1.\" $NetBSD: rc.conf.5,v 1.118 2008/05/30 07:41:42 wiz Exp $ 2.\" 3.\" Copyright (c) 1996 Matthew R. Green 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 20.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 22.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 23.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" Copyright (c) 1997 Curt J. Sampson 28.\" Copyright (c) 1997 Michael W. Long 29.\" Copyright (c) 1998-2002 The NetBSD Foundation, Inc. 30.\" All rights reserved. 31.\" 32.\" This document is derived from works contributed to The NetBSD Foundation 33.\" by Luke Mewburn. 34.\" 35.\" Redistribution and use in source and binary forms, with or without 36.\" modification, are permitted provided that the following conditions 37.\" are met: 38.\" 1. Redistributions of source code must retain the above copyright 39.\" notice, this list of conditions and the following disclaimer. 40.\" 2. Redistributions in binary form must reproduce the above copyright 41.\" notice, this list of conditions and the following disclaimer in the 42.\" documentation and/or other materials provided with the distribution. 43.\" 3. The name of the author may not be used to endorse or promote products 44.\" derived from this software without specific prior written permission. 45.\" 46.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 47.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 48.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 49.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 50.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 51.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 52.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 53.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 54.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 55.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 56.\" SUCH DAMAGE. 57.\" 58.Dd May 27, 2008 59.Dt RC.CONF 5 60.Os 61.Sh NAME 62.Nm rc.conf 63.Nd system startup configuration file 64.Sh DESCRIPTION 65The 66.Nm 67file specifies which services are enabled during system startup by 68the startup scripts invoked by 69.Pa /etc/rc 70(see 71.Xr rc 8 ) , 72and the shutdown scripts invoked by 73.Pa /etc/rc.shutdown . 74The 75.Nm 76file is a shell script that is sourced by 77.Xr rc 8 , 78meaning that 79.Nm 80must contain valid shell commands. 81.Pp 82Listed below are the standard 83.Nm 84variables that may be set, the values to which each may be set, 85a brief description of what each variable does, and a reference to 86relevant manual pages. 87Third party packages may test for additional variables. 88.Pp 89Most variables are one of two types: enabling variables or flags 90variables. 91Enabling variables, such as 92.Sy inetd , 93are generally named after the program or the system they enable, 94and are set to 95.Sq YES 96or 97.Sq NO . 98Flags variables, such as 99.Sy inetd_flags 100have the same name with "_flags" appended, and determine what 101arguments are passed to the program if it is enabled. 102.Pp 103If a variable that 104.Xr rc 8 105expects to be set is not set, or the value is not one of the allowed 106values, a warning will be printed. 107.Pp 108By default, 109.Nm 110reads 111.Pa /etc/defaults/rc.conf 112(if it is readable) 113to obtain default values for various variables, and the end-user 114may override these by appending appropriate entries to the end of 115.Nm . 116.Pp 117.Xr rc.d 8 118scripts that use 119.Ic load_rc_config 120from 121.Xr rc.subr 8 122also support sourcing an optional end-user provided per-script override 123file 124.Pa /etc/rc.conf.d/ Ns Ar service , 125(where 126.Ar service 127is the contents of the 128.Sy name 129variable in the 130.Xr rc.d 8 131script). 132This may contain variable overrides, including allowing the end-user 133to override various 134.Ic run_rc_command 135.Xr rc.d 8 136control variables, and thus changing the operation of the script 137without requiring editing of the script. 138.Ss Overall control 139.Bl -tag -width net_interfaces 140.It Sy do_rcshutdown 141.Sq YES 142or 143.Sq NO . 144If set to 145.Sq NO , 146.Xr shutdown 8 147will not run 148.Pa /etc/rc.shutdown . 149.It Sy rcshutdown_rcorder_flags 150A string. 151Extra arguments to the 152.Xr rcorder 8 153run by 154.Pa /etc/rc.shutdown . 155.It Sy rcshutdown_timeout 156A number. 157If non-blank, use this as the number of seconds to run a watchdog timer for 158which will terminate 159.Pa /etc/rc.shutdown 160if the timer expires before the shutdown script completes. 161.It Sy rc_configured 162.Sq YES 163or 164.Sq NO . 165If not set to 166.Sq YES 167then the system will drop into single-user mode during boot. 168.It Sy rc_fast_and_loose 169If set to a non-empty string, 170each script in 171.Pa /etc/rc.d 172will be executed in the current shell rather than a sub shell. 173This may be faster on slow machines that have an expensive 174.Xr fork 2 175operation. 176.Bl -hang 177.It Em Note : 178Use this at your own risk! 179A rogue command or script may inadvertently prevent boot to multiuser. 180.El 181.It Sy rc_rcorder_flags 182A string. 183Extra arguments to the 184.Xr rcorder 8 185run by 186.Pa /etc/rc . 187.El 188.Ss Basic network configuration 189.Bl -tag -width net_interfaces 190.It Sy defaultroute 191A string. 192Default IPv4 network route. 193If empty or not set, then the contents of 194.Pa /etc/mygate 195(if it exists) are used. 196.It Sy defaultroute6 197A string. 198Default IPv6 network route. 199If empty or not set, then the contents of 200.Pa /etc/mygate6 201(if it exists) are used. 202.It Sy domainname 203A string. 204.Tn NIS 205(YP) domain of host. 206If empty or not set, then the contents of 207.Pa /etc/defaultdomain 208(if it exists) are used. 209.It Sy force_down_interfaces 210A space separated list of interface names. 211These interfaces will be configured down when going from multiuser to singleuser 212mode or on system shutdown. 213.Pp 214This is important for some stateful interfaces, for example PPP over ISDN 215connections that cost money by connection time or PPPoE interfaces which 216have no direct means of noticing 217.Dq disconnect 218events. 219.Pp 220All active 221.Xr pppoe 4 222and 223.Xr ippp 4 224interfaces will be automatically added to this list. 225.It Sy hostname 226A string. 227Name of host. 228If empty or not set, then the contents of 229.Pa /etc/myname 230(if it exists) are used. 231.El 232.Ss Boottime file-system and swap configuration 233.Bl -tag -width net_interfaces 234.It Sy critical_filesystems_local 235A string. 236File systems mounted very early in the system boot before networking 237services are available. 238Usually 239.Pa /var 240is part of this, because it is needed by services such as 241.Xr dhclient 8 242which may be required to get the network operational. 243.It Sy critical_filesystems_remote 244A string. 245File systems such as 246.Pa /usr 247that may require network services to be available to mount, 248that must be available early in the system boot for general services to use. 249.It Sy fsck_flags 250A string. 251A file system is checked with 252.Xr fsck 8 253during boot before mounting it. 254This option may be used to override the default command-line options 255passed to the 256.Xr fsck 8 257program. 258.Pp 259When set to 260.Fl y , 261.Xr fsck 8 262assumes yes as the answer to all operator questions during file system checks. 263This might be important with hosts where the administrator does not have 264access to the console and an unsuccessful shutdown must not make the host 265unbootable even if the file system checks would fail in preen mode. 266.It Sy no_swap 267.Sq YES 268or 269.Sq NO . 270Set the 271.Sy no_swap 272variable to 273.Sq YES 274if you have configured your system with no swap on purpose. 275If not set to 276.Sq YES , 277and no swap devices 278are configured, the system will warn you. 279.It Sy swapoff 280.Sq YES 281or 282.Sq NO . 283Remove block-type swap devices at shutdown time. 284Useful if swapping onto RAIDframe devices. 285.El 286.Ss One-time actions to perform or programs to run on boot-up 287.Bl -tag -width net_interfaces 288.It Sy accounting 289.Sq YES 290or 291.Sq NO . 292Enables process accounting with 293.Xr accton 8 . 294Requires 295.Pa /var/account/acct 296to exist. 297.It Sy clear_tmp 298.Sq YES 299or 300.Sq NO . 301Clear /tmp after reboot. 302.It Sy dmesg 303.Sq YES 304or 305.Sq NO . 306Create 307.Pa /var/run/dmesg.boot 308from the output of 309.Xr dmesg 8 . 310Passes 311.Sy dmesg_flags . 312.It Sy lkm 313.Sq YES 314or 315.Sq NO . 316Runs 317.Pa /etc/rc.lkm . 318.It Sy mixerctl 319.Sq YES 320or 321.Sq NO . 322Read 323.Xr mixerctl.conf 5 324for how to set mixer values. 325List in 326.Sy mixerctl_mixers 327the devices whose settings are to be saved at shutdown and 328restored at start-up. 329.It Sy newsyslog 330.Sq YES 331or 332.Sq NO . 333Run 334.Nm newsyslog 335to trim logfiles before syslogd starts. 336Intended for laptop users. 337Passes 338.Sy newsyslog_flags . 339.It Sy per_user_tmp 340.Sq YES 341or 342.Sq NO . 343Enables a per-user 344.Pa /tmp 345directory. 346.Sy per_user_tmp_dir 347can be used to override the default location of the 348.Dq real 349temporary directories, 350.Dq Pa /private/tmp . 351.It Sy savecore 352.Sq YES 353or 354.Sq NO . 355Runs the 356.Xr savecore 8 357utility. 358Passes 359.Sy savecore_flags . 360The directory where crash dumps are stored is specified by 361.Sy savecore_dir . 362The default setting is 363.Dq Pa /var/crash . 364.It Sy tpctl 365.Sq YES 366or 367.Sq NO . 368Run 369.Xr tpctl 8 370to calibrate touch panel device. 371Passes 372.Sy tpctl_flags . 373.It Sy update_motd 374.Sq YES 375or 376.Sq NO . 377Updates the 378.Nx 379version string in the 380.Pa /etc/motd 381file to reflect the version of the running kernel. 382See 383.Xr motd 5 . 384.It Sy veriexec 385.Sq YES 386or 387.Sq NO . 388Load Veriexec fingerprints during startup. 389Read 390.Xr veriexecctl 8 391for more information. 392.It Sy virecover 393.Sq YES 394or 395.Sq NO . 396Send notification mail to users if any recoverable files exist in 397.Pa /var/tmp/vi.recover . 398Read 399.Xr virecover 8 400for more information. 401.El 402.Ss System security setting 403.Bl -tag -width net_interfaces 404.It Sy securelevel 405A number. 406The system securelevel is set to the specified value early 407in the boot process, before any external logins, or other programs 408that run users job, are started. 409If set to nothing, the default action is taken, as described in 410.Xr init 8 , 411which contains definitive information about the system securelevel. 412Note that setting 413.Sy securelevel 414to 0 in 415.Nm 416will actually result in the system booting with securelevel set to 1, as 417.Xr init 8 418will raise the level when 419.Xr rc 8 420completes. 421.It Sy permit_nonalpha 422Allow passwords to include non-alpha characters, usually to allow 423NIS/YP netgroups. 424.It Sy veriexec_strict 425A number. 426Controls the strict level of Veriexec. 427Level 0 is learning mode, used when building the signatures file. 428It will only output messages but will not enforce anything. 429Level 1 will only prevent access to files with a fingerprint 430mismatch. 431Level 2 will also deny writing to and removing of 432monitored files, as well as enforce access type (as specified in 433the signatures file). 434Level 3 will take a step further and prevent 435access to files that are not monitored. 436.It Sy veriexec_verbose 437A number. 438Controls the verbosity of Veriexec. 439Recommended operation is at level 0, verbose output (mostly used when 440building the signatures file) is at level 1. 441Level 2 is for debugging only and should not be used. 442.It Sy veriexec_flags 443A string. 444Flags to pass to the 445.Nm veriexecctl 446command. 447.El 448.Ss Networking startup 449.Bl -tag -width net_interfaces 450.It Sy altqd 451.Sq YES 452or 453.Sq NO . 454ALTQ configuration/monitoring daemon. 455Passes 456.Sy altqd_flags . 457.It Sy auto_ifconfig 458.Sq YES 459or 460.Sq NO . 461Sets the 462.Sy net_interfaces 463variable (see below) to the output of 464.Xr ifconfig 8 465with the 466.Dq Li -l 467flag and suppresses warnings about interfaces in this list that 468do not have an ifconfig file or variable. 469.It Sy dhclient 470.Sq YES 471or 472.Sq NO . 473Set to 474.Sq YES 475to configure some or all network interfaces using 476the ISC DHCP client. 477If you set 478.Sy dhclient 479to 480.Sq YES , 481you must either have 482.Pa /var 483in 484.Sy critical_filesystems_local , 485as part of 486.Pa / , 487or direct the DHCP client to store the leases file on the root 488file system by modifying the 489.Sy dhclient_flags 490variable. 491You must not provide ifconfig information or ifaliases 492information for any interface that is to be configured using the DHCP client. 493Interface aliases can be set up in the DHCP client configuration 494file if needed - see 495.Xr dhclient.conf 5 496for details. 497.Pp 498Passes 499.Sy dhclient_flags 500to the DHCP client. 501See 502.Xr dhclient 8 503for complete documentation. 504If you wish to configure all broadcast 505network interfaces using the DHCP client, you can leave this blank. 506To configure only specific interfaces, name the interfaces to be configured 507on the command line. 508.Pp 509If you must run the DHCP client before mounting critical file systems, 510then you should specify an alternate location for the DHCP client's lease 511file in the 512.Sy dhclient_flags 513variable - for example, "-lf /tmp/dhclient.leases". 514.It Sy dhcpcd_flags 515Additional arguments to pass to 516.Xr dhcpcd 8 517when requesting configuration via 518.Sy ifconfig_xxN . 519.It Sy flushroutes 520.Sq YES 521or 522.Sq NO . 523Flushes the route table on networking startup. 524Useful when coming up to multiuser mode after going down to 525single-user mode. 526.It Sy hostapd 527.Sq YES 528or 529.Sq NO . 530Runs 531.Xr hostapd 8 , 532the authenticator for IEEE 802.11 networks. 533.It Sy ifaliases_* 534A string. 535List of 536.Sq Em "address netmask" 537pairs to configure additional network addresses for the given 538configured interface 539.Dq * 540(e.g. 541.Sy ifaliases_le0 ) . 542If 543.Em netmask 544is 545.Dq - , 546then use the default netmask for the interface. 547.Pp 548.Sy ifaliases_* 549covers limited cases only and considered unrecommended. 550We recommend using 551.Pa /etc/ifconfig.xxN 552with multiple lines instead. 553.It Sy ifwatchd 554.Sq YES 555or 556.Sq NO . 557Monitor dynamic interfaces and perform actions upon address changes. 558Passes 559.Sy ifwatchd_flags . 560.It Sy ip6mode 561A string. 562An IPv6 node can be a router 563.Pq nodes that forward packet for others 564or a host 565.Pq nodes that do not forward . 566A host can be autoconfigured 567based on the information advertised by adjacent IPv6 routers. 568By setting 569.Sy ip6mode 570to 571.Dq Li router , 572.Dq Li host , 573or 574.Dq Li autohost , 575you can configure your node as a router, 576a non-autoconfigured host, or an autoconfigured host. 577Invalid values will be ignored, and the node will be configured as 578a non-autoconfigured host. 579You may want to check 580.Sy rtsol 581and 582.Sy rtsold 583as well, if you set the variable to 584.Dq Li autohost . 585.It Sy ip6uniquelocal 586.Sq YES 587or 588.Sq NO . 589If 590.Sy ip6mode 591is equal to 592.Dq Li router 593and 594.Sy ip6uniquelocal 595is set to 596.Sq NO 597a reject route will be installed on boot to avoid misconfiguration relating 598to unique-local addresses. 599If set to 600.Sq YES 601the reject route won't be installed. 602.It Sy ipfilter 603.Sq YES 604or 605.Sq NO . 606Runs 607.Xr ipf 8 608to load in packet filter specifications from 609.Pa /etc/ipf.conf 610at network boot time, before any interfaces are configured. 611See 612.Xr ipf.conf 5 . 613.It Sy ipfs 614.Sq YES 615or 616.Sq NO . 617Runs 618.Xr ipfs 8 619to save and restore information for ipnat and ipfilter state tables. 620The information is stored in 621.Pa /var/db/ipf/ipstate.ipf 622and 623.Pa /var/db/ipf/ipnat.ipf . 624Passes 625.Sy ipfs_flags . 626.It Sy ipmon 627.Sq YES 628or 629.Sq NO . 630Runs 631.Xr ipmon 8 632to read 633.Xr ipf 8 634packet log information and log it to a file or the system log. 635Passes 636.Sy ipmon_flags . 637.It Sy ipmon_flags 638A string. 639Specifies arguments to supply to 640.Xr ipmon 8 . 641Defaults to 642.Dq Li -ns . 643A typical example would be 644.Dq Fl nD Pa /var/log/ipflog 645to have 646.Xr ipmon 8 647log directly to a file bypassing 648.Xr syslogd 8 . 649If the 650.Dq -D 651argument is used, remember to modify 652.Pa /etc/newsyslog.conf 653accordingly; for example: 654.Bd -literal 655/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 656.Ed 657.It Sy ipnat 658.Sq YES 659or 660.Sq NO . 661Runs 662.Xr ipnat 8 663to load in the IP network address translation (NAT) rules from 664.Pa /etc/ipnat.conf 665at network boot time, before any interfaces are configured. 666See 667.Xr ipnat.conf 5 . 668.It Sy ipsec 669.Sq YES 670or 671.Sq NO . 672Runs 673.Xr setkey 8 674to load in IPsec manual keys and policies from 675.Pa /etc/ipsec.conf 676at network boot time, before any interfaces are configured. 677.It Sy net_interfaces 678A string. 679The list of network interfaces to be configured at boot time. 680For each interface "xxN", the system first looks for ifconfig 681parameters in 682.Pa /etc/ifconfig.xxN 683and then in the variable 684.Sy ifconfig_xxN . 685If this variable is equal to 686.Dq dhcp , 687.Xr dhcpcd 8 688is started for the interface. 689Otherwise the contents of the file or the variable are handed to ifconfig 690after the interface name. 691If 692.Sy auto_ifconfig 693is set to "NO" and neither the file nor the variable is found, 694a warning is printed. 695Refer to 696.Xr ifconfig.if 5 697for more details on 698.Pa /etc/ifconfig.xxN . 699.It Sy ntpdate 700.Sq YES 701or 702.Sq NO . 703Runs 704.Xr ntpdate 8 705to set the system time from one of the hosts in 706.Sy ntpdate_hosts . 707If 708.Sy ntpdate_hosts 709is empty, it will attempt to find a list of hosts in 710.Pa /etc/ntp.conf . 711Passes 712.Sy ntpdate_flags . 713.It Sy ppp_peers 714A string. 715If 716.Sy ppp_peers 717is not empty, then 718.Pa /etc/rc.d/ppp 719will check each word in 720.Sy ppp_peers 721for a corresponding ppp configuration file in 722.Pa /etc/ppp/peers 723and will call 724.Xr pppd 8 725with the 726.Dq call Sy peer 727option. 728.It Sy racoon 729.Sq YES 730or 731.Sq NO . 732Runs 733.Xr racoon 8 , 734the IKE (ISAKMP/Oakley) key management daemon. 735.It Sy rtsol 736.Sq YES 737or 738.Sq NO . 739Run 740.Xr rtsol 8 , 741router solicitation command for IPv6 hosts. 742On nomadic hosts like notebook computers, you may want to enable 743.Sy rtsold 744as well. 745Passes 746.Sy rtsol_flags . 747This is only for autoconfigured IPv6 hosts, so set 748.Sy ip6mode 749to 750.Dq Li autohost 751if you use it. 752.It Sy wpa_supplicant 753.Sq YES 754or 755.Sq NO . 756Run 757.Xr wpa_supplicant 8 , 758WPA/802.11i Supplicant for wireless network devices. 759.El 760.Ss Daemons required by other daemons 761.Bl -tag -width net_interfaces 762.It Sy inetd 763.Sq YES 764or 765.Sq NO . 766Runs the 767.Xr inetd 8 768daemon to start network server processes (as listed in 769.Pa /etc/inetd.conf ) 770as necessary. 771Passes 772.Sy inetd_flags . 773The 774.Dq Li -l 775flag turns on libwrap connection logging. 776.It Sy rpcbind 777.Sq YES 778or 779.Sq NO . 780The 781.Xr rpcbind 8 782daemon is required for any 783.Xr rpc 3 784services. 785These include NFS, 786.Tn NIS , 787.Xr bootparamd 8 , 788.Xr rstatd 8 , 789.Xr rusersd 8 , 790and 791.Xr rwalld 8 . 792Passes 793.Sy rpcbind_flags . 794.El 795.Ss Commonly used daemons 796.Bl -tag -width net_interfaces 797.It Sy cron 798.Sq YES 799or 800.Sq NO . 801Run 802.Xr cron 8 . 803.It Sy lpd 804.Sq YES 805or 806.Sq NO . 807Runs 808.Xr lpd 8 809and passes 810.Sy lpd_flags . 811The 812.Dq Li -l 813flag will turn on extra logging. 814.It Sy named 815.Sq YES 816or 817.Sq NO . 818Runs 819.Xr named 8 820and passes 821.Sy named_flags . 822.It Sy named_chrootdir 823A string. 824If non-blank and 825.Sy named 826is 827.Sq YES , 828run 829.Xr named 8 830as the unprivileged user and group 831.Sq named , 832.Xr chroot 2 Ns ed 833to 834.Sy named_chrootdir . 835.Sy named_chrootdir Ns Pa /var/run/log 836will be added to the list of log sockets that 837.Xr syslogd 8 838listens to. 839.It Sy ntpd 840.Sq YES 841or 842.Sq NO . 843Runs 844.Xr ntpd 8 845and passes 846.Sy ntpd_flags . 847.It Sy ntpd_chrootdir 848A string. 849If non-blank and 850.Sy ntpd 851is 852.Sq YES , 853run 854.Xr ntpd 8 855as the unprivileged user and group 856.Sq ntpd , 857.Xr chroot 2 Ns ed 858to 859.Sy ntpd_chrootdir . 860.Sy ntpd_chrootdir Ns Pa /var/run/log 861will be added to the list of log sockets that 862.Xr syslogd 8 863listens to. 864This option requires that the kernel has 865.Dl pseudo-device clockctl 866compiled in, and that 867.Pa /dev/clockctl 868is present. 869.It Sy postfix 870.Sq YES 871or 872.Sq NO . 873Starts 874.Xr postfix 1 875mail system. 876.It Sy sshd 877.Sq YES 878or 879.Sq NO . 880Runs 881.Xr sshd 8 882and passes 883.Sy sshd_flags . 884.It Sy syslogd 885.Sq YES 886or 887.Sq NO . 888Runs 889.Xr syslogd 8 890and passes 891.Sy syslogd_flags . 892.It Sy timed 893.Sq YES 894or 895.Sq NO . 896Runs 897.Xr timed 8 898and passes 899.Sy timed_flags . 900The 901.Dq Li -M 902option allows 903.Xr timed 8 904to be a master time source as well as a slave. 905If you are also running 906.Xr ntpd 8 , 907only one machine running both should have the 908.Dq Li -M 909flag given to 910.Xr timed 8 . 911.El 912.Ss Routing daemons 913.Bl -tag -width net_interfaces 914.It Sy mrouted 915.Sq YES 916or 917.Sq NO . 918Runs 919.Xr mrouted 8 , 920the DVMRP multicast routing protocol daemon. 921Passes 922.Sy mrouted_flags . 923.It Sy route6d 924.Sq YES 925or 926.Sq NO . 927Runs 928.Xr route6d 8 , 929the RIPng routing protocol daemon for IPv6. 930Passes 931.Sy route6d_flags . 932.It Sy routed 933.Sq YES 934or 935.Sq NO . 936Runs 937.Xr routed 8 , 938the RIP routing protocol daemon. 939Passes 940.Sy routed_flags . 941.\" This should be 942.\" .Sq NO 943.\" if 944.\" .Sy gated 945.\" is 946.\" .Sq YES . 947.It Sy rtsold 948.Sq YES 949or 950.Sq NO . 951Runs 952.Xr rtsold 8 , 953the IPv6 router solicitation daemon. 954.Xr rtsold 8 955periodically transmits router solicitation packets 956to find IPv6 routers on the network. 957This configuration is mainly for nomadic hosts like notebook computers. 958Stationary hosts should work fine with just 959.Sy rtsol . 960Passes 961.Sy rtsold_flags . 962This is only for autoconfigured IPv6 hosts, so set 963.Sy ip6mode 964to 965.Dq Li autohost 966if you use it. 967.El 968.Ss Daemons used to boot other hosts over a network 969.Bl -tag -width net_interfaces 970.It Sy bootparamd 971.Sq YES 972or 973.Sq NO . 974Runs 975.Xr bootparamd 8 , 976the boot parameter server, with 977.Sy bootparamd_flags 978as options. 979Used to boot 980.Nx 981and 982.Tn "SunOS 4.x" 983systems. 984.It Sy dhcpd 985.Sq YES 986or 987.Sq NO . 988Runs 989.Xr dhcpd 8 , 990the Dynamic Host Configuration Protocol (DHCP) daemon, 991for assigning IP addresses to hosts and passing boot information. 992Passes 993.Sy dhcpd_flags . 994.It Sy dhcrelay 995.Sq YES 996or 997.Sq NO . 998Runs 999.Xr dhcrelay 8 . 1000Passes 1001.Sy dhcrelay_flags . 1002.It Sy mopd 1003.Sq YES 1004or 1005.Sq NO . 1006Runs 1007.Xr mopd 8 , 1008the 1009.Tn DEC 1010.Tn MOP 1011protocol daemon; used for booting 1012.Tn VAX 1013and other 1014.Tn DEC 1015machines. 1016Passes 1017.Sy mopd_flags . 1018.It Sy ndbootd 1019.Sq YES 1020or 1021.Sq NO . 1022Runs 1023.Xr ndbootd 8 , 1024the Sun Network Disk (ND) Protocol server. 1025Passes 1026.Sy ndbootd_flags . 1027.It Sy rarpd 1028.Sq YES 1029or 1030.Sq NO . 1031Runs 1032.Xr rarpd 8 , 1033the reverse ARP daemon, often used to boot 1034.Nx 1035and Sun workstations. 1036Passes 1037.Sy rarpd_flags . 1038.It Sy rbootd 1039.Sq YES 1040or 1041.Sq NO . 1042Runs 1043.Xr rbootd 8 , 1044the 1045.Tn HP 1046boot protocol daemon; used for booting 1047.Tn HP 1048workstations. 1049Passes 1050.Sy rbootd_flags . 1051.It Sy rtadvd 1052.Sq YES 1053or 1054.Sq NO . 1055Runs 1056.Xr rtadvd 8 , 1057the IPv6 router advertisement daemon, which is used to advertise 1058information about the subnet to IPv6 end hosts. 1059Passes 1060.Sy rtadvd_flags . 1061This is only for IPv6 routers, so set 1062.Sy ip6mode 1063to 1064.Dq Li router 1065if you use it. 1066.El 1067.Ss X Window System daemons 1068.Bl -tag -width net_interfaces 1069.It Sy xdm 1070.Sq YES 1071or 1072.Sq NO . 1073Runs the 1074.Xr xdm 1 1075X display manager. 1076These X daemons are available only with the optional X distribution of 1077.Nx . 1078.It Sy xfs 1079.Sq YES 1080or 1081.Sq NO . 1082Runs the 1083.Xr xfs 1 1084X11 font server, which supplies local X font files to X terminals. 1085.El 1086.Ss NIS (YP) daemons 1087.Bl -tag -width net_interfaces 1088.It Sy ypbind 1089.Sq YES 1090or 1091.Sq NO . 1092Runs 1093.Xr ypbind 8 , 1094which lets 1095.Tn NIS 1096(YP) clients use information from a 1097.Tn NIS 1098server. 1099Passes 1100.Sy ypbind_flags . 1101.It Sy yppasswdd 1102.Sq YES 1103or 1104.Sq NO . 1105Runs 1106.Xr yppasswdd 8 , 1107which allows remote 1108.Tn NIS 1109users to update password on master server. 1110Passes 1111.Sy yppasswdd_flags . 1112.It Sy ypserv 1113.Sq YES 1114or 1115.Sq NO . 1116Runs 1117.Xr ypserv 8 , 1118the 1119.Tn NIS 1120(YP) server for distributing information from certain files in 1121.Pa /etc . 1122Passes 1123.Sy ypserv_flags . 1124The 1125.Dq Li -d 1126flag causes it to use DNS for lookups in 1127.Pa /etc/hosts 1128that fail. 1129.El 1130.Ss NFS daemons and parameters 1131.Bl -tag -width net_interfaces 1132.It Sy amd 1133.Sq YES 1134or 1135.Sq NO . 1136Runs 1137.Xr amd 8 , 1138the automounter daemon, which automatically mounts NFS file systems 1139whenever a file or directory within that file system is accessed. 1140Passes 1141.Sy amd_flags . 1142.It Sy amd_dir 1143A string. 1144The 1145.Xr amd 8 1146mount directory. 1147Used only if 1148.Sy amd 1149is set to 1150.Sq YES . 1151.It Sy lockd 1152.Sq YES 1153or 1154.Sq NO . 1155Runs 1156.Xr rpc.lockd 8 1157if 1158.Sy nfs_server 1159and/or 1160.Sy nfs_client 1161are set to 1162.Sq YES . 1163Passes 1164.Sy lockd_flags . 1165.It Sy mountd 1166.Sq YES 1167or 1168.Sq NO . 1169Runs 1170.Xr mountd 8 1171and passes 1172.Sy mountd_flags . 1173.It Sy nfs_client 1174.Sq YES 1175or 1176.Sq NO . 1177The number of local NFS asynchronous I/O server is now controlled via 1178.Xr sysctl 8 . 1179.It Sy nfs_server 1180.Sq YES 1181or 1182.Sq NO . 1183Sets up a host to be a NFS server by running 1184.Xr nfsd 8 1185and passing 1186.Sy nfsd_flags . 1187.It Sy statd 1188.Sq YES 1189or 1190.Sq NO . 1191Runs 1192.Xr rpc.statd 8 , 1193a status monitoring daemon used when 1194.Xr rpc.lockd 8 1195is running, if 1196.Sy nfs_server 1197and/or 1198.Sy nfs_client 1199are set to 1200.Sq YES . 1201Passes 1202.Sy statd_flags . 1203.El 1204.Ss Bluetooth configuration and daemons 1205.Bl -tag -width net_interfaces 1206.It Sy btattach 1207.Sq YES 1208or 1209.Sq NO . 1210Attach serial bluetooth interfaces as listed in the configuration file 1211.Pa /etc/bluetooth/btdevctl.conf . 1212.It Sy btconfig 1213.Sq YES 1214or 1215.Sq NO . 1216Configure bluetooth devices. 1217If the 1218.Sy btconfig_devices 1219variable below is not specified, all devices known to the system 1220will be configured. 1221For each device, configuration arguments are first looked for 1222in the 1223.Sy btconfig_{dev} 1224variable, otherwise the value of the 1225.Sy btconfig_args 1226variable will be used, and if that is not specified the default string is 1227.Sq enable . 1228.It Sy btconfig_devices 1229An optional space separated list of bluetooth devices to be configured at 1230boot time. 1231.It Sy btconfig_args 1232An optional string, containing default arguments for bluetooth devices to 1233be configured. 1234.It Sy btdevctl 1235.Sq YES 1236or 1237.Sq NO . 1238Configure Bluetooth devices as listed in the configuration file 1239.Pa /etc/bluetooth/btdevctl.conf . 1240.It Sy bthcid 1241.Sq YES 1242or 1243.Sq NO . 1244Runs 1245.Xr bthcid 8 , 1246the Bluetooth HCI daemon, which manages link keys and PIN codes for 1247Bluetooth links. 1248Passes 1249.Sy bthcid_flags . 1250.It Sy sdpd 1251.Sq YES 1252or 1253.Sq NO . 1254Runs the Service Discovery Profile daemon, 1255.Xr sdpd 8 . 1256Passes 1257.Sy sdpd_flags . 1258.El 1259.Ss Other daemons 1260.Bl -tag -width net_interfaces 1261.It Sy isdnd 1262.Sq YES 1263or 1264.Sq NO . 1265Runs 1266.Xr isdnd 8 , 1267the isdn4bsd ISDN connection management daemon. 1268Passes 1269.Sy isdnd_flags . 1270.It Sy isdn_autoupdown 1271.Sq YES 1272or 1273.Sq NO . 1274Set all configured ISDN interfaces to 1275.Dq up . 1276If 1277.Sy isdn_interfaces 1278is not blank, only the listed interfaces will be modified. 1279Used only if 1280.Sy isdnd 1281is set to 1282.Sq YES . 1283.It Sy kdc 1284.Sq YES 1285or 1286.Sq NO . 1287Runs the 1288.Xr kdc 8 1289Kerberos v4 and v5 server. 1290This should be run on Kerberos master and slave servers. 1291.It Sy rwhod 1292.Sq YES 1293or 1294.Sq NO . 1295Runs 1296.Xr rwhod 8 1297to support the 1298.Xr rwho 1 1299and 1300.Xr ruptime 1 1301commands. 1302.El 1303.Ss Hardware daemons 1304.Bl -tag -width net_interfaces 1305.It Sy apmd 1306.Sq YES 1307or 1308.Sq NO . 1309Runs 1310.Xr apmd 8 1311and passes 1312.Sy apmd_flags . 1313.It Sy irdaattach 1314.Sq YES 1315or 1316.Sq NO . 1317Runs 1318.Xr irdaattach 8 1319and passes 1320.Sy irdaattach_flags . 1321.It Sy moused 1322.Sq YES 1323or 1324.Sq NO . 1325Runs 1326.Xr moused 8 , 1327to pass serial mouse data to the wscons mouse mux. 1328Passes 1329.Sy moused_flags . 1330.It Sy poffd 1331.Sq YES 1332or 1333.Sq NO . 1334Runs 1335.Xr poffd 8 1336x68k shutdown daemon 1337(only for 1338.Nx Ns /x68k ) . 1339Passes 1340.Sy poffd_flags . 1341.It Sy screenblank 1342.Sq YES 1343or 1344.Sq NO . 1345Runs 1346.Xr screenblank 1 1347and passes 1348.Sy screenblank_flags . 1349.It Sy wscons 1350.Sq YES 1351or 1352.Sq NO . 1353Configures the 1354.Xr wscons 4 1355console driver, from the configuration file 1356.Pa /etc/wscons.conf . 1357.It Sy wsmoused 1358.Sq YES 1359or 1360.Sq NO . 1361Runs 1362.Xr wsmoused 8 , 1363to provide copy and paste text support in wscons displays. 1364Passes 1365.Sy wsmoused_flags . 1366.El 1367.Sh FILES 1368.Bl -tag -width /etc/defaults/rc.conf -compact 1369.It Pa /etc/rc.conf 1370The file 1371.Nm 1372resides in 1373.Pa /etc . 1374.It Pa /etc/defaults/rc.conf 1375Default settings for 1376.Nm , 1377sourced by 1378.Nm 1379before the end-user configuration section. 1380.It Pa /etc/rc.conf.d/ Ns Ar foo 1381.Ar foo Ns No -specific 1382.Nm 1383overrides. 1384.El 1385.Sh SEE ALSO 1386.Xr boot 8 , 1387.Xr rc 8 , 1388.Xr rc.d 8 , 1389.Xr rc.subr 8 , 1390.Xr rcorder 8 1391.Sh HISTORY 1392The 1393.Nm 1394file appeared in 1395.Nx 1.3 . 1396