xref: /freebsd/share/man/man5/rc.conf.5 (revision d086ded32300bc0f33fb1574d0bcfccfbc60881d) 
1.\" Copyright (c) 1995
2.\"	Jordan K. Hubbard
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.\" $FreeBSD$
26.\"
27.Dd March 3, 2002
28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
38started up at system initial boot time.
39In new installations, the
40.Nm
41file is generally initialized by the system installation utility,
42.Xr sysinstall 8 .
43.Pp
44The purpose of
45.Nm
46is not to run commands or perform system startup actions
47directly.
48Instead, it is included by the
49various generic startup scripts in
50.Pa /etc
51which conditionalize their
52internal actions according to the settings found there.
53.Pp
54The
55.Pa /etc/rc.conf
56file is included from the file
57.Pa /etc/defaults/rc.conf ,
58which specifies the default settings for all the available options.
59Options need only be specified in
60.Pa /etc/rc.conf
61when the system administrator wishes to override these defaults.
62The file
63.Pa /etc/rc.conf.local
64is used to override settings in
65.Pa /etc/rc.conf
66for historical reasons.
67See the
68.Va rc_conf_files
69variable below.
70.Pp
71The following list provides a name and short description for each
72variable that can be set in the
73.Nm
74file:
75.Bl -tag -width indent-two
76.It Va rc_debug
77.Pq Vt bool
78If set to
79.Dq Li YES ,
80enable output of debug messages from rc scripts.
81This variable can be helpful in diagnosing mistakes when
82editing or integrating new scripts.
83Beware that this produces copious output to the terminal and
84.Xr syslog 3 .
85.It Va rc_info
86.Pq Vt bool
87If set to
88.Dq Li NO ,
89disable informational messages from the rc scripts.
90Informational messages are displayed when
91a condition that is not serious enough to warrant a warning or
92an error occurs.
93.It Va swapfile
94.Pq Vt str
95If set to
96.Dq Li NO ,
97no swapfile is installed, otherwise the value is used as the full
98pathname to a file to use for additional swap space.
99.It Va apm_enable
100.Pq Vt bool
101If set to
102.Dq Li YES ,
103enable support for Automatic Power Management with
104the
105.Xr apm 8
106command.
107.It Va apmd_enable
108.Pq Vt bool
109Run
110.Xr apmd 8
111to handle APM event from userland.
112This also enables support for APM.
113.It Va apmd_flags
114.Pq Vt str
115If
116.Va apmd_enable
117is set to
118.Dq Li YES ,
119these are the flags to pass to the
120.Xr apmd 8
121daemon.
122.It Va devd_enable
123.Pq Vt bool
124Run
125.Xr devd 8
126to handle device added, removed or unknown events from the kernel.
127.It Va kldxref_enable
128.Pq Vt bool
129Set to
130.Dq Li NO
131by default.
132Set to
133.Dq Li YES
134to automatically rebuild
135.Pa linker.hints
136files with
137.Xr kldxref 8
138at boot time.
139.It Va kldxref_clobber
140.Pq Vt bool
141Set to
142.Dq Li NO
143by default.
144If
145.Va kldxref_enable
146is true,
147setting to
148.Dq Li YES
149will overwrite existing
150.Pa linker.hints
151files at boot time.
152Otherwise,
153only missing
154.Pa linker.hints
155files are generated.
156.It Va kldxref_module_path
157.Pq Vt str
158Empty by default.
159A semi-colon
160.Pq Ql \&;
161delimited list of paths containing
162.Xr kld 4
163modules.
164If empty,
165the contents of the
166.Va kern.module_path
167.Xr sysctl 8
168are used.
169.It Va pccard_enable
170.Pq Vt bool
171If set to
172.Dq Li YES ,
173enable PCCARD support at boot time.
174.It Va pccard_mem
175.Pq Vt str
176Set to PCCARD controller memory address or
177.Dq Li DEFAULT
178for the default value.
179.It Va pccard_ifconfig
180.Pq Vt str
181List of arguments to be passed to
182.Xr ifconfig 8
183at boot time or on
184insertion of the card (e.g.\&
185.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0
186for a fixed address or
187.Dq Li DHCP
188for a DHCP client).
189.It Va pccard_beep
190.Pq Vt int
191If 0,
192set the PCCARD controller to silent mode.
193If 1,
194set it to beep mode.
195If 2,
196set it to melody mode.
197.It Va pccard_conf
198.Pq Vt str
199Path to the configuration file for the
200.Xr pccardd 8
201daemon (e.g.\&
202.Pa /etc/pccard.conf.sample ) .
203.It Va pccardd_flags
204.Pq Vt str
205If
206.Va pccard_enable
207is set to
208.Dq Li YES ,
209these are the flags to pass to the
210.Xr pccardd 8
211daemon.
212.It Va pccard_ether_delay
213.Pq Vt str
214Set the delay before starting
215.Xr dhclient 8
216in the
217.Pa /etc/pccard_ether
218script.
219This defaults to 5 seconds to work around a bug in the
220.Xr ed 4
221driver which can lead to system hangs when using some newer
222.Xr ed 4
223based cards.
224.It Va removable_interfaces
225.Pq Vt str
226List of removable network interfaces to be supported by
227.Pa /etc/pccard_ether .
228.It Va local_startup
229.Pq Vt str
230List of directories to search for startup script files.
231.It Va script_name_sep
232.Pq Vt str
233The field separator to use for breaking down the list of startup script files
234into individual filenames.
235The default is a space.
236It is not necessary to change this unless there are startup scripts with names
237containing spaces.
238.It Va hostname
239.Pq Vt str
240The fully qualified domain name (FQDN) of this host on the network.
241This should almost certainly be set to something meaningful, even if
242there is no network connection.
243If
244.Xr dhclient 8
245is used to set the hostname via DHCP,
246this variable should be set to an empty string.
247.It Va ipv6_enable
248.Pq Vt bool
249Enable support for IPv6 networking.
250Note that this requires that the kernel have been compiled with
251.Cd "options INET6" .
252.It Va nisdomainname
253.Pq Vt str
254The NIS domain name of this host, or
255.Dq Li NO
256if NIS is not used.
257.It Va dhclient_program
258.Pq Vt str
259Path to the DHCP client program
260.Pa ( /sbin/dhclient ,
261the ISC DHCP client,
262is the default).
263.It Va dhclient_flags
264.Pq Vt str
265Additional flags to pass to the DHCP client program.
266For the ISC DHCP client, see the
267.Xr dhclient 8
268manpage for a description of the command line options available.
269.It Va firewall_enable
270.Pq Vt bool
271Set to
272.Dq Li YES
273to load firewall rules at startup.
274If the kernel was not built with
275.Cd "options IPFIREWALL" ,
276the
277.Pa ipfw.ko
278kernel module will be loaded.
279See also
280.Va ipfilter_enable .
281.It Va ipv6_firewall_enable
282.Pq Vt bool
283The IPv6 equivalent of
284.Va firewall_enable .
285Set to
286.Dq Li YES
287to load IPv6 firewall rules at startup.
288If the kernel was not built with
289.Cd "options IPV6FIREWALL" ,
290the
291.Pa ip6fw.ko
292kernel module will be loaded.
293.It Va firewall_script
294.Pq Vt str
295This variable specifies the full path to the firewall script to run.
296The default is
297.Pa /etc/rc.firewall .
298.It Va ipv6_firewall_script
299.Pq Vt str
300The IPv6 equivalent of
301.Va firewall_script .
302.It Va firewall_type
303.Pq Vt str
304Names the firewall type from the selection in
305.Pa /etc/rc.firewall ,
306or the file which contains the local firewall ruleset.
307Valid selections from
308.Pa /etc/rc.firewall
309are:
310.Pp
311.Bl -tag -width ".Li simple" -compact
312.It Li open
313unrestricted IP access
314.It Li closed
315all IP services disabled, except via
316.Dq Li lo0
317.It Li client
318basic protection for a workstation
319.It Li simple
320basic protection for a LAN.
321.El
322.Pp
323If a filename is specified, the full path
324must be given.
325.It Va ipv6_firewall_type
326.Pq Vt str
327The IPv6 equivalent of
328.Va firewall_type .
329.It Va firewall_quiet
330.Pq Vt bool
331Set to
332.Dq Li YES
333to disable the display of firewall rules on the console during boot.
334.It Va ipv6_firewall_quiet
335.Pq Vt bool
336The IPv6 equivalent of
337.Va firewall_quiet .
338.It Va firewall_logging
339.Pq Vt bool
340Set to
341.Dq Li YES
342to enable firewall event logging.
343This is equivalent to the
344.Dv IPFIREWALL_VERBOSE
345kernel option.
346.It Va ipv6_firewall_logging
347.Pq Vt bool
348The IPv6 equivalent of
349.Va firewall_logging .
350.It Va firewall_flags
351.Pq Vt str
352Flags passed to
353.Xr ipfw 8
354if
355.Va firewall_type
356specifies a filename.
357.It Va ipv6_firewall_flags
358.Pq Vt str
359The IPv6 equivalent of
360.Va firewall_flags .
361.It Va natd_program
362.Pq Vt str
363Path to
364.Xr natd 8 .
365.It Va natd_enable
366.Pq Vt bool
367Set to
368.Dq Li YES
369to enable
370.Xr natd 8 .
371.Va firewall_enable
372must also be set to
373.Dq Li YES ,
374and
375.Xr divert 4
376sockets must be enabled in the kernel.
377.It Va natd_interface
378.Pq Vt str
379This is the name of the public interface on which
380.Xr natd 8
381should run.
382The interface may be given as an interface name or as an IP address.
383.It Va natd_flags
384.Pq Vt str
385Additional
386.Xr natd 8
387flags should be placed here.
388The
389.Fl n
390or
391.Fl a
392flag is automatically added with the above
393.Va natd_interface
394as an argument.
395.\" ----- ipfilter_enable setting --------------------------------
396.It Va ipfilter_enable
397.Pq Vt bool
398Set to
399.Dq Li NO
400by default.
401Setting this to
402.Dq Li YES
403enables
404.Xr ipf 8
405packet filtering.
406.Pp
407Typical usage will require putting
408.Bd -literal
409ipfilter_enable="YES"
410ipnat_enable="YES"
411ipmon_enable="YES"
412ipfs_enable="YES"
413.Ed
414.Pp
415into
416.Pa /etc/rc.conf
417and editing
418.Pa /etc/ipf.rules
419and
420.Pa /etc/ipnat.rules
421appropriately.
422.Pp
423Note that
424.Va ipfilter_enable
425and
426.Va ipnat_enable
427can be enabled independently.
428.Va ipmon_enable
429and
430.Va ipfs_enable
431both require at least one of
432.Va ipfilter_enable
433and
434.Va ipnat_enable
435to be enabled.
436.Pp
437Having
438.Bd -literal
439options IPFILTER
440options IPFILTER_LOG
441options IPFILTER_DEFAULT_BLOCK
442.Ed
443.Pp
444in the kernel configuration file is a good idea, too.
445.\" ----- ipfilter_program setting ------------------------------
446.It Va ipfilter_program
447.Pq Vt str
448Path to
449.Xr ipf 8
450(default
451.Pa /sbin/ipf ) .
452.\" ----- ipfilter_rules setting --------------------------------
453.It Va ipfilter_rules
454.Pq Vt str
455Set to
456.Pa /etc/ipf.rules
457by default.
458This variable contains the name of the filter rule definition file.
459The file is expected to be readable for the
460.Xr ipf 8
461command to execute.
462.\" ----- ipv6_ipfilter_rules setting ---------------------------
463.It Va ipv6_ipfilter_rules
464.Pq Vt str
465Set to
466.Pa /etc/ipf6.rules
467by default.
468This variable contains the IPv6 filter rule definition file.
469The file is expected to be readable for the
470.Xr ipf 8
471command to execute.
472.\" ----- ipfilter_flags setting --------------------------------
473.It Va ipfilter_flags
474.Pq Vt str
475Empty by default.
476This variable contains flags passed to the
477.Xr ipf 8
478program.
479.\" ----- ipnat_enable setting ----------------------------------
480.It Va ipnat_enable
481.Pq Vt bool
482Set to
483.Dq Li NO
484by default.
485Set it to
486.Dq Li YES
487to enable
488.Xr ipnat 1
489network address translation.
490See
491.Va ipfilter_enable
492for a detailed discussion.
493.\" ----- ipnat_program setting ---------------------------------
494.It Va ipnat_program
495.Pq Vt str
496Path to
497.Xr ipnat 1
498(default
499.Pa /sbin/ipnat ) .
500.\" ----- ipnat_rules setting -----------------------------------
501.It Va ipnat_rules
502.Pq Vt str
503Set to
504.Pa /etc/ipnat.rules
505by default.
506This variable contains the name of the file
507holding the network address translation definition.
508This file is expected to be readable for the
509.Xr ipnat 1
510command to execute.
511.\" ----- ipnat_flags setting -----------------------------------
512.It Va ipnat_flags
513.Pq Vt str
514Empty by default.
515This variable contains flags passed to the
516.Xr ipnat 1
517program.
518.\" ----- ipmon_enable setting ----------------------------------
519.It Va ipmon_enable
520.Pq Vt bool
521Set to
522.Dq Li NO
523by default.
524Set it to
525.Dq Li YES
526to enable
527.Xr ipmon 8
528monitoring (logging
529.Xr ipf 8
530and
531.Xr ipnat 1
532events).
533Setting this variable needs setting
534.Va ipfilter_enable
535or
536.Va ipnat_enable
537too.
538See
539.Va ipfilter_enable
540for a detailed discussion.
541.\" ----- ipmon_program setting ---------------------------------
542.It Va ipmon_program
543.Pq Vt str
544Path to
545.Xr ipmon 8
546(default
547.Pa /sbin/ipmon ) .
548.\" ----- ipmon_flags setting -----------------------------------
549.It Va ipmon_flags
550.Pq Vt str
551Set to
552.Dq Li -Ds
553by default.
554This variable contains flags passed to the
555.Xr ipmon 8
556program.
557Another typical example would be
558.Dq Fl D Pa /var/log/ipflog
559to have
560.Xr ipmon 8
561log directly to a file bypassing
562.Xr syslogd 8 .
563Make sure to adjust
564.Pa /etc/newsyslog.conf
565in such case like this:
566.Bd -literal
567/var/log/ipflog  640  10  100  *  Z  /var/run/ipmon.pid
568.Ed
569.\" ----- ipfs_enable setting -----------------------------------
570.It Va ipfs_enable
571.Pq Vt bool
572Set to
573.Dq Li NO
574by default.
575Set it to
576.Dq Li YES
577to enable
578.Xr ipfs 8
579saving the filter and NAT state tables during shutdown
580and reloading them during startup again.
581Setting this variable needs setting
582.Va ipfilter_enable
583or
584.Va ipnat_enable
585to
586.Dq Li YES
587too.
588See
589.Va ipfilter_enable
590for a detailed discussion.
591Note that if
592.Va kern_securelevel
593is set to 3,
594.Va ipfs_enable
595cannot be used
596because the raised securelevel will prevent
597.Xr ipfs 8
598from saving the state tables at shutdown time.
599.\" ----- ipfs_program setting ----------------------------------
600.It Va ipfs_program
601.Pq Vt str
602Path to
603.Xr ipfs 8
604(default
605.Pa /sbin/ipfs ) .
606.\" ----- ipfs_flags setting ------------------------------------
607.It Va ipfs_flags
608.Pq Vt str
609Empty by default.
610This variable contains flags passed to the
611.Xr ipfs 8
612program.
613.\" ----- end of added ipf hook ---------------------------------
614.It Va tcp_extensions
615.Pq Vt bool
616Set to
617.Dq Li YES
618by default.
619Setting this to
620.Dq Li NO
621disables certain TCP options as described by
622.Rs
623.%T "RFC 1323"
624.Re
625Setting this to
626.Dq Li NO
627might help remedy such problems with connections as randomly hanging
628or other weird behavior.
629Some network devices are known
630to be broken with respect to these options.
631.It Va log_in_vain
632.Pq Vt int
633Set to 0 by default.
634The
635.Xr sysctl 8
636variables,
637.Va net.inet.tcp.log_in_vain
638and
639.Va net.inet.udp.log_in_vain ,
640as described in
641.Xr tcp 4
642and
643.Xr udp 4 ,
644are set to the given value.
645.It Va tcp_keepalive
646.Pq Vt bool
647Set to
648.Dq Li YES
649by default.
650Setting to
651.Dq Li NO
652will disable probing idle TCP connections to verify that the
653peer is still up and reachable.
654.It Va tcp_drop_synfin
655.Pq Vt bool
656Set to
657.Dq Li NO
658by default.
659Setting to
660.Dq Li YES
661will cause the kernel to ignore TCP frames that have both
662the SYN and FIN flags set.
663This prevents OS fingerprinting, but may
664break some legitimate applications.
665This option is only available if the
666kernel was built with the
667.Dv TCP_DROP_SYNFIN
668option.
669.It Va icmp_drop_redirect
670.Pq Vt bool
671Set to
672.Dq Li NO
673by default.
674Setting to
675.Dq Li YES
676will cause the kernel to ignore ICMP REDIRECT packets.
677Refer to
678.Xr icmp 4
679for more information.
680.It Va icmp_log_redirect
681.Pq Vt bool
682Set to
683.Dq Li NO
684by default.
685Setting to
686.Dq Li YES
687will cause the kernel to log ICMP REDIRECT packets.
688Note that
689the log messages are not rate-limited, so this option should only be used
690for troubleshooting networks.
691Refer to
692.Xr icmp 4
693for more information.
694.It Va icmp_bmcastecho
695.Pq Vt bool
696Set to
697.Dq Li YES
698to respond to broadcast or multicast ICMP ping packets.
699Refer to
700.Xr icmp 4
701for more information.
702.It Va ip_portrange_first
703.Pq Vt int
704If not set to
705.Dq Li NO ,
706this is the first port in the default portrange.
707Refer to
708.Xr ip 4
709for more information.
710.It Va ip_portrange_last
711.Pq Vt int
712If not set to
713.Dq Li NO ,
714this is the last port in the default portrange.
715Refer to
716.Xr ip 4
717for more information.
718.It Va network_interfaces
719.Pq Vt str
720Set to the list of network interfaces to configure on this host.
721For example, if the only network devices in the system are the loopback
722device
723.Pq Li lo0
724and a NIC using the
725.Xr ed 4
726driver,
727this could be set to
728.Dq Li "lo0 ed0" .
729An
730.Va ifconfig_ Ns Aq Ar interface
731variable is also assumed to exist for each value of
732.Ar interface .
733It is also possible to add IP alias entries here in cases where
734multiple IP addresses registered against a single interface
735are desired.
736Assuming that the interface in question was
737.Li ed0 ,
738it might look
739something like this:
740.Bd -literal
741ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
742ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
743.Ed
744.Pp
745And so on.
746For each
747.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
748entry that is found,
749its contents are passed to
750.Xr ifconfig 8 .
751Execution stops at the first unsuccessful access, so if
752something like this is present:
753.Bd -literal
754ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
755ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
756ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
757ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
758.Ed
759.Pp
760Then note that alias4 would
761.Em not
762be added since the search would
763stop with the missing alias3 entry.
764.Pp
765If the
766.Pa /etc/start_if. Ns Aq Ar interface
767file is present, it is read and executed by the
768.Xr sh 1
769interpreter
770before configuring the interface as specified in the
771.Va ifconfig_ Ns Aq Ar interface
772and
773.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
774variables.
775.Pp
776It is possible to bring up an interface with DHCP by setting the
777.Va ifconfig_ Ns Aq Ar interface
778variable to
779.Dq Li DHCP .
780For instance, to initialize the
781.Li ed0
782device via DHCP,
783it is possible to use something like:
784.Bd -literal
785ifconfig_ed0="DHCP"
786.Ed
787.It Va ipv6_network_interfaces
788.Pq Vt str
789This is the IPv6 equivalent of
790.Va network_interfaces .
791Instead of setting the ifconfig variables as
792.Va ifconfig_ Ns Aq Ar interface
793they should be set as
794.Va ipv6_ifconfig_ Ns Aq Ar interface .
795Aliases should be set as
796.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
797.Va ipv6_prefix_ Ns Aq Ar interface
798does something.
799Interfaces that do not have a
800.Va ipv6_ifconfig_ Ns Aq Ar interface
801setting will be auto configured by
802.Xr rtsol 8
803if the
804.Va ipv6_gateway_enable
805is set to
806.Dq Li NO .
807Note that the IPv6 networking code does not support the
808.Pa /etc/start_if. Ns Aq Ar interface
809files.
810.It Va ipv6_default_interface
811.Pq Vt str
812If not set to
813.Dq Li NO ,
814this is the default output interface for scoped addresses.
815Now this works only for IPv6 link local multicast addresses.
816.It Va cloned_interfaces
817.Pq Vt str
818Set to the list of clonable network interfaces to create on this host.
819Entries in
820.Va cloned_interfaces
821are automatically appended to
822.Va network_interfaces
823for configuration.
824.It Va gif_interfaces
825.Pq Vt str
826Set to the list of
827.Xr gif 4
828tunnel interfaces to configure on this host.
829A
830.Va gifconfig_ Ns Aq Ar interface
831variable is assumed to exist for each value of
832.Ar interface .
833The value of this variable is used to configure the link layer of the
834tunnel according to the syntax of the
835.Cm tunnel
836option to
837.Xr ifconfig 8 .
838Additionally, this option ensures that each listed interface is created
839via the
840.Cm create
841option to
842.Xr ifconfig 8
843before attempting to configure it.
844.It Va sppp_interfaces
845.Pq Vt str
846Set to the list of
847.Xr sppp 4
848interfaces to configure on this host.
849A
850.Va spppconfig_ Ns Aq Ar interface
851variable is assumed to exist for each value of
852.Ar interface .
853Each interface should also be configured by a general
854.Va ifconfig_ Ns Aq Ar interface
855setting.
856Refer to
857.Xr spppcontrol 8
858for more information about available options.
859.It Va ppp_enable
860.Pq Vt bool
861If set to
862.Dq Li YES ,
863run the
864.Xr ppp 8
865daemon.
866.It Va ppp_mode
867.Pq Vt str
868Mode in which to run the
869.Xr ppp 8
870daemon.
871Accepted modes are
872.Dq Li auto ,
873.Dq Li ddial ,
874.Dq Li direct
875and
876.Dq Li dedicated .
877See the manual for a full description.
878.It Va ppp_nat
879.Pq Vt bool
880If set to
881.Dq Li YES ,
882enables network address translation.
883Used in conjunction with
884.Va gateway_enable
885allows hosts on private network addresses access to the Internet using
886this host as a network address translating router.
887.It Va ppp_profile
888.Pq Vt str
889The name of the profile to use from
890.Pa /etc/ppp/ppp.conf .
891.It Va ppp_user
892.Pq Vt str
893The name of the user under which
894.Xr ppp 8
895should be started.
896By
897default,
898.Xr ppp 8
899is started as
900.Dq Li root .
901.It Va rc_conf_files
902.Pq Vt str
903This option is used to specify a list of files that will override
904the settings in
905.Pa /etc/defaults/rc.conf .
906The files will be read in the order in which they are specified and should
907include the full path to the file.
908By default, the files specified are
909.Pa /etc/rc.conf
910and
911.Pa /etc/rc.conf.local
912.It Va fsck_y_enable
913.Pq Vt bool
914If set to
915.Dq Li YES ,
916.Xr fsck 8
917will be run with the
918.Fl y
919flag if the initial preen
920of the file systems fails.
921.It Va background_fsck
922.Pq Vt bool
923If set to
924.Dq Li YES ,
925the system will attempt to run
926.Xr fsck 8
927in the background where possible.
928.It Va background_fsck_delay
929.Pq Vt int
930The amount of time in seconds to sleep before starting a background
931.Xr fsck 8 .
932It defaults to sixty seconds to allow large applications such as
933the X server to start before disk I/O bandwidth is monopolized by
934.Xr fsck 8 .
935.It Va netfs_types
936.Pq Vt str
937List of file system types that are network-based.
938This list should generally not be modified by end users.
939Use
940.Va extra_netfs_types
941instead.
942.It Va extra_netfs_types
943.Pq Vt str
944If set to something other than
945.Dq Li NO
946(the default),
947this variable extends the list of file system types
948for which automatic mounting at startup by
949.Xr rc 8
950should be delayed until the network is initialized.
951It should contain
952a whitespace-separated list of network file system descriptor pairs,
953each consisting of a file system type as passed to
954.Xr mount 8
955and a human-readable, one-word description,
956joined with a colon
957.Pq Ql \&: .
958Extending the default list in this way is only necessary
959when third party file system types are used.
960.It Va syslogd_enable
961.Pq Vt bool
962If set to
963.Dq Li YES ,
964run the
965.Xr syslogd 8
966daemon.
967.It Va syslogd_program
968.Pq Vt str
969Path to
970.Xr syslogd 8
971(default
972.Pa /usr/sbin/syslogd ) .
973.It Va syslogd_flags
974.Pq Vt str
975If
976.Va syslogd_enable
977is set to
978.Dq Li YES ,
979these are the flags to pass to
980.Xr syslogd 8 .
981.It Va inetd_enable
982.Pq Vt bool
983If set to
984.Dq Li YES ,
985run the
986.Xr inetd 8
987daemon.
988.It Va inetd_program
989.Pq Vt str
990Path to
991.Xr inetd 8
992(default
993.Pa /usr/sbin/inetd ) .
994.It Va inetd_flags
995.Pq Vt str
996If
997.Va inetd_enable
998is set to
999.Dq Li YES ,
1000these are the flags to pass to
1001.Xr inetd 8 .
1002.It Va named_rcng
1003.Pq Vt bool
1004If set to
1005.Dq Li YES
1006use new functionality provided in the
1007.Pa /etc/rc.d/named
1008script to facilitate a
1009.Xr chroot 8
1010instance of
1011.Xr named 8 .
1012This variable is experimental.
1013It may be removed or changed in the near future.
1014.It Va named_enable
1015.Pq Vt bool
1016If set to
1017.Dq Li YES ,
1018run the
1019.Xr named 8
1020daemon.
1021.It Va named_program
1022.Pq Vt str
1023Path to
1024.Xr named 8
1025(default
1026.Pa /usr/sbin/named ) .
1027.It Va named_flags
1028.Pq Vt str
1029If
1030.Va named_enable
1031is set to
1032.Dq Li YES ,
1033these are the flags to pass to
1034.Xr named 8 .
1035.It Va named_pidfile
1036.Pq Vt str
1037This is the default path to the
1038.Xr named 8
1039daemon's PID file.
1040Change it if you change the location in
1041.Xr named.conf 5 .
1042.It Va named_chrootdir
1043.Pq Vt str
1044The root directory for a name server run in a
1045.Xr chroot 8
1046environment.
1047If left empty
1048.Xr named 8
1049will not be run in a
1050.Xr chroot 8
1051environment.
1052This variable has no effect if
1053.Va named_rcng
1054is not enabled.
1055This variable is experimental.
1056It may be removed or changed in the near future.
1057.It Va named_chroot_autoupdate
1058.Pq Vt bool
1059Set to
1060.Dq Li NO
1061to disable automatic syncing of libraries and
1062other system files between the root file system and the
1063.Xr chroot 8 .
1064This variable has no effect if
1065.Va named_rcng
1066is not enabled.
1067This variable is experimental.
1068It may be removed or changed in the near future.
1069.It Va named_symlink_enable
1070.Pq Vt bool
1071Set to
1072.Dq Li NO
1073to disable symlinking of
1074.Va named_pidfile
1075and
1076.Pa /var/run/ndc
1077into the
1078.Xr chroot 8
1079environment in which
1080.Xr named 8
1081is running.
1082This variable has no effect if
1083.Va named_rcng
1084is not enabled.
1085This variable is experimental.
1086It may be removed or changed in the near future.
1087.It Va kerberos5_server_enable
1088.Pq Vt bool
1089Set to
1090.Dq Li YES
1091to start a Kerberos 5 authentication server
1092at boot time.
1093.It Va kerberos5_server
1094.Pq Vt str
1095If
1096.Va kerberos5_server_enable
1097is set to
1098.Dq Li YES
1099this is the path to Kerberos 5 Authentication Server.
1100.It Va kadmind5_server_enable
1101.Pq Vt bool
1102Set to
1103.Dq Li YES
1104to start
1105.Xr kadmind 8 ,
1106the Kerberos 5 Administration Daemon; set to
1107.Dq Li NO
1108on a slave server.
1109.It Va kadmind5_server
1110.Pq Vt str
1111If
1112.Va kadmind5_server_enable
1113is set to
1114.Dq Li YES
1115this is the path to Kerberos 5 Administration Daemon.
1116.It Va kpasswdd_server_enable
1117.Pq Vt bool
1118Set to
1119.Dq Li YES
1120to start
1121.Xr kpasswdd 8 ,
1122the Kerberos 5 Password-Changing Daemon; set to
1123.Dq Li NO
1124on a slave server.
1125.It Va kpasswdd_server
1126.Pq Vt str
1127If
1128.Va kpasswdd_server_enable
1129is set to
1130.Dq Li YES
1131this is the path to Kerberos 5 Password-Changing Daemon.
1132.It Va rwhod_enable
1133.Pq Vt bool
1134If set to
1135.Dq Li YES ,
1136run the
1137.Xr rwhod 8
1138daemon at boot time.
1139.It Va rwhod_flags
1140.Pq Vt str
1141If
1142.Va rwhod_enable
1143is set to
1144.Dq Li YES ,
1145these are the flags to pass to it.
1146.It Va amd_enable
1147.Pq Vt bool
1148If set to
1149.Dq Li YES ,
1150run the
1151.Xr amd 8
1152daemon at boot time.
1153.It Va amd_flags
1154.Pq Vt str
1155If
1156.Va amd_enable
1157is set to
1158.Dq Li YES ,
1159these are the flags to pass to it.
1160See the
1161.Xr amd 8
1162manpage for more information.
1163.It Va amd_map_program
1164.Pq Vt str
1165If set,
1166the specified program is run to get the list of
1167.Xr amd 8
1168maps.
1169For example, if the
1170.Xr amd 8
1171maps are stored in NIS, one can set this to
1172run
1173.Xr ypcat 1
1174to get a list of
1175.Xr amd 8
1176maps from the
1177.Pa amd.master
1178NIS map.
1179.It Va update_motd
1180.Pq Vt bool
1181If set to
1182.Dq Li YES ,
1183.Pa /etc/motd
1184will be updated at boot time to reflect the kernel release
1185being run.
1186If set to
1187.Dq Li NO ,
1188.Pa /etc/motd
1189will not be updated.
1190.It Va nfs_client_enable
1191.Pq Vt bool
1192If set to
1193.Dq Li YES ,
1194run the NFS client daemons at boot time.
1195.It Va nfs_access_cache
1196.Pq Vt int
1197If
1198.Va nfs_client_enable
1199is set to
1200.Dq Li YES ,
1201this can be set to
1202.Dq Li 0
1203to disable NFS ACCESS RPC caching, or to the number of seconds for which
1204NFS ACCESS
1205results should be cached.
1206A value of 2-10 seconds will substantially reduce network
1207traffic for many NFS operations.
1208.It Va nfs_server_enable
1209.Pq Vt bool
1210If set to
1211.Dq Li YES ,
1212run the NFS server daemons at boot time.
1213.It Va nfs_server_flags
1214.Pq Vt str
1215If
1216.Va nfs_server_enable
1217is set to
1218.Dq Li YES ,
1219these are the flags to pass to the
1220.Xr nfsd 8
1221daemon.
1222.It Va mountd_enable
1223.Pq Vt bool
1224If set to
1225.Dq Li YES ,
1226and no
1227.Va nfs_server_enable
1228is set, start
1229.Xr mountd 8 ,
1230but not
1231.Xr nfsd 8
1232daemon.
1233It is commonly needed to run CFS without real NFS used.
1234.It Va mountd_flags
1235.Pq Vt str
1236If
1237.Va mountd_enable
1238is set to
1239.Dq Li YES ,
1240these are the flags to pass to the
1241.Xr mountd 8
1242daemon.
1243.It Va weak_mountd_authentication
1244.Pq Vt bool
1245If set to
1246.Dq Li YES ,
1247allow services like PCNFSD to make non-privileged mount
1248requests.
1249.It Va nfs_reserved_port_only
1250.Pq Vt bool
1251If set to
1252.Dq Li YES ,
1253provide NFS services only on a secure port.
1254.It Va nfs_bufpackets
1255.Pq Vt int
1256If set to a number, indicates the number of packets worth of
1257socket buffer space to reserve on an NFS client.
1258The kernel default is typically 4.
1259Using a higher number may be
1260useful on gigabit networks to improve performance.
1261The minimum value is
12622 and the maximum is 64.
1263.It Va rpc_lockd_enable
1264.Pq Vt bool
1265If set to
1266.Dq Li YES
1267and also an NFS server, run
1268.Xr rpc.lockd 8
1269at boot time.
1270.It Va rpc_statd_enable
1271.Pq Vt bool
1272If set to
1273.Dq Li YES
1274and also an NFS server, run
1275.Xr rpc.statd 8
1276at boot time.
1277.It Va rpcbind_program
1278.Pq Vt str
1279Path to
1280.Xr rpcbind 8
1281(default
1282.Pa /usr/sbin/rpcbind ) .
1283.It Va rpcbind_enable
1284.Pq Vt bool
1285If set to
1286.Dq Li YES ,
1287run the
1288.Xr rpcbind 8
1289service at boot time.
1290.It Va rpcbind_flags
1291.Pq Vt str
1292If
1293.Va rpcbind_enable
1294is set to
1295.Dq Li YES ,
1296these are the flags to pass to the
1297.Xr rpcbind 8
1298daemon.
1299.It Va keyserv_enable
1300.Pq Vt bool
1301If set to
1302.Dq Li YES ,
1303run the
1304.Xr keyserv 8
1305daemon on boot for running Secure RPC.
1306.It Va keyserv_flags
1307.Pq Vt str
1308If
1309.Va keyserv_enable
1310is set to
1311.Dq Li YES ,
1312these are the flags to pass to
1313.Xr keyserv 8
1314daemon.
1315.It Va pppoed_enable
1316.Pq Vt bool
1317If set to
1318.Dq Li YES ,
1319run the
1320.Xr pppoed 8
1321daemon at boot time to provide PPP over Ethernet services.
1322.It Va pppoed_ Ns Ar provider
1323.Pq Vt str
1324.Xr pppoed 8
1325listens to requests to this
1326.Ar provider
1327and ultimately runs
1328.Xr ppp 8
1329with a
1330.Ar system
1331argument of the same name.
1332.It Va pppoed_flags
1333.Pq Vt str
1334Additional flags to pass to
1335.Xr pppoed 8 .
1336.It Va pppoed_interface
1337.Pq Vt str
1338The network interface to run
1339.Xr pppoed 8
1340on.
1341This is mandatory when
1342.Va pppoed_enable
1343is set to
1344.Dq Li YES .
1345.It Va timed_enable
1346.Pq Vt bool
1347If set to
1348.Dq Li YES ,
1349run the
1350.Xr timed 8
1351service at boot time.
1352This command is intended for networks of
1353machines where a consistent
1354.Dq "network time"
1355for all hosts must be established.
1356This is often useful in large NFS
1357environments where time stamps on files are expected to be consistent
1358network-wide.
1359.It Va timed_flags
1360.Pq Vt str
1361If
1362.Va timed_enable
1363is set to
1364.Dq Li YES ,
1365these are the flags to pass to the
1366.Xr timed 8
1367service.
1368.It Va ntpdate_enable
1369.Pq Vt bool
1370If set to
1371.Dq Li YES ,
1372run
1373.Xr ntpdate 8
1374at system startup.
1375This command is intended to
1376synchronize the system clock only
1377.Em once
1378from some standard reference.
1379An option to set this up initially
1380(from a list of known servers) is also provided by the
1381.Xr sysinstall 8
1382program when the system is first installed.
1383.It Va ntpdate_program
1384.Pq Vt str
1385Path to
1386.Xr ntpdate 8
1387(default
1388.Pa /usr/sbin/ntpdate ) .
1389.It Va ntpdate_flags
1390.Pq Vt str
1391If
1392.Va ntpdate_enable
1393is set to
1394.Dq Li YES ,
1395these are the flags to pass to the
1396.Xr ntpdate 8
1397command (typically a hostname).
1398.It Va ntpd_enable
1399.Pq Vt bool
1400If set to
1401.Dq Li YES ,
1402run the
1403.Xr ntpd 8
1404command at boot time.
1405.It Va ntpd_program
1406.Pq Vt str
1407Path to
1408.Xr ntpd 8
1409(default
1410.Pa /usr/sbin/ntpd ) .
1411.It Va ntpd_flags
1412.Pq Vt str
1413If
1414.Va ntpd_enable
1415is set to
1416.Dq Li YES ,
1417these are the flags to pass to the
1418.Xr ntpd 8
1419daemon.
1420.It Va nis_client_enable
1421.Pq Vt bool
1422If set to
1423.Dq Li YES ,
1424run the
1425.Xr ypbind 8
1426service at system boot time.
1427.It Va nis_client_flags
1428.Pq Vt str
1429If
1430.Va nis_client_enable
1431is set to
1432.Dq Li YES ,
1433these are the flags to pass to the
1434.Xr ypbind 8
1435service.
1436.It Va nis_ypset_enable
1437.Pq Vt bool
1438If set to
1439.Dq Li YES ,
1440run the
1441.Xr ypset 8
1442daemon at system boot time.
1443.It Va nis_ypset_flags
1444.Pq Vt str
1445If
1446.Va nis_ypset_enable
1447is set to
1448.Dq Li YES ,
1449these are the flags to pass to the
1450.Xr ypset 8
1451daemon.
1452.It Va nis_server_enable
1453.Pq Vt bool
1454If set to
1455.Dq Li YES ,
1456run the
1457.Xr ypserv 8
1458daemon at system boot time.
1459.It Va nis_server_flags
1460.Pq Vt str
1461If
1462.Va nis_server_enable
1463is set to
1464.Dq Li YES ,
1465these are the flags to pass to the
1466.Xr ypserv 8
1467daemon.
1468.It Va nis_ypxfrd_enable
1469.Pq Vt bool
1470If set to
1471.Dq Li YES ,
1472run the
1473.Xr rpc.ypxfrd 8
1474daemon at system boot time.
1475.It Va nis_ypxfrd_flags
1476.Pq Vt str
1477If
1478.Va nis_ypxfrd_enable
1479is set to
1480.Dq Li YES ,
1481these are the flags to pass to the
1482.Xr rpc.ypxfrd 8
1483daemon.
1484.It Va nis_yppasswdd_enable
1485.Pq Vt bool
1486If set to
1487.Dq Li YES ,
1488run the
1489.Xr rpc.yppasswdd 8
1490daemon at system boot time.
1491.It Va nis_yppasswdd_flags
1492.Pq Vt str
1493If
1494.Va nis_yppasswdd_enable
1495is set to
1496.Dq Li YES ,
1497these are the flags to pass to the
1498.Xr rpc.yppasswdd 8
1499daemon.
1500.It Va rpc_ypupdated_enable
1501.Pq Vt bool
1502If set to
1503.Dq Li YES ,
1504run the
1505.Nm rpc.ypupdated
1506daemon at system boot time.
1507.It Va defaultrouter
1508.Pq Vt str
1509If not set to
1510.Dq Li NO ,
1511create a default route to this host name or IP address
1512(use an IP address if this router is also required to get to the
1513name server!).
1514.It Va ipv6_defaultrouter
1515.Pq Vt str
1516The IPv6 equivalent of
1517.Va defaultrouter .
1518.It Va static_routes
1519.Pq Vt str
1520Set to the list of static routes that are to be added at system
1521boot time.
1522If not set to
1523.Dq Li NO
1524then for each whitespace separated
1525.Ar element
1526in the value, a
1527.Va route_ Ns Aq Ar element
1528variable is assumed to exist
1529whose contents will later be passed to a
1530.Dq Nm route Cm add
1531operation.
1532.It Va ipv6_static_routes
1533.Pq Vt str
1534The IPv6 equivalent of
1535.Va static_routes .
1536If not set to
1537.Dq Li NO
1538then for each whitespace separated
1539.Ar element
1540in the value, a
1541.Va ipv6_route_ Ns Aq Ar element
1542variable is assumed to exist
1543whose contents will later be passed to a
1544.Dq Nm route Cm add Fl inet6
1545operation.
1546.It Va gateway_enable
1547.Pq Vt bool
1548If set to
1549.Dq Li YES ,
1550configure host to act as an IP router, e.g. to forward packets
1551between interfaces.
1552.It Va ipv6_gateway_enable
1553.Pq Vt bool
1554The IPv6 equivalent of
1555.Va gateway_enable .
1556.It Va router_enable
1557.Pq Vt bool
1558If set to
1559.Dq Li YES ,
1560run a routing daemon of some sort, based on the
1561settings of
1562.Va router
1563and
1564.Va router_flags .
1565.It Va ipv6_router_enable
1566.Pq Vt bool
1567The IPv6 equivalent of
1568.Va router_enable .
1569If set to
1570.Dq Li YES ,
1571run a routing daemon of some sort, based on the
1572settings of
1573.Va ipv6_router
1574and
1575.Va ipv6_router_flags .
1576.It Va router
1577.Pq Vt str
1578If
1579.Va router_enable
1580is set to
1581.Dq Li YES ,
1582this is the name of the routing daemon to use.
1583.It Va ipv6_router
1584.Pq Vt str
1585The IPv6 equivalent of
1586.Va router .
1587.It Va router_flags
1588.Pq Vt str
1589If
1590.Va router_enable
1591is set to
1592.Dq Li YES ,
1593these are the flags to pass to the routing daemon.
1594.It Va ipv6_router_flags
1595.Pq Vt str
1596The IPv6 equivalent of
1597.Va router_flags .
1598.It Va mrouted_enable
1599.Pq Vt bool
1600If set to
1601.Dq Li YES ,
1602run the multicast routing daemon,
1603.Xr mrouted 8 .
1604.It Va mroute6d_enable
1605.Pq Vt bool
1606The IPv6 equivalent of
1607.Va mrouted_enable .
1608If set to
1609.Dq Li YES ,
1610run the IPv6 multicast routing daemon.
1611Note that no IPv6 multicast routing daemon is included in the
1612.Fx
1613base system but
1614.Xr pim6dd 8
1615can be installed from the
1616.Fx
1617Ports Collection.
1618.It Va mrouted_flags
1619.Pq Vt str
1620If
1621.Va mrouted_enable
1622is set to
1623.Dq Li YES ,
1624these are the flags to pass to the
1625.Xr mrouted 8
1626daemon.
1627.It Va mroute6d_flags
1628.Pq Vt str
1629The IPv6 equivalent of
1630.Va mrouted_flags .
1631If
1632.Va mroute6d_enable
1633is set to
1634.Dq Li YES ,
1635these are the flags passed to the IPv6 multicast routing daemon.
1636.It Va mroute6d_program
1637.Pq Vt str
1638If
1639.Va mroute6d_enable
1640is set to
1641.Dq Li YES ,
1642this is the path to the IPv6 multicast routing daemon.
1643.It Va rtadvd_enable
1644.Pq Vt bool
1645If set to
1646.Dq Li YES ,
1647run the
1648.Xr rtadvd 8
1649daemon at boot time.
1650.Xr rtadvd 8
1651will only run if
1652.Va ipv6_gateway_enable
1653is also set to
1654.Dq Li YES .
1655The
1656.Xr rtadvd 8
1657utility sends router advertisement packets to the interfaces specified in
1658.Va rtadvd_interfaces .
1659.Xr rtadvd 8
1660and should only be enabled with great care.
1661You may want to fine-tune
1662.Xr rtadvd.conf 5 .
1663.It Va rtadvd_interfaces
1664.Pq Vt str
1665If
1666.Va rtadvd_enable
1667is set to
1668.Dq Li YES
1669this is the list of interfaces to use.
1670.It Va ipxgateway_enable
1671.Pq Vt bool
1672If set to
1673.Dq Li YES ,
1674enable the routing of IPX traffic.
1675.It Va ipxrouted_enable
1676.Pq Vt bool
1677If set to
1678.Dq Li YES ,
1679run the
1680.Xr IPXrouted 8
1681daemon at system boot time.
1682.It Va ipxrouted_flags
1683.Pq Vt str
1684If
1685.Va ipxrouted_enable
1686is set to
1687.Dq Li YES ,
1688these are the flags to pass to the
1689.Xr IPXrouted 8
1690daemon.
1691.It Va arpproxy_all
1692.Pq Vt bool
1693If set to
1694.Dq Li YES ,
1695enable global proxy ARP.
1696.It Va forward_sourceroute
1697.Pq Vt bool
1698If set to
1699.Dq Li YES
1700and
1701.Va gateway_enable
1702is also set to
1703.Dq Li YES ,
1704source-routed packets are forwarded.
1705.It Va accept_sourceroute
1706.Pq Vt bool
1707If set to
1708.Dq Li YES ,
1709the system will accept source-routed packets directed at it.
1710.It Va rarpd_enable
1711.Pq Vt bool
1712If set to
1713.Dq Li YES ,
1714run the
1715.Xr rarpd 8
1716daemon at system boot time.
1717.It Va rarpd_flags
1718.Pq Vt str
1719If
1720.Va rarpd_enable
1721is set to
1722.Dq Li YES ,
1723these are the flags to pass to the
1724.Xr rarpd 8
1725daemon.
1726.It Va bootparamd_enable
1727.Pq Vt bool
1728If set to
1729.Dq Li YES ,
1730run the
1731.Xr bootparamd 8
1732daemon at system boot time.
1733.It Va bootparamd_flags
1734.Pq Vt str
1735If
1736.Va bootparamd_enable
1737is set to
1738.Dq Li YES ,
1739these are the flags to pass to the
1740.Xr bootparamd 8
1741daemon.
1742.It Va stf_interface_ipv4addr
1743.Pq Vt str
1744If not set to
1745.Dq Li NO ,
1746this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling
1747interface).
1748Specify this entry to enable the 6to4 interface.
1749.It Va stf_interface_ipv4plen
1750.Pq Vt int
1751Prefix length for 6to4 IPv4 addresses, to limit peer address range.
1752An effective value is 0-31.
1753.It Va stf_interface_ipv6_ifid
1754.Pq Vt str
1755IPv6 interface ID for
1756.Xr stf 4 .
1757This can be set to
1758.Dq Li AUTO .
1759.It Va stf_interface_ipv6_slaid
1760.Pq Vt str
1761IPv6 Site Level Aggregator for
1762.Xr stf 4 .
1763.It Va ipv6_faith_prefix
1764.Pq Vt str
1765If not set to
1766.Dq Li NO ,
1767this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP
1768translator.
1769You also need
1770.Xr faithd 8
1771setup.
1772.It Va ipv6_ipv4mapping
1773.Pq Vt bool
1774If set to
1775.Dq Li YES
1776this enables IPv4 mapped IPv6 address communication (like
1777.Li ::ffff:a.b.c.d ) .
1778.It Va atm_enable
1779.Pq Vt bool
1780Set to
1781.Dq Li YES
1782to enable the configuration of ATM interfaces at system boot time.
1783For all of the ATM variables described below, please refer to the
1784.Xr atm 8
1785man page for further details on the available command parameters.
1786Also refer to the files in
1787.Pa /usr/share/examples/atm
1788for more detailed configuration information.
1789.It Va atm_netif_ Ns Aq Ar intf
1790.Pq Vt str
1791For the ATM physical interface
1792.Ar intf ,
1793this variable defines the name prefix and count for the ATM network
1794interfaces to be created.
1795The value will be passed as the parameters of an
1796.Dq Nm atm Cm "set netif" Ar intf
1797command.
1798.It Va atm_sigmgr_ Ns Aq Ar intf
1799.Pq Vt str
1800For the ATM physical interface
1801.Ar intf ,
1802this variable defines the ATM signalling manager to be used.
1803The value will be passed as the parameters of an
1804.Dq Nm atm Cm attach Ar intf
1805command.
1806.It Va atm_prefix_ Ns Aq Ar intf
1807.Pq Vt str
1808For the ATM physical interface
1809.Ar intf ,
1810this variable defines the NSAP prefix for interfaces using a UNI signalling
1811manager.
1812If set to
1813.Dq Li ILMI ,
1814the prefix will automatically be set via the
1815.Xr ilmid 8
1816daemon.
1817Otherwise, the value will be passed as the parameters of an
1818.Dq Nm atm Cm "set prefix" Ar intf
1819command.
1820.It Va atm_macaddr_ Ns Aq Ar intf
1821.Pq Vt str
1822For the ATM physical interface
1823.Ar intf ,
1824this variable defines the MAC address for interfaces using a UNI signalling
1825manager.
1826If set to
1827.Dq Li NO ,
1828the hardware MAC address contained in the ATM interface card will be used.
1829Otherwise, the value will be passed as the parameters of an
1830.Dq Nm atm Cm "set mac" Ar intf
1831command.
1832.It Va atm_arpserver_ Ns Aq Ar netif
1833.Pq Vt str
1834For the ATM network interface
1835.Ar netif ,
1836this variable defines the ATM address for a host which is to provide ATMARP
1837service.
1838This variable is only applicable to interfaces using a UNI signalling
1839manager.
1840If set to
1841.Dq Li local ,
1842this host will become an ATMARP server.
1843The value will be passed as the parameters of an
1844.Dq Nm atm Cm "set arpserver" Ar netif
1845command.
1846.It Va atm_scsparp_ Ns Aq Ar netif
1847.Pq Vt bool
1848If set to
1849.Dq Li YES ,
1850SCSP/ATMARP service for the network interface
1851.Ar netif
1852will be initiated using the
1853.Xr scspd 8
1854and
1855.Xr atmarpd 8
1856daemons.
1857This variable is only applicable if
1858.Va atm_arpserver_ Ns Aq Ar netif
1859is set to
1860.Dq Li local .
1861.It Va atm_pvcs
1862.Pq Vt str
1863Set to the list of ATM PVCs to be added at system
1864boot time.
1865For each whitespace separated
1866.Ar element
1867in the value, an
1868.Va atm_pvc_ Ns Aq Ar element
1869variable is assumed to exist.
1870The value of each of these variables
1871will be passed as the parameters of an
1872.Dq Nm atm Cm "add pvc"
1873command.
1874.It Va atm_arps
1875.Pq Vt str
1876Set to the list of permanent ATM ARP entries to be added
1877at system boot time.
1878For each whitespace separated
1879.Ar element
1880in the value, an
1881.Va atm_arp_ Ns Aq Ar element
1882variable is assumed to exist.
1883The value of each of these variables
1884will be passed as the parameters of an
1885.Dq Nm atm Cm "add arp"
1886command.
1887.It Va keybell
1888.Pq Vt str
1889The keyboard bell sound.
1890Set to
1891.Dq Li normal ,
1892.Dq Li visual ,
1893.Dq Li off ,
1894or
1895.Dq Li NO
1896if the default behavior is desired.
1897For details, refer to the
1898.Xr kbdcontrol 1
1899manpage.
1900.It Va keymap
1901.Pq Vt str
1902If set to
1903.Dq Li NO ,
1904no keymap is installed, otherwise the value is used to install
1905the keymap file in
1906.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
1907.It Va keyrate
1908.Pq Vt str
1909The keyboard repeat speed.
1910Set to
1911.Dq Li slow ,
1912.Dq Li normal ,
1913.Dq Li fast ,
1914or
1915.Dq Li NO
1916if the default behavior is desired.
1917.It Va keychange
1918.Pq Vt str
1919If not set to
1920.Dq Li NO ,
1921attempt to program the function keys with the value.
1922The value should
1923be a single string of the form:
1924.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
1925.It Va cursor
1926.Pq Vt str
1927Can be set to the value of
1928.Dq Li normal ,
1929.Dq Li blink ,
1930.Dq Li destructive ,
1931or
1932.Dq Li NO
1933to set the cursor behavior explicitly or choose the default behavior.
1934.It Va scrnmap
1935.Pq Vt str
1936If set to
1937.Dq Li NO ,
1938no screen map is installed, otherwise the value is used to install
1939the screen map file in
1940.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
1941.It Va font8x16
1942.Pq Vt str
1943If set to
1944.Dq Li NO ,
1945the default 8x16 font value is used for screen size requests, otherwise
1946the value in
1947.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1948is used.
1949.It Va font8x14
1950.Pq Vt str
1951If set to
1952.Dq Li NO ,
1953the default 8x14 font value is used for screen size requests, otherwise
1954the value in
1955.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1956is used.
1957.It Va font8x8
1958.Pq Vt str
1959If set to
1960.Dq Li NO ,
1961the default 8x8 font value is used for screen size requests, otherwise
1962the value in
1963.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1964is used.
1965.It Va blanktime
1966.Pq Vt int
1967If set to
1968.Dq Li NO ,
1969the default screen blanking interval is used, otherwise it is set
1970to
1971.Ar value
1972seconds.
1973.It Va saver
1974.Pq Vt str
1975If not set to
1976.Dq Li NO ,
1977this is the actual screen saver to use
1978.Li ( blank , snake , daemon ,
1979etc).
1980.It Va moused_enable
1981.Pq Vt str
1982If set to
1983.Dq Li YES ,
1984the
1985.Xr moused 8
1986daemon is started for doing cut/paste selection on the console.
1987.It Va moused_type
1988.Pq Vt str
1989This is the protocol type of the mouse connected to this host.
1990This variable must be set if
1991.Va moused_enable
1992is set to
1993.Dq Li YES .
1994The
1995.Xr moused 8
1996daemon
1997is able to detect the appropriate mouse type automatically in many cases.
1998Set this variable to
1999.Dq Li auto
2000to let the daemon detect it, or
2001select one from the following list if the automatic detection fails.
2002.Pp
2003If the mouse is attached to the PS/2 mouse port, choose
2004.Dq Li auto
2005or
2006.Dq Li ps/2 ,
2007regardless of the brand and model of the mouse.
2008Likewise, if the
2009mouse is attached to the bus mouse port, choose
2010.Dq Li auto
2011or
2012.Dq Li busmouse .
2013All other protocols are for serial mice and will not work with
2014the PS/2 and bus mice.
2015If this is a USB mouse,
2016.Dq Li auto
2017is the only protocol type which will work.
2018.Pp
2019.Bl -tag -width ".Li x10mouseremote" -compact
2020.It Li microsoft
2021Microsoft mouse (serial)
2022.It Li intellimouse
2023Microsoft IntelliMouse (serial)
2024.It Li mousesystems
2025Mouse systems Corp. mouse (serial)
2026.It Li mmseries
2027MM Series mouse (serial)
2028.It Li logitech
2029Logitech mouse (serial)
2030.It Li busmouse
2031A bus mouse
2032.It Li mouseman
2033Logitech MouseMan and TrackMan (serial)
2034.It Li glidepoint
2035ALPS GlidePoint (serial)
2036.It Li thinkingmouse
2037Kensington ThinkingMouse (serial)
2038.It Li ps/2
2039PS/2 mouse
2040.It Li mmhittab
2041MM HitTablet (serial)
2042.It Li x10mouseremote
2043X10 MouseRemote (serial)
2044.It Li versapad
2045Interlink VersaPad (serial)
2046.El
2047.Pp
2048Even if the mouse is not in the above list, it may be compatible
2049with one in the list.
2050Refer to the man page for
2051.Xr moused 8
2052for compatibility information.
2053.Pp
2054It should also be noted that while this is enabled, any
2055other client of the mouse (such as an X server) should access
2056the mouse through the virtual mouse device,
2057.Pa /dev/sysmouse ,
2058and configure it as a
2059.Dq Li sysmouse
2060type mouse, since all
2061mouse data is converted to this single canonical format when
2062using
2063.Xr moused 8 .
2064If the client program does not support the
2065.Dq Li sysmouse
2066type,
2067specify the
2068.Dq Li mousesystems
2069type.
2070It is the second preferred type.
2071.It Va moused_port
2072.Pq Vt str
2073If
2074.Va moused_enable
2075is set to
2076.Dq Li YES ,
2077this is the actual port the mouse is on.
2078It might be
2079.Pa /dev/cuaa0
2080for a COM1 serial mouse,
2081.Pa /dev/psm0
2082for a PS/2 mouse or
2083.Pa /dev/mse0
2084for a bus mouse, for example.
2085.It Va moused_flags
2086.Pq Vt str
2087If
2088.Va moused_type
2089is set, these are the additional flags to pass to the
2090.Xr moused 8
2091daemon.
2092.It Va mousechar_start
2093.Pq Vt int
2094If set to
2095.Dq Li NO ,
2096the default mouse cursor character range
2097.Li 0xd0 Ns - Ns Li 0xd3
2098is used,
2099otherwise the range start is set
2100to
2101.Ar value
2102character, see
2103.Xr vidcontrol 1 .
2104Use if the default range is occupied in the language code table.
2105.It Va allscreens_flags
2106.Pq Vt str
2107If set,
2108.Xr vidcontrol 1
2109is run with these options for each of the virtual terminals
2110.Pq Pa /dev/ttyv* .
2111For example,
2112.Dq Fl m Cm on
2113will enable the mouse pointer on all virtual terminals
2114if
2115.Va moused_enable
2116is set to
2117.Dq Li YES .
2118.It Va allscreens_kbdflags
2119.Pq Vt str
2120If set,
2121.Xr kbdcontrol 1
2122is run with these options for each of the virtual terminals
2123.Pq Pa /dev/ttyv* .
2124For example,
2125.Dq Fl h Li 200
2126will set the
2127.Xr syscons 4
2128scrollback (history) buffer to 200 lines.
2129.It Va cron_enable
2130.Pq Vt bool
2131If set to
2132.Dq Li YES ,
2133run the
2134.Xr cron 8
2135daemon at system boot time.
2136.It Va cron_program
2137.Pq Vt str
2138Path to
2139.Xr cron 8
2140(default
2141.Pa /usr/sbin/cron ) .
2142.It Va cron_flags
2143.Pq Vt str
2144If
2145.Va cron_enable
2146is set to
2147.Dq Li YES ,
2148these are the flags to pass to
2149.Xr cron 8 .
2150.It Va lpd_program
2151.Pq Vt str
2152Path to
2153.Xr lpd 8
2154(default
2155.Pa /usr/sbin/lpd ) .
2156.It Va lpd_enable
2157.Pq Vt bool
2158If set to
2159.Dq Li YES ,
2160run the
2161.Xr lpd 8
2162daemon at system boot time.
2163.It Va lpd_flags
2164.Pq Vt str
2165If
2166.Va lpd_enable
2167is set to
2168.Dq Li YES ,
2169these are the flags to pass to the
2170.Xr lpd 8
2171daemon.
2172.It Va mta_start_script
2173.Pq Vt str
2174This variable specifies the full path to the script to run to start
2175a mail transfer agent.
2176The default is
2177.Pa /etc/rc.sendmail .
2178The
2179.Va sendmail_*
2180variables which
2181.Pa /etc/rc.sendmail
2182uses are documented in the
2183.Xr rc.sendmail 8
2184man page.
2185.It Va dumpdev
2186.Pq Vt str
2187Indicates the device (usually a swap partition) to which a crash dump
2188should be written in the event of a system crash.
2189The value of this variable is passed as the argument to
2190.Xr dumpon 8 .
2191To disable crash dumps, set this variable to
2192.Dq Li NO .
2193.It Va dumpdir
2194.Pq Vt str
2195When the system reboots after a crash and a crash dump is found on the
2196device specified by the
2197.Va dumpdev
2198variable,
2199.Xr savecore 8
2200will save that crash dump and a copy of the kernel to the directory
2201specified by the
2202.Va dumpdir
2203variable.
2204The default value is
2205.Pa /var/crash .
2206Set to
2207.Dq Li NO
2208to not run
2209.Xr savecore 8
2210at boot time when
2211.Va dumpdir
2212is set.
2213.It Va savecore_flags
2214.Pq Vt str
2215If crash dumps are enabled, these are the flags to pass to the
2216.Xr savecore 8
2217utility.
2218.It Va enable_quotas
2219.Pq Vt bool
2220Set to
2221.Dq Li YES
2222to turn on user disk quotas on system startup via the
2223.Xr quotaon 8
2224command.
2225.It Va check_quotas
2226.Pq Vt bool
2227Set to
2228.Dq Li YES
2229to enable user disk quota checking via the
2230.Xr quotacheck 8
2231command.
2232.It Va accounting_enable
2233.Pq Vt bool
2234Set to
2235.Dq Li YES
2236to enable system accounting through the
2237.Xr accton 8
2238facility.
2239.It Va ibcs2_enable
2240.Pq Vt bool
2241Set to
2242.Dq Li YES
2243to enable iBCS2 (SCO) binary emulation at system initial boot
2244time.
2245.It Va ibcs2_loaders
2246.Pq Vt str
2247If not set to
2248.Dq Li NO
2249and if
2250.Va ibcs2_enable
2251is set to
2252.Dq Li YES ,
2253this specifies a list of additional iBCS2 loaders to enable.
2254.It Va linux_enable
2255.Pq Vt bool
2256Set to
2257.Dq Li YES
2258to enable Linux/ELF binary emulation at system initial
2259boot time.
2260.It Va osf1_enable
2261.Pq Vt bool
2262Set to
2263.Dq Li YES
2264to enable OSF/1 (Digital UNIX) binary emulation at system
2265initial boot time.
2266(alpha)
2267.It Va svr4_enable
2268.Pq Vt bool
2269If set to
2270.Dq Li YES ,
2271enable SysVR4 emulation at boot time.
2272.It Va sysvipc_enable
2273.Pq Vt bool
2274If set to
2275.Dq Li YES ,
2276load System V IPC primitives at boot time.
2277.It Va clear_tmp_enable
2278.Pq Vt bool
2279Set to
2280.Dq Li YES
2281to have
2282.Pa /tmp
2283cleaned at startup.
2284.It Va ldconfig_paths
2285.Pq Vt str
2286Set to the list of shared library paths to use with
2287.Xr ldconfig 8 .
2288NOTE:
2289.Pa /usr/lib
2290will always be added first, so it need not appear in this list.
2291.It Va ldconfig_paths_aout
2292.Pq Vt str
2293Set to the list of shared library paths to use with
2294.Xr ldconfig 8
2295legacy
2296.Xr a.out 5
2297support.
2298.It Va ldconfig_insecure
2299.Pq Vt bool
2300The
2301.Xr ldconfig 8
2302utility normally refuses to use directories
2303which are writable by anyone except root.
2304Set this variable to
2305.Dq Li YES
2306to disable that security check during system startup.
2307.It Va kern_securelevel_enable
2308.Pq Vt bool
2309Set to
2310.Dq Li YES
2311to set the kernel security level at system startup.
2312.It Va kern_securelevel
2313.Pq Vt int
2314The kernel security level to set at startup.
2315The allowed range of
2316.Ar value
2317ranges from \-1 (the compile time default) to 3 (the
2318most secure).
2319See
2320.Xr init 8
2321for the list of possible security levels and their effect
2322on system operation.
2323.It Va lomac_enable
2324.Pq Vt bool
2325Set to
2326.Dq Li YES
2327to enable Low Watermark Mandatory Access Control (LOMAC) at boot time.
2328This security model enforces integrity constraints for system processes;
2329see
2330.Xr lomac 4
2331for a complete description of the LOMAC model, as well as its impact
2332on system operation.
2333.It Va start_vinum
2334.Pq Vt bool
2335Set to
2336.Dq Li YES
2337to start
2338.Xr vinum 8
2339at system boot time.
2340.It Va sshd_program
2341.Pq Vt str
2342Path to the SSH server program
2343.Pa ( /usr/sbin/sshd
2344is the default).
2345.It Va sshd_enable
2346.Pq Vt bool
2347Set to
2348.Dq Li YES
2349to start
2350.Xr sshd 8
2351at system boot time.
2352.It Va sshd_flags
2353.Pq Vt str
2354If
2355.Va sshd_enable
2356is set to
2357.Dq Li YES ,
2358these are the flags to pass to the
2359.Xr sshd 8
2360daemon.
2361.It Va usbd_enable
2362.Pq Vt bool
2363If set to
2364.Dq Li YES ,
2365run the
2366.Xr usbd 8
2367daemon at boot time.
2368.It Va usbd_flags
2369.Pq Vt str
2370If
2371.Va usbd_enable
2372is set to
2373.Dq Li YES ,
2374these are the flags passed to
2375.Xr usbd 8
2376daemon.
2377.It Va jail_enable
2378.Pq Vt bool
2379If set to
2380.Dq Li NO ,
2381any configured jails will not be started.
2382.It Va jail_list
2383.Pq Vt str
2384A space separated list of names for jails.
2385This is purely a configuration aid to help identify and
2386configure multiple jails.
2387The names specified in this list will be used to
2388identify settings common to an instance of a jail.
2389Assuming that the jail in question was named
2390.Li vjail ,
2391you would have the following dependant variables:
2392.Bd -literal
2393jail_vjail_hostname="jail.example.com"
2394jail_vjail_ip="192.168.1.100"
2395jail_vjail_rootdir="/var/jails/vjail/root"
2396jail_vjail_exec="/bin/sh /etc/rc"
2397.Ed
2398.Pp
2399The last one is optional.
2400It defaults to
2401.Pa /etc/rc
2402if it is not set.
2403.It Va jail_set_hostname_allow
2404.Pq Vt bool
2405If set to
2406.Dq Li NO ,
2407do not allow the root user in a jail to set its hostname.
2408.It Va jail_socket_unixiproute_only
2409.Pq Vt bool
2410If set to
2411.Dq Li NO ,
2412do not allow any protocol,
2413besides TCP/IP,
2414to be used within a jail.
2415.It Va jail_sysvipc_allow
2416.Pq Vt bool
2417If set to
2418.Dq Li YES ,
2419allow applications within a jail to use System V IPC.
2420.It Va unaligned_print
2421.Pq Vt bool
2422If set to
2423.Dq Li NO ,
2424unaligned access warnings will not be printed.
2425(alpha)
2426.\" ----- isdn settings ---------------------------------
2427.It Va isdn_enable
2428.Pq Vt bool
2429Set to
2430.Dq Li NO
2431by default.
2432When set to
2433.Dq Li YES ,
2434starts the
2435.Xr isdnd 8
2436daemon
2437at system boot time.
2438.It Va isdn_flags
2439.Pq Vt str
2440Set to
2441.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9
2442by default.
2443Additional flags to pass to
2444.Xr isdnd 8
2445(but see
2446.Va isdn_fsdev
2447and
2448.Va isdn_ttype
2449for certain tunable parameters).
2450.It Va isdn_ttype
2451.Pq Vt str
2452Set to
2453.Dq Li cons25
2454by default.
2455The terminal type of the output device when
2456.Xr isdnd 8
2457operates in full-screen mode.
2458.It Va isdn_screenflags
2459.Pq Vt str
2460Set to
2461.Dq Li NO
2462by default.
2463The video mode for full-screen mode (only for
2464.Xr syscons 4
2465console driver, see
2466.Xr vidcontrol 1
2467for valid modes).
2468.It Va isdn_fsdev
2469.Pq Vt str
2470Set to
2471.Dq Li NO
2472by default.
2473The output device for
2474.Xr isdnd 8
2475in full-screen mode (or
2476.Dq Li NO
2477for daemon mode).
2478.It Va isdn_trace
2479.Pq Vt bool
2480Set to
2481.Dq Li NO
2482by default.
2483When set to
2484.Dq Li YES ,
2485enables the ISDN protocol trace utility
2486.Xr isdntrace 8
2487at system boot time.
2488.It Va isdn_traceflags
2489.Pq Vt str
2490Set to
2491.Dq Fl f Pa /var/tmp/isdntrace0
2492by default.
2493Flags for
2494.Xr isdntrace 8 .
2495.\" -----------------------------------------------------
2496.It Va pcvt_verbose
2497.Pq Vt bool
2498Set to
2499.Dq Li NO
2500by default.
2501When set to
2502.Dq Li YES ,
2503verbose messages about the actions done by the start script are displayed.
2504.Em Note :
2505the
2506.Xr pcvt 4
2507driver must be compiled into the kernel before the
2508.Xr pcvt 4
2509related
2510options described here take any effect.
2511.It Va pcvt_keymap
2512.Pq Vt str
2513Set to
2514.Dq Li NO
2515by default.
2516Use this to configure a national keyboard mapping found in the
2517.Pa /usr/share/misc/keycap.pcvt
2518file of keyboard mappings.
2519(See also the manual pages
2520.Xr keycap 5
2521and
2522.Xr keycap 3
2523for usage of
2524.Xr pcvt 4 Ns 's
2525keycap database and the manual page
2526.Xr kcon 1
2527option
2528.Fl m
2529for national keyboard mapping configuration.)
2530.It Va pcvt_keydel
2531.Pq Vt int
2532Set to
2533.Dq Li NO
2534by default.
2535Used to set the keyboard key repeat delay value.
2536Valid values are
2537in the range 0..3 for delay values of 250, 500, 750 and 1000 msec.
2538(See also the
2539.Xr kcon 1
2540manual page.)
2541.It Va pcvt_keyrate
2542.Pq Vt int
2543Set to
2544.Dq Li NO
2545by default.
2546Used to set the keyboard key repetition rate value.
2547Valid values are
2548in the range 0..31 for repetition values of 2..30 characters per second.
2549.It Va pcvt_keyrepeat
2550.Pq Vt bool
2551Set to
2552.Dq Li NO
2553by default.
2554Set to
2555.Dq Li YES
2556to enable automatic keyboard key repeating.
2557.It Va pcvt_force24
2558.Pq Vt bool
2559Set to
2560.Dq Li NO
2561by default.
2562Set to
2563.Dq Li YES
2564to force
2565.Xr pcvt 4
2566to use 24 lines only (in 25 lines mode) for compatibility
2567with the original
2568.Tn VT220
2569terminal.
2570.It Va pcvt_hpext
2571.Pq Vt bool
2572Set to
2573.Dq Li NO
2574by default.
2575Set to
2576.Dq Li YES
2577to enable the display and functionality of function key labels (as found
2578on
2579.Tn Hewlett-Packard
2580terminals such as the
2581.Tn HP2392A
2582and the
2583.Tn HP700/92
2584in
2585.Tn ANSI
2586mode).
2587.It Va pcvt_lines
2588.Pq Vt int
2589Set to
2590.Dq Li NO
2591by default resulting in a value of 25.
2592Used to set the number of lines on the screen.
2593For VGA displays, valid
2594values are 25, 28, 40 and 50 lines.
2595(See also the
2596.Xr scon 1
2597manual page.)
2598.It Va pcvt_blanktime
2599.Pq Vt int
2600Set to
2601.Dq Li NO
2602by default.
2603Used to set the screen saver timeout in seconds for values greater than
2604zero.
2605.It Va pcvt_cursorh
2606.Pq Vt int
2607Set to
2608.Dq Li NO
2609by default.
2610Used to set the cursor top scanline.
2611(See also the
2612.Xr cursor 1
2613manual page.)
2614.It Va pcvt_cursorl
2615.Pq Vt int
2616Set to
2617.Dq Li NO
2618by default.
2619Used to set the cursor bottom scanline.
2620.It Va pcvt_monohigh
2621.Pq Vt bool
2622Set to
2623.Dq Li NO
2624by default.
2625Set to
2626.Dq Li YES
2627to set intensity to high on monochrome monitors.
2628(See also the
2629.Xr scon 1
2630manual page, option
2631.Fl p ,
2632for more information on changing VGA palette
2633values.)
2634.It Va harvest_interrupt
2635.Pq Vt bool
2636Set to
2637.Dq Li YES
2638to use hardware interrupts as an entropy source.
2639Refer to
2640.Xr random 4
2641for more information.
2642.It Va harvest_ethernet
2643.Pq Vt bool
2644Set to
2645.Dq Li YES
2646to use LAN traffic as an entropy source.
2647Refer to
2648.Xr random 4
2649for more information.
2650.It Va harvest_p_to_p
2651.Pq Vt bool
2652Set to
2653.Dq Li YES
2654to use serial line traffic as an entropy source.
2655Refer to
2656.Xr random 4
2657for more information.
2658.It Va entropy_dir
2659.Pq Vt str
2660Set to
2661.Dq Li NO
2662to disable caching entropy via
2663.Xr cron 8 .
2664Otherwise set to the directory used to store entropy files in.
2665.It Va entropy_file
2666.Pq Vt str
2667Set to
2668.Dq Li NO
2669to disable caching entropy through reboots.
2670Otherwise set to the filename used to store cached entropy through
2671reboots.
2672This file should be located on the root file system to seed the
2673.Xr random 4
2674device as early as possible in the boot process.
2675.It Va entropy_save_sz
2676.Pq Vt int
2677Size of the entropy cache files saved by
2678.Nm save-entropy
2679periodically.
2680.It Va entropy_save_num
2681.Pq Vt int
2682Number of entropy cache files to save by
2683.Nm save-entropy
2684periodically.
2685.It Va ipsec_enable
2686.Pq Vt bool
2687Set to
2688.Dq Li YES
2689to run
2690.Xr setkey 8
2691on
2692.Va ipsec_file
2693at boot time.
2694.It Va ipsec_file
2695.Pq Vt str
2696Configuration file for
2697.Xr setkey 8 .
2698.It Va dmesg_enable
2699.Pq Vt bool
2700Set to
2701.Dq Li YES
2702to save
2703.Xr dmesg 8
2704to
2705.Pa /var/run/dmesg.boot
2706on boot.
2707.It Va rcshutdown_timeout
2708.Pq Vt int
2709If set, start a watchdog timer in the background which will terminate
2710.Pa rc.shutdown
2711if
2712.Xr shutdown 8
2713has not completed within the specified time (in seconds).
2714.El
2715.Sh FILES
2716.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
2717.It Pa /etc/defaults/rc.conf
2718.It Pa /etc/rc.conf
2719.It Pa /etc/rc.conf.local
2720.El
2721.Sh SEE ALSO
2722.Xr catman 1 ,
2723.Xr gdb 1 ,
2724.Xr info 1 ,
2725.Xr kbdcontrol 1 ,
2726.Xr makewhatis 1 ,
2727.Xr vidcontrol 1 ,
2728.Xr ip 4 ,
2729.Xr kld 4 ,
2730.Xr tcp 4 ,
2731.Xr udp 4 ,
2732.Xr exports 5 ,
2733.Xr motd 5 ,
2734.Xr accton 8 ,
2735.Xr amd 8 ,
2736.Xr apm 8 ,
2737.Xr atm 8 ,
2738.Xr cron 8 ,
2739.Xr dhclient 8 ,
2740.Xr ifconfig 8 ,
2741.Xr inetd 8 ,
2742.Xr isdnd 8 ,
2743.Xr isdntrace 8 ,
2744.Xr kldxref 8 ,
2745.Xr lpd 8 ,
2746.Xr mdconfig 8 ,
2747.Xr mountd 8 ,
2748.Xr moused 8 ,
2749.Xr mrouted 8 ,
2750.Xr named 8 ,
2751.Xr nfsd 8 ,
2752.Xr ntpd 8 ,
2753.Xr ntpdate 8 ,
2754.Xr pcnfsd 8 ,
2755.Xr quotacheck 8 ,
2756.Xr quotaon 8 ,
2757.Xr rc 8 ,
2758.Xr rc.sendmail 8 ,
2759.Xr route 8 ,
2760.Xr routed 8 ,
2761.Xr rpc.lockd 8 ,
2762.Xr rpc.statd 8 ,
2763.Xr rpcbind 8 ,
2764.Xr rwhod 8 ,
2765.Xr savecore 8 ,
2766.Xr sshd 8 ,
2767.Xr swapon 8 ,
2768.Xr sysctl 8 ,
2769.Xr syslogd 8 ,
2770.Xr timed 8 ,
2771.Xr usbd 8 ,
2772.Xr vinum 8 ,
2773.Xr yp 8 ,
2774.Xr ypbind 8 ,
2775.Xr ypserv 8 ,
2776.Xr ypset 8
2777.Sh HISTORY
2778The
2779.Nm
2780file appeared in
2781.Fx 2.2.2 .
2782.Sh AUTHORS
2783.An Jordan K. Hubbard .
2784