1.\" $NetBSD: rc.conf.5,v 1.34 2000/07/03 07:16:04 enami Exp $ 2.\" 3.\" Copyright (c) 1996 Matthew R. Green 4.\" Copyright (c) 1997 Curt J. Sampson 5.\" Copyright (c) 1997 Michael W. Long 6.\" Copyright (c) 1998, 1999 The NetBSD Foundation, Inc. 7.\" All rights reserved. 8.\" 9.\" This document is derived from works contributed to The NetBSD Foundation 10.\" by Luke Mewburn. 11.\" 12.\" Redistribution and use in source and binary forms, with or without 13.\" modification, are permitted provided that the following conditions 14.\" are met: 15.\" 1. Redistributions of source code must retain the above copyright 16.\" notice, this list of conditions and the following disclaimer. 17.\" 2. Redistributions in binary form must reproduce the above copyright 18.\" notice, this list of conditions and the following disclaimer in the 19.\" documentation and/or other materials provided with the distribution. 20.\" 3. The name of the author may not be used to endorse or promote products 21.\" derived from this software without specific prior written permission. 22.\" 23.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 28.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 29.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 30.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 31.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33.\" SUCH DAMAGE. 34.\" 35.Dd November 23, 1999 36.Dt RC.CONF 5 37.Os 38.\" turn off hyphenation 39.hym 999 40.Sh NAME 41.Nm rc.conf 42.Nd system startup configuration file 43.Sh DESCRIPTION 44The 45.Nm 46file specifies which services are enabled during system startup by 47the startup script 48.Pa /etc/rc . 49The 50.Nm 51file is a shell script that is sourced by 52.Pa /etc/rc 53if it exists, meaning that 54.Nm 55must contain valid shell commands. 56.Pp 57Listed below are the 58.Nm 59variables that may be set, the values to which each may be set, 60a brief description of what each variable does, and a reference to 61relevant manual pages. 62.Pp 63Most variables are one of two types: enabling variables or flags 64variables. 65Enabling variables, such as 66.Sy inetd , 67are generally named after the program or the system they enable, 68and are set to "YES" or "NO". 69Flags variables, such as 70.Sy inetd_flags 71have the same name with "_flags" appended, and determine what 72arguments are passed to the program if it is enabled. 73.Pp 74If a variable that 75.Pa /etc/rc 76expects to be set is not set, or the value is not one of the allowed 77values, a warning will be printed. 78.Pp 79.Ss Basic network configuration: 80.Bl -tag -width net_interfaces 81.It Sy hostname 82Name of host. 83If empty or not set, then the contents of 84.Pa /etc/myname 85(if it exists) are used. 86.It Sy domainname 87.Tn NIS 88(YP) domain of host. 89If empty or not set, then the contents of 90.Pa /etc/defaultdomain 91(if it exists) are used. 92.It Sy defaultroute 93Default network route. 94If empty or not set, then the contents of 95.Pa /etc/mygate 96(if it exists) are used. 97.El 98.Pp 99.Ss Boottime file-system and swap configuration: 100.Bl -tag -width critfs_require_network 101.It Sy critical_filesystems 102File systems mounted very early in the system boot, except for the 103.Pa /usr 104and 105.Pa /var 106file-systems. 107.It Sy critfs_require_network 108YES or NO. 109Set the 110.Sy critfs_require_network 111variable to YES if the network must be configured before critical filesystems 112can be mounted. 113This should be set to NO if you are using the DHCP client, 114because the DHCP client needs to store its lease database in the 115.Pa /var/db 116directory. 117.It Sy no_swap 118Set the 119.Sy no_swap 120variable to YES if you have configured your system with no swap on purpose. 121If not set, or set to anything other than YES, and no swap devices 122are configured, the system will warn you. 123.El 124.Pp 125.Ss One-time actions to perform or programs to run on boot-up: 126.Bl -tag -width net_interfaces 127.It Sy lkm 128YES or NO. 129Runs 130.Pa /etc/rc.lkm . 131.It Sy savecore 132YES or NO. 133Runs the 134.Xr savecore 8 135utility. 136Passes 137.Sy savecore_flags . 138.It Sy clear_tmp 139YES or NO. 140Clear /tmp after reboot. 141.It Sy update_motd 142YES or NO. 143Updates the 144.Nx 145version string in the 146.Pa /etc/motd 147file to reflect the version of the running kernel. 148See 149.Xr motd 5 . 150.It Sy dmesg 151YES or NO. 152Create 153.Pa /var/run/dmesg.boot 154from the output of 155.Xr dmesg 8 . 156Passes 157.Sy dmesg_flags . 158.It Sy accounting 159YES or NO. 160Enables process accounting with 161.Xr accton 8 . 162Requires 163.Pa /var/account/acct 164to exist. 165.El 166.Pp 167.Ss System security setting: 168.Bl -tag -width securelevel 169.It Sy securelevel 170A number. 171The system securelevel is set to the specified value early 172in the boot process, before any external logins, or other programs 173that run users job, are started. 174If set to nothing, the default action is taken, as described 175.Xr init 8 , 176which contains definative information about the system securelevel. 177.El 178.Pp 179.Ss Networking startup: 180.Bl -tag -width net_interfaces 181.It Sy ipfilter 182YES or NO. 183Runs 184.Xr ipf 8 185to load in packet filter specifications from 186.Pa /etc/ipf.conf 187at network boot time, before any interfaces are configured. 188See 189.Xr ipf 5 . 190.It Sy ipsec 191YES or NO. 192Runs 193.Xr setkey 8 194to load in IPsec manual keys and policies from 195.Pa /etc/ipsec.conf 196at network boot time, before any interfaces are configured. 197.It Sy auto_ifconfig 198YES or NO. 199Sets the 200.Sy net_interfaces 201variable (see below) to the output of 202.Xr ifconfig 8 203with the 204.Ar -l 205flag and suppresses warnings about interfaces in this list that 206do not have an ifconfig file or variable. 207.It Sy net_interfaces 208The list of network interfaces to be configured at boot time. 209For each interface "xxn", the system first looks for ifconfig 210parameters in 211.Pa /etc/ifconfig.xxn 212and then in the variable 213.Sy ifconfig_xxn . 214The contents of the file or the variable are handed to ifconfig 215after the interface name. 216If 217.Sy auto_ifconfig 218is set to "NO" and neither the file nor the variable is found, 219a warning is printed. 220.It Sy ifaliases_* 221List of 222.Sq Ar "address netmask" 223pairs to configure additional network addresses for the given 224configured interface 225.Dq * 226(e.g. 227.Sy ifaliases_le0 ) . 228If 229.Ar netmask 230is 231.Dq - , 232then use the default netmask for the interface. 233.Pp 234.Sy ifaliases_* 235covers limited cases only and considered unrecommended. 236We recommend using 237.Pa /etc/ifconfig.xxN 238with multiple lines instead. 239.It Sy flushroutes 240YES or NO. 241Flushes the route table on networking startup. 242Useful when coming up to multiuser mode after going down to 243single-user mode. 244.It Sy dhclient 245YES or NO. 246Set to YES to configure some or all network interfaces using 247the DHCP client. 248If you set 249.Sy dhclient 250to YES, you must either set 251.Sy critfs_require_network 252to NO or direct the DHCP client to store the leases file on the root 253filesystem by modifying the 254.Sy dhclient_flags 255variable. 256You must not provide ifconfig information or ifaliases 257information for any interface that is to be configured using the DHCP client. 258Interface aliases can be set up in the DHCP client configuration 259file if needed - see 260.Xr dhclient.conf 5 261for details. 262.It Sy dhclient_flags 263Flags to pass to the DHCP client. 264See 265.Xr dhclient 8 266for complete documentation. 267If you wish to configure all broadcast 268network interfaces using the DHCP client, you can leave this blank. 269To configure only specific interfaces, name the interfaces to be configured 270on the command line. 271.Pp 272If you must run the DHCP client before mounting critical filesystems, 273then you should specify an alternate location for the DHCP client's lease 274file in the 275.Sy dhclient_flags 276variable - for example, "-lf /tmp/dhclient.leases". 277.It Sy ntpdate 278YES or NO. 279Runs 280.Xr ntpdate 8 281to set the system time from one of the hosts in 282.Sy ntpdate_hosts . 283If 284.Sy ntpdate_hosts 285is empty, it will attempt to find a list of hosts in 286.Pa /etc/ntp.conf . 287.It Sy ppp_peers 288If 289.Sy ppp_peers 290is not empty, then 291.Pa /etc/netstart 292will check each word in 293.Sy ppp_peers 294for a coresponding ppp configuration file in 295.Pa /etc/ppp/peers 296and will call 297.Xr pppd 8 298with the 299.Dq call Sy peer 300option. 301.It Sy ip6mode 302An IPv6 node can be a router 303.Pq nodes that forward packet for others 304or host 305.Pq nodes that do not forward . 306A host can be autoconfigured 307based on the information advertised by adjacent IPv6 router. 308By setting 309.Sy ip6mode 310to 311.Dq Li router , 312.Dq Li host , 313or 314.Dq Li autohost , 315you can configure your node as a router, 316a non-autoconfigured host, or an autoconfigured host. 317Invalid values will be ignored, and the node will be configured as 318a non-autoconfigured host. 319You may want to check 320.Sy rtsol 321and 322.Sy rtsold 323as well, if you set the variable to 324.Li autohost . 325.It Sy rtsol 326YES or NO. 327Run 328.Xr rtsol 8 , 329router solicitation command for IPv6 host. 330On nomadic host like notebook computers, you may want to enable 331.Sy rtsold 332as well. 333Passes 334.Sy rtsol_flags . 335This is only for autoconfigured IPv6 host, so set 336.Sy ip6mode 337to autohost if you use it. 338.El 339.Pp 340.Ss Daemons required by other daemons: 341.Bl -tag -width net_interfaces 342.It Sy inetd 343YES or NO. 344Runs the 345.Xr inetd 8 346daemon to start network server processes (as listed in 347.Pa /etc/inetd.conf ) 348as necessary. 349Passes 350.Sy inetd_flags . 351The 352.Ar -l 353flag turns on libwrap connection logging. 354.It Sy rpcbind 355YES or NO. 356The 357.Xr rpcbind 8 358daemon is required for any 359.Xr rpc 3 360services. 361These include NFS, 362.Tn NIS , 363.Xr bootparamd 8 , 364.Xr rstatd 8 , 365.Xr rusersd 8 , 366and 367.Xr rwalld 8 . 368.El 369.Pp 370.Ss Commonly used daemons: 371.Bl -tag -width net_interfaces 372.It Sy syslogd 373YES or NO. 374Runs 375.Xr syslogd 8 376and passes 377.Sy syslogd_flags . 378.It Sy named 379YES or NO. 380Runs 381.Xr named 8 382and passes 383.Sy named_flags . 384.It Sy timed 385YES or NO. 386Runs 387.Xr timed 8 388and passes 389.Sy timed_flags . 390The 391.Ar -M 392option allows 393.Xr timed 8 394to be a master time source as well as a slave. 395If you are also running 396.Xr ntpd 8 , 397only one machine running both should have the 398.Ar -M 399flag given to 400.Xr timed 8 . 401.It Sy ntpd 402YES or NO. 403Runs 404.Xr ntpd 8 405and passes 406.Sy ntpd_flags . 407.It Sy sendmail 408YES or NO. 409Runs 410.Xr sendmail 8 411and passes 412.Sy sendmail_flags . 413.It Sy postfix 414YES or NO. 415Starts 416.Xr postfix 8 417mail system. 418.It Sy lpd 419YES or NO. 420Runs 421.Xr lpd 8 422and passes 423.Sy lpd_flags . 424The 425.Ar -l 426flag will turn on extra logging. 427.El 428.Pp 429.Ss Routing daemons: 430.Bl -tag -width net_interfaces 431.It Sy routed 432YES or NO. 433Runs 434.Xr routed 8 , 435the RIP routing protocol daemon. 436Passes 437.Sy routed_flags . 438This should be NO if 439.Sy gated 440is YES. 441.It Sy gated 442YES or NO. 443Runs 444.Xr gated 8 , 445the multiprotocol routing daemon. 446Passes 447.Sy gated_flags . 448This should be NO if 449.Sy routed 450is YES. 451.Xr gated 8 452is not included with 453.Nx . 454.It Sy mrouted 455YES or NO. 456Runs 457.Xr mrouted 8 , 458the DVMRP multicast routing protocol daemon. 459Passes 460.Sy mrouted_flags . 461.It Sy route6d 462YES or NO. 463Runs 464.Xr route6d 8 , 465the RIPng routing protocol daemon for IPv6. 466Passes 467.Sy route6d_flags . 468.It Sy rtsold 469YES or NO. 470Runs 471.Xr rtsold 8 , 472the IPv6 router solicitation daemon. 473.Xr rtsold 8 474periodically transmits router solicitation packet 475to find IPv6 router on the network. 476This configuration is mainly for nomadic host like notebook computers. 477Stationary host should work fine with 478.Sy rtsol 479only. 480Passes 481.Sy rtsold_flags . 482This is only for autoconfigured IPv6 host, so set 483.Sy ip6mode 484to autohost if you use it. 485.El 486.Pp 487.Ss Daemons used to boot other hosts over a network: 488.Bl -tag -width net_interfaces 489.It Sy rarpd 490YES or NO. 491Runs 492.Xr rarpd 8 , 493the reverse ARP daemon, often used to boot 494.Nx 495and Sun workstations. 496Passes 497.Sy rarpd_flags . 498.It Sy bootparamd 499YES or NO. 500Runs 501.Xr bootparamd 8 , 502the boot parameter server, with 503.Sy bootparamd_flags 504as options. 505Used to boot 506.Nx 507and 508.Tn "SunOS 4.x" 509systems. 510.It Sy dhcpd 511YES or NO. 512Runs 513.Xr dhcpd 8 , 514the Dynamic Host Configuration Protocol (DHCP) daemon, 515for assigning IP addresses to hosts and passing boot information. 516Passes 517.Sy dhcpd_flags . 518.It Sy rbootd 519YES or NO. 520Runs 521.Xr rbootd 8 , 522the 523.Tn HP 524boot protocol daemon; used for booting 525.Tn HP 526workstations. 527Passes 528.Sy rbootd_flags . 529.It Sy mopd 530YES or NO. 531Runs 532.Xr mopd 8 , 533the 534.Tn DEC 535.Tn MOP 536protocol daemon; used for booting 537.Tn VAX 538and other 539.Tn DEC 540machines. 541Passes 542.Sy mopd_flags . 543.It Sy rtadvd 544YES or NO. 545Runs 546.Xr rtadvd 8 , 547the IPv6 router advertisement daemon, which is used to advertise 548information about the subnet to IPv6 end hosts. 549Passes 550.Sy rtadvd_flags . 551This is only for IPv6 router, so set 552.Sy ip6forwarding 553to YES if you use it. 554.El 555.Pp 556.Ss NIS (YP) daemons: 557.Bl -tag -width net_interfaces 558.It Sy ypbind 559YES or NO. 560Runs 561.Xr ypbind 8 , 562which lets 563.Tn NIS 564(YP) clients use information from a 565.Tn NIS 566server. 567Passes 568.Sy ypbind_flags . 569.It Sy ypserv 570YES or NO. 571Runs 572.Xr ypserv 8 , 573the 574.Tn NIS 575(YP) server for distributing information from certain files in 576.Pa /etc . 577Passes 578.Sy ypserv_flags . 579The 580.Ar -d 581flag causes it to use DNS for lookups in 582.Pa /etc/hosts 583that fail. 584.It Sy yppasswdd 585YES or NO. 586Runs 587.Xr yppasswdd 8 , 588which allows remote 589.Tn NIS 590users to update password on master server. 591Passes 592.Sy yppasswdd_flags . 593.El 594.Pp 595.Ss NFS daemons and parameters: 596.Bl -tag -width net_interfaces 597.It Sy nfs_client 598YES or NO. 599The number of local NFS asynchronous I/O server is now controlled via 600.Xr sysctl 8 . 601.It Sy nfs_server 602YES or NO. 603Sets up a host to be a NFS server by running 604.Xr mountd 8 605and 606.Xr nfsd 8 , 607and passing 608.Sy mountd_flags 609and 610.Sy nfsd_flags 611to them, respectively. 612.It Sy lockd 613YES or NO. 614Runs 615.Xr rpc.lockd 8 616if either 617.Sy nfs_server 618or 619.Sy nfs_client 620is (or both are) set to YES. 621Passes 622.Sy lockd_flags . 623.It Sy statd 624YES or NO. 625Runs 626.Xr rpc.statd 8 , 627a status monitoring daemon used when 628.Xr rpc.lockd 8 629is running, if either 630.Sy nfs_server 631or 632.Sy nfs_client 633is (or both are) set to YES. 634Passes 635.Sy statd_flags . 636.It Sy amd 637YES or NO. 638Runs 639.Xr amd 8 , 640the automounter daemon, which automatically mounts NFS file systems 641whenever a file or directory within that filesystem is accessed. 642Passes 643.Sy amd_flags . 644.It Sy amd_dir 645The 646.Xr amd 8 647mount directory. 648Used only if 649.Sy amd 650is set to YES. 651.It Sy amd_master 652The 653.Xr amd 8 654automounter master map. 655Used only if 656.Sy amd 657is set to YES. 658.El 659.Pp 660.Ss X Window System daemons: 661.Bl -tag -width net_interfaces 662.It Sy xfs 663YES or NO. 664Runs the 665.Xr xfs 1 666X11 font server, which supplies local X font files to X terminals. 667.It Sy xdm 668YES or NO. 669Runs the 670.Xr xdm 1 671X display manager. 672These X daemons are available only with the optional X distribution of 673.Nx . 674.El 675.Pp 676.Ss Other daemons: 677.Bl -tag -width net_interfaces 678.It Sy apmd 679YES or NO. 680Runs 681.Xr apmd 8 682and passes 683.Sy apmd_flags . 684.It Sy rwhod 685YES or NO. 686Runs 687.Xr rwhod 8 688to support the 689.Xr rwho 1 690and 691.Xr ruptime 1 692commands. 693.It Sy kerberos 694YES or NO. 695Runs the kerberos server 696.Xr kerberos 8 697and the kerberos admininstration server, 698.Xr kadmind 8 . 699This should only be run on the kerberos master server. 700Both servers implement version IV of the Kerberos protocol, not the 701newer Kerberos version 5. 702The kerberos server is only available with the USA distribution of 703.Nx . 704.It Sy screenblank 705YES or NO. 706Runs 707.Xr screenblank 1 708and passes 709.Sy screenblank_flags . 710.El 711.Sh FILES 712.Pa /etc/rc.conf 713.Sh SEE ALSO 714.Xr boot 8 , 715.Xr rc 8 , 716.Xr sysctl 8 717.Sh HISTORY 718The 719.Nm 720file appeared in 721.Nx 1.3 . 722