1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd December 3, 2024 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_conf_files 107.Pq Vt str 108This option is used to specify a list of files that will override 109the settings in 110.Pa /etc/defaults/rc.conf . 111The files will be read in the order in which they are specified and should 112include the full path to the file. 113By default, the files specified are 114.Pa /etc/rc.conf 115and 116.Pa /etc/rc.conf.local 117.It Va rc_debug 118.Pq Vt bool 119If set to 120.Dq Li YES , 121enable output of debug messages from rc scripts. 122This variable can be helpful in diagnosing mistakes when 123editing or integrating new scripts. 124Beware that this produces copious output to the terminal and 125.Xr syslog 3 . 126.It Va rc_info 127.Pq Vt bool 128If set to 129.Dq Li NO , 130disable informational messages from the rc scripts. 131Informational messages are displayed when 132a condition that is not serious enough to warrant a warning or an error occurs. 133.It Va rc_startmsgs 134.Pq Vt bool 135If set to 136.Dq Li YES , 137show 138.Dq Starting foo: 139when faststart is used (e.g., at boot time). 140.It Va swapfile 141.Pq Vt str 142If set to 143.Dq Li NO , 144no swapfile is installed, otherwise the value is used as the full 145pathname to a file to use for additional swap space. 146The 147.Xr vn 4 148driver is needed for a swapfile and will be loaded if it is not 149already compiled into the kernel or loaded via 150.Xr loader.conf 5 . 151.It Ao Ar module Ac Ns Ar _load 152.Pq Vt bool 153If set to 154.Dq YES , 155that kernel module will be loaded. 156If no 157.Ao Ar module Ac Ns Ar _name 158is defined (see below), the 159module's name is taken to be 160.Aq Ar module . 161.It Ao Ar module Ac Ns Ar _name 162.Pq Vt str 163Defines the name of the module. 164.It Va devd_enable 165.Pq Vt bool 166Run 167.Xr devd 8 168to handle device added, removed or unknown events from the kernel. 169.It Va devd_flags 170.Pq Vt str 171If 172.Va devd_enable 173is set to 174.Dq Li YES , 175these are the flags to pass to the 176.Xr devd 8 177daemon. 178.It Va powerd_enable 179.Pq Vt bool 180Set to 181.Dq Li NO 182by default. 183Setting this to 184.Dq Li YES 185enables 186.Xr powerd 8 , 187a CPU speed control daemon. 188.It Va powerd_flags 189.Pq Vt str 190Empty by default. 191Additional flags passed to the 192.Xr powerd 8 193program. 194.Pp 195If you are running a serial port at 115200 baud we recommend setting 196the flags to "-l 1500" as lower frequencies will cause characters to 197drop. 198.It Va sensorsd_enable 199.Pq Vt bool 200Set to 201.Dq Li NO 202by default. 203Setting this to 204.Dq Li YES 205enables 206.Xr sensorsd 8 , 207a sensors monitoring and logging daemon. 208.It Va sensorsd_flags 209.Pq Vt str 210Empty by default. 211Additional flags passed to the 212.Xr sensorsd 8 213program. 214.It Va sysvipcd_enable 215.Pq Vt bool 216Set to 217.Dq Li NO 218by default. 219Setting this to 220.Dq Li YES 221enables 222.Xr sysvipcd 8 , 223a daemon needed for the userspace implementation of the XSI Interprocess 224Communication functions. 225.It Va sysvipcd_flags 226.Pq Vt str 227Empty by default. 228Additional flags passed to the 229.Xr sysvipcd 8 230program. 231.It Va hotplugd_enable 232.Pq Vt bool 233Set to 234.Dq Li NO 235by default. 236Setting this to 237.Dq Li YES 238enables 239.Xr hotplugd 8 , 240a devices hot plugging monitoring daemon. 241.It Va hotplugd_flags 242.Pq Vt str 243Empty by default. 244Additional flags passed to the 245.Xr hotplugd 8 246program. 247.It Va pccard_ifconfig 248.Pq Vt str 249List of arguments to be passed to 250.Xr ifconfig 8 251at boot time or on insertion of the card (e.g.\& 252.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 253for a fixed address or 254.Dq Li DHCP 255for a DHCP client). 256.It Va removable_interfaces 257.Pq Vt str 258List of removable network interfaces to be supported by 259.Pa /etc/pccard_ether . 260.It Va local_startup 261.Pq Vt str 262List of directories to search for startup script files. 263.It Va script_name_sep 264.Pq Vt str 265The field separator to use for breaking down the list of startup script files 266into individual filenames. 267The default is a space. 268It is not necessary to change this unless there are startup scripts with names 269containing spaces. 270.It Va hostname 271.Pq Vt str 272The fully qualified domain name (FQDN) of this host on the network. 273This should almost certainly be set to something meaningful, even if 274there is no network connection. 275If DHCP is used to set the hostname, 276this variable should be set to an empty string. 277.It Va ipv6_enable 278.Pq Vt bool 279Enable support for IPv6 networking. 280Note that this requires that the kernel have been compiled with 281.Cd "options INET6" . 282.It Va nisdomainname 283.Pq Vt str 284The NIS domain name of this host, or 285.Dq Li NO 286if NIS is not used. 287.It Va dhcp_client 288.Pq Vt str 289Set the rc script that is called to start the DHCP client. 290This can be set to 291.Dq Li dhclient 292(default) or 293.Dq Li dhcpcd . 294.It Va dhclient_program 295.Pq Vt str 296Path to the 297.Xr dhclient 8 298program (default 299.Pa /sbin/dhclient ) . 300.It Va dhclient_flags 301.Pq Vt str 302Additional flags to pass to the 303.Xr dhclient 8 304program. 305.It Va dhclient_flags_ Ns Aq Ar interface 306Additional flags to pass to the 307.Xr dhclient 8 308program running on 309.Ar interface 310only. 311When specified, this variable overrides 312.Va dhclient_flags . 313.It Va dhcpcd_enable 314.Pq Vt bool 315Set to 316.Dq Li YES 317to run 318.Xr dhcpcd 8 319in master mode (i.e., configure all available Ethernet interfaces) at startup. 320.It Va dhcpcd_program 321.Pq Vt str 322Path to the 323.Xr dhcpcd 8 324program (default 325.Pa /sbin/dhcpcd ) . 326.It Va dhcpcd_flags 327.Pq Vt str 328Additional flags to pass to the 329.Xr dhcpcd 8 330program. 331The default value is 332.Fl b , 333i.e., tell 334.Xr dhcpcd 8 335to go to background immediately. 336.It Va pf_enable 337.Pq Vt bool 338Set to 339.Dq Li YES 340to load 341.Xr pf 4 342at startup. 343If the kernel was not built with 344.Cd "device pf" , 345the 346.Pa pf.ko 347kernel module will be loaded. 348See also 349.Va firewall_enable . 350.It Va pf_rules 351.Pq Vt str 352Path to the 353.Xr pf 4 354ruleset definition file. 355.It Va pf_program 356.Pq Vt str 357Path to 358.Xr pfctl 8 . 359.It Va pf_flags 360.Pq Vt str 361If 362.Va pf_enable 363is set to 364.Dq Li YES , 365these are the flags to pass to 366.Xr pfctl 8 367when loading the ruleset. 368.It Va pflog_enable 369.Pq Vt bool 370Set this to 371.Dq Li YES 372to enable 373.Xr pflogd 8 374which logs packets from 375.Xr pf 4 . 376.It Va pflog_logfile 377.Pq Vt str 378If 379.Va pflog_enable 380is set to 381.Dq Li YES 382this specifies the path of the log file. 383.It Va pflog_program 384.Pq Vt str 385Path to 386.Xr pflogd 8 . 387.It Va pflog_flags 388.Pq Vt str 389If 390.Va pflog_enable 391is set to 392.Dq Li YES , 393these are the flags to pass to 394.Xr pflogd 8 . 395.It Va firewall_enable 396.Pq Vt bool 397Set to 398.Dq Li YES 399to load firewall rules at startup. 400If the kernel was not built with 401.Cd "options IPFIREWALL" , 402the 403.Pa ipfw.ko 404kernel module will be loaded. 405See also 406.Va pf_enable . 407.It Va ipv6_firewall_enable 408.Pq Vt bool 409The IPv6 equivalent of 410.Va firewall_enable . 411Set to 412.Dq Li YES 413to load IPv6 firewall rules at startup. 414If the kernel was not built with 415.Cd "options IPV6FIREWALL" , 416the 417.Pa ip6fw.ko 418kernel module will be loaded. 419.It Va firewall_script 420.Pq Vt str 421The full path to the firewall script to run 422(default 423.Pa /etc/rc.firewall ) . 424.It Va ipv6_firewall_script 425.Pq Vt str 426The IPv6 equivalent of 427.Va firewall_script . 428.It Va firewall_type 429.Pq Vt str 430Names the firewall type from the selection in 431.Pa /etc/rc.firewall , 432or the file which contains the local firewall ruleset. 433Valid selections from 434.Pa /etc/rc.firewall 435are: 436.Pp 437.Bl -tag -width ".Li simple" -compact 438.It Li open 439unrestricted IP access 440.It Li closed 441all IP services disabled, except via 442.Dq Li lo0 443.It Li client 444basic protection for a workstation on a LAN 445.It Li simple 446alias for 447.Li client . 448.El 449.Pp 450If a filename is specified, the full path must be given. 451.It Va firewall_trusted_nets 452.Pq Vt str 453List of trusted networks (if 454.Va firewall_type 455is set to 456.Li client ) . 457.It Va firewall_trusted_interfaces 458.Pq Vt str 459List of trusted network interfaces (if 460.Va firewall_type 461is set to 462.Li client ) . 463.It Va firewall_allowed_icmp_types 464.Pq Vt str 465List of allowed ICMP types (if 466.Va firewall_type 467is set to 468.Li client ) . 469.It Va firewall_open_tcp_ports 470.Pq Vt str 471List of TCP ports to open (if 472.Va firewall_type 473is set to 474.Li client ) . 475.It Va firewall_open_udp_ports 476.Pq Vt str 477List of UDP ports to open (if 478.Va firewall_type 479is set to 480.Li client ) . 481.It Va ipv6_firewall_type 482.Pq Vt str 483The IPv6 equivalent of 484.Va firewall_type . 485.It Va firewall_quiet 486.Pq Vt bool 487Set to 488.Dq Li YES 489to disable the display of firewall rules on the console during boot. 490.It Va ipv6_firewall_quiet 491.Pq Vt bool 492The IPv6 equivalent of 493.Va firewall_quiet . 494.It Va firewall_logging 495.Pq Vt bool 496Set to 497.Dq Li YES 498to enable firewall event logging. 499This is equivalent to the 500.Dv IPFIREWALL_VERBOSE 501kernel option. 502.It Va ipv6_firewall_logging 503.Pq Vt bool 504The IPv6 equivalent of 505.Va firewall_logging . 506.It Va firewall_flags 507.Pq Vt str 508Flags passed to 509.Xr ipfw 8 510if 511.Va firewall_type 512specifies a filename. 513.It Va ipv6_firewall_flags 514.Pq Vt str 515The IPv6 equivalent of 516.Va firewall_flags . 517.It Va ipfw3_enable 518.Pq Vt bool 519Set to 520.Dq Li YES 521to enable 522.Xr ipfw3 8 . 523.It Va ipfw3_program 524.Pq Vt str 525Path to 526.Xr ipfw3 8 . 527.It Va ipfw3_script 528.Pq Vt str 529The full path to the shell script to run to set up the ipfw3 530firewall rules (default 531.Pa /etc/ipfw3.rules ) . 532.It Va ipfw3_modules 533.Pq Vt str 534List of ipfw3 modules to be loaded before executing the above 535.Va ipfw3_script . 536(default 537.Dq Li ipfw3 ipfw3_basic ) . 538.It Va natd_program 539.Pq Vt str 540Path to 541.Xr natd 8 . 542.It Va natd_enable 543.Pq Vt bool 544Set to 545.Dq Li YES 546to enable 547.Xr natd 8 . 548.Va firewall_enable 549must also be set to 550.Dq Li YES , 551and 552.Xr divert 4 553sockets must be enabled in the kernel. 554.It Va natd_interface 555.Pq Vt str 556This is the name of the public interface on which 557.Xr natd 8 558should run. 559The interface may be given as an interface name or as an IP address. 560.It Va natd_flags 561.Pq Vt str 562Additional 563.Xr natd 8 564flags should be placed here. 565The 566.Fl n 567or 568.Fl a 569flag is automatically added with the above 570.Va natd_interface 571as an argument. 572.It Va tcp_extensions 573.Pq Vt bool 574Set to 575.Dq Li YES 576by default. 577Setting this to 578.Dq Li NO 579disables certain TCP options as described by 580.Rs 581.%T "RFC 1323" 582.Re 583Setting this to 584.Dq Li NO 585might help remedy such problems with connections as randomly hanging 586or other weird behavior. 587Some network devices are known to be broken with respect to these options. 588.It Va log_in_vain 589.Pq Vt int 590Set to 0 by default. 591The 592.Xr sysctl 8 593variables, 594.Va net.inet.tcp.log_in_vain 595and 596.Va net.inet.udp.log_in_vain , 597as described in 598.Xr tcp 4 599and 600.Xr udp 4 , 601are set to the given value. 602.It Va tcp_keepalive 603.Pq Vt bool 604Set to 605.Dq Li YES 606by default. 607Setting to 608.Dq Li NO 609will disable probing idle TCP connections to verify that the 610peer is still up and reachable. 611.It Va tcp_drop_synfin 612.Pq Vt bool 613Set to 614.Dq Li NO 615by default. 616Setting to 617.Dq Li YES 618will cause the kernel to ignore TCP frames that have both 619the SYN and FIN flags set. 620This prevents OS fingerprinting, but may break some legitimate applications. 621This option is only available if the kernel was built with the 622.Dv TCP_DROP_SYNFIN 623option. 624.It Va icmp_drop_redirect 625.Pq Vt bool 626Set to 627.Dq Li NO 628by default. 629Setting to 630.Dq Li YES 631will cause the kernel to ignore ICMP REDIRECT packets. 632Refer to 633.Xr icmp 4 634for more information. 635.It Va icmp_log_redirect 636.Pq Vt bool 637Set to 638.Dq Li NO 639by default. 640Setting to 641.Dq Li YES 642will cause the kernel to log ICMP REDIRECT packets. 643Note that 644the log messages are not rate-limited, so this option should only be used 645for troubleshooting networks. 646Refer to 647.Xr icmp 4 648for more information. 649.It Va icmp_bmcastecho 650.Pq Vt bool 651Set to 652.Dq Li YES 653to respond to broadcast or multicast ICMP ping packets. 654Refer to 655.Xr icmp 4 656for more information. 657.It Va ip_portrange_first 658.Pq Vt int 659If not set to 660.Dq Li NO , 661this is the first port in the default portrange. 662Refer to 663.Xr ip 4 664for more information. 665.It Va ip_portrange_last 666.Pq Vt int 667If not set to 668.Dq Li NO , 669this is the last port in the default portrange. 670Refer to 671.Xr ip 4 672for more information. 673.\" 674.It Va ifconfig_ Ns Aq Ar interface 675.Pq Vt str 676Configuration for 677.Dq interface . 678Typically includes IP address. 679Assuming that the interface in question was 680.Li ed0 , 681it might look something like this: 682.Bd -literal 683ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 684.Ed 685.Pp 686If the 687.Pa /etc/start_if. Ns Aq Ar interface 688file is present, it is read and executed by the 689.Xr sh 1 690interpreter before configuring the interface as specified in the 691.Va ifconfig_ Ns Aq Ar interface 692and 693.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 694variables. 695.Pp 696It is possible to bring up an interface with DHCP by adding 697.Dq Li DHCP 698to the 699.Va ifconfig_ Ns Aq Ar interface 700variable. 701For instance, to initialize the 702.Li ed0 703device via DHCP, it is possible to use something like: 704.Bd -literal 705ifconfig_ed0="DHCP" 706.Ed 707.Pp 708If a 709.Va vlans_ Ns Aq Ar interface 710variable is set, 711a 712.Xr vlan 4 713interface will be created for each item in the list with the 714.Ar vlandev 715argument set to 716.Ar interface . 717If a vlan interface's name is a number, 718then that number is used as the vlan tag and the new vlan interface is 719named 720.Ar interface . Ns Ar tag . 721Otherwise, 722the vlan tag must be specified via a 723.Va vlan 724parameter in the 725.Va create_args_ Ns Aq Ar interface 726variable. 727.Pp 728To create a vlan device named 729.Li em0.101 730on 731.Li em0 732with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 733.Bd -literal 734vlans_em0="101" 735ifconfig_em0_101="inet 192.0.2.1/24" 736.Ed 737.Pp 738To create a vlan device named 739.Li myvlan 740on 741.Li em0 742with the vlan tag 102: 743.Bd -literal 744vlans_em0="myvlan" 745create_args_myvlan="vlan 102" 746.Ed 747.Pp 748If a 749.Va wlans_ Ns Aq Ar interface 750variable is set, 751an 752.Xr wlan 4 753interface will be created for each item in the list with the 754.Ar wlandev 755argument set to 756.Ar interface . 757Further wlan cloning arguments may be passed to the 758.Xr ifconfig 8 759.Cm create 760command by setting the 761.Va create_args_ Ns Aq Ar interface 762variable. 763One or more 764.Xr wlan 4 765devices must be created for each wireless devices as of 766.Dx 2.5 . 767Debugging flags for 768.Xr wlan 4 769devices as set by 770.Xr wlandebug 8 771may be specified with an 772.Va wlandebug_ Ns Aq Ar interface 773variable. 774The contents of this variable will be passed directly to 775.Xr wlandebug 8 . 776.Pp 777Also, if your interface needs WPA authentication, it is possible to add 778.Dq Li WPA 779to the 780.Va ifconfig_ Ns Aq Ar interface 781variable. 782This will start 783.Xr wpa_supplicant 8 . 784See 785.Xr wpa_supplicant.conf 5 786for configuring authentication information. 787But see also 788.Va wpa_supplicant_enable . 789.Pp 790Finally, you can add 791.Xr ifconfig 8 792options in this variable, in addition to the 793.Pa /etc/start_if. Ns Aq Ar interface 794file. 795For instance, to initialize the 796.Li wi0 797device via DHCP, using WPA authentication and 802.11b mode, it is 798possible to use something like: 799.Bd -literal 800wlans_wi0="wlan0" 801ifconfig_wlan0="up DHCP WPA mode 11b" 802.Ed 803.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 804.Pq Vt str 805Configuration to establish an additional network address for 806.Dq interface . 807Assuming that the interface in question was 808.Li ed0 , 809it might look something like this: 810.Bd -literal 811ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 812ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 813.Ed 814.Pp 815And so on. 816For each 817.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 818entry that is found, its contents are passed to 819.Xr ifconfig 8 . 820Execution stops at the first unsuccessful access, so if 821something like this is present: 822.Bd -literal 823ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 824ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 825ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 826ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 827.Ed 828.Pp 829Then note that alias4 would 830.Em not 831be added since the search would stop with the missing alias3 entry. 832.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 833.Pq Vt str 834New name for 835.Dq interface . 836It is possible to rename interface by doing: 837.Bd -literal 838ifconfig_ed0_name="net0" 839ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 840.Ed 841.It Va netif_enable 842.Pq Vt bool 843Set to 844.Dq Li YES 845by default. 846Setting to 847.Dq Li NO 848will disable the configuration of network interfaces. 849.It Va network_interfaces 850.Pq Vt str 851The list of network interfaces to configure on this host, 852or 853.Dq Li auto 854to configure all network interfaces 855(default 856.Dq Li auto ) . 857For example, if the only network devices to be configured are the loopback device 858.Pq Li lo0 859and a NIC using the 860.Xr em 4 861driver, this could be set to 862.Dq Li "lo0 em0" . 863An 864.Va ifconfig_ Ns Aq Ar interface 865variable is assumed to exist for each value of 866.Ar interface . 867.It Va ipv6_network_interfaces 868.Pq Vt str 869This is the IPv6 equivalent of 870.Va network_interfaces . 871Instead of setting the ifconfig variables as 872.Va ifconfig_ Ns Aq Ar interface 873they should be set as 874.Va ipv6_ifconfig_ Ns Aq Ar interface . 875Aliases should be set as 876.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 877Interfaces that do not have a 878.Va ipv6_ifconfig_ Ns Aq Ar interface 879setting will be auto configured by 880.Xr rtsol 8 881if the 882.Va ipv6_gateway_enable 883is set to 884.Dq Li NO . 885Note that the IPv6 networking code does not support the 886.Pa /etc/start_if. Ns Aq Ar interface 887files. 888.It Va ipv6_prefix_ Ns Aq Ar interface 889.Pq Vt str 890Assign prefix to 891.Ar interface , 892prefixlen 64 is used. 893.It Va ipv6_default_interface 894.Pq Vt str 895If not set to 896.Dq Li NO , 897this is the default output interface for scoped addresses. 898Now this works only for IPv6 link local multicast addresses. 899.It Va ip6addrctl_enable 900.Pq Vt bool 901This variable is to enable configuring the default address selection policy table 902.Pq RFC 3484 . 903The default value is 904.Dq Li YES , 905and the policy table to be installed is specified by the 906.Va ip6addrctl_policy 907variable below. 908.It Va ip6addrctl_policy 909.Pq Vt str 910This variable specifies the policy table to be installed, 911and can be one of the following keywords: 912.Dq Li ipv4_prefer , 913.Dq Li ipv6_prefer , 914or 915.Dq Li AUTO 916(default). 917.Pp 918If 919.Dq Li ipv4_prefer 920or 921.Dq Li ipv6_prefer 922is specified, 923.Xr ip6addrctl 8 924installs a pre-defined policy table described in Section 2.1 925.Pq IPv6-preferred 926or 10.3 927.Pq IPv4-preferred 928of RFC 3484. 929.Pp 930If 931.Dq Li AUTO 932is specified, it attempts to read a file 933.Pa /etc/ip6addrctl.conf 934first. 935If this file is found, 936.Xr ip6addrctl 8 937reads and installs it. 938If not found, a policy is automatically set 939according to 940.Va ipv6_enable 941variable; if the variable is set to 942.Dq Li YES 943the IPv6-preferred one is used. 944Otherwise IPv4-preferred. 945.It Va ip6addrctl_verbose 946.Pq Vt bool 947If set to 948.Dq Li YES , 949print the installed policy table after configuring. 950The default value is 951.Dq Li NO . 952.It Va cloned_interfaces 953.Pq Vt str 954Set to the list of clonable network interfaces to create on this host. 955Entries in 956.Va cloned_interfaces 957are automatically appended to 958.Va network_interfaces 959for configuration. 960.It Va gif_interfaces 961.Pq Vt str 962Set to the list of 963.Xr gif 4 964tunnel interfaces to configure on this host. 965A 966.Va gifconfig_ Ns Aq Ar interface 967variable is assumed to exist for each value of 968.Ar interface . 969The value of this variable is used to configure the link layer of the 970tunnel according to the syntax of the 971.Cm tunnel 972option to 973.Xr ifconfig 8 . 974Additionally, this option ensures that each listed interface is created via the 975.Cm create 976option to 977.Xr ifconfig 8 978before attempting to configure it. 979.It Va sppp_interfaces 980.Pq Vt str 981Set to the list of 982.Xr sppp 4 983interfaces to configure on this host. 984A 985.Va spppconfig_ Ns Aq Ar interface 986variable is assumed to exist for each value of 987.Ar interface . 988Each interface should also be configured by a general 989.Va ifconfig_ Ns Aq Ar interface 990setting. 991Refer to 992.Xr spppcontrol 8 993for more information about available options. 994.It Va ppp_enable 995.Pq Vt bool 996If set to 997.Dq Li YES , 998run the 999.Xr ppp 8 1000daemon. 1001.It Va ppp_mode 1002.Pq Vt str 1003Mode in which to run the 1004.Xr ppp 8 1005daemon. 1006Accepted modes are 1007.Dq Li auto , 1008.Dq Li ddial , 1009.Dq Li direct 1010and 1011.Dq Li dedicated . 1012See the manual for a full description. 1013.It Va ppp_nat 1014.Pq Vt bool 1015If set to 1016.Dq Li YES , 1017enables network address translation. 1018Used in conjunction with 1019.Va gateway_enable 1020allows hosts on private network addresses access to the Internet using 1021this host as a network address translating router. 1022.It Va ppp_profile 1023.Pq Vt str 1024The name of the profile to use from 1025.Pa /etc/ppp/ppp.conf . 1026Also used for per-profile overrides of 1027.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1028Where the profile contains any of the characters 1029.Dq Li .-/+ 1030they are translated to 1031.Dq Li _ 1032for the purposes of the override variable names. 1033.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1034.Pq Vt int 1035Set the unit number to be used for this profile. 1036See the manual description of 1037.Fl unit Ns Ar N 1038in 1039.Xr ppp 8 1040for details. 1041.It Va ppp_user 1042.Pq Vt str 1043The name of the user under which 1044.Xr ppp 8 1045should be started. 1046By default, 1047.Xr ppp 8 1048is started as 1049.Dq Li root . 1050.It Va wg_enable 1051.Pq Vt bool 1052Set to 1053.Dq Li YES 1054to configure the 1055.Xr wg 4 1056interfaces specified in 1057.Va wg_interfaces 1058below. 1059.It Va wg_interfaces 1060.Pq Vt str 1061Specify the list of 1062.Xr wg 4 1063interfaces to configure. 1064Each listed interface is configured according to its config file at 1065.Pa /etc/wireguard/ Ns Ao Ar interface Ac Ns Pa .conf . 1066Refer to 1067.Xr wg.conf 5 1068for more information. 1069.It Va wg_config_dir 1070.Pq Vt str 1071Specify the directory to find the config files for the 1072.Xr wg 4 1073interfaces listed in 1074.Va wg_interfaces . 1075The default is 1076.Pa /etc/wireguard . 1077.It Va root_rw_mount 1078.Pq Vt bool 1079Set to 1080.Dq Li YES 1081by default. 1082After the file systems are checked at boot time, the root filesystem 1083is remounted as read-write if this is set to 1084.Dq Li YES . 1085Diskless systems that mount their root filesystem from a read-only 1086remote share should set this to 1087.Dq Li NO 1088in 1089.Pa rc.conf . 1090.It Va fsck_y_enable 1091.Pq Vt bool 1092If set to 1093.Dq Li YES , 1094.Xr fsck 8 1095will be run with the 1096.Fl y 1097flag if the initial preen of the file systems fails. 1098.It Va netfs_types 1099.Pq Vt str 1100List of file system types that are network-based. 1101This list should generally not be modified by end users. 1102Use 1103.Va extra_netfs_types 1104instead. 1105.It Va extra_netfs_types 1106.Pq Vt str 1107If set to something other than 1108.Dq Li NO 1109(the default), this variable extends the list of file system types 1110for which automatic mounting at startup by 1111.Xr rc 8 1112should be delayed until the network is initialized. 1113It should contain 1114a whitespace-separated list of network file system descriptor pairs, 1115each consisting of a file system type as passed to 1116.Xr mount 8 1117and a human-readable, one-word description, joined with a colon 1118.Pq Ql \&: . 1119Extending the default list in this way is only necessary 1120when third party file system types are used. 1121.It Va devfs_config_files 1122.Pq Vt str 1123This option is used to specify a list of configuration files containing 1124.Xr devfs 5 1125rules that will be applied by 1126.Xr devfsctl 8 1127in the order in which they are specified and must include the full path 1128to the file. 1129.It Va tmpfs_var_run 1130.Pq Vt bool 1131If set to 1132.Dq Li YES , 1133a 1134.Xr tmpfs 5 1135will be mounted at 1136.Pa /var/run . 1137Necessary directories under there will be automatically created. 1138.It Va tmpfs_tmp 1139.Pq Vt bool 1140If set to 1141.Dq Li YES , 1142a 1143.Xr tmpfs 5 1144will be mounted at 1145.Pa /tmp . 1146.It Va syslogd_enable 1147.Pq Vt bool 1148If set to 1149.Dq Li YES , 1150run the 1151.Xr syslogd 8 1152daemon. 1153.It Va syslogd_program 1154.Pq Vt str 1155Path to 1156.Xr syslogd 8 1157(default 1158.Pa /usr/sbin/syslogd ) . 1159.It Va syslogd_flags 1160.Pq Vt str 1161If 1162.Va syslogd_enable 1163is set to 1164.Dq Li YES , 1165these are the flags to pass to 1166.Xr syslogd 8 . 1167.It Va inetd_enable 1168.Pq Vt bool 1169If set to 1170.Dq Li YES , 1171run the 1172.Xr inetd 8 1173daemon. 1174.It Va inetd_program 1175.Pq Vt str 1176Path to 1177.Xr inetd 8 1178(default 1179.Pa /usr/sbin/inetd ) . 1180.It Va inetd_flags 1181.Pq Vt str 1182If 1183.Va inetd_enable 1184is set to 1185.Dq Li YES , 1186these are the flags to pass to 1187.Xr inetd 8 . 1188.It Va rwhod_enable 1189.Pq Vt bool 1190If set to 1191.Dq Li YES , 1192run the 1193.Xr rwhod 8 1194daemon at boot time. 1195.It Va rwhod_flags 1196.Pq Vt str 1197If 1198.Va rwhod_enable 1199is set to 1200.Dq Li YES , 1201these are the flags to pass to it. 1202.It Va update_motd 1203.Pq Vt bool 1204If set to 1205.Dq Li YES , 1206.Pa /etc/motd 1207will be updated at boot time to reflect the kernel release being run. 1208If set to 1209.Dq Li NO , 1210.Pa /etc/motd 1211will not be updated. 1212.It Va nfs_client_enable 1213.Pq Vt bool 1214If set to 1215.Dq Li YES , 1216setup NFS client parameters at boot time. 1217.It Va nfs_access_cache 1218.Pq Vt int 1219If 1220.Va nfs_client_enable 1221is set to 1222.Dq Li YES , 1223this can be set to 1224.Dq Li 0 1225to disable NFS ACCESS RPC caching, or to the number of seconds for which 1226NFS ACCESS results should be cached. 1227A value of 2-10 seconds will substantially reduce network traffic for 1228many NFS operations. 1229The default is 5 seconds. 1230Note that the attribute cache holds stat information only. 1231The NFS data cache is independent of the attribute cache and is only 1232invalidated when the client detects that the server has modified the 1233underlying file. 1234This value specifies a maximum timeout. 1235The NFS client will automatically use a shorter timeout for files which 1236have been recently modified. 1237.It Va nfs_neg_cache 1238.Pq Vt int 1239If 1240.Va nfs_client_enable 1241is set to 1242.Dq Li YES , 1243this can be set to 1244.Dq Li 0 1245to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1246filenames), or to the number of seconds for which negative lookups should 1247be cached. 1248A value of 2-10 seconds will substantially reduce network 1249traffic for many NFS operations, especially source code builds. 1250The default is 3 seconds. 1251.It Va nfs_server_enable 1252.Pq Vt bool 1253If set to 1254.Dq Li YES , 1255run the NFS server daemons at boot time. 1256.It Va nfs_server_flags 1257.Pq Vt str 1258If 1259.Va nfs_server_enable 1260is set to 1261.Dq Li YES , 1262these are the flags to pass to the 1263.Xr nfsd 8 1264daemon. 1265.It Va mountd_enable 1266.Pq Vt bool 1267If set to 1268.Dq Li YES , 1269and no 1270.Va nfs_server_enable 1271is set, start 1272.Xr mountd 8 , 1273but not 1274.Xr nfsd 8 1275daemon. 1276It is commonly needed to run CFS without real NFS used. 1277.It Va mountd_flags 1278.Pq Vt str 1279If 1280.Va mountd_enable 1281is set to 1282.Dq Li YES , 1283these are the flags to pass to the 1284.Xr mountd 8 1285daemon. 1286.It Va weak_mountd_authentication 1287.Pq Vt bool 1288If set to 1289.Dq Li YES , 1290allow services like PCNFSD to make non-privileged mount requests. 1291.It Va nfs_reserved_port_only 1292.Pq Vt bool 1293If set to 1294.Dq Li YES , 1295provide NFS services only on a secure port. 1296.It Va nfs_bufpackets 1297.Pq Vt int 1298If set to a number, indicates the number of packets worth of 1299socket buffer space to reserve on an NFS client. 1300The kernel default is typically 4. 1301Using a higher number may be useful on gigabit networks to improve performance. 1302The minimum value is 2 and the maximum is 64. 1303.It Va rpc_umntall_enable 1304.Pq Vt bool 1305If set to 1306.Dq Li YES 1307(default) and we are also an NFS client, run 1308.Xr rpc.umntall 8 1309at boot time to clear out old mounts on remote servers. 1310If set to 1311.Dq Li NO 1312then 1313.Xr rpc.umntall 8 1314will not be run at boot time. 1315.It Va rpc_lockd_enable 1316.Pq Vt bool 1317If set to 1318.Dq Li YES 1319and also an NFS server, run 1320.Xr rpc.lockd 8 1321at boot time. 1322.It Va rpc_lockd_flags 1323.Pq Vt str 1324If 1325.Va rpc_lockd_enable 1326is set to 1327.Dq Li YES , 1328these are the flags to pass to 1329.Xr rpc.lockd 8 . 1330.It Va rpc_statd_enable 1331.Pq Vt bool 1332If set to 1333.Dq Li YES 1334and also an NFS server, run 1335.Xr rpc.statd 8 1336at boot time. 1337.It Va rpc_statd_flags 1338.Pq Vt str 1339If 1340.Va rpc_statd_enable 1341is set to 1342.Dq Li YES , 1343these are the flags to pass to 1344.Xr rpc.statd 8 . 1345.It Va rpcbind_program 1346.Pq Vt str 1347Path to program for rpcbind daemon 1348(default 1349.Pa /usr/sbin/rpcbind ) . 1350.It Va rpcbind_enable 1351.Pq Vt bool 1352If set to 1353.Dq Li YES , 1354run 1355.Va rpcbind_program 1356at boot time. 1357.It Va rpcbind_flags 1358.Pq Vt str 1359If 1360.Va rpcbind_enable 1361is set to 1362.Dq Li YES , 1363these are the flags to pass to 1364.Va rpcbind_program . 1365.It Va keyserv_enable 1366.Pq Vt bool 1367If set to 1368.Dq Li YES , 1369run the 1370.Xr keyserv 8 1371daemon on boot for running Secure RPC. 1372.It Va keyserv_flags 1373.Pq Vt str 1374If 1375.Va keyserv_enable 1376is set to 1377.Dq Li YES , 1378these are the flags to pass to 1379.Xr keyserv 8 1380daemon. 1381.It Va pppoed_enable 1382.Pq Vt bool 1383If set to 1384.Dq Li YES , 1385run the 1386.Xr pppoed 8 1387daemon at boot time to provide PPP over Ethernet services. 1388.It Va pppoed_provider 1389.Pq Vt str 1390.Xr pppoed 8 1391listens to requests to this provider and ultimately runs 1392.Xr ppp 8 1393with a 1394.Ar system 1395argument of the same name. 1396.It Va pppoed_flags 1397.Pq Vt str 1398Additional flags to pass to 1399.Xr pppoed 8 . 1400.It Va pppoed_interface 1401.Pq Vt str 1402The network interface to run 1403.Xr pppoed 8 1404on. 1405This is mandatory when 1406.Va pppoed_enable 1407is set to 1408.Dq Li YES . 1409.It Va dntpd_enable 1410.Pq Vt bool 1411If set to 1412.Dq Li YES , 1413run 1414.Xr dntpd 8 1415at system boot time. 1416.It Va dntpd_program 1417.Pq Vt str 1418Path to 1419.Xr dntpd 8 1420(default 1421.Pa /usr/sbin/dntpd ) . 1422.It Va dntpd_flags 1423.Pq Vt str 1424If 1425.Va dntpd_enable 1426is set to 1427.Dq Li YES , 1428these are the flags to pass to the 1429.Xr dntpd 8 1430daemon. 1431.It Va btconfig_enable 1432.Pq Vt bool 1433If set to 1434.Dq Li YES , 1435configure Bluetooth devices via 1436.Xr btconfig 8 1437at system boot time. 1438.It Va btconfig_devices 1439.Pq Vt str 1440If 1441.Va btconfig_enable 1442is set to 1443.Dq Li YES , 1444this is the list of Bluetooth devices to configure. 1445If 1446.Va btconfig_devices 1447is not specified, all devices known to the system will be configured. 1448A 1449.Va btconfig_ Ns Aq Ar device 1450variable can be set to specify parameters to be passed to 1451.Ar device . 1452.It Va btconfig_args 1453.Pq Vt str 1454If 1455.Va btconfig_enable 1456is set to 1457.Dq Li YES , 1458this is the list of configuration parameters to pass to all Bluetooth 1459devices. 1460.It Va sdpd_enable 1461.Pq Vt bool 1462If set to 1463.Dq Li YES , 1464run the Service Discovery Profile daemon 1465.Xr ( sdpd 8 ) 1466at system boot time. 1467.It Va sdpd_flags 1468.Pq Vt str 1469If 1470.Va sdpd_enable 1471is set to 1472.Dq Li YES , 1473these are the flags to pass to the 1474.Xr sdpd 8 1475daemon. 1476.It Va bthcid_enable 1477.Pq Vt bool 1478If set to 1479.Dq Li YES , 1480run the Bluetooth Link Key/PIN Code Manager daemon 1481.Xr ( bthcid 8 ) 1482at system boot time. 1483.It Va bthcid_flags 1484.Pq Vt str 1485If 1486.Va bthcid_enable 1487is set to 1488.Dq Li YES , 1489these are the flags to pass to the 1490.Xr bthcid 8 1491daemon. 1492.It Va nis_client_enable 1493.Pq Vt bool 1494If set to 1495.Dq Li YES , 1496run the 1497.Xr ypbind 8 1498service at system boot time. 1499.It Va nis_client_flags 1500.Pq Vt str 1501If 1502.Va nis_client_enable 1503is set to 1504.Dq Li YES , 1505these are the flags to pass to the 1506.Xr ypbind 8 1507service. 1508.It Va nis_ypset_enable 1509.Pq Vt bool 1510If set to 1511.Dq Li YES , 1512run the 1513.Xr ypset 8 1514daemon at system boot time. 1515.It Va nis_ypset_flags 1516.Pq Vt str 1517If 1518.Va nis_ypset_enable 1519is set to 1520.Dq Li YES , 1521these are the flags to pass to the 1522.Xr ypset 8 1523daemon. 1524.It Va nis_server_enable 1525.Pq Vt bool 1526If set to 1527.Dq Li YES , 1528run the 1529.Xr ypserv 8 1530daemon at system boot time. 1531.It Va nis_server_flags 1532.Pq Vt str 1533If 1534.Va nis_server_enable 1535is set to 1536.Dq Li YES , 1537these are the flags to pass to the 1538.Xr ypserv 8 1539daemon. 1540.It Va nis_ypxfrd_enable 1541.Pq Vt bool 1542If set to 1543.Dq Li YES , 1544run the 1545.Xr rpc.ypxfrd 8 1546daemon at system boot time. 1547.It Va nis_ypxfrd_flags 1548.Pq Vt str 1549If 1550.Va nis_ypxfrd_enable 1551is set to 1552.Dq Li YES , 1553these are the flags to pass to the 1554.Xr rpc.ypxfrd 8 1555daemon. 1556.It Va nis_yppasswdd_enable 1557.Pq Vt bool 1558If set to 1559.Dq Li YES , 1560run the 1561.Xr rpc.yppasswdd 8 1562daemon at system boot time. 1563.It Va nis_yppasswdd_flags 1564.Pq Vt str 1565If 1566.Va nis_yppasswdd_enable 1567is set to 1568.Dq Li YES , 1569these are the flags to pass to the 1570.Xr rpc.yppasswdd 8 1571daemon. 1572.It Va rpc_ypupdated_enable 1573.Pq Vt bool 1574If set to 1575.Dq Li YES , 1576run the 1577.Nm rpc.ypupdated 1578daemon at system boot time. 1579.It Va defaultrouter 1580.Pq Vt str 1581If not set to 1582.Dq Li NO , 1583create a default route to this host name or IP address 1584(use an IP address if this router is also required to get to the 1585name server!). 1586.It Va ipv6_defaultrouter 1587.Pq Vt str 1588The IPv6 equivalent of 1589.Va defaultrouter . 1590.It Va static_routes 1591.Pq Vt str 1592Set to the list of static routes that are to be added at system boot time. 1593If not set to 1594.Dq Li NO 1595then for each whitespace separated 1596.Ar element 1597in the value, a 1598.Va route_ Ns Aq Ar element 1599variable is assumed to exist whose contents will later be passed to a 1600.Dq Nm route Cm add 1601operation. 1602.It Va change_routes 1603.Pq Vt str 1604Set to the list of static routes that are to be changed at system boot time 1605(such as those added by the kernel). 1606If not set to 1607.Dq Li NO 1608then for each whitespace separated 1609.Ar element 1610in the value, a 1611.Va change_route_ Ns Aq Ar element 1612variable is assumed to exist whose contents will later be passed to a 1613.Dq Nm route Cm change 1614operation. 1615.It Va ipv6_static_routes 1616.Pq Vt str 1617The IPv6 equivalent of 1618.Va static_routes . 1619If not set to 1620.Dq Li NO 1621then for each whitespace separated 1622.Ar element 1623in the value, a 1624.Va ipv6_route_ Ns Aq Ar element 1625variable is assumed to exist whose contents will later be passed to a 1626.Dq Nm route Cm add Fl inet6 1627operation. 1628.It Va gateway_enable 1629.Pq Vt bool 1630If set to 1631.Dq Li YES , 1632configure host to act as an IP router, e.g. to forward packets 1633between interfaces. 1634.It Va ipv6_gateway_enable 1635.Pq Vt bool 1636The IPv6 equivalent of 1637.Va gateway_enable . 1638.It Va router_enable 1639.Pq Vt bool 1640If set to 1641.Dq Li YES , 1642run a routing daemon of some sort, based on the settings of 1643.Va router_program 1644and 1645.Va router_flags . 1646.It Va ipv6_router_enable 1647.Pq Vt bool 1648The IPv6 equivalent of 1649.Va router_enable . 1650If set to 1651.Dq Li YES , 1652run a routing daemon of some sort, based on the settings of 1653.Va ipv6_router_program 1654and 1655.Va ipv6_router_flags . 1656.It Va router_program 1657.Pq Vt str 1658If 1659.Va router_enable 1660is set to 1661.Dq Li YES , 1662this is the name of the routing daemon to use 1663(default 1664.Pa /sbin/routed ) . 1665.It Va ipv6_router_program 1666.Pq Vt str 1667The IPv6 equivalent of 1668.Va router_program 1669(default 1670.Pa /sbin/route6d ) . 1671.It Va router_flags 1672.Pq Vt str 1673If 1674.Va router_enable 1675is set to 1676.Dq Li YES , 1677these are the flags to pass to the routing daemon. 1678.It Va ipv6_router_flags 1679.Pq Vt str 1680The IPv6 equivalent of 1681.Va router_flags . 1682.It Va rtadvd_enable 1683.Pq Vt bool 1684If set to 1685.Dq Li YES , 1686run the 1687.Xr rtadvd 8 1688daemon at boot time. 1689.Xr rtadvd 8 1690will only run if 1691.Va ipv6_gateway_enable 1692is also set to 1693.Dq Li YES . 1694The 1695.Xr rtadvd 8 1696utility sends router advertisement packets to the interfaces specified in 1697.Va rtadvd_interfaces . 1698.Xr rtadvd 8 1699and should only be enabled with great care. 1700You may want to fine-tune 1701.Xr rtadvd.conf 5 . 1702.It Va rtadvd_interfaces 1703.Pq Vt str 1704If 1705.Va rtadvd_enable 1706is set to 1707.Dq Li YES 1708this is the list of interfaces to use. 1709.It Va rtsold_enable 1710.Pq Vt bool 1711If set to 1712.Dq Li YES , 1713run the 1714.Xr rtsold 8 1715daemon at boot time. 1716The 1717.Xr rtsold 8 1718daemon is used for automatic discovery of non-link local addresses. 1719.It Va rtsold_flags 1720.Pq Vt str 1721If 1722.Va rtsold_enable 1723is set to 1724.Dq Li YES , 1725these are the flags to pass to the 1726.Xr rtsold 8 1727daemon. 1728.It Va arpproxy_all 1729.Pq Vt bool 1730If set to 1731.Dq Li YES , 1732enable global proxy ARP. 1733.It Va forward_sourceroute 1734.Pq Vt bool 1735If set to 1736.Dq Li YES 1737and 1738.Va gateway_enable 1739is also set to 1740.Dq Li YES , 1741source-routed packets are forwarded. 1742.It Va accept_sourceroute 1743.Pq Vt bool 1744If set to 1745.Dq Li YES , 1746the system will accept source-routed packets directed at it. 1747.It Va rarpd_enable 1748.Pq Vt bool 1749If set to 1750.Dq Li YES , 1751run the 1752.Xr rarpd 8 1753daemon at system boot time. 1754.It Va rarpd_flags 1755.Pq Vt str 1756If 1757.Va rarpd_enable 1758is set to 1759.Dq Li YES , 1760these are the flags to pass to the 1761.Xr rarpd 8 1762daemon. 1763.It Va wpa_supplicant_enable 1764.Pq Vt bool 1765If set to 1766.Dq Li YES , 1767run the 1768.Xr wpa_supplicant 8 1769daemon in 1770.Dq interface matching mode 1771at system boot time. 1772.It Va wpa_supplicant_program 1773.Pq Vt str 1774Path to 1775.Xr wpa_supplicant 8 . 1776.It Va wpa_supplicant_flags 1777.Pq Vt str 1778If 1779.Va wpa_supplicant_enable 1780is set to 1781.Dq Li YES , 1782these are the flags to pass to the 1783.Xr wpa_supplicant 8 1784daemon. 1785.It Va bootparamd_enable 1786.Pq Vt bool 1787If set to 1788.Dq Li YES , 1789run the 1790.Xr bootparamd 8 1791daemon at system boot time. 1792.It Va bootparamd_flags 1793.Pq Vt str 1794If 1795.Va bootparamd_enable 1796is set to 1797.Dq Li YES , 1798these are the flags to pass to the 1799.Xr bootparamd 8 1800daemon. 1801.It Va stf_interface_ipv4addr 1802.Pq Vt str 1803If not set to 1804.Dq Li NO , 1805this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1806Specify this entry to enable the 6to4 interface. 1807.It Va stf_interface_ipv4plen 1808.Pq Vt int 1809Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1810An effective value is 0-31. 1811.It Va stf_interface_ipv6_ifid 1812.Pq Vt str 1813IPv6 interface ID for 1814.Xr stf 4 . 1815This can be set to 1816.Dq Li AUTO . 1817.It Va stf_interface_ipv6_slaid 1818.Pq Vt str 1819IPv6 Site Level Aggregator for 1820.Xr stf 4 . 1821.It Va keybell 1822.Pq Vt str 1823The keyboard bell sound. 1824Set to 1825.Dq Li normal , 1826.Dq Li visual , 1827.Dq Li off , 1828or 1829.Dq Li NO 1830if the default behavior is desired. 1831For details, refer to the 1832.Xr kbdcontrol 1 1833manpage. 1834.It Va keymap 1835.Pq Vt str 1836If set to 1837.Dq Li NO , 1838no keymap is installed, otherwise the value is used to install 1839the keymap file in 1840.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1841.It Va keyrate 1842.Pq Vt str 1843The keyboard repeat speed. 1844Set to 1845.Dq Li slow , 1846.Dq Li normal , 1847.Dq Li fast , 1848or 1849.Dq Li NO 1850if the default behavior is desired. 1851.It Va keychange 1852.Pq Vt str 1853If not set to 1854.Dq Li NO , 1855attempt to program the function keys with the value. 1856The value should be a single string of the form: 1857.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1858.It Va cursor 1859.Pq Vt str 1860Can be set to the value of 1861.Dq Li normal , 1862.Dq Li blink , 1863.Dq Li destructive , 1864or 1865.Dq Li NO 1866to set the cursor behavior explicitly or choose the default behavior. 1867.It Va scrnmap 1868.Pq Vt str 1869If set to 1870.Dq Li NO , 1871no screen map is installed, otherwise the value is used to install 1872the screen map file in 1873.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1874.It Va font8x16 1875.Pq Vt str 1876If set to 1877.Dq Li NO , 1878the default 8x16 font value is used for screen size requests, otherwise 1879the value in 1880.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1881is used. 1882.It Va font8x14 1883.Pq Vt str 1884If set to 1885.Dq Li NO , 1886the default 8x14 font value is used for screen size requests, otherwise 1887the value in 1888.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1889is used. 1890.It Va font8x8 1891.Pq Vt str 1892If set to 1893.Dq Li NO , 1894the default 8x8 font value is used for screen size requests, otherwise 1895the value in 1896.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1897is used. 1898.It Va blanktime 1899.Pq Vt int 1900If set to 1901.Dq Li NO , 1902the default screen blanking interval is used, otherwise it is set to 1903.Ar value 1904seconds. 1905.It Va saver 1906.Pq Vt str 1907If not set to 1908.Dq Li NO , 1909this is the actual screen saver to use 1910.Li ( blank , snake , daemon , 1911etc). 1912.It Va moused_nondefault_enable 1913.Pq Vt str 1914If set to 1915.Dq Li NO , 1916the mouse device specified on 1917the command line is not automatically treated as enabled by the 1918.Pa /etc/rc.d/moused 1919script. 1920Having this variable set to 1921.Dq Li YES 1922allows a 1923.Xr usb 4 1924mouse, 1925for example, 1926to be enabled as soon as it is plugged in. 1927.It Va moused_enable 1928.Pq Vt str 1929If set to 1930.Dq Li YES , 1931the 1932.Xr moused 8 1933daemon is started for doing cut/paste selection on the console. 1934.It Va moused_type 1935.Pq Vt str 1936If 1937.Va moused_enable 1938is set to 1939.Dq Li YES , 1940this is the protocol type of the mouse connected to this host. 1941The default type is 1942.Dq Li auto . 1943The 1944.Xr moused 8 1945daemon 1946is able to detect the appropriate mouse type automatically in many cases. 1947Leave this variable at the default 1948.Dq Li auto 1949to let the daemon detect it, or 1950select one from the following list if the automatic detection fails. 1951.Pp 1952If the mouse is attached to the PS/2 mouse port, leave the variable at the 1953default 1954.Dq Li auto 1955or set it to 1956.Dq Li ps/2 , 1957regardless of the brand and model of the mouse. 1958Likewise, if the mouse is attached to the bus mouse port, leave it at 1959.Dq Li auto 1960or set it to 1961.Dq Li busmouse . 1962All other protocols are for serial mice and will not work with 1963the PS/2 and bus mice. 1964If this is a USB mouse, 1965.Dq Li auto 1966is the only protocol type which will work. 1967.Pp 1968.Bl -tag -width ".Li x10mouseremote" -compact 1969.It Li microsoft 1970Microsoft mouse (serial) 1971.It Li intellimouse 1972Microsoft IntelliMouse (serial) 1973.It Li mousesystems 1974Mouse systems Corp. mouse (serial) 1975.It Li mmseries 1976MM Series mouse (serial) 1977.It Li logitech 1978Logitech mouse (serial) 1979.It Li busmouse 1980A bus mouse 1981.It Li mouseman 1982Logitech MouseMan and TrackMan (serial) 1983.It Li glidepoint 1984ALPS GlidePoint (serial) 1985.It Li thinkingmouse 1986Kensington ThinkingMouse (serial) 1987.It Li ps/2 1988PS/2 mouse 1989.It Li mmhittab 1990MM HitTablet (serial) 1991.It Li x10mouseremote 1992X10 MouseRemote (serial) 1993.It Li versapad 1994Interlink VersaPad (serial) 1995.El 1996.Pp 1997Even if the mouse is not in the above list, it may be compatible 1998with one in the list. 1999Refer to the man page for 2000.Xr moused 8 2001for compatibility information. 2002.Pp 2003It should also be noted that while this is enabled, any 2004other client of the mouse (such as an X server) should access 2005the mouse through the virtual mouse device, 2006.Pa /dev/sysmouse , 2007and configure it as a 2008.Dq Li sysmouse 2009type mouse, since all 2010mouse data is converted to this single canonical format when using 2011.Xr moused 8 . 2012If the client program does not support the 2013.Dq Li sysmouse 2014type, specify the 2015.Dq Li mousesystems 2016type. 2017It is the second preferred type. 2018.It Va moused_port 2019.Pq Vt str 2020If 2021.Va moused_enable 2022is set to 2023.Dq Li YES , 2024this is the actual port the mouse is on. 2025It might be 2026.Pa /dev/cuaa0 2027for a COM1 serial mouse or 2028.Pa /dev/psm0 2029for a PS/2 mouse, for example. 2030.It Va moused_flags 2031.Pq Vt str 2032If 2033.Va moused_type 2034is set, these are the additional flags to pass to the 2035.Xr moused 8 2036daemon. 2037.It Va mousechar_start 2038.Pq Vt int 2039If set to 2040.Dq Li NO , 2041the default mouse cursor character range 2042.Li 0xd0 Ns - Ns Li 0xd3 2043is used, otherwise the range start is set to 2044.Ar value 2045character, see 2046.Xr vidcontrol 1 . 2047Use if the default range is occupied in the language code table. 2048.It Va vidhistory 2049.Pq Vt int 2050Set the size of the history (scrollback) buffer in lines. 2051.It Va allscreens_flags 2052.Pq Vt str 2053If set, 2054.Xr vidcontrol 1 2055is run with these options for each of the virtual terminals 2056.Pq Pa /dev/ttyv* . 2057For example, 2058.Dq Fl m Cm on 2059will enable the mouse pointer on all virtual terminals if 2060.Va moused_enable 2061is set to 2062.Dq Li YES . 2063.It Va allscreens_kbdflags 2064.Pq Vt str 2065If set, 2066.Xr kbdcontrol 1 2067is run with these options for each of the virtual terminals 2068.Pq Pa /dev/ttyv* . 2069For example, 2070.Dq Fl h Li 200 2071will set the 2072.Xr syscons 4 2073scrollback (history) buffer to 200 lines. 2074.It Va cron_enable 2075.Pq Vt bool 2076If set to 2077.Dq Li YES , 2078run the 2079.Xr cron 8 2080daemon at system boot time. 2081.It Va cron_program 2082.Pq Vt str 2083Path to 2084.Xr cron 8 2085(default 2086.Pa /usr/sbin/cron ) . 2087.It Va cron_flags 2088.Pq Vt str 2089If 2090.Va cron_enable 2091is set to 2092.Dq Li YES , 2093these are the flags to pass to 2094.Xr cron 8 . 2095.It Va lpd_program 2096.Pq Vt str 2097Path to 2098.Xr lpd 8 2099(default 2100.Pa /usr/sbin/lpd ) . 2101.It Va lpd_enable 2102.Pq Vt bool 2103If set to 2104.Dq Li YES , 2105run the 2106.Xr lpd 8 2107daemon at system boot time. 2108.It Va lpd_flags 2109.Pq Vt str 2110If 2111.Va lpd_enable 2112is set to 2113.Dq Li YES , 2114these are the flags to pass to the 2115.Xr lpd 8 2116daemon. 2117.It Va nscd_enable 2118.Pq Vt bool 2119If set to 2120.Dq Li YES , 2121run the 2122.Xr nscd 8 2123daemon at system boot time. 2124.It Va mixer_enable 2125.Pq Vt bool 2126If set to 2127.Dq Li YES , 2128preserve 2129.Xr mixer 8 2130settings across reboots. 2131.It Va mta_start_script 2132.Pq Vt str 2133The full path to the script to run to start 2134a mail transfer agent. 2135The default is 2136.Pa /etc/rc.sendmail . 2137The 2138.Va sendmail_* 2139variables which 2140.Pa /etc/rc.sendmail 2141uses are documented in the 2142.Xr rc.sendmail 8 2143man page. 2144.It Va fixbootfile 2145.Pq Vt bool 2146In a 2147.Sq HAMMER ROOT with UFS /boot 2148setup, the boot loader will not set up the 2149.Va kern.bootfile 2150sysctl correctly. 2151The system will attempt to fix this on its own. 2152Set this variable to 2153.Dq Li NO 2154to turn this behavior off. 2155.It Va dumpdev 2156.Pq Vt str 2157Indicates the device (usually a swap partition) to which a crash dump 2158should be written in the event of a system crash. 2159The value of this variable is passed as the argument to 2160.Xr dumpon 8 2161and 2162.Xr savecore 8 . 2163To disable crash dumps, set this variable to 2164.Dq Li NO . 2165.It Va dumpdir 2166.Pq Vt str 2167When the system reboots after a crash and a crash dump is found on the 2168device specified by the 2169.Va dumpdev 2170variable, 2171.Xr savecore 8 2172will save that crash dump and a copy of the kernel to the directory 2173specified by the 2174.Va dumpdir 2175variable. 2176The default value is 2177.Pa /var/crash . 2178Set to 2179.Dq Li NO 2180to not run 2181.Xr savecore 8 2182at boot time when 2183.Va dumpdir 2184is set. 2185.It Va savecore_flags 2186.Pq Vt str 2187If crash dumps are enabled, these are the flags to pass to the 2188.Xr savecore 8 2189utility. 2190.It Va crashinfo_enable 2191.Pq Vt bool 2192Set to 2193.Dq Li YES 2194to turn on automatic crash dump summary generation using the utility 2195specified by the 2196.Va crashinfo_program 2197variable. 2198.It Va crashinfo_program 2199.Pq Vt str 2200Program to run to generate a crash dump summary if the variable 2201.Va crashinfo_enable 2202is set to 2203.Dq Li YES . 2204The default value is 2205.Pa /usr/sbin/crashinfo . 2206.It Va enable_quotas 2207.Pq Vt bool 2208Set to 2209.Dq Li YES 2210to turn on user disk quotas on system startup via the 2211.Xr quotaon 8 2212command. 2213.It Va check_quotas 2214.Pq Vt bool 2215Set to 2216.Dq Li YES 2217to enable user disk quota checking via the 2218.Xr quotacheck 8 2219command. 2220.It Va accounting_enable 2221.Pq Vt bool 2222Set to 2223.Dq Li YES 2224to enable system accounting through the 2225.Xr accton 8 2226facility. 2227.\" ----- cleanvar_enable setting-------------------------------- 2228.It Va cleanvar_enable 2229.Pq Vt bool 2230Set to 2231.Dq Li YES 2232to have 2233.Pa /var/run , 2234.Pa /var/spool/lock 2235and 2236.Pa /var/spool/uucp/.Temp/* 2237cleaned at startup. 2238.\" ----- clear_tmp_enable setting------------------------------- 2239.It Va clear_tmp_enable 2240.Pq Vt bool 2241Set to 2242.Dq Li YES 2243to have 2244.Pa /tmp 2245cleaned at startup. 2246.\" ----- ldconfig_paths setting -------------------------------- 2247.It Va ldconfig_paths 2248.Pq Vt str 2249Set to the list of shared library paths to use with 2250.Xr ldconfig 8 . 2251NOTE: 2252.Pa /usr/lib 2253will always be added first, so it need not appear in this list. 2254.It Va ldconfig_insecure 2255.Pq Vt bool 2256The 2257.Xr ldconfig 8 2258utility normally refuses to use directories 2259which are writable by anyone except root. 2260Set this variable to 2261.Dq Li YES 2262to disable that security check during system startup. 2263.It Va ldconfig_local_dirs 2264.Pq Vt str 2265Set to the list of local 2266.Xr ldconfig 8 2267directories. 2268The names of all files in the directories listed will be 2269passed as arguments to 2270.Xr ldconfig 8 . 2271.It Va kern_securelevel 2272.Pq Vt int 2273The kernel security level to set at startup. 2274The allowed range of 2275.Ar value 2276ranges from \-1 (the compile time default) to 3 (the most secure). 2277See 2278.Xr init 8 2279for the list of possible security levels and their effect on system operation. 2280.It Va start_vinum 2281.Pq Vt bool 2282Set to 2283.Dq Li YES 2284to start 2285.Xr vinum 8 2286at system boot time. 2287.It Va sshd_enable 2288.Pq Vt bool 2289Set to 2290.Dq Li YES 2291to start 2292.Xr sshd 8 2293at system boot time. 2294.It Va sshd_program 2295.Pq Vt str 2296Path to the SSH server program 2297(default 2298.Pa /usr/sbin/sshd ) . 2299.It Va sshd_flags 2300.Pq Vt str 2301If 2302.Va sshd_enable 2303is set to 2304.Dq Li YES , 2305these are the flags to pass to the 2306.Xr sshd 8 2307daemon. 2308.It Va ftpd_enable 2309.Pq Vt bool 2310Set to 2311.Dq Li YES 2312to start 2313.Xr ftpd 8 2314at system boot time. 2315.It Va ftpd_flags 2316.Pq Vt str 2317If 2318.Va ftpd_enable 2319is set to 2320.Dq Li YES , 2321these are the flags to pass to the 2322.Xr ftpd 8 2323daemon. 2324.It Va watchdogd_enable 2325.Pq Vt bool 2326If set to 2327.Dq Li YES , 2328start the 2329.Xr watchdogd 8 2330daemon at boot time. 2331.It Va jail_enable 2332.Pq Vt bool 2333If set to 2334.Dq Li NO , 2335any configured jails will not be started. 2336.It Va jail_list 2337.Pq Vt str 2338A space separated list of names for jails. 2339This is purely a configuration aid to help identify and 2340configure multiple jails. 2341The names specified in this list will be used to 2342identify settings common to an instance of a jail. 2343Assuming that the jail in question was named 2344.Li vjail , 2345you would have the following dependent variables: 2346.Bd -literal 2347jail_vjail_hostname="jail.example.com" 2348jail_vjail_ip="192.168.1.100" 2349jail_vjail_rootdir="/var/jails/vjail/root" 2350.Ed 2351.It Va jail_flags 2352.Pq Vt str 2353Unset by default. 2354When set, use as default value for 2355.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2356for every jail in 2357.Va jail_list . 2358.It Va jail_interface 2359.Pq Vt str 2360Unset by default. 2361When set, use as default value for 2362.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2363for every jail in 2364.Va jail_list . 2365.It Va jail_fstab 2366.Pq Vt str 2367Unset by default. 2368When set, use as default value for 2369.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2370for every jail in 2371.Va jail_list . 2372.It Va jail_mount_enable 2373.Pq Vt bool 2374Set to 2375.Dq Li NO 2376by default. 2377When set to 2378.Dq Li YES , 2379sets 2380.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2381to 2382.Dq Li YES 2383by default for every jail in 2384.Va jail_list . 2385.It Va jail_procfs_enable 2386.Pq Vt bool 2387Set to 2388.Dq Li NO 2389by default. 2390When set to 2391.Dq Li YES , 2392sets 2393.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2394to 2395.Dq Li YES 2396by default for every jail in 2397.Va jail_list . 2398.It Va jail_devfs_enable 2399.Pq Vt bool 2400Set to 2401.Dq Li NO 2402by default. 2403When set to 2404.Dq Li YES , 2405sets 2406.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2407to 2408.Dq Li YES 2409by default for every jail in 2410.Va jail_list . 2411.It Va jail_exec_start 2412.Pq Vt str 2413Unset by default. 2414When set, use as default value for 2415.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2416for every jail in 2417.Va jail_list . 2418.It Va jail_exec_stop 2419Unset by default. 2420When set, use as default value for 2421.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2422for every jail in 2423.Va jail_list . 2424.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2425.Pq Vt str 2426Unset by default. 2427Set to the root directory used by jail 2428.Va jname . 2429.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2430.Pq Vt str 2431Unset by default. 2432Set to the fully qualified domain name (FQDN) assigned to jail 2433.Va jname . 2434.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2435.Pq Vt str 2436Unset by default. 2437Set to the IP address assigned to jail 2438.Va jname . 2439.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2440.Pq Vt str 2441Set to 2442.Dq Li -l -U root 2443by default. 2444These are flags to pass to 2445.Xr jail 8 . 2446.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2447.Pq Vt str 2448Unset by default. 2449When set, sets the interface to use when setting IP address alias. 2450Note that the alias is created at jail startup and removed at jail shutdown. 2451.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2452.Pq Vt str 2453Set to 2454.Pa /etc/fstab. Ns Aq Ar jname 2455by default. 2456This is the file system information file to use for jail 2457.Va jname . 2458.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2459.Pq Vt bool 2460Set to 2461.Dq Li NO 2462by default. 2463When set to 2464.Dq Li YES , 2465mount all file systems from 2466.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2467at jail startup. 2468.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2469.Pq Vt bool 2470Set to 2471.Dq Li NO 2472by default. 2473When set to 2474.Dq Li YES , 2475mount the process file system inside jail 2476.Ar jname 2477at jail startup. 2478.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2479.Pq Vt bool 2480Set to 2481.Dq Li NO 2482by default. 2483When set to 2484.Dq Li YES , 2485mount the device file system inside jail 2486.Ar jname 2487at jail startup. 2488.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2489.Pq Vt str 2490Set to 2491.Dq Li /bin/sh /etc/rc 2492by default. 2493This is the command executed at jail startup. 2494.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2495.Pq Vt str 2496Set to 2497.Dq Li /bin/sh /etc/rc.shutdown 2498by default. 2499This is the command executed at jail shutdown. 2500.It Va jail_default_set_hostname_allow 2501.Pq Vt bool 2502If set to 2503.Dq Li NO , 2504do not allow the root user in a jail to set its hostname. 2505.It Va jail_default_socket_unixiproute_only 2506.Pq Vt bool 2507If set to 2508.Dq Li YES , 2509do not allow any sockets, 2510besides UNIX/IP/route sockets, 2511to be used within a jail. 2512.It Va jail_default_sysvipc_allow 2513.Pq Vt bool 2514If set to 2515.Dq Li YES , 2516allow applications within a jail to use System V IPC. 2517.It Va jail_default_chflags_allow 2518.Pq Vt bool 2519If set to 2520.Dq Li YES , 2521allow applications within a jail to alter system file flags. 2522.It Va jail_default_raw_sockets_allow 2523.Pq Vt bool 2524If set to 2525.Dq Li YES , 2526allow applications within a jail to user raw sockets. 2527.It Va jail_default_allow_listen_override 2528.Pq Vt bool 2529If set to 2530.Dq Li YES , 2531 allows both wildcard and non-wildcard listen sockets in the jail to 2532override wildcard listen sockets on the host. 2533.It Va lvm_enable 2534.Pq Vt bool 2535If set to 2536.Dq Li YES 2537LVM volumes will be discovered and configured on boot. 2538.It Va newsyslog_enable 2539.Pq Vt bool 2540If set to 2541.Dq Li YES , 2542run 2543.Xr newsyslog 8 2544before syslogd starts. 2545.It Va newsyslog_flags 2546.Pq Vt str 2547If 2548.Va newsyslog_enable 2549is set to 2550.Dq Li YES , 2551these are the flags passed to 2552.Xr newsyslog 8 . 2553.It Va resident_enable 2554.Pq Vt bool 2555If set to 2556.Dq Li YES , 2557make the dynamic binaries listed in 2558.Pa /etc/resident.conf 2559resident. 2560.It Va varsym_enable 2561.Pq Vt bool 2562If set to 2563.Dq Li YES , 2564process 2565.Pa /etc/varsym.conf 2566to set system-wide variables for variant symlinks. 2567.It Va rand_irqs 2568.Pq Vt str 2569Set either to 2570.Dq Li NO 2571or a whitespace separated list of IRQ numbers which will be used as a source of 2572randomness. 2573.\" ----------------------------------------------------- 2574.It Va entropy_dir 2575.Pq Vt str 2576Set to 2577.Dq Li NO 2578to disable caching entropy via 2579.Xr cron 8 . 2580Otherwise set to the directory used to store entropy files in. 2581.It Va entropy_file 2582.Pq Vt str 2583Set to 2584.Dq Li NO 2585to disable caching entropy through reboots. 2586Otherwise set to the filename used to store cached entropy through reboots. 2587This file should be located on the root file system to seed the 2588.Xr random 4 2589device as early as possible in the boot process. 2590.It Va entropy_save_sz 2591.Pq Vt int 2592Determines the size of the entropy cache files used for entropy cached 2593through reboots and also entropy cached via 2594.Xr cron 8 . 2595The entropy is fed to the system in blocks of 512 bytes, so this number 2596should be large enough to fill as many of the entropy pools in the kernel 2597CSPRNG as possible. 2598By default, it is set to 16384, which should be able to seed all 32 entropy 2599pools in the Fortuna CSPRNG. 2600.It Va dmesg_enable 2601.Pq Vt bool 2602Set to 2603.Dq Li YES 2604to save 2605.Xr dmesg 8 2606to 2607.Pa /var/run/dmesg.boot 2608on boot. 2609.It Va rcshutdown_timeout 2610.Pq Vt int 2611If set, start a watchdog timer in the background which will terminate 2612.Pa rc.shutdown 2613if 2614.Xr shutdown 8 2615has not completed within the specified time (in seconds). 2616Notice that in addition to this soft timeout, 2617.Xr init 8 2618also applies a hard timeout for the execution of 2619.Pa rc.shutdown . 2620This is configured via 2621.Xr sysctl 8 2622variable 2623.Va kern.init_shutdown_timeout 2624and defaults to 120 seconds. Setting the value of 2625.Va rcshutdown_timeout 2626to more than 120 seconds will have no effect until the 2627.Xr sysctl 8 2628variable 2629.Va kern.init_shutdown_timeout 2630is also increased. 2631.It Va udevd_enable 2632.Pq Vt bool 2633If set to 2634.Dq Li YES , 2635the udevd daemon will be started on boot. 2636.It Va vfs_quota_enable 2637.Pq Vt bool 2638If set to 2639.Dq Li YES , 2640vfs quota rc.d scripts will be run on boot. 2641.It Va vfs_quota_sync 2642.Pq Vt str 2643List of mount points whose counters are to be synchronized with on-disk 2644usage during system startup. 2645See also 2646.Xr vquota 8 . 2647.It Va vknetd_enable 2648.Pq Vt bool 2649If set to 2650.Dq Li YES , 2651.Xr vknetd 8 2652will be started on boot. 2653.It Va vknetd_flags 2654.Pq Vt bool 2655Additional flags passed to 2656.Xr vknetd 8 . 2657Usually address/cidrbits is specified here. 2658When no flags are passed, default option 2659.Fl U 2660will be used. 2661.It Va vkernel_enable 2662.Pq Vt bool 2663If set to 2664.Dq Li NO , 2665any configured vkernels will not be started. 2666.It Va vkernel_kill_timeout 2667.Pq Vt int 2668This defines the default number of seconds that we will wait for the 2669vkernel to shut down on its own. 2670If after this time it's still alive, 2671it will be killed with SIGKILL. 2672.It Va vkernel_bin 2673.Pq Vt str 2674Defines the default path to the vkernel binary. 2675.It Va vkernel_list 2676.Pq Vt str 2677A space separated list of names for vkernels. 2678This is purely a configuration aid to help identify and 2679configure multiple vkernels. 2680The names specified in this list will be used to 2681identify settings common to a vkernel instance. 2682Assuming that the vkernel in question was named 2683.Li example , 2684you would have the following dependent variables 2685(filled with reference values in this text): 2686.Bd -literal 2687vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2688vkernel_example_memsize="64m" 2689vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2690vkernel_example_memimg="/var/vkernel/memimg.000001" 2691vkernel_example_user="myuser" 2692vkernel_example_iface_list="auto:bridge0" 2693vkernel_example_logfile="/dev/null" 2694vkernel_example_flags="-U" 2695vkernel_example_kill_timeout="45" 2696.Ed 2697.Pp 2698The last six are optional. 2699They default to an empty string if not set, except for logfile which defaults to 2700.Pa /dev/null 2701if it is not set. 2702.Pp 2703Note that in case 2704.Va vkernel_memimg 2705is not set, the 2706.Pa rc.d 2707script will create 2708.Pa /var/vkernel , 2709which is the vkernel's default directory for memory images, 2710with permissions of 1777, i.e. world writable with the sticky bit set 2711(see 2712.Xr sticky 8 ) . 2713.It Va autofs_enable 2714.Pq Vt bool 2715If set to 2716.Dq Li YES , 2717start the 2718.Xr automount 8 2719utility and the 2720.Xr automountd 8 2721and 2722.Xr autounmountd 8 2723daemons at boot time. 2724.It Va automount_flags 2725.Pq Vt str 2726If 2727.Va autofs_enable 2728is set to 2729.Dq Li YES , 2730these are the flags to pass to the 2731.Xr automount 8 2732program. 2733By default no flags are passed. 2734.It Va automountd_flags 2735.Pq Vt str 2736If 2737.Va autofs_enable 2738is set to 2739.Dq Li YES , 2740these are the flags to pass to the 2741.Xr automountd 8 2742daemon. 2743By default no flags are passed. 2744.It Va autounmountd_flags 2745.Pq Vt str 2746If 2747.Va autofs_enable 2748is set to 2749.Dq Li YES , 2750these are the flags to pass to the 2751.Xr autounmountd 8 2752daemon. 2753By default no flags are passed. 2754.El 2755.Sh FILES 2756.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2757.It Pa /etc/defaults/rc.conf 2758.It Pa /etc/rc.conf 2759.It Pa /etc/rc.conf.local 2760.It Pa /etc/start_if. Ns Aq Ar interface 2761.El 2762.Sh SEE ALSO 2763.Xr gdb 1 , 2764.Xr info 1 , 2765.Xr kbdcontrol 1 , 2766.Xr varsym 1 , 2767.Xr vidcontrol 1 , 2768.Xr ip 4 , 2769.Xr ipfw 4 , 2770.Xr kld 4 , 2771.Xr pf 4 , 2772.Xr tcp 4 , 2773.Xr udp 4 , 2774.Xr vlan 4 , 2775.Xr wg 4 , 2776.Xr autofs 5 , 2777.Xr auto_master 5 , 2778.Xr exports 5 , 2779.Xr motd 5 , 2780.Xr resident.conf 5 , 2781.Xr varsym.conf 5 , 2782.Xr accton 8 , 2783.Xr automount 8 , 2784.Xr automountd 8 , 2785.Xr autounmountd 8 , 2786.Xr btconfig 8 , 2787.Xr bthcid 8 , 2788.Xr cron 8 , 2789.Xr devd 8 , 2790.Xr dhclient 8 , 2791.Xr dhcpcd 8 , 2792.Xr dntpd 8 , 2793.Xr ftpd 8 , 2794.Xr ifconfig 8 , 2795.Xr inetd 8 , 2796.Xr ip6addrctl 8 , 2797.Xr jail 8 , 2798.Xr lpd 8 , 2799.Xr makewhatis 8 , 2800.Xr mixer 8 , 2801.Xr mountd 8 , 2802.Xr moused 8 , 2803.Xr nfsd 8 , 2804.Xr pcnfsd 8 , 2805.Xr pfctl 8 , 2806.Xr pflogd 8 , 2807.Xr quotacheck 8 , 2808.Xr quotaon 8 , 2809.Xr rc 8 , 2810.Xr rc.sendmail 8 , 2811.Xr resident 8 , 2812.Xr rndcontrol 8 , 2813.Xr route 8 , 2814.Xr routed 8 , 2815.Xr rpcbind 8 , 2816.Xr rpc.lockd 8 , 2817.Xr rpc.statd 8 , 2818.Xr rtadvd 8 , 2819.Xr rtsold 8 , 2820.Xr rwhod 8 , 2821.Xr savecore 8 , 2822.Xr sdpd 8 , 2823.Xr sensorsd 8 , 2824.Xr sshd 8 , 2825.Xr swapon 8 , 2826.Xr sysctl 8 , 2827.Xr syslogd 8 , 2828.Xr sysvipcd 8 , 2829.Xr vinum 8 , 2830.Xr wpa_supplicant 8 , 2831.Xr yp 8 , 2832.Xr ypbind 8 , 2833.Xr ypserv 8 , 2834.Xr ypset 8 2835.Sh HISTORY 2836The 2837.Nm 2838file appeared in 2839.Fx 2.2.2 . 2840.Sh AUTHORS 2841.An Jordan K. Hubbard . 2842