1# $NetBSD: rc.conf,v 1.119 2012/02/07 19:13:30 joerg Exp $ 2# 3# /etc/defaults/rc.conf -- 4# default configuration of /etc/rc.conf 5# 6# see rc.conf(5) for more information. 7# 8# DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE. 9# EDIT /etc/rc.conf INSTEAD. 10# 11 12# 13# Use program=YES to enable program, NO to disable it. program_flags are 14# passed to the program on the command line. 15# 16 17# Uncomment this if you want to use local paths in rc. 18# 19#export PATH=$PATH:/usr/pkg/sbin:/usr/pkg/bin:/usr/local/sbin:/usr/local/bin 20 21# Uncomment the following to execute each /etc/rc.d script in 22# the current shell rather than in a subshell. This may be 23# faster on very slow machines that have an expensive fork(2). 24# NOTE: USE THIS AT YOUR OWN RISK; A ROGUE COMMAND 25# MAY INADVERTENTLY PREVENT BOOT TO MULTIUSER. 26# 27#rc_fast_and_loose=YES 28 29# If rc_silent is true then /etc/rc will suppress most output to 30# the console. The default is taken from the AB_SILENT flag passed 31# from the boot loader to the kernel in the boothowto(9) variable. 32# 33# rc_silent_cmd is executed once for each suppressed line of output. 34# Useful values are ":" and "twiddle". 35# 36rc_silent=$( [ "$(( $(/sbin/sysctl -n kern.boothowto 2>/dev/null || echo 0) \ 37 & 0x40000 ))" != 0 ] && echo true || echo false ) 38rc_silent_cmd=twiddle 39 40# Additional flags to the rcorder(8) that's run by /etc/rc. 41# 42rc_rcorder_flags="" 43 44# The directories searched for rc scripts. 45# These directories must be part of the root filesystem. 46rc_directories=/etc/rc.d 47 48# If this is set to NO, shutdown(8) will not run /etc/rc.shutdown. 49# 50do_rcshutdown=YES 51 52# Additional flags to the rcorder(8) that's run by /etc/rc.shutdown. 53# 54rcshutdown_rcorder_flags="" 55 56# If this is non-blank, use as the number of seconds to run a watchdog 57# timer which will terminate /etc/rc.shutdown if the timeout expires. 58# 59rcshutdown_timeout="" 60 61 62# Basic network configuration 63# 64 65# Fully Qualified Internet Domain Name (a.k.a. hostname, e.g. foo.baz.edu). 66# If blank, use /etc/myname. 67# 68hostname="" 69 70# If there's only one way out of your IPv4 network, set this to the hostname 71# or the IPv4 address of the router that will get your packets off the LAN. 72# If blank, use /etc/mygate. 73# 74defaultroute="" 75 76# Same thing for IPv6. If blank, use /etc/mygate6. 77# 78defaultroute6="" 79 80# The NIS domain name (formerly known as Yellow Pages); not in any way 81# related to Internet domain names. 82# If blank, use /etc/defaultdomain. 83# 84domainname="" 85 86# Filesystems to mount early in boot-up. 87# Note that `/var' is needed in $critical_filesystems_local (or 88# implied as part of `/') as certain services that need /var (such as 89# dhclient) may be needed to get the network operational enough to mount 90# the $critical_filesystems_remote. Prepending "OPTIONAL:" means it 91# will not be an error if that file system is not present in fstab(5). 92# 93critical_filesystems_local="OPTIONAL:/var" 94critical_filesystems_remote="OPTIONAL:/usr" 95 96# Swap device controls. 97# 98no_swap=NO # Set to YES if you have purposefully setup no swap 99 # partitions and don't want to be warned about it. 100swapoff=YES # Remove block-type swap partitions upon shutdown 101 # This defaults to yes, so that raids shutdown cleanly 102 103# Concatenated disk driver. 104# 105ccd=YES 106 107# RAIDframe driver (manually configured devices). 108# 109raidframe=YES 110 111# Crypto file system. 112# 113cgd=YES 114 115# Logical Volume Manager 116# 117lvm=NO 118 119# One-time actions and programs on boot-up. 120# 121savecore=YES savecore_flags="-z" 122 savecore_dir="/var/crash" 123per_user_tmp=NO # per-user /tmp directories 124per_user_tmp_dir="/private/tmp" # real storage for /tmp 125clear_tmp=YES # clear /tmp after reboot 126update_motd=YES # updates /etc/motd 127dmesg=YES dmesg_flags="" # write /var/run/dmesg.boot 128accounting=NO # uses /var/account/acct 129newsyslog=NO newsyslog_flags="" # trim log files 130quota=YES # check and enable quotas 131ldconfig=YES # rebuild a.out ldconfig cache 132sysdb=YES # build system databases 133rndctl=NO rndctl_flags="" # configure rndctl(8) 134gpio=NO # configure GPIO devices 135 136# cope with other OSes using the real time clock at localtime on this 137# machine (by adjusting kern.rtc_offset at boot) 138rtclocaltime=NO 139 140# NOTE: default coredump name now set in /etc/sysctl.conf 141 142# 143# File system check flags; default to preen mode, checking filesystems 144# that are listed in /etc/fstab in parallel as the fsck pass number 145# permits. Fix minor faults automatically, and exit with non 0 only 146# when major errors occur. 147# 148fsck_flags=-p 149 150# Security setting. If $securelevel is non-empty, the system securelevel 151# is set to this value early in the boot sequence. Otherwise the default 152# action is taken (see init(8)). 153# 154securelevel="" # securelevel to set to 155 156# To set the IP address of an interface either use 157# ifconfig_xxN="IP-NO" 158# where xxN is the interface. If this variable is not set then 159# contents of the file /etc/ifconfig.xxN is used. 160 161# Networking startup. 162# 163mdnsd=NO 164npf=NO 165ipfilter=NO ipfilter_flags="" # uses /etc/ipf.conf 166ipnat=NO # uses /etc/ipnat.conf 167ipfs=NO ipfs_flags="" # save/load ipnat and ipf states 168ipsec=NO # uses /etc/ipsec.conf 169ipmon=NO ipmon_flags="-Dns" # syslog ipfilter messages 170pf=NO pf_rules="/etc/pf.conf" pf_flags="" 171pflogd=NO 172ftp_proxy=NO 173racoon=NO # IKE daemon 174auto_ifconfig=YES # config all avail. interfaces 175net_interfaces="" # used only if above is NO 176flushroutes=YES # flush routes in netstart 177dhcpcd=NO 178dhcpcd_flags="-q" # For ifconfig_XXX=dhcp. 179dhclient=NO # behave as a DHCP client 180 dhclient_flags="" # blank: config all interfaces 181ntpdate=NO ntpdate_flags="-b -s" # May need '-u' thru firewall 182ppp_peers="" # /etc/ppp/peers to call 183ip6mode=host # host, autohost or router 184ip6uniquelocal=NO # IPv6 unique-local forwarding 185rtsol=NO rtsol_flags="-a" # for ip6mode=autohost only 186 187# Special treatment for interfaces that need to be downed on 188# shutdown (because they might cause unnecessary costs or block resources 189# on the peer). All pppoe* interfaces are automatically included in this 190# list, add others here manually. 191#force_down_interfaces="" 192 193ifwatchd=NO # execute up/down scripts for in-kernel PPPoE interfaces 194 ifwatchd_flags="-u /etc/ppp/ip-up -d /etc/ppp/ip-down pppoe0" 195 196# ALTQ configuration/monitoring daemon 197altqd=NO altqd_flags="" 198 199# Daemons required by servers. These are not needed for strictly client use. 200# 201 202# inetd is used to start the IP-based services enabled in /etc/inetd.conf 203# 204inetd=YES inetd_flags="-l" # -l logs libwrap 205 206# identd 207# 208identd=NO identd_flags="-b -l -u nobody" 209 210# rpcbind (formerly known as 'portmap') is used to look up RPC-based services. 211# 212rpcbind=NO rpcbind_flags="-l" # -l logs libwrap 213 214# Commonly used daemons. 215# 216syslogd=YES syslogd_flags="-s" # -s "secure" unix domain only 217cron=YES 218named=NO named_flags="" # see below for named_chrootdir 219timed=NO timed_flags="" 220ntpd=NO ntpd_flags="" # see below for ntpd_chrootdir 221# The default setting for postfix here is YES, but gets re-examined by 222# the rc.d/postfix startup script when it runs. The script sets 223# _rc_d_postfix to "check", and then causes all rc.conf settings to 224# be re-evaluated. If the value of $postfix after this is "check", 225# the script then checks to see if /etc/mailer.conf selects the system 226# postfix. If not, it does print a warning and does not start postfix 227# to avoid conflict with a different MTA. 228postfix=${_rc_d_postfix:-YES} 229lpd=NO lpd_flags="-s" # -s "secure" unix domain only 230sshd=NO sshd_flags="" 231ssh_keygen_flags="-b 1024" # generate 1024 bit keys if host keys missing 232ftpd=NO ftpd_flags="-ll" 233httpd=NO httpd_flags="" 234 httpd_wwwdir="/var/www" 235 httpd_wwwuser="_httpd" 236 237# To run the named(8) DNS server as an unprivileged user under a 238# chroot(2) cage, uncomment the following after migrating the contents 239# of /etc/namedb to /var/chroot/named/etc/namedb 240# 241#named_chrootdir="/var/chroot/named" 242 243# To run the ntpd(8) NTP server as an unprivileged user under a 244# chroot(2) cage, uncomment the following, after ensuring that: 245# - The kernel has "pseudo-device clockctl" compiled in 246# - /dev/clockctl is present 247# 248#ntpd_chrootdir="/var/chroot/ntpd" 249 250# Routing daemons. 251# 252routed=NO routed_flags="-q" 253gated=NO 254mrouted=NO mrouted_flags="" 255route6d=NO route6d_flags="" 256rtsold=NO rtsold_flags="-a" # for ip6mode=autohost only 257ldpd=NO 258 259# Daemons used to boot other hosts over a network. 260# 261rarpd=NO rarpd_flags="-a" 262bootparamd=NO bootparamd_flags="" 263dhcpd=NO dhcpd_flags="-q" 264dhcrelay=NO dhcrelay_flags="" 265rbootd=NO rbootd_flags="" 266mopd=NO mopd_flags="-a" 267ndbootd=NO ndbootd_flags="-s /tftpboot /tftpboot/bootyy" 268rtadvd=NO rtadvd_flags="" 269isibootd=NO isibootd_flags="" 270 271# X11 daemons. 272# 273xfs=NO xfs_flags="" # X11 font server 274xdm=NO xdm_flags="" # X11 display manager; needs 275 # wscons=YES for local displays. 276 277# Update fontconfig cache at boot 278fccache=YES 279 280# YP (NIS) daemons. 281# 282ypbind=NO ypbind_flags="" 283ypserv=NO ypserv_flags="-d" 284yppasswdd=NO yppasswdd_flags="" 285 286# NFS daemons and parameters. 287# 288mountd=NO mountd_flags="" # NFS mount requests daemon 289nfs_client=NO # enable client daemons 290nfs_server=NO # enable server daemons 291 nfsd_flags="-6tun 4" 292lockd=NO lockd_flags="" 293statd=NO statd_flags="" 294amd=NO amd_flags="-l syslog -x error,noinfo,nostats" 295 amd_dir=/amd # mount dir 296 297# Heimdal Kerberos 5 KDC (with Kerberos IV compatibility) 298kdc=NO kdc_flags="--detach" 299 300# iSCSI target 301iscsi_target=NO iscsi_target_flags="" 302 303# WPA daemons. 304hostapd=NO hostapd_flags="-B /etc/hostapd.conf" 305wpa_supplicant=NO wpa_supplicant_flags="-B" # -i<if> -c<file> 306 307# ISDN daemon 308isdnd=NO isdnd_flags="" 309 310# Bluetooth configuration 311bluetooth=NO 312# and the following are used when bluetooth=YES 313btconfig_devices="" # all 314bthcid=YES bthcid_flags="" 315sdpd=YES sdpd_flags="" 316 317# Other daemons. 318# 319rwhod=NO rwhod_flags="-u _rwhod" 320devpubd=NO devpubd_flags="" # autocreate nodes for new devs 321envsys=NO # Set /etc/envsys.conf preferences 322 323# Hardware daemons. 324# 325apmd=NO apmd_flags="" # APM power management daemon. 326powerd=NO powerd_flags="" # power management daemon 327screenblank=NO screenblank_flags="" # wscons and FBIO screenblanker 328 329moused=NO # serial mouse handler 330 moused_flags="-p /dev/tty00" 331 332wdogctl=NO # watchdog timer control 333# wdogctl_flags="-k devicename" 334irdaattach=NO # attach serial lines to IrDA 335 irdaattach_flags="tty00" 336 337# Configuration of "wscons" console driver virtual screens. 338# 339wscons=NO wscons_flags="" # setup wscons from wscons.conf 340 341# Configuration of "wsmoused" console driver cut-n-paste support 342# 343wsmoused=NO wsmoused_flags="" 344 345# Configuration of "tpctl" touch panel calibration utility 346# 347tpctl=NO tpctl_flags="" 348 349# Mixer setting 350# 351mixerctl=NO mixerctl_mixers="" # "mixer0 mixer1" means saving 352 # and restoring their settings 353 354# Vi recovery notification. Vi(1)'s -r option can recover files which were 355# accidentally closed. See vi(1) for more details. 356# 357virecover=YES 358 359# Veriexec signature loading. 360# 361veriexec=NO 362veriexec_strict=0 363veriexec_verbose=0 364veriexec_flags="-k" 365 366# Entropy load/save to/from /dev/random at startup/shutdown 367# 368random_seed=YES 369 370# Creating / updating of man page index on boot 371makemandb=YES 372