1.\" $NetBSD: rc.conf.5,v 1.127 2009/01/04 12:10:30 apb Exp $ 2.\" 3.\" Copyright (c) 1996 Matthew R. Green 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 20.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 22.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 23.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" Copyright (c) 1997 Curt J. Sampson 28.\" Copyright (c) 1997 Michael W. Long 29.\" Copyright (c) 1998-2009 The NetBSD Foundation, Inc. 30.\" All rights reserved. 31.\" 32.\" This document is derived from works contributed to The NetBSD Foundation 33.\" by Luke Mewburn. 34.\" 35.\" Redistribution and use in source and binary forms, with or without 36.\" modification, are permitted provided that the following conditions 37.\" are met: 38.\" 1. Redistributions of source code must retain the above copyright 39.\" notice, this list of conditions and the following disclaimer. 40.\" 2. Redistributions in binary form must reproduce the above copyright 41.\" notice, this list of conditions and the following disclaimer in the 42.\" documentation and/or other materials provided with the distribution. 43.\" 3. The name of the author may not be used to endorse or promote products 44.\" derived from this software without specific prior written permission. 45.\" 46.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 47.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 48.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 49.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 50.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 51.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 52.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 53.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 54.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 55.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 56.\" SUCH DAMAGE. 57.\" 58.Dd January 4, 2009 59.Dt RC.CONF 5 60.Os 61.Sh NAME 62.Nm rc.conf 63.Nd system startup configuration file 64.Sh DESCRIPTION 65The 66.Nm 67file specifies which services are enabled during system startup by 68the startup scripts invoked by 69.Pa /etc/rc 70(see 71.Xr rc 8 ) , 72and the shutdown scripts invoked by 73.Pa /etc/rc.shutdown . 74The 75.Nm 76file is a shell script that is sourced by 77.Xr rc 8 , 78meaning that 79.Nm 80must contain valid shell commands. 81.Pp 82Listed below are the standard 83.Nm 84variables that may be set, the values to which each may be set, 85a brief description of what each variable does, and a reference to 86relevant manual pages. 87Third party packages may test for additional variables. 88.Pp 89Most variables are one of two types: enabling variables or flags 90variables. 91Enabling variables, such as 92.Sy inetd , 93are generally named after the program or the system they enable, 94and are set to 95.Sq YES 96or 97.Sq NO . 98Flags variables, such as 99.Sy inetd_flags 100have the same name with "_flags" appended, and determine what 101arguments are passed to the program if it is enabled. 102.Pp 103If a variable that 104.Xr rc 8 105expects to be set is not set, or the value is not one of the allowed 106values, a warning will be printed. 107.Pp 108By default, 109.Nm 110reads 111.Pa /etc/defaults/rc.conf 112(if it is readable) 113to obtain default values for various variables, and the end-user 114may override these by appending appropriate entries to the end of 115.Nm . 116.Pp 117.Xr rc.d 8 118scripts that use 119.Ic load_rc_config 120from 121.Xr rc.subr 8 122also support sourcing an optional end-user provided per-script override 123file 124.Pa /etc/rc.conf.d/ Ns Ar service , 125(where 126.Ar service 127is the contents of the 128.Sy name 129variable in the 130.Xr rc.d 8 131script). 132This may contain variable overrides, including allowing the end-user 133to override various 134.Ic run_rc_command 135.Xr rc.d 8 136control variables, and thus changing the operation of the script 137without requiring editing of the script. 138.Ss Overall control 139.Bl -tag -width net_interfaces 140.It Sy do_rcshutdown 141.Sq YES 142or 143.Sq NO . 144If set to 145.Sq NO , 146.Xr shutdown 8 147will not run 148.Pa /etc/rc.shutdown . 149.It Sy rcshutdown_rcorder_flags 150A string. 151Extra arguments to the 152.Xr rcorder 8 153run by 154.Pa /etc/rc.shutdown . 155.It Sy rcshutdown_timeout 156A number. 157If non-blank, use this as the number of seconds to run a watchdog timer for 158which will terminate 159.Pa /etc/rc.shutdown 160if the timer expires before the shutdown script completes. 161.It Sy rc_configured 162.Sq YES 163or 164.Sq NO . 165If not set to 166.Sq YES 167then the system will drop into single-user mode during boot. 168.It Sy rc_fast_and_loose 169If set to a non-empty string, 170each script in 171.Pa /etc/rc.d 172will be executed in the current shell rather than a sub shell. 173This may be faster on slow machines that have an expensive 174.Xr fork 2 175operation. 176.Bl -hang 177.It Em Note : 178Use this at your own risk! 179A rogue command or script may inadvertently prevent boot to multiuser. 180.El 181.It Sy rc_rcorder_flags 182A string. 183Extra arguments to the 184.Xr rcorder 8 185run by 186.Pa /etc/rc . 187.El 188.Ss Basic network configuration 189.Bl -tag -width net_interfaces 190.It Sy defaultroute 191A string. 192Default IPv4 network route. 193If empty or not set, then the contents of 194.Pa /etc/mygate 195(if it exists) are used. 196.It Sy defaultroute6 197A string. 198Default IPv6 network route. 199If empty or not set, then the contents of 200.Pa /etc/mygate6 201(if it exists) are used. 202.It Sy domainname 203A string. 204.Tn NIS 205(YP) domain of host. 206If empty or not set, then the contents of 207.Pa /etc/defaultdomain 208(if it exists) are used. 209.It Sy force_down_interfaces 210A space separated list of interface names. 211These interfaces will be configured down when going from multiuser to singleuser 212mode or on system shutdown. 213.Pp 214This is important for some stateful interfaces, for example PPP over ISDN 215connections that cost money by connection time or PPPoE interfaces which 216have no direct means of noticing 217.Dq disconnect 218events. 219.Pp 220All active 221.Xr pppoe 4 222and 223.Xr ippp 4 224interfaces will be automatically added to this list. 225.It Sy hostname 226A string. 227Name of host. 228If empty or not set, then the contents of 229.Pa /etc/myname 230(if it exists) are used. 231.El 232.Ss Boottime file-system and swap configuration 233.Bl -tag -width net_interfaces 234.It Sy critical_filesystems_local 235A string. 236File systems mounted very early in the system boot before networking 237services are available. 238Usually 239.Pa /var 240is part of this, because it is needed by services such as 241.Xr dhclient 8 242which may be required to get the network operational. 243.It Sy critical_filesystems_remote 244A string. 245File systems such as 246.Pa /usr 247that may require network services to be available to mount, 248that must be available early in the system boot for general services to use. 249.It Sy fsck_flags 250A string. 251A file system is checked with 252.Xr fsck 8 253during boot before mounting it. 254This option may be used to override the default command-line options 255passed to the 256.Xr fsck 8 257program. 258.Pp 259When set to 260.Fl y , 261.Xr fsck 8 262assumes yes as the answer to all operator questions during file system checks. 263This might be important with hosts where the administrator does not have 264access to the console and an unsuccessful shutdown must not make the host 265unbootable even if the file system checks would fail in preen mode. 266.It Sy no_swap 267.Sq YES 268or 269.Sq NO . 270Set the 271.Sy no_swap 272variable to 273.Sq YES 274if you have configured your system with no swap on purpose. 275If not set to 276.Sq YES , 277and no swap devices 278are configured, the system will warn you. 279.It Sy swapoff 280.Sq YES 281or 282.Sq NO . 283Remove block-type swap devices at shutdown time. 284Useful if swapping onto RAIDframe devices. 285.El 286.Ss One-time actions to perform or programs to run on boot-up 287.Bl -tag -width net_interfaces 288.It Sy accounting 289.Sq YES 290or 291.Sq NO . 292Enables process accounting with 293.Xr accton 8 . 294Requires 295.Pa /var/account/acct 296to exist. 297.It Sy clear_tmp 298.Sq YES 299or 300.Sq NO . 301Clear /tmp after reboot. 302.It Sy dmesg 303.Sq YES 304or 305.Sq NO . 306Create 307.Pa /var/run/dmesg.boot 308from the output of 309.Xr dmesg 8 . 310Passes 311.Sy dmesg_flags . 312.It Sy mixerctl 313.Sq YES 314or 315.Sq NO . 316Read 317.Xr mixerctl.conf 5 318for how to set mixer values. 319List in 320.Sy mixerctl_mixers 321the devices whose settings are to be saved at shutdown and 322restored at start-up. 323.It Sy newsyslog 324.Sq YES 325or 326.Sq NO . 327Run 328.Nm newsyslog 329to trim logfiles before syslogd starts. 330Intended for laptop users. 331Passes 332.Sy newsyslog_flags . 333.It Sy per_user_tmp 334.Sq YES 335or 336.Sq NO . 337Enables a per-user 338.Pa /tmp 339directory. 340.Sy per_user_tmp_dir 341can be used to override the default location of the 342.Dq real 343temporary directories, 344.Dq Pa /private/tmp . 345.It Sy rndctl 346.Sq YES 347or 348.Sq NO . 349Runs the 350.Xr rndctl 8 351utility one or more times according to the specification in 352.Sy rndctl_flags . 353.Pp 354If 355.Sy rndctl_flags 356does not contain a semicolon 357.Pq Ql \&; 358then it is expected to contain zero or more flags, 359followed by one or more device or type names. 360The 361.Xr rndctl 8 362command will be executed once for each device or type name. 363If the specified flags do not include any of 364.Fl c , C , e , 365or 366.Fl E , 367then the flags 368.Fl c 369and 370.Fl e 371are added, to specify that entropy from the relevant device or type 372should be both collected and estimated. 373If the specified flags do not include either of 374.Fl d 375or 376.Fl t , 377then the flag 378.Fl d 379is added, to specify that the non-flag arguments are device names, 380not type names. 381.Pp 382.Sy rndctl_flags 383may contain multiple semicolon-separated segments, in which each 384segment contains flags and device or type names as described above. 385This allows different flags to be associated with different 386device or type names. 387For example, given 388.Li rndctl_flags="wd0 wd1; -t tty; -c -t net" , 389the following commands will be executed: 390.Li "rndctl -c -e -d wd0" ; 391.Li "rndctl -c -e -d wd1" ; 392.Li "rndctl -c -e -t tty" ; 393.Li "rndctl -c -t net" . 394.It Sy savecore 395.Sq YES 396or 397.Sq NO . 398Runs the 399.Xr savecore 8 400utility. 401Passes 402.Sy savecore_flags . 403The directory where crash dumps are stored is specified by 404.Sy savecore_dir . 405The default setting is 406.Dq Pa /var/crash . 407.It Sy tpctl 408.Sq YES 409or 410.Sq NO . 411Run 412.Xr tpctl 8 413to calibrate touch panel device. 414Passes 415.Sy tpctl_flags . 416.It Sy update_motd 417.Sq YES 418or 419.Sq NO . 420Updates the 421.Nx 422version string in the 423.Pa /etc/motd 424file to reflect the version of the running kernel. 425See 426.Xr motd 5 . 427.It Sy veriexec 428.Sq YES 429or 430.Sq NO . 431Load Veriexec fingerprints during startup. 432Read 433.Xr veriexecctl 8 434for more information. 435.It Sy virecover 436.Sq YES 437or 438.Sq NO . 439Send notification mail to users if any recoverable files exist in 440.Pa /var/tmp/vi.recover . 441Read 442.Xr virecover 8 443for more information. 444.El 445.Ss System security setting 446.Bl -tag -width net_interfaces 447.It Sy securelevel 448A number. 449The system securelevel is set to the specified value early 450in the boot process, before any external logins, or other programs 451that run users job, are started. 452If set to nothing, the default action is taken, as described in 453.Xr init 8 454and 455.Xr secmodel_securelevel 9 , 456which contains definitive information about the system securelevel. 457Note that setting 458.Sy securelevel 459to 0 in 460.Nm 461will actually result in the system booting with securelevel set to 1, as 462.Xr init 8 463will raise the level when 464.Xr rc 8 465completes. 466.It Sy permit_nonalpha 467Allow passwords to include non-alpha characters, usually to allow 468NIS/YP netgroups. 469.It Sy veriexec_strict 470A number. 471Controls the strict level of Veriexec. 472Level 0 is learning mode, used when building the signatures file. 473It will only output messages but will not enforce anything. 474Level 1 will only prevent access to files with a fingerprint 475mismatch. 476Level 2 will also deny writing to and removing of 477monitored files, as well as enforce access type (as specified in 478the signatures file). 479Level 3 will take a step further and prevent 480access to files that are not monitored. 481.It Sy veriexec_verbose 482A number. 483Controls the verbosity of Veriexec. 484Recommended operation is at level 0, verbose output (mostly used when 485building the signatures file) is at level 1. 486Level 2 is for debugging only and should not be used. 487.It Sy veriexec_flags 488A string. 489Flags to pass to the 490.Nm veriexecctl 491command. 492.El 493.Ss Networking startup 494.Bl -tag -width net_interfaces 495.It Sy altqd 496.Sq YES 497or 498.Sq NO . 499ALTQ configuration/monitoring daemon. 500Passes 501.Sy altqd_flags . 502.It Sy auto_ifconfig 503.Sq YES 504or 505.Sq NO . 506Sets the 507.Sy net_interfaces 508variable (see below) to the output of 509.Xr ifconfig 8 510with the 511.Dq Li -l 512flag and suppresses warnings about interfaces in this list that 513do not have an ifconfig file or variable. 514.It Sy dhclient 515.Sq YES 516or 517.Sq NO . 518Set to 519.Sq YES 520to configure some or all network interfaces using 521the ISC DHCP client. 522If you set 523.Sy dhclient 524to 525.Sq YES , 526you must either have 527.Pa /var 528in 529.Sy critical_filesystems_local , 530as part of 531.Pa / , 532or direct the DHCP client to store the leases file on the root 533file system by modifying the 534.Sy dhclient_flags 535variable. 536You must not provide ifconfig information or ifaliases 537information for any interface that is to be configured using the DHCP client. 538Interface aliases can be set up in the DHCP client configuration 539file if needed - see 540.Xr dhclient.conf 5 541for details. 542.Pp 543Passes 544.Sy dhclient_flags 545to the DHCP client. 546See 547.Xr dhclient 8 548for complete documentation. 549If you wish to configure all broadcast 550network interfaces using the DHCP client, you can leave this blank. 551To configure only specific interfaces, name the interfaces to be configured 552on the command line. 553.Pp 554If you must run the DHCP client before mounting critical file systems, 555then you should specify an alternate location for the DHCP client's lease 556file in the 557.Sy dhclient_flags 558variable - for example, "-lf /tmp/dhclient.leases". 559.It Sy dhcpcd_flags 560Additional arguments to pass to 561.Xr dhcpcd 8 562when requesting configuration via 563.Sy ifconfig_xxN 564or 565.Pa /etc/ifconfig.xxN . 566.It Sy flushroutes 567.Sq YES 568or 569.Sq NO . 570Flushes the route table on networking startup. 571Useful when coming up to multiuser mode after going down to 572single-user mode. 573.It Sy hostapd 574.Sq YES 575or 576.Sq NO . 577Runs 578.Xr hostapd 8 , 579the authenticator for IEEE 802.11 networks. 580.It Sy ifaliases_* 581A string. 582List of 583.Sq Em "address netmask" 584pairs to configure additional network addresses for the given 585configured interface 586.Dq * 587(e.g. 588.Sy ifaliases_le0 ) . 589If 590.Em netmask 591is 592.Dq - , 593then use the default netmask for the interface. 594.Pp 595.Sy ifaliases_* 596covers limited cases only and considered unrecommended. 597We recommend using 598.Sy ifconfig_nnX 599variables or 600.Pa /etc/ifconfig.xxN 601files with multiple lines instead. 602.It Sy ifwatchd 603.Sq YES 604or 605.Sq NO . 606Monitor dynamic interfaces and perform actions upon address changes. 607Passes 608.Sy ifwatchd_flags . 609.It Sy ip6mode 610A string. 611An IPv6 node can be a router 612.Pq nodes that forward packet for others 613or a host 614.Pq nodes that do not forward . 615A host can be autoconfigured 616based on the information advertised by adjacent IPv6 routers. 617By setting 618.Sy ip6mode 619to 620.Dq Li router , 621.Dq Li host , 622or 623.Dq Li autohost , 624you can configure your node as a router, 625a non-autoconfigured host, or an autoconfigured host. 626Invalid values will be ignored, and the node will be configured as 627a non-autoconfigured host. 628You may want to check 629.Sy rtsol 630and 631.Sy rtsold 632as well, if you set the variable to 633.Dq Li autohost . 634.It Sy ip6uniquelocal 635.Sq YES 636or 637.Sq NO . 638If 639.Sy ip6mode 640is equal to 641.Dq Li router 642and 643.Sy ip6uniquelocal 644is set to 645.Sq NO 646a reject route will be installed on boot to avoid misconfiguration relating 647to unique-local addresses. 648If set to 649.Sq YES 650the reject route won't be installed. 651.It Sy ipfilter 652.Sq YES 653or 654.Sq NO . 655Runs 656.Xr ipf 8 657to load in packet filter specifications from 658.Pa /etc/ipf.conf 659at network boot time, before any interfaces are configured. 660See 661.Xr ipf.conf 5 . 662.It Sy ipfs 663.Sq YES 664or 665.Sq NO . 666Runs 667.Xr ipfs 8 668to save and restore information for ipnat and ipfilter state tables. 669The information is stored in 670.Pa /var/db/ipf/ipstate.ipf 671and 672.Pa /var/db/ipf/ipnat.ipf . 673Passes 674.Sy ipfs_flags . 675.It Sy ipmon 676.Sq YES 677or 678.Sq NO . 679Runs 680.Xr ipmon 8 681to read 682.Xr ipf 8 683packet log information and log it to a file or the system log. 684Passes 685.Sy ipmon_flags . 686.It Sy ipmon_flags 687A string. 688Specifies arguments to supply to 689.Xr ipmon 8 . 690Defaults to 691.Dq Li -ns . 692A typical example would be 693.Dq Fl nD Pa /var/log/ipflog 694to have 695.Xr ipmon 8 696log directly to a file bypassing 697.Xr syslogd 8 . 698If the 699.Dq -D 700argument is used, remember to modify 701.Pa /etc/newsyslog.conf 702accordingly; for example: 703.Bd -literal 704/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 705.Ed 706.It Sy ipnat 707.Sq YES 708or 709.Sq NO . 710Runs 711.Xr ipnat 8 712to load in the IP network address translation (NAT) rules from 713.Pa /etc/ipnat.conf 714at network boot time, before any interfaces are configured. 715See 716.Xr ipnat.conf 5 . 717.It Sy ipsec 718.Sq YES 719or 720.Sq NO . 721Runs 722.Xr setkey 8 723to load in IPsec manual keys and policies from 724.Pa /etc/ipsec.conf 725at network boot time, before any interfaces are configured. 726.It Sy net_interfaces 727A string. 728The list of network interfaces to be configured at boot time. 729For each interface "xxN", the system first looks for ifconfig 730parameters in the variable 731.Sy ifconfig_xxN , 732and then in the file 733.Pa /etc/ifconfig.xxN . 734If 735.Sy auto_ifconfig 736is set to "NO" and neither the file nor the variable is found, 737a warning is printed. 738Information in either the variable or the file is parsed identically, 739except that, if an 740.Sy ifconfig_xxN 741variable contains a single line with embedded semicolons, 742then the value is split into multiple lines prior to further parsing, 743treating the semicolon as a line separator. 744One common case it to set 745.Sy ifconfig_xxN Ns Li \&= Ns Qq dhcp , 746which will cause 747.Xr dhcpcd 8 748to be started for the interface. 749Another common case it to set the 750.Sy ifconfig_xxN 751variable to a set of arguments to be passed to an 752.Xr ifconfig 8 753command after the interface name. 754Refer to 755.Xr ifconfig.if 5 756for more details on 757.Pa /etc/ifconfig.xxN 758files, and note that the information there also applies to 759.Sy ifconfig_xxN 760variables (after the variables are split into lines). 761.It Sy ntpdate 762.Sq YES 763or 764.Sq NO . 765Runs 766.Xr ntpdate 8 767to set the system time from one of the hosts in 768.Sy ntpdate_hosts . 769If 770.Sy ntpdate_hosts 771is empty, it will attempt to find a list of hosts in 772.Pa /etc/ntp.conf . 773Passes 774.Sy ntpdate_flags . 775.It Sy pf 776.Sq YES 777or 778.Sq NO . 779Enable 780.Xr pf 4 781at network boot time: 782Load the initial configuration 783.Xr pf.boot.conf 5 784before the network is up. 785After the network has been configured, then load the final ruleset 786.Xr pf.conf 5 . 787.It Sy pf_rules 788A string. 789The path of the 790.Xr pf.conf 5 791ruleset that will be used when loading the final ruleset. 792.It Sy pflogd 793.Sq YES 794or 795.Sq NO . 796Run 797.Xr pflogd 8 798for dumping packet filter logging information to a file. 799.It Sy ppp_peers 800A string. 801If 802.Sy ppp_peers 803is not empty, then 804.Pa /etc/rc.d/ppp 805will check each word in 806.Sy ppp_peers 807for a corresponding ppp configuration file in 808.Pa /etc/ppp/peers 809and will call 810.Xr pppd 8 811with the 812.Dq call Sy peer 813option. 814.It Sy racoon 815.Sq YES 816or 817.Sq NO . 818Runs 819.Xr racoon 8 , 820the IKE (ISAKMP/Oakley) key management daemon. 821.It Sy rtsol 822.Sq YES 823or 824.Sq NO . 825Run 826.Xr rtsol 8 , 827router solicitation command for IPv6 hosts. 828On nomadic hosts like notebook computers, you may want to enable 829.Sy rtsold 830as well. 831Passes 832.Sy rtsol_flags . 833This is only for autoconfigured IPv6 hosts, so set 834.Sy ip6mode 835to 836.Dq Li autohost 837if you use it. 838.It Sy wpa_supplicant 839.Sq YES 840or 841.Sq NO . 842Run 843.Xr wpa_supplicant 8 , 844WPA/802.11i Supplicant for wireless network devices. 845.El 846.Ss Daemons required by other daemons 847.Bl -tag -width net_interfaces 848.It Sy inetd 849.Sq YES 850or 851.Sq NO . 852Runs the 853.Xr inetd 8 854daemon to start network server processes (as listed in 855.Pa /etc/inetd.conf ) 856as necessary. 857Passes 858.Sy inetd_flags . 859The 860.Dq Li -l 861flag turns on libwrap connection logging. 862.It Sy rpcbind 863.Sq YES 864or 865.Sq NO . 866The 867.Xr rpcbind 8 868daemon is required for any 869.Xr rpc 3 870services. 871These include NFS, 872.Tn NIS , 873.Xr bootparamd 8 , 874.Xr rstatd 8 , 875.Xr rusersd 8 , 876and 877.Xr rwalld 8 . 878Passes 879.Sy rpcbind_flags . 880.El 881.Ss Commonly used daemons 882.Bl -tag -width net_interfaces 883.It Sy cron 884.Sq YES 885or 886.Sq NO . 887Run 888.Xr cron 8 . 889.It Sy httpd 890.Sq YES 891or 892.Sq NO . 893Runs the 894.Xr httpd 8 895daemon and passes 896.Sy httpd_flags . 897.It Sy httpd_wwwdir 898A string. 899The 900.Xr httpd 8 901WWW root directory. 902Used only if 903.Sy httpd 904is set to 905.Sq YES . 906The default setting is 907.Dq Pa /var/www . 908.It Sy httpd_wwwuser 909A string. 910If non-blank and 911.Sy httpd 912is 913.Sq YES , 914run 915.Xr httpd 8 916and cause it to switch to the specified user after initialization. 917It is preferred to 918.Sy httpd_user 919because 920.Xr httpd 8 921is requiring extra privileges to start listening on default port 80. 922The default setting is 923.Dq Dv _httpd . 924.It Sy lpd 925.Sq YES 926or 927.Sq NO . 928Runs 929.Xr lpd 8 930and passes 931.Sy lpd_flags . 932The 933.Dq Li -l 934flag will turn on extra logging. 935.It Sy named 936.Sq YES 937or 938.Sq NO . 939Runs 940.Xr named 8 941and passes 942.Sy named_flags . 943.It Sy named_chrootdir 944A string. 945If non-blank and 946.Sy named 947is 948.Sq YES , 949run 950.Xr named 8 951as the unprivileged user and group 952.Sq named , 953.Xr chroot 2 Ns ed 954to 955.Sy named_chrootdir . 956.Sy named_chrootdir Ns Pa /var/run/log 957will be added to the list of log sockets that 958.Xr syslogd 8 959listens to. 960.It Sy ntpd 961.Sq YES 962or 963.Sq NO . 964Runs 965.Xr ntpd 8 966and passes 967.Sy ntpd_flags . 968.It Sy ntpd_chrootdir 969A string. 970If non-blank and 971.Sy ntpd 972is 973.Sq YES , 974run 975.Xr ntpd 8 976as the unprivileged user and group 977.Sq ntpd , 978.Xr chroot 2 Ns ed 979to 980.Sy ntpd_chrootdir . 981.Sy ntpd_chrootdir Ns Pa /var/run/log 982will be added to the list of log sockets that 983.Xr syslogd 8 984listens to. 985This option requires that the kernel has 986.Dl pseudo-device clockctl 987compiled in, and that 988.Pa /dev/clockctl 989is present. 990.It Sy postfix 991.Sq YES 992or 993.Sq NO . 994Starts 995.Xr postfix 1 996mail system. 997.It Sy sshd 998.Sq YES 999or 1000.Sq NO . 1001Runs 1002.Xr sshd 8 1003and passes 1004.Sy sshd_flags . 1005.It Sy syslogd 1006.Sq YES 1007or 1008.Sq NO . 1009Runs 1010.Xr syslogd 8 1011and passes 1012.Sy syslogd_flags . 1013.It Sy timed 1014.Sq YES 1015or 1016.Sq NO . 1017Runs 1018.Xr timed 8 1019and passes 1020.Sy timed_flags . 1021The 1022.Dq Li -M 1023option allows 1024.Xr timed 8 1025to be a master time source as well as a slave. 1026If you are also running 1027.Xr ntpd 8 , 1028only one machine running both should have the 1029.Dq Li -M 1030flag given to 1031.Xr timed 8 . 1032.El 1033.Ss Routing daemons 1034.Bl -tag -width net_interfaces 1035.It Sy mrouted 1036.Sq YES 1037or 1038.Sq NO . 1039Runs 1040.Xr mrouted 8 , 1041the DVMRP multicast routing protocol daemon. 1042Passes 1043.Sy mrouted_flags . 1044.It Sy route6d 1045.Sq YES 1046or 1047.Sq NO . 1048Runs 1049.Xr route6d 8 , 1050the RIPng routing protocol daemon for IPv6. 1051Passes 1052.Sy route6d_flags . 1053.It Sy routed 1054.Sq YES 1055or 1056.Sq NO . 1057Runs 1058.Xr routed 8 , 1059the RIP routing protocol daemon. 1060Passes 1061.Sy routed_flags . 1062.\" This should be 1063.\" .Sq NO 1064.\" if 1065.\" .Sy gated 1066.\" is 1067.\" .Sq YES . 1068.It Sy rtsold 1069.Sq YES 1070or 1071.Sq NO . 1072Runs 1073.Xr rtsold 8 , 1074the IPv6 router solicitation daemon. 1075.Xr rtsold 8 1076periodically transmits router solicitation packets 1077to find IPv6 routers on the network. 1078This configuration is mainly for nomadic hosts like notebook computers. 1079Stationary hosts should work fine with just 1080.Sy rtsol . 1081Passes 1082.Sy rtsold_flags . 1083This is only for autoconfigured IPv6 hosts, so set 1084.Sy ip6mode 1085to 1086.Dq Li autohost 1087if you use it. 1088.El 1089.Ss Daemons used to boot other hosts over a network 1090.Bl -tag -width net_interfaces 1091.It Sy bootparamd 1092.Sq YES 1093or 1094.Sq NO . 1095Runs 1096.Xr bootparamd 8 , 1097the boot parameter server, with 1098.Sy bootparamd_flags 1099as options. 1100Used to boot 1101.Nx 1102and 1103.Tn "SunOS 4.x" 1104systems. 1105.It Sy dhcpd 1106.Sq YES 1107or 1108.Sq NO . 1109Runs 1110.Xr dhcpd 8 , 1111the Dynamic Host Configuration Protocol (DHCP) daemon, 1112for assigning IP addresses to hosts and passing boot information. 1113Passes 1114.Sy dhcpd_flags . 1115.It Sy dhcrelay 1116.Sq YES 1117or 1118.Sq NO . 1119Runs 1120.Xr dhcrelay 8 . 1121Passes 1122.Sy dhcrelay_flags . 1123.It Sy mopd 1124.Sq YES 1125or 1126.Sq NO . 1127Runs 1128.Xr mopd 8 , 1129the 1130.Tn DEC 1131.Tn MOP 1132protocol daemon; used for booting 1133.Tn VAX 1134and other 1135.Tn DEC 1136machines. 1137Passes 1138.Sy mopd_flags . 1139.It Sy ndbootd 1140.Sq YES 1141or 1142.Sq NO . 1143Runs 1144.Xr ndbootd 8 , 1145the Sun Network Disk (ND) Protocol server. 1146Passes 1147.Sy ndbootd_flags . 1148.It Sy rarpd 1149.Sq YES 1150or 1151.Sq NO . 1152Runs 1153.Xr rarpd 8 , 1154the reverse ARP daemon, often used to boot 1155.Nx 1156and Sun workstations. 1157Passes 1158.Sy rarpd_flags . 1159.It Sy rbootd 1160.Sq YES 1161or 1162.Sq NO . 1163Runs 1164.Xr rbootd 8 , 1165the 1166.Tn HP 1167boot protocol daemon; used for booting 1168.Tn HP 1169workstations. 1170Passes 1171.Sy rbootd_flags . 1172.It Sy rtadvd 1173.Sq YES 1174or 1175.Sq NO . 1176Runs 1177.Xr rtadvd 8 , 1178the IPv6 router advertisement daemon, which is used to advertise 1179information about the subnet to IPv6 end hosts. 1180Passes 1181.Sy rtadvd_flags . 1182This is only for IPv6 routers, so set 1183.Sy ip6mode 1184to 1185.Dq Li router 1186if you use it. 1187.El 1188.Ss X Window System daemons 1189.Bl -tag -width net_interfaces 1190.It Sy xdm 1191.Sq YES 1192or 1193.Sq NO . 1194Runs the 1195.Xr xdm 1 1196X display manager. 1197These X daemons are available only with the optional X distribution of 1198.Nx . 1199.It Sy xfs 1200.Sq YES 1201or 1202.Sq NO . 1203Runs the 1204.Xr xfs 1 1205X11 font server, which supplies local X font files to X terminals. 1206.El 1207.Ss NIS (YP) daemons 1208.Bl -tag -width net_interfaces 1209.It Sy ypbind 1210.Sq YES 1211or 1212.Sq NO . 1213Runs 1214.Xr ypbind 8 , 1215which lets 1216.Tn NIS 1217(YP) clients use information from a 1218.Tn NIS 1219server. 1220Passes 1221.Sy ypbind_flags . 1222.It Sy yppasswdd 1223.Sq YES 1224or 1225.Sq NO . 1226Runs 1227.Xr yppasswdd 8 , 1228which allows remote 1229.Tn NIS 1230users to update password on master server. 1231Passes 1232.Sy yppasswdd_flags . 1233.It Sy ypserv 1234.Sq YES 1235or 1236.Sq NO . 1237Runs 1238.Xr ypserv 8 , 1239the 1240.Tn NIS 1241(YP) server for distributing information from certain files in 1242.Pa /etc . 1243Passes 1244.Sy ypserv_flags . 1245The 1246.Dq Li -d 1247flag causes it to use DNS for lookups in 1248.Pa /etc/hosts 1249that fail. 1250.El 1251.Ss NFS daemons and parameters 1252.Bl -tag -width net_interfaces 1253.It Sy amd 1254.Sq YES 1255or 1256.Sq NO . 1257Runs 1258.Xr amd 8 , 1259the automounter daemon, which automatically mounts NFS file systems 1260whenever a file or directory within that file system is accessed. 1261Passes 1262.Sy amd_flags . 1263.It Sy amd_dir 1264A string. 1265The 1266.Xr amd 8 1267mount directory. 1268Used only if 1269.Sy amd 1270is set to 1271.Sq YES . 1272.It Sy lockd 1273.Sq YES 1274or 1275.Sq NO . 1276Runs 1277.Xr rpc.lockd 8 1278if 1279.Sy nfs_server 1280and/or 1281.Sy nfs_client 1282are set to 1283.Sq YES . 1284Passes 1285.Sy lockd_flags . 1286.It Sy mountd 1287.Sq YES 1288or 1289.Sq NO . 1290Runs 1291.Xr mountd 8 1292and passes 1293.Sy mountd_flags . 1294.It Sy nfs_client 1295.Sq YES 1296or 1297.Sq NO . 1298The number of local NFS asynchronous I/O server is now controlled via 1299.Xr sysctl 8 . 1300.It Sy nfs_server 1301.Sq YES 1302or 1303.Sq NO . 1304Sets up a host to be a NFS server by running 1305.Xr nfsd 8 1306and passing 1307.Sy nfsd_flags . 1308.It Sy statd 1309.Sq YES 1310or 1311.Sq NO . 1312Runs 1313.Xr rpc.statd 8 , 1314a status monitoring daemon used when 1315.Xr rpc.lockd 8 1316is running, if 1317.Sy nfs_server 1318and/or 1319.Sy nfs_client 1320are set to 1321.Sq YES . 1322Passes 1323.Sy statd_flags . 1324.El 1325.Ss Bluetooth configuration and daemons 1326.Bl -tag -width net_interfaces 1327.It Sy btattach 1328.Sq YES 1329or 1330.Sq NO . 1331Attach serial bluetooth interfaces as listed in the configuration file 1332.Pa /etc/bluetooth/btdevctl.conf . 1333.It Sy btconfig 1334.Sq YES 1335or 1336.Sq NO . 1337Configure bluetooth devices. 1338If the 1339.Sy btconfig_devices 1340variable below is not specified, all devices known to the system 1341will be configured. 1342For each device, configuration arguments are first looked for 1343in the 1344.Sy btconfig_{dev} 1345variable, otherwise the value of the 1346.Sy btconfig_args 1347variable will be used, and if that is not specified the default string is 1348.Sq enable . 1349.It Sy btconfig_devices 1350An optional space separated list of bluetooth devices to be configured at 1351boot time. 1352.It Sy btconfig_args 1353An optional string, containing default arguments for bluetooth devices to 1354be configured. 1355.It Sy btdevctl 1356.Sq YES 1357or 1358.Sq NO . 1359Configure Bluetooth devices as listed in the configuration file 1360.Pa /etc/bluetooth/btdevctl.conf . 1361.It Sy bthcid 1362.Sq YES 1363or 1364.Sq NO . 1365Runs 1366.Xr bthcid 8 , 1367the Bluetooth HCI daemon, which manages link keys and PIN codes for 1368Bluetooth links. 1369Passes 1370.Sy bthcid_flags . 1371.It Sy sdpd 1372.Sq YES 1373or 1374.Sq NO . 1375Runs the Service Discovery Profile daemon, 1376.Xr sdpd 8 . 1377Passes 1378.Sy sdpd_flags . 1379.El 1380.Ss Other daemons 1381.Bl -tag -width net_interfaces 1382.It Sy isdnd 1383.Sq YES 1384or 1385.Sq NO . 1386Runs 1387.Xr isdnd 8 , 1388the isdn4bsd ISDN connection management daemon. 1389Passes 1390.Sy isdnd_flags . 1391.It Sy isdn_autoupdown 1392.Sq YES 1393or 1394.Sq NO . 1395Set all configured ISDN interfaces to 1396.Dq up . 1397If 1398.Sy isdn_interfaces 1399is not blank, only the listed interfaces will be modified. 1400Used only if 1401.Sy isdnd 1402is set to 1403.Sq YES . 1404.It Sy kdc 1405.Sq YES 1406or 1407.Sq NO . 1408Runs the 1409.Xr kdc 8 1410Kerberos v4 and v5 server. 1411This should be run on Kerberos master and slave servers. 1412.It Sy rwhod 1413.Sq YES 1414or 1415.Sq NO . 1416Runs 1417.Xr rwhod 8 1418to support the 1419.Xr rwho 1 1420and 1421.Xr ruptime 1 1422commands. 1423.El 1424.Ss Hardware daemons 1425.Bl -tag -width net_interfaces 1426.It Sy apmd 1427.Sq YES 1428or 1429.Sq NO . 1430Runs 1431.Xr apmd 8 1432and passes 1433.Sy apmd_flags . 1434.It Sy irdaattach 1435.Sq YES 1436or 1437.Sq NO . 1438Runs 1439.Xr irdaattach 8 1440and passes 1441.Sy irdaattach_flags . 1442.It Sy moused 1443.Sq YES 1444or 1445.Sq NO . 1446Runs 1447.Xr moused 8 , 1448to pass serial mouse data to the wscons mouse mux. 1449Passes 1450.Sy moused_flags . 1451.It Sy screenblank 1452.Sq YES 1453or 1454.Sq NO . 1455Runs 1456.Xr screenblank 1 1457and passes 1458.Sy screenblank_flags . 1459.It Sy wscons 1460.Sq YES 1461or 1462.Sq NO . 1463Configures the 1464.Xr wscons 4 1465console driver, from the configuration file 1466.Pa /etc/wscons.conf . 1467.It Sy wsmoused 1468.Sq YES 1469or 1470.Sq NO . 1471Runs 1472.Xr wsmoused 8 , 1473to provide copy and paste text support in wscons displays. 1474Passes 1475.Sy wsmoused_flags . 1476.El 1477.Sh FILES 1478.Bl -tag -width /etc/defaults/rc.conf -compact 1479.It Pa /etc/rc.conf 1480The file 1481.Nm 1482resides in 1483.Pa /etc . 1484.It Pa /etc/defaults/rc.conf 1485Default settings for 1486.Nm , 1487sourced by 1488.Nm 1489before the end-user configuration section. 1490.It Pa /etc/rc.conf.d/ Ns Ar foo 1491.Ar foo Ns No -specific 1492.Nm 1493overrides. 1494.El 1495.Sh SEE ALSO 1496.Xr boot 8 , 1497.Xr rc 8 , 1498.Xr rc.d 8 , 1499.Xr rc.subr 8 , 1500.Xr rcorder 8 1501.Sh HISTORY 1502The 1503.Nm 1504file appeared in 1505.Nx 1.3 . 1506