1.\" $NetBSD: sysctl.8,v 1.108 2004/01/22 07:31:53 wiz Exp $ 2.\" 3.\" Copyright (c) 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" @(#)sysctl.8 8.1 (Berkeley) 6/6/93 31.\" 32.Dd January 22, 2004 33.Dt SYSCTL 8 34.Os 35.Sh NAME 36.Nm sysctl 37.Nd get or set kernel state 38.Sh SYNOPSIS 39.Nm sysctl 40.Op Fl AeMn 41.Oo 42.Fl r | 43.Fl x 44.Oc 45.Op Ar name ... 46.Nm sysctl 47.Op Fl nq 48.Oo 49.Fl r | 50.Fl x 51.Oc 52.Fl w 53.Ar name Ns Li = Ns Ar value ... 54.Nm sysctl 55.Op Fl en 56.Oo 57.Fl r | 58.Fl x 59.Oc 60.Fl a 61.Nm sysctl 62.Op Fl nq 63.Oo 64.Fl r | 65.Fl x 66.Oc 67.Fl f 68.Ar file 69.Sh DESCRIPTION 70The 71.Nm sysctl 72utility retrieves kernel state and allows processes with 73appropriate privilege to set kernel state. 74The state to be retrieved or set is described using a 75``Management Information Base'' (``MIB'') style name, 76described as a dotted set of components. 77The 78.Sq / 79character may also be used as a separator and a leading separator 80character is accepted. 81If 82.Ar name 83specifies a non-leaf node in the MIB, all the nodes underneath 84.Ar name 85will be printed. 86.Pp 87The following options are available: 88.Bl -tag -width indent 89.It Fl A 90List all the known MIB names including tables, unless any MIB 91arguments or 92.Fl f Ar file 93are given. 94Those with string or integer values will be printed as with the 95.Fl a 96flag; for table or structure values that 97.Nm 98is not able to print, 99the name of the utility to retrieve them is given. 100Errors in retrieving or setting values will be directed to stdout 101instead of stderr. 102.It Fl a 103List all the currently available string or integer values. 104The use of a solitary separator character (either 105.Sq \&. 106or 107.Sq / ) 108by 109itself has the same effect. 110Any given 111.Ar name 112arguments are ignored if this option is specified. 113.It Fl e 114Separate the name and the value of the variable(s) with 115.Ql = . 116This is useful for producing output which can be fed back to the 117.Nm 118utility. 119This option is ignored if 120.Fl n 121is specified or a variable is being set. 122.It Fl f 123Specifies the name of a file to read and process. 124Blank lines and comments (beginning with 125.Ql # ) 126are ignored. 127Line continuations with 128.Ql \e 129are permitted. 130Remaining lines are processed similarly to 131command line arguments of the form 132.Ar name 133or 134.Ar name Ns Li = Ns Ar value . 135The 136.Fl w 137flag is implied by 138.Fl f . 139Any 140.Ar name 141arguments are ignored. 142.It Fl M 143Makes 144.Nm 145print the MIB instead of any of the actual values contained in the 146MIB. 147This causes the entire MIB to be printed unless specific MIB arguments 148or 149.Fl f Ar file 150are also given. 151.It Fl n 152Specifies that the printing of the field name should be 153suppressed and that only its value should be output. 154This flag is useful for setting shell variables. 155For example, to save the pagesize in variable psize, use: 156.Bd -literal -offset indent -compact 157set psize=`sysctl -n hw.pagesize` 158.Ed 159.It Fl q 160Used to indicate that nothing should be printed for writes unless an 161error is detected. 162.It Fl r 163Raw output form. 164Values printed are in their raw binary forms as retrieved directly 165from the kernel. 166Some additional nodes that 167.Nm 168cannot print directly can be retrieved with this flag. 169This option conflicts with the 170.Fl x 171option. 172.It Fl w 173Sets the MIB style name given to the value given. 174The MIB style name and value must be separated by 175.Ql = 176with no whitespace. 177Only integral and string values can be set via this method. 178.It Fl x 179Makes 180.Nm 181print the requested value in a hexadecimal representation instead of 182its regular form. 183If specified more than once, the output for each value resembles that of 184.Xr hexdump 1 185when given the 186.Fl C 187flag. 188This option conflicts with the 189.Fl r 190option. 191.Pp 192.El 193The 194.Ql proc 195top-level MIB has a special semantic: it represent per-process values 196and as such may differ from one process to another. 197The second-level name is the pid of the process (in decimal form), 198or the special word 199.Ql curproc . 200For variables below 201.Ql proc. Ns Ao pid Ac Ns .rlimit , 202the integer value may be replaced 203with the string 204.Ql unlimited 205if it matches the magic value used to disable 206a limit. 207.Pp 208The information available from 209.Nm sysctl 210consists of integers, strings, and tables. 211The tabular information can only be retrieved by special 212purpose programs such as 213.Nm ps , 214.Nm systat , 215and 216.Nm netstat . 217The string and integer information is summarized below. 218For a detailed description of these variable see 219.Xr sysctl 3 . 220The changeable column indicates whether a process with appropriate 221privilege can change the value. 222.Bl -column proc.xpidx.rlimit.coredumpsize.hardxxxxxx integerxxx 223.It Sy Name Type Changeable 224.It ddb.fromconsole integer yes 225.It ddb.lines integer yes 226.It ddb.maxoff integer yes 227.It ddb.maxwidth integer yes 228.It ddb.onpanic integer yes 229.It ddb.radix integer yes 230.It ddb.tabstops integer yes 231.It hw.alignbytes integer no 232.It hw.byteorder integer no 233.It hw.disknames string no 234.It hw.diskstats struct no 235.It hw.machine string no 236.It hw.machine_arch string no 237.It hw.model string no 238.It hw.ncpu integer no 239.It hw.pagesize integer no 240.It hw.physmem integer no 241.It hw.physmem64 quad no 242.It hw.usermem integer no 243.It hw.usermem64 quad no 244.It hw.cnmagic string yes 245.It kern.argmax integer no 246.It kern.autonicetime integer yes 247.It kern.autoniceval integer yes 248.It kern.boottime struct no 249.It kern.ccpu integer no 250.It kern.chown_restricted integer no 251.It kern.clockrate struct no 252.It kern.consdev integer no 253.It kern.cp_time struct no 254.It kern.defcorename string yes 255.It kern.domainname string yes 256.It kern.drivers struct no 257.It kern.forkfsleep integer yes 258.It kern.fscale integer no 259.It kern.fsync integer no 260.It kern.hostid integer yes 261.It kern.hostname string yes 262.It kern.iov_max integer no 263.It kern.job_control integer no 264.It kern.labeloffset integer no 265.It kern.labelsector integer no 266.It kern.link_max integer no 267.It kern.login_name_max integer no 268.It kern.logsigexit integer yes 269.It kern.max_canon integer no 270.It kern.max_input integer no 271.It kern.maxfiles integer yes 272.It kern.maxpartitions integer no 273.It kern.maxproc integer yes 274.It kern.maxptys integer yes, special 275.It kern.maxvnodes integer raise only 276.It kern.mapped_files integer no 277.It kern.maxphys integer no 278.It kern.memlock integer no 279.It kern.memlock_range integer no 280.It kern.memory_protection integer no 281.It kern.mbuf.mblowat integer yes 282.It kern.mbuf.mcllowat integer yes 283.It kern.mbuf.mclsize integer no 284.It kern.mbuf.msize integer no 285.It kern.mbuf.nmbclusters integer raise only 286.It kern.monotonic_clock integer no 287.It kern.msgbuf struct no 288.It kern.msgbufsize integer no 289.It kern.name_max integer no 290.It kern.ngroups integer no 291.It kern.no_trunc integer no 292.It kern.ntptime struct no 293.It kern.osrelease string no 294.It kern.osrevision integer no 295.It kern.ostype string no 296.It kern.path_max integer no 297.It kern.pipe.maxkvasz integer yes 298.It kern.pipe.maxloankvasz integer yes 299.It kern.pipe.maxbigpipes integer yes 300.It kern.pipe.nbigpipes integer no 301.It kern.pipe.kvasize integer no 302.It kern.posix1version integer no 303.It kern.posix_barriers integer no 304.It kern.posix_reader_writer_locks integer no 305.It kern.posix_semaphores integer no 306.It kern.posix_spin_locks integer no 307.It kern.posix_timers integer no 308.It kern.posix_threads integer no 309.It kern.proc2 struct no 310.It kern.proc_args string yes 311.It kern.rawpartition integer no 312.It kern.root_device string no 313.It kern.root_partition integer no 314.It kern.rtc_offset integer no 315.It kern.saved_ids integer no 316.It kern.sbmax integer yes 317.It kern.securelevel integer raise only 318.It kern.somaxkva integer yes 319.It kern.synchronized_io integer no 320.It kern.sysvipc_info struct no 321.It kern.sysvmsg integer no 322.It kern.sysvsem integer no 323.It kern.sysvshm integer no 324.It kern.timex struct no 325.It kern.tkstat.nin quad no 326.It kern.tkstat.nout quad no 327.It kern.tkstat.cancc quad no 328.It kern.tkstat.rawcc quad no 329.It kern.urnd integer no 330.It kern.vdisable integer no 331.It kern.version string no 332.It machdep.console_device dev_t no 333.It net.bpf.maxbufsize integer yes 334.It net.inet.icmp.maskrepl integer yes 335.It net.inet.icmp.errppslimit integer yes 336.It net.inet.icmp.rediraccept integer yes 337.It net.inet.icmp.redirtimeout integer yes 338.It net.inet.ip.allowsrcrt integer yes 339.It net.inet.ip.anonportmax integer yes 340.It net.inet.ip.anonportmin integer yes 341.It net.inet.ip.checkinterface integer yes 342.It net.inet.ip.directed-broadcast integer yes 343.It net.inet.ip.forwarding integer yes 344.It net.inet.ip.forwsrcrt integer yes 345.It net.inet.ip.maxfragpacket integer yes 346.It net.inet.ip.lowportmax integer yes 347.It net.inet.ip.lowportmin integer yes 348.It net.inet.ip.mtudisc integer yes 349.It net.inet.ip.mtudisctimeout integer yes 350.It net.inet.ip.redirect integer yes 351.It net.inet.ip.subnetsarelocal integer yes 352.It net.inet.ip.ttl integer yes 353.It net.inet.ipsec.ah_cleartos integer yes 354.It net.inet.ipsec.ah_net_deflev integer yes 355.It net.inet.ipsec.ah_offsetmask integer yes 356.It net.inet.ipsec.ah_trans_deflev integer yes 357.It net.inet.ipsec.def_policy integer yes 358.It net.inet.ipsec.dfbit integer yes 359.It net.inet.ipsec.ecn integer yes 360.It net.inet.ipsec.esp_net_deflev integer yes 361.It net.inet.ipsec.esp_trans_deflev integer yes 362.It net.inet.ipsec.inbound_call_ike integer yes 363.It net.inet.tcp.ack_on_push integer yes 364.It net.inet.tcp.compat_42 integer yes 365.It net.inet.tcp.cwm integer yes 366.It net.inet.tcp.cwm_burstsize integer yes 367.It net.inet.tcp.init_win integer yes 368.It net.inet.tcp.init_win_local integer yes 369.It net.inet.tcp.keepcnt integer yes 370.It net.inet.tcp.keepidle integer yes 371.It net.inet.tcp.keepintvl integer yes 372.It net.inet.tcp.log_refused integer yes 373.It net.inet.tcp.mss_ifmtu integer yes 374.It net.inet.tcp.mssdflt integer yes 375.It net.inet.tcp.recvspace integer yes 376.It net.inet.tcp.rfc1323 integer yes 377.It net.inet.tcp.rstppslimit integer yes 378.It net.inet.tcp.sack integer yes 379.It net.inet.tcp.sendspace integer yes 380.It net.inet.tcp.slowhz integer no 381.It net.inet.tcp.syn_bucket_limit integer yes 382.It net.inet.tcp.syn_cache_interval integer yes 383.It net.inet.tcp.syn_cache_limit integer yes 384.It net.inet.tcp.timestamps integer yes 385.It net.inet.tcp.win_scale integer yes 386.It net.inet.tcp.ident struct no 387.It net.inet.udp.checksum integer yes 388.It net.inet.udp.recvspace integer yes 389.It net.inet.udp.sendspace integer yes 390.It net.inet6.icmp6.errppslimit integer yes 391.It net.inet6.icmp6.mtudisc_hiwat integer yes 392.It net.inet6.icmp6.mtudisc_lowat integer yes 393.It net.inet6.icmp6.nd6_debug integer yes 394.It net.inet6.icmp6.nd6_delay integer yes 395.It net.inet6.icmp6.nd6_maxnudhint integer yes 396.It net.inet6.icmp6.nd6_mmaxtries integer yes 397.It net.inet6.icmp6.nd6_prune integer yes 398.It net.inet6.icmp6.nd6_umaxtries integer yes 399.It net.inet6.icmp6.nd6_useloopback integer yes 400.It net.inet6.icmp6.nodeinfo integer yes 401.It net.inet6.icmp6.rediraccept integer yes 402.It net.inet6.icmp6.redirtimeout integer yes 403.It net.inet6.ip6.accept_rtadv integer yes 404.It net.inet6.ip6.anonportmax integer yes 405.It net.inet6.ip6.anonportmin integer yes 406.It net.inet6.ip6.auto_flowlabel integer yes 407.It net.inet6.ip6.v6only integer yes 408.It net.inet6.ip6.dad_count integer yes 409.It net.inet6.ip6.defmcasthlim integer yes 410.It net.inet6.ip6.forwarding integer yes 411.It net.inet6.ip6.gif_hlim integer yes 412.It net.inet6.ip6.hdrnestlimit integer yes 413.It net.inet6.ip6.hlim integer yes 414.It net.inet6.ip6.kame_version string no 415.It net.inet6.ip6.keepfaith integer yes 416.It net.inet6.ip6.log_interval integer yes 417.It net.inet6.ip6.lowportmax integer yes 418.It net.inet6.ip6.lowportmin integer yes 419.It net.inet6.ip6.maxfragpackets integer yes 420.It net.inet6.ip6.maxfrags integer yes 421.It net.inet6.ip6.redirect integer yes 422.It net.inet6.ip6.rr_prune integer yes 423.It net.inet6.ip6.use_deprecated integer yes 424.It net.inet6.ipsec6.ah_net_deflev integer yes 425.It net.inet6.ipsec6.ah_trans_deflev integer yes 426.It net.inet6.ipsec6.def_policy integer yes 427.It net.inet6.ipsec6.ecn integer yes 428.It net.inet6.ipsec6.esp_net_deflev integer yes 429.It net.inet6.ipsec6.esp_trans_deflev integer yes 430.It net.inet6.ipsec6.inbound_call_ike integer yes 431.It net.inet6.udp6.recvspace integer yes 432.It net.inet6.udp6.sendspace integer yes 433.It net.key.acq_exp_int integer yes 434.It net.key.acq_maxtime integer yes 435.It net.key.ah_keymin integer yes 436.It net.key.debug integer yes 437.It net.key.esp_auth integer yes 438.It net.key.esp_keymin integer yes 439.It net.key.kill_int integer yes 440.It net.key.random_int integer yes 441.It net.key.spi_max_value integer yes 442.It net.key.spi_min_value integer yes 443.It net.key.spi_try integer yes 444.It proc.\*[Lt]pid\*[Gt].corename string yes 445.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.hard integer yes 446.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.soft integer yes 447.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.hard integer yes 448.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.soft integer yes 449.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.hard integer yes 450.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.soft integer yes 451.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.hard integer yes 452.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.soft integer yes 453.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.hard integer yes 454.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.soft integer yes 455.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.hard integer yes 456.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.soft integer yes 457.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.hard integer yes 458.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.soft integer yes 459.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.hard integer yes 460.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.soft integer yes 461.It proc.\*[Lt]pid\*[Gt].stopexec int yes 462.It proc.\*[Lt]pid\*[Gt].stopfork int yes 463.It user.bc_base_max integer no 464.It user.bc_dim_max integer no 465.It user.bc_scale_max integer no 466.It user.bc_string_max integer no 467.It user.coll_weights_max integer no 468.It user.cs_path string no 469.It user.expr_nest_max integer no 470.It user.line_max integer no 471.It user.posix2_c_bind integer no 472.It user.posix2_c_dev integer no 473.It user.posix2_char_term integer no 474.It user.posix2_fort_dev integer no 475.It user.posix2_fort_run integer no 476.It user.posix2_localedef integer no 477.It user.posix2_sw_dev integer no 478.It user.posix2_upe integer no 479.It user.posix2_version integer no 480.It user.re_dup_max integer no 481.It vendor.\*[Lt]vendor\*[Gt].* ? vendor specific 482.It vfs.generic.usermount integer yes 483.It vfs.nfs.iothreads integer yes 484.It vm.anonmax integer yes 485.It vm.anonmin integer yes 486.It vm.execmax integer yes 487.It vm.execmin integer yes 488.It vm.filemax integer yes 489.It vm.filemin integer yes 490.It vm.loadavg struct no 491.It vm.nkmempages integer no 492.It vm.uvmexp struct no 493.It vm.uvmexp2 struct no 494.It vm.vmmeter struct no 495.El 496.Pp 497Entries found under 498.Dq vendor. Ns Aq vendor 499are left to be specified (and used) by vendors 500using the 501.Nx 502operating system in their products. 503Values and structure are vendor-defined, and no registry 504exists right now. 505.Sh CREATION AND DELETION 506New nodes are allowed to be created by the superuser when the kernel 507is running at security level 0. 508These new nodes may refer to existing kernel data or to new data that 509is only instrumented by 510.Xr sysctl 3 511itself. 512.Pp 513The syntax for creating new nodes is 514.Dq //create=new.node.path 515followed by one or more of the following attributes separated by 516commas. 517The use of a double separator (both 518.Sq / 519and 520.Sq \&. 521can be used as 522separators) as the prefix tells sysctl that the first series of tokens 523is not a MIB name, but a command. 524It is recommended that the double separator preceding the command not 525be the same as the separator used in naming the MIB entry so as to 526avoid possible parse conflicts. 527The 528.Dq value 529assigned, if one is given, must be last. 530.Pp 531.Bl -bullet -compact 532.It 533.Ar type= Ns Aq Ar T 534where 535.Ar T 536must be one of 537.Dq node , 538.Dq int , 539.Dq string , 540.Dq quad , 541or 542.Dq struct . 543If the type is omitted, the 544.Dq node 545type is assumed. 546.It 547.Ar size= Ns Aq Ar S 548here, 549.Ar S 550asserts the size of the new node. 551Nodes of type 552.Dq node 553should not have a size set. 554The size may be omitted for nodes of types 555.Dq int 556or 557.Dq quad . 558If the size is omitted for a node of type 559.Dq string , 560the size will be determined by the length of the given value, or by 561the kernel for kernel strings. 562Nodes of type 563.Dq struct 564must have their size explicitly set. 565.It 566.Ar addr= Ns Aq Ar A 567or 568.Ar symbol= Ns Aq Ar A 569The kernel address of the data being instrumented. 570If 571.Dq symbol 572is used, the symbol must be globally visible to the in-kernel 573.Xr ksyms 4 574driver. 575.It 576.Ar n= Ns Aq Ar N 577The MIB number to be assigned to the new node. 578If no number is specified, the kernel will assign a value. 579.It 580.Ar flags= Ns Aq Ar F 581A concatenated string of single letters that govern the behavior of 582the node. 583Flags currently available are: 584.Bl -tag -width www 585.It a 586Allow anyone to write to the node, if it is writable. 587.It h 588.Dq Hidden . 589.Nm 590must be invoked with 591.Fl A 592or the hidden node must be specifically requested in order to see it 593.It i 594.Dq Immediate . 595Makes the node store data in itself, rather than allocating new space 596for it. 597This is the default for nodes of type 598.Dq int 599and 600.Dq quad . 601This is the opposite of owning data. 602.It o 603.Dq Own . 604When the node is created, separate space will be allocated to store 605the data to be instrumented. 606This is the default for nodes of type 607.Dq string 608and 609.Dq struct 610where it is not possible to guarantee sufficient space to store the 611data in the node itself. 612.It p 613.Dq Private . 614Nodes that are marked private, and children of nodes so marked, are 615only viewable by the superuser. 616Be aware that the immediate data that some nodes may store is not 617necessarily protected by this. 618.It x 619.Dq Hexadecimal . 620Make 621.Nm 622default to hexadecimal display of the retrieved value 623.It r 624.Dq Read-only . 625The data instrumented by the given node is read-only. 626Note that other mechanisms may still exist for changing the data. 627This is the default for nodes that instrument data. 628.It w 629.Dq Writable . 630The data instrumented by the given node is writable at any time. 631This is the default for nodes that can have children. 632.It 1 633.Dq Read-only at securelevel 1 . 634The data instrumented by this node is writable until the securelevel 635reaches or passes securelevel 1. 636Examples of this include some network tunables. 637.It 2 638.Dq Read-only at securelevel 2 . 639The data instrumented by this node is writable until the securelevel 640reaches or passes securelevel 2. 641An example of this is the per-process core filename setting. 642.El 643.Pp 644.It 645.Ar value= Ns Aq Ar V 646An initial starting value for a new node that does not reference 647existing kernel data. 648Initial values can only be assigned for nodes of the 649.Dq int , 650.Dq quad , 651and 652.Dq string 653types. 654.El 655.Pp 656New nodes must fit the following set of criteria: 657.Pp 658.Bl -bullet -compact 659.It 660If the new node is to address an existing kernel object, only one of the 661.Dq symbol 662or 663.Dq addr 664arguments may be given. 665.It 666The size for a 667.Dq struct 668type node must be specified; no initial value is expected or permitted. 669.It 670Either the size or the initial value for a 671.Dq string 672node must be given. 673.It 674The node which will be the parent of the new node must be writable. 675.El 676.Pp 677If any of the given parameters describes an invalid configuration, 678.Nm 679will emit a diagnostic message to the standard error and exit. 680.Pp 681When destroying nodes, only the path to the node is necessary, i.e., 682.Dq //destroy=old.node.path . 683No other parameters are expected or permitted. 684Nodes being destroyed must have no children, and their parent must be 685writable. 686Nodes that are marked with the 687.Dq Dv PERMANENT 688flag (as assigned by the kernel) may not be deleted. 689.Sh FILES 690.Bl -tag -width xnetinet6/udp6Xvar.hx -compact 691.It Pa /etc/sysctl.conf 692.Nm 693variables set at boot time 694.It Aq Pa sys/sysctl.h 695definitions for top level identifiers, second level kernel and hardware 696identifiers, and user level identifiers 697.It Aq Pa sys/socket.h 698definitions for second level network identifiers 699.It Aq Pa sys/gmon.h 700definitions for third level profiling identifiers 701.It Aq Pa uvm/uvm_param.h 702definitions for second level virtual memory identifiers 703.It Aq Pa netinet/in.h 704definitions for third level IPv4/v6 identifiers and 705fourth level IPv4/v6 identifiers 706.It Aq Pa netinet/icmp_var.h 707definitions for fourth level ICMP identifiers 708.It Aq Pa netinet/icmp6.h 709definitions for fourth level ICMPv6 identifiers 710.It Aq Pa netinet/tcp_var.h 711definitions for fourth level TCP identifiers 712.It Aq Pa netinet/udp_var.h 713definitions for fourth level UDP identifiers 714.It Aq Pa netinet6/udp6_var.h 715definitions for fourth level IPv6 UDP identifiers 716.It Aq Pa netinet6/ipsec.h 717definitions for fourth level IPsec identifiers 718.It Aq Pa netkey/key_var.h 719definitions for third level PF_KEY identifiers 720.El 721.Sh EXAMPLES 722For example, to retrieve the maximum number of processes allowed 723in the system, one would use the following request: 724.Bd -literal -offset indent -compact 725sysctl kern.maxproc 726.Ed 727.Pp 728To set the maximum number of processes allowed 729in the system to 1000, one would use the following request: 730.Bd -literal -offset indent -compact 731sysctl -w kern.maxproc=1000 732.Ed 733.Pp 734Information about the system clock rate may be obtained with: 735.Bd -literal -offset indent -compact 736sysctl kern.clockrate 737.Ed 738.Pp 739Information about the load average history may be obtained with: 740.Bd -literal -offset indent -compact 741sysctl vm.loadavg 742.Ed 743.Pp 744To view the values of the per-process variables of the current shell, 745the request: 746.Bd -literal -offset indent -compact 747sysctl proc.$$ 748.Ed 749can be used if the shell interpreter replaces $$ with its pid (this is true 750for most shells). 751.Pp 752To redirect core dumps to the 753.Pa /var/tmp/ Ns Aq username 754directory, 755.Bd -literal -offset indent -compact 756sysctl -w proc.$$.corename=/var/tmp/%u/%n.core 757.Ed 758should be used. 759.Bd -literal -offset indent -compact 760sysctl -w proc.curproc.corename=/var/tmp/%u/%n.core 761.Ed 762changes the value for the sysctl process itself, and will not have the desired 763effect. 764.Pp 765To create the root of a new sub-tree called 766.Dq local 767and then some children of that new node: 768.Bd -literal -offset indent -compact 769sysctl -w //create=local 770sysctl -w //create=local.esm_debug,type=int,symbol=esm_debug,flags=w 771sysctl -w //create=local.audiodebug,type=int,symbol=audiodebug,flags=w 772.Ed 773Note that the children are made writable so that the two debug 774settings in question can be tuned arbitrarily. 775.Pp 776To destroy that same subtree: 777.Bd -literal -offset indent -compact 778sysctl -w //destroy=local.esm_debug 779sysctl -w //destroy=local.audiodebug 780sysctl -w //destroy=local 781.Ed 782.Sh SEE ALSO 783.Xr sysctl 3 , 784.Xr ksyms 4 785.Sh HISTORY 786.Nm sysctl 787first appeared in 788.Bx 4.4 . 789