1.\" $NetBSD: rc.conf.5,v 1.131 2009/07/25 21:21:20 wiz Exp $ 2.\" 3.\" Copyright (c) 1996 Matthew R. Green 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 20.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 22.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 23.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" Copyright (c) 1997 Curt J. Sampson 28.\" Copyright (c) 1997 Michael W. Long 29.\" Copyright (c) 1998-2009 The NetBSD Foundation, Inc. 30.\" All rights reserved. 31.\" 32.\" This document is derived from works contributed to The NetBSD Foundation 33.\" by Luke Mewburn. 34.\" 35.\" Redistribution and use in source and binary forms, with or without 36.\" modification, are permitted provided that the following conditions 37.\" are met: 38.\" 1. Redistributions of source code must retain the above copyright 39.\" notice, this list of conditions and the following disclaimer. 40.\" 2. Redistributions in binary form must reproduce the above copyright 41.\" notice, this list of conditions and the following disclaimer in the 42.\" documentation and/or other materials provided with the distribution. 43.\" 3. The name of the author may not be used to endorse or promote products 44.\" derived from this software without specific prior written permission. 45.\" 46.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 47.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 48.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 49.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 50.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 51.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 52.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 53.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 54.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 55.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 56.\" SUCH DAMAGE. 57.\" 58.Dd July 25, 2009 59.Dt RC.CONF 5 60.Os 61.Sh NAME 62.Nm rc.conf 63.Nd system startup configuration file 64.Sh DESCRIPTION 65The 66.Nm 67file specifies which services are enabled during system startup by 68the startup scripts invoked by 69.Pa /etc/rc 70(see 71.Xr rc 8 ) , 72and the shutdown scripts invoked by 73.Pa /etc/rc.shutdown . 74The 75.Nm 76file is a shell script that is sourced by 77.Xr rc 8 , 78meaning that 79.Nm 80must contain valid shell commands. 81.Pp 82Listed below are the standard 83.Nm 84variables that may be set, the values to which each may be set, 85a brief description of what each variable does, and a reference to 86relevant manual pages. 87Third party packages may test for additional variables. 88.Pp 89Most variables are one of two types: enabling variables or flags 90variables. 91Enabling variables, such as 92.Sy inetd , 93are generally named after the program or the system they enable, 94and are set to 95.Sq YES 96or 97.Sq NO . 98Flags variables, such as 99.Sy inetd_flags 100have the same name with "_flags" appended, and determine what 101arguments are passed to the program if it is enabled. 102.Pp 103If a variable that 104.Xr rc 8 105expects to be set is not set, or the value is not one of the allowed 106values, a warning will be printed. 107.Pp 108By default, 109.Nm 110reads 111.Pa /etc/defaults/rc.conf 112(if it is readable) 113to obtain default values for various variables, and the end-user 114may override these by appending appropriate entries to the end of 115.Nm . 116.Pp 117.Xr rc.d 8 118scripts that use 119.Ic load_rc_config 120from 121.Xr rc.subr 8 122also support sourcing an optional end-user provided per-script override 123file 124.Pa /etc/rc.conf.d/ Ns Ar service , 125(where 126.Ar service 127is the contents of the 128.Sy name 129variable in the 130.Xr rc.d 8 131script). 132This may contain variable overrides, including allowing the end-user 133to override various 134.Ic run_rc_command 135.Xr rc.d 8 136control variables, and thus changing the operation of the script 137without requiring editing of the script. 138.Ss Overall control 139.Bl -tag -width net_interfaces 140.It Sy do_rcshutdown 141.Sq YES 142or 143.Sq NO . 144If set to 145.Sq NO , 146.Xr shutdown 8 147will not run 148.Pa /etc/rc.shutdown . 149.It Sy rcshutdown_rcorder_flags 150A string. 151Extra arguments to the 152.Xr rcorder 8 153run by 154.Pa /etc/rc.shutdown . 155.It Sy rcshutdown_timeout 156A number. 157If non-blank, use this as the number of seconds to run a watchdog timer for 158which will terminate 159.Pa /etc/rc.shutdown 160if the timer expires before the shutdown script completes. 161.It Sy rc_configured 162.Sq YES 163or 164.Sq NO . 165If not set to 166.Sq YES 167then the system will drop into single-user mode during boot. 168.It Sy rc_fast_and_loose 169If set to a non-empty string, 170each script in 171.Pa /etc/rc.d 172will be executed in the current shell rather than a sub shell. 173This may be faster on slow machines that have an expensive 174.Xr fork 2 175operation. 176.Bl -hang 177.It Em Note : 178Use this at your own risk! 179A rogue command or script may inadvertently prevent boot to multiuser. 180.El 181.It Sy rc_rcorder_flags 182A string. 183Extra arguments to the 184.Xr rcorder 8 185run by 186.Pa /etc/rc . 187.It Sy rc_directories 188A string. 189Space separated list of directories searched for rc scripts. 190The default is 191.Pa /etc/rc.d . 192All directories in 193.Ev rc_directories 194must be located in the root filesystem, otherwise they will be silently 195skipped. 196.El 197.Ss Basic network configuration 198.Bl -tag -width net_interfaces 199.It Sy defaultroute 200A string. 201Default IPv4 network route. 202If empty or not set, then the contents of 203.Pa /etc/mygate 204(if it exists) are used. 205.It Sy defaultroute6 206A string. 207Default IPv6 network route. 208If empty or not set, then the contents of 209.Pa /etc/mygate6 210(if it exists) are used. 211.It Sy domainname 212A string. 213.Tn NIS 214(YP) domain of host. 215If empty or not set, then the contents of 216.Pa /etc/defaultdomain 217(if it exists) are used. 218.It Sy force_down_interfaces 219A space separated list of interface names. 220These interfaces will be configured down when going from multiuser to singleuser 221mode or on system shutdown. 222.Pp 223This is important for some stateful interfaces, for example PPP over ISDN 224connections that cost money by connection time or PPPoE interfaces which 225have no direct means of noticing 226.Dq disconnect 227events. 228.Pp 229All active 230.Xr pppoe 4 231and 232.Xr ippp 4 233interfaces will be automatically added to this list. 234.It Sy hostname 235A string. 236Name of host. 237If empty or not set, then the contents of 238.Pa /etc/myname 239(if it exists) are used. 240.El 241.Ss Boottime file-system and swap configuration 242.Bl -tag -width net_interfaces 243.It Sy critical_filesystems_local 244A string. 245File systems mounted very early in the system boot before networking 246services are available. 247Usually 248.Pa /var 249is part of this, because it is needed by services such as 250.Xr dhclient 8 251which may be required to get the network operational. 252.It Sy critical_filesystems_remote 253A string. 254File systems such as 255.Pa /usr 256that may require network services to be available to mount, 257that must be available early in the system boot for general services to use. 258.It Sy fsck_flags 259A string. 260A file system is checked with 261.Xr fsck 8 262during boot before mounting it. 263This option may be used to override the default command-line options 264passed to the 265.Xr fsck 8 266program. 267.Pp 268When set to 269.Fl y , 270.Xr fsck 8 271assumes yes as the answer to all operator questions during file system checks. 272This might be important with hosts where the administrator does not have 273access to the console and an unsuccessful shutdown must not make the host 274unbootable even if the file system checks would fail in preen mode. 275.It Sy no_swap 276.Sq YES 277or 278.Sq NO . 279Set the 280.Sy no_swap 281variable to 282.Sq YES 283if you have configured your system with no swap on purpose. 284If not set to 285.Sq YES , 286and no swap devices 287are configured, the system will warn you. 288.It Sy swapoff 289.Sq YES 290or 291.Sq NO . 292Remove block-type swap devices at shutdown time. 293Useful if swapping onto RAIDframe devices. 294.El 295.Ss One-time actions to perform or programs to run on boot-up 296.Bl -tag -width net_interfaces 297.It Sy accounting 298.Sq YES 299or 300.Sq NO . 301Enables process accounting with 302.Xr accton 8 . 303Requires 304.Pa /var/account/acct 305to exist. 306.It Sy clear_tmp 307.Sq YES 308or 309.Sq NO . 310Clear /tmp after reboot. 311.It Sy dmesg 312.Sq YES 313or 314.Sq NO . 315Create 316.Pa /var/run/dmesg.boot 317from the output of 318.Xr dmesg 8 . 319Passes 320.Sy dmesg_flags . 321.It Sy gpio 322.Sq YES 323or 324.Sq NO . 325Configure 326.Xr gpio 4 327devices . 328See 329.Xr gpio.conf 5 . 330.It Sy mixerctl 331.Sq YES 332or 333.Sq NO . 334Read 335.Xr mixerctl.conf 5 336for how to set mixer values. 337List in 338.Sy mixerctl_mixers 339the devices whose settings are to be saved at shutdown and 340restored at start-up. 341.It Sy newsyslog 342.Sq YES 343or 344.Sq NO . 345Run 346.Nm newsyslog 347to trim logfiles before syslogd starts. 348Intended for laptop users. 349Passes 350.Sy newsyslog_flags . 351.It Sy per_user_tmp 352.Sq YES 353or 354.Sq NO . 355Enables a per-user 356.Pa /tmp 357directory. 358.Sy per_user_tmp_dir 359can be used to override the default location of the 360.Dq real 361temporary directories, 362.Dq Pa /private/tmp . 363.It Sy rndctl 364.Sq YES 365or 366.Sq NO . 367Runs the 368.Xr rndctl 8 369utility one or more times according to the specification in 370.Sy rndctl_flags . 371.Pp 372If 373.Sy rndctl_flags 374does not contain a semicolon 375.Pq Ql \&; 376then it is expected to contain zero or more flags, 377followed by one or more device or type names. 378The 379.Xr rndctl 8 380command will be executed once for each device or type name. 381If the specified flags do not include any of 382.Fl c , C , e , 383or 384.Fl E , 385then the flags 386.Fl c 387and 388.Fl e 389are added, to specify that entropy from the relevant device or type 390should be both collected and estimated. 391If the specified flags do not include either of 392.Fl d 393or 394.Fl t , 395then the flag 396.Fl d 397is added, to specify that the non-flag arguments are device names, 398not type names. 399.Pp 400.Sy rndctl_flags 401may contain multiple semicolon-separated segments, in which each 402segment contains flags and device or type names as described above. 403This allows different flags to be associated with different 404device or type names. 405For example, given 406.Li rndctl_flags="wd0 wd1; -t tty; -c -t net" , 407the following commands will be executed: 408.Li "rndctl -c -e -d wd0" ; 409.Li "rndctl -c -e -d wd1" ; 410.Li "rndctl -c -e -t tty" ; 411.Li "rndctl -c -t net" . 412.It Sy savecore 413.Sq YES 414or 415.Sq NO . 416Runs the 417.Xr savecore 8 418utility. 419Passes 420.Sy savecore_flags . 421The directory where crash dumps are stored is specified by 422.Sy savecore_dir . 423The default setting is 424.Dq Pa /var/crash . 425.It Sy tpctl 426.Sq YES 427or 428.Sq NO . 429Run 430.Xr tpctl 8 431to calibrate touch panel device. 432Passes 433.Sy tpctl_flags . 434.It Sy update_motd 435.Sq YES 436or 437.Sq NO . 438Updates the 439.Nx 440version string in the 441.Pa /etc/motd 442file to reflect the version of the running kernel. 443See 444.Xr motd 5 . 445.It Sy veriexec 446.Sq YES 447or 448.Sq NO . 449Load Veriexec fingerprints during startup. 450Read 451.Xr veriexecctl 8 452for more information. 453.It Sy virecover 454.Sq YES 455or 456.Sq NO . 457Send notification mail to users if any recoverable files exist in 458.Pa /var/tmp/vi.recover . 459Read 460.Xr virecover 8 461for more information. 462.El 463.Ss System security setting 464.Bl -tag -width net_interfaces 465.It Sy securelevel 466A number. 467The system securelevel is set to the specified value early 468in the boot process, before any external logins, or other programs 469that run users job, are started. 470If set to nothing, the default action is taken, as described in 471.Xr init 8 472and 473.Xr secmodel_securelevel 9 , 474which contains definitive information about the system securelevel. 475Note that setting 476.Sy securelevel 477to 0 in 478.Nm 479will actually result in the system booting with securelevel set to 1, as 480.Xr init 8 481will raise the level when 482.Xr rc 8 483completes. 484.It Sy permit_nonalpha 485Allow passwords to include non-alpha characters, usually to allow 486NIS/YP netgroups. 487.It Sy veriexec_strict 488A number. 489Controls the strict level of Veriexec. 490Level 0 is learning mode, used when building the signatures file. 491It will only output messages but will not enforce anything. 492Level 1 will only prevent access to files with a fingerprint 493mismatch. 494Level 2 will also deny writing to and removing of 495monitored files, as well as enforce access type (as specified in 496the signatures file). 497Level 3 will take a step further and prevent 498access to files that are not monitored. 499.It Sy veriexec_verbose 500A number. 501Controls the verbosity of Veriexec. 502Recommended operation is at level 0, verbose output (mostly used when 503building the signatures file) is at level 1. 504Level 2 is for debugging only and should not be used. 505.It Sy veriexec_flags 506A string. 507Flags to pass to the 508.Nm veriexecctl 509command. 510.El 511.Ss Networking startup 512.Bl -tag -width net_interfaces 513.It Sy altqd 514.Sq YES 515or 516.Sq NO . 517ALTQ configuration/monitoring daemon. 518Passes 519.Sy altqd_flags . 520.It Sy auto_ifconfig 521.Sq YES 522or 523.Sq NO . 524Sets the 525.Sy net_interfaces 526variable (see below) to the output of 527.Xr ifconfig 8 528with the 529.Dq Li -l 530flag and suppresses warnings about interfaces in this list that 531do not have an ifconfig file or variable. 532.It Sy dhclient 533.Sq YES 534or 535.Sq NO . 536Set to 537.Sq YES 538to configure some or all network interfaces using 539the ISC DHCP client. 540If you set 541.Sy dhclient 542to 543.Sq YES , 544you must either have 545.Pa /var 546in 547.Sy critical_filesystems_local , 548as part of 549.Pa / , 550or direct the DHCP client to store the leases file on the root 551file system by modifying the 552.Sy dhclient_flags 553variable. 554You must not provide ifconfig information or ifaliases 555information for any interface that is to be configured using the DHCP client. 556Interface aliases can be set up in the DHCP client configuration 557file if needed - see 558.Xr dhclient.conf 5 559for details. 560.Pp 561Passes 562.Sy dhclient_flags 563to the DHCP client. 564See 565.Xr dhclient 8 566for complete documentation. 567If you wish to configure all broadcast 568network interfaces using the DHCP client, you can leave this blank. 569To configure only specific interfaces, name the interfaces to be configured 570on the command line. 571.Pp 572If you must run the DHCP client before mounting critical file systems, 573then you should specify an alternate location for the DHCP client's lease 574file in the 575.Sy dhclient_flags 576variable - for example, "-lf /tmp/dhclient.leases". 577.It Sy dhcpcd_flags 578Additional arguments to pass to 579.Xr dhcpcd 8 580when requesting configuration via 581.Sy ifconfig_xxN 582or 583.Pa /etc/ifconfig.xxN . 584.It Sy flushroutes 585.Sq YES 586or 587.Sq NO . 588Flushes the route table on networking startup. 589Useful when coming up to multiuser mode after going down to 590single-user mode. 591.It Sy hostapd 592.Sq YES 593or 594.Sq NO . 595Runs 596.Xr hostapd 8 , 597the authenticator for IEEE 802.11 networks. 598.It Sy ifaliases_* 599A string. 600List of 601.Sq Em "address netmask" 602pairs to configure additional network addresses for the given 603configured interface 604.Dq * 605(e.g. 606.Sy ifaliases_le0 ) . 607If 608.Em netmask 609is 610.Dq - , 611then use the default netmask for the interface. 612.Pp 613.Sy ifaliases_* 614covers limited cases only and considered unrecommended. 615We recommend using 616.Sy ifconfig_nnX 617variables or 618.Pa /etc/ifconfig.xxN 619files with multiple lines instead. 620.It Sy ifwatchd 621.Sq YES 622or 623.Sq NO . 624Monitor dynamic interfaces and perform actions upon address changes. 625Passes 626.Sy ifwatchd_flags . 627.It Sy ip6mode 628A string. 629An IPv6 node can be a router 630.Pq nodes that forward packet for others 631or a host 632.Pq nodes that do not forward . 633A host can be autoconfigured 634based on the information advertised by adjacent IPv6 routers. 635By setting 636.Sy ip6mode 637to 638.Dq Li router , 639.Dq Li host , 640or 641.Dq Li autohost , 642you can configure your node as a router, 643a non-autoconfigured host, or an autoconfigured host. 644Invalid values will be ignored, and the node will be configured as 645a non-autoconfigured host. 646You may want to check 647.Sy rtsol 648and 649.Sy rtsold 650as well, if you set the variable to 651.Dq Li autohost . 652.It Sy ip6uniquelocal 653.Sq YES 654or 655.Sq NO . 656If 657.Sy ip6mode 658is equal to 659.Dq Li router 660and 661.Sy ip6uniquelocal 662is set to 663.Sq NO 664a reject route will be installed on boot to avoid misconfiguration relating 665to unique-local addresses. 666If set to 667.Sq YES 668the reject route won't be installed. 669.It Sy ipfilter 670.Sq YES 671or 672.Sq NO . 673Runs 674.Xr ipf 8 675to load in packet filter specifications from 676.Pa /etc/ipf.conf 677at network boot time, before any interfaces are configured. 678Passes 679.Sy ipfilter_flags . 680See 681.Xr ipf.conf 5 . 682.It Sy ipfs 683.Sq YES 684or 685.Sq NO . 686Runs 687.Xr ipfs 8 688to save and restore information for ipnat and ipfilter state tables. 689The information is stored in 690.Pa /var/db/ipf/ipstate.ipf 691and 692.Pa /var/db/ipf/ipnat.ipf . 693Passes 694.Sy ipfs_flags . 695.It Sy ipmon 696.Sq YES 697or 698.Sq NO . 699Runs 700.Xr ipmon 8 701to read 702.Xr ipf 8 703packet log information and log it to a file or the system log. 704Passes 705.Sy ipmon_flags . 706.It Sy ipmon_flags 707A string. 708Specifies arguments to supply to 709.Xr ipmon 8 . 710Defaults to 711.Dq Li -ns . 712A typical example would be 713.Dq Fl nD Pa /var/log/ipflog 714to have 715.Xr ipmon 8 716log directly to a file bypassing 717.Xr syslogd 8 . 718If the 719.Dq -D 720argument is used, remember to modify 721.Pa /etc/newsyslog.conf 722accordingly; for example: 723.Bd -literal 724/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 725.Ed 726.It Sy ipnat 727.Sq YES 728or 729.Sq NO . 730Runs 731.Xr ipnat 8 732to load in the IP network address translation (NAT) rules from 733.Pa /etc/ipnat.conf 734at network boot time, before any interfaces are configured. 735See 736.Xr ipnat.conf 5 . 737.It Sy ipsec 738.Sq YES 739or 740.Sq NO . 741Runs 742.Xr setkey 8 743to load in IPsec manual keys and policies from 744.Pa /etc/ipsec.conf 745at network boot time, before any interfaces are configured. 746.It Sy net_interfaces 747A string. 748The list of network interfaces to be configured at boot time. 749For each interface "xxN", the system first looks for ifconfig 750parameters in the variable 751.Sy ifconfig_xxN , 752and then in the file 753.Pa /etc/ifconfig.xxN . 754If 755.Sy auto_ifconfig 756is set to "NO" and neither the file nor the variable is found, 757a warning is printed. 758Information in either the variable or the file is parsed identically, 759except that, if an 760.Sy ifconfig_xxN 761variable contains a single line with embedded semicolons, 762then the value is split into multiple lines prior to further parsing, 763treating the semicolon as a line separator. 764One common case it to set 765.Sy ifconfig_xxN Ns Li \&= Ns Qq dhcp , 766which will cause 767.Xr dhcpcd 8 768to be started for the interface. 769Another common case it to set the 770.Sy ifconfig_xxN 771variable to a set of arguments to be passed to an 772.Xr ifconfig 8 773command after the interface name. 774Refer to 775.Xr ifconfig.if 5 776for more details on 777.Pa /etc/ifconfig.xxN 778files, and note that the information there also applies to 779.Sy ifconfig_xxN 780variables (after the variables are split into lines). 781.It Sy ntpdate 782.Sq YES 783or 784.Sq NO . 785Runs 786.Xr ntpdate 8 787to set the system time from one of the hosts in 788.Sy ntpdate_hosts . 789If 790.Sy ntpdate_hosts 791is empty, it will attempt to find a list of hosts in 792.Pa /etc/ntp.conf . 793Passes 794.Sy ntpdate_flags . 795.It Sy pf 796.Sq YES 797or 798.Sq NO . 799Enable 800.Xr pf 4 801at network boot time: 802Load the initial configuration 803.Xr pf.boot.conf 5 804before the network is up. 805After the network has been configured, then load the final ruleset 806.Xr pf.conf 5 . 807.It Sy pf_rules 808A string. 809The path of the 810.Xr pf.conf 5 811ruleset that will be used when loading the final ruleset. 812.It Sy pflogd 813.Sq YES 814or 815.Sq NO . 816Run 817.Xr pflogd 8 818for dumping packet filter logging information to a file. 819.It Sy ppp_peers 820A string. 821If 822.Sy ppp_peers 823is not empty, then 824.Pa /etc/rc.d/ppp 825will check each word in 826.Sy ppp_peers 827for a corresponding ppp configuration file in 828.Pa /etc/ppp/peers 829and will call 830.Xr pppd 8 831with the 832.Dq call Sy peer 833option. 834.It Sy racoon 835.Sq YES 836or 837.Sq NO . 838Runs 839.Xr racoon 8 , 840the IKE (ISAKMP/Oakley) key management daemon. 841.It Sy rtsol 842.Sq YES 843or 844.Sq NO . 845Run 846.Xr rtsol 8 , 847router solicitation command for IPv6 hosts. 848On nomadic hosts like notebook computers, you may want to enable 849.Sy rtsold 850as well. 851Passes 852.Sy rtsol_flags . 853This is only for autoconfigured IPv6 hosts, so set 854.Sy ip6mode 855to 856.Dq Li autohost 857if you use it. 858.It Sy wpa_supplicant 859.Sq YES 860or 861.Sq NO . 862Run 863.Xr wpa_supplicant 8 , 864WPA/802.11i Supplicant for wireless network devices. 865.El 866.Ss Daemons required by other daemons 867.Bl -tag -width net_interfaces 868.It Sy inetd 869.Sq YES 870or 871.Sq NO . 872Runs the 873.Xr inetd 8 874daemon to start network server processes (as listed in 875.Pa /etc/inetd.conf ) 876as necessary. 877Passes 878.Sy inetd_flags . 879The 880.Dq Li -l 881flag turns on libwrap connection logging. 882.It Sy rpcbind 883.Sq YES 884or 885.Sq NO . 886The 887.Xr rpcbind 8 888daemon is required for any 889.Xr rpc 3 890services. 891These include NFS, 892.Tn NIS , 893.Xr bootparamd 8 , 894.Xr rstatd 8 , 895.Xr rusersd 8 , 896and 897.Xr rwalld 8 . 898Passes 899.Sy rpcbind_flags . 900.El 901.Ss Commonly used daemons 902.Bl -tag -width net_interfaces 903.It Sy cron 904.Sq YES 905or 906.Sq NO . 907Run 908.Xr cron 8 . 909.It Sy httpd 910.Sq YES 911or 912.Sq NO . 913Runs the 914.Xr httpd 8 915daemon and passes 916.Sy httpd_flags . 917.It Sy httpd_wwwdir 918A string. 919The 920.Xr httpd 8 921WWW root directory. 922Used only if 923.Sy httpd 924is set to 925.Sq YES . 926The default setting is 927.Dq Pa /var/www . 928.It Sy httpd_wwwuser 929A string. 930If non-blank and 931.Sy httpd 932is 933.Sq YES , 934run 935.Xr httpd 8 936and cause it to switch to the specified user after initialization. 937It is preferred to 938.Sy httpd_user 939because 940.Xr httpd 8 941is requiring extra privileges to start listening on default port 80. 942The default setting is 943.Dq Dv _httpd . 944.It Sy lpd 945.Sq YES 946or 947.Sq NO . 948Runs 949.Xr lpd 8 950and passes 951.Sy lpd_flags . 952The 953.Dq Li -l 954flag will turn on extra logging. 955.It Sy named 956.Sq YES 957or 958.Sq NO . 959Runs 960.Xr named 8 961and passes 962.Sy named_flags . 963.It Sy named_chrootdir 964A string. 965If non-blank and 966.Sy named 967is 968.Sq YES , 969run 970.Xr named 8 971as the unprivileged user and group 972.Sq named , 973.Xr chroot 2 Ns ed 974to 975.Sy named_chrootdir . 976.Sy named_chrootdir Ns Pa /var/run/log 977will be added to the list of log sockets that 978.Xr syslogd 8 979listens to. 980.It Sy ntpd 981.Sq YES 982or 983.Sq NO . 984Runs 985.Xr ntpd 8 986and passes 987.Sy ntpd_flags . 988.It Sy ntpd_chrootdir 989A string. 990If non-blank and 991.Sy ntpd 992is 993.Sq YES , 994run 995.Xr ntpd 8 996as the unprivileged user and group 997.Sq ntpd , 998.Xr chroot 2 Ns ed 999to 1000.Sy ntpd_chrootdir . 1001.Sy ntpd_chrootdir Ns Pa /var/run/log 1002will be added to the list of log sockets that 1003.Xr syslogd 8 1004listens to. 1005This option requires that the kernel has 1006.Dl pseudo-device clockctl 1007compiled in, and that 1008.Pa /dev/clockctl 1009is present. 1010.It Sy postfix 1011.Sq YES 1012or 1013.Sq NO . 1014Starts 1015.Xr postfix 1 1016mail system. 1017.It Sy sshd 1018.Sq YES 1019or 1020.Sq NO . 1021Runs 1022.Xr sshd 8 1023and passes 1024.Sy sshd_flags . 1025.It Sy syslogd 1026.Sq YES 1027or 1028.Sq NO . 1029Runs 1030.Xr syslogd 8 1031and passes 1032.Sy syslogd_flags . 1033.It Sy timed 1034.Sq YES 1035or 1036.Sq NO . 1037Runs 1038.Xr timed 8 1039and passes 1040.Sy timed_flags . 1041The 1042.Dq Li -M 1043option allows 1044.Xr timed 8 1045to be a master time source as well as a slave. 1046If you are also running 1047.Xr ntpd 8 , 1048only one machine running both should have the 1049.Dq Li -M 1050flag given to 1051.Xr timed 8 . 1052.El 1053.Ss Routing daemons 1054.Bl -tag -width net_interfaces 1055.It Sy mrouted 1056.Sq YES 1057or 1058.Sq NO . 1059Runs 1060.Xr mrouted 8 , 1061the DVMRP multicast routing protocol daemon. 1062Passes 1063.Sy mrouted_flags . 1064.It Sy route6d 1065.Sq YES 1066or 1067.Sq NO . 1068Runs 1069.Xr route6d 8 , 1070the RIPng routing protocol daemon for IPv6. 1071Passes 1072.Sy route6d_flags . 1073.It Sy routed 1074.Sq YES 1075or 1076.Sq NO . 1077Runs 1078.Xr routed 8 , 1079the RIP routing protocol daemon. 1080Passes 1081.Sy routed_flags . 1082.\" This should be 1083.\" .Sq NO 1084.\" if 1085.\" .Sy gated 1086.\" is 1087.\" .Sq YES . 1088.It Sy rtsold 1089.Sq YES 1090or 1091.Sq NO . 1092Runs 1093.Xr rtsold 8 , 1094the IPv6 router solicitation daemon. 1095.Xr rtsold 8 1096periodically transmits router solicitation packets 1097to find IPv6 routers on the network. 1098This configuration is mainly for nomadic hosts like notebook computers. 1099Stationary hosts should work fine with just 1100.Sy rtsol . 1101Passes 1102.Sy rtsold_flags . 1103This is only for autoconfigured IPv6 hosts, so set 1104.Sy ip6mode 1105to 1106.Dq Li autohost 1107if you use it. 1108.El 1109.Ss Daemons used to boot other hosts over a network 1110.Bl -tag -width net_interfaces 1111.It Sy bootparamd 1112.Sq YES 1113or 1114.Sq NO . 1115Runs 1116.Xr bootparamd 8 , 1117the boot parameter server, with 1118.Sy bootparamd_flags 1119as options. 1120Used to boot 1121.Nx 1122and 1123.Tn "SunOS 4.x" 1124systems. 1125.It Sy dhcpd 1126.Sq YES 1127or 1128.Sq NO . 1129Runs 1130.Xr dhcpd 8 , 1131the Dynamic Host Configuration Protocol (DHCP) daemon, 1132for assigning IP addresses to hosts and passing boot information. 1133Passes 1134.Sy dhcpd_flags . 1135.It Sy dhcrelay 1136.Sq YES 1137or 1138.Sq NO . 1139Runs 1140.Xr dhcrelay 8 . 1141Passes 1142.Sy dhcrelay_flags . 1143.It Sy mopd 1144.Sq YES 1145or 1146.Sq NO . 1147Runs 1148.Xr mopd 8 , 1149the 1150.Tn DEC 1151.Tn MOP 1152protocol daemon; used for booting 1153.Tn VAX 1154and other 1155.Tn DEC 1156machines. 1157Passes 1158.Sy mopd_flags . 1159.It Sy ndbootd 1160.Sq YES 1161or 1162.Sq NO . 1163Runs 1164.Xr ndbootd 8 , 1165the Sun Network Disk (ND) Protocol server. 1166Passes 1167.Sy ndbootd_flags . 1168.It Sy rarpd 1169.Sq YES 1170or 1171.Sq NO . 1172Runs 1173.Xr rarpd 8 , 1174the reverse ARP daemon, often used to boot 1175.Nx 1176and Sun workstations. 1177Passes 1178.Sy rarpd_flags . 1179.It Sy rbootd 1180.Sq YES 1181or 1182.Sq NO . 1183Runs 1184.Xr rbootd 8 , 1185the 1186.Tn HP 1187boot protocol daemon; used for booting 1188.Tn HP 1189workstations. 1190Passes 1191.Sy rbootd_flags . 1192.It Sy rtadvd 1193.Sq YES 1194or 1195.Sq NO . 1196Runs 1197.Xr rtadvd 8 , 1198the IPv6 router advertisement daemon, which is used to advertise 1199information about the subnet to IPv6 end hosts. 1200Passes 1201.Sy rtadvd_flags . 1202This is only for IPv6 routers, so set 1203.Sy ip6mode 1204to 1205.Dq Li router 1206if you use it. 1207.El 1208.Ss X Window System daemons 1209.Bl -tag -width net_interfaces 1210.It Sy xdm 1211.Sq YES 1212or 1213.Sq NO . 1214Runs the 1215.Xr xdm 1 1216X display manager. 1217These X daemons are available only with the optional X distribution of 1218.Nx . 1219.It Sy xfs 1220.Sq YES 1221or 1222.Sq NO . 1223Runs the 1224.Xr xfs 1 1225X11 font server, which supplies local X font files to X terminals. 1226.El 1227.Ss NIS (YP) daemons 1228.Bl -tag -width net_interfaces 1229.It Sy ypbind 1230.Sq YES 1231or 1232.Sq NO . 1233Runs 1234.Xr ypbind 8 , 1235which lets 1236.Tn NIS 1237(YP) clients use information from a 1238.Tn NIS 1239server. 1240Passes 1241.Sy ypbind_flags . 1242.It Sy yppasswdd 1243.Sq YES 1244or 1245.Sq NO . 1246Runs 1247.Xr yppasswdd 8 , 1248which allows remote 1249.Tn NIS 1250users to update password on master server. 1251Passes 1252.Sy yppasswdd_flags . 1253.It Sy ypserv 1254.Sq YES 1255or 1256.Sq NO . 1257Runs 1258.Xr ypserv 8 , 1259the 1260.Tn NIS 1261(YP) server for distributing information from certain files in 1262.Pa /etc . 1263Passes 1264.Sy ypserv_flags . 1265The 1266.Dq Li -d 1267flag causes it to use DNS for lookups in 1268.Pa /etc/hosts 1269that fail. 1270.El 1271.Ss NFS daemons and parameters 1272.Bl -tag -width net_interfaces 1273.It Sy amd 1274.Sq YES 1275or 1276.Sq NO . 1277Runs 1278.Xr amd 8 , 1279the automounter daemon, which automatically mounts NFS file systems 1280whenever a file or directory within that file system is accessed. 1281Passes 1282.Sy amd_flags . 1283.It Sy amd_dir 1284A string. 1285The 1286.Xr amd 8 1287mount directory. 1288Used only if 1289.Sy amd 1290is set to 1291.Sq YES . 1292.It Sy lockd 1293.Sq YES 1294or 1295.Sq NO . 1296Runs 1297.Xr rpc.lockd 8 1298if 1299.Sy nfs_server 1300and/or 1301.Sy nfs_client 1302are set to 1303.Sq YES . 1304Passes 1305.Sy lockd_flags . 1306.It Sy mountd 1307.Sq YES 1308or 1309.Sq NO . 1310Runs 1311.Xr mountd 8 1312and passes 1313.Sy mountd_flags . 1314.It Sy nfs_client 1315.Sq YES 1316or 1317.Sq NO . 1318The number of local NFS asynchronous I/O server is now controlled via 1319.Xr sysctl 8 . 1320.It Sy nfs_server 1321.Sq YES 1322or 1323.Sq NO . 1324Sets up a host to be a NFS server by running 1325.Xr nfsd 8 1326and passing 1327.Sy nfsd_flags . 1328.It Sy statd 1329.Sq YES 1330or 1331.Sq NO . 1332Runs 1333.Xr rpc.statd 8 , 1334a status monitoring daemon used when 1335.Xr rpc.lockd 8 1336is running, if 1337.Sy nfs_server 1338and/or 1339.Sy nfs_client 1340are set to 1341.Sq YES . 1342Passes 1343.Sy statd_flags . 1344.El 1345.Ss Bluetooth configuration and daemons 1346.Bl -tag -width net_interfaces 1347.It Sy btattach 1348.Sq YES 1349or 1350.Sq NO . 1351Attach serial bluetooth interfaces as listed in the configuration file 1352.Pa /etc/bluetooth/btdevctl.conf . 1353.It Sy btconfig 1354.Sq YES 1355or 1356.Sq NO . 1357Configure bluetooth devices. 1358If the 1359.Sy btconfig_devices 1360variable below is not specified, all devices known to the system 1361will be configured. 1362For each device, configuration arguments are first looked for 1363in the 1364.Sy btconfig_{dev} 1365variable, otherwise the value of the 1366.Sy btconfig_args 1367variable will be used, and if that is not specified the default string is 1368.Sq enable . 1369.It Sy btconfig_devices 1370An optional space separated list of bluetooth devices to be configured at 1371boot time. 1372.It Sy btconfig_args 1373An optional string, containing default arguments for bluetooth devices to 1374be configured. 1375.It Sy btdevctl 1376.Sq YES 1377or 1378.Sq NO . 1379Configure Bluetooth devices as listed in the configuration file 1380.Pa /etc/bluetooth/btdevctl.conf . 1381.It Sy bthcid 1382.Sq YES 1383or 1384.Sq NO . 1385Runs 1386.Xr bthcid 8 , 1387the Bluetooth HCI daemon, which manages link keys and PIN codes for 1388Bluetooth links. 1389Passes 1390.Sy bthcid_flags . 1391.It Sy sdpd 1392.Sq YES 1393or 1394.Sq NO . 1395Runs the Service Discovery Profile daemon, 1396.Xr sdpd 8 . 1397Passes 1398.Sy sdpd_flags . 1399.El 1400.Ss Other daemons 1401.Bl -tag -width net_interfaces 1402.It Sy isdnd 1403.Sq YES 1404or 1405.Sq NO . 1406Runs 1407.Xr isdnd 8 , 1408the isdn4bsd ISDN connection management daemon. 1409Passes 1410.Sy isdnd_flags . 1411.It Sy isdn_autoupdown 1412.Sq YES 1413or 1414.Sq NO . 1415Set all configured ISDN interfaces to 1416.Dq up . 1417If 1418.Sy isdn_interfaces 1419is not blank, only the listed interfaces will be modified. 1420Used only if 1421.Sy isdnd 1422is set to 1423.Sq YES . 1424.It Sy kdc 1425.Sq YES 1426or 1427.Sq NO . 1428Runs the 1429.Xr kdc 8 1430Kerberos v4 and v5 server. 1431This should be run on Kerberos master and slave servers. 1432.It Sy rwhod 1433.Sq YES 1434or 1435.Sq NO . 1436Runs 1437.Xr rwhod 8 1438to support the 1439.Xr rwho 1 1440and 1441.Xr ruptime 1 1442commands. 1443.El 1444.Ss Hardware daemons 1445.Bl -tag -width net_interfaces 1446.It Sy apmd 1447.Sq YES 1448or 1449.Sq NO . 1450Runs 1451.Xr apmd 8 1452and passes 1453.Sy apmd_flags . 1454.It Sy irdaattach 1455.Sq YES 1456or 1457.Sq NO . 1458Runs 1459.Xr irdaattach 8 1460and passes 1461.Sy irdaattach_flags . 1462.It Sy moused 1463.Sq YES 1464or 1465.Sq NO . 1466Runs 1467.Xr moused 8 , 1468to pass serial mouse data to the wscons mouse mux. 1469Passes 1470.Sy moused_flags . 1471.It Sy screenblank 1472.Sq YES 1473or 1474.Sq NO . 1475Runs 1476.Xr screenblank 1 1477and passes 1478.Sy screenblank_flags . 1479.It Sy wscons 1480.Sq YES 1481or 1482.Sq NO . 1483Configures the 1484.Xr wscons 4 1485console driver, from the configuration file 1486.Pa /etc/wscons.conf . 1487.It Sy wsmoused 1488.Sq YES 1489or 1490.Sq NO . 1491Runs 1492.Xr wsmoused 8 , 1493to provide copy and paste text support in wscons displays. 1494Passes 1495.Sy wsmoused_flags . 1496.El 1497.Sh FILES 1498.Bl -tag -width /etc/defaults/rc.conf -compact 1499.It Pa /etc/rc.conf 1500The file 1501.Nm 1502resides in 1503.Pa /etc . 1504.It Pa /etc/defaults/rc.conf 1505Default settings for 1506.Nm , 1507sourced by 1508.Nm 1509before the end-user configuration section. 1510.It Pa /etc/rc.conf.d/ Ns Ar foo 1511.Ar foo Ns No -specific 1512.Nm 1513overrides. 1514.El 1515.Sh SEE ALSO 1516.Xr boot 8 , 1517.Xr rc 8 , 1518.Xr rc.d 8 , 1519.Xr rc.subr 8 , 1520.Xr rcorder 8 1521.Sh HISTORY 1522The 1523.Nm 1524file appeared in 1525.Nx 1.3 . 1526