1.\" $NetBSD: rc.conf.5,v 1.31 2000/02/13 07:47:27 itojun Exp $ 2.\" 3.\" Copyright (c) 1996 Matthew R. Green 4.\" Copyright (c) 1997 Curt J. Sampson 5.\" Copyright (c) 1997 Michael W. Long 6.\" Copyright (c) 1998, 1999 The NetBSD Foundation, Inc. 7.\" All rights reserved. 8.\" 9.\" This document is derived from works contributed to The NetBSD Foundation 10.\" by Luke Mewburn. 11.\" 12.\" Redistribution and use in source and binary forms, with or without 13.\" modification, are permitted provided that the following conditions 14.\" are met: 15.\" 1. Redistributions of source code must retain the above copyright 16.\" notice, this list of conditions and the following disclaimer. 17.\" 2. Redistributions in binary form must reproduce the above copyright 18.\" notice, this list of conditions and the following disclaimer in the 19.\" documentation and/or other materials provided with the distribution. 20.\" 3. The name of the author may not be used to endorse or promote products 21.\" derived from this software without specific prior written permission. 22.\" 23.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 28.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 29.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 30.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 31.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33.\" SUCH DAMAGE. 34.\" 35.Dd November 23, 1999 36.Dt RC.CONF 5 37.Os 38.\" turn off hyphenation 39.hym 999 40.Sh NAME 41.Nm rc.conf 42.Nd system startup configuration file 43.Sh DESCRIPTION 44The 45.Nm 46file specifies which services are enabled during system startup by 47the startup script 48.Pa /etc/rc . 49The 50.Nm 51file is a shell script that is sourced by 52.Pa /etc/rc 53if it exists, meaning that 54.Nm 55must contain valid shell commands. 56.Pp 57Listed below are the 58.Nm 59variables that may be set, the values to which each may be set, 60a brief description of what each variable does, and a reference to 61relevant manual pages. 62.Pp 63Most variables are one of two types: enabling variables or flags 64variables. 65Enabling variables, such as 66.Sy inetd , 67are generally named after the program or the system they enable, 68and are set to "YES" or "NO". 69Flags variables, such as 70.Sy inetd_flags 71have the same name with "_flags" appended, and determine what 72arguments are passed to the program if it is enabled. 73.Pp 74If a variable that 75.Pa /etc/rc 76expects to be set is not set, or the value is not one of the allowed 77values, a warning will be printed. 78.Pp 79.Ss Basic network configuration: 80.Bl -tag -width net_interfaces 81.It Sy hostname 82Name of host. 83If empty or not set, then the contents of 84.Pa /etc/myname 85(if it exists) are used. 86.It Sy domainname 87.Tn NIS 88(YP) domain of host. 89If empty or not set, then the contents of 90.Pa /etc/defaultdomain 91(if it exists) are used. 92.It Sy defaultroute 93Default network route. 94If empty or not set, then the contents of 95.Pa /etc/mygate 96(if it exists) are used. 97.El 98.Pp 99.Ss Boottime file-system and swap configuration: 100.Bl -tag -width critfs_require_network 101.It Sy critical_filesystems 102File systems mounted very early in the system boot, except for the 103.Pa /usr 104and 105.Pa /var 106file-systems. 107.It Sy critfs_require_network 108YES or NO. 109Set the 110.Sy critfs_require_network 111variable to YES if the network must be configured before critical filesystems 112can be mounted. This should be set to NO if you are using the DHCP client, 113because the DHCP client needs to store its lease database in the 114.Pa /var/db 115directory. 116.It Sy no_swap 117Set the 118.Sy no_swap 119variable to YES if you have configured your system with no swap on purpose. 120If not set, or set to anything other than YES, and no swap devices 121are configured, the system will warn you. 122.El 123.Pp 124.Ss One-time actions to perform or programs to run on boot-up: 125.Bl -tag -width net_interfaces 126.It Sy lkm 127YES or NO. 128Runs 129.Pa /etc/rc.lkm . 130.It Sy savecore 131YES or NO. 132Runs the 133.Xr savecore 8 134utility. 135Passes 136.Sy savecore_flags . 137.It Sy update_motd 138YES or NO. 139Updates the 140.Nx 141version string in the 142.Pa /etc/motd 143file to reflect the version of the running kernel. 144See 145.Xr motd 5 . 146.It Sy dmesg 147YES or NO. 148Create 149.Pa /var/run/dmesg.boot 150from the output of 151.Xr dmesg 8 . 152Passes 153.Sy dmesg_flags . 154.It Sy accounting 155YES or NO. 156Enables process accounting with 157.Xr accton 8 . 158Requires 159.Pa /var/account/acct 160to exist. 161.It Sy defcorename 162A string. 163This sets the default core name template, from which are derived core dump 164files names. The template can include format charaters which are dynamically 165interpreted. See 166.Xr core 5 167for details of the format. 168If set to nothing, the default compiled-in value is keept (see 169.Xr options 4 , 170.Xr sysctl 3 171). 172.El 173.Pp 174.Ss System security setting: 175.Bl -tag -width securelevel 176.It Sy securelevel 177A number. The system securelevel is set to the specified value early 178in the boot process, before any external logins, or other programs 179that run users job, are started. If set to nothing, the default 180action is taken, as described 181.Xr init 8 , 182which contains definative information about the system securelevel. 183.El 184.Pp 185.Ss Networking startup: 186.Bl -tag -width net_interfaces 187.It Sy ipfilter 188YES or NO. 189Runs 190.Xr ipf 8 191to load in packet filter specifications from 192.Pa /etc/ipf.conf 193at network boot time, before any interfaces are configured. 194See 195.Xr ipf 5 . 196.It Sy auto_ifconfig 197YES or NO. 198Sets the 199.Sy net_interfaces 200variable (see below) to the output of 201.Xr ifconfig 8 202with the 203.Ar -l 204flag and suppresses warnings about interfaces in this list that 205do not have an ifconfig file or variable. 206.It Sy net_interfaces 207The list of network interfaces to be configured at boot time. 208For each interface "xxn", the system first looks for ifconfig 209parameters in 210.Pa /etc/ifconfig.xxn 211and then in the variable 212.Sy ifconfig_xxn . 213The contents of the file or the variable are handed to ifconfig 214after the interface name. 215If 216.Sy auto_ifconfig 217is set to "NO" and neither the file nor the variable is found, 218a warning is printed. 219.It Sy ifaliases_* 220List of 221.Sq Ar "address netmask" 222pairs to configure additional network addresses for the given 223configured interface 224.Dq * 225(e.g. 226.Sy ifaliases_le0 ) . 227If 228.Ar netmask 229is 230.Dq - , 231then use the default netmask for the interface. 232.Pp 233.Sy ifaliases_* 234covers limited cases only and considered unrecommended. 235We recommend using 236.Pa /etc/ifconfig.xxN 237with multiple lines instead. 238.It Sy flushroutes 239YES or NO. 240Flushes the route table on networking startup. 241Useful when coming up to multiuser mode after going down to 242single-user mode. 243.It Sy dhclient 244YES or NO. 245Set to YES to configure some or all network interfaces using 246the DHCP client. If you set 247.Sy dhclient 248to YES, you must either set 249.Sy critfs_require_network 250to NO or direct the DHCP client to store the leases file on the root 251filesystem by modifying the 252.Sy dhclient_flags 253variable. You must not provide ifconfig information or ifaliases 254information for any interface that is to be configured using the DHCP 255client. Interface aliases can be set up in the DHCP client configuration 256file if needed - see 257.Xr dhclient.conf 5 258for details. 259.It Sy dhclient_flags 260Flags to pass to the DHCP client. See 261.Xr dhclient 8 262for complete documentation. If you wish to configure all broadcast 263network interfaces using the DHCP client, you can leave this blank. 264To configure only specific interfaces, name the interfaces to be configured 265on the command line. 266.Pp 267If you must run the DHCP client before mounting critical filesystems, 268then you should specify an alternate location for the DHCP client's lease 269file in the 270.Sy dhclient_flags 271variable - for example, "-lf /tmp/dhclient.leases". 272 273.It Sy ntpdate 274YES or NO. 275Runs 276.Xr ntpdate 8 277to set the system time from one of the hosts in 278.Sy ntpdate_hosts . 279If 280.Sy ntpdate_hosts 281is empty, it will attempt to find a list of hosts in 282.Pa /etc/ntp.conf . 283.It Sy ppp_peers 284If 285.Sy ppp_peers 286is not empty, then 287.Pa /etc/netstart 288will check each word in 289.Sy ppp_peers 290for a coresponding ppp configuration file in 291.Pa /etc/ppp/peers 292and will call 293.Xr pppd 8 294with the 295.Dq call Sy peer 296option. 297.It Sy ip6mode 298An IPv6 node can be a router 299.Pq nodes that forward packet for others 300or host 301.Pq nodes that do not forward . 302A host can be autoconfigured 303based on the information advertised by adjacent IPv6 router. 304By setting 305.Sy ip6mode 306to 307.Dq Li router , 308.Dq Li host , 309or 310.Dq Li autohost , 311you can configure your node as a router, 312a non-autoconfigured host, or an autoconfigured host. 313Invalid values will be ignored, and the node will be configured as 314a non-autoconfigured host. 315You may want to check 316.Sy rtsol 317and 318.Sy rtsold 319as well, if you set the variable to 320.Li autohost . 321.It Sy ip6defaultif 322This configuration is just for very rare case, you can leave it empty. 323IPv6 neighbor discovery specification (RFC2461 section 5.2) 324says that if you have no router known to you, 325you need to treat all the destination as being on-link. 326.Sy ip6defaultif 327configures the outgoing interface in this situation. 328See 329.Xr ndp 8 , 330option 331.Fl I 332for more detail. 333The setting is for IPv6 hosts only. 334It will be ignored if 335.Sy ip6mode is set to 336.Li router . 337.It Sy rtsol 338YES or NO. 339Run 340.Xr rtsol 8 , 341router solicitation command for IPv6 host. 342On nomadic host like notebook computers, you may want to enable 343.Sy rtsold 344as well. 345Passes 346.Sy rtsol_flags . 347This is only for autoconfigured IPv6 host, so set 348.Sy ip6mode 349to autohost if you use it. 350.El 351.Pp 352.Ss Daemons required by other daemons: 353.Bl -tag -width net_interfaces 354.It Sy inetd 355YES or NO. 356Runs the 357.Xr inetd 8 358daemon to start network server processes (as listed in 359.Pa /etc/inetd.conf ) 360as necessary. 361Passes 362.Sy inetd_flags . 363The 364.Ar -l 365flag turns on libwrap connection logging. 366.It Sy portmap 367YES or NO. 368The 369.Xr portmap 8 370daemon is required for any 371.Xr rpc 3 372services. 373These include NFS, 374.Tn NIS , 375.Xr bootparamd 8 , 376.Xr rstatd 8 , 377.Xr rusersd 8 , 378and 379.Xr rwalld 8 . 380.El 381.Pp 382.Ss Commonly used daemons: 383.Bl -tag -width net_interfaces 384.It Sy update 385YES or NO. 386Runs 387.Xr update 8 388and passes 389.Sy update_flags . 390.It Sy syslogd 391YES or NO. 392Runs 393.Xr syslogd 8 394and passes 395.Sy syslogd_flags . 396.It Sy named 397YES or NO. 398Runs 399.Xr named 8 400and passes 401.Sy named_flags . 402.It Sy timed 403YES or NO. 404Runs 405.Xr timed 8 406and passes 407.Sy timed_flags . 408The 409.Ar -M 410option allows 411.Xr timed 8 412to be a master time source as well as a slave. 413If you are also running 414.Xr xntpd 8 , 415only one machine running both should have the 416.Ar -M 417flag given to 418.Xr timed 8 . 419.It Sy xntpd 420YES or NO. 421Runs 422.Xr xntpd 8 423and passes 424.Sy xntpd_flags . 425.It Sy sendmail 426YES or NO. 427Runs 428.Xr sendmail 8 429and passes 430.Sy sendmail_flags . 431.It Sy lpd 432YES or NO. 433Runs 434.Xr lpd 8 435and passes 436.Sy lpd_flags . 437The 438.Ar -l 439flag will turn on extra logging. 440.El 441.Pp 442.Ss Routing daemons: 443.Bl -tag -width net_interfaces 444.It Sy routed 445YES or NO. 446Runs 447.Xr routed 8 , 448the RIP routing protocol daemon. 449Passes 450.Sy routed_flags . 451This should be NO if 452.Sy gated 453is YES. 454.It Sy gated 455YES or NO. 456Runs 457.Xr gated 8 , 458the multiprotocol routing daemon. 459Passes 460.Sy gated_flags . 461This should be NO if 462.Sy routed 463is YES. 464.Xr gated 8 465is not included with 466.Nx . 467.It Sy mrouted 468YES or NO. 469Runs 470.Xr mrouted 8 , 471the DVMRP multicast routing protocol daemon. 472Passes 473.Sy mrouted_flags . 474.It Sy route6d 475YES or NO. 476Runs 477.Xr route6d 8 , 478the RIPng routing protocol daemon for IPv6. 479Passes 480.Sy route6d_flags . 481.It Sy rtsold 482YES or NO. 483Runs 484.Xr rtsold 8 , 485the IPv6 router solicitation daemon. 486.Xr rtsold 8 487periodically transmits router solicitation packet 488to find IPv6 router on the network. 489This configuration is mainly for nomadic host like notebook computers. 490Stationary host should work fine with 491.Sy rtsol 492only. 493Passes 494.Sy rtsold_flags . 495This is only for autoconfigured IPv6 host, so set 496.Sy ip6mode 497to autohost if you use it. 498.El 499.Pp 500.Ss Daemons used to boot other hosts over a network: 501.Bl -tag -width net_interfaces 502.It Sy rarpd 503YES or NO. 504Runs 505.Xr rarpd 8 , 506the reverse ARP daemon, often used to boot 507.Nx 508and Sun workstations. 509Passes 510.Sy rarpd_flags . 511.It Sy bootparamd 512YES or NO. 513Runs 514.Xr bootparamd 8 , 515the boot parameter server, with 516.Sy bootparamd_flags 517as options. 518Used to boot 519.Nx 520and 521.Tn "SunOS 4.x" 522systems. 523.It Sy dhcpd 524YES or NO. 525Runs 526.Xr dhcpd 8 , 527the Dynamic Host Configuration Protocol (DHCP) daemon, 528for assigning IP addresses to hosts and passing boot information. 529Passes 530.Sy dhcpd_flags . 531.It Sy rbootd 532YES or NO. 533Runs 534.Xr rbootd 8 , 535the 536.Tn HP 537boot protocol daemon; used for booting 538.Tn HP 539workstations. 540Passes 541.Sy rbootd_flags . 542.It Sy mopd 543YES or NO. 544Runs 545.Xr mopd 8 , 546the 547.Tn DEC 548.Tn MOP 549protocol daemon; used for booting 550.Tn VAX 551and other 552.Tn DEC 553machines. 554Passes 555.Sy mopd_flags . 556.It Sy rtadvd 557YES or NO. 558Runs 559.Xr rtadvd 8 , 560the IPv6 router advertisement daemon, which is used to advertise 561information about the subnet to IPv6 end hosts. 562Passes 563.Sy rtadvd_flags . 564This is only for IPv6 router, so set 565.Sy ip6forwarding 566to YES if you use it. 567.El 568.Pp 569.Ss NIS (YP) daemons: 570.Bl -tag -width net_interfaces 571.It Sy ypbind 572YES or NO. 573Runs 574.Xr ypbind 8 , 575which lets 576.Tn NIS 577(YP) clients use information from a 578.Tn NIS 579server. 580Passes 581.Sy ypbind_flags . 582.It Sy ypserv 583YES or NO. 584Runs 585.Xr ypserv 8 , 586the 587.Tn NIS 588(YP) server for distributing information from certain files in 589.Pa /etc . 590Passes 591.Sy ypserv_flags . 592The 593.Ar -d 594flag causes it to use DNS for lookups in 595.Pa /etc/hosts 596that fail. 597.It Sy yppasswdd 598YES or NO. 599Runs 600.Xr yppasswdd 8 , 601which allows remote 602.Tn NIS 603users to update password on master server. 604Passes 605.Sy yppasswdd_flags . 606.El 607.Pp 608.Ss NFS daemons and parameters: 609.Bl -tag -width net_interfaces 610.It Sy nfs_client 611YES or NO. 612Runs 613.Xr nfsiod 8 614to increase performance of an NFS client host. 615Passes 616.Sy nfsiod_flags . 617.It Sy nfs_server 618YES or NO. 619Sets up a host to be a NFS server by running 620.Xr mountd 8 621and 622.Xr nfsd 8 , 623and passing 624.Sy mountd_flags 625and 626.Sy nfsd_flags 627to them, respectively. 628.It Sy lockd 629YES or NO. 630Runs 631.Xr rpc.lockd 8 632if either 633.Sy nfs_server 634or 635.Sy nfs_client 636is (or both are) set to YES. 637Passes 638.Sy lockd_flags . 639.It Sy statd 640YES or NO. 641Runs 642.Xr rpc.statd 8 , 643a status monitoring daemon used when 644.Xr rpc.lockd 8 645is running, if either 646.Sy nfs_server 647or 648.Sy nfs_client 649is (or both are) set to YES. 650Passes 651.Sy statd_flags . 652.It Sy amd 653YES or NO. 654Runs 655.Xr amd 8 , 656the automounter daemon, which automatically mounts NFS file systems 657whenever a file or directory within that filesystem is accessed. 658Passes 659.Sy amd_flags . 660.It Sy amd_dir 661The 662.Xr amd 8 663mount directory. 664Used only if 665.Sy amd 666is set to YES. 667.It Sy amd_master 668The 669.Xr amd 8 670automounter master map. 671Used only if 672.Sy amd 673is set to YES. 674.El 675.Pp 676.Ss X Window System daemons: 677.Bl -tag -width net_interfaces 678.It Sy xfs 679YES or NO. 680Runs the 681.Xr xfs 1 682X11 font server, which supplies local X font files to X terminals. 683.It Sy xdm 684YES or NO. 685Runs the 686.Xr xdm 1 687X display manager. 688These X daemons are available only with the optional X distribution of 689.Nx . 690.El 691.Pp 692.Ss Other daemons: 693.Bl -tag -width net_interfaces 694.It Sy apmd 695YES or NO. 696Runs 697.Xr apmd 8 698and passes 699.Sy apmd_flags . 700.It Sy rwhod 701YES or NO. 702Runs 703.Xr rwhod 8 704to support the 705.Xr rwho 1 706and 707.Xr ruptime 1 708commands. 709.It Sy kerberos 710YES or NO. 711Runs the kerberos server 712.Xr kerberos 8 713and the kerberos admininstration server, 714.Xr kadmind 8 . 715This should only be run on the kerberos master server. 716Both servers implement version IV of the Kerberos protocol, not the 717newer Kerberos version 5. 718The kerberos server is only available with the USA distribution of 719.Nx . 720.It Sy screenblank 721YES or NO. 722Runs 723.Xr screenblank 1 724and passes 725.Sy screenblank_flags . 726.El 727.Sh FILES 728.Pa /etc/rc.conf 729.Sh SEE ALSO 730.Xr boot 8 , 731.Xr rc 8 732.Sh HISTORY 733The 734.Nm 735file appeared in 736.Nx 1.3 . 737