xref: /netbsd-src/share/man/man5/rc.conf.5 (revision bcc8ec9959e7b01e313d813067bfb43a3ad70551) 
1.\"	$NetBSD: rc.conf.5,v 1.42 2001/01/11 17:56:17 itojun Exp $
2.\"
3.\" Copyright (c) 1996 Matthew R. Green
4.\" Copyright (c) 1997 Curt J. Sampson
5.\" Copyright (c) 1997 Michael W. Long
6.\" Copyright (c) 1998-2000 The NetBSD Foundation, Inc.
7.\" All rights reserved.
8.\"
9.\" This document is derived from works contributed to The NetBSD Foundation
10.\" by Luke Mewburn.
11.\"
12.\" Redistribution and use in source and binary forms, with or without
13.\" modification, are permitted provided that the following conditions
14.\" are met:
15.\" 1. Redistributions of source code must retain the above copyright
16.\"    notice, this list of conditions and the following disclaimer.
17.\" 2. Redistributions in binary form must reproduce the above copyright
18.\"    notice, this list of conditions and the following disclaimer in the
19.\"    documentation and/or other materials provided with the distribution.
20.\" 3. The name of the author may not be used to endorse or promote products
21.\"    derived from this software without specific prior written permission.
22.\"
23.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
24.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
25.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
26.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
27.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
28.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
29.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
30.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
31.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33.\" SUCH DAMAGE.
34.\"
35.Dd October 1, 2000
36.Dt RC.CONF 5
37.Os
38.\" turn off hyphenation
39.hym 999
40.Sh NAME
41.Nm rc.conf
42.Nd system startup configuration file
43.Sh DESCRIPTION
44The
45.Nm
46file specifies which services are enabled during system startup by
47the startup scripts invoked by
48.Pa /etc/rc .
49The
50.Nm
51file is a shell script that is sourced by
52.Pa /etc/rc
53if it exists, meaning that
54.Nm
55must contain valid shell commands.
56.Pp
57Listed below are the
58.Nm
59variables that may be set, the values to which each may be set,
60a brief description of what each variable does, and a reference to
61relevant manual pages.
62.Pp
63Most variables are one of two types: enabling variables or flags
64variables.
65Enabling variables, such as
66.Sy inetd ,
67are generally named after the program or the system they enable,
68and are set to
69.Sq YES
70or
71.Sq NO .
72Flags variables, such as
73.Sy inetd_flags
74have the same name with "_flags" appended, and determine what
75arguments are passed to the program if it is enabled.
76.Pp
77If a variable that
78.Pa /etc/rc
79expects to be set is not set, or the value is not one of the allowed
80values, a warning will be printed.
81.Ss Overall control:
82.Bl -tag -width net_interfaces
83.It Sy rc_configured
84If this is not set to
85.Sq YES
86then the system will drop into single-user mode during boot.
87.It Sy do_rcshutdown
88If set to
89.Sq NO ,
90.Xr shutdown 8
91will not run
92.Pa /etc/rc.shutdown .
93.El
94.Ss Basic network configuration:
95.Bl -tag -width net_interfaces
96.It Sy hostname
97Name of host.
98If empty or not set, then the contents of
99.Pa /etc/myname
100(if it exists) are used.
101.It Sy domainname
102.Tn NIS
103(YP) domain of host.
104If empty or not set, then the contents of
105.Pa /etc/defaultdomain
106(if it exists) are used.
107.It Sy defaultroute
108Default network route.
109If empty or not set, then the contents of
110.Pa /etc/mygate
111(if it exists) are used.
112.El
113.Ss Boottime file-system and swap configuration:
114.Bl -tag -width net_interfaces
115.It Sy critical_filesystems_beforenet
116File systems mounted very early in the system boot before networking
117services are available.
118Usually
119.Pa /var
120is part of this, because it is needed by services such as
121.Xr dhclient 1
122which may be required to get the network operational.
123.It Sy critical_filesystems
124File systems such as
125.Pa /usr
126that may require network services to be available to mount,
127that must be available early in the system boot for general services to use.
128.It Sy no_swap
129Set the
130.Sy no_swap
131variable to
132.Sq YES
133if you have configured your system with no swap on purpose.
134If not set, or set to anything other than
135.Sq YES ,
136and no swap devices
137are configured, the system will warn you.
138.El
139.Ss One-time actions to perform or programs to run on boot-up:
140.Bl -tag -width net_interfaces
141.It Sy lkm
142.Sq YES
143or
144.Sq NO .
145Runs
146.Pa /etc/rc.lkm .
147.It Sy savecore
148.Sq YES
149or
150.Sq NO .
151Runs the
152.Xr savecore 8
153utility.
154Passes
155.Sy savecore_flags .
156.It Sy clear_tmp
157.Sq YES
158or
159.Sq NO .
160Clear /tmp after reboot.
161.It Sy update_motd
162.Sq YES
163or
164.Sq NO .
165Updates the
166.Nx
167version string in the
168.Pa /etc/motd
169file to reflect the version of the running kernel.
170See
171.Xr motd 5 .
172.It Sy dmesg
173.Sq YES
174or
175.Sq NO .
176Create
177.Pa /var/run/dmesg.boot
178from the output of
179.Xr dmesg 8 .
180Passes
181.Sy dmesg_flags .
182.It Sy accounting
183.Sq YES
184or
185.Sq NO .
186Enables process accounting with
187.Xr accton 8 .
188Requires
189.Pa /var/account/acct
190to exist.
191.El
192.Ss System security setting:
193.Bl -tag -width net_interfaces
194.It Sy securelevel
195A number.
196The system securelevel is set to the specified value early
197in the boot process, before any external logins, or other programs
198that run users job, are started.
199If set to nothing, the default action is taken, as described
200.Xr init 8 ,
201which contains definative information about the system securelevel.
202.El
203.Ss Networking startup:
204.Bl -tag -width net_interfaces
205.It Sy ipfilter
206.Sq YES
207or
208.Sq NO .
209Runs
210.Xr ipf 8
211to load in packet filter specifications from
212.Pa /etc/ipf.conf
213at network boot time, before any interfaces are configured.
214See
215.Xr ipf.conf 5 .
216.It Sy ipnat
217Runs
218.Xr ipnat 8
219to load in the IP network address translation (NAT) rules from
220.Pa /etc/ipnat.conf
221at network boot time, before any interfaces are configured.
222See
223.Xr ipnat.conf 5 .
224.It Sy ipsec
225.Sq YES
226or
227.Sq NO .
228Runs
229.Xr setkey 8
230to load in IPsec manual keys and policies from
231.Pa /etc/ipsec.conf
232at network boot time, before any interfaces are configured.
233.It Sy ipmon
234.Sq YES
235or
236.Sq NO .
237Runs
238.Xr ipmon 8
239to read
240.Xr ipf 8
241packet log information and log it to a file or the system log.
242Passes
243.Sy ipmon_flags .
244.It Sy auto_ifconfig
245.Sq YES
246or
247.Sq NO .
248Sets the
249.Sy net_interfaces
250variable (see below) to the output of
251.Xr ifconfig 8
252with the
253.Dq Li -l
254flag and suppresses warnings about interfaces in this list that
255do not have an ifconfig file or variable.
256.It Sy net_interfaces
257The list of network interfaces to be configured at boot time.
258For each interface "xxN", the system first looks for ifconfig
259parameters in
260.Pa /etc/ifconfig.xxN
261and then in the variable
262.Sy ifconfig_xxN .
263The contents of the file or the variable are handed to ifconfig
264after the interface name.
265If
266.Sy auto_ifconfig
267is set to "NO" and neither the file nor the variable is found,
268a warning is printed.
269Refer to
270.Xr ifconfig.if 5
271for more details on
272.Pa /etc/ifconfig.xxN .
273.It Sy ifaliases_*
274List of
275.Sq Em "address netmask"
276pairs to configure additional network addresses for the given
277configured interface
278.Dq *
279(e.g.
280.Sy ifaliases_le0 ) .
281If
282.Em netmask
283is
284.Dq - ,
285then use the default netmask for the interface.
286.Pp
287.Sy ifaliases_*
288covers limited cases only and considered unrecommended.
289We recommend using
290.Pa /etc/ifconfig.xxN
291with multiple lines instead.
292.It Sy flushroutes
293.Sq YES
294or
295.Sq NO .
296Flushes the route table on networking startup.
297Useful when coming up to multiuser mode after going down to
298single-user mode.
299.It Sy dhclient
300.Sq YES
301or
302.Sq NO .
303Set to
304.Sq YES
305to configure some or all network interfaces using
306the DHCP client.
307If you set
308.Sy dhclient
309to
310.Sq YES ,
311you must either have
312.Pa /var
313in
314.Sy critical_filesystems_beforenet ,
315as part of
316.Pa / ,
317or direct the DHCP client to store the leases file on the root
318filesystem by modifying the
319.Sy dhclient_flags
320variable.
321You must not provide ifconfig information or ifaliases
322information for any interface that is to be configured using the DHCP client.
323Interface aliases can be set up in the DHCP client configuration
324file if needed - see
325.Xr dhclient.conf 5
326for details.
327.Pp
328Passes
329.Sy dhclient_flags
330to the DHCP client.
331See
332.Xr dhclient 8
333for complete documentation.
334If you wish to configure all broadcast
335network interfaces using the DHCP client, you can leave this blank.
336To configure only specific interfaces, name the interfaces to be configured
337on the command line.
338.Pp
339If you must run the DHCP client before mounting critical filesystems,
340then you should specify an alternate location for the DHCP client's lease
341file in the
342.Sy dhclient_flags
343variable - for example, "-lf /tmp/dhclient.leases".
344.It Sy ntpdate
345.Sq YES
346or
347.Sq NO .
348Runs
349.Xr ntpdate 8
350to set the system time from one of the hosts in
351.Sy ntpdate_hosts .
352If
353.Sy ntpdate_hosts
354is empty, it will attempt to find a list of hosts in
355.Pa /etc/ntp.conf .
356.It Sy ppp_peers
357If
358.Sy ppp_peers
359is not empty, then
360.Pa /etc/netstart
361will check each word in
362.Sy ppp_peers
363for a coresponding ppp configuration file in
364.Pa /etc/ppp/peers
365and will call
366.Xr pppd 8
367with the
368.Dq call Sy peer
369option.
370.It Sy ip6mode
371An IPv6 node can be a router
372.Pq nodes that forward packet for others
373or host
374.Pq nodes that do not forward .
375A host can be autoconfigured
376based on the information advertised by adjacent IPv6 router.
377By setting
378.Sy ip6mode
379to
380.Dq Li router ,
381.Dq Li host ,
382or
383.Dq Li autohost ,
384you can configure your node as a router,
385a non-autoconfigured host, or an autoconfigured host.
386Invalid values will be ignored, and the node will be configured as
387a non-autoconfigured host.
388You may want to check
389.Sy rtsol
390and
391.Sy rtsold
392as well, if you set the variable to
393.Dq Li autohost .
394.It Sy ip6sitelocal
395.Sq YES
396or
397.Sq NO .
398If you intend to use IPv6 site-local address in your site, set it to
399.Sq YES .
400Otherwise, reject route will get installed on boot to avoid misconfiguration
401regarding to site-local addresses.
402.It Sy rtsol
403.Sq YES
404or
405.Sq NO .
406Run
407.Xr rtsol 8 ,
408router solicitation command for IPv6 host.
409On nomadic host like notebook computers, you may want to enable
410.Sy rtsold
411as well.
412Passes
413.Sy rtsol_flags .
414This is only for autoconfigured IPv6 host, so set
415.Sy ip6mode
416to autohost if you use it.
417.El
418.Ss Daemons required by other daemons:
419.Bl -tag -width net_interfaces
420.It Sy inetd
421.Sq YES
422or
423.Sq NO .
424Runs the
425.Xr inetd 8
426daemon to start network server processes (as listed in
427.Pa /etc/inetd.conf )
428as necessary.
429Passes
430.Sy inetd_flags .
431The
432.Dq Li -l
433flag turns on libwrap connection logging.
434.It Sy rpcbind
435.Sq YES
436or
437.Sq NO .
438The
439.Xr rpcbind 8
440daemon is required for any
441.Xr rpc 3
442services.
443These include NFS,
444.Tn NIS ,
445.Xr bootparamd 8 ,
446.Xr rstatd 8 ,
447.Xr rusersd 8 ,
448and
449.Xr rwalld 8 .
450.El
451.Ss Commonly used daemons:
452.Bl -tag -width net_interfaces
453.It Sy syslogd
454.Sq YES
455or
456.Sq NO .
457Runs
458.Xr syslogd 8
459and passes
460.Sy syslogd_flags .
461.It Sy cron
462.Sq YES
463or
464.Sq NO .
465Run
466.Xr cron 8 .
467.It Sy named
468.Sq YES
469or
470.Sq NO .
471Runs
472.Xr named 8
473and passes
474.Sy named_flags .
475.It Sy timed
476.Sq YES
477or
478.Sq NO .
479Runs
480.Xr timed 8
481and passes
482.Sy timed_flags .
483The
484.Dq Li -M
485option allows
486.Xr timed 8
487to be a master time source as well as a slave.
488If you are also running
489.Xr ntpd 8 ,
490only one machine running both should have the
491.Dq Li -M
492flag given to
493.Xr timed 8 .
494.It Sy ntpd
495.Sq YES
496or
497.Sq NO .
498Runs
499.Xr ntpd 8
500and passes
501.Sy ntpd_flags .
502.It Sy sendmail
503.Sq YES
504or
505.Sq NO .
506Runs
507.Xr sendmail 8
508and passes
509.Sy sendmail_flags .
510.It Sy postfix
511.Sq YES
512or
513.Sq NO .
514Starts
515.Xr postfix 8
516mail system.
517.It Sy lpd
518.Sq YES
519or
520.Sq NO .
521Runs
522.Xr lpd 8
523and passes
524.Sy lpd_flags .
525The
526.Dq Li -l
527flag will turn on extra logging.
528.It Sy sshd
529.Sq YES
530or
531.Sq NO .
532Runs
533.Xr sshd 8
534and passes
535.Sy sshd_flags .
536.Xr sshd 8
537is not included with the standard
538.Nx
539installation, although it is part of the optional
540.Nx
541package collection.
542.El
543.Ss Routing daemons:
544.Bl -tag -width net_interfaces
545.It Sy routed
546.Sq YES
547or
548.Sq NO .
549Runs
550.Xr routed 8 ,
551the RIP routing protocol daemon.
552Passes
553.Sy routed_flags .
554This should be
555.Sq NO
556if
557.Sy gated
558is
559.Sq YES .
560.It Sy gated
561.Sq YES
562or
563.Sq NO .
564Runs
565.Xr gated 8 ,
566the multiprotocol routing daemon.
567Passes
568.Sy gated_flags .
569This should be
570.Sq NO
571if
572.Sy routed
573is
574.Sq YES .
575.Xr gated 8
576is not included with the standard
577.Nx
578installation, although it is part of the optional
579.Nx
580package collection.
581.It Sy mrouted
582.Sq YES
583or
584.Sq NO .
585Runs
586.Xr mrouted 8 ,
587the DVMRP multicast routing protocol daemon.
588Passes
589.Sy mrouted_flags .
590.It Sy route6d
591.Sq YES
592or
593.Sq NO .
594Runs
595.Xr route6d 8 ,
596the RIPng routing protocol daemon for IPv6.
597Passes
598.Sy route6d_flags .
599.It Sy rtsold
600.Sq YES
601or
602.Sq NO .
603Runs
604.Xr rtsold 8 ,
605the IPv6 router solicitation daemon.
606.Xr rtsold 8
607periodically transmits router solicitation packet
608to find IPv6 router on the network.
609This configuration is mainly for nomadic host like notebook computers.
610Stationary host should work fine with
611.Sy rtsol
612only.
613Passes
614.Sy rtsold_flags .
615This is only for autoconfigured IPv6 host, so set
616.Sy ip6mode
617to autohost if you use it.
618.El
619.Ss Daemons used to boot other hosts over a network:
620.Bl -tag -width net_interfaces
621.It Sy rarpd
622.Sq YES
623or
624.Sq NO .
625Runs
626.Xr rarpd 8 ,
627the reverse ARP daemon, often used to boot
628.Nx
629and Sun workstations.
630Passes
631.Sy rarpd_flags .
632.It Sy bootparamd
633.Sq YES
634or
635.Sq NO .
636Runs
637.Xr bootparamd 8 ,
638the boot parameter server, with
639.Sy bootparamd_flags
640as options.
641Used to boot
642.Nx
643and
644.Tn "SunOS 4.x"
645systems.
646.It Sy dhcpd
647.Sq YES
648or
649.Sq NO .
650Runs
651.Xr dhcpd 8 ,
652the Dynamic Host Configuration Protocol (DHCP) daemon,
653for assigning IP addresses to hosts and passing boot information.
654Passes
655.Sy dhcpd_flags .
656.It Sy dhcrelay
657.Sq YES
658or
659.Sq NO .
660Runs
661.Xr dhcrelay 8 .
662Passes
663.Sy dhcrelay_flags .
664.It Sy rbootd
665.Sq YES
666or
667.Sq NO .
668Runs
669.Xr rbootd 8 ,
670the
671.Tn HP
672boot protocol daemon; used for booting
673.Tn HP
674workstations.
675Passes
676.Sy rbootd_flags .
677.It Sy mopd
678.Sq YES
679or
680.Sq NO .
681Runs
682.Xr mopd 8 ,
683the
684.Tn DEC
685.Tn MOP
686protocol daemon; used for booting
687.Tn VAX
688and other
689.Tn DEC
690machines.
691Passes
692.Sy mopd_flags .
693.It Sy rtadvd
694.Sq YES
695or
696.Sq NO .
697Runs
698.Xr rtadvd 8 ,
699the IPv6 router advertisement daemon, which is used to advertise
700information about the subnet to IPv6 end hosts.
701Passes
702.Sy rtadvd_flags .
703This is only for IPv6 router, so set
704.Sy ip6forwarding
705to
706.Sq YES
707if you use it.
708.El
709.Ss X Window System daemons:
710.Bl -tag -width net_interfaces
711.It Sy xfs
712.Sq YES
713or
714.Sq NO .
715Runs the
716.Xr xfs 1
717X11 font server, which supplies local X font files to X terminals.
718.It Sy xdm
719.Sq YES
720or
721.Sq NO .
722Runs the
723.Xr xdm 1
724X display manager.
725These X daemons are available only with the optional X distribution of
726.Nx .
727.El
728.Ss NIS (YP) daemons:
729.Bl -tag -width net_interfaces
730.It Sy ypbind
731.Sq YES
732or
733.Sq NO .
734Runs
735.Xr ypbind 8 ,
736which lets
737.Tn NIS
738(YP) clients use information from a
739.Tn NIS
740server.
741Passes
742.Sy ypbind_flags .
743.It Sy ypserv
744.Sq YES
745or
746.Sq NO .
747Runs
748.Xr ypserv 8 ,
749the
750.Tn NIS
751(YP) server for distributing information from certain files in
752.Pa /etc .
753Passes
754.Sy ypserv_flags .
755The
756.Dq Li -d
757flag causes it to use DNS for lookups in
758.Pa /etc/hosts
759that fail.
760.It Sy yppasswdd
761.Sq YES
762or
763.Sq NO .
764Runs
765.Xr yppasswdd 8 ,
766which allows remote
767.Tn NIS
768users to update password on master server.
769Passes
770.Sy yppasswdd_flags .
771.El
772.Ss NFS daemons and parameters:
773.Bl -tag -width net_interfaces
774.It Sy nfs_client
775.Sq YES
776or
777.Sq NO .
778The number of local NFS asynchronous I/O server is now controlled via
779.Xr sysctl 8 .
780.It Sy nfs_server
781.Sq YES
782or
783.Sq NO .
784Sets up a host to be a NFS server by running
785.Xr mountd 8
786and
787.Xr nfsd 8 ,
788and passing
789.Sy mountd_flags
790and
791.Sy nfsd_flags
792to them, respectively.
793.It Sy lockd
794.Sq YES
795or
796.Sq NO .
797Runs
798.Xr rpc.lockd 8
799if either
800.Sy nfs_server
801or
802.Sy nfs_client
803is (or both are) set to
804.Sq YES .
805Passes
806.Sy lockd_flags .
807.It Sy statd
808.Sq YES
809or
810.Sq NO .
811Runs
812.Xr rpc.statd 8 ,
813a status monitoring daemon used when
814.Xr rpc.lockd 8
815is running, if either
816.Sy nfs_server
817or
818.Sy nfs_client
819is (or both are) set to
820.Sq YES .
821Passes
822.Sy statd_flags .
823.It Sy amd
824.Sq YES
825or
826.Sq NO .
827Runs
828.Xr amd 8 ,
829the automounter daemon, which automatically mounts NFS file systems
830whenever a file or directory within that filesystem is accessed.
831Passes
832.Sy amd_flags .
833.It Sy amd_dir
834The
835.Xr amd 8
836mount directory.
837Used only if
838.Sy amd
839is set to
840.Sq YES .
841.It Sy amd_master
842The
843.Xr amd 8
844automounter master map.
845Used only if
846.Sy amd
847is set to
848.Sq YES .
849.El
850.Ss Other daemons:
851.Bl -tag -width net_interfaces
852.It Sy rwhod
853.Sq YES
854or
855.Sq NO .
856Runs
857.Xr rwhod 8
858to support the
859.Xr rwho 1
860and
861.Xr ruptime 1
862commands.
863.It Sy kdc
864.Sq YES
865or
866.Sq NO .
867Runs the
868.Xr kdc 8
869Kerberos v4 and v5 server.
870This should be run on Kerberos master and slave servers.
871.El
872.Ss Hardware daemons:
873.Bl -tag -width net_interfaces
874.It Sy apmd
875.Sq YES
876or
877.Sq NO .
878Runs
879.Xr apmd 8
880and passes
881.Sy apmd_flags .
882.It Sy screenblank
883.Sq YES
884or
885.Sq NO .
886Runs
887.Xr screenblank 1
888and passes
889.Sy screenblank_flags .
890.It Sy wscons
891.Sq YES
892or
893.Sq NO .
894Configures the
895.Xr wscons 4
896console driver, from the configuration file
897.Pa /etc/wscons.conf .
898.El
899.Sh FILES
900.Bl -tag -width /etc/defaults/rc.conf -compact
901.It Pa /etc/rc.conf
902The file
903.Nm
904resides in
905.Pa /etc .
906.It Pa /etc/defaults/rc.conf
907Default settings for
908.Nm "" .
909.El
910.Sh SEE ALSO
911.Xr ifconfig.if 5 ,
912.Xr boot 8 ,
913.Xr rc 8 ,
914.Xr sysctl 8
915.Sh HISTORY
916The
917.Nm
918file appeared in
919.Nx 1.3 .
920