bool 178Set to 179.Dq Li NO 180by default. 181If 182.Va kldxref_enable 183is true, 184setting to 185.Dq Li YES 186will overwrite existing 187.Pa linker.hints 188files at boot time. 189Otherwise, 190only missing 191.Pa linker.hints 192files are generated. 193.It Va kldxref_module_path 194.Pq Vt str 195Empty by default. 196A semi-colon 197.Pq Ql \&; 198delimited list of paths containing 199.Xr kld 4 200modules. 201If empty, 202the contents of the 203.Va kern.module_path 204.Xr sysctl 8 205are used. 206.It Va powerd_enable 207.Pq Vt bool 208If set to 209.Dq Li YES , 210enable the system power control facility with the 211.Xr powerd 8 212daemon. 213.It Va powerd_flags 214.Pq Vt str 215If 216.Va powerd_enable 217is set to 218.Dq Li YES , 219these are the flags to pass to the 220.Xr powerd 8 221daemon. 222.It Va tmpmfs 223Controls the creation of a 224.Pa /tmp 225memory file system. 226Always happens if set to 227.Dq Li YES 228and never happens if set to 229.Dq Li NO . 230If set to anything else, a memory file system is created if 231.Pa /tmp 232is not writable. 233.It Va tmpsize 234Controls the size of a created 235.Pa /tmp 236memory file system. 237.It Va tmpmfs_flags 238Extra options passed to the 239.Xr mdmfs 8 240utility when the memory file system for 241.Pa /tmp 242is created. 243The default is 244.Dq Li "-S -M" , 245which inhibits the use of softupdates on 246.Pa /tmp 247to waste as little space as possible 248and creates a pure memory backed disk, which will never be swapped out, 249for maximum performance and system stability at low memory conditions. 250See 251.Xr mdmfs 8 252for other options you can use in 253.Va tmpmfs_flags . 254.It Va varmfs 255Controls the creation of a 256.Pa /var 257memory file system. 258Always happens if set to 259.Dq Li YES 260and never happens if set to 261.Dq Li NO . 262If set to anything else, a memory file system is created if 263.Pa /var 264is not writable. 265.It Va varsize 266Controls the size of a created 267.Pa /var 268memory file system. 269.It Va varmfs_flags 270Extra options passed to the 271.Xr mdmfs 8 272utility when the memory file system for 273.Pa /var 274is created. 275The default is 276.Dq Li "-S -M" , 277which inhibits the use of softupdates on 278.Pa /var 279to waste as little space as possible 280and creates a pure memory backed disk, which will never be swapped out, 281for maximum performance and system stability at low memory conditions. 282See 283.Xr mdmfs 8 284for other options you can use in 285.Va varmfs_flags . 286.It Va populate_var 287Controls the automatic population of the 288.Pa /var 289file system. 290Always happens if set to 291.Dq Li YES 292and never happens if set to 293.Dq Li NO . 294If set to anything else, a memory file system is created if 295.Pa /var 296is not writable. 297Note that this process requires access to certain commands in 298.Pa /usr 299before 300.Pa /usr 301is mounted on normal systems. 302.It Va cleanvar_enable 303.Pq Vt bool 304Clean the 305.Pa /var 306directory. 307.It Va local_startup 308.Pq Vt str 309List of directories to search for startup script files. 310.It Va script_name_sep 311.Pq Vt str 312The field separator to use for breaking down the list of startup script files 313into individual filenames. 314The default is a space. 315It is not necessary to change this unless there are startup scripts with names 316containing spaces. 317.It Va hostapd_enable 318.Pq Vt bool 319Set to 320.Dq Li YES 321to start 322.Xr hostapd 8 323at system boot time. 324.It Va hostname 325.Pq Vt str 326The fully qualified domain name (FQDN) of this host on the network. 327This should almost certainly be set to something meaningful, even if 328there is no network connection. 329If 330.Xr dhclient 8 331is used to set the hostname via DHCP, 332this variable should be set to an empty string. 333.It Va ipv6_enable 334.Pq Vt bool 335Enable support for IPv6 networking. 336Note that this requires that the kernel has been compiled with 337.Cd "options INET6" . 338.It Va nisdomainname 339.Pq Vt str 340The NIS domain name of this host, or 341.Dq Li NO 342if NIS is not used. 343.It Va dhclient_program 344.Pq Vt str 345Path to the DHCP client program 346.Pa ( /sbin/dhclient , 347the 348.Ox 349DHCP client, 350is the default). 351.It Va dhclient_flags 352.Pq Vt str 353Additional flags to pass to the DHCP client program. 354For the 355.Ox 356DHCP client, see the 357.Xr dhclient 8 358manpage for a description of the command line options available. 359.It Va background_dhclient 360.Pq Vt bool 361Set to 362.Dq Li YES 363to start the DHCP client in background. 364This can cause trouble with applications depending on 365a working network, but it will provide a faster startup 366in many cases. 367.It Va synchronous_dhclient 368.Pq Bt bool 369Set to 370.Dq Li NO 371to start 372.Xr dhclient 8 373only in response to interface events and not synchronously at startup. 374This behavior can be overridden on a per-interface basis by replacing 375the 376.Dq Li DHCP 377keyword in the 378.Va ifconfig_ Ns Aq Ar interface 379variable with 380.Dq Li SYNCDHCP 381or 382.Dq Li NOSYNCDHCP . 383.It Va firewall_enable 384.Pq Vt bool 385Set to 386.Dq Li YES 387to load firewall rules at startup. 388If the kernel was not built with 389.Cd "options IPFIREWALL" , 390the 391.Pa ipfw.ko 392kernel module will be loaded. 393See also 394.Va ipfilter_enable . 395.It Va ipv6_firewall_enable 396.Pq Vt bool 397The IPv6 equivalent of 398.Va firewall_enable . 399Set to 400.Dq Li YES 401to load IPv6 firewall rules at startup. 402If the kernel was not built with 403.Cd "options IPV6FIREWALL" , 404the 405.Pa ipfw.ko 406kernel module will be loaded. 407.It Va firewall_script 408.Pq Vt str 409This variable specifies the full path to the firewall script to run. 410The default is 411.Pa /etc/rc.firewall . 412.It Va ipv6_firewall_script 413.Pq Vt str 414The IPv6 equivalent of 415.Va firewall_script . 416.It Va firewall_type 417.Pq Vt str 418Names the firewall type from the selection in 419.Pa /etc/rc.firewall , 420or the file which contains the local firewall ruleset. 421Valid selections from 422.Pa /etc/rc.firewall 423are: 424.Pp 425.Bl -tag -width ".Li simple" -compact 426.It Li open 427unrestricted IP access 428.It Li closed 429all IP services disabled, except via 430.Dq Li lo0 431.It Li client 432basic protection for a workstation 433.It Li simple 434basic protection for a LAN. 435.El 436.Pp 437If a filename is specified, the full path 438must be given. 439.It Va ipv6_firewall_type 440.Pq Vt str 441The IPv6 equivalent of 442.Va firewall_type . 443.It Va firewall_quiet 444.Pq Vt bool 445Set to 446.Dq Li YES 447to disable the display of firewall rules on the console during boot. 448.It Va ipv6_firewall_quiet 449.Pq Vt bool 450The IPv6 equivalent of 451.Va firewall_quiet . 452.It Va firewall_logging 453.Pq Vt bool 454Set to 455.Dq Li YES 456to enable firewall event logging. 457This is equivalent to the 458.Dv IPFIREWALL_VERBOSE 459kernel option. 460.It Va ipv6_firewall_logging 461.Pq Vt bool 462The IPv6 equivalent of 463.Va firewall_logging . 464.It Va firewall_flags 465.Pq Vt str 466Flags passed to 467.Xr ipfw 8 468if 469.Va firewall_type 470specifies a filename. 471.It Va ipv6_firewall_flags 472.Pq Vt str 473The IPv6 equivalent of 474.Va firewall_flags . 475.It Va natd_program 476.Pq Vt str 477Path to 478.Xr natd 8 . 479.It Va natd_enable 480.Pq Vt bool 481Set to 482.Dq Li YES 483to enable 484.Xr natd 8 . 485.Va firewall_enable 486must also be set to 487.Dq Li YES , 488and 489.Xr divert 4 490sockets must be enabled in the kernel. 491If the kernel was not built with 492.Cd "options IPDIVERT" , 493the 494.Pa ipdivert.ko 495kernel module will be loaded. 496.It Va natd_interface 497.Pq Vt str 498This is the name of the public interface on which 499.Xr natd 8 500should run. 501The interface may be given as an interface name or as an IP address. 502.It Va natd_flags 503.Pq Vt str 504Additional 505.Xr natd 8 506flags should be placed here. 507The 508.Fl n 509or 510.Fl a 511flag is automatically added with the above 512.Va natd_interface 513as an argument. 514.\" ----- ipfilter_enable setting -------------------------------- 515.It Va ipfilter_enable 516.Pq Vt bool 517Set to 518.Dq Li NO 519by default. 520Setting this to 521.Dq Li YES 522enables 523.Xr ipf 8 524packet filtering. 525.Pp 526Typical usage will require putting 527.Bd -literal 528ipfilter_enable="YES" 529ipnat_enable="YES" 530ipmon_enable="YES" 531ipfs_enable="YES" 532.Ed 533.Pp 534into 535.Pa /etc/rc.conf 536and editing 537.Pa /etc/ipf.rules 538and 539.Pa /etc/ipnat.rules 540appropriately. 541.Pp 542Note that 543.Va ipfilter_enable 544and 545.Va ipnat_enable 546can be enabled independently. 547.Va ipmon_enable 548and 549.Va ipfs_enable 550both require at least one of 551.Va ipfilter_enable 552and 553.Va ipnat_enable 554to be enabled. 555.Pp 556Having 557.Bd -literal 558options IPFILTER 559options IPFILTER_LOG 560options IPFILTER_DEFAULT_BLOCK 561.Ed 562.Pp 563in the kernel configuration file is a good idea, too. 564.\" ----- ipfilter_program setting ------------------------------ 565.It Va ipfilter_program 566.Pq Vt str 567Path to 568.Xr ipf 8 569(default 570.Pa /sbin/ipf ) . 571.\" ----- ipfilter_rules setting -------------------------------- 572.It Va ipfilter_rules 573.Pq Vt str 574Set to 575.Pa /etc/ipf.rules 576by default. 577This variable contains the name of the filter rule definition file. 578The file is expected to be readable for the 579.Xr ipf 8 580command to execute. 581.\" ----- ipv6_ipfilter_rules setting --------------------------- 582.It Va ipv6_ipfilter_rules 583.Pq Vt str 584Set to 585.Pa /etc/ipf6.rules 586by default. 587This variable contains the IPv6 filter rule definition file. 588The file is expected to be readable for the 589.Xr ipf 8 590command to execute. 591.\" ----- ipfilter_flags setting -------------------------------- 592.It Va ipfilter_flags 593.Pq Vt str 594Empty by default. 595This variable contains flags passed to the 596.Xr ipf 8 597program. 598.\" ----- ipnat_enable setting ---------------------------------- 599.It Va ipnat_enable 600.Pq Vt bool 601Set to 602.Dq Li NO 603by default. 604Set it to 605.Dq Li YES 606to enable 607.Xr ipnat 8 608network address translation. 609See 610.Va ipfilter_enable 611for a detailed discussion. 612.\" ----- ipnat_program setting --------------------------------- 613.It Va ipnat_program 614.Pq Vt str 615Path to 616.Xr ipnat 8 617(default 618.Pa /sbin/ipnat ) . 619.\" ----- ipnat_rules setting ----------------------------------- 620.It Va ipnat_rules 621.Pq Vt str 622Set to 623.Pa /etc/ipnat.rules 624by default. 625This variable contains the name of the file 626holding the network address translation definition. 627This file is expected to be readable for the 628.Xr ipnat 8 629command to execute. 630.\" ----- ipnat_flags setting ----------------------------------- 631.It Va ipnat_flags 632.Pq Vt str 633Empty by default. 634This variable contains flags passed to the 635.Xr ipnat 8 636program. 637.\" ----- ipmon_enable setting ---------------------------------- 638.It Va ipmon_enable 639.Pq Vt bool 640Set to 641.Dq Li NO 642by default. 643Set it to 644.Dq Li YES 645to enable 646.Xr ipmon 8 647monitoring (logging 648.Xr ipf 8 649and 650.Xr ipnat 8 651events). 652Setting this variable needs setting 653.Va ipfilter_enable 654or 655.Va ipnat_enable 656too. 657See 658.Va ipfilter_enable 659for a detailed discussion. 660.\" ----- ipmon_program setting --------------------------------- 661.It Va ipmon_program 662.Pq Vt str 663Path to 664.Xr ipmon 8 665(default 666.Pa /sbin/ipmon ) . 667.\" ----- ipmon_flags setting ----------------------------------- 668.It Va ipmon_flags 669.Pq Vt str 670Set to 671.Dq Li -Ds 672by default. 673This variable contains flags passed to the 674.Xr ipmon 8 675program. 676Another typical example would be 677.Dq Fl D Pa /var/log/ipflog 678to have 679.Xr ipmon 8 680log directly to a file bypassing 681.Xr syslogd 8 . 682Make sure to adjust 683.Pa /etc/newsyslog.conf 684in such case like this: 685.Bd -literal 686/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 687.Ed 688.\" ----- ipfs_enable setting ----------------------------------- 689.It Va ipfs_enable 690.Pq Vt bool 691Set to 692.Dq Li NO 693by default. 694Set it to 695.Dq Li YES 696to enable 697.Xr ipfs 8 698saving the filter and NAT state tables during shutdown 699and reloading them during startup again. 700Setting this variable needs setting 701.Va ipfilter_enable 702or 703.Va ipnat_enable 704to 705.Dq Li YES 706too. 707See 708.Va ipfilter_enable 709for a detailed discussion. 710Note that if 711.Va kern_securelevel 712is set to 3, 713.Va ipfs_enable 714cannot be used 715because the raised securelevel will prevent 716.Xr ipfs 8 717from saving the state tables at shutdown time. 718.\" ----- ipfs_program setting ---------------------------------- 719.It Va ipfs_program 720.Pq Vt str 721Path to 722.Xr ipfs 8 723(default 724.Pa /sbin/ipfs ) . 725.\" ----- ipfs_flags setting ------------------------------------ 726.It Va ipfs_flags 727.Pq Vt str 728Empty by default. 729This variable contains flags passed to the 730.Xr ipfs 8 731program. 732.\" ----- end of added ipf hook --------------------------------- 733.It Va pf_enable 734.Pq Vt bool 735Set to 736.Dq Li NO 737by default. 738Setting this to 739.Dq Li YES 740enables 741.Xr pf 4 742packet filtering. 743.Pp 744Typical usage will require putting 745.Pp 746.Dl pf_enable="YES" 747.Pp 748into 749.Pa /etc/rc.conf 750and editing 751.Pa /etc/pf.conf 752appropriately. 753.Pp 754.Dl "device pf" 755.Pp 756builds 757.Xr pf 4 758into the kernel. 759Otherwise it is loaded from a module. 760.It Va pf_rules 761.Pq Vt str 762Path to 763.Xr pf 4 764ruleset configuration file 765(default 766.Pa /etc/pf.conf ) . 767.It Va pf_program 768.Pq Vt str 769Path to 770.Xr pfctl 8 771(default 772.Pa /sbin/pfctl ) . 773.It Va pf_flags 774.Pq Vt str 775If 776.Va pf_enable 777is set to 778.Dq Li YES , 779these flags are passed to the 780.Xr pfctl 8 781program when loading the ruleset. 782.It Va pflog_enable 783.Pq Vt bool 784Set to 785.Dq Li NO 786by default. 787Setting this to 788.Dq Li YES 789enables 790.Xr pflogd 8 791which logs packets from the 792.Xr pf 4 793packet filter. 794.It Va pflog_logfile 795.Pq Vt str 796If 797.Va pflog_enable 798is set to 799.Dq Li YES 800this controls where 801.Xr pflogd 8 802stores the logfile 803(default 804.Pa /var/log/pflog ) . 805Check 806.Pa /etc/newsyslog.conf 807to adjust logfile rotation for this. 808.It Va pflog_program 809.Pq Vt str 810Path to 811.Xr pflogd 8 812(default 813.Pa /sbin/pflogd ) . 814.It Va pflog_flags 815.Pq Vt str 816Empty by default. 817This variable contains additional flags passed to the 818.Xr pflogd 8 819program. 820.It Va pfsync_enable 821.Pq Vt bool 822Set to 823.Dq Li NO 824by default. 825Setting this to 826.Dq Li YES 827enables exposing 828.Xr pf 4 829state changes to other hosts over the network by means of 830.Xr pfsync 4 . 831The 832.Va pfsync_syncdev 833variable 834must also be set then. 835.It Va pfsync_syncdev 836.Pq Vt str 837Empty by default. 838This variable specifies the name of the network interface 839.Xr pfsync 4 840should operate through. 841It must be set accordingly if 842.Va pfsync_enable 843is set to 844.Dq Li YES . 845.It Va pfsync_ifconfig 846.Pq Vt str 847Empty by default. 848This variable can contain additional options to be passed to the 849.Xr ifconfig 8 850command used to set up 851.Xr pfsync 4 . 852.It Va tcp_extensions 853.Pq Vt bool 854Set to 855.Dq Li YES 856by default. 857Setting this to 858.Dq Li NO 859disables certain TCP options as described by 860.Rs 861.%T "RFC 1323" 862.Re 863Setting this to 864.Dq Li NO 865might help remedy such problems with connections as randomly hanging 866or other weird behavior. 867Some network devices are known 868to be broken with respect to these options. 869.It Va log_in_vain 870.Pq Vt int 871Set to 0 by default. 872The 873.Xr sysctl 8 874variables, 875.Va net.inet.tcp.log_in_vain 876and 877.Va net.inet.udp.log_in_vain , 878as described in 879.Xr tcp 4 880and 881.Xr udp 4 , 882are set to the given value. 883.It Va tcp_keepalive 884.Pq Vt bool 885Set to 886.Dq Li YES 887by default. 888Setting to 889.Dq Li NO 890will disable probing idle TCP connections to verify that the 891peer is still up and reachable. 892.It Va tcp_drop_synfin 893.Pq Vt bool 894Set to 895.Dq Li NO 896by default. 897Setting to 898.Dq Li YES 899will cause the kernel to ignore TCP frames that have both 900the SYN and FIN flags set. 901This prevents OS fingerprinting, but may 902break some legitimate applications. 903This option is only available if the 904kernel was built with the 905.Dv TCP_DROP_SYNFIN 906option. 907.It Va icmp_drop_redirect 908.Pq Vt bool 909Set to 910.Dq Li NO 911by default. 912Setting to 913.Dq Li YES 914will cause the kernel to ignore ICMP REDIRECT packets. 915Refer to 916.Xr icmp 4 917for more information. 918.It Va icmp_log_redirect 919.Pq Vt bool 920Set to 921.Dq Li NO 922by default. 923Setting to 924.Dq Li YES 925will cause the kernel to log ICMP REDIRECT packets. 926Note that 927the log messages are not rate-limited, so this option should only be used 928for troubleshooting networks. 929Refer to 930.Xr icmp 4 931for more information. 932.It Va icmp_bmcastecho 933.Pq Vt bool 934Set to 935.Dq Li YES 936to respond to broadcast or multicast ICMP ping packets. 937Refer to 938.Xr icmp 4 939for more information. 940.It Va ip_portrange_first 941.Pq Vt int 942If not set to 943.Dq Li NO , 944this is the first port in the default portrange. 945Refer to 946.Xr ip 4 947for more information. 948.It Va ip_portrange_last 949.Pq Vt int 950If not set to 951.Dq Li NO , 952this is the last port in the default portrange. 953Refer to 954.Xr ip 4 955for more information. 956.It Va network_interfaces 957.Pq Vt str 958Set to the list of network interfaces to configure on this host or 959.Dq Li AUTO 960(the default) for all current interfaces. 961Setting the 962.Va network_interfaces 963variable to anything other than the default is deprecated. 964Interfaces that the administrator wishes to store configration for, 965but not start at boot should be configured with the 966.Dq Li NOAUTO 967keyword in their 968.Va ifconfig_ Ns Aq Ar interface 969variables as described below. 970.Pp 971An 972.Va ifconfig_ Ns Aq Ar interface 973variable is also assumed to exist for each value of 974.Ar interface . 975When an interface name contains any of the characters 976.Dq Li .-/+ 977they are translated to 978.Dq Li _ 979before lookup. 980The variable can contain arguments to 981.Xr ifconfig 8 , 982as well as special case-insensitive keywords described below. 983Such keywords are removed before passing the value to 984.Xr ifconfig 8 985while the order of the other arguments is preserved. 986.Pp 987One can configure more than one IPv4 address with the 988.Va ipv4_addrs_ Ns Aq Ar interface 989variable. 990One or more IP addresses must be provided in Classless Inter-Domain 991Routing (CIDR) address notation, whose last byte can be a range like 992192.168.0.5-23/24. 993In this case the address 192.168.0.5 will be configured with the 994netmask /24 and the addresses 192.168.0.6 to 192.168.0.23 with 995the non-conflicting netmask /32 as explained in the 996.Xr ifconfig 8 997alias section. 998With the interface in question being 999.Li ed0 , 1000an example could look like: 1001.Bd -literal 1002ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28" 1003.Ed 1004.Pp 1005It is also possible to add IP alias entries using 1006.Xr ifconfig 8 1007syntax. 1008Assuming that the interface in question was 1009.Li ed0 , 1010it might look 1011something like this: 1012.Bd -literal 1013ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1014ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1015.Ed 1016.Pp 1017And so on. 1018For each 1019.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1020entry that is found, 1021its contents are passed to 1022.Xr ifconfig 8 . 1023Execution stops at the first unsuccessful access, so if 1024something like this is present: 1025.Bd -literal 1026ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1027ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1028ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1029ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1030.Ed 1031.Pp 1032Then note that alias4 would 1033.Em not 1034be added since the search would 1035stop with the missing 1036.Dq Li alias3 1037entry. 1038Due to this difficult to manage behavior, the 1039.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1040form is deprecated. 1041.Pp 1042If the 1043.Pa /etc/start_if. Ns Aq Ar interface 1044file is present, it is read and executed by the 1045.Xr sh 1 1046interpreter 1047before configuring the interface as specified in the 1048.Va ifconfig_ Ns Aq Ar interface 1049and 1050.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1051variables. 1052.Pp 1053If the 1054.Va ifconfig_ Ns Aq Ar interface 1055contains the keyword 1056.Dq Li NOAUTO 1057then the interface will not be configured 1058at boot or by 1059.Pa /etc/pccard_ether 1060when 1061.Va network_interfaces 1062is set to 1063.Dq Li AUTO . 1064.Pp 1065It is possible to bring up an interface with DHCP by adding 1066.Dq Li DHCP 1067to the 1068.Va ifconfig_ Ns Aq Ar interface 1069variable. 1070For instance, to initialize the 1071.Li ed0 1072device via DHCP, 1073it is possible to use something like: 1074.Bd -literal 1075ifconfig_ed0="DHCP" 1076.Ed 1077.Pp 1078Also, if your interface needs WPA authentication, it is possible to add 1079.Dq Li WPA 1080to the 1081.Va ifconfig_ Ns Aq Ar interface 1082variable. 1083.Pp 1084Finally, you can add 1085.Xr ifconfig 8 1086options in this variable, in addition to the 1087.Pa /etc/start_if. Ns Aq Ar interface 1088file. 1089For instance, to initialize the 1090.Li wi0 1091device via DHCP, using WPA authentication and 802.11b mode, it is 1092possible to use something like: 1093.Bd -literal 1094ifconfig_wi0="DHCP WPA mode 11b" 1095.Ed 1096.Pp 1097In addition to the 1098.Va ifconfig_ Ns Aq Ar interface 1099form, a fallback variable 1100.Va ifconfig_DEFAULT 1101may be configured. 1102It will be used for all interfaces with no 1103.Va ifconfig_ Ns Aq Ar interface 1104variable. 1105This is intended to replace the no longer supported 1106.Va pccard_ifconfig 1107variable. 1108.Pp 1109It is also possible to rename interface by doing: 1110.Bd -literal 1111ifconfig_ed0_name="net0" 1112ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 1113.Ed 1114.It Va ipv6_network_interfaces 1115.Pq Vt str 1116This is the IPv6 equivalent of 1117.Va network_interfaces . 1118Instead of setting the ifconfig variables as 1119.Va ifconfig_ Ns Aq Ar interface 1120they should be set as 1121.Va ipv6_ifconfig_ Ns Aq Ar interface . 1122Aliases should be set as 1123.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 1124.Va ipv6_prefix_ Ns Aq Ar interface 1125does something. 1126Interfaces that do not have a 1127.Va ipv6_ifconfig_ Ns Aq Ar interface 1128setting will be auto configured by 1129.Xr rtsol 8 1130if the 1131.Va ipv6_gateway_enable 1132is set to 1133.Dq Li NO . 1134Note that the IPv6 networking code does not support the 1135.Pa /etc/start_if. Ns Aq Ar interface 1136files. 1137.It Va ipv6_default_interface 1138.Pq Vt str 1139If not set to 1140.Dq Li NO , 1141this is the default output interface for scoped addresses. 1142Now this works only for IPv6 link local multicast addresses. 1143.It Va cloned_interfaces 1144.Pq Vt str 1145Set to the list of clonable network interfaces to create on this host. 1146Entries in 1147.Va cloned_interfaces 1148are automatically appended to 1149.Va network_interfaces 1150for configuration. 1151.It Va gif_interfaces 1152.Pq Vt str 1153Set to the list of 1154.Xr gif 4 1155tunnel interfaces to configure on this host. 1156A 1157.Va gifconfig_ Ns Aq Ar interface 1158variable is assumed to exist for each value of 1159.Ar interface . 1160The value of this variable is used to configure the link layer of the 1161tunnel according to the syntax of the 1162.Cm tunnel 1163option to 1164.Xr ifconfig 8 . 1165Additionally, this option ensures that each listed interface is created 1166via the 1167.Cm create 1168option to 1169.Xr ifconfig 8 1170before attempting to configure it. 1171.It Va sppp_interfaces 1172.Pq Vt str 1173Set to the list of 1174.Xr sppp 4 1175interfaces to configure on this host. 1176A 1177.Va spppconfig_ Ns Aq Ar interface 1178variable is assumed to exist for each value of 1179.Ar interface . 1180Each interface should also be configured by a general 1181.Va ifconfig_ Ns Aq Ar interface 1182setting. 1183Refer to 1184.Xr spppcontrol 8 1185for more information about available options. 1186.It Va ppp_enable 1187.Pq Vt bool 1188If set to 1189.Dq Li YES , 1190run the 1191.Xr ppp 8 1192daemon. 1193.It Va ppp_mode 1194.Pq Vt str 1195Mode in which to run the 1196.Xr ppp 8 1197daemon. 1198Accepted modes are 1199.Dq Li auto , 1200.Dq Li ddial , 1201.Dq Li direct 1202and 1203.Dq Li dedicated . 1204See the manual for a full description. 1205.It Va ppp_nat 1206.Pq Vt bool 1207If set to 1208.Dq Li YES , 1209enables network address translation. 1210Used in conjunction with 1211.Va gateway_enable 1212allows hosts on private network addresses access to the Internet using 1213this host as a network address translating router. 1214.It Va ppp_profile 1215.Pq Vt str 1216The name of the profile to use from 1217.Pa /etc/ppp/ppp.conf . 1218.It Va ppp_user 1219.Pq Vt str 1220The name of the user under which 1221.Xr ppp 8 1222should be started. 1223By 1224default, 1225.Xr ppp 8 1226is started as 1227.Dq Li root . 1228.It Va rc_conf_files 1229.Pq Vt str 1230This option is used to specify a list of files that will override 1231the settings in 1232.Pa /etc/defaults/rc.conf . 1233The files will be read in the order in which they are specified and should 1234include the full path to the file. 1235By default, the files specified are 1236.Pa /etc/rc.conf 1237and 1238.Pa /etc/rc.conf.local 1239.It Va gbde_autoattach_all 1240.Pq Vt bool 1241If set to 1242.Dq Li YES , 1243.Pa /etc/rc.d/gbde 1244will attempt to automatically initialize your .bde devices in 1245.Pa /etc/fstab . 1246.It Va gbde_devices 1247.Pq Vt str 1248List the devices that the script should try to attach, 1249or 1250.Dq Li AUTO . 1251.It Va gbde_lockdir 1252.Pq Vt str 1253The directory where the 1254.Xr gbde 4 1255lockfiles are located. 1256The default lockfile directory is 1257.Pa /etc . 1258.Pp 1259The lockfile for each individual 1260.Xr gbde 4 1261device can be overridden by setting the variable 1262.Va gbde_lock_ Ns Aq Ar device , 1263where 1264.Ar device 1265is the encrypted device without the 1266.Dq Pa /dev/ 1267and 1268.Dq Pa .bde 1269parts. 1270.It Va gbde_attach_attempts 1271.Pq Vt int 1272Number of times to attempt attaching to a 1273.Xr gbde 4 1274device, i.e., how many times the user is asked for the pass-phrase. 1275Default is 3. 1276.It Va geli_devices 1277.Pq Vt str 1278List of devices to automatically attach on boot. 1279Note that .eli devices from 1280.Pa /etc/fstab 1281are automatically appended to this list. 1282.It Va geli_tries 1283.Pq Vt int 1284Number of times user is asked for the pass-phrase. 1285If empty, it will be taken from 1286.Va kern.geom.eli.tries 1287sysctl variable. 1288.It Va geli_default_flags 1289.Pq Vt str 1290Default flags to use by 1291.Xr geli 8 1292when configuring disk encryption. 1293Flags can be configured for every device separately by defining 1294.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1295variable. 1296.It Va geli_autodetach 1297.Pq Vt str 1298Specifies if GELI devices should be marked for detach on last close after 1299file systems are mounted. 1300Default is 1301.Dq Li YES . 1302This can be changed for every device separately by defining 1303.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1304variable. 1305.It Va geli_swap_flags 1306Options passed to the 1307.Xr geli 8 1308utility when encrypted GEOM providers for swap partitions are created. 1309The default is 1310.Dq Li "-a aes -l 256 -s 4096 -d" . 1311.It Va root_rw_mount 1312.Pq Vt bool 1313Set to 1314.Dq Li YES 1315by default. 1316After the file systems are checked at boot time, the root file system 1317is remounted as read-write if this is set to 1318.Dq Li YES . 1319Diskless systems that mount their root file system from a read-only remote 1320NFS share should set this to 1321.Dq Li NO 1322in their 1323.Pa rc.conf . 1324.It Va fsck_y_enable 1325.Pq Vt bool 1326If set to 1327.Dq Li YES , 1328.Xr fsck 8 1329will be run with the 1330.Fl y 1331flag if the initial preen 1332of the file systems fails. 1333.It Va background_fsck 1334.Pq Vt bool 1335If set to 1336.Dq Li YES , 1337the system will attempt to run 1338.Xr fsck 8 1339in the background where possible. 1340.It Va background_fsck_delay 1341.Pq Vt int 1342The amount of time in seconds to sleep before starting a background 1343.Xr fsck 8 . 1344It defaults to sixty seconds to allow large applications such as 1345the X server to start before disk I/O bandwidth is monopolized by 1346.Xr fsck 8 . 1347.It Va netfs_types 1348.Pq Vt str 1349List of file system types that are network-based. 1350This list should generally not be modified by end users. 1351Use 1352.Va extra_netfs_types 1353instead. 1354.It Va extra_netfs_types 1355.Pq Vt str 1356If set to something other than 1357.Dq Li NO 1358(the default), 1359this variable extends the list of file system types 1360for which automatic mounting at startup by 1361.Xr rc 8 1362should be delayed until the network is initialized. 1363It should contain 1364a whitespace-separated list of network file system descriptor pairs, 1365each consisting of a file system type as passed to 1366.Xr mount 8 1367and a human-readable, one-word description, 1368joined with a colon 1369.Pq Ql \&: . 1370Extending the default list in this way is only necessary 1371when third party file system types are used. 1372.It Va syslogd_enable 1373.Pq Vt bool 1374If set to 1375.Dq Li YES , 1376run the 1377.Xr syslogd 8 1378daemon. 1379.It Va syslogd_program 1380.Pq Vt str 1381Path to 1382.Xr syslogd 8 1383(default 1384.Pa /usr/sbin/syslogd ) . 1385.It Va syslogd_flags 1386.Pq Vt str 1387If 1388.Va syslogd_enable 1389is set to 1390.Dq Li YES , 1391these are the flags to pass to 1392.Xr syslogd 8 . 1393.It Va inetd_enable 1394.Pq Vt bool 1395If set to 1396.Dq Li YES , 1397run the 1398.Xr inetd 8 1399daemon. 1400.It Va inetd_program 1401.Pq Vt str 1402Path to 1403.Xr inetd 8 1404(default 1405.Pa /usr/sbin/inetd ) . 1406.It Va inetd_flags 1407.Pq Vt str 1408If 1409.Va inetd_enable 1410is set to 1411.Dq Li YES , 1412these are the flags to pass to 1413.Xr inetd 8 . 1414.It Va named_enable 1415.Pq Vt bool 1416If set to 1417.Dq Li YES , 1418run the 1419.Xr named 8 1420daemon. 1421.It Va named_program 1422.Pq Vt str 1423Path to 1424.Xr named 8 1425(default 1426.Pa /usr/sbin/named ) . 1427.It Va named_flags 1428.Pq Vt str 1429If 1430.Va named_enable 1431is set to 1432.Dq Li YES , 1433these are the flags to pass to 1434.Xr named 8 . 1435.It Va named_pidfile 1436.Pq Vt str 1437This is the default path to the 1438.Xr named 8 1439daemon's PID file. 1440This must match the location in 1441.Xr named.conf 5 . 1442.It Va named_uid 1443.Pq Vt str 1444The user that the named process should be run as. 1445.It Va named_chrootdir 1446.Pq Vt str 1447The root directory for a name server run in a 1448.Xr chroot 8 1449environment (default 1450.Pa /var/named ) . 1451If left empty 1452.Xr named 8 1453will not be run in a 1454.Xr chroot 8 1455environment. 1456.It Va named_chroot_autoupdate 1457.Pq Vt bool 1458Set to 1459.Dq Li NO 1460to disable automatic update of the 1461.Xr chroot 8 1462environment. 1463.It Va named_symlink_enable 1464.Pq Vt bool 1465Set to 1466.Dq Li NO 1467to disable symlinking of 1468daemon's PID file 1469into the 1470.Xr chroot 8 1471environment. 1472.It Va kerberos5_server_enable 1473.Pq Vt bool 1474Set to 1475.Dq Li YES 1476to start a Kerberos 5 authentication server 1477at boot time. 1478.It Va kerberos5_server 1479.Pq Vt str 1480If 1481.Va kerberos5_server_enable 1482is set to 1483.Dq Li YES 1484this is the path to Kerberos 5 Authentication Server. 1485.It Va kerberos5_server_flags 1486.Pq Vt str 1487Empty by default. 1488This variable contains additional flags to be passed to the Kerberos 5 1489authentication server. 1490.It Va kadmind5_server_enable 1491.Pq Vt bool 1492Set to 1493.Dq Li YES 1494to start 1495.Xr kadmind 8 , 1496the Kerberos 5 Administration Daemon; set to 1497.Dq Li NO 1498on a slave server. 1499.It Va kadmind5_server 1500.Pq Vt str 1501If 1502.Va kadmind5_server_enable 1503is set to 1504.Dq Li YES 1505this is the path to Kerberos 5 Administration Daemon. 1506.It Va kpasswdd_server_enable 1507.Pq Vt bool 1508Set to 1509.Dq Li YES 1510to start 1511.Xr kpasswdd 8 , 1512the Kerberos 5 Password-Changing Daemon; set to 1513.Dq Li NO 1514on a slave server. 1515.It Va kpasswdd_server 1516.Pq Vt str 1517If 1518.Va kpasswdd_server_enable 1519is set to 1520.Dq Li YES 1521this is the path to Kerberos 5 Password-Changing Daemon. 1522.It Va rwhod_enable 1523.Pq Vt bool 1524If set to 1525.Dq Li YES , 1526run the 1527.Xr rwhod 8 1528daemon at boot time. 1529.It Va rwhod_flags 1530.Pq Vt str 1531If 1532.Va rwhod_enable 1533is set to 1534.Dq Li YES , 1535these are the flags to pass to it. 1536.It Va amd_enable 1537.Pq Vt bool 1538If set to 1539.Dq Li YES , 1540run the 1541.Xr amd 8 1542daemon at boot time. 1543.It Va amd_flags 1544.Pq Vt str 1545If 1546.Va amd_enable 1547is set to 1548.Dq Li YES , 1549these are the flags to pass to it. 1550See the 1551.Xr amd 8 1552manpage for more information. 1553.It Va amd_map_program 1554.Pq Vt str 1555If set, 1556the specified program is run to get the list of 1557.Xr amd 8 1558maps. 1559For example, if the 1560.Xr amd 8 1561maps are stored in NIS, one can set this to 1562run 1563.Xr ypcat 1 1564to get a list of 1565.Xr amd 8 1566maps from the 1567.Pa amd.master 1568NIS map. 1569.It Va update_motd 1570.Pq Vt bool 1571If set to 1572.Dq Li YES , 1573.Pa /etc/motd 1574will be updated at boot time to reflect the kernel release 1575being run. 1576If set to 1577.Dq Li NO , 1578.Pa /etc/motd 1579will not be updated. 1580.It Va nfs_client_enable 1581.Pq Vt bool 1582If set to 1583.Dq Li YES , 1584run the NFS client daemons at boot time. 1585.It Va nfs_access_cache 1586.Pq Vt int 1587If 1588.Va nfs_client_enable 1589is set to 1590.Dq Li YES , 1591this can be set to 1592.Dq Li 0 1593to disable NFS ACCESS RPC caching, or to the number of seconds for which 1594NFS ACCESS 1595results should be cached. 1596A value of 2-10 seconds will substantially reduce network 1597traffic for many NFS operations. 1598.It Va nfs_server_enable 1599.Pq Vt bool 1600If set to 1601.Dq Li YES , 1602run the NFS server daemons at boot time. 1603.It Va nfs_server_flags 1604.Pq Vt str 1605If 1606.Va nfs_server_enable 1607is set to 1608.Dq Li YES , 1609these are the flags to pass to the 1610.Xr nfsd 8 1611daemon. 1612.It Va mountd_enable 1613.Pq Vt bool 1614If set to 1615.Dq Li YES , 1616and no 1617.Va nfs_server_enable 1618is set, start 1619.Xr mountd 8 , 1620but not 1621.Xr nfsd 8 1622daemon. 1623It is commonly needed to run CFS without real NFS used. 1624.It Va mountd_flags 1625.Pq Vt str 1626If 1627.Va mountd_enable 1628is set to 1629.Dq Li YES , 1630these are the flags to pass to the 1631.Xr mountd 8 1632daemon. 1633.It Va weak_mountd_authentication 1634.Pq Vt bool 1635If set to 1636.Dq Li YES , 1637allow services like PCNFSD to make non-privileged mount 1638requests. 1639.It Va nfs_reserved_port_only 1640.Pq Vt bool 1641If set to 1642.Dq Li YES , 1643provide NFS services only on a secure port. 1644.It Va nfs_bufpackets 1645.Pq Vt int 1646If set to a number, indicates the number of packets worth of 1647socket buffer space to reserve on an NFS client. 1648The kernel default is typically 4. 1649Using a higher number may be 1650useful on gigabit networks to improve performance. 1651The minimum value is 16522 and the maximum is 64. 1653.It Va rpc_lockd_enable 1654.Pq Vt bool 1655If set to 1656.Dq Li YES 1657and also an NFS server or client, run 1658.Xr rpc.lockd 8 1659at boot time. 1660.It Va rpc_statd_enable 1661.Pq Vt bool 1662If set to 1663.Dq Li YES 1664and also an NFS server or client, run 1665.Xr rpc.statd 8 1666at boot time. 1667.It Va rpcbind_program 1668.Pq Vt str 1669Path to 1670.Xr rpcbind 8 1671(default 1672.Pa /usr/sbin/rpcbind ) . 1673.It Va rpcbind_enable 1674.Pq Vt bool 1675If set to 1676.Dq Li YES , 1677run the 1678.Xr rpcbind 8 1679service at boot time. 1680.It Va rpcbind_flags 1681.Pq Vt str 1682If 1683.Va rpcbind_enable 1684is set to 1685.Dq Li YES , 1686these are the flags to pass to the 1687.Xr rpcbind 8 1688daemon. 1689.It Va keyserv_enable 1690.Pq Vt bool 1691If set to 1692.Dq Li YES , 1693run the 1694.Xr keyserv 8 1695daemon on boot for running Secure RPC. 1696.It Va keyserv_flags 1697.Pq Vt str 1698If 1699.Va keyserv_enable 1700is set to 1701.Dq Li YES , 1702these are the flags to pass to 1703.Xr keyserv 8 1704daemon. 1705.It Va pppoed_enable 1706.Pq Vt bool 1707If set to 1708.Dq Li YES , 1709run the 1710.Xr pppoed 8 1711daemon at boot time to provide PPP over Ethernet services. 1712.It Va pppoed_ Ns Ar provider 1713.Pq Vt str 1714.Xr pppoed 8 1715listens to requests to this 1716.Ar provider 1717and ultimately runs 1718.Xr ppp 8 1719with a 1720.Ar system 1721argument of the same name. 1722.It Va pppoed_flags 1723.Pq Vt str 1724Additional flags to pass to 1725.Xr pppoed 8 . 1726.It Va pppoed_interface 1727.Pq Vt str 1728The network interface to run 1729.Xr pppoed 8 1730on. 1731This is mandatory when 1732.Va pppoed_enable 1733is set to 1734.Dq Li YES . 1735.It Va timed_enable 1736.Pq Vt bool 1737If set to 1738.Dq Li YES , 1739run the 1740.Xr timed 8 1741service at boot time. 1742This command is intended for networks of 1743machines where a consistent 1744.Dq "network time" 1745for all hosts must be established. 1746This is often useful in large NFS 1747environments where time stamps on files are expected to be consistent 1748network-wide. 1749.It Va timed_flags 1750.Pq Vt str 1751If 1752.Va timed_enable 1753is set to 1754.Dq Li YES , 1755these are the flags to pass to the 1756.Xr timed 8 1757service. 1758.It Va ntpdate_enable 1759.Pq Vt bool 1760If set to 1761.Dq Li YES , 1762run 1763.Xr ntpdate 8 1764at system startup. 1765This command is intended to 1766synchronize the system clock only 1767.Em once 1768from some standard reference. 1769An option to set this up initially 1770(from a list of known servers) is also provided by the 1771.Xr sysinstall 8 1772program when the system is first installed. 1773.It Va ntpdate_hosts 1774.Pq Vt str 1775A whitespace-separated list of NTP servers to synchronize with at startup. 1776The default is to use the servers listed in 1777.Pa /etc/ntp.conf , 1778if that file exists. 1779.It Va ntpdate_program 1780.Pq Vt str 1781Path to 1782.Xr ntpdate 8 1783(default 1784.Pa /usr/sbin/ntpdate ) . 1785.It Va ntpdate_flags 1786.Pq Vt str 1787If 1788.Va ntpdate_enable 1789is set to 1790.Dq Li YES , 1791these are the flags to pass to the 1792.Xr ntpdate 8 1793command (typically a hostname). 1794.It Va ntpd_enable 1795.Pq Vt bool 1796If set to 1797.Dq Li YES , 1798run the 1799.Xr ntpd 8 1800command at boot time. 1801.It Va ntpd_program 1802.Pq Vt str 1803Path to 1804.Xr ntpd 8 1805(default 1806.Pa /usr/sbin/ntpd ) . 1807.It Va ntpd_config 1808.Pq Vt str 1809Path to 1810.Xr ntpd 8 1811configuration file. 1812(default 1813.Pa /etc/ntp.conf ) . 1814.It Va ntpd_flags 1815.Pq Vt str 1816If 1817.Va ntpd_enable 1818is set to 1819.Dq Li YES , 1820these are the flags to pass to the 1821.Xr ntpd 8 1822daemon. 1823.It Va ntpd_sync_on_start 1824.Pq Vt bool 1825If set to 1826.Dq Li YES , 1827.Xr ntpd 8 1828is run with the 1829.Fl g 1830flag, which syncs the system's clock on startup. 1831See 1832.Xr ntpd 8 1833for more information regarding the 1834.Fl g 1835option. 1836This is a preferred alternative to using 1837.Xr ntpdate 8 1838or specifying the 1839.Va ntpdate_enable 1840variable. 1841.It Va nis_client_enable 1842.Pq Vt bool 1843If set to 1844.Dq Li YES , 1845run the 1846.Xr ypbind 8 1847service at system boot time. 1848.It Va nis_client_flags 1849.Pq Vt str 1850If 1851.Va nis_client_enable 1852is set to 1853.Dq Li YES , 1854these are the flags to pass to the 1855.Xr ypbind 8 1856service. 1857.It Va nis_ypset_enable 1858.Pq Vt bool 1859If set to 1860.Dq Li YES , 1861run the 1862.Xr ypset 8 1863daemon at system boot time. 1864.It Va nis_ypset_flags 1865.Pq Vt str 1866If 1867.Va nis_ypset_enable 1868is set to 1869.Dq Li YES , 1870these are the flags to pass to the 1871.Xr ypset 8 1872daemon. 1873.It Va nis_server_enable 1874.Pq Vt bool 1875If set to 1876.Dq Li YES , 1877run the 1878.Xr ypserv 8 1879daemon at system boot time. 1880.It Va nis_server_flags 1881.Pq Vt str 1882If 1883.Va nis_server_enable 1884is set to 1885.Dq Li YES , 1886these are the flags to pass to the 1887.Xr ypserv 8 1888daemon. 1889.It Va nis_ypxfrd_enable 1890.Pq Vt bool 1891If set to 1892.Dq Li YES , 1893run the 1894.Xr rpc.ypxfrd 8 1895daemon at system boot time. 1896.It Va nis_ypxfrd_flags 1897.Pq Vt str 1898If 1899.Va nis_ypxfrd_enable 1900is set to 1901.Dq Li YES , 1902these are the flags to pass to the 1903.Xr rpc.ypxfrd 8 1904daemon. 1905.It Va nis_yppasswdd_enable 1906.Pq Vt bool 1907If set to 1908.Dq Li YES , 1909run the 1910.Xr rpc.yppasswdd 8 1911daemon at system boot time. 1912.It Va nis_yppasswdd_flags 1913.Pq Vt str 1914If 1915.Va nis_yppasswdd_enable 1916is set to 1917.Dq Li YES , 1918these are the flags to pass to the 1919.Xr rpc.yppasswdd 8 1920daemon. 1921.It Va rpc_ypupdated_enable 1922.Pq Vt bool 1923If set to 1924.Dq Li YES , 1925run the 1926.Nm rpc.ypupdated 1927daemon at system boot time. 1928.It Va bsnmpd_enable 1929.Pq Vt bool 1930If set to 1931.Dq Li YES , 1932run the 1933.Xr bsnmpd 1 1934daemon at system boot time. 1935Be sure to understand the security implications of running SNMP daemon 1936on your host. 1937.It Va bsnmpd_flags 1938.Pq Vt str 1939If 1940.Va bsnmpd_enable 1941is set to 1942.Dq Li YES , 1943these are the flags to pass to the 1944.Xr bsnmpd 1 1945daemon. 1946.It Va defaultrouter 1947.Pq Vt str 1948If not set to 1949.Dq Li NO , 1950create a default route to this host name or IP address 1951(use an IP address if this router is also required to get to the 1952name server!). 1953.It Va ipv6_defaultrouter 1954.Pq Vt str 1955The IPv6 equivalent of 1956.Va defaultrouter . 1957.It Va static_routes 1958.Pq Vt str 1959Set to the list of static routes that are to be added at system 1960boot time. 1961If not set to 1962.Dq Li NO 1963then for each whitespace separated 1964.Ar element 1965in the value, a 1966.Va route_ Ns Aq Ar element 1967variable is assumed to exist 1968whose contents will later be passed to a 1969.Dq Nm route Cm add 1970operation. 1971For example: 1972.Bd -literal 1973static_routes="mcast gif0local" 1974route_mcast="-net 224.0.0.0/4 -iface gif0" 1975route_gif0local="-host 169.254.1.1 -iface lo0" 1976.Ed 1977.It Va ipv6_static_routes 1978.Pq Vt str 1979The IPv6 equivalent of 1980.Va static_routes . 1981If not set to 1982.Dq Li NO 1983then for each whitespace separated 1984.Ar element 1985in the value, a 1986.Va ipv6_route_ Ns Aq Ar element 1987variable is assumed to exist 1988whose contents will later be passed to a 1989.Dq Nm route Cm add Fl inet6 1990operation. 1991.It Va natm_static_routes 1992.Pq Vt str 1993The 1994.Xr natmip 4 1995equivalent of 1996.Va static_routes . 1997If not empty then for each whitespace separated 1998.Ar element 1999in the value, a 2000.Va route_ Ns Aq Ar element 2001variable is assumed to exist whose contents will later be passed to a 2002.Dq Nm atmconfig Cm natm Cm add 2003operation. 2004.It Va gateway_enable 2005.Pq Vt bool 2006If set to 2007.Dq Li YES , 2008configure host to act as an IP router, e.g.\& to forward packets 2009between interfaces. 2010.It Va ipv6_gateway_enable 2011.Pq Vt bool 2012The IPv6 equivalent of 2013.Va gateway_enable . 2014.It Va router_enable 2015.Pq Vt bool 2016If set to 2017.Dq Li YES , 2018run a routing daemon of some sort, based on the 2019settings of 2020.Va router 2021and 2022.Va router_flags . 2023.It Va ipv6_router_enable 2024.Pq Vt bool 2025The IPv6 equivalent of 2026.Va router_enable . 2027If set to 2028.Dq Li YES , 2029run a routing daemon of some sort, based on the 2030settings of 2031.Va ipv6_router 2032and 2033.Va ipv6_router_flags . 2034.It Va router 2035.Pq Vt str 2036If 2037.Va router_enable 2038is set to 2039.Dq Li YES , 2040this is the name of the routing daemon to use. 2041.It Va ipv6_router 2042.Pq Vt str 2043The IPv6 equivalent of 2044.Va router . 2045.It Va router_flags 2046.Pq Vt str 2047If 2048.Va router_enable 2049is set to 2050.Dq Li YES , 2051these are the flags to pass to the routing daemon. 2052.It Va ipv6_router_flags 2053.Pq Vt str 2054The IPv6 equivalent of 2055.Va router_flags . 2056.It Va mrouted_enable 2057.Pq Vt bool 2058If set to 2059.Dq Li YES , 2060run the multicast routing daemon, 2061.Xr mrouted 8 . 2062.It Va mroute6d_enable 2063.Pq Vt bool 2064The IPv6 equivalent of 2065.Va mrouted_enable . 2066If set to 2067.Dq Li YES , 2068run the IPv6 multicast routing daemon. 2069Note that no IPv6 multicast routing daemon is included in the 2070.Fx 2071base system but 2072.Xr pim6dd 8 2073can be installed from the 2074.Fx 2075Ports Collection. 2076.It Va mrouted_flags 2077.Pq Vt str 2078If 2079.Va mrouted_enable 2080is set to 2081.Dq Li YES , 2082these are the flags to pass to the 2083.Xr mrouted 8 2084daemon. 2085.It Va mroute6d_flags 2086.Pq Vt str 2087The IPv6 equivalent of 2088.Va mrouted_flags . 2089If 2090.Va mroute6d_enable 2091is set to 2092.Dq Li YES , 2093these are the flags passed to the IPv6 multicast routing daemon. 2094.It Va mroute6d_program 2095.Pq Vt str 2096If 2097.Va mroute6d_enable 2098is set to 2099.Dq Li YES , 2100this is the path to the IPv6 multicast routing daemon. 2101.It Va rtadvd_enable 2102.Pq Vt bool 2103If set to 2104.Dq Li YES , 2105run the 2106.Xr rtadvd 8 2107daemon at boot time. 2108.Xr rtadvd 8 2109will only run if 2110.Va ipv6_gateway_enable 2111is also set to 2112.Dq Li YES . 2113The 2114.Xr rtadvd 8 2115utility sends router advertisement packets to the interfaces specified in 2116.Va rtadvd_interfaces 2117and should only be enabled with great care. 2118You may want to fine-tune 2119.Xr rtadvd.conf 5 . 2120.It Va rtadvd_interfaces 2121.Pq Vt str 2122If 2123.Va rtadvd_enable 2124is set to 2125.Dq Li YES 2126this is the list of interfaces to use. 2127.It Va ipxgateway_enable 2128.Pq Vt bool 2129If set to 2130.Dq Li YES , 2131enable the routing of IPX traffic. 2132.It Va ipxrouted_enable 2133.Pq Vt bool 2134If set to 2135.Dq Li YES , 2136run the 2137.Xr IPXrouted 8 2138daemon at system boot time. 2139.It Va ipxrouted_flags 2140.Pq Vt str 2141If 2142.Va ipxrouted_enable 2143is set to 2144.Dq Li YES , 2145these are the flags to pass to the 2146.Xr IPXrouted 8 2147daemon. 2148.It Va arpproxy_all 2149.Pq Vt bool 2150If set to 2151.Dq Li YES , 2152enable global proxy ARP. 2153.It Va forward_sourceroute 2154.Pq Vt bool 2155If set to 2156.Dq Li YES 2157and 2158.Va gateway_enable 2159is also set to 2160.Dq Li YES , 2161source-routed packets are forwarded. 2162.It Va accept_sourceroute 2163.Pq Vt bool 2164If set to 2165.Dq Li YES , 2166the system will accept source-routed packets directed at it. 2167.It Va rarpd_enable 2168.Pq Vt bool 2169If set to 2170.Dq Li YES , 2171run the 2172.Xr rarpd 8 2173daemon at system boot time. 2174.It Va rarpd_flags 2175.Pq Vt str 2176If 2177.Va rarpd_enable 2178is set to 2179.Dq Li YES , 2180these are the flags to pass to the 2181.Xr rarpd 8 2182daemon. 2183.It Va bootparamd_enable 2184.Pq Vt bool 2185If set to 2186.Dq Li YES , 2187run the 2188.Xr bootparamd 8 2189daemon at system boot time. 2190.It Va bootparamd_flags 2191.Pq Vt str 2192If 2193.Va bootparamd_enable 2194is set to 2195.Dq Li YES , 2196these are the flags to pass to the 2197.Xr bootparamd 8 2198daemon. 2199.It Va stf_interface_ipv4addr 2200.Pq Vt str 2201If not set to 2202.Dq Li NO , 2203this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2204interface). 2205Specify this entry to enable the 6to4 interface. 2206.It Va stf_interface_ipv4plen 2207.Pq Vt int 2208Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2209An effective value is 0-31. 2210.It Va stf_interface_ipv6_ifid 2211.Pq Vt str 2212IPv6 interface ID for 2213.Xr stf 4 . 2214This can be set to 2215.Dq Li AUTO . 2216.It Va stf_interface_ipv6_slaid 2217.Pq Vt str 2218IPv6 Site Level Aggregator for 2219.Xr stf 4 . 2220.It Va ipv6_faith_prefix 2221.Pq Vt str 2222If not set to 2223.Dq Li NO , 2224this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2225translator. 2226You also need 2227.Xr faithd 8 2228setup. 2229.It Va ipv6_ipv4mapping 2230.Pq Vt bool 2231If set to 2232.Dq Li YES 2233this enables IPv4 mapped IPv6 address communication (like 2234.Li ::ffff:a.b.c.d ) . 2235.It Va atm_enable 2236.Pq Vt bool 2237Set to 2238.Dq Li YES 2239to enable the configuration of ATM interfaces at system boot time. 2240For all of the ATM variables described below, please refer to the 2241.Xr atm 8 2242manual page for further details on the available command parameters. 2243Also refer to the files in 2244.Pa /usr/share/examples/atm 2245for more detailed configuration information. 2246.It Va atm_load 2247.Pq Vt str 2248This is a list of physical ATM interface drivers to load. 2249Typical values are 2250.Dq Li hfa_pci 2251and/or 2252.Dq Li hea_pci . 2253.It Va atm_netif_ Ns Aq Ar intf 2254.Pq Vt str 2255For the ATM physical interface 2256.Ar intf , 2257this variable defines the name prefix and count for the ATM network 2258interfaces to be created. 2259The value will be passed as the parameters of an 2260.Dq Nm atm Cm "set netif" Ar intf 2261command. 2262.It Va atm_sigmgr_ Ns Aq Ar intf 2263.Pq Vt str 2264For the ATM physical interface 2265.Ar intf , 2266this variable defines the ATM signalling manager to be used. 2267The value will be passed as the parameters of an 2268.Dq Nm atm Cm attach Ar intf 2269command. 2270.It Va atm_prefix_ Ns Aq Ar intf 2271.Pq Vt str 2272For the ATM physical interface 2273.Ar intf , 2274this variable defines the NSAP prefix for interfaces using a UNI signalling 2275manager. 2276If set to 2277.Dq Li ILMI , 2278the prefix will automatically be set via the 2279.Xr ilmid 8 2280daemon. 2281Otherwise, the value will be passed as the parameters of an 2282.Dq Nm atm Cm "set prefix" Ar intf 2283command. 2284.It Va atm_macaddr_ Ns Aq Ar intf 2285.Pq Vt str 2286For the ATM physical interface 2287.Ar intf , 2288this variable defines the MAC address for interfaces using a UNI signalling 2289manager. 2290If set to 2291.Dq Li NO , 2292the hardware MAC address contained in the ATM interface card will be used. 2293Otherwise, the value will be passed as the parameters of an 2294.Dq Nm atm Cm "set mac" Ar intf 2295command. 2296.It Va atm_arpserver_ Ns Aq Ar netif 2297.Pq Vt str 2298For the ATM network interface 2299.Ar netif , 2300this variable defines the ATM address for a host which is to provide ATMARP 2301service. 2302This variable is only applicable to interfaces using a UNI signalling 2303manager. 2304If set to 2305.Dq Li local , 2306this host will become an ATMARP server. 2307The value will be passed as the parameters of an 2308.Dq Nm atm Cm "set arpserver" Ar netif 2309command. 2310.It Va atm_scsparp_ Ns Aq Ar netif 2311.Pq Vt bool 2312If set to 2313.Dq Li YES , 2314SCSP/ATMARP service for the network interface 2315.Ar netif 2316will be initiated using the 2317.Xr scspd 8 2318and 2319.Xr atmarpd 8 2320daemons. 2321This variable is only applicable if 2322.Va atm_arpserver_ Ns Aq Ar netif 2323is set to 2324.Dq Li local . 2325.It Va atm_pvcs 2326.Pq Vt str 2327Set to the list of ATM PVCs to be added at system 2328boot time. 2329For each whitespace separated 2330.Ar element 2331in the value, an 2332.Va atm_pvc_ Ns Aq Ar element 2333variable is assumed to exist. 2334The value of each of these variables 2335will be passed as the parameters of an 2336.Dq Nm atm Cm "add pvc" 2337command. 2338.It Va atm_arps 2339.Pq Vt str 2340Set to the list of permanent ATM ARP entries to be added 2341at system boot time. 2342For each whitespace separated 2343.Ar element 2344in the value, an 2345.Va atm_arp_ Ns Aq Ar element 2346variable is assumed to exist. 2347The value of each of these variables 2348will be passed as the parameters of an 2349.Dq Nm atm Cm "add arp" 2350command. 2351.It Va natm_interfaces 2352.Pq Vt str 2353Set to the list of 2354.Xr natm 4 2355interfaces that will also be used for HARP through 2356.Xr harp 4 . 2357If this list is not empty all interfaces in the list will be brought up 2358with 2359.Xr ifconfig 8 2360and 2361.Xr harp 4 2362will be loaded. 2363For this to work the interface drivers must be either compiled into the 2364kernel or must reside on the root partition. 2365.It Va keybell 2366.Pq Vt str 2367The keyboard bell sound. 2368Set to 2369.Dq Li normal , 2370.Dq Li visual , 2371.Dq Li off , 2372or 2373.Dq Li NO 2374if the default behavior is desired. 2375For details, refer to the 2376.Xr kbdcontrol 1 2377manpage. 2378.It Va keyboard 2379.Pq Vt str 2380If set to a non-null string, the virtual console's keyboard input is 2381set to this device. 2382.It Va keymap 2383.Pq Vt str 2384If set to 2385.Dq Li NO , 2386no keymap is installed, otherwise the value is used to install 2387the keymap file in 2388.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2389.It Va keyrate 2390.Pq Vt str 2391The keyboard repeat speed. 2392Set to 2393.Dq Li slow , 2394.Dq Li normal , 2395.Dq Li fast , 2396or 2397.Dq Li NO 2398if the default behavior is desired. 2399.It Va keychange 2400.Pq Vt str 2401If not set to 2402.Dq Li NO , 2403attempt to program the function keys with the value. 2404The value should 2405be a single string of the form: 2406.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2407.It Va cursor 2408.Pq Vt str 2409Can be set to the value of 2410.Dq Li normal , 2411.Dq Li blink , 2412.Dq Li destructive , 2413or 2414.Dq Li NO 2415to set the cursor behavior explicitly or choose the default behavior. 2416.It Va scrnmap 2417.Pq Vt str 2418If set to 2419.Dq Li NO , 2420no screen map is installed, otherwise the value is used to install 2421the screen map file in 2422.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2423.It Va font8x16 2424.Pq Vt str 2425If set to 2426.Dq Li NO , 2427the default 8x16 font value is used for screen size requests, otherwise 2428the value in 2429.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2430is used. 2431.It Va font8x14 2432.Pq Vt str 2433If set to 2434.Dq Li NO , 2435the default 8x14 font value is used for screen size requests, otherwise 2436the value in 2437.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2438is used. 2439.It Va font8x8 2440.Pq Vt str 2441If set to 2442.Dq Li NO , 2443the default 8x8 font value is used for screen size requests, otherwise 2444the value in 2445.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2446is used. 2447.It Va blanktime 2448.Pq Vt int 2449If set to 2450.Dq Li NO , 2451the default screen blanking interval is used, otherwise it is set 2452to 2453.Ar value 2454seconds. 2455.It Va saver 2456.Pq Vt str 2457If not set to 2458.Dq Li NO , 2459this is the actual screen saver to use 2460.Li ( blank , snake , daemon , 2461etc). 2462.It Va moused_nondefault_enable 2463.Pq Vt str 2464If set to 2465.Dq Li NO , 2466the mouse device specified on 2467the command line is not automatically treated as enabled by the 2468.Pa /etc/rc.d/moused 2469script. 2470Having this variable set to 2471.Dq Li YES 2472allows a 2473.Xr usb 4 2474mouse, 2475for example, 2476to be enabled as soon as it is plugged in. 2477.It Va moused_enable 2478.Pq Vt str 2479If set to 2480.Dq Li YES , 2481the 2482.Xr moused 8 2483daemon is started for doing cut/paste selection on the console. 2484.It Va moused_type 2485.Pq Vt str 2486This is the protocol type of the mouse connected to this host. 2487This variable must be set if 2488.Va moused_enable 2489is set to 2490.Dq Li YES . 2491The 2492.Xr moused 8 2493daemon 2494is able to detect the appropriate mouse type automatically in many cases. 2495Set this variable to 2496.Dq Li auto 2497to let the daemon detect it, or 2498select one from the following list if the automatic detection fails. 2499.Pp 2500If the mouse is attached to the PS/2 mouse port, choose 2501.Dq Li auto 2502or 2503.Dq Li ps/2 , 2504regardless of the brand and model of the mouse. 2505Likewise, if the 2506mouse is attached to the bus mouse port, choose 2507.Dq Li auto 2508or 2509.Dq Li busmouse . 2510All other protocols are for serial mice and will not work with 2511the PS/2 and bus mice. 2512If this is a USB mouse, 2513.Dq Li auto 2514is the only protocol type which will work. 2515.Pp 2516.Bl -tag -width ".Li x10mouseremote" -compact 2517.It Li microsoft 2518Microsoft mouse (serial) 2519.It Li intellimouse 2520Microsoft IntelliMouse (serial) 2521.It Li mousesystems 2522Mouse systems Corp.\& mouse (serial) 2523.It Li mmseries 2524MM Series mouse (serial) 2525.It Li logitech 2526Logitech mouse (serial) 2527.It Li busmouse 2528A bus mouse 2529.It Li mouseman 2530Logitech MouseMan and TrackMan (serial) 2531.It Li glidepoint 2532ALPS GlidePoint (serial) 2533.It Li thinkingmouse 2534Kensington ThinkingMouse (serial) 2535.It Li ps/2 2536PS/2 mouse 2537.It Li mmhittab 2538MM HitTablet (serial) 2539.It Li x10mouseremote 2540X10 MouseRemote (serial) 2541.It Li versapad 2542Interlink VersaPad (serial) 2543.El 2544.Pp 2545Even if the mouse is not in the above list, it may be compatible 2546with one in the list. 2547Refer to the manual page for 2548.Xr moused 8 2549for compatibility information. 2550.Pp 2551It should also be noted that while this is enabled, any 2552other client of the mouse (such as an X server) should access 2553the mouse through the virtual mouse device, 2554.Pa /dev/sysmouse , 2555and configure it as a 2556.Dq Li sysmouse 2557type mouse, since all 2558mouse data is converted to this single canonical format when 2559using 2560.Xr moused 8 . 2561If the client program does not support the 2562.Dq Li sysmouse 2563type, 2564specify the 2565.Dq Li mousesystems 2566type. 2567It is the second preferred type. 2568.It Va moused_port 2569.Pq Vt str 2570If 2571.Va moused_enable 2572is set to 2573.Dq Li YES , 2574this is the actual port the mouse is on. 2575It might be 2576.Pa /dev/cuad0 2577for a COM1 serial mouse, 2578.Pa /dev/psm0 2579for a PS/2 mouse or 2580.Pa /dev/mse0 2581for a bus mouse, for example. 2582.It Va moused_flags 2583.Pq Vt str 2584If 2585.Va moused_type 2586is set, these are the additional flags to pass to the 2587.Xr moused 8 2588daemon. 2589.It Va mousechar_start 2590.Pq Vt int 2591If set to 2592.Dq Li NO , 2593the default mouse cursor character range 2594.Li 0xd0 Ns - Ns Li 0xd3 2595is used, 2596otherwise the range start is set 2597to 2598.Ar value 2599character, see 2600.Xr vidcontrol 1 . 2601Use if the default range is occupied in the language code table. 2602.It Va allscreens_flags 2603.Pq Vt str 2604If set, 2605.Xr vidcontrol 1 2606is run with these options for each of the virtual terminals 2607.Pq Pa /dev/ttyv* . 2608For example, 2609.Dq Fl m Cm on 2610will enable the mouse pointer on all virtual terminals 2611if 2612.Va moused_enable 2613is set to 2614.Dq Li YES . 2615.It Va allscreens_kbdflags 2616.Pq Vt str 2617If set, 2618.Xr kbdcontrol 1 2619is run with these options for each of the virtual terminals 2620.Pq Pa /dev/ttyv* . 2621For example, 2622.Dq Fl h Li 200 2623will set the 2624.Xr syscons 4 2625scrollback (history) buffer to 200 lines. 2626.It Va cron_enable 2627.Pq Vt bool 2628If set to 2629.Dq Li YES , 2630run the 2631.Xr cron 8 2632daemon at system boot time. 2633.It Va cron_program 2634.Pq Vt str 2635Path to 2636.Xr cron 8 2637(default 2638.Pa /usr/sbin/cron ) . 2639.It Va cron_flags 2640.Pq Vt str 2641If 2642.Va cron_enable 2643is set to 2644.Dq Li YES , 2645these are the flags to pass to 2646.Xr cron 8 . 2647.It Va cron_dst 2648.Pq Vt bool 2649If set to 2650.Dq Li YES , 2651enable the special handling of transitions to and from the 2652Daylight Saving Time in 2653.Xr cron 8 2654(equivalent to using the flag 2655.Fl s ) . 2656.It Va lpd_program 2657.Pq Vt str 2658Path to 2659.Xr lpd 8 2660(default 2661.Pa /usr/sbin/lpd ) . 2662.It Va lpd_enable 2663.Pq Vt bool 2664If set to 2665.Dq Li YES , 2666run the 2667.Xr lpd 8 2668daemon at system boot time. 2669.It Va lpd_flags 2670.Pq Vt str 2671If 2672.Va lpd_enable 2673is set to 2674.Dq Li YES , 2675these are the flags to pass to the 2676.Xr lpd 8 2677daemon. 2678.It Va chkprintcap_enable 2679.Pq Vt bool 2680If set to 2681.Dq Li YES , 2682run the 2683.Xr chkprintcap 8 2684command before starting the 2685.Xr lpd 8 2686daemon. 2687.It Va chkprintcap_flags 2688.Pq Vt str 2689If 2690.Va lpd_enable 2691and 2692.Va chkprintcap_enable 2693are set to 2694.Dq Li YES , 2695these are the flags to pass to the 2696.Xr chkprintcap 8 2697program. 2698The default is 2699.Dq Li -d , 2700which causes missing directories to be created. 2701.It Va mta_start_script 2702.Pq Vt str 2703This variable specifies the full path to the script to run to start 2704a mail transfer agent. 2705The default is 2706.Pa /etc/rc.sendmail . 2707The 2708.Va sendmail_* 2709variables which 2710.Pa /etc/rc.sendmail 2711uses are documented in the 2712.Xr rc.sendmail 8 2713manual page. 2714.It Va dumpdev 2715.Pq Vt str 2716Indicates the device (usually a swap partition) to which a crash dump 2717should be written in the event of a system crash. 2718If the value of this variable is 2719.Dq Li AUTO , 2720the first suitable swap device listed in 2721.Pa /etc/fstab 2722will be used as dump device. 2723Otherwise, the value of this variable is passed as the argument to 2724.Xr dumpon 8 . 2725To disable crash dumps, set this variable to 2726.Dq Li NO . 2727.It Va dumpdir 2728.Pq Vt str 2729When the system reboots after a crash and a crash dump is found on the 2730device specified by the 2731.Va dumpdev 2732variable, 2733.Xr savecore 8 2734will save that crash dump and a copy of the kernel to the directory 2735specified by the 2736.Va dumpdir 2737variable. 2738The default value is 2739.Pa /var/crash . 2740Set to 2741.Dq Li NO 2742to not run 2743.Xr savecore 8 2744at boot time when 2745.Va dumpdir 2746is set. 2747.It Va savecore_flags 2748.Pq Vt str 2749If crash dumps are enabled, these are the flags to pass to the 2750.Xr savecore 8 2751utility. 2752.It Va enable_quotas 2753.Pq Vt bool 2754Set to 2755.Dq Li YES 2756to turn on user disk quotas on system startup via the 2757.Xr quotaon 8 2758command. 2759.It Va check_quotas 2760.Pq Vt bool 2761Set to 2762.Dq Li YES 2763to enable user disk quota checking via the 2764.Xr quotacheck 8 2765command. 2766.It Va accounting_enable 2767.Pq Vt bool 2768Set to 2769.Dq Li YES 2770to enable system accounting through the 2771.Xr accton 8 2772facility. 2773.It Va ibcs2_enable 2774.Pq Vt bool 2775Set to 2776.Dq Li YES 2777to enable iBCS2 (SCO) binary emulation at system initial boot 2778time. 2779.It Va ibcs2_loaders 2780.Pq Vt str 2781If not set to 2782.Dq Li NO 2783and if 2784.Va ibcs2_enable 2785is set to 2786.Dq Li YES , 2787this specifies a list of additional iBCS2 loaders to enable. 2788.It Va linux_enable 2789.Pq Vt bool 2790Set to 2791.Dq Li YES 2792to enable Linux/ELF binary emulation at system initial 2793boot time. 2794.It Va osf1_enable 2795.Pq Vt bool 2796Set to 2797.Dq Li YES 2798to enable OSF/1 (Digital UNIX) binary emulation at system 2799initial boot time. 2800(alpha) 2801.It Va svr4_enable 2802.Pq Vt bool 2803If set to 2804.Dq Li YES , 2805enable SysVR4 emulation at boot time. 2806.It Va sysvipc_enable 2807.Pq Vt bool 2808If set to 2809.Dq Li YES , 2810load System V IPC primitives at boot time. 2811.It Va clear_tmp_enable 2812.Pq Vt bool 2813Set to 2814.Dq Li YES 2815to have 2816.Pa /tmp 2817cleaned at startup. 2818.It Va clear_tmp_X 2819.Pq Vt bool 2820Set to 2821.Dq Li NO 2822to disable removing of X11 lock files, 2823and the removal and (secure) recreation 2824of the various socket directories for X11 2825related programs. 2826.It Va ldconfig_paths 2827.Pq Vt str 2828Set to the list of shared library paths to use with 2829.Xr ldconfig 8 . 2830NOTE: 2831.Pa /usr/lib 2832will always be added first, so it need not appear in this list. 2833.It Va ldconfig32_paths 2834.Pq Vt str 2835Set to the list of 32-bit compatibility shared library paths to 2836use with 2837.Xr ldconfig 8 . 2838.It Va ldconfig_paths_aout 2839.Pq Vt str 2840Set to the list of shared library paths to use with 2841.Xr ldconfig 8 2842legacy 2843.Xr a.out 5 2844support. 2845.It Va ldconfig_insecure 2846.Pq Vt bool 2847The 2848.Xr ldconfig 8 2849utility normally refuses to use directories 2850which are writable by anyone except root. 2851Set this variable to 2852.Dq Li YES 2853to disable that security check during system startup. 2854.It Va ldconfig_local_dirs 2855.Pq Vt str 2856Set to the list of local 2857.Xr ldconfig 8 2858directories. 2859The names of all files in the directories listed will be 2860passed as arguments to 2861.Xr ldconfig 8 . 2862.It Va ldconfig_local32_dirs 2863.Pq Vt str 2864Set to the list of local 32-bit compatibility 2865.Xr ldconfig 8 2866directories. 2867The names of all files in the directories listed will be 2868passed as arguments to 2869.Xr ldconfig 8 2870.Fl 32 . 2871.It Va kern_securelevel_enable 2872.Pq Vt bool 2873Set to 2874.Dq Li YES 2875to set the kernel security level at system startup. 2876.It Va kern_securelevel 2877.Pq Vt int 2878The kernel security level to set at startup. 2879The allowed range of 2880.Ar value 2881ranges from \-1 (the compile time default) to 3 (the 2882most secure). 2883See 2884.Xr init 8 2885for the list of possible security levels and their effect 2886on system operation. 2887.It Va sshd_program 2888.Pq Vt str 2889Path to the SSH server program 2890.Pa ( /usr/sbin/sshd 2891is the default). 2892.It Va sshd_enable 2893.Pq Vt bool 2894Set to 2895.Dq Li YES 2896to start 2897.Xr sshd 8 2898at system boot time. 2899.It Va sshd_flags 2900.Pq Vt str 2901If 2902.Va sshd_enable 2903is set to 2904.Dq Li YES , 2905these are the flags to pass to the 2906.Xr sshd 8 2907daemon. 2908.It Va ftpd_program 2909.Pq Vt str 2910Path to the FTP server program 2911.Pa ( /usr/libexec/ftpd 2912is the default). 2913.It Va ftpd_enable 2914.Pq Vt bool 2915Set to 2916.Dq Li YES 2917to start 2918.Xr ftpd 8 2919as a stand-alone daemon at system boot time. 2920.It Va ftpd_flags 2921.Pq Vt str 2922If 2923.Va ftpd_enable 2924is set to 2925.Dq Li YES , 2926these are the additional flags to pass to the 2927.Xr ftpd 8 2928daemon. 2929.It Va watchdogd_enable 2930.Pq Vt bool 2931If set to 2932.Dq Li YES , 2933start the 2934.Xr watchdogd 8 2935daemon at boot time. 2936This requires that the kernel have been compiled with a 2937.Xr watchdog 4 2938compatible device. 2939.It Va watchdogd_flags 2940.Pq Vt str 2941If 2942.Va watchdogd_enable 2943is set to 2944.Dq Li YES , 2945these are the flags passed to the 2946.Xr watchdogd 8 2947daemon. 2948.It Va performance_cx_lowest 2949.Pq Vt str 2950CPU idle state to use while on AC power. 2951The string 2952.Dq Li LOW 2953indicates that 2954.Xr acpi 4 2955should use the lowest power state available while 2956.Dq Li HIGH 2957indicates that the lowest latency state (less power savings) should be used. 2958.It Va performance_cpu_freq 2959.Pq Vt str 2960CPU clock frequency to use while on AC power. 2961The string 2962.Dq Li LOW 2963indicates that 2964.Xr cpufreq 4 2965should use the lowest frequency available while 2966.Dq Li HIGH 2967indicates that the highest frequency (less power savings) should be used. 2968.It Va economy_cx_lowest 2969.Pq Vt str 2970CPU idle state to use when off AC power. 2971The string 2972.Dq Li LOW 2973indicates that 2974.Xr acpi 4 2975should use the lowest power state available while 2976.Dq Li HIGH 2977indicates that the lowest latency state (less power savings) should be used. 2978.It Va economy_cpu_freq 2979.Pq Vt str 2980CPU clock frequency to use when off AC power. 2981The string 2982.Dq Li LOW 2983indicates that 2984.Xr cpufreq 4 2985should use the lowest frequency available while 2986.Dq Li HIGH 2987indicates that the highest frequency (less power savings) should be used. 2988.It Va jail_enable 2989.Pq Vt bool 2990If set to 2991.Dq Li NO , 2992any configured jails will not be started. 2993.It Va jail_list 2994.Pq Vt str 2995A space separated list of names for jails. 2996This is purely a configuration aid to help identify and 2997configure multiple jails. 2998The names specified in this list will be used to 2999identify settings common to an instance of a jail. 3000Assuming that the jail in question was named 3001.Li vjail , 3002you would have the following dependent variables: 3003.Bd -literal 3004jail_vjail_hostname="jail.example.com" 3005jail_vjail_ip="192.168.1.100" 3006jail_vjail_rootdir="/var/jails/vjail/root" 3007.Ed 3008.Pp 3009.It Va jail_flags 3010.Pq Vt str 3011Unset by default. 3012When set, use as default value for 3013.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3014for every jail in 3015.Va jail_list . 3016.It Va jail_interface 3017.Pq Vt str 3018Unset by default. 3019When set, use as default value for 3020.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3021for every jail in 3022.Va jail_list . 3023.It Va jail_fstab 3024.Pq Vt str 3025Unset by default. 3026When set, use as default value for 3027.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3028for every jail in 3029.Va jail_list . 3030.It Va jail_mount_enable 3031.Pq Vt bool 3032Set to 3033.Dq Li NO 3034by default. 3035When set to 3036.Dq Li YES , 3037sets 3038.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3039to YES by default for every jail in 3040.Va jail_list . 3041.It Va jail_devfs_ruleset 3042.Pq Vt str 3043Unset by default. 3044When set, sets 3045.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3046to given value for every jail in 3047.Va jail_list . 3048.It Va jail_devfs_enable 3049.Pq Vt bool 3050Set to 3051.Dq Li NO 3052by default. 3053When set to 3054.Dq Li YES , 3055sets 3056.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3057to YES by default for every jail in 3058.Va jail_list . 3059.It Va jail_fdescfs_enable 3060.Pq Vt bool 3061Set to 3062.Dq Li NO 3063by default. 3064When set to 3065.Dq Li YES , 3066sets 3067.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3068to YES by default for every jail in 3069.Va jail_list . 3070.It Va jail_procfs_enable 3071.Pq Vt bool 3072Set to 3073.Dq Li NO 3074by default. 3075When set to 3076.Dq Li YES , 3077sets 3078.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3079to YES by default for every jail in 3080.Va jail_list . 3081.It Va jail_exec_start 3082.Pq Vt str 3083Unset by default. 3084When set, use as default value for 3085.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3086for every jail in 3087.Va jail_list . 3088.It Va jail_exec_afterstart Ns Aq Ar N 3089.Pq Vt str 3090Unset by default. 3091When set, use as default value for 3092.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3093for every jail in 3094.Va jail_list . 3095.It Va jail_exec_stop 3096Unset by default. 3097When set, use as default value for 3098.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3099for every jail in 3100.Va jail_list . 3101.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3102.Pq Vt str 3103Unset by default. 3104Set to the root directory used by jail 3105.Va jname . 3106.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3107.Pq Vt str 3108Unset by default. 3109Set to the fully qualified domain name (FQDN) assigned to jail 3110.Va jname . 3111.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3112.Pq Vt str 3113Unset by default. 3114Set to the IP address assigned to jail 3115.Va jname . 3116.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3117.Pq Vt str 3118Set to 3119.Dq Li -l -U root 3120by default. 3121These are flags to pass to 3122.Xr jail . 3123.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3124.Pq Vt str 3125Unset by default. 3126When set, sets the interface to use when setting IP address alias. 3127Note that the alias is created at jail startup and removed at jail shutdown. 3128.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3129.Pq Vt str 3130Set to 3131.Pa /etc/fstab. Ns Ao Ar jname Ac 3132by default. 3133This is the file system information file to use for jail 3134.Va jname . 3135.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3136.Pq Vt bool 3137Set to 3138.Dq Li NO 3139by default. 3140When set to 3141.Dq Li YES , 3142mount all file systems from 3143.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3144at jail startup. 3145.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3146.Pq Vt str 3147Unset by default. 3148When set, defines the device file system ruleset file to use for jail 3149.Va jname . 3150.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3151.Pq Vt bool 3152Set to 3153.Dq Li NO 3154by default. 3155When set to 3156.Dq Li YES , 3157mount the device file system inside jail 3158.Ar jname 3159at jail startup. 3160.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3161.Pq Vt bool 3162Set to 3163.Dq Li NO 3164by default. 3165When set to 3166.Dq Li YES , 3167mount the file-descriptor file system inside jail 3168.Ar jname 3169at jail startup. 3170.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3171.Pq Vt bool 3172Set to 3173.Dq Li NO 3174by default. 3175When set to 3176.Dq Li YES , 3177mount the process file system inside jail 3178.Ar jname 3179at jail startup. 3180.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3181.Pq Vt str 3182Set to 3183.Dq Li /bin/sh /etc/rc 3184by default. 3185This is the command executed at jail startup. 3186.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3187.Pq Vt str 3188Unset by default. 3189This is the command run as 3190.Ar N Ns 3191th command 3192after jail startup, where 3193.Ar N 3194is 1, 2, and so on. 3195.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3196.Pq Vt str 3197Set to 3198.Dq Li /bin/sh /etc/rc.shutdown 3199by default. 3200This is the command executed at jail shutdown. 3201.It Va jail_set_hostname_allow 3202.Pq Vt bool 3203If set to 3204.Dq Li NO , 3205do not allow the root user in a jail to set its hostname. 3206.It Va jail_socket_unixiproute_only 3207.Pq Vt bool 3208If set to 3209.Dq Li YES , 3210do not allow any sockets, 3211besides UNIX/IP/route sockets, 3212to be used within a jail. 3213.It Va jail_sysvipc_allow 3214.Pq Vt bool 3215If set to 3216.Dq Li YES , 3217allow applications within a jail to use System V IPC. 3218.It Va unaligned_print 3219.Pq Vt bool 3220If set to 3221.Dq Li NO , 3222unaligned access warnings will not be printed. 3223(alpha) 3224.\" ----- ISDN settings --------------------------------- 3225.It Va isdn_enable 3226.Pq Vt bool 3227Set to 3228.Dq Li NO 3229by default. 3230When set to 3231.Dq Li YES , 3232starts the 3233.Xr isdnd 8 3234daemon 3235at system boot time. 3236.It Va isdn_flags 3237.Pq Vt str 3238Set to 3239.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 3240by default. 3241Additional flags to pass to 3242.Xr isdnd 8 3243(but see 3244.Va isdn_fsdev 3245and 3246.Va isdn_ttype 3247for certain tunable parameters). 3248.It Va isdn_ttype 3249.Pq Vt str 3250Set to 3251.Dq Li cons25 3252by default. 3253The terminal type of the output device when 3254.Xr isdnd 8 3255operates in full-screen mode. 3256.It Va isdn_screenflags 3257.Pq Vt str 3258Set to 3259.Dq Li NO 3260by default. 3261The video mode for full-screen mode (only for 3262.Xr syscons 4 3263console driver, see 3264.Xr vidcontrol 1 3265for valid modes). 3266.It Va isdn_fsdev 3267.Pq Vt str 3268Set to 3269.Dq Li NO 3270by default. 3271The output device for 3272.Xr isdnd 8 3273in full-screen mode (or 3274.Dq Li NO 3275for daemon mode). 3276.It Va isdn_trace 3277.Pq Vt bool 3278Set to 3279.Dq Li NO 3280by default. 3281When set to 3282.Dq Li YES , 3283enables the ISDN protocol trace utility 3284.Xr isdntrace 8 3285at system boot time. 3286.It Va isdn_traceflags 3287.Pq Vt str 3288Set to 3289.Dq Fl f Pa /var/tmp/isdntrace0 3290by default. 3291Flags for 3292.Xr isdntrace 8 . 3293.\" ----------------------------------------------------- 3294.It Va harvest_interrupt 3295.Pq Vt bool 3296Set to 3297.Dq Li YES 3298to use hardware interrupts as an entropy source. 3299Refer to 3300.Xr random 4 3301for more information. 3302.It Va harvest_ethernet 3303.Pq Vt bool 3304Set to 3305.Dq Li YES 3306to use LAN traffic as an entropy source. 3307Refer to 3308.Xr random 4 3309for more information. 3310.It Va harvest_p_to_p 3311.Pq Vt bool 3312Set to 3313.Dq Li YES 3314to use serial line traffic as an entropy source. 3315Refer to 3316.Xr random 4 3317for more information. 3318.It Va entropy_dir 3319.Pq Vt str 3320Set to 3321.Dq Li NO 3322to disable caching entropy via 3323.Xr cron 8 . 3324Otherwise set to the directory used to store entropy files in. 3325.It Va entropy_file 3326.Pq Vt str 3327Set to 3328.Dq Li NO 3329to disable caching entropy through reboots. 3330Otherwise set to the filename used to store cached entropy through 3331reboots. 3332This file should be located on the root file system to seed the 3333.Xr random 4 3334device as early as possible in the boot process. 3335.It Va entropy_save_sz 3336.Pq Vt int 3337Size of the entropy cache files saved by 3338.Nm save-entropy 3339periodically. 3340.It Va entropy_save_num 3341.Pq Vt int 3342Number of entropy cache files to save by 3343.Nm save-entropy 3344periodically. 3345.It Va ipsec_enable 3346.Pq Vt bool 3347Set to 3348.Dq Li YES 3349to run 3350.Xr setkey 8 3351on 3352.Va ipsec_file 3353at boot time. 3354.It Va ipsec_file 3355.Pq Vt str 3356Configuration file for 3357.Xr setkey 8 . 3358.It Va dmesg_enable 3359.Pq Vt bool 3360Set to 3361.Dq Li YES 3362to save 3363.Xr dmesg 8 3364to 3365.Pa /var/run/dmesg.boot 3366on boot. 3367.It Va rcshutdown_timeout 3368.Pq Vt int 3369If set, start a watchdog timer in the background which will terminate 3370.Pa rc.shutdown 3371if 3372.Xr shutdown 8 3373has not completed within the specified time (in seconds). 3374Notice that in addition to this soft timeout, 3375.Xr init 8 3376also applies a hard timeout for the execution of 3377.Pa rc.shutdown . 3378This is configured via 3379.Xr sysctl 8 3380variable 3381.Va kern.init_shutdown_timeout 3382and defaults to 120 seconds. 3383Setting the value of 3384.Va rcshutdown_timeout 3385to more than 120 seconds will have no effect until the 3386.Xr sysctl 8 3387variable 3388.Va kern.init_shutdown_timeout 3389is also increased. 3390.It Va virecover_enable 3391.Pq Vt bool 3392Set to 3393.Dq Li NO 3394to prevent the system from trying to 3395recover pre-maturely terminated 3396.Xr vi 1 3397sessions. 3398.It Va ugidfw_enable 3399.Pq Vt bool 3400Set to 3401.Dq Li YES 3402to load the 3403.Xr mac_bsdextended 4 3404module upon system initialization and load a default 3405ruleset file. 3406.It Va bsdextended_script 3407.Pq Vt str 3408The default 3409.Xr mac_bsdextended 4 3410ruleset file to load. 3411The default value of this variable is 3412.Pa /etc/rc.bsdextended . 3413.It Va newsyslog_enable 3414.Pq Vt bool 3415If set to 3416.Dq Li YES , 3417run 3418.Xr newsyslog 8 3419command at startup. 3420.It Va newsyslog_flags 3421.Pq Vt str 3422If 3423.Va newsyslog_enable 3424is set to 3425.Dq Li YES , 3426these are the flags to pass to the 3427.Xr newsyslog 8 3428program. 3429The default is 3430.Dq Li -CN , 3431which causes log files flagged with a 3432.Cm C 3433to be created. 3434.It Va mdconfig_md Ns Ao Ar X Ac 3435.Pq Vt str 3436Arguments to 3437.Xr mdconfig 8 3438for 3439.Xr md 4 3440device 3441.Ar X . 3442At minimum a 3443.Fl t Ar type 3444must be specified and either a 3445.Fl s Ar size 3446for malloc or swap backed 3447.Xr md 4 3448devices or a 3449.Fl f Ar file 3450for vnode backed 3451.Xr md 4 3452devices. 3453Note that 3454.Va mdconfig_md Ns Ao Ar X Ac 3455variables are evaluated until one variable is unset or null. 3456.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 3457.Pq Vt str 3458Optional arguments passed to 3459.Xr newfs 8 3460to initialize 3461.Xr md 4 3462device 3463.Ar X . 3464.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 3465.Pq Vt str 3466An ownership specification passed to 3467.Xr chown 8 3468after the specified 3469.Xr md 4 3470device 3471.Ar X 3472has been mounted. 3473Both the 3474.Xr md 4 3475device and the mount point will be changed. 3476.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 3477.Pq Vt str 3478A mode string passed to 3479.Xr chmod 1 3480after the specified 3481.Xr md 4 3482device 3483.Ar X 3484has been mounted. 3485Both the 3486.Xr md 4 3487device and the mount point will be changed. 3488.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 3489.Pq Vt str 3490Files to be copied to the mount point of the 3491.Xr md 4 3492device 3493.Ar X 3494after it has been mounted. 3495.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 3496.Pq Vt str 3497Command to execute after the specified 3498.Xr md 4 3499device 3500.Ar X 3501has been mounted. 3502Note that the command is passed to 3503.Li eval 3504and that both 3505.Li _dev 3506and 3507.Li _mp 3508variables can be used to reference respectively the 3509.Xr md 4 3510device and the mount point. 3511Assuming that the 3512.Xr md 4 3513device is 3514.Li md0 , 3515one could set the following: 3516.Bd -literal 3517mdconfig_md0_cmd="tar xfzC /var/file.tgz \\${_mp}" 3518.Ed 3519.It Va ramdisk_units 3520.Pq Vt str 3521A list of one or more ramdisk units to configure with 3522.Xr mdconfig 8 3523and 3524.Xr newfs 8 3525in time to be mounted from 3526.Xr fstab 5 . 3527Each listed unit 3528.Ar X 3529must specify at least a 3530.Ar type 3531in a 3532.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3533variable. 3534Note that this way to configure ramdisks has been deprecated 3535in favor of new mdconfig variables (see above). 3536.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3537.Pq Vt str 3538Arguments to 3539.Xr mdconfig 8 3540for ramdisk 3541.Ar X . 3542At minimum a 3543.Fl t Ar type 3544must be specified, where 3545.Ar type 3546must be one of 3547.Cm malloc 3548or 3549.Cm swap . 3550.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3551.Pq Vt str 3552Optional arguments passed to 3553.Xr newfs 8 3554to initialize ramdisk 3555.Ar X . 3556.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3557.Pq Vt str 3558An ownership specification passed to 3559.Xr chown 8 3560after the specified ramdisk unit 3561.Ar X 3562has been mounted. 3563Both the 3564.Xr md 4 3565device and the mount point will be changed. 3566.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3567.Pq Vt str 3568A mode string passed to 3569.Xr chmod 1 3570after the specified ramdisk unit 3571.Ar X 3572has been mounted. 3573Both the 3574.Xr md 4 3575device and the mount point will be changed. 3576.It Va autobridge_interfaces 3577.Pq Vt str 3578Set to the list of bridge interfaces that will have newly arriving interfaces 3579checked against to be automatically added. 3580If not set to 3581.Dq Li NO 3582then for each whitespace separated 3583.Ar element 3584in the value, a 3585.Va autobridge_ Ns Aq Ar element 3586variable is assumed to exist which has a whitespace separated list of interface 3587names to match, these names can use wildcards. 3588For example: 3589.Bd -literal 3590autobridge_interfaces="bridge0" 3591autobridge_bridge0="tap* dc0 vlan[345]" 3592.Ed 3593.El 3594.Sh FILES 3595.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3596.It Pa /etc/defaults/rc.conf 3597.It Pa /etc/rc.conf 3598.It Pa /etc/rc.conf.local 3599.El 3600.Sh SEE ALSO 3601.Xr catman 1 , 3602.Xr chmod 1 , 3603.Xr gdb 1 , 3604.Xr info 1 , 3605.Xr kbdcontrol 1 , 3606.Xr makewhatis 1 , 3607.Xr sh 1 , 3608.Xr vi 1 , 3609.Xr vidcontrol 1 , 3610.Xr bridge 4 , 3611.Xr ip 4 , 3612.Xr ipf 4 , 3613.Xr ipfw 4 , 3614.Xr ipnat 4 , 3615.Xr kld 4 , 3616.Xr pf 4 , 3617.Xr pflog 4 , 3618.Xr pfsync 4 , 3619.Xr tcp 4 , 3620.Xr udp 4 , 3621.Xr exports 5 , 3622.Xr ipf 5 , 3623.Xr ipnat 5 , 3624.Xr motd 5 , 3625.Xr newsyslog.conf 5 , 3626.Xr pf.conf 5 , 3627.Xr accton 8 , 3628.Xr amd 8 , 3629.Xr apm 8 , 3630.Xr atm 8 , 3631.Xr chkprintcap 8 , 3632.Xr chown 8 , 3633.Xr cron 8 , 3634.Xr dhclient 8 , 3635.Xr ftpd 8 , 3636.Xr geli 8 , 3637.Xr ifconfig 8 , 3638.Xr inetd 8 , 3639.Xr ipf 8 , 3640.Xr ipfw 8 , 3641.Xr ipnat 8 , 3642.Xr isdnd 8 , 3643.Xr isdntrace 8 , 3644.Xr jail 8 , 3645.Xr kldxref 8 , 3646.Xr lpd 8 , 3647.Xr mdconfig 8 , 3648.Xr mdmfs 8 , 3649.Xr mountd 8 , 3650.Xr moused 8 , 3651.Xr mrouted 8 , 3652.Xr named 8 , 3653.Xr newfs 8 , 3654.Xr newsyslog 8 , 3655.Xr nfsd 8 , 3656.Xr ntpd 8 , 3657.Xr ntpdate 8 , 3658.Xr pcnfsd 8 , 3659.Xr pfctl 8 , 3660.Xr pflogd 8 , 3661.Xr powerd 8 , 3662.Xr quotacheck 8 , 3663.Xr quotaon 8 , 3664.Xr rc 8 , 3665.Xr rc.sendmail 8 , 3666.Xr route 8 , 3667.Xr routed 8 , 3668.Xr rpcbind 8 , 3669.Xr rpc.lockd 8 , 3670.Xr rpc.statd 8 , 3671.Xr rwhod 8 , 3672.Xr savecore 8 , 3673.Xr sshd 8 , 3674.Xr swapon 8 , 3675.Xr sysctl 8 , 3676.Xr syslogd 8 , 3677.Xr timed 8 , 3678.Xr yp 8 , 3679.Xr ypbind 8 , 3680.Xr ypserv 8 , 3681.Xr ypset 8 3682.Sh HISTORY 3683The 3684.Nm 3685file appeared in 3686.Fx 2.2.2 . 3687.Sh AUTHORS 3688.An Jordan K. Hubbard . 3689