rc.conf(5)

NAME

rc.conf - system configuration information

DESCRIPTION

The file rc.conf contains descriptive information about the
local host name, configuration details for any potential network inter
faces and which services should be started up at system initial boot
time. In new
installations, the rc.conf file is generally initialized by
the system installation utility, sysinstall(8).
The purpose of rc.conf is not to run commands or perform
system startup actions directly. Instead, it is included by the various
generic startup scripts in /etc which conditionalize their internal actions
according to the settings found there.
The /etc/rc.conf file is included from the file
/etc/defaults/rc.conf, which specifies the default settings for all the available
options. Options need only be specified in /etc/rc.conf when the sys
tem administrator wishes to override these defaults. The file
/etc/rc.conf.local is used to override settings in /etc/rc.conf for historical
reasons. See
the rc_conf_files variable below.
Options are set with ``name=value'' assignments that use
sh(1) syntax. The following list provides a name and short description for
each variable that can be set in the rc.conf file:
rc_debug (bool) If set to ``YES'', enable output of debug
messages: from rc scripts. This variable can be helpful; in diagnosing
mistakes when editing or integrating new; scripts. Beware
that this produces copious output to the termi; nal and
syslog(3).
rc_info (bool) If set to ``NO'', disable informational
messages from: the rc scripts. Informational messages are dis; played when a
condition that is not serious enough to warrant; a warning or
an error occurs.
early_late_divider: (str) The name of the script that should be used; as the
delimiter between the ``early'' and ``late''; stages of the
boot process. The early stage should contain; all the services needed to get the disks (local or remote); mounted so
that the late stage can include scripts con; tained in the
directories listed in the local_startup variable; (see below).
Thus, the two likely candidates for this value; are mountcritlocal for the typical system, and; mountcritremote if the system needs remote file systems mounted to get ac; cess to the
local_startup directories; for example when; /usr/local is NFS
mounted. For rc.conf within a jail(8) NETWORK; ING is likely
to be an appropriate value. Extreme care should; be taken
when changing this value, and before changing it; one should
ensure that there are adequate provisions to re; cover from a
failed boot (such as physical contact with the; machine, or
reliable remote console access).
swapfile (str) If set to ``NO'', no swapfile is in
stalled, otherwise: the value is used as the full pathname to a file; to use for
additional swap space.
apm_enable (bool) If set to ``YES'', enable support for Au
tomatic Power: Management with the apm(8) command.
apmd_enable: (bool) Run apmd(8) to handle APM event from; userland. This
also enables support for APM.
apmd_flags (str) If apmd_enable is set to ``YES'', these
are the flags: to pass to the apmd(8) daemon.
devd_enable: (bool) Run devd(8) to handle device added, re; moved or unknown
events from the kernel.
kldxref_enable: (bool) Set to ``NO'' by default. Set to ``YES''; to automatically rebuild linker.hints files with kldxref(8); at boot
time.
kldxref_clobber: (bool) Set to ``NO'' by default. If; kldxref_enable is true,
setting to ``YES'' will overwrite existing; linker.hints files
at boot time. Otherwise, only missing; linker.hints files are
generated.
kldxref_module_path: (str) Empty by default. A semi-colon (`;') de; limited list of
paths containing kld(4) modules. If empty, the; contents of
the kern.module_path sysctl(8) are used.
pccard_enable: (bool) If set to ``YES'', enable PCCARD support; at boot time.
pccard_mem (str) Set to PCCARD controller memory address or
``DEFAULT'': for the default value.
pccard_beep: (int) If 0, set the PCCARD controller to silent; mode. If 1,
set it to beep mode. If 2, set it to melody; mode.
pccard_conf: (str) Path to the configuration file for the pc; cardd(8) daemon (e.g. /etc/pccard.conf.sample).
pccardd_flags: (str) If pccard_enable is set to ``YES'', these; are the flags
to pass to the pccardd(8) daemon.
powerd_enable: (bool) If set to ``YES'', enable the system pow; er control
facility with the powerd(8) daemon.
powerd_flags: (str) If powerd_enable is set to ``YES'', these; are the flags
to pass to the powerd(8) daemon.
tmpmfs Controls the creation of a /tmp memory file sys
tem. Always: happens if set to ``YES'' and never happens if; set to ``NO''.
If set to anything else, a memory file system is; created if
/tmp is not writable.
tmpsize Controls the size of a created /tmp memory file
system.
tmpmfs_flags: Extra options passed to the mdmfs(8) utility; when the memory
file system for /tmp is created. The default is; ``-S -M'',
which inhibits the use of softupdates on /tmp to; waste as
little space as possible and creates a pure mem; ory backed
disk, which will never be swapped out, for maxi; mum performance and system stability at low memory condi; tions. See
mdmfs(8) for other options you can use in; tmpmfs_flags.
varmfs Controls the creation of a /var memory file sys
tem. Always: happens if set to ``YES'' and never happens if; set to ``NO''.
If set to anything else, a memory file system is; created if
/var is not writable.
varsize Controls the size of a created /var memory file
system.
varmfs_flags: Extra options passed to the mdmfs(8) utility; when the memory
file system for /var is created. The default is; ``-S -M'',
which inhibits the use of softupdates on /var to; waste as
little space as possible and creates a pure mem; ory backed
disk, which will never be swapped out, for maxi; mum performance and system stability at low memory condi; tions. See
mdmfs(8) for other options you can use in; varmfs_flags.
populate_var: Controls the automatic population of the /var; file system.
Always happens if set to ``YES'' and never hap; pens if set to
``NO''. If set to anything else, a memory file; system is
created if /var is not writable. Note that this; process
requires access to certain commands in /usr be; fore /usr is
mounted on normal systems.
cleanvar_enable: (bool) Clean the /var directory.
local_startup: (str) List of directories to search for startup; script files.
script_name_sep: (str) The field separator to use for breaking; down the list
of startup script files into individual file; names. The
default is a space. It is not necessary to; change this
unless there are startup scripts with names con; taining
spaces.
hostapd_enable: (bool) Set to ``YES'' to start hostapd(8) at; system boot
time.
hostname (str) The fully qualified domain name (FQDN) of
this host on: the network. This should almost certainly be; set to something meaningful, even if there is no network; connection. If
dhclient(8) is used to set the hostname via; DHCP, this variable should be set to an empty string.
ipv6_enable: (bool) Enable support for IPv6 networking. Note; that this
requires that the kernel has been compiled with; options
INET6.
nisdomainname: (str) The NIS domain name of this host, or; ``NO'' if NIS is
not used.
dhclient_program: (str) Path to the DHCP client program; (/sbin/dhclient, the
OpenBSD DHCP client, is the default).
dhclient_flags: (str) Additional flags to pass to the DHCP; client program.
For the OpenBSD DHCP client, see the dhclient(8); manpage for
a description of the command line options avail; able.
background_dhclient: (bool) Set to ``YES'' to start the DHCP client; in background.
This can cause trouble with applications depend; ing on a working network, but it will provide a faster start; up in many
cases.
firewall_enable: (bool) Set to ``YES'' to load firewall rules at; startup. If
the kernel was not built with options

IPFIREWALL

kernel module will be loaded. See also
ipfilter_enable.
ipv6_firewall_enable: (bool) The IPv6 equivalent of firewall_enable.; Set to
``YES'' to load IPv6 firewall rules at startup.; If the kernel was not built with options IPV6FIREWALL, the; ip6fw.ko
kernel module will be loaded.
firewall_script: (str) This variable specifies the full path to; the firewall
script to run. The default is /etc/rc.firewall.
ipv6_firewall_script: (str) The IPv6 equivalent of firewall_script.
firewall_type: (str) Names the firewall type from the selection; in
/etc/rc.firewall, or the file which contains the; local firewall ruleset. Valid selections from; /etc/rc.firewall are:; open unrestricted IP access
closed all IP services disabled, except via; ``lo0''
client basic protection for a workstation
simple basic protection for a LAN.; If a filename is specified, the full path must; be given.
ipv6_firewall_type: (str) The IPv6 equivalent of firewall_type.
firewall_quiet: (bool) Set to ``YES'' to disable the display of; firewall
rules on the console during boot.
ipv6_firewall_quiet: (bool) The IPv6 equivalent of firewall_quiet.
firewall_logging: (bool) Set to ``YES'' to enable firewall event; logging. This
is equivalent to the IPFIREWALL_VERBOSE kernel; option.
ipv6_firewall_logging: (bool) The IPv6 equivalent of firewall_logging.
firewall_flags: (str) Flags passed to ipfw(8) if firewall_type; specifies a
filename.
ipv6_firewall_flags: (str) The IPv6 equivalent of firewall_flags.
natd_program: (str) Path to natd(8).
natd_enable: (bool) Set to ``YES'' to enable natd(8).; firewall_enable
must also be set to ``YES'', and divert(4) sock; ets must be
enabled in the kernel. If the kernel was not; built with
options IPDIVERT, the ipdivert.ko kernel module; will be
loaded.
natd_interface: (str) This is the name of the public interface; on which
natd(8) should run. The interface may be given; as an interface name or as an IP address.
natd_flags (str) Additional natd(8) flags should be placed
here. The -n: or -a flag is automatically added with the above
natd_interface as an argument.
ipfilter_enable: (bool) Set to ``NO'' by default. Setting this; to ``YES''
enables ipf(8) packet filtering.; Typical usage will require putting; ipfilter_enable="YES"
ipnat_enable="YES"
ipmon_enable="YES"
ipfs_enable="YES"; into /etc/rc.conf and editing /etc/ipf.rules and /etc/ipnat.rules appropriately.; Note that ipfilter_enable and ipnat_enable can; be enabled
independently. ipmon_enable and ipfs_enable; both require at
least one of ipfilter_enable and ipnat_enable to; be enabled.; Having; options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK; in the kernel configuration file is a good idea,; too.
ipfilter_program: (str) Path to ipf(8) (default /sbin/ipf).
ipfilter_rules: (str) Set to /etc/ipf.rules by default. This; variable contains the name of the filter rule definition; file. The file
is expected to be readable for the ipf(8) com; mand to execute.
ipv6_ipfilter_rules: (str) Set to /etc/ipf6.rules by default. This; variable contains the IPv6 filter rule definition file. The; file is
expected to be readable for the ipf(8) command; to execute.
ipfilter_flags: (str) Empty by default. This variable contains; flags passed
to the ipf(8) program.
ipnat_enable: (bool) Set to ``NO'' by default. Set it to; ``YES'' to enable
ipnat(8) network address translation. See; ipfilter_enable
for a detailed discussion.
ipnat_program: (str) Path to ipnat(8) (default /sbin/ipnat).
ipnat_rules: (str) Set to /etc/ipnat.rules by default. This; variable contains the name of the file holding the network; address translation definition. This file is expected to be; readable for
the ipnat(8) command to execute.
ipnat_flags: (str) Empty by default. This variable contains; flags passed
to the ipnat(8) program.
ipmon_enable: (bool) Set to ``NO'' by default. Set it to; ``YES'' to enable
ipmon(8) monitoring (logging ipf(8) and ipnat(8); events).
Setting this variable needs setting; ipfilter_enable or
ipnat_enable too. See ipfilter_enable for a de; tailed discussion.
ipmon_program: (str) Path to ipmon(8) (default /sbin/ipmon).
ipmon_flags: (str) Set to ``-Ds'' by default. This variable; contains
flags passed to the ipmon(8) program. Another; typical example would be ``-D /var/log/ipflog'' to have ip; mon(8) log
directly to a file bypassing syslogd(8). Make; sure to adjust
/etc/newsyslog.conf in such case like this:; /var/log/ipflog 640 10 100 * Z; /var/run/ipmon.pid
ipfs_enable: (bool) Set to ``NO'' by default. Set it to; ``YES'' to enable
ipfs(8) saving the filter and NAT state tables; during shutdown and reloading them during startup again.; Setting this
variable needs setting ipfilter_enable or; ipnat_enable to
``YES'' too. See ipfilter_enable for a detailed; discussion.
Note that if kern_securelevel is set to 3,; ipfs_enable cannot
be used because the raised securelevel will pre; vent ipfs(8)
from saving the state tables at shutdown time.
ipfs_program: (str) Path to ipfs(8) (default /sbin/ipfs).
ipfs_flags (str) Empty by default. This variable contains
flags passed: to the ipfs(8) program.
pf_enable (bool) Set to ``NO'' by default. Setting this
to ``YES'': enables pf(4) packet filtering.; Typical usage will require putting

pf_enable="YES"; into /etc/rc.conf and editing /etc/pf.conf ap; propriately.

device pf; builds pf(4) into the kernel. Otherwise it is; loaded from a
module.
pf_rules (str) Path to pf(4) ruleset configuration file
(default: /etc/pf.conf).
pf_program (str) Path to pfctl(8) (default /sbin/pfctl).
pf_flags (str) If pf_enable is set to ``YES'', these
flags are passed: to the pfctl(8) program when loading the rule; set.
pflog_enable: (bool) Set to ``NO'' by default. Setting this; to ``YES''
enables pflogd(8) which logs packets from the; pf(4) packet
filter.
pflog_logfile: (str) If pflog_enable is set to ``YES'' this; controls where
pflogd(8) stores the logfile (default; /var/log/pflog). Check
/etc/newsyslog.conf to adjust logfile rotation; for this.
pflog_program: (str) Path to pflogd(8) (default /sbin/pflogd).
pflog_flags: (str) Empty by default. This variable contains; additional
flags passed to the pflogd(8) program.
pfsync_enable: (bool) Set to ``NO'' by default. Setting this; to ``YES''
enables exposing pf(4) state changes to other; hosts over the
network by means of pfsync(4). The; pfsync_syncdev variable
must also be set then.
pfsync_syncdev: (str) Empty by default. This variable specifies; the name of
the network interface pfsync(4) should operate; through. It
must be set accordingly if pfsync_enable is set; to ``YES''.
pfsync_ifconfig: (str) Empty by default. This variable can con; tain additional
options to be passed to the ifconfig(8) command; used to set
up pfsync(4).
tcp_extensions: (bool) Set to ``YES'' by default. Setting this; to ``NO''
disables certain TCP options as described by RFC; 1323. Setting this to ``NO'' might help remedy such prob; lems with connections as randomly hanging or other weird be; havior. Some
network devices are known to be broken with re; spect to these
options.
log_in_vain: (int) Set to 0 by default. The sysctl(8) vari; ables,
net.inet.tcp.log_in_vain and; net.inet.udp.log_in_vain, as
described in tcp(4) and udp(4), are set to the; given value.
tcp_keepalive: (bool) Set to ``YES'' by default. Setting to; ``NO'' will
disable probing idle TCP connections to verify; that the peer
is still up and reachable.
tcp_drop_synfin: (bool) Set to ``NO'' by default. Setting to; ``YES'' will
cause the kernel to ignore TCP frames that have; both the SYN
and FIN flags set. This prevents OS finger; printing, but may
break some legitimate applications. This option; is only
available if the kernel was built with the; TCP_DROP_SYNFIN
option.
icmp_drop_redirect: (bool) Set to ``NO'' by default. Setting to; ``YES'' will
cause the kernel to ignore ICMP REDIRECT pack; ets. Refer to
icmp(4) for more information.
icmp_log_redirect: (bool) Set to ``NO'' by default. Setting to; ``YES'' will
cause the kernel to log ICMP REDIRECT packets.; Note that the
log messages are not rate-limited, so this op; tion should only
be used for troubleshooting networks. Refer to; icmp(4) for
more information.
icmp_bmcastecho: (bool) Set to ``YES'' to respond to broadcast or; multicast
ICMP ping packets. Refer to icmp(4) for more; information.
ip_portrange_first: (int) If not set to ``NO'', this is the first; port in the
default portrange. Refer to ip(4) for more in; formation.
ip_portrange_last: (int) If not set to ``NO'', this is the last; port in the
default portrange. Refer to ip(4) for more in; formation.
network_interfaces: (str) Set to the list of network interfaces to; configure on
this host or ``AUTO'' (the default) for all cur; rent interfaces. For example, if the only active network; devices in
the system are the loopback device (lo0) and a; NIC using the
ed(4) driver, this could be set to ``lo0 ed0''.; An ifconfig_<interface> variable is also assumed; to exist for
each value of interface. The variable can con; tain arguments
to ifconfig(8), as well as special case-insensi; tive keywords
described below. Such keywords are removed be; fore passing
the value to ifconfig(8) while the order of the; other arguments is preserved.; One can configure more than one IPv4 address; with the
ipv4_addrs_<interface> variable. One or more IP; addresses
must be provided in Classless Inter-Domain Rout; ing (CIDR)
address notation, whose last byte can be a range; like
192.168.0.5-23/24. In this case the address; 192.168.0.5 will
be configured with the netmask /24 and the ad; dresses
192.168.0.6 to 192.168.0.23 with the non-con; flicting netmask
/32 as explained in the ifconfig(8) alias sec; tion. With the
interface in question being ed0, an example; could look like:; ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28"; It is also possible to add IP alias entries us; ing ifconfig(8)
syntax. Assuming that the interface in question; was ed0, it
might look something like this:; ifconfig_ed0_alias0="inet 127.0.0.253 netmask; 0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.254 netmask; 0xffffffff"; And so on. For each; ifconfig_<interface>_alias<n> entry that is found, its contents are passed to ifcon; fig(8). Execution
stops at the first unsuccessful access, so if; something like
this is present:; ifconfig_ed0_alias0="inet 127.0.0.251 netmask; 0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.252 netmask; 0xffffffff"
ifconfig_ed0_alias2="inet 127.0.0.253 netmask; 0xffffffff"
ifconfig_ed0_alias4="inet 127.0.0.254 netmask; 0xffffffff"; Then note that alias4 would not be added since; the search
would stop with the missing ``alias3'' entry.; Due to this
difficult to manage behavior, the
ifconfig_<interface>_alias<n> form is deprecat; ed.; If the /etc/start_if.<interface> file is pre; sent, it is read
and executed by the sh(1) interpreter before; configuring the
interface as specified in the; ifconfig_<interface> and
ifconfig_<interface>_alias<n> variables.; If the ifconfig_<interface> contains the keyword; ``NOAUTO''
then the interface will not be configured at; boot or by
/etc/pccard_ether when network_interfaces is set; to ``AUTO''.; It is possible to bring up an interface with; DHCP by adding
``DHCP'' to the ifconfig_<interface> variable.; For instance,
to initialize the ed0 device via DHCP, it is; possible to use
something like:; ifconfig_ed0="DHCP"; Also, if your interface needs WPA authentica; tion, it is possible to add ``WPA'' to the ifconfig_<interface>; variable.; Finally, you can add ifconfig(8) options in this; variable, in
addition to the /etc/start_if.<interface> file.; For
instance, to initialize the wi0 device via DHCP,; using WPA
authentication and 802.11b mode, it is possible; to use something like:; ifconfig_wi0="DHCP WPA mode 11b"; In addition to the ifconfig_<interface> form, a; fallback
variable ifconfig_DEFAULT may be configured. It; will be used
for all interfaces with no ifconfig_<interface>; variable.
This is intended to replace the no longer sup; ported
pccard_ifconfig variable.; It is also possible to rename interface by do; ing:; ifconfig_ed0_name="net0"
ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
ipv6_network_interfaces: (str) This is the IPv6 equivalent of; network_interfaces.
Instead of setting the ifconfig variables as
ifconfig_<interface> they should be set as ipv6_ifconfig_<interface>. Aliases should be; set as
ipv6_ifconfig_<interface>_alias<n>.; ipv6_prefix_<interface>
does something. Interfaces that do not have a
ipv6_ifconfig_<interface> setting will be auto; configured by
rtsol(8) if the ipv6_gateway_enable is set to; ``NO''. Note
that the IPv6 networking code does not support; the
/etc/start_if.<interface> files.
ipv6_default_interface: (str) If not set to ``NO'', this is the default; output interface for scoped addresses. Now this works only; for IPv6 link
local multicast addresses.
cloned_interfaces: (str) Set to the list of clonable network inter; faces to create on this host. Entries in cloned_interfaces; are automatically appended to network_interfaces for config; uration.
gif_interfaces: (str) Set to the list of gif(4) tunnel inter; faces to configure on this host. A gifconfig_<interface> vari; able is
assumed to exist for each value of interface.; The value of
this variable is used to configure the link lay; er of the tunnel according to the syntax of the tunnel option; to
ifconfig(8). Additionally, this option ensures; that each
listed interface is created via the create op; tion to
ifconfig(8) before attempting to configure it.
sppp_interfaces: (str) Set to the list of sppp(4) interfaces to; configure on
this host. A spppconfig_<interface> variable is; assumed to
exist for each value of interface. Each inter; face should
also be configured by a general; ifconfig_<interface> setting.
Refer to spppcontrol(8) for more information; about available
options.
ppp_enable (bool) If set to ``YES'', run the ppp(8) daemon.
ppp_mode (str) Mode in which to run the ppp(8) daemon.
Accepted modes: are ``auto'', ``ddial'', ``direct'' and ``dedi; cated''. See
the manual for a full description.
ppp_nat (bool) If set to ``YES'', enables network ad
dress transla: tion. Used in conjunction with gateway_enable; allows hosts
on private network addresses access to the In; ternet using
this host as a network address translating; router.
ppp_profile: (str) The name of the profile to use from; /etc/ppp/ppp.conf.
ppp_user (str) The name of the user under which ppp(8)
should be: started. By default, ppp(8) is started as; ``root''.
rc_conf_files: (str) This option is used to specify a list of; files that
will override the settings in; /etc/defaults/rc.conf. The
files will be read in the order in which they; are specified
and should include the full path to the file.; By default,
the files specified are /etc/rc.conf and; /etc/rc.conf.local
gbde_autoattach_all: (bool) If set to ``YES'', /etc/rc.d/gbde will; attempt to
automatically initialize your .bde devices in; /etc/fstab.
gbde_devices: (str) List the devices that the script should; try to attach,
or ``AUTO''.
gbde_lockdir: (str) The directory where the gbde(4) lockfiles; are located.
The default lockfile directory is /etc.; The lockfile for each individual gbde(4) device; can be overridden by setting the variable; gbde_lock_<device>, where
device is the encrypted device without the; ``/dev/'' and
``.bde'' parts.
gbde_attach_attempts: (int) Number of times to attempt attaching to a; gbde(4)
device, i.e., how many times the user is asked; for the passphrase. Default is 3.
geli_devices: (str) List of devices to automatically attach on; boot. Note
that .eli devices from /etc/fstab are automati; cally appended
to this list.
geli_tries (int) Number of times user is asked for the
pass-phrase. If: empty, it will be taken from kern.geom.eli.tries; sysctl variable.
geli_default_flags: (str) Default flags to use by geli(8) when con; figuring disk
encryption. Flags can be configured for every; device separately by defining geli_<device>_flags variable.
geli_autodetach: (str) Specifies if GELI devices should be marked; for detach
on last close after file systems are mounted.; Default is
``YES''. This can be changed for every device; separately by
defining geli_<device>_autodetach variable.
geli_swap_flags: Options passed to the geli(8) utility when en; crypted GEOM
providers for swap partitions are created. The; default is
``-a aes -l 256 -s 4096 -d''.
root_rw_mount: (bool) Set to ``YES'' by default. After the; file systems are
checked at boot time, the root file system is; remounted as
read-write if this is set to ``YES''. Diskless; systems that
mount their root file system from a read-only; remote NFS
share should set this to ``NO'' in their; rc.conf.
fsck_y_enable: (bool) If set to ``YES'', fsck(8) will be run; with the -y
flag if the initial preen of the file systems; fails.
background_fsck: (bool) If set to ``YES'', the system will at; tempt to run
fsck(8) in the background where possible.
background_fsck_delay: (int) The amount of time in seconds to sleep be; fore starting
a background fsck(8). It defaults to sixty sec; onds to allow
large applications such as the X server to start; before disk
I/O bandwidth is monopolized by fsck(8).
netfs_types: (str) List of file system types that are net; work-based. This
list should generally not be modified by end; users. Use
extra_netfs_types instead.
extra_netfs_types: (str) If set to something other than ``NO'' (the; default),
this variable extends the list of file system; types for which
automatic mounting at startup by rc(8) should be; delayed
until the network is initialized. It should; contain a
whitespace-separated list of network file system; descriptor
pairs, each consisting of a file system type as; passed to
mount(8) and a human-readable, one-word descrip; tion, joined
with a colon (`:'). Extending the default list; in this way
is only necessary when third party file system; types are
used.
syslogd_enable: (bool) If set to ``YES'', run the syslogd(8); daemon.
syslogd_program: (str) Path to syslogd(8) (default; /usr/sbin/syslogd).
syslogd_flags: (str) If syslogd_enable is set to ``YES'', these; are the
flags to pass to syslogd(8).
inetd_enable: (bool) If set to ``YES'', run the inetd(8) dae; mon.
inetd_program: (str) Path to inetd(8) (default; /usr/sbin/inetd).
inetd_flags: (str) If inetd_enable is set to ``YES'', these; are the flags
to pass to inetd(8).
named_enable: (bool) If set to ``YES'', run the named(8) dae; mon.
named_program: (str) Path to named(8) (default; /usr/sbin/named).
named_flags: (str) If named_enable is set to ``YES'', these; are the flags
to pass to named(8).
named_pidfile: (str) This is the default path to the named(8); daemon's PID
file. This must match the location in; named.conf(5).
named_uid (str) The user that the named process should be
run as.
named_chrootdir: (str) The root directory for a name server run; in a chroot(8)
environment (default /var/named). If left empty; named(8)
will not be run in a chroot(8) environment.
named_chroot_autoupdate: (bool) Set to ``NO'' to disable automatic update; of the
chroot(8) environment.
named_symlink_enable: (bool) Set to ``NO'' to disable symlinking of; daemon's PID
file into the chroot(8) environment.
kerberos5_server_enable: (bool) Set to ``YES'' to start a Kerberos 5 au; thentication
server at boot time.
kerberos5_server: (str) If kerberos5_server_enable is set to; ``YES'' this is
the path to Kerberos 5 Authentication Server.
kerberos5_server_flags: (str) Empty by default. This variable contains; additional
flags to be passed to the Kerberos 5 authentica; tion server.
kadmind5_server_enable: (bool) Set to ``YES'' to start kadmind(8), the; Kerberos 5
Administration Daemon; set to ``NO'' on a slave; server.
kadmind5_server: (str) If kadmind5_server_enable is set to; ``YES'' this is the
path to Kerberos 5 Administration Daemon.
kpasswdd_server_enable: (bool) Set to ``YES'' to start kpasswdd(8), the; Kerberos 5
Password-Changing Daemon; set to ``NO'' on a; slave server.
kpasswdd_server: (str) If kpasswdd_server_enable is set to; ``YES'' this is the
path to Kerberos 5 Password-Changing Daemon.
rwhod_enable: (bool) If set to ``YES'', run the rwhod(8) dae; mon at boot
time.
rwhod_flags: (str) If rwhod_enable is set to ``YES'', these; are the flags
to pass to it.
amd_enable (bool) If set to ``YES'', run the amd(8) daemon
at boot time.
amd_flags (str) If amd_enable is set to ``YES'', these are
the flags to: pass to it. See the amd(8) manpage for more in; formation.
amd_map_program: (str) If set, the specified program is run to; get the list of
amd(8) maps. For example, if the amd(8) maps; are stored in
NIS, one can set this to run ypcat(1) to get a; list of amd(8)
maps from the amd.master NIS map.
update_motd: (bool) If set to ``YES'', /etc/motd will be up; dated at boot
time to reflect the kernel release being run.; If set to
``NO'', /etc/motd will not be updated.
nfs_client_enable: (bool) If set to ``YES'', run the NFS client; daemons at boot
time.
nfs_access_cache: (int) If nfs_client_enable is set to ``YES'',; this can be set
to ``0'' to disable NFS ACCESS RPC caching, or; to the number
of seconds for which NFS ACCESS results should; be cached. A
value of 2-10 seconds will substantially reduce; network traffic for many NFS operations.
nfs_server_enable: (bool) If set to ``YES'', run the NFS server; daemons at boot
time.
nfs_server_flags: (str) If nfs_server_enable is set to ``YES'',; these are the
flags to pass to the nfsd(8) daemon.
mountd_enable: (bool) If set to ``YES'', and no; nfs_server_enable is set,
start mountd(8), but not nfsd(8) daemon. It is; commonly
needed to run CFS without real NFS used.
mountd_flags: (str) If mountd_enable is set to ``YES'', these; are the flags
to pass to the mountd(8) daemon.
weak_mountd_authentication: (bool) If set to ``YES'', allow services like; PCNFSD to make
non-privileged mount requests.
nfs_reserved_port_only: (bool) If set to ``YES'', provide NFS services; only on a
secure port.
nfs_bufpackets: (int) If set to a number, indicates the number; of packets
worth of socket buffer space to reserve on an; NFS client.
The kernel default is typically 4. Using a; higher number may
be useful on gigabit networks to improve perfor; mance. The
minimum value is 2 and the maximum is 64.
rpc_lockd_enable: (bool) If set to ``YES'' and also an NFS server; or client,
run rpc.lockd(8) at boot time.
rpc_statd_enable: (bool) If set to ``YES'' and also an NFS server; or client,
run rpc.statd(8) at boot time.
rpcbind_program: (str) Path to rpcbind(8) (default; /usr/sbin/rpcbind).
rpcbind_enable: (bool) If set to ``YES'', run the rpcbind(8); service at boot
time.
rpcbind_flags: (str) If rpcbind_enable is set to ``YES'', these; are the
flags to pass to the rpcbind(8) daemon.
keyserv_enable: (bool) If set to ``YES'', run the keyserv(8); daemon on boot
for running Secure RPC.
keyserv_flags: (str) If keyserv_enable is set to ``YES'', these; are the
flags to pass to keyserv(8) daemon.
pppoed_enable: (bool) If set to ``YES'', run the pppoed(8) dae; mon at boot
time to provide PPP over Ethernet services.
pppoed_provider: (str) pppoed(8) listens to requests to this; provider and
ultimately runs ppp(8) with a system argument of; the same
name.
pppoed_flags: (str) Additional flags to pass to pppoed(8).
pppoed_interface: (str) The network interface to run pppoed(8) on.; This is
mandatory when pppoed_enable is set to ``YES''.
timed_enable: (bool) If set to ``YES'', run the timed(8) ser; vice at boot
time. This command is intended for networks of; machines
where a consistent ``network time'' for all; hosts must be
established. This is often useful in large NFS; environments
where time stamps on files are expected to be; consistent network-wide.
timed_flags: (str) If timed_enable is set to ``YES'', these; are the flags
to pass to the timed(8) service.
ntpdate_enable: (bool) If set to ``YES'', run ntpdate(8) at sys; tem startup.
This command is intended to synchronize the sys; tem clock only
once from some standard reference. An option to; set this up
initially (from a list of known servers) is also; provided by
the sysinstall(8) program when the system is; first installed.
ntpdate_hosts: (str) A whitespace-separated list of NTP servers; to synchronize with at startup. The default is to use the; servers
listed in /etc/ntp.conf, if that file exists.
ntpdate_program: (str) Path to ntpdate(8) (default; /usr/sbin/ntpdate).
ntpdate_flags: (str) If ntpdate_enable is set to ``YES'', these; are the
flags to pass to the ntpdate(8) command (typi; cally a hostname).
ntpd_enable: (bool) If set to ``YES'', run the ntpd(8) com; mand at boot
time.
ntpd_program: (str) Path to ntpd(8) (default /usr/sbin/ntpd).
ntpd_flags (str) If ntpd_enable is set to ``YES'', these
are the flags: to pass to the ntpd(8) daemon.
ntpd_sync_on_start: (bool) If set to ``YES'', ntpd(8) is run with; the -g flag,
which syncs the system's clock on startup. See; ntpd(8) for
more information regarding the -g option. This; is a preferred alternative to using ntpdate(8) or speci; fying the
ntpdate_enable variable.
nis_client_enable: (bool) If set to ``YES'', run the ypbind(8) ser; vice at system
boot time.
nis_client_flags: (str) If nis_client_enable is set to ``YES'',; these are the
flags to pass to the ypbind(8) service.
nis_ypset_enable: (bool) If set to ``YES'', run the ypset(8) dae; mon at system
boot time.
nis_ypset_flags: (str) If nis_ypset_enable is set to ``YES'',; these are the
flags to pass to the ypset(8) daemon.
nis_server_enable: (bool) If set to ``YES'', run the ypserv(8) dae; mon at system
boot time.
nis_server_flags: (str) If nis_server_enable is set to ``YES'',; these are the
flags to pass to the ypserv(8) daemon.
nis_ypxfrd_enable: (bool) If set to ``YES'', run the rpc.ypxfrd(8); daemon at
system boot time.
nis_ypxfrd_flags: (str) If nis_ypxfrd_enable is set to ``YES'',; these are the
flags to pass to the rpc.ypxfrd(8) daemon.
nis_yppasswdd_enable: (bool) If set to ``YES'', run the rpc.yppass; wdd(8) daemon at
system boot time.
nis_yppasswdd_flags: (str) If nis_yppasswdd_enable is set to ``YES'',; these are
the flags to pass to the rpc.yppasswdd(8) dae; mon.
rpc_ypupdated_enable: (bool) If set to ``YES'', run the rpc.ypupdated; daemon at
system boot time.
bsnmpd_enable: (bool) If set to ``YES'', run the bsnmpd(1) dae; mon at system
boot time. Be sure to understand the security; implications
of running SNMP daemon on your host.
bsnmpd_flags: (str) If bsnmpd_enable is set to ``YES'', these; are the flags
to pass to the bsnmpd(1) daemon.
defaultrouter: (str) If not set to ``NO'', create a default; route to this
host name or IP address (use an IP address if; this router is
also required to get to the name server!).
ipv6_defaultrouter: (str) The IPv6 equivalent of defaultrouter.
static_routes: (str) Set to the list of static routes that are; to be added
at system boot time. If not set to ``NO'' then; for each
whitespace separated element in the value, a; route_<element>
variable is assumed to exist whose contents will; later be
passed to a ``route add'' operation. For exam; ple:; static_routes="mcast gif0local"
route_mcast="-net 224.0.0.0/4 -iface gif0"
route_gif0local="-host 169.254.1.1 -iface lo0"
ipv6_static_routes: (str) The IPv6 equivalent of static_routes. If; not set to
``NO'' then for each whitespace separated; element in the
value, a ipv6_route_<element> variable is as; sumed to exist
whose contents will later be passed to a ``route; add -inet6''
operation.
natm_static_routes: (str) The natmip(4) equivalent of static_routes.; If not
empty then for each whitespace separated element; in the
value, a route_<element> variable is assumed to; exist whose
contents will later be passed to a ``atmconfig; natm add''
operation.
gateway_enable: (bool) If set to ``YES'', configure host to act; as an IP
router, e.g. to forward packets between inter; faces.
ipv6_gateway_enable: (bool) The IPv6 equivalent of gateway_enable.
router_enable: (bool) If set to ``YES'', run a routing daemon; of some sort,
based on the settings of router and; router_flags.
ipv6_router_enable: (bool) The IPv6 equivalent of router_enable. If; set to
``YES'', run a routing daemon of some sort,; based on the settings of ipv6_router and ipv6_router_flags.
router (str) If router_enable is set to ``YES'', this
is the name of: the routing daemon to use.
ipv6_router: (str) The IPv6 equivalent of router.
router_flags: (str) If router_enable is set to ``YES'', these; are the flags
to pass to the routing daemon.
ipv6_router_flags: (str) The IPv6 equivalent of router_flags.
mrouted_enable: (bool) If set to ``YES'', run the multicast; routing daemon,
mrouted(8).
mroute6d_enable: (bool) The IPv6 equivalent of mrouted_enable.; If set to
``YES'', run the IPv6 multicast routing daemon.; Note that no
IPv6 multicast routing daemon is included in the; FreeBSD base
system but pim6dd(8) can be installed from the; FreeBSD Ports
Collection.
mrouted_flags: (str) If mrouted_enable is set to ``YES'', these; are the
flags to pass to the mrouted(8) daemon.
mroute6d_flags: (str) The IPv6 equivalent of mrouted_flags. If mroute6d_enable is set to ``YES'', these are the; flags passed
to the IPv6 multicast routing daemon.
mroute6d_program: (str) If mroute6d_enable is set to ``YES'', this; is the path
to the IPv6 multicast routing daemon.
rtadvd_enable: (bool) If set to ``YES'', run the rtadvd(8) dae; mon at boot
time. rtadvd(8) will only run if; ipv6_gateway_enable is also
set to ``YES''. The rtadvd(8) utility sends; router advertisement packets to the interfaces specified in
rtadvd_interfaces and should only be enabled; with great care.
You may want to fine-tune rtadvd.conf(5).
rtadvd_interfaces: (str) If rtadvd_enable is set to ``YES'' this is; the list of
interfaces to use.
ipxgateway_enable: (bool) If set to ``YES'', enable the routing of; IPX traffic.
ipxrouted_enable: (bool) If set to ``YES'', run the IPXrouted(8); daemon at system boot time.
ipxrouted_flags: (str) If ipxrouted_enable is set to ``YES'',; these are the
flags to pass to the IPXrouted(8) daemon.
arpproxy_all: (bool) If set to ``YES'', enable global proxy; ARP.
forward_sourceroute: (bool) If set to ``YES'' and gateway_enable is; also set to
``YES'', source-routed packets are forwarded.
accept_sourceroute: (bool) If set to ``YES'', the system will accept; sourcerouted packets directed at it.
rarpd_enable: (bool) If set to ``YES'', run the rarpd(8) dae; mon at system
boot time.
rarpd_flags: (str) If rarpd_enable is set to ``YES'', these; are the flags
to pass to the rarpd(8) daemon.
bootparamd_enable: (bool) If set to ``YES'', run the bootparamd(8); daemon at
system boot time.
bootparamd_flags: (str) If bootparamd_enable is set to ``YES'',; these are the
flags to pass to the bootparamd(8) daemon.
stf_interface_ipv4addr: (str) If not set to ``NO'', this is the local; IPv4 address
for 6to4 (IPv6 over IPv4 tunneling interface).; Specify this
entry to enable the 6to4 interface.
stf_interface_ipv4plen: (int) Prefix length for 6to4 IPv4 addresses, to; limit peer
address range. An effective value is 0-31.
stf_interface_ipv6_ifid: (str) IPv6 interface ID for stf(4). This can be; set to
``AUTO''.
stf_interface_ipv6_slaid: (str) IPv6 Site Level Aggregator for stf(4).
ipv6_faith_prefix: (str) If not set to ``NO'', this is the faith; prefix to
enable a FAITH IPv6-to-IPv4 TCP translator. You; also need
faithd(8) setup.
ipv6_ipv4mapping: (bool) If set to ``YES'' this enables IPv4; mapped IPv6
address communication (like ::ffff:a.b.c.d).
atm_enable (bool) Set to ``YES'' to enable the configura
tion of ATM: interfaces at system boot time. For all of the; ATM variables
described below, please refer to the atm(8) man; ual page for
further details on the available command parame; ters. Also
refer to the files in /usr/share/examples/atm; for more
detailed configuration information.
atm_load (str) This is a list of physical ATM interface
drivers to: load. Typical values are ``hfa_pci'' and/or; ``hea_pci''.
atm_netif_<intf>: (str) For the ATM physical interface intf, this; variable
defines the name prefix and count for the ATM; network interfaces to be created. The value will be passed; as the parameters of an ``atm set netif intf'' command.
atm_sigmgr_<intf>: (str) For the ATM physical interface intf, this; variable
defines the ATM signalling manager to be used.; The value
will be passed as the parameters of an ``atm; attach intf''
command.
atm_prefix_<intf>: (str) For the ATM physical interface intf, this; variable
defines the NSAP prefix for interfaces using a; UNI signalling
manager. If set to ``ILMI'', the prefix will; automatically
be set via the ilmid(8) daemon. Otherwise, the; value will be
passed as the parameters of an ``atm set prefix; intf'' command.
atm_macaddr_<intf>: (str) For the ATM physical interface intf, this; variable
defines the MAC address for interfaces using a; UNI signalling
manager. If set to ``NO'', the hardware MAC ad; dress contained in the ATM interface card will be used.; Otherwise,
the value will be passed as the parameters of an; ``atm set
mac intf'' command.
atm_arpserver_<netif>: (str) For the ATM network interface netif, this; variable
defines the ATM address for a host which is to; provide ATMARP
service. This variable is only applicable to; interfaces
using a UNI signalling manager. If set to ``lo; cal'', this
host will become an ATMARP server. The value; will be passed
as the parameters of an ``atm set arpserver; netif'' command.
atm_scsparp_<netif>: (bool) If set to ``YES'', SCSP/ATMARP service; for the network
interface netif will be initiated using the sc; spd(8) and
atmarpd(8) daemons. This variable is only ap; plicable if
atm_arpserver_<netif> is set to ``local''.
atm_pvcs (str) Set to the list of ATM PVCs to be added at
system boot: time. For each whitespace separated element in; the value, an
atm_pvc_<element> variable is assumed to exist.; The value of
each of these variables will be passed as the; parameters of
an ``atm add pvc'' command.
atm_arps (str) Set to the list of permanent ATM ARP en
tries to be: added at system boot time. For each whitespace; separated
element in the value, an atm_arp_<element> vari; able is
assumed to exist. The value of each of these; variables will
be passed as the parameters of an ``atm add; arp'' command.
natm_interfaces: (str) Set to the list of natm(4) interfaces that; will also be
used for HARP through harp(4). If this list is; not empty all
interfaces in the list will be brought up with; ifconfig(8)
and harp(4) will be loaded. For this to work; the interface
drivers must be either compiled into the kernel; or must
reside on the root partition.
keybell (str) The keyboard bell sound. Set to ``nor
mal'',: ``visual'', ``off'', or ``NO'' if the default; behavior is
desired. For details, refer to the kbdcon; trol(1) manpage.
keyboard (str) If set to a non-null string, the virtual
console's key: board input is set to this device.
keymap (str) If set to ``NO'', no keymap is installed,
otherwise the: value is used to install the keymap file in
/usr/share/syscons/keymaps/<value>.kbd.
keyrate (str) The keyboard repeat speed. Set to
``slow'',: ``normal'', ``fast'', or ``NO'' if the default; behavior is
desired.
keychange (str) If not set to ``NO'', attempt to program
the function: keys with the value. The value should be a sin; gle string of
the form: ``funkey_number new_value; [funkey_number new_value
...]''.
cursor (str) Can be set to the value of ``normal'',
``blink'',: ``destructive'', or ``NO'' to set the cursor be; havior explicitly or choose the default behavior.
scrnmap (str) If set to ``NO'', no screen map is in
stalled, otherwise: the value is used to install the screen map file; in
/usr/share/syscons/scrnmaps/<value>.
font8x16 (str) If set to ``NO'', the default 8x16 font
value is used: for screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
font8x14 (str) If set to ``NO'', the default 8x14 font
value is used: for screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
font8x8 (str) If set to ``NO'', the default 8x8 font
value is used: for screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
blanktime (int) If set to ``NO'', the default screen
blanking interval: is used, otherwise it is set to value seconds.
saver (str) If not set to ``NO'', this is the actual
screen saver: to use (blank, snake, daemon, etc).
moused_nondefault_enable: (str) If set to ``NO'', the mouse device speci; fied on the
command line is not automatically treated as en; abled by the
/etc/rc.d/moused script. Having this variable; set to ``YES''
allows a usb(4) mouse, for example, to be en; abled as soon as
it is plugged in.
moused_enable: (str) If set to ``YES'', the moused(8) daemon is; started for
doing cut/paste selection on the console.
moused_type: (str) This is the protocol type of the mouse; connected to
this host. This variable must be set if; moused_enable is set
to ``YES''. The moused(8) daemon is able to de; tect the
appropriate mouse type automatically in many; cases. Set this
variable to ``auto'' to let the daemon detect; it, or select
one from the following list if the automatic de; tection fails.; If the mouse is attached to the PS/2 mouse port,; choose
``auto'' or ``ps/2'', regardless of the brand; and model of
the mouse. Likewise, if the mouse is attached; to the bus
mouse port, choose ``auto'' or ``busmouse''.; All other protocols are for serial mice and will not work; with the PS/2
and bus mice. If this is a USB mouse, ``auto''; is the only
protocol type which will work.; microsoft Microsoft mouse (serial)
intellimouse Microsoft IntelliMouse (se; rial)
mousesystems Mouse systems Corp. mouse; (serial)
mmseries MM Series mouse (serial)
logitech Logitech mouse (serial)
busmouse A bus mouse
mouseman Logitech MouseMan and Track; Man (serial)
glidepoint ALPS GlidePoint (serial)
thinkingmouse Kensington ThinkingMouse; (serial)
ps/2 PS/2 mouse
mmhittab MM HitTablet (serial)
x10mouseremote X10 MouseRemote (serial)
versapad Interlink VersaPad (serial); Even if the mouse is not in the above list, it; may be compatible with one in the list. Refer to the manual; page for
moused(8) for compatibility information.; It should also be noted that while this is en; abled, any other
client of the mouse (such as an X server) should; access the
mouse through the virtual mouse device,; /dev/sysmouse, and
configure it as a ``sysmouse'' type mouse, since; all mouse
data is converted to this single canonical for; mat when using
moused(8). If the client program does not sup; port the
``sysmouse'' type, specify the ``mousesystems''; type. It is
the second preferred type.
moused_port: (str) If moused_enable is set to ``YES'', this; is the actual
port the mouse is on. It might be /dev/cuad0; for a COM1
serial mouse, /dev/psm0 for a PS/2 mouse or; /dev/mse0 for a
bus mouse, for example.
moused_flags: (str) If moused_type is set, these are the addi; tional flags
to pass to the moused(8) daemon.
mousechar_start: (int) If set to ``NO'', the default mouse cursor; character
range 0xd0-0xd3 is used, otherwise the range; start is set to
value character, see vidcontrol(1). Use if the; default range
is occupied in the language code table.
allscreens_flags: (str) If set, vidcontrol(1) is run with these; options for
each of the virtual terminals (/dev/ttyv*). For; example,
``-m on'' will enable the mouse pointer on all; virtual terminals if moused_enable is set to ``YES''.
allscreens_kbdflags: (str) If set, kbdcontrol(1) is run with these; options for
each of the virtual terminals (/dev/ttyv*). For; example,
``-h 200'' will set the syscons(4) scrollback; (history)
buffer to 200 lines.
cron_enable: (bool) If set to ``YES'', run the cron(8) daemon; at system
boot time.
cron_program: (str) Path to cron(8) (default /usr/sbin/cron).
cron_flags (str) If cron_enable is set to ``YES'', these
are the flags: to pass to cron(8).
cron_dst (bool) If set to ``YES'', enable the special
handling of: transitions to and from the Daylight Saving Time; in cron(8)
(equivalent to using the flag -s).
lpd_program: (str) Path to lpd(8) (default /usr/sbin/lpd).
lpd_enable (bool) If set to ``YES'', run the lpd(8) daemon
at system: boot time.
lpd_flags (str) If lpd_enable is set to ``YES'', these are
the flags to: pass to the lpd(8) daemon.
chkprintcap_enable: (bool) If set to ``YES'', run the chkprintcap(8); command
before starting the lpd(8) daemon.
chkprintcap_flags: (str) If lpd_enable and chkprintcap_enable are; set to
``YES'', these are the flags to pass to the; chkprintcap(8)
program. The default is ``-d'', which causes; missing directories to be created.
mta_start_script: (str) This variable specifies the full path to; the script to
run to start a mail transfer agent. The default; is
/etc/rc.sendmail. The sendmail_* variables; which
/etc/rc.sendmail uses are documented in the; rc.sendmail(8)
manual page.
dumpdev (str) Indicates the device (usually a swap par
tition) to: which a crash dump should be written in the; event of a system
crash. If the value of this variable is ``AU; TO'', the first
suitable swap device listed in /etc/fstab will; be used as
dump device. Otherwise, the value of this vari; able is passed
as the argument to dumpon(8). To disable crash; dumps, set
this variable to ``NO''.
dumpdir (str) When the system reboots after a crash and
a crash dump: is found on the device specified by the dumpdev; variable,
savecore(8) will save that crash dump and a copy; of the kernel to the directory specified by the dumpdir; variable. The
default value is /var/crash. Set to ``NO'' to; not run
savecore(8) at boot time when dumpdir is set.
savecore_flags: (str) If crash dumps are enabled, these are the; flags to pass
to the savecore(8) utility.
enable_quotas: (bool) Set to ``YES'' to turn on user disk quo; tas on system
startup via the quotaon(8) command.
check_quotas: (bool) Set to ``YES'' to enable user disk quota; checking via
the quotacheck(8) command.
accounting_enable: (bool) Set to ``YES'' to enable system account; ing through the
accton(8) facility.
ibcs2_enable: (bool) Set to ``YES'' to enable iBCS2 (SCO) bi; nary emulation
at system initial boot time.
ibcs2_loaders: (str) If not set to ``NO'' and if ibcs2_enable; is set to
``YES'', this specifies a list of additional; iBCS2 loaders to
enable.
linux_enable: (bool) Set to ``YES'' to enable Linux/ELF binary; emulation at
system initial boot time.
osf1_enable: (bool) Set to ``YES'' to enable OSF/1 (Digital; UNIX) binary
emulation at system initial boot time. (alpha)
svr4_enable: (bool) If set to ``YES'', enable SysVR4 emula; tion at boot
time.
sysvipc_enable: (bool) If set to ``YES'', load System V IPC; primitives at
boot time.
clear_tmp_enable: (bool) Set to ``YES'' to have /tmp cleaned at; startup.
clear_tmp_X: (bool) Set to ``NO'' to disable removing of X11; lock files,
and the removal and (secure) recreation of the; various socket
directories for X11 related programs.
ldconfig_paths: (str) Set to the list of shared library paths to; use with
ldconfig(8). NOTE: /usr/lib will always be; added first, so
it need not appear in this list.
ldconfig32_paths: (str) Set to the list of 32-bit compatibility; shared library
paths to use with ldconfig(8).
ldconfig_paths_aout: (str) Set to the list of shared library paths to; use with
ldconfig(8) legacy a.out(5) support.
ldconfig_insecure: (bool) The ldconfig(8) utility normally refuses; to use directories which are writable by anyone except root.; Set this
variable to ``YES'' to disable that security; check during
system startup.
ldconfig_local_dirs: (str) Set to the list of local ldconfig(8) di; rectories. The
names of all files in the directories listed; will be passed
as arguments to ldconfig(8).
ldconfig_local32_dirs: (str) Set to the list of local 32-bit compati; bility
ldconfig(8) directories. The names of all files; in the
directories listed will be passed as arguments; to ldconfig(8)
-32.
kern_securelevel_enable: (bool) Set to ``YES'' to set the kernel security; level at
system startup.
kern_securelevel: (int) The kernel security level to set at start; up. The
allowed range of value ranges from -1 (the com; pile time
default) to 3 (the most secure). See init(8); for the list of
possible security levels and their effect on; system operation.
sshd_program: (str) Path to the SSH server program; (/usr/sbin/sshd is the
default).
sshd_enable: (bool) Set to ``YES'' to start sshd(8) at system; boot time.
sshd_flags (str) If sshd_enable is set to ``YES'', these
are the flags: to pass to the sshd(8) daemon.
ftpd_program: (str) Path to the FTP server program; (/usr/libexec/ftpd is
the default).
ftpd_enable: (bool) Set to ``YES'' to start ftpd(8) as a; stand-alone daemon at system boot time.
ftpd_flags (str) If ftpd_enable is set to ``YES'', these
are the addi: tional flags to pass to the ftpd(8) daemon.
usbd_enable: (bool) If set to ``YES'', run the usbd(8) daemon; at boot
time.
usbd_flags (str) If usbd_enable is set to ``YES'', these
are the flags: passed to the usbd(8) daemon.
watchdogd_enable: (bool) If set to ``YES'', start the watchdogd(8); daemon at
boot time. This requires that the kernel have; been compiled
with a watchdog(4) compatible device.
watchdogd_flags: (str) If watchdogd_enable is set to ``YES'',; these are the
flags passed to the watchdogd(8) daemon.
performance_cx_lowest: (str) CPU idle state to use while on AC power.; The string
``LOW'' indicates that acpi(4) should use the; lowest power
state available while ``HIGH'' indicates that; the lowest
latency state (less power savings) should be; used.
performance_cpu_freq: (str) CPU clock frequency to use while on AC; power. The
string ``LOW'' indicates that cpufreq(4) should; use the lowest frequency available while ``HIGH'' indicates; that the
highest frequency (less power savings) should be; used.
economy_cx_lowest: (str) CPU idle state to use when off AC power.; The string
``LOW'' indicates that acpi(4) should use the; lowest power
state available while ``HIGH'' indicates that; the lowest
latency state (less power savings) should be; used.
economy_cpu_freq: (str) CPU clock frequency to use when off AC; power. The
string ``LOW'' indicates that cpufreq(4) should; use the lowest frequency available while ``HIGH'' indicates; that the
highest frequency (less power savings) should be; used.
jail_enable: (bool) If set to ``NO'', any configured jails; will not be
started.
jail_list (str) A space separated list of names for jails.
This is: purely a configuration aid to help identify and; configure
multiple jails. The names specified in this; list will be
used to identify settings common to an instance; of a jail.
Assuming that the jail in question was named; vjail, you would
have the following dependent variables:; jail_vjail_hostname="jail.example.com"
jail_vjail_ip="192.168.1.100"
jail_vjail_rootdir="/var/jails/vjail/root"
jail_flags (str) Unset by default. When set, use as de
fault value for: jail_<jid>_flags for every jail in jail_list.
jail_interface: (str) Unset by default. When set, use as de; fault value for
jail_<jid>_interface for every jail in; jail_list.
jail_fstab (str) Unset by default. When set, use as de
fault value for: jail_<jid>_fstab for every jail in jail_list.
jail_mount_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', sets
jail_<jid>_mount_enable to YES by default for; every jail in
jail_list.
jail_devfs_ruleset: (str) Unset by default. When set, sets
jail_<jid>_devfs_ruleset to given value for ev; ery jail in
jail_list.
jail_devfs_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', sets
jail_<jid>_devfs_enable to YES by default for; every jail in
jail_list.
jail_fdescfs_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', sets
jail_<jid>_fdescfs_enable to YES by default for; every jail in
jail_list.
jail_procfs_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', sets
jail_<jid>_fdescfs_enable to YES by default for; every jail in
jail_list.
jail_exec_start: (str) Unset by default. When set, use as de; fault value for
jail_<jid>_exec_start for every jail in; jail_list.
jail_exec_stop: Unset by default. When set, use as default val; ue for
jail_<jid>_exec_stop for every jail in; jail_list.
jail_<jid>_rootdir: (str) Unset by default. Set to the root direc; tory used by
jail jid.
jail_<jid>_hostname: (str) Unset by default. Set to the fully quali; fied domain
name (FQDN) assigned to jail jid.
jail_<jid>_ip: (str) Unset by default. Set to the IP address; assigned to
jail jid.
jail_<jid>_flags: (str) Set to ``-l -U root'' by default. These; are flags to
pass to jail.
jail_<jid>_interface: (str) Unset by default. When set, sets the in; terface to use
when setting IP address alias. Note that the; alias is created at jail startup and removed at jail shut; down.
jail_<jid>_fstab: (str) Set to /etc/fstab.<jid> by default. This; is the file
system information file to use for jail jid.
jail_<jid>_mount_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', mount
all file systems from jail_<jid>_fstab at jail; startup.
jail_<jid>_devfs_ruleset: (str) Unset by default. When set, defines the; device file
system ruleset file to use for jail jid.
jail_<jid>_devfs_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', mount
the device file system inside jail jid at jail; startup.
jail_<jid>_fdescfs_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', mount
the file-descriptor file system inside jail jid; at jail
startup.
jail_<jid>_procfs_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', mount
the process file system inside jail jid at jail; startup.
jail_<jid>_exec_start: (str) Set to ``/bin/sh /etc/rc'' by default.; This is the
command executed at jail startup.
jail_<jid>_exec_stop: (str) Set to ``/bin/sh /etc/rc.shutdown'' by de; fault. This
is the command executed at jail shutdown.
jail_set_hostname_allow: (bool) If set to ``NO'', do not allow the root; user in a jail
to set its hostname.
jail_socket_unixiproute_only: (bool) If set to ``YES'', do not allow any sock; ets, besides
UNIX/IP/route sockets, to be used within a jail.
jail_sysvipc_allow: (bool) If set to ``YES'', allow applications; within a jail to
use System V IPC.
unaligned_print: (bool) If set to ``NO'', unaligned access warn; ings will not
be printed. (alpha)
isdn_enable: (bool) Set to ``NO'' by default. When set to; ``YES'', starts
the isdnd(8) daemon at system boot time.
isdn_flags (str) Set to ``-dn -d0x1f9'' by default. Addi
tional flags to: pass to isdnd(8) (but see isdn_fsdev and; isdn_ttype for certain tunable parameters).
isdn_ttype (str) Set to ``cons25'' by default. The termi
nal type of the: output device when isdnd(8) operates in full; screen mode.
isdn_screenflags: (str) Set to ``NO'' by default. The video mode; for fullscreen mode (only for syscons(4) console driver,; see
vidcontrol(1) for valid modes).
isdn_fsdev (str) Set to ``NO'' by default. The output de
vice for: isdnd(8) in full-screen mode (or ``NO'' for dae; mon mode).
isdn_trace (bool) Set to ``NO'' by default. When set to
``YES'',: enables the ISDN protocol trace utility isd; ntrace(8) at system boot time.
isdn_traceflags: (str) Set to ``-f /var/tmp/isdntrace0'' by de; fault. Flags
for isdntrace(8).
pcvt_verbose: (bool) Set to ``NO'' by default. When set to; ``YES'', verbose messages about the actions done by the; start script are
displayed. Note: the pcvt(4) driver must be; compiled into
the kernel before the pcvt(4) related options; described here
take any effect.
pcvt_keymap: (str) Set to ``NO'' by default. Use this to; configure a
national keyboard mapping found in the
/usr/share/misc/keycap.pcvt file of keyboard; mappings. (See
also the manual pages keycap(5) and keycap(3); for usage of
pcvt(4)'s keycap database and the manual page; kcon(1) option
-m for national keyboard mapping configuration.)
pcvt_keydel: (int) Set to ``NO'' by default. Used to set the; keyboard key
repeat delay value. Valid values are in the; range 0..3 for
delay values of 250, 500, 750 and 1000 msec.; (See also the
kcon(1) manual page.)
pcvt_keyrate: (int) Set to ``NO'' by default. Used to set the; keyboard key
repetition rate value. Valid values are in the; range 0..31
for repetition values of 2..30 characters per; second.
pcvt_keyrepeat: (bool) Set to ``NO'' by default. Set to ``YES''; to enable
automatic keyboard key repeating.
pcvt_force24: (bool) Set to ``NO'' by default. Set to ``YES''; to force
pcvt(4) to use 24 lines only (in 25 lines mode); for compatibility with the original VT220 terminal.
pcvt_hpext (bool) Set to ``NO'' by default. Set to ``YES''
to enable: the display and functionality of function key; labels (as
found on Hewlett-Packard terminals such as the; HP2392A and
the HP700/92 in ANSI mode).
pcvt_lines (int) Set to ``NO'' by default resulting in a
value of 25.: Used to set the number of lines on the screen.; For VGA displays, valid values are 25, 28, 40 and 50 lines.; (See also
the scon(1) manual page.)
pcvt_blanktime: (int) Set to ``NO'' by default. Used to set the; screen saver
timeout in seconds for values greater than zero.
pcvt_cursorh: (int) Set to ``NO'' by default. Used to set the; cursor top
scanline. (See also the cursor(1) manual page.)
pcvt_cursorl: (int) Set to ``NO'' by default. Used to set the; cursor bottom scanline.
pcvt_monohigh: (bool) Set to ``NO'' by default. Set to ``YES''; to set
intensity to high on monochrome monitors. (See; also the
scon(1) manual page, option -p, for more infor; mation on
changing VGA palette values.)
harvest_interrupt: (bool) Set to ``YES'' to use hardware interrupts; as an
entropy source. Refer to random(4) for more in; formation.
harvest_ethernet: (bool) Set to ``YES'' to use LAN traffic as an; entropy
source. Refer to random(4) for more informa; tion.
harvest_p_to_p: (bool) Set to ``YES'' to use serial line traffic; as an
entropy source. Refer to random(4) for more in; formation.
entropy_dir: (str) Set to ``NO'' to disable caching entropy; via cron(8).
Otherwise set to the directory used to store en; tropy files
in.
entropy_file: (str) Set to ``NO'' to disable caching entropy; through
reboots. Otherwise set to the filename used to; store cached
entropy through reboots. This file should be; located on the
root file system to seed the random(4) device as; early as
possible in the boot process.
entropy_save_sz: (int) Size of the entropy cache files saved by; save-entropy
periodically.
entropy_save_num: (int) Number of entropy cache files to save by; save-entropy
periodically.
ipsec_enable: (bool) Set to ``YES'' to run setkey(8) on; ipsec_file at boot
time.
ipsec_file (str) Configuration file for setkey(8).
dmesg_enable: (bool) Set to ``YES'' to save dmesg(8) to; /var/run/dmesg.boot
on boot.
rcshutdown_timeout: (int) If set, start a watchdog timer in the; background which
will terminate rc.shutdown if shutdown(8) has; not completed
within the specified time (in seconds). Notice; that in addition to this soft timeout, init(8) also applies; a hard timeout for the execution of rc.shutdown. This is; configured via
sysctl(8) variable kern.init_shutdown_timeout; and defaults to
120 seconds. Setting the value of; rcshutdown_timeout to more
than 120 seconds will have no effect until the; sysctl(8)
variable kern.init_shutdown_timeout is also in; creased.
virecover_enable: (bool) Set to ``NO'' to prevent the system from; trying to
recover pre-maturely terminated vi(1) sessions.
ugidfw_enable: (bool) Set to ``YES'' to load the mac_bsdextend; ed(4) module
upon system initialization and load a default; ruleset file.
bsdextended_script: (str) The default mac_bsdextended(4) ruleset; file to load.
The default value of this variable is; /etc/rc.bsdextended.
newsyslog_enable: (bool) If set to ``YES'', run newsyslog(8) com; mand at
startup.
newsyslog_flags: (str) If newsyslog_enable is set to ``YES'',; these are the
flags to pass to the newsyslog(8) program. The; default is
``-CN'', which causes log files flagged with a C; to be created.
ramdisk_units: (str) A list of one or more ramdisk units to; configure with
mdconfig(8) and newfs(8) in time to be mounted; from fstab(5).
Each listed unit X must specify at least a type; in a
ramdisk_<X>_config variable.
ramdisk_<X>_config: (str) Arguments to mdconfig(8) for ramdisk X.; At minimum a
-t type must be specified, where type must be; one of malloc
or swap.
ramdisk_<X>_newfs: (str) Optional arguments passed to newfs(8) to; initialize
ramdisk X.
ramdisk_<X>_owner: (str) An ownership specification passed to; chown(8) after the
specified ramdisk unit X has been mounted. Both; the md(4)
device and the mount point will be changed.
ramdisk_<X>_perms: (str) A mode string passed to chmod(1) after the; specified
ramdisk unit X has been mounted. Both the md(4); device and
the mount point will be changed.

FILES

/etc/defaults/rc.conf
/etc/rc.conf
/etc/rc.conf.local

HISTORY

The rc.conf file appeared in FreeBSD 2.2.2.

AUTHORS

Jordan K. Hubbard.
BSD May 5, 2006

docs.sk

comprehensive documentation repository

See also

rc.conf(5)

NAME

DESCRIPTION

IPFIREWALL

FILES

SEE ALSO

HISTORY

AUTHORS