1.\" $NetBSD: sysctl.8,v 1.141 2006/01/14 11:52:20 elad Exp $ 2.\" 3.\" Copyright (c) 2004 The NetBSD Foundation, Inc. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the NetBSD 17.\" Foundation, Inc. and its contributors. 18.\" 4. Neither the name of The NetBSD Foundation nor the names of its 19.\" contributors may be used to endorse or promote products derived 20.\" from this software without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 23.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 24.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 25.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 26.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 32.\" POSSIBILITY OF SUCH DAMAGE. 33.\" 34.\" 35.\" Copyright (c) 1993 36.\" The Regents of the University of California. All rights reserved. 37.\" 38.\" Redistribution and use in source and binary forms, with or without 39.\" modification, are permitted provided that the following conditions 40.\" are met: 41.\" 1. Redistributions of source code must retain the above copyright 42.\" notice, this list of conditions and the following disclaimer. 43.\" 2. Redistributions in binary form must reproduce the above copyright 44.\" notice, this list of conditions and the following disclaimer in the 45.\" documentation and/or other materials provided with the distribution. 46.\" 3. Neither the name of the University nor the names of its contributors 47.\" may be used to endorse or promote products derived from this software 48.\" without specific prior written permission. 49.\" 50.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 51.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 54.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60.\" SUCH DAMAGE. 61.\" 62.\" @(#)sysctl.8 8.1 (Berkeley) 6/6/93 63.\" 64.Dd January 14, 2006 65.Dt SYSCTL 8 66.Os 67.Sh NAME 68.Nm sysctl 69.Nd get or set kernel state 70.Sh SYNOPSIS 71.Nm sysctl 72.Op Fl AdeMn 73.Oo 74.Fl r | 75.Fl x 76.Oc 77.Op Ar name ... 78.Nm sysctl 79.Op Fl nq 80.Oo 81.Fl r | 82.Fl x 83.Oc 84.Fl w 85.Ar name Ns Li = Ns Ar value ... 86.Nm sysctl 87.Op Fl en 88.Oo 89.Fl r | 90.Fl x 91.Oc 92.Fl a 93.Nm sysctl 94.Op Fl nq 95.Oo 96.Fl r | 97.Fl x 98.Oc 99.Fl f 100.Ar file 101.Sh DESCRIPTION 102The 103.Nm sysctl 104utility retrieves kernel state and allows processes with 105appropriate privilege to set kernel state. 106The state to be retrieved or set is described using a 107``Management Information Base'' (``MIB'') style name, 108described as a dotted set of components. 109The 110.Sq / 111character may also be used as a separator and a leading separator 112character is accepted. 113If 114.Ar name 115specifies a non-leaf node in the MIB, all the nodes underneath 116.Ar name 117will be printed. 118.Pp 119The following options are available: 120.Bl -tag -width indent 121.It Fl A 122List all the known MIB names including tables, unless any MIB 123arguments or 124.Fl f Ar file 125are given. 126Those with string or integer values will be printed as with the 127.Fl a 128flag; for table or structure values that 129.Nm 130is not able to print, 131the name of the utility to retrieve them is given. 132Errors in retrieving or setting values will be directed to stdout 133instead of stderr. 134.It Fl a 135List all the currently available string or integer values. 136The use of a solitary separator character (either 137.Sq \&. 138or 139.Sq / ) 140by 141itself has the same effect. 142Any given 143.Ar name 144arguments are ignored if this option is specified. 145.It Fl d 146Descriptions of each of the nodes selected will be printed instead of 147their values. 148.It Fl e 149Separate the name and the value of the variable(s) with 150.Ql = . 151This is useful for producing output which can be fed back to the 152.Nm 153utility. 154This option is ignored if 155.Fl n 156is specified or a variable is being set. 157.It Fl f 158Specifies the name of a file to read and process. 159Blank lines and comments (beginning with 160.Ql # ) 161are ignored. 162Line continuations with 163.Ql \e 164are permitted. 165Remaining lines are processed similarly to 166command line arguments of the form 167.Ar name 168or 169.Ar name Ns Li = Ns Ar value . 170The 171.Fl w 172flag is implied by 173.Fl f . 174Any 175.Ar name 176arguments are ignored. 177.It Fl M 178Makes 179.Nm 180print the MIB instead of any of the actual values contained in the 181MIB. 182This causes the entire MIB to be printed unless specific MIB arguments 183or 184.Fl f Ar file 185are also given. 186.It Fl n 187Specifies that the printing of the field name should be 188suppressed and that only its value should be output. 189This flag is useful for setting shell variables. 190For example, to save the pagesize in variable psize, use: 191.Bd -literal -offset indent -compact 192set psize=`sysctl -n hw.pagesize` 193.Ed 194.It Fl q 195Used to indicate that nothing should be printed for writes unless an 196error is detected. 197.It Fl r 198Raw output form. 199Values printed are in their raw binary forms as retrieved directly 200from the kernel. 201Some additional nodes that 202.Nm 203cannot print directly can be retrieved with this flag. 204This option conflicts with the 205.Fl x 206option. 207.It Fl w 208Sets the MIB style name given to the value given. 209The MIB style name and value must be separated by 210.Ql = 211with no whitespace. 212Only integral and string values can be set via this method. 213.It Fl x 214Makes 215.Nm 216print the requested value in a hexadecimal representation instead of 217its regular form. 218If specified more than once, the output for each value resembles that of 219.Xr hexdump 1 220when given the 221.Fl C 222flag. 223This option conflicts with the 224.Fl r 225option. 226.Pp 227.El 228The 229.Ql proc 230top-level MIB has a special semantic: it represent per-process values 231and as such may differ from one process to another. 232The second-level name is the pid of the process (in decimal form), 233or the special word 234.Ql curproc . 235For variables below 236.Ql proc. Ns Ao pid Ac Ns .rlimit , 237the integer value may be replaced 238with the string 239.Ql unlimited 240if it matches the magic value used to disable 241a limit. 242.Pp 243The information available from 244.Nm sysctl 245consists of integers, strings, and tables. 246The tabular information can only be retrieved by special 247purpose programs such as 248.Nm ps , 249.Nm systat , 250and 251.Nm netstat . 252The string and integer information is summarized below. 253For a detailed description of these variable see 254.Xr sysctl 3 . 255The changeable column indicates whether a process with appropriate 256privilege can change the value. 257.Bl -column proc.xpidx.rlimit.coredumpsize.hardxxxxxx integerxxx 258.It Sy Name Type Changeable 259.It ddb.commandonenter string yes 260.It ddb.fromconsole integer yes 261.It ddb.lines integer yes 262.It ddb.maxoff integer yes 263.It ddb.maxwidth integer yes 264.It ddb.onpanic integer yes 265.It ddb.radix integer yes 266.It ddb.tabstops integer yes 267.It ddb.tee_msgbuf integer yes 268.It hw.alignbytes integer no 269.It hw.byteorder integer no 270.It hw.cnmagic integer yes 271.It hw.disknames string no 272.It hw.diskstats struct no 273.It hw.machine string no 274.It hw.machine_arch string no 275.It hw.model string no 276.It hw.ncpu integer no 277.It hw.pagesize integer no 278.It hw.physmem integer no 279.It hw.physmem64 quad no 280.It hw.usermem integer no 281.It hw.usermem64 quad no 282.It kern.argmax integer no 283.It kern.autonicetime integer yes 284.It kern.autoniceval integer yes 285.It kern.boottime struct no 286.It kern.bufq.strategies string no 287.It kern.ccpu integer no 288.It kern.clockrate struct no 289.It kern.consdev integer no 290.It kern.cp_id struct no 291.It kern.cp_time struct no 292.It kern.defcorename string yes 293.It kern.domainname string yes 294.It kern.dump_on_panic integer yes 295.It kern.drivers struct no 296.It kern.file struct no 297.It kern.forkfsleep integer yes 298.It kern.fscale integer no 299.It kern.fsync integer no 300.It kern.hardclock_ticks integer no 301.It kern.hostid integer yes 302.It kern.hostname string yes 303.It kern.iov_max integer no 304.It kern.job_control integer no 305.It kern.labeloffset integer no 306.It kern.labelsector integer no 307.It kern.login_name_max integer no 308.It kern.logsigexit integer yes 309.It kern.mapped_files integer no 310.It kern.maxfiles integer yes 311.It kern.maxpartitions integer no 312.It kern.maxphys integer no 313.It kern.maxproc integer yes 314.It kern.maxptys integer yes, special 315.It kern.maxvnodes integer raise only 316.It kern.mbuf.mblowat integer yes 317.It kern.mbuf.mclbytes integer no 318.It kern.mbuf.mcllowat integer yes 319.It kern.mbuf.mclsize integer no 320.It kern.mbuf.msize integer no 321.It kern.mbuf.nmbclusters integer raise only 322.It kern.memlock integer no 323.It kern.memlock_range integer no 324.It kern.memory_protection integer no 325.It kern.monotonic_clock integer no 326.It kern.msgbuf integer no 327.It kern.msgbufsize integer no 328.It kern.ngroups integer no 329.It kern.ntptime struct no 330.It kern.osrelease string no 331.It kern.osrevision integer no 332.It kern.ostype string no 333.It kern.pipe.kvasize integer no 334.It kern.pipe.maxbigpipes integer yes 335.It kern.pipe.maxkvasz integer yes 336.It kern.pipe.maxloankvasz integer yes 337.It kern.pipe.nbigpipes integer no 338.It kern.posix1version integer no 339.It kern.posix_barriers integer no 340.It kern.posix_reader_writer_locks integer no 341.It kern.posix_semaphores integer no 342.It kern.posix_spin_locks integer no 343.It kern.posix_threads integer no 344.It kern.posix_timers integer no 345.It kern.proc struct no 346.It kern.proc2 struct no 347.It kern.proc_args string yes 348.It kern.prof node not applicable 349.It kern.rawpartition integer no 350.It kern.root_device string no 351.It kern.root_partition integer no 352.It kern.rtc_offset integer yes 353.It kern.saved_ids integer no 354.It kern.sbmax integer yes 355.It kern.securelevel integer raise only 356.It kern.somaxkva integer yes 357.It kern.synchronized_io integer no 358.It kern.sysvipc_info struct no 359.It kern.sysvmsg integer no 360.It kern.sysvsem integer no 361.It kern.sysvshm integer no 362.It kern.timex struct no 363.It kern.tkstat.cancc quad no 364.It kern.tkstat.nin quad no 365.It kern.tkstat.nout quad no 366.It kern.tkstat.rawcc quad no 367.It kern.urandom integer no 368.It kern.veriexec.verbose integer yes 369.It kern.veriexec.strict integer raise only 370.It kern.veriexec.algorithms string no 371.It kern.veriexec.count.dev_\*[Lt]id\*[Gt] quad no 372.It kern.version string no 373.It kern.vnode struct no 374.It machdep.console_device dev_t no 375.It net.bpf.maxbufsize integer yes 376.It net.bpf.stats struct no 377.It net.bpf.peers struct no 378.It net.inet.arp.prune integer yes 379.It net.inet.arp.keep integer yes 380.It net.inet.arp.down integer yes 381.It net.inet.arp.refresh integer yes 382.It net.inet.icmp.maskrepl integer yes 383.It net.inet.icmp.errppslimit integer yes 384.It net.inet.icmp.rediraccept integer yes 385.It net.inet.icmp.redirtimeout integer yes 386.It net.inet.icmp.returndatabytes integer yes 387.It net.inet.ip.allowsrcrt integer yes 388.It net.inet.ip.anonportmax integer yes 389.It net.inet.ip.anonportmin integer yes 390.It net.inet.ip.checkinterface integer yes 391.It net.inet.ip.directed-broadcast integer yes 392.It net.inet.ip.do_loopback_cksum integer yes 393.It net.inet.ip.forwarding integer yes 394.It net.inet.ip.forwsrcrt integer yes 395.It net.inet.ip.gifttl integer yes 396.It net.inet.ip.grettl integer yes 397.It net.inet.ip.hostzerobroadcast integer yes 398.It net.inet.ip.maxfragpackets integer yes 399.It net.inet.ip.lowportmax integer yes 400.It net.inet.ip.lowportmin integer yes 401.It net.inet.ip.mtudisc integer yes 402.It net.inet.ip.mtudisctimeout integer yes 403.It net.inet.ip.random_id integer yes 404.It net.inet.ip.redirect integer yes 405.It net.inet.ip.subnetsarelocal integer yes 406.It net.inet.ip.ttl integer yes 407.It net.inet.ip.ifq.drops integer no 408.It net.inet.ip.ifq.len integer no 409.It net.inet.ip.ifq.maxlen integer yes 410.It net.inet.ipsec.ah_cleartos integer yes 411.It net.inet.ipsec.ah_net_deflev integer yes 412.It net.inet.ipsec.ah_offsetmask integer yes 413.It net.inet.ipsec.ah_trans_deflev integer yes 414.It net.inet.ipsec.def_policy integer yes 415.It net.inet.ipsec.dfbit integer yes 416.It net.inet.ipsec.ecn integer yes 417.It net.inet.ipsec.esp_net_deflev integer yes 418.It net.inet.ipsec.esp_trans_deflev integer yes 419.It net.inet.ipsec.inbound_call_ike integer yes 420.It net.inet.tcp.ack_on_push integer yes 421.It net.inet.tcp.compat_42 integer yes 422.It net.inet.tcp.cwm integer yes 423.It net.inet.tcp.cwm_burstsize integer yes 424.It net.inet.tcp.delack_ticks integer yes 425.It net.inet.tcp.do_lookback_cksum integer yes 426.It net.inet.tcp.init_win integer yes 427.It net.inet.tcp.init_win_local integer yes 428.It net.inet.tcp.keepcnt integer yes 429.It net.inet.tcp.keepidle integer yes 430.It net.inet.tcp.keepintvl integer yes 431.It net.inet.tcp.log_refused integer yes 432.It net.inet.tcp.mss_ifmtu integer yes 433.It net.inet.tcp.mssdflt integer yes 434.It net.inet.tcp.newreno integer yes 435.It net.inet.tcp.recvspace integer yes 436.It net.inet.tcp.rfc1323 integer yes 437.It net.inet.tcp.rstppslimit integer yes 438.It net.inet.tcp.sack.enable integer yes 439.It net.inet.tcp.sack.globalholes integer no 440.It net.inet.tcp.sack.globalmaxholes integer yes 441.It net.inet.tcp.sack.maxholes integer yes 442.It net.inet.tcp.sendspace integer yes 443.It net.inet.tcp.slowhz integer no 444.It net.inet.tcp.syn_bucket_limit integer yes 445.It net.inet.tcp.syn_cache_interval integer yes 446.It net.inet.tcp.syn_cache_limit integer yes 447.It net.inet.tcp.timestamps integer yes 448.It net.inet.tcp.win_scale integer yes 449.It net.inet.tcp.ident struct no 450.It net.inet.tcp.debug struct no 451.It net.inet.tcp.debx integer no 452.It net.inet.udp.checksum integer yes 453.It net.inet.udp.do_loopback_cksum integer yes 454.It net.inet.udp.recvspace integer yes 455.It net.inet.udp.sendspace integer yes 456.It net.ns.spp.debug struct yes 457.It net.ns.spp.debx integer yes 458.It net.inet6.icmp6.errppslimit integer yes 459.It net.inet6.icmp6.mtudisc_hiwat integer yes 460.It net.inet6.icmp6.mtudisc_lowat integer yes 461.It net.inet6.icmp6.nd6_debug integer yes 462.It net.inet6.icmp6.nd6_delay integer yes 463.It net.inet6.icmp6.nd6_maxnudhint integer yes 464.It net.inet6.icmp6.nd6_mmaxtries integer yes 465.It net.inet6.icmp6.nd6_prune integer yes 466.It net.inet6.icmp6.nd6_umaxtries integer yes 467.It net.inet6.icmp6.nd6_useloopback integer yes 468.It net.inet6.icmp6.nodeinfo integer yes 469.It net.inet6.icmp6.rediraccept integer yes 470.It net.inet6.icmp6.redirtimeout integer yes 471.It net.inet6.ip6.accept_rtadv integer yes 472.It net.inet6.ip6.anonportmax integer yes 473.It net.inet6.ip6.anonportmin integer yes 474.It net.inet6.ip6.auto_flowlabel integer yes 475.It net.inet6.ip6.dad_count integer yes 476.It net.inet6.ip6.defmcasthlim integer yes 477.It net.inet6.ip6.forwarding integer yes 478.It net.inet6.ip6.gifhlim integer yes 479.It net.inet6.ip6.hdrnestlimit integer yes 480.It net.inet6.ip6.hlim integer yes 481.It net.inet6.ip6.kame_version string no 482.It net.inet6.ip6.keepfaith integer yes 483.It net.inet6.ip6.log_interval integer yes 484.It net.inet6.ip6.lowportmax integer yes 485.It net.inet6.ip6.lowportmin integer yes 486.It net.inet6.ip6.maxfragpackets integer yes 487.It net.inet6.ip6.maxfrags integer yes 488.It net.inet6.ip6.redirect integer yes 489.It net.inet6.ip6.rr_prune integer yes 490.It net.inet6.ip6.use_deprecated integer yes 491.It net.inet6.ip6.v6only integer yes 492.It net.inet6.ip6.ifq.drops integer no 493.It net.inet6.ip6.ifq.len integer no 494.It net.inet6.ip6.ifq.maxlen integer yes 495.It net.inet6.ipsec6.ah_net_deflev integer yes 496.It net.inet6.ipsec6.ah_trans_deflev integer yes 497.It net.inet6.ipsec6.def_policy integer yes 498.It net.inet6.ipsec6.ecn integer yes 499.It net.inet6.ipsec6.esp_net_deflev integer yes 500.It net.inet6.ipsec6.esp_trans_deflev integer yes 501.It net.inet6.ipsec6.inbound_call_ike integer yes 502.It net.inet6.udp6.do_loopback_cksum integer yes 503.It net.inet6.udp6.recvspace integer yes 504.It net.inet6.udp6.sendspace integer yes 505.It net.key.ah_keymin integer yes 506.It net.key.debug integer yes 507.It net.key.esp_auth integer yes 508.It net.key.esp_keymin integer yes 509.It net.key.kill_int integer yes 510.It net.key.spi_max_value integer yes 511.It net.key.spi_min_value integer yes 512.It net.key.spi_try integer yes 513.It proc.\*[Lt]pid\*[Gt].corename string yes 514.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.hard integer yes 515.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.soft integer yes 516.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.hard integer yes 517.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.soft integer yes 518.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.hard integer yes 519.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.soft integer yes 520.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.hard integer yes 521.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.soft integer yes 522.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.hard integer yes 523.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.soft integer yes 524.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.hard integer yes 525.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.soft integer yes 526.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.hard integer yes 527.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.soft integer yes 528.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.hard integer yes 529.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.soft integer yes 530.It proc.\*[Lt]pid\*[Gt].stopexec int yes 531.It proc.\*[Lt]pid\*[Gt].stopfork int yes 532.It security.curtain integer yes 533.It user.bc_base_max integer no 534.It user.bc_dim_max integer no 535.It user.bc_scale_max integer no 536.It user.bc_string_max integer no 537.It user.coll_weights_max integer no 538.It user.cs_path string no 539.It user.expr_nest_max integer no 540.It user.line_max integer no 541.It user.posix2_c_bind integer no 542.It user.posix2_c_dev integer no 543.It user.posix2_char_term integer no 544.It user.posix2_fort_dev integer no 545.It user.posix2_fort_run integer no 546.It user.posix2_localedef integer no 547.It user.posix2_sw_dev integer no 548.It user.posix2_upe integer no 549.It user.posix2_version integer no 550.It user.re_dup_max integer no 551.It vendor.\*[Lt]vendor\*[Gt].* ? vendor specific 552.It vfs.generic.usermount integer yes 553.It vfs.generic.fstypes string yes 554.It vfs.ffs.doasyncfree integer yes 555.It vfs.ffs.log_changeopt integer yes 556.It vfs.nfs.iothreads integer yes 557.It vfs.cd9660.utf8_joliet integer yes 558.It vfs.sync.delay integer yes 559.It vfs.sync.filedelay integer yes 560.It vfs.sync.dirdelay integer yes 561.It vfs.sync.metadelay integer yes 562.It vm.anonmax integer yes 563.It vm.anonmin integer yes 564.It vm.bufcache integer yes 565.It vm.bufmem integer no 566.It vm.bufmem_hiwater integer yes 567.It vm.bufmem_lowater integer yes 568.It vm.execmax integer yes 569.It vm.execmin integer yes 570.It vm.filemax integer yes 571.It vm.filemin integer yes 572.It vm.idlezero integer yes 573.It vm.inactivepct integer yes 574.It vm.loadavg struct no 575.It vm.maxslp integer no 576.It vm.nkmempages integer no 577.It vm.uspace integer no 578.It vm.uvmexp struct no 579.It vm.uvmexp2 struct no 580.It vm.vmmeter struct no 581.El 582.Pp 583Entries found under 584.Dq vendor. Ns Aq vendor 585are left to be specified (and used) by vendors 586using the 587.Nx 588operating system in their products. 589Values and structure are vendor-defined, and no registry 590exists right now. 591.Sh CREATION AND DELETION 592New nodes are allowed to be created by the superuser when the kernel 593is running at security level 0. 594These new nodes may refer to existing kernel data or to new data that 595is only instrumented by 596.Xr sysctl 3 597itself. 598.Pp 599The syntax for creating new nodes is 600.Dq //create=new.node.path 601followed by one or more of the following attributes separated by 602commas. 603The use of a double separator (both 604.Sq / 605and 606.Sq \&. 607can be used as 608separators) as the prefix tells sysctl that the first series of tokens 609is not a MIB name, but a command. 610It is recommended that the double separator preceding the command not 611be the same as the separator used in naming the MIB entry so as to 612avoid possible parse conflicts. 613The 614.Dq value 615assigned, if one is given, must be last. 616.Pp 617.Bl -bullet -compact 618.It 619.Ar type= Ns Aq Ar T 620where 621.Ar T 622must be one of 623.Dq node , 624.Dq int , 625.Dq string , 626.Dq quad , 627or 628.Dq struct . 629If the type is omitted, the 630.Dq node 631type is assumed. 632.It 633.Ar size= Ns Aq Ar S 634here, 635.Ar S 636asserts the size of the new node. 637Nodes of type 638.Dq node 639should not have a size set. 640The size may be omitted for nodes of types 641.Dq int 642or 643.Dq quad . 644If the size is omitted for a node of type 645.Dq string , 646the size will be determined by the length of the given value, or by 647the kernel for kernel strings. 648Nodes of type 649.Dq struct 650must have their size explicitly set. 651.It 652.Ar addr= Ns Aq Ar A 653or 654.Ar symbol= Ns Aq Ar A 655The kernel address of the data being instrumented. 656If 657.Dq symbol 658is used, the symbol must be globally visible to the in-kernel 659.Xr ksyms 4 660driver. 661.It 662.Ar n= Ns Aq Ar N 663The MIB number to be assigned to the new node. 664If no number is specified, the kernel will assign a value. 665.It 666.Ar flags= Ns Aq Ar F 667A concatenated string of single letters that govern the behavior of 668the node. 669Flags currently available are: 670.Bl -tag -width www 671.It a 672Allow anyone to write to the node, if it is writable. 673.It h 674.Dq Hidden . 675.Nm 676must be invoked with 677.Fl A 678or the hidden node must be specifically requested in order to see it 679.It i 680.Dq Immediate . 681Makes the node store data in itself, rather than allocating new space 682for it. 683This is the default for nodes of type 684.Dq int 685and 686.Dq quad . 687This is the opposite of owning data. 688.It o 689.Dq Own . 690When the node is created, separate space will be allocated to store 691the data to be instrumented. 692This is the default for nodes of type 693.Dq string 694and 695.Dq struct 696where it is not possible to guarantee sufficient space to store the 697data in the node itself. 698.It p 699.Dq Private . 700Nodes that are marked private, and children of nodes so marked, are 701only viewable by the superuser. 702Be aware that the immediate data that some nodes may store is not 703necessarily protected by this. 704.It x 705.Dq Hexadecimal . 706Make 707.Nm 708default to hexadecimal display of the retrieved value 709.It r 710.Dq Read-only . 711The data instrumented by the given node is read-only. 712Note that other mechanisms may still exist for changing the data. 713This is the default for nodes that instrument data. 714.It w 715.Dq Writable . 716The data instrumented by the given node is writable at any time. 717This is the default for nodes that can have children. 718.It 1 719.Dq Read-only at securelevel 1 . 720The data instrumented by this node is writable until the securelevel 721reaches or passes securelevel 1. 722Examples of this include some network tunables. 723.It 2 724.Dq Read-only at securelevel 2 . 725The data instrumented by this node is writable until the securelevel 726reaches or passes securelevel 2. 727An example of this is the per-process core filename setting. 728.El 729.Pp 730.It 731.Ar value= Ns Aq Ar V 732An initial starting value for a new node that does not reference 733existing kernel data. 734Initial values can only be assigned for nodes of the 735.Dq int , 736.Dq quad , 737and 738.Dq string 739types. 740.El 741.Pp 742New nodes must fit the following set of criteria: 743.Pp 744.Bl -bullet -compact 745.It 746If the new node is to address an existing kernel object, only one of the 747.Dq symbol 748or 749.Dq addr 750arguments may be given. 751.It 752The size for a 753.Dq struct 754type node must be specified; no initial value is expected or permitted. 755.It 756Either the size or the initial value for a 757.Dq string 758node must be given. 759.It 760The node which will be the parent of the new node must be writable. 761.El 762.Pp 763If any of the given parameters describes an invalid configuration, 764.Nm 765will emit a diagnostic message to the standard error and exit. 766.Pp 767Descriptions can be added by the super-user to any node that does not 768have one, provided that the node is not marked with the 769.Dq PERMANENT 770flag. 771The syntax is similar to the syntax for creating new nodes with the 772exception of the keyword that follows the double separator at the 773start of the command: 774.Dq //describe=new.node.path=new node description . 775Once a description has been added, it cannot be changed or removed. 776.Pp 777When destroying nodes, only the path to the node is necessary, i.e., 778.Dq //destroy=old.node.path . 779No other parameters are expected or permitted. 780Nodes being destroyed must have no children, and their parent must be 781writable. 782Nodes that are marked with the 783.Dq Dv PERMANENT 784flag (as assigned by the kernel) may not be deleted. 785.Pp 786In all cases, the initial 787.Sq = 788that follows the command (eg, 789.Dq create , 790.Dq destroy , 791or 792.Dq describe ) 793may be replaced with another instance of the separator character, 794provided that the same separator character is used for the length of 795the name specification. 796.Sh FILES 797.Bl -tag -width xnetinet6/udp6Xvar.hx -compact 798.It Pa /etc/sysctl.conf 799.Nm 800variables set at boot time 801.It Aq Pa sys/sysctl.h 802definitions for top level identifiers, second level kernel, hardware, 803and security identifiers, and user level identifiers 804.It Aq Pa sys/socket.h 805definitions for second level network identifiers 806.It Aq Pa sys/gmon.h 807definitions for third level profiling identifiers 808.It Aq Pa uvm/uvm_param.h 809definitions for second level virtual memory identifiers 810.It Aq Pa netinet/in.h 811definitions for third level IPv4/v6 identifiers and 812fourth level IPv4/v6 identifiers 813.It Aq Pa netinet/icmp_var.h 814definitions for fourth level ICMP identifiers 815.It Aq Pa netinet/icmp6.h 816definitions for fourth level ICMPv6 identifiers 817.It Aq Pa netinet/tcp_var.h 818definitions for fourth level TCP identifiers 819.It Aq Pa netinet/udp_var.h 820definitions for fourth level UDP identifiers 821.It Aq Pa netinet6/udp6_var.h 822definitions for fourth level IPv6 UDP identifiers 823.It Aq Pa netinet6/ipsec.h 824definitions for fourth level IPsec identifiers 825.It Aq Pa netkey/key_var.h 826definitions for third level PF_KEY identifiers 827.It Aq Pa sys/verified_exec.h 828definitions for third level verified exec identifiers 829.El 830.Sh EXAMPLES 831For example, to retrieve the maximum number of processes allowed 832in the system, one would use the following request: 833.Bd -literal -offset indent -compact 834sysctl kern.maxproc 835.Ed 836.Pp 837To set the maximum number of processes allowed 838in the system to 1000, one would use the following request: 839.Bd -literal -offset indent -compact 840sysctl -w kern.maxproc=1000 841.Ed 842.Pp 843Information about the system clock rate may be obtained with: 844.Bd -literal -offset indent -compact 845sysctl kern.clockrate 846.Ed 847.Pp 848Information about the load average history may be obtained with: 849.Bd -literal -offset indent -compact 850sysctl vm.loadavg 851.Ed 852.Pp 853To view the values of the per-process variables of the current shell, 854the request: 855.Bd -literal -offset indent -compact 856sysctl proc.$$ 857.Ed 858can be used if the shell interpreter replaces $$ with its pid (this is true 859for most shells). 860.Pp 861To redirect core dumps to the 862.Pa /var/tmp/ Ns Aq username 863directory, 864.Bd -literal -offset indent -compact 865sysctl -w proc.$$.corename=/var/tmp/%u/%n.core 866.Ed 867should be used. 868.Bd -literal -offset indent -compact 869sysctl -w proc.curproc.corename=/var/tmp/%u/%n.core 870.Ed 871changes the value for the sysctl process itself, and will not have the desired 872effect. 873.Pp 874To create the root of a new sub-tree called 875.Dq local 876add some children to the new node, and some descriptions: 877.Bd -literal -offset indent -compact 878sysctl -w //create=local 879sysctl -w //describe=local=my local sysctl tree 880sysctl -w //create=local.esm_debug,type=int,symbol=esm_debug,flags=w 881sysctl -w //describe=local.esm_debug=esm driver debug knob 882sysctl -w //create=local.audiodebug,type=int,symbol=audiodebug,flags=w 883sysctl -w //describe=local.audiodebug=generic audio debug knob 884.Ed 885Note that the children are made writable so that the two debug 886settings in question can be tuned arbitrarily. 887.Pp 888To destroy that same subtree: 889.Bd -literal -offset indent -compact 890sysctl -w //destroy=local.esm_debug 891sysctl -w //destroy=local.audiodebug 892sysctl -w //destroy=local 893.Ed 894.Sh SEE ALSO 895.Xr sysctl 3 , 896.Xr ksyms 4 897.Sh HISTORY 898.Nm sysctl 899first appeared in 900.Bx 4.4 . 901