rc.conf(5)

NAME

rc.conf - system configuration information

DESCRIPTION

The file rc.conf contains descriptive information about the
local host
name, configuration details for any potential network inter
faces and
which services should be started up at system initial boot
time. In new
installations, the rc.conf file is generally initialized by
the system
installation utility, sysinstall(8).
The purpose of rc.conf is not to run commands or perform
system startup
actions directly. Instead, it is included by the various
generic startup
scripts in /etc which conditionalize their internal actions
according to
the settings found there.
The /etc/rc.conf file is included from the file
/etc/defaults/rc.conf,
which specifies the default settings for all the available
options.
Options need only be specified in /etc/rc.conf when the sys
tem administrator wishes to override these defaults. The file
/etc/rc.conf.local is
used to override settings in /etc/rc.conf for historical
reasons. See
the rc_conf_files variable below.
Options are set with ``name=value'' assignments that use
sh(1) syntax.
The following list provides a name and short description for
each variable that can be set in the rc.conf file:
rc_debug (bool) If set to ``YES'', enable output of debug
messages
from rc scripts. This variable can be helpful
in diagnosing
mistakes when editing or integrating new
scripts. Beware
that this produces copious output to the termi
nal and
syslog(3).
rc_info (bool) If set to ``NO'', disable informational
messages from
the rc scripts. Informational messages are dis
played when a
condition that is not serious enough to warrant
a warning or
an error occurs.
early_late_divider
(str) The name of the script that should be used
as the
delimiter between the ``early'' and ``late''
stages of the
boot process. The early stage should contain
all the services needed to get the disks (local or remote)
mounted so
that the late stage can include scripts con
tained in the
directories listed in the local_startup variable
(see below).
Thus, the two likely candidates for this value
are mountcritlocal for the typical system, and
mountcritremote if the system needs remote file systems mounted to get ac
cess to the
local_startup directories; for example when
/usr/local is NFS
mounted. For rc.conf within a jail(8) NETWORK
ING is likely
to be an appropriate value. Extreme care should
be taken
when changing this value, and before changing it
one should
ensure that there are adequate provisions to re
cover from a
failed boot (such as physical contact with the
machine, or
reliable remote console access).
swapfile (str) If set to ``NO'', no swapfile is in
stalled, otherwise
the value is used as the full pathname to a file
to use for
additional swap space.
apm_enable (bool) If set to ``YES'', enable support for Au
tomatic Power
Management with the apm(8) command.
apmd_enable
(bool) Run apmd(8) to handle APM event from
userland. This
also enables support for APM.
apmd_flags (str) If apmd_enable is set to ``YES'', these
are the flags
to pass to the apmd(8) daemon.
devd_enable
(bool) Run devd(8) to handle device added, re
moved or unknown
events from the kernel.
kldxref_enable
(bool) Set to ``NO'' by default. Set to ``YES''
to automatically rebuild linker.hints files with kldxref(8)
at boot
time.
kldxref_clobber
(bool) Set to ``NO'' by default. If
kldxref_enable is true,
setting to ``YES'' will overwrite existing
linker.hints files
at boot time. Otherwise, only missing
linker.hints files are
generated.
kldxref_module_path
(str) Empty by default. A semi-colon (`;') de
limited list of
paths containing kld(4) modules. If empty, the
contents of
the kern.module_path sysctl(8) are used.
pccard_enable
(bool) If set to ``YES'', enable PCCARD support
at boot time.
pccard_mem (str) Set to PCCARD controller memory address or
``DEFAULT''
for the default value.
pccard_beep
(int) If 0, set the PCCARD controller to silent
mode. If 1,
set it to beep mode. If 2, set it to melody
mode.
pccard_conf
(str) Path to the configuration file for the pc
cardd(8) daemon (e.g. /etc/pccard.conf.sample).
pccardd_flags
(str) If pccard_enable is set to ``YES'', these
are the flags
to pass to the pccardd(8) daemon.
powerd_enable
(bool) If set to ``YES'', enable the system pow
er control
facility with the powerd(8) daemon.
powerd_flags
(str) If powerd_enable is set to ``YES'', these
are the flags
to pass to the powerd(8) daemon.
tmpmfs Controls the creation of a /tmp memory file sys
tem. Always
happens if set to ``YES'' and never happens if
set to ``NO''.
If set to anything else, a memory file system is
created if
/tmp is not writable.
tmpsize Controls the size of a created /tmp memory file
system.
tmpmfs_flags
Extra options passed to the mdmfs(8) utility
when the memory
file system for /tmp is created. The default is
``-S -M'',
which inhibits the use of softupdates on /tmp to
waste as
little space as possible and creates a pure mem
ory backed
disk, which will never be swapped out, for maxi
mum performance and system stability at low memory condi
tions. See
mdmfs(8) for other options you can use in
tmpmfs_flags.
varmfs Controls the creation of a /var memory file sys
tem. Always
happens if set to ``YES'' and never happens if
set to ``NO''.
If set to anything else, a memory file system is
created if
/var is not writable.
varsize Controls the size of a created /var memory file
system.
varmfs_flags
Extra options passed to the mdmfs(8) utility
when the memory
file system for /var is created. The default is
``-S -M'',
which inhibits the use of softupdates on /var to
waste as
little space as possible and creates a pure mem
ory backed
disk, which will never be swapped out, for maxi
mum performance and system stability at low memory condi
tions. See
mdmfs(8) for other options you can use in
varmfs_flags.
populate_var
Controls the automatic population of the /var
file system.
Always happens if set to ``YES'' and never hap
pens if set to
``NO''. If set to anything else, a memory file
system is
created if /var is not writable. Note that this
process
requires access to certain commands in /usr be
fore /usr is
mounted on normal systems.
cleanvar_enable
(bool) Clean the /var directory.
local_startup
(str) List of directories to search for startup
script files.
script_name_sep
(str) The field separator to use for breaking
down the list
of startup script files into individual file
names. The
default is a space. It is not necessary to
change this
unless there are startup scripts with names con
taining
spaces.
hostapd_enable
(bool) Set to ``YES'' to start hostapd(8) at
system boot
time.
hostname (str) The fully qualified domain name (FQDN) of
this host on
the network. This should almost certainly be
set to something meaningful, even if there is no network
connection. If
dhclient(8) is used to set the hostname via
DHCP, this variable should be set to an empty string.
ipv6_enable
(bool) Enable support for IPv6 networking. Note
that this
requires that the kernel has been compiled with
options
INET6.
nisdomainname
(str) The NIS domain name of this host, or
``NO'' if NIS is
not used.
dhclient_program
(str) Path to the DHCP client program
(/sbin/dhclient, the
OpenBSD DHCP client, is the default).
dhclient_flags
(str) Additional flags to pass to the DHCP
client program.
For the OpenBSD DHCP client, see the dhclient(8)
manpage for
a description of the command line options avail
able.
background_dhclient
(bool) Set to ``YES'' to start the DHCP client
in background.
This can cause trouble with applications depend
ing on a working network, but it will provide a faster start
up in many
cases.
firewall_enable
(bool) Set to ``YES'' to load firewall rules at
startup. If
the kernel was not built with options

IPFIREWALL

kernel module will be loaded. See also
ipfilter_enable.
ipv6_firewall_enable
(bool) The IPv6 equivalent of firewall_enable.
Set to
``YES'' to load IPv6 firewall rules at startup.
If the kernel was not built with options IPV6FIREWALL, the
ip6fw.ko
kernel module will be loaded.
firewall_script
(str) This variable specifies the full path to
the firewall
script to run. The default is /etc/rc.firewall.
ipv6_firewall_script
(str) The IPv6 equivalent of firewall_script.
firewall_type
(str) Names the firewall type from the selection
in
/etc/rc.firewall, or the file which contains the
local firewall ruleset. Valid selections from
/etc/rc.firewall are:
open unrestricted IP access
closed all IP services disabled, except via
``lo0''
client basic protection for a workstation
simple basic protection for a LAN.
If a filename is specified, the full path must
be given.
ipv6_firewall_type
(str) The IPv6 equivalent of firewall_type.
firewall_quiet
(bool) Set to ``YES'' to disable the display of
firewall
rules on the console during boot.
ipv6_firewall_quiet
(bool) The IPv6 equivalent of firewall_quiet.
firewall_logging
(bool) Set to ``YES'' to enable firewall event
logging. This
is equivalent to the IPFIREWALL_VERBOSE kernel
option.
ipv6_firewall_logging
(bool) The IPv6 equivalent of firewall_logging.
firewall_flags
(str) Flags passed to ipfw(8) if firewall_type
specifies a
filename.
ipv6_firewall_flags
(str) The IPv6 equivalent of firewall_flags.
natd_program
(str) Path to natd(8).
natd_enable
(bool) Set to ``YES'' to enable natd(8).
firewall_enable
must also be set to ``YES'', and divert(4) sock
ets must be
enabled in the kernel. If the kernel was not
built with
options IPDIVERT, the ipdivert.ko kernel module
will be
loaded.
natd_interface
(str) This is the name of the public interface
on which
natd(8) should run. The interface may be given
as an interface name or as an IP address.
natd_flags (str) Additional natd(8) flags should be placed
here. The -n
or -a flag is automatically added with the above
natd_interface as an argument.
ipfilter_enable
(bool) Set to ``NO'' by default. Setting this
to ``YES''
enables ipf(8) packet filtering.
Typical usage will require putting
ipfilter_enable="YES"
ipnat_enable="YES"
ipmon_enable="YES"
ipfs_enable="YES"
into /etc/rc.conf and editing /etc/ipf.rules and /etc/ipnat.rules appropriately.
Note that ipfilter_enable and ipnat_enable can
be enabled
independently. ipmon_enable and ipfs_enable
both require at
least one of ipfilter_enable and ipnat_enable to
be enabled.
Having
options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK
in the kernel configuration file is a good idea,
too.
ipfilter_program
(str) Path to ipf(8) (default /sbin/ipf).
ipfilter_rules
(str) Set to /etc/ipf.rules by default. This
variable contains the name of the filter rule definition
file. The file
is expected to be readable for the ipf(8) com
mand to execute.
ipv6_ipfilter_rules
(str) Set to /etc/ipf6.rules by default. This
variable contains the IPv6 filter rule definition file. The
file is
expected to be readable for the ipf(8) command
to execute.
ipfilter_flags
(str) Empty by default. This variable contains
flags passed
to the ipf(8) program.
ipnat_enable
(bool) Set to ``NO'' by default. Set it to
``YES'' to enable
ipnat(8) network address translation. See
ipfilter_enable
for a detailed discussion.
ipnat_program
(str) Path to ipnat(8) (default /sbin/ipnat).
ipnat_rules
(str) Set to /etc/ipnat.rules by default. This
variable contains the name of the file holding the network
address translation definition. This file is expected to be
readable for
the ipnat(8) command to execute.
ipnat_flags
(str) Empty by default. This variable contains
flags passed
to the ipnat(8) program.
ipmon_enable
(bool) Set to ``NO'' by default. Set it to
``YES'' to enable
ipmon(8) monitoring (logging ipf(8) and ipnat(8)
events).
Setting this variable needs setting
ipfilter_enable or
ipnat_enable too. See ipfilter_enable for a de
tailed discussion.
ipmon_program
(str) Path to ipmon(8) (default /sbin/ipmon).
ipmon_flags
(str) Set to ``-Ds'' by default. This variable
contains
flags passed to the ipmon(8) program. Another
typical example would be ``-D /var/log/ipflog'' to have ip
mon(8) log
directly to a file bypassing syslogd(8). Make
sure to adjust
/etc/newsyslog.conf in such case like this:
/var/log/ipflog 640 10 100 * Z
/var/run/ipmon.pid
ipfs_enable
(bool) Set to ``NO'' by default. Set it to
``YES'' to enable
ipfs(8) saving the filter and NAT state tables
during shutdown and reloading them during startup again.
Setting this
variable needs setting ipfilter_enable or
ipnat_enable to
``YES'' too. See ipfilter_enable for a detailed
discussion.
Note that if kern_securelevel is set to 3,
ipfs_enable cannot
be used because the raised securelevel will pre
vent ipfs(8)
from saving the state tables at shutdown time.
ipfs_program
(str) Path to ipfs(8) (default /sbin/ipfs).
ipfs_flags (str) Empty by default. This variable contains
flags passed
to the ipfs(8) program.
pf_enable (bool) Set to ``NO'' by default. Setting this
to ``YES''
enables pf(4) packet filtering.
Typical usage will require putting

pf_enable="YES"
into /etc/rc.conf and editing /etc/pf.conf ap
propriately.

device pf
builds pf(4) into the kernel. Otherwise it is
loaded from a
module.
pf_rules (str) Path to pf(4) ruleset configuration file
(default
/etc/pf.conf).
pf_program (str) Path to pfctl(8) (default /sbin/pfctl).
pf_flags (str) If pf_enable is set to ``YES'', these
flags are passed
to the pfctl(8) program when loading the rule
set.
pflog_enable
(bool) Set to ``NO'' by default. Setting this
to ``YES''
enables pflogd(8) which logs packets from the
pf(4) packet
filter.
pflog_logfile
(str) If pflog_enable is set to ``YES'' this
controls where
pflogd(8) stores the logfile (default
/var/log/pflog). Check
/etc/newsyslog.conf to adjust logfile rotation
for this.
pflog_program
(str) Path to pflogd(8) (default /sbin/pflogd).
pflog_flags
(str) Empty by default. This variable contains
additional
flags passed to the pflogd(8) program.
pfsync_enable
(bool) Set to ``NO'' by default. Setting this
to ``YES''
enables exposing pf(4) state changes to other
hosts over the
network by means of pfsync(4). The
pfsync_syncdev variable
must also be set then.
pfsync_syncdev
(str) Empty by default. This variable specifies
the name of
the network interface pfsync(4) should operate
through. It
must be set accordingly if pfsync_enable is set
to ``YES''.
pfsync_ifconfig
(str) Empty by default. This variable can con
tain additional
options to be passed to the ifconfig(8) command
used to set
up pfsync(4).
tcp_extensions
(bool) Set to ``YES'' by default. Setting this
to ``NO''
disables certain TCP options as described by RFC
1323. Setting this to ``NO'' might help remedy such prob
lems with connections as randomly hanging or other weird be
havior. Some
network devices are known to be broken with re
spect to these
options.
log_in_vain
(int) Set to 0 by default. The sysctl(8) vari
ables,
net.inet.tcp.log_in_vain and
net.inet.udp.log_in_vain, as
described in tcp(4) and udp(4), are set to the
given value.
tcp_keepalive
(bool) Set to ``YES'' by default. Setting to
``NO'' will
disable probing idle TCP connections to verify
that the peer
is still up and reachable.
tcp_drop_synfin
(bool) Set to ``NO'' by default. Setting to
``YES'' will
cause the kernel to ignore TCP frames that have
both the SYN
and FIN flags set. This prevents OS finger
printing, but may
break some legitimate applications. This option
is only
available if the kernel was built with the
TCP_DROP_SYNFIN
option.
icmp_drop_redirect
(bool) Set to ``NO'' by default. Setting to
``YES'' will
cause the kernel to ignore ICMP REDIRECT pack
ets. Refer to
icmp(4) for more information.
icmp_log_redirect
(bool) Set to ``NO'' by default. Setting to
``YES'' will
cause the kernel to log ICMP REDIRECT packets.
Note that the
log messages are not rate-limited, so this op
tion should only
be used for troubleshooting networks. Refer to
icmp(4) for
more information.
icmp_bmcastecho
(bool) Set to ``YES'' to respond to broadcast or
multicast
ICMP ping packets. Refer to icmp(4) for more
information.
ip_portrange_first
(int) If not set to ``NO'', this is the first
port in the
default portrange. Refer to ip(4) for more in
formation.
ip_portrange_last
(int) If not set to ``NO'', this is the last
port in the
default portrange. Refer to ip(4) for more in
formation.
network_interfaces
(str) Set to the list of network interfaces to
configure on
this host or ``AUTO'' (the default) for all cur
rent interfaces. For example, if the only active network
devices in
the system are the loopback device (lo0) and a
NIC using the
ed(4) driver, this could be set to ``lo0 ed0''.
An ifconfig_<interface> variable is also assumed
to exist for
each value of interface. The variable can con
tain arguments
to ifconfig(8), as well as special case-insensi
tive keywords
described below. Such keywords are removed be
fore passing
the value to ifconfig(8) while the order of the
other arguments is preserved.
One can configure more than one IPv4 address
with the
ipv4_addrs_<interface> variable. One or more IP
addresses
must be provided in Classless Inter-Domain Rout
ing (CIDR)
address notation, whose last byte can be a range
like
192.168.0.5-23/24. In this case the address
192.168.0.5 will
be configured with the netmask /24 and the ad
dresses
192.168.0.6 to 192.168.0.23 with the non-con
flicting netmask
/32 as explained in the ifconfig(8) alias sec
tion. With the
interface in question being ed0, an example
could look like:
ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28"
It is also possible to add IP alias entries us
ing ifconfig(8)
syntax. Assuming that the interface in question
was ed0, it
might look something like this:
ifconfig_ed0_alias0="inet 127.0.0.253 netmask
0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.254 netmask
0xffffffff"
And so on. For each
ifconfig_<interface>_alias<n> entry that is found, its contents are passed to ifcon
fig(8). Execution
stops at the first unsuccessful access, so if
something like
this is present:
ifconfig_ed0_alias0="inet 127.0.0.251 netmask
0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.252 netmask
0xffffffff"
ifconfig_ed0_alias2="inet 127.0.0.253 netmask
0xffffffff"
ifconfig_ed0_alias4="inet 127.0.0.254 netmask
0xffffffff"
Then note that alias4 would not be added since
the search
would stop with the missing ``alias3'' entry.
Due to this
difficult to manage behavior, the
ifconfig_<interface>_alias<n> form is deprecat
ed.
If the /etc/start_if.<interface> file is pre
sent, it is read
and executed by the sh(1) interpreter before
configuring the
interface as specified in the
ifconfig_<interface> and
ifconfig_<interface>_alias<n> variables.
If the ifconfig_<interface> contains the keyword
``NOAUTO''
then the interface will not be configured at
boot or by
/etc/pccard_ether when network_interfaces is set
to ``AUTO''.
It is possible to bring up an interface with
DHCP by adding
``DHCP'' to the ifconfig_<interface> variable.
For instance,
to initialize the ed0 device via DHCP, it is
possible to use
something like:
ifconfig_ed0="DHCP"
Also, if your interface needs WPA authentica
tion, it is possible to add ``WPA'' to the ifconfig_<interface>
variable.
Finally, you can add ifconfig(8) options in this
variable, in
addition to the /etc/start_if.<interface> file.
For
instance, to initialize the wi0 device via DHCP,
using WPA
authentication and 802.11b mode, it is possible
to use something like:
ifconfig_wi0="DHCP WPA mode 11b"
In addition to the ifconfig_<interface> form, a
fallback
variable ifconfig_DEFAULT may be configured. It
will be used
for all interfaces with no ifconfig_<interface>
variable.
This is intended to replace the no longer sup
ported
pccard_ifconfig variable.
It is also possible to rename interface by do
ing:
ifconfig_ed0_name="net0"
ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
ipv6_network_interfaces
(str) This is the IPv6 equivalent of
network_interfaces.
Instead of setting the ifconfig variables as
ifconfig_<interface> they should be set as ipv6_ifconfig_<interface>. Aliases should be
set as
ipv6_ifconfig_<interface>_alias<n>.
ipv6_prefix_<interface>
does something. Interfaces that do not have a
ipv6_ifconfig_<interface> setting will be auto
configured by
rtsol(8) if the ipv6_gateway_enable is set to
``NO''. Note
that the IPv6 networking code does not support
the
/etc/start_if.<interface> files.
ipv6_default_interface
(str) If not set to ``NO'', this is the default
output interface for scoped addresses. Now this works only
for IPv6 link
local multicast addresses.
cloned_interfaces
(str) Set to the list of clonable network inter
faces to create on this host. Entries in cloned_interfaces
are automatically appended to network_interfaces for config
uration.
gif_interfaces
(str) Set to the list of gif(4) tunnel inter
faces to configure on this host. A gifconfig_<interface> vari
able is
assumed to exist for each value of interface.
The value of
this variable is used to configure the link lay
er of the tunnel according to the syntax of the tunnel option
to
ifconfig(8). Additionally, this option ensures
that each
listed interface is created via the create op
tion to
ifconfig(8) before attempting to configure it.
sppp_interfaces
(str) Set to the list of sppp(4) interfaces to
configure on
this host. A spppconfig_<interface> variable is
assumed to
exist for each value of interface. Each inter
face should
also be configured by a general
ifconfig_<interface> setting.
Refer to spppcontrol(8) for more information
about available
options.
ppp_enable (bool) If set to ``YES'', run the ppp(8) daemon.
ppp_mode (str) Mode in which to run the ppp(8) daemon.
Accepted modes
are ``auto'', ``ddial'', ``direct'' and ``dedi
cated''. See
the manual for a full description.
ppp_nat (bool) If set to ``YES'', enables network ad
dress transla
tion. Used in conjunction with gateway_enable
allows hosts
on private network addresses access to the In
ternet using
this host as a network address translating
router.
ppp_profile
(str) The name of the profile to use from
/etc/ppp/ppp.conf.
ppp_user (str) The name of the user under which ppp(8)
should be
started. By default, ppp(8) is started as
``root''.
rc_conf_files
(str) This option is used to specify a list of
files that
will override the settings in
/etc/defaults/rc.conf. The
files will be read in the order in which they
are specified
and should include the full path to the file.
By default,
the files specified are /etc/rc.conf and
/etc/rc.conf.local
gbde_autoattach_all
(bool) If set to ``YES'', /etc/rc.d/gbde will
attempt to
automatically initialize your .bde devices in
/etc/fstab.
gbde_devices
(str) List the devices that the script should
try to attach,
or ``AUTO''.
gbde_lockdir
(str) The directory where the gbde(4) lockfiles
are located.
The default lockfile directory is /etc.
The lockfile for each individual gbde(4) device
can be overridden by setting the variable
gbde_lock_<device>, where
device is the encrypted device without the
``/dev/'' and
``.bde'' parts.
gbde_attach_attempts
(int) Number of times to attempt attaching to a
gbde(4)
device, i.e., how many times the user is asked
for the passphrase. Default is 3.
geli_devices
(str) List of devices to automatically attach on
boot. Note
that .eli devices from /etc/fstab are automati
cally appended
to this list.
geli_tries (int) Number of times user is asked for the
pass-phrase. If
empty, it will be taken from kern.geom.eli.tries
sysctl variable.
geli_default_flags
(str) Default flags to use by geli(8) when con
figuring disk
encryption. Flags can be configured for every
device separately by defining geli_<device>_flags variable.
geli_autodetach
(str) Specifies if GELI devices should be marked
for detach
on last close after file systems are mounted.
Default is
``YES''. This can be changed for every device
separately by
defining geli_<device>_autodetach variable.
geli_swap_flags
Options passed to the geli(8) utility when en
crypted GEOM
providers for swap partitions are created. The
default is
``-a aes -l 256 -s 4096 -d''.
root_rw_mount
(bool) Set to ``YES'' by default. After the
file systems are
checked at boot time, the root file system is
remounted as
read-write if this is set to ``YES''. Diskless
systems that
mount their root file system from a read-only
remote NFS
share should set this to ``NO'' in their
rc.conf.
fsck_y_enable
(bool) If set to ``YES'', fsck(8) will be run
with the -y
flag if the initial preen of the file systems
fails.
background_fsck
(bool) If set to ``YES'', the system will at
tempt to run
fsck(8) in the background where possible.
background_fsck_delay
(int) The amount of time in seconds to sleep be
fore starting
a background fsck(8). It defaults to sixty sec
onds to allow
large applications such as the X server to start
before disk
I/O bandwidth is monopolized by fsck(8).
netfs_types
(str) List of file system types that are net
work-based. This
list should generally not be modified by end
users. Use
extra_netfs_types instead.
extra_netfs_types
(str) If set to something other than ``NO'' (the
default),
this variable extends the list of file system
types for which
automatic mounting at startup by rc(8) should be
delayed
until the network is initialized. It should
contain a
whitespace-separated list of network file system
descriptor
pairs, each consisting of a file system type as
passed to
mount(8) and a human-readable, one-word descrip
tion, joined
with a colon (`:'). Extending the default list
in this way
is only necessary when third party file system
types are
used.
syslogd_enable
(bool) If set to ``YES'', run the syslogd(8)
daemon.
syslogd_program
(str) Path to syslogd(8) (default
/usr/sbin/syslogd).
syslogd_flags
(str) If syslogd_enable is set to ``YES'', these
are the
flags to pass to syslogd(8).
inetd_enable
(bool) If set to ``YES'', run the inetd(8) dae
mon.
inetd_program
(str) Path to inetd(8) (default
/usr/sbin/inetd).
inetd_flags
(str) If inetd_enable is set to ``YES'', these
are the flags
to pass to inetd(8).
named_enable
(bool) If set to ``YES'', run the named(8) dae
mon.
named_program
(str) Path to named(8) (default
/usr/sbin/named).
named_flags
(str) If named_enable is set to ``YES'', these
are the flags
to pass to named(8).
named_pidfile
(str) This is the default path to the named(8)
daemon's PID
file. This must match the location in
named.conf(5).
named_uid (str) The user that the named process should be
run as.
named_chrootdir
(str) The root directory for a name server run
in a chroot(8)
environment (default /var/named). If left empty
named(8)
will not be run in a chroot(8) environment.
named_chroot_autoupdate
(bool) Set to ``NO'' to disable automatic update
of the
chroot(8) environment.
named_symlink_enable
(bool) Set to ``NO'' to disable symlinking of
daemon's PID
file into the chroot(8) environment.
kerberos5_server_enable
(bool) Set to ``YES'' to start a Kerberos 5 au
thentication
server at boot time.
kerberos5_server
(str) If kerberos5_server_enable is set to
``YES'' this is
the path to Kerberos 5 Authentication Server.
kerberos5_server_flags
(str) Empty by default. This variable contains
additional
flags to be passed to the Kerberos 5 authentica
tion server.
kadmind5_server_enable
(bool) Set to ``YES'' to start kadmind(8), the
Kerberos 5
Administration Daemon; set to ``NO'' on a slave
server.
kadmind5_server
(str) If kadmind5_server_enable is set to
``YES'' this is the
path to Kerberos 5 Administration Daemon.
kpasswdd_server_enable
(bool) Set to ``YES'' to start kpasswdd(8), the
Kerberos 5
Password-Changing Daemon; set to ``NO'' on a
slave server.
kpasswdd_server
(str) If kpasswdd_server_enable is set to
``YES'' this is the
path to Kerberos 5 Password-Changing Daemon.
rwhod_enable
(bool) If set to ``YES'', run the rwhod(8) dae
mon at boot
time.
rwhod_flags
(str) If rwhod_enable is set to ``YES'', these
are the flags
to pass to it.
amd_enable (bool) If set to ``YES'', run the amd(8) daemon
at boot time.
amd_flags (str) If amd_enable is set to ``YES'', these are
the flags to
pass to it. See the amd(8) manpage for more in
formation.
amd_map_program
(str) If set, the specified program is run to
get the list of
amd(8) maps. For example, if the amd(8) maps
are stored in
NIS, one can set this to run ypcat(1) to get a
list of amd(8)
maps from the amd.master NIS map.
update_motd
(bool) If set to ``YES'', /etc/motd will be up
dated at boot
time to reflect the kernel release being run.
If set to
``NO'', /etc/motd will not be updated.
nfs_client_enable
(bool) If set to ``YES'', run the NFS client
daemons at boot
time.
nfs_access_cache
(int) If nfs_client_enable is set to ``YES'',
this can be set
to ``0'' to disable NFS ACCESS RPC caching, or
to the number
of seconds for which NFS ACCESS results should
be cached. A
value of 2-10 seconds will substantially reduce
network traffic for many NFS operations.
nfs_server_enable
(bool) If set to ``YES'', run the NFS server
daemons at boot
time.
nfs_server_flags
(str) If nfs_server_enable is set to ``YES'',
these are the
flags to pass to the nfsd(8) daemon.
mountd_enable
(bool) If set to ``YES'', and no
nfs_server_enable is set,
start mountd(8), but not nfsd(8) daemon. It is
commonly
needed to run CFS without real NFS used.
mountd_flags
(str) If mountd_enable is set to ``YES'', these
are the flags
to pass to the mountd(8) daemon.
weak_mountd_authentication
(bool) If set to ``YES'', allow services like
PCNFSD to make
non-privileged mount requests.
nfs_reserved_port_only
(bool) If set to ``YES'', provide NFS services
only on a
secure port.
nfs_bufpackets
(int) If set to a number, indicates the number
of packets
worth of socket buffer space to reserve on an
NFS client.
The kernel default is typically 4. Using a
higher number may
be useful on gigabit networks to improve perfor
mance. The
minimum value is 2 and the maximum is 64.
rpc_lockd_enable
(bool) If set to ``YES'' and also an NFS server
or client,
run rpc.lockd(8) at boot time.
rpc_statd_enable
(bool) If set to ``YES'' and also an NFS server
or client,
run rpc.statd(8) at boot time.
rpcbind_program
(str) Path to rpcbind(8) (default
/usr/sbin/rpcbind).
rpcbind_enable
(bool) If set to ``YES'', run the rpcbind(8)
service at boot
time.
rpcbind_flags
(str) If rpcbind_enable is set to ``YES'', these
are the
flags to pass to the rpcbind(8) daemon.
keyserv_enable
(bool) If set to ``YES'', run the keyserv(8)
daemon on boot
for running Secure RPC.
keyserv_flags
(str) If keyserv_enable is set to ``YES'', these
are the
flags to pass to keyserv(8) daemon.
pppoed_enable
(bool) If set to ``YES'', run the pppoed(8) dae
mon at boot
time to provide PPP over Ethernet services.
pppoed_provider
(str) pppoed(8) listens to requests to this
provider and
ultimately runs ppp(8) with a system argument of
the same
name.
pppoed_flags
(str) Additional flags to pass to pppoed(8).
pppoed_interface
(str) The network interface to run pppoed(8) on.
This is
mandatory when pppoed_enable is set to ``YES''.
timed_enable
(bool) If set to ``YES'', run the timed(8) ser
vice at boot
time. This command is intended for networks of
machines
where a consistent ``network time'' for all
hosts must be
established. This is often useful in large NFS
environments
where time stamps on files are expected to be
consistent network-wide.
timed_flags
(str) If timed_enable is set to ``YES'', these
are the flags
to pass to the timed(8) service.
ntpdate_enable
(bool) If set to ``YES'', run ntpdate(8) at sys
tem startup.
This command is intended to synchronize the sys
tem clock only
once from some standard reference. An option to
set this up
initially (from a list of known servers) is also
provided by
the sysinstall(8) program when the system is
first installed.
ntpdate_hosts
(str) A whitespace-separated list of NTP servers
to synchronize with at startup. The default is to use the
servers
listed in /etc/ntp.conf, if that file exists.
ntpdate_program
(str) Path to ntpdate(8) (default
/usr/sbin/ntpdate).
ntpdate_flags
(str) If ntpdate_enable is set to ``YES'', these
are the
flags to pass to the ntpdate(8) command (typi
cally a hostname).
ntpd_enable
(bool) If set to ``YES'', run the ntpd(8) com
mand at boot
time.
ntpd_program
(str) Path to ntpd(8) (default /usr/sbin/ntpd).
ntpd_flags (str) If ntpd_enable is set to ``YES'', these
are the flags
to pass to the ntpd(8) daemon.
ntpd_sync_on_start
(bool) If set to ``YES'', ntpd(8) is run with
the -g flag,
which syncs the system's clock on startup. See
ntpd(8) for
more information regarding the -g option. This
is a preferred alternative to using ntpdate(8) or speci
fying the
ntpdate_enable variable.
nis_client_enable
(bool) If set to ``YES'', run the ypbind(8) ser
vice at system
boot time.
nis_client_flags
(str) If nis_client_enable is set to ``YES'',
these are the
flags to pass to the ypbind(8) service.
nis_ypset_enable
(bool) If set to ``YES'', run the ypset(8) dae
mon at system
boot time.
nis_ypset_flags
(str) If nis_ypset_enable is set to ``YES'',
these are the
flags to pass to the ypset(8) daemon.
nis_server_enable
(bool) If set to ``YES'', run the ypserv(8) dae
mon at system
boot time.
nis_server_flags
(str) If nis_server_enable is set to ``YES'',
these are the
flags to pass to the ypserv(8) daemon.
nis_ypxfrd_enable
(bool) If set to ``YES'', run the rpc.ypxfrd(8)
daemon at
system boot time.
nis_ypxfrd_flags
(str) If nis_ypxfrd_enable is set to ``YES'',
these are the
flags to pass to the rpc.ypxfrd(8) daemon.
nis_yppasswdd_enable
(bool) If set to ``YES'', run the rpc.yppass
wdd(8) daemon at
system boot time.
nis_yppasswdd_flags
(str) If nis_yppasswdd_enable is set to ``YES'',
these are
the flags to pass to the rpc.yppasswdd(8) dae
mon.
rpc_ypupdated_enable
(bool) If set to ``YES'', run the rpc.ypupdated
daemon at
system boot time.
bsnmpd_enable
(bool) If set to ``YES'', run the bsnmpd(1) dae
mon at system
boot time. Be sure to understand the security
implications
of running SNMP daemon on your host.
bsnmpd_flags
(str) If bsnmpd_enable is set to ``YES'', these
are the flags
to pass to the bsnmpd(1) daemon.
defaultrouter
(str) If not set to ``NO'', create a default
route to this
host name or IP address (use an IP address if
this router is
also required to get to the name server!).
ipv6_defaultrouter
(str) The IPv6 equivalent of defaultrouter.
static_routes
(str) Set to the list of static routes that are
to be added
at system boot time. If not set to ``NO'' then
for each
whitespace separated element in the value, a
route_<element>
variable is assumed to exist whose contents will
later be
passed to a ``route add'' operation. For exam
ple:
static_routes="mcast gif0local"
route_mcast="-net 224.0.0.0/4 -iface gif0"
route_gif0local="-host 169.254.1.1 -iface lo0"
ipv6_static_routes
(str) The IPv6 equivalent of static_routes. If
not set to
``NO'' then for each whitespace separated
element in the
value, a ipv6_route_<element> variable is as
sumed to exist
whose contents will later be passed to a ``route
add -inet6''
operation.
natm_static_routes
(str) The natmip(4) equivalent of static_routes.
If not
empty then for each whitespace separated element
in the
value, a route_<element> variable is assumed to
exist whose
contents will later be passed to a ``atmconfig
natm add''
operation.
gateway_enable
(bool) If set to ``YES'', configure host to act
as an IP
router, e.g. to forward packets between inter
faces.
ipv6_gateway_enable
(bool) The IPv6 equivalent of gateway_enable.
router_enable
(bool) If set to ``YES'', run a routing daemon
of some sort,
based on the settings of router and
router_flags.
ipv6_router_enable
(bool) The IPv6 equivalent of router_enable. If
set to
``YES'', run a routing daemon of some sort,
based on the settings of ipv6_router and ipv6_router_flags.
router (str) If router_enable is set to ``YES'', this
is the name of
the routing daemon to use.
ipv6_router
(str) The IPv6 equivalent of router.
router_flags
(str) If router_enable is set to ``YES'', these
are the flags
to pass to the routing daemon.
ipv6_router_flags
(str) The IPv6 equivalent of router_flags.
mrouted_enable
(bool) If set to ``YES'', run the multicast
routing daemon,
mrouted(8).
mroute6d_enable
(bool) The IPv6 equivalent of mrouted_enable.
If set to
``YES'', run the IPv6 multicast routing daemon.
Note that no
IPv6 multicast routing daemon is included in the
FreeBSD base
system but pim6dd(8) can be installed from the
FreeBSD Ports
Collection.
mrouted_flags
(str) If mrouted_enable is set to ``YES'', these
are the
flags to pass to the mrouted(8) daemon.
mroute6d_flags
(str) The IPv6 equivalent of mrouted_flags. If mroute6d_enable is set to ``YES'', these are the
flags passed
to the IPv6 multicast routing daemon.
mroute6d_program
(str) If mroute6d_enable is set to ``YES'', this
is the path
to the IPv6 multicast routing daemon.
rtadvd_enable
(bool) If set to ``YES'', run the rtadvd(8) dae
mon at boot
time. rtadvd(8) will only run if
ipv6_gateway_enable is also
set to ``YES''. The rtadvd(8) utility sends
router advertisement packets to the interfaces specified in
rtadvd_interfaces and should only be enabled
with great care.
You may want to fine-tune rtadvd.conf(5).
rtadvd_interfaces
(str) If rtadvd_enable is set to ``YES'' this is
the list of
interfaces to use.
ipxgateway_enable
(bool) If set to ``YES'', enable the routing of
IPX traffic.
ipxrouted_enable
(bool) If set to ``YES'', run the IPXrouted(8)
daemon at system boot time.
ipxrouted_flags
(str) If ipxrouted_enable is set to ``YES'',
these are the
flags to pass to the IPXrouted(8) daemon.
arpproxy_all
(bool) If set to ``YES'', enable global proxy
ARP.
forward_sourceroute
(bool) If set to ``YES'' and gateway_enable is
also set to
``YES'', source-routed packets are forwarded.
accept_sourceroute
(bool) If set to ``YES'', the system will accept
sourcerouted packets directed at it.
rarpd_enable
(bool) If set to ``YES'', run the rarpd(8) dae
mon at system
boot time.
rarpd_flags
(str) If rarpd_enable is set to ``YES'', these
are the flags
to pass to the rarpd(8) daemon.
bootparamd_enable
(bool) If set to ``YES'', run the bootparamd(8)
daemon at
system boot time.
bootparamd_flags
(str) If bootparamd_enable is set to ``YES'',
these are the
flags to pass to the bootparamd(8) daemon.
stf_interface_ipv4addr
(str) If not set to ``NO'', this is the local
IPv4 address
for 6to4 (IPv6 over IPv4 tunneling interface).
Specify this
entry to enable the 6to4 interface.
stf_interface_ipv4plen
(int) Prefix length for 6to4 IPv4 addresses, to
limit peer
address range. An effective value is 0-31.
stf_interface_ipv6_ifid
(str) IPv6 interface ID for stf(4). This can be
set to
``AUTO''.
stf_interface_ipv6_slaid
(str) IPv6 Site Level Aggregator for stf(4).
ipv6_faith_prefix
(str) If not set to ``NO'', this is the faith
prefix to
enable a FAITH IPv6-to-IPv4 TCP translator. You
also need
faithd(8) setup.
ipv6_ipv4mapping
(bool) If set to ``YES'' this enables IPv4
mapped IPv6
address communication (like ::ffff:a.b.c.d).
atm_enable (bool) Set to ``YES'' to enable the configura
tion of ATM
interfaces at system boot time. For all of the
ATM variables
described below, please refer to the atm(8) man
ual page for
further details on the available command parame
ters. Also
refer to the files in /usr/share/examples/atm
for more
detailed configuration information.
atm_load (str) This is a list of physical ATM interface
drivers to
load. Typical values are ``hfa_pci'' and/or
``hea_pci''.
atm_netif_<intf>
(str) For the ATM physical interface intf, this
variable
defines the name prefix and count for the ATM
network interfaces to be created. The value will be passed
as the parameters of an ``atm set netif intf'' command.
atm_sigmgr_<intf>
(str) For the ATM physical interface intf, this
variable
defines the ATM signalling manager to be used.
The value
will be passed as the parameters of an ``atm
attach intf''
command.
atm_prefix_<intf>
(str) For the ATM physical interface intf, this
variable
defines the NSAP prefix for interfaces using a
UNI signalling
manager. If set to ``ILMI'', the prefix will
automatically
be set via the ilmid(8) daemon. Otherwise, the
value will be
passed as the parameters of an ``atm set prefix
intf'' command.
atm_macaddr_<intf>
(str) For the ATM physical interface intf, this
variable
defines the MAC address for interfaces using a
UNI signalling
manager. If set to ``NO'', the hardware MAC ad
dress contained in the ATM interface card will be used.
Otherwise,
the value will be passed as the parameters of an
``atm set
mac intf'' command.
atm_arpserver_<netif>
(str) For the ATM network interface netif, this
variable
defines the ATM address for a host which is to
provide ATMARP
service. This variable is only applicable to
interfaces
using a UNI signalling manager. If set to ``lo
cal'', this
host will become an ATMARP server. The value
will be passed
as the parameters of an ``atm set arpserver
netif'' command.
atm_scsparp_<netif>
(bool) If set to ``YES'', SCSP/ATMARP service
for the network
interface netif will be initiated using the sc
spd(8) and
atmarpd(8) daemons. This variable is only ap
plicable if
atm_arpserver_<netif> is set to ``local''.
atm_pvcs (str) Set to the list of ATM PVCs to be added at
system boot
time. For each whitespace separated element in
the value, an
atm_pvc_<element> variable is assumed to exist.
The value of
each of these variables will be passed as the
parameters of
an ``atm add pvc'' command.
atm_arps (str) Set to the list of permanent ATM ARP en
tries to be
added at system boot time. For each whitespace
separated
element in the value, an atm_arp_<element> vari
able is
assumed to exist. The value of each of these
variables will
be passed as the parameters of an ``atm add
arp'' command.
natm_interfaces
(str) Set to the list of natm(4) interfaces that
will also be
used for HARP through harp(4). If this list is
not empty all
interfaces in the list will be brought up with
ifconfig(8)
and harp(4) will be loaded. For this to work
the interface
drivers must be either compiled into the kernel
or must
reside on the root partition.
keybell (str) The keyboard bell sound. Set to ``nor
mal'',
``visual'', ``off'', or ``NO'' if the default
behavior is
desired. For details, refer to the kbdcon
trol(1) manpage.
keyboard (str) If set to a non-null string, the virtual
console's key
board input is set to this device.
keymap (str) If set to ``NO'', no keymap is installed,
otherwise the
value is used to install the keymap file in
/usr/share/syscons/keymaps/<value>.kbd.
keyrate (str) The keyboard repeat speed. Set to
``slow'',
``normal'', ``fast'', or ``NO'' if the default
behavior is
desired.
keychange (str) If not set to ``NO'', attempt to program
the function
keys with the value. The value should be a sin
gle string of
the form: ``funkey_number new_value
[funkey_number new_value
...]''.
cursor (str) Can be set to the value of ``normal'',
``blink'',
``destructive'', or ``NO'' to set the cursor be
havior explicitly or choose the default behavior.
scrnmap (str) If set to ``NO'', no screen map is in
stalled, otherwise
the value is used to install the screen map file
in
/usr/share/syscons/scrnmaps/<value>.
font8x16 (str) If set to ``NO'', the default 8x16 font
value is used
for screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
font8x14 (str) If set to ``NO'', the default 8x14 font
value is used
for screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
font8x8 (str) If set to ``NO'', the default 8x8 font
value is used
for screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
blanktime (int) If set to ``NO'', the default screen
blanking interval
is used, otherwise it is set to value seconds.
saver (str) If not set to ``NO'', this is the actual
screen saver
to use (blank, snake, daemon, etc).
moused_nondefault_enable
(str) If set to ``NO'', the mouse device speci
fied on the
command line is not automatically treated as en
abled by the
/etc/rc.d/moused script. Having this variable
set to ``YES''
allows a usb(4) mouse, for example, to be en
abled as soon as
it is plugged in.
moused_enable
(str) If set to ``YES'', the moused(8) daemon is
started for
doing cut/paste selection on the console.
moused_type
(str) This is the protocol type of the mouse
connected to
this host. This variable must be set if
moused_enable is set
to ``YES''. The moused(8) daemon is able to de
tect the
appropriate mouse type automatically in many
cases. Set this
variable to ``auto'' to let the daemon detect
it, or select
one from the following list if the automatic de
tection fails.
If the mouse is attached to the PS/2 mouse port,
choose
``auto'' or ``ps/2'', regardless of the brand
and model of
the mouse. Likewise, if the mouse is attached
to the bus
mouse port, choose ``auto'' or ``busmouse''.
All other protocols are for serial mice and will not work
with the PS/2
and bus mice. If this is a USB mouse, ``auto''
is the only
protocol type which will work.
microsoft Microsoft mouse (serial)
intellimouse Microsoft IntelliMouse (se
rial)
mousesystems Mouse systems Corp. mouse
(serial)
mmseries MM Series mouse (serial)
logitech Logitech mouse (serial)
busmouse A bus mouse
mouseman Logitech MouseMan and Track
Man (serial)
glidepoint ALPS GlidePoint (serial)
thinkingmouse Kensington ThinkingMouse
(serial)
ps/2 PS/2 mouse
mmhittab MM HitTablet (serial)
x10mouseremote X10 MouseRemote (serial)
versapad Interlink VersaPad (serial)
Even if the mouse is not in the above list, it
may be compatible with one in the list. Refer to the manual
page for
moused(8) for compatibility information.
It should also be noted that while this is en
abled, any other
client of the mouse (such as an X server) should
access the
mouse through the virtual mouse device,
/dev/sysmouse, and
configure it as a ``sysmouse'' type mouse, since
all mouse
data is converted to this single canonical for
mat when using
moused(8). If the client program does not sup
port the
``sysmouse'' type, specify the ``mousesystems''
type. It is
the second preferred type.
moused_port
(str) If moused_enable is set to ``YES'', this
is the actual
port the mouse is on. It might be /dev/cuad0
for a COM1
serial mouse, /dev/psm0 for a PS/2 mouse or
/dev/mse0 for a
bus mouse, for example.
moused_flags
(str) If moused_type is set, these are the addi
tional flags
to pass to the moused(8) daemon.
mousechar_start
(int) If set to ``NO'', the default mouse cursor
character
range 0xd0-0xd3 is used, otherwise the range
start is set to
value character, see vidcontrol(1). Use if the
default range
is occupied in the language code table.
allscreens_flags
(str) If set, vidcontrol(1) is run with these
options for
each of the virtual terminals (/dev/ttyv*). For
example,
``-m on'' will enable the mouse pointer on all
virtual terminals if moused_enable is set to ``YES''.
allscreens_kbdflags
(str) If set, kbdcontrol(1) is run with these
options for
each of the virtual terminals (/dev/ttyv*). For
example,
``-h 200'' will set the syscons(4) scrollback
(history)
buffer to 200 lines.
cron_enable
(bool) If set to ``YES'', run the cron(8) daemon
at system
boot time.
cron_program
(str) Path to cron(8) (default /usr/sbin/cron).
cron_flags (str) If cron_enable is set to ``YES'', these
are the flags
to pass to cron(8).
cron_dst (bool) If set to ``YES'', enable the special
handling of
transitions to and from the Daylight Saving Time
in cron(8)
(equivalent to using the flag -s).
lpd_program
(str) Path to lpd(8) (default /usr/sbin/lpd).
lpd_enable (bool) If set to ``YES'', run the lpd(8) daemon
at system
boot time.
lpd_flags (str) If lpd_enable is set to ``YES'', these are
the flags to
pass to the lpd(8) daemon.
chkprintcap_enable
(bool) If set to ``YES'', run the chkprintcap(8)
command
before starting the lpd(8) daemon.
chkprintcap_flags
(str) If lpd_enable and chkprintcap_enable are
set to
``YES'', these are the flags to pass to the
chkprintcap(8)
program. The default is ``-d'', which causes
missing directories to be created.
mta_start_script
(str) This variable specifies the full path to
the script to
run to start a mail transfer agent. The default
is
/etc/rc.sendmail. The sendmail_* variables
which
/etc/rc.sendmail uses are documented in the
rc.sendmail(8)
manual page.
dumpdev (str) Indicates the device (usually a swap par
tition) to
which a crash dump should be written in the
event of a system
crash. If the value of this variable is ``AU
TO'', the first
suitable swap device listed in /etc/fstab will
be used as
dump device. Otherwise, the value of this vari
able is passed
as the argument to dumpon(8). To disable crash
dumps, set
this variable to ``NO''.
dumpdir (str) When the system reboots after a crash and
a crash dump
is found on the device specified by the dumpdev
variable,
savecore(8) will save that crash dump and a copy
of the kernel to the directory specified by the dumpdir
variable. The
default value is /var/crash. Set to ``NO'' to
not run
savecore(8) at boot time when dumpdir is set.
savecore_flags
(str) If crash dumps are enabled, these are the
flags to pass
to the savecore(8) utility.
enable_quotas
(bool) Set to ``YES'' to turn on user disk quo
tas on system
startup via the quotaon(8) command.
check_quotas
(bool) Set to ``YES'' to enable user disk quota
checking via
the quotacheck(8) command.
accounting_enable
(bool) Set to ``YES'' to enable system account
ing through the
accton(8) facility.
ibcs2_enable
(bool) Set to ``YES'' to enable iBCS2 (SCO) bi
nary emulation
at system initial boot time.
ibcs2_loaders
(str) If not set to ``NO'' and if ibcs2_enable
is set to
``YES'', this specifies a list of additional
iBCS2 loaders to
enable.
linux_enable
(bool) Set to ``YES'' to enable Linux/ELF binary
emulation at
system initial boot time.
osf1_enable
(bool) Set to ``YES'' to enable OSF/1 (Digital
UNIX) binary
emulation at system initial boot time. (alpha)
svr4_enable
(bool) If set to ``YES'', enable SysVR4 emula
tion at boot
time.
sysvipc_enable
(bool) If set to ``YES'', load System V IPC
primitives at
boot time.
clear_tmp_enable
(bool) Set to ``YES'' to have /tmp cleaned at
startup.
clear_tmp_X
(bool) Set to ``NO'' to disable removing of X11
lock files,
and the removal and (secure) recreation of the
various socket
directories for X11 related programs.
ldconfig_paths
(str) Set to the list of shared library paths to
use with
ldconfig(8). NOTE: /usr/lib will always be
added first, so
it need not appear in this list.
ldconfig32_paths
(str) Set to the list of 32-bit compatibility
shared library
paths to use with ldconfig(8).
ldconfig_paths_aout
(str) Set to the list of shared library paths to
use with
ldconfig(8) legacy a.out(5) support.
ldconfig_insecure
(bool) The ldconfig(8) utility normally refuses
to use directories which are writable by anyone except root.
Set this
variable to ``YES'' to disable that security
check during
system startup.
ldconfig_local_dirs
(str) Set to the list of local ldconfig(8) di
rectories. The
names of all files in the directories listed
will be passed
as arguments to ldconfig(8).
ldconfig_local32_dirs
(str) Set to the list of local 32-bit compati
bility
ldconfig(8) directories. The names of all files
in the
directories listed will be passed as arguments
to ldconfig(8)
-32.
kern_securelevel_enable
(bool) Set to ``YES'' to set the kernel security
level at
system startup.
kern_securelevel
(int) The kernel security level to set at start
up. The
allowed range of value ranges from -1 (the com
pile time
default) to 3 (the most secure). See init(8)
for the list of
possible security levels and their effect on
system operation.
sshd_program
(str) Path to the SSH server program
(/usr/sbin/sshd is the
default).
sshd_enable
(bool) Set to ``YES'' to start sshd(8) at system
boot time.
sshd_flags (str) If sshd_enable is set to ``YES'', these
are the flags
to pass to the sshd(8) daemon.
ftpd_program
(str) Path to the FTP server program
(/usr/libexec/ftpd is
the default).
ftpd_enable
(bool) Set to ``YES'' to start ftpd(8) as a
stand-alone daemon at system boot time.
ftpd_flags (str) If ftpd_enable is set to ``YES'', these
are the addi
tional flags to pass to the ftpd(8) daemon.
usbd_enable
(bool) If set to ``YES'', run the usbd(8) daemon
at boot
time.
usbd_flags (str) If usbd_enable is set to ``YES'', these
are the flags
passed to the usbd(8) daemon.
watchdogd_enable
(bool) If set to ``YES'', start the watchdogd(8)
daemon at
boot time. This requires that the kernel have
been compiled
with a watchdog(4) compatible device.
watchdogd_flags
(str) If watchdogd_enable is set to ``YES'',
these are the
flags passed to the watchdogd(8) daemon.
performance_cx_lowest
(str) CPU idle state to use while on AC power.
The string
``LOW'' indicates that acpi(4) should use the
lowest power
state available while ``HIGH'' indicates that
the lowest
latency state (less power savings) should be
used.
performance_cpu_freq
(str) CPU clock frequency to use while on AC
power. The
string ``LOW'' indicates that cpufreq(4) should
use the lowest frequency available while ``HIGH'' indicates
that the
highest frequency (less power savings) should be
used.
economy_cx_lowest
(str) CPU idle state to use when off AC power.
The string
``LOW'' indicates that acpi(4) should use the
lowest power
state available while ``HIGH'' indicates that
the lowest
latency state (less power savings) should be
used.
economy_cpu_freq
(str) CPU clock frequency to use when off AC
power. The
string ``LOW'' indicates that cpufreq(4) should
use the lowest frequency available while ``HIGH'' indicates
that the
highest frequency (less power savings) should be
used.
jail_enable
(bool) If set to ``NO'', any configured jails
will not be
started.
jail_list (str) A space separated list of names for jails.
This is
purely a configuration aid to help identify and
configure
multiple jails. The names specified in this
list will be
used to identify settings common to an instance
of a jail.
Assuming that the jail in question was named
vjail, you would
have the following dependent variables:
jail_vjail_hostname="jail.example.com"
jail_vjail_ip="192.168.1.100"
jail_vjail_rootdir="/var/jails/vjail/root"
jail_flags (str) Unset by default. When set, use as de
fault value for
jail_<jid>_flags for every jail in jail_list.
jail_interface
(str) Unset by default. When set, use as de
fault value for
jail_<jid>_interface for every jail in
jail_list.
jail_fstab (str) Unset by default. When set, use as de
fault value for
jail_<jid>_fstab for every jail in jail_list.
jail_mount_enable
(bool) Set to ``NO'' by default. When set to
``YES'', sets
jail_<jid>_mount_enable to YES by default for
every jail in
jail_list.
jail_devfs_ruleset
(str) Unset by default. When set, sets
jail_<jid>_devfs_ruleset to given value for ev
ery jail in
jail_list.
jail_devfs_enable
(bool) Set to ``NO'' by default. When set to
``YES'', sets
jail_<jid>_devfs_enable to YES by default for
every jail in
jail_list.
jail_fdescfs_enable
(bool) Set to ``NO'' by default. When set to
``YES'', sets
jail_<jid>_fdescfs_enable to YES by default for
every jail in
jail_list.
jail_procfs_enable
(bool) Set to ``NO'' by default. When set to
``YES'', sets
jail_<jid>_fdescfs_enable to YES by default for
every jail in
jail_list.
jail_exec_start
(str) Unset by default. When set, use as de
fault value for
jail_<jid>_exec_start for every jail in
jail_list.
jail_exec_stop
Unset by default. When set, use as default val
ue for
jail_<jid>_exec_stop for every jail in
jail_list.
jail_<jid>_rootdir
(str) Unset by default. Set to the root direc
tory used by
jail jid.
jail_<jid>_hostname
(str) Unset by default. Set to the fully quali
fied domain
name (FQDN) assigned to jail jid.
jail_<jid>_ip
(str) Unset by default. Set to the IP address
assigned to
jail jid.
jail_<jid>_flags
(str) Set to ``-l -U root'' by default. These
are flags to
pass to jail.
jail_<jid>_interface
(str) Unset by default. When set, sets the in
terface to use
when setting IP address alias. Note that the
alias is created at jail startup and removed at jail shut
down.
jail_<jid>_fstab
(str) Set to /etc/fstab.<jid> by default. This
is the file
system information file to use for jail jid.
jail_<jid>_mount_enable
(bool) Set to ``NO'' by default. When set to
``YES'', mount
all file systems from jail_<jid>_fstab at jail
startup.
jail_<jid>_devfs_ruleset
(str) Unset by default. When set, defines the
device file
system ruleset file to use for jail jid.
jail_<jid>_devfs_enable
(bool) Set to ``NO'' by default. When set to
``YES'', mount
the device file system inside jail jid at jail
startup.
jail_<jid>_fdescfs_enable
(bool) Set to ``NO'' by default. When set to
``YES'', mount
the file-descriptor file system inside jail jid
at jail
startup.
jail_<jid>_procfs_enable
(bool) Set to ``NO'' by default. When set to
``YES'', mount
the process file system inside jail jid at jail
startup.
jail_<jid>_exec_start
(str) Set to ``/bin/sh /etc/rc'' by default.
This is the
command executed at jail startup.
jail_<jid>_exec_stop
(str) Set to ``/bin/sh /etc/rc.shutdown'' by de
fault. This
is the command executed at jail shutdown.
jail_set_hostname_allow
(bool) If set to ``NO'', do not allow the root
user in a jail
to set its hostname.
jail_socket_unixiproute_only
(bool) If set to ``YES'', do not allow any sock
ets, besides
UNIX/IP/route sockets, to be used within a jail.
jail_sysvipc_allow
(bool) If set to ``YES'', allow applications
within a jail to
use System V IPC.
unaligned_print
(bool) If set to ``NO'', unaligned access warn
ings will not
be printed. (alpha)
isdn_enable
(bool) Set to ``NO'' by default. When set to
``YES'', starts
the isdnd(8) daemon at system boot time.
isdn_flags (str) Set to ``-dn -d0x1f9'' by default. Addi
tional flags to
pass to isdnd(8) (but see isdn_fsdev and
isdn_ttype for certain tunable parameters).
isdn_ttype (str) Set to ``cons25'' by default. The termi
nal type of the
output device when isdnd(8) operates in full
screen mode.
isdn_screenflags
(str) Set to ``NO'' by default. The video mode
for fullscreen mode (only for syscons(4) console driver,
see
vidcontrol(1) for valid modes).
isdn_fsdev (str) Set to ``NO'' by default. The output de
vice for
isdnd(8) in full-screen mode (or ``NO'' for dae
mon mode).
isdn_trace (bool) Set to ``NO'' by default. When set to
``YES'',
enables the ISDN protocol trace utility isd
ntrace(8) at system boot time.
isdn_traceflags
(str) Set to ``-f /var/tmp/isdntrace0'' by de
fault. Flags
for isdntrace(8).
pcvt_verbose
(bool) Set to ``NO'' by default. When set to
``YES'', verbose messages about the actions done by the
start script are
displayed. Note: the pcvt(4) driver must be
compiled into
the kernel before the pcvt(4) related options
described here
take any effect.
pcvt_keymap
(str) Set to ``NO'' by default. Use this to
configure a
national keyboard mapping found in the
/usr/share/misc/keycap.pcvt file of keyboard
mappings. (See
also the manual pages keycap(5) and keycap(3)
for usage of
pcvt(4)'s keycap database and the manual page
kcon(1) option
-m for national keyboard mapping configuration.)
pcvt_keydel
(int) Set to ``NO'' by default. Used to set the
keyboard key
repeat delay value. Valid values are in the
range 0..3 for
delay values of 250, 500, 750 and 1000 msec.
(See also the
kcon(1) manual page.)
pcvt_keyrate
(int) Set to ``NO'' by default. Used to set the
keyboard key
repetition rate value. Valid values are in the
range 0..31
for repetition values of 2..30 characters per
second.
pcvt_keyrepeat
(bool) Set to ``NO'' by default. Set to ``YES''
to enable
automatic keyboard key repeating.
pcvt_force24
(bool) Set to ``NO'' by default. Set to ``YES''
to force
pcvt(4) to use 24 lines only (in 25 lines mode)
for compatibility with the original VT220 terminal.
pcvt_hpext (bool) Set to ``NO'' by default. Set to ``YES''
to enable
the display and functionality of function key
labels (as
found on Hewlett-Packard terminals such as the
HP2392A and
the HP700/92 in ANSI mode).
pcvt_lines (int) Set to ``NO'' by default resulting in a
value of 25.
Used to set the number of lines on the screen.
For VGA displays, valid values are 25, 28, 40 and 50 lines.
(See also
the scon(1) manual page.)
pcvt_blanktime
(int) Set to ``NO'' by default. Used to set the
screen saver
timeout in seconds for values greater than zero.
pcvt_cursorh
(int) Set to ``NO'' by default. Used to set the
cursor top
scanline. (See also the cursor(1) manual page.)
pcvt_cursorl
(int) Set to ``NO'' by default. Used to set the
cursor bottom scanline.
pcvt_monohigh
(bool) Set to ``NO'' by default. Set to ``YES''
to set
intensity to high on monochrome monitors. (See
also the
scon(1) manual page, option -p, for more infor
mation on
changing VGA palette values.)
harvest_interrupt
(bool) Set to ``YES'' to use hardware interrupts
as an
entropy source. Refer to random(4) for more in
formation.
harvest_ethernet
(bool) Set to ``YES'' to use LAN traffic as an
entropy
source. Refer to random(4) for more informa
tion.
harvest_p_to_p
(bool) Set to ``YES'' to use serial line traffic
as an
entropy source. Refer to random(4) for more in
formation.
entropy_dir
(str) Set to ``NO'' to disable caching entropy
via cron(8).
Otherwise set to the directory used to store en
tropy files
in.
entropy_file
(str) Set to ``NO'' to disable caching entropy
through
reboots. Otherwise set to the filename used to
store cached
entropy through reboots. This file should be
located on the
root file system to seed the random(4) device as
early as
possible in the boot process.
entropy_save_sz
(int) Size of the entropy cache files saved by
save-entropy
periodically.
entropy_save_num
(int) Number of entropy cache files to save by
save-entropy
periodically.
ipsec_enable
(bool) Set to ``YES'' to run setkey(8) on
ipsec_file at boot
time.
ipsec_file (str) Configuration file for setkey(8).
dmesg_enable
(bool) Set to ``YES'' to save dmesg(8) to
/var/run/dmesg.boot
on boot.
rcshutdown_timeout
(int) If set, start a watchdog timer in the
background which
will terminate rc.shutdown if shutdown(8) has
not completed
within the specified time (in seconds). Notice
that in addition to this soft timeout, init(8) also applies
a hard timeout for the execution of rc.shutdown. This is
configured via
sysctl(8) variable kern.init_shutdown_timeout
and defaults to
120 seconds. Setting the value of
rcshutdown_timeout to more
than 120 seconds will have no effect until the
sysctl(8)
variable kern.init_shutdown_timeout is also in
creased.
virecover_enable
(bool) Set to ``NO'' to prevent the system from
trying to
recover pre-maturely terminated vi(1) sessions.
ugidfw_enable
(bool) Set to ``YES'' to load the mac_bsdextend
ed(4) module
upon system initialization and load a default
ruleset file.
bsdextended_script
(str) The default mac_bsdextended(4) ruleset
file to load.
The default value of this variable is
/etc/rc.bsdextended.
newsyslog_enable
(bool) If set to ``YES'', run newsyslog(8) com
mand at
startup.
newsyslog_flags
(str) If newsyslog_enable is set to ``YES'',
these are the
flags to pass to the newsyslog(8) program. The
default is
``-CN'', which causes log files flagged with a C
to be created.
ramdisk_units
(str) A list of one or more ramdisk units to
configure with
mdconfig(8) and newfs(8) in time to be mounted
from fstab(5).
Each listed unit X must specify at least a type
in a
ramdisk_<X>_config variable.
ramdisk_<X>_config
(str) Arguments to mdconfig(8) for ramdisk X.
At minimum a
-t type must be specified, where type must be
one of malloc
or swap.
ramdisk_<X>_newfs
(str) Optional arguments passed to newfs(8) to
initialize
ramdisk X.
ramdisk_<X>_owner
(str) An ownership specification passed to
chown(8) after the
specified ramdisk unit X has been mounted. Both
the md(4)
device and the mount point will be changed.
ramdisk_<X>_perms
(str) A mode string passed to chmod(1) after the
specified
ramdisk unit X has been mounted. Both the md(4)
device and
the mount point will be changed.

FILES

/etc/defaults/rc.conf
/etc/rc.conf
/etc/rc.conf.local

SEE ALSO

catman(1), chmod(1), gdb(1), info(1), kbdcontrol(1), make
whatis(1),
sh(1), vi(1), vidcontrol(1), ip(4), ipf(4), ipfw(4), ip
nat(4), kld(4),
pf(4), pflog(4), pfsync(4), tcp(4), udp(4), exports(5),
ipf(5), ipnat(5),
motd(5), newsyslog.conf(5), pf.conf(5), accton(8), amd(8),
apm(8),
atm(8), chkprintcap(8), chown(8), cron(8), dhclient(8), ft
pd(8), geli(8),
ifconfig(8), inetd(8), ipf(8), ipfw(8), ipnat(8), isdnd(8),
isdntrace(8),
jail(8), kldxref(8), lpd(8), mdconfig(8), mdmfs(8),
mountd(8), moused(8),
mrouted(8), named(8), newfs(8), newsyslog(8), nfsd(8), nt
pd(8),
ntpdate(8), pcnfsd(8), pfctl(8), pflogd(8), powerd(8), quo
tacheck(8),
quotaon(8), rc(8), rc.sendmail(8), route(8), routed(8),
rpcbind(8),
rpc.lockd(8), rpc.statd(8), rwhod(8), savecore(8), sshd(8),
swapon(8),
sysctl(8), syslogd(8), timed(8), usbd(8), yp(8), ypbind(8),
ypserv(8),
ypset(8)

HISTORY

The rc.conf file appeared in FreeBSD 2.2.2.

AUTHORS

Jordan K. Hubbard.
BSD May 5, 2006
Copyright © 2010-2020 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout