1.\" $NetBSD: rc.conf.5,v 1.119 2008/06/18 09:06:26 yamt Exp $ 2.\" 3.\" Copyright (c) 1996 Matthew R. Green 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 20.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 22.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 23.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" Copyright (c) 1997 Curt J. Sampson 28.\" Copyright (c) 1997 Michael W. Long 29.\" Copyright (c) 1998-2002 The NetBSD Foundation, Inc. 30.\" All rights reserved. 31.\" 32.\" This document is derived from works contributed to The NetBSD Foundation 33.\" by Luke Mewburn. 34.\" 35.\" Redistribution and use in source and binary forms, with or without 36.\" modification, are permitted provided that the following conditions 37.\" are met: 38.\" 1. Redistributions of source code must retain the above copyright 39.\" notice, this list of conditions and the following disclaimer. 40.\" 2. Redistributions in binary form must reproduce the above copyright 41.\" notice, this list of conditions and the following disclaimer in the 42.\" documentation and/or other materials provided with the distribution. 43.\" 3. The name of the author may not be used to endorse or promote products 44.\" derived from this software without specific prior written permission. 45.\" 46.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 47.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 48.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 49.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 50.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 51.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 52.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 53.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 54.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 55.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 56.\" SUCH DAMAGE. 57.\" 58.Dd June 13, 2008 59.Dt RC.CONF 5 60.Os 61.Sh NAME 62.Nm rc.conf 63.Nd system startup configuration file 64.Sh DESCRIPTION 65The 66.Nm 67file specifies which services are enabled during system startup by 68the startup scripts invoked by 69.Pa /etc/rc 70(see 71.Xr rc 8 ) , 72and the shutdown scripts invoked by 73.Pa /etc/rc.shutdown . 74The 75.Nm 76file is a shell script that is sourced by 77.Xr rc 8 , 78meaning that 79.Nm 80must contain valid shell commands. 81.Pp 82Listed below are the standard 83.Nm 84variables that may be set, the values to which each may be set, 85a brief description of what each variable does, and a reference to 86relevant manual pages. 87Third party packages may test for additional variables. 88.Pp 89Most variables are one of two types: enabling variables or flags 90variables. 91Enabling variables, such as 92.Sy inetd , 93are generally named after the program or the system they enable, 94and are set to 95.Sq YES 96or 97.Sq NO . 98Flags variables, such as 99.Sy inetd_flags 100have the same name with "_flags" appended, and determine what 101arguments are passed to the program if it is enabled. 102.Pp 103If a variable that 104.Xr rc 8 105expects to be set is not set, or the value is not one of the allowed 106values, a warning will be printed. 107.Pp 108By default, 109.Nm 110reads 111.Pa /etc/defaults/rc.conf 112(if it is readable) 113to obtain default values for various variables, and the end-user 114may override these by appending appropriate entries to the end of 115.Nm . 116.Pp 117.Xr rc.d 8 118scripts that use 119.Ic load_rc_config 120from 121.Xr rc.subr 8 122also support sourcing an optional end-user provided per-script override 123file 124.Pa /etc/rc.conf.d/ Ns Ar service , 125(where 126.Ar service 127is the contents of the 128.Sy name 129variable in the 130.Xr rc.d 8 131script). 132This may contain variable overrides, including allowing the end-user 133to override various 134.Ic run_rc_command 135.Xr rc.d 8 136control variables, and thus changing the operation of the script 137without requiring editing of the script. 138.Ss Overall control 139.Bl -tag -width net_interfaces 140.It Sy do_rcshutdown 141.Sq YES 142or 143.Sq NO . 144If set to 145.Sq NO , 146.Xr shutdown 8 147will not run 148.Pa /etc/rc.shutdown . 149.It Sy rcshutdown_rcorder_flags 150A string. 151Extra arguments to the 152.Xr rcorder 8 153run by 154.Pa /etc/rc.shutdown . 155.It Sy rcshutdown_timeout 156A number. 157If non-blank, use this as the number of seconds to run a watchdog timer for 158which will terminate 159.Pa /etc/rc.shutdown 160if the timer expires before the shutdown script completes. 161.It Sy rc_configured 162.Sq YES 163or 164.Sq NO . 165If not set to 166.Sq YES 167then the system will drop into single-user mode during boot. 168.It Sy rc_fast_and_loose 169If set to a non-empty string, 170each script in 171.Pa /etc/rc.d 172will be executed in the current shell rather than a sub shell. 173This may be faster on slow machines that have an expensive 174.Xr fork 2 175operation. 176.Bl -hang 177.It Em Note : 178Use this at your own risk! 179A rogue command or script may inadvertently prevent boot to multiuser. 180.El 181.It Sy rc_rcorder_flags 182A string. 183Extra arguments to the 184.Xr rcorder 8 185run by 186.Pa /etc/rc . 187.El 188.Ss Basic network configuration 189.Bl -tag -width net_interfaces 190.It Sy defaultroute 191A string. 192Default IPv4 network route. 193If empty or not set, then the contents of 194.Pa /etc/mygate 195(if it exists) are used. 196.It Sy defaultroute6 197A string. 198Default IPv6 network route. 199If empty or not set, then the contents of 200.Pa /etc/mygate6 201(if it exists) are used. 202.It Sy domainname 203A string. 204.Tn NIS 205(YP) domain of host. 206If empty or not set, then the contents of 207.Pa /etc/defaultdomain 208(if it exists) are used. 209.It Sy force_down_interfaces 210A space separated list of interface names. 211These interfaces will be configured down when going from multiuser to singleuser 212mode or on system shutdown. 213.Pp 214This is important for some stateful interfaces, for example PPP over ISDN 215connections that cost money by connection time or PPPoE interfaces which 216have no direct means of noticing 217.Dq disconnect 218events. 219.Pp 220All active 221.Xr pppoe 4 222and 223.Xr ippp 4 224interfaces will be automatically added to this list. 225.It Sy hostname 226A string. 227Name of host. 228If empty or not set, then the contents of 229.Pa /etc/myname 230(if it exists) are used. 231.El 232.Ss Boottime file-system and swap configuration 233.Bl -tag -width net_interfaces 234.It Sy critical_filesystems_local 235A string. 236File systems mounted very early in the system boot before networking 237services are available. 238Usually 239.Pa /var 240is part of this, because it is needed by services such as 241.Xr dhclient 8 242which may be required to get the network operational. 243.It Sy critical_filesystems_remote 244A string. 245File systems such as 246.Pa /usr 247that may require network services to be available to mount, 248that must be available early in the system boot for general services to use. 249.It Sy fsck_flags 250A string. 251A file system is checked with 252.Xr fsck 8 253during boot before mounting it. 254This option may be used to override the default command-line options 255passed to the 256.Xr fsck 8 257program. 258.Pp 259When set to 260.Fl y , 261.Xr fsck 8 262assumes yes as the answer to all operator questions during file system checks. 263This might be important with hosts where the administrator does not have 264access to the console and an unsuccessful shutdown must not make the host 265unbootable even if the file system checks would fail in preen mode. 266.It Sy no_swap 267.Sq YES 268or 269.Sq NO . 270Set the 271.Sy no_swap 272variable to 273.Sq YES 274if you have configured your system with no swap on purpose. 275If not set to 276.Sq YES , 277and no swap devices 278are configured, the system will warn you. 279.It Sy swapoff 280.Sq YES 281or 282.Sq NO . 283Remove block-type swap devices at shutdown time. 284Useful if swapping onto RAIDframe devices. 285.El 286.Ss One-time actions to perform or programs to run on boot-up 287.Bl -tag -width net_interfaces 288.It Sy accounting 289.Sq YES 290or 291.Sq NO . 292Enables process accounting with 293.Xr accton 8 . 294Requires 295.Pa /var/account/acct 296to exist. 297.It Sy clear_tmp 298.Sq YES 299or 300.Sq NO . 301Clear /tmp after reboot. 302.It Sy dmesg 303.Sq YES 304or 305.Sq NO . 306Create 307.Pa /var/run/dmesg.boot 308from the output of 309.Xr dmesg 8 . 310Passes 311.Sy dmesg_flags . 312.It Sy lkm 313.Sq YES 314or 315.Sq NO . 316Runs 317.Pa /etc/rc.lkm . 318.It Sy mixerctl 319.Sq YES 320or 321.Sq NO . 322Read 323.Xr mixerctl.conf 5 324for how to set mixer values. 325List in 326.Sy mixerctl_mixers 327the devices whose settings are to be saved at shutdown and 328restored at start-up. 329.It Sy newsyslog 330.Sq YES 331or 332.Sq NO . 333Run 334.Nm newsyslog 335to trim logfiles before syslogd starts. 336Intended for laptop users. 337Passes 338.Sy newsyslog_flags . 339.It Sy per_user_tmp 340.Sq YES 341or 342.Sq NO . 343Enables a per-user 344.Pa /tmp 345directory. 346.Sy per_user_tmp_dir 347can be used to override the default location of the 348.Dq real 349temporary directories, 350.Dq Pa /private/tmp . 351.It Sy savecore 352.Sq YES 353or 354.Sq NO . 355Runs the 356.Xr savecore 8 357utility. 358Passes 359.Sy savecore_flags . 360The directory where crash dumps are stored is specified by 361.Sy savecore_dir . 362The default setting is 363.Dq Pa /var/crash . 364.It Sy tpctl 365.Sq YES 366or 367.Sq NO . 368Run 369.Xr tpctl 8 370to calibrate touch panel device. 371Passes 372.Sy tpctl_flags . 373.It Sy update_motd 374.Sq YES 375or 376.Sq NO . 377Updates the 378.Nx 379version string in the 380.Pa /etc/motd 381file to reflect the version of the running kernel. 382See 383.Xr motd 5 . 384.It Sy veriexec 385.Sq YES 386or 387.Sq NO . 388Load Veriexec fingerprints during startup. 389Read 390.Xr veriexecctl 8 391for more information. 392.It Sy virecover 393.Sq YES 394or 395.Sq NO . 396Send notification mail to users if any recoverable files exist in 397.Pa /var/tmp/vi.recover . 398Read 399.Xr virecover 8 400for more information. 401.El 402.Ss System security setting 403.Bl -tag -width net_interfaces 404.It Sy securelevel 405A number. 406The system securelevel is set to the specified value early 407in the boot process, before any external logins, or other programs 408that run users job, are started. 409If set to nothing, the default action is taken, as described in 410.Xr init 8 , 411which contains definitive information about the system securelevel. 412Note that setting 413.Sy securelevel 414to 0 in 415.Nm 416will actually result in the system booting with securelevel set to 1, as 417.Xr init 8 418will raise the level when 419.Xr rc 8 420completes. 421.It Sy permit_nonalpha 422Allow passwords to include non-alpha characters, usually to allow 423NIS/YP netgroups. 424.It Sy veriexec_strict 425A number. 426Controls the strict level of Veriexec. 427Level 0 is learning mode, used when building the signatures file. 428It will only output messages but will not enforce anything. 429Level 1 will only prevent access to files with a fingerprint 430mismatch. 431Level 2 will also deny writing to and removing of 432monitored files, as well as enforce access type (as specified in 433the signatures file). 434Level 3 will take a step further and prevent 435access to files that are not monitored. 436.It Sy veriexec_verbose 437A number. 438Controls the verbosity of Veriexec. 439Recommended operation is at level 0, verbose output (mostly used when 440building the signatures file) is at level 1. 441Level 2 is for debugging only and should not be used. 442.It Sy veriexec_flags 443A string. 444Flags to pass to the 445.Nm veriexecctl 446command. 447.El 448.Ss Networking startup 449.Bl -tag -width net_interfaces 450.It Sy altqd 451.Sq YES 452or 453.Sq NO . 454ALTQ configuration/monitoring daemon. 455Passes 456.Sy altqd_flags . 457.It Sy auto_ifconfig 458.Sq YES 459or 460.Sq NO . 461Sets the 462.Sy net_interfaces 463variable (see below) to the output of 464.Xr ifconfig 8 465with the 466.Dq Li -l 467flag and suppresses warnings about interfaces in this list that 468do not have an ifconfig file or variable. 469.It Sy dhclient 470.Sq YES 471or 472.Sq NO . 473Set to 474.Sq YES 475to configure some or all network interfaces using 476the ISC DHCP client. 477If you set 478.Sy dhclient 479to 480.Sq YES , 481you must either have 482.Pa /var 483in 484.Sy critical_filesystems_local , 485as part of 486.Pa / , 487or direct the DHCP client to store the leases file on the root 488file system by modifying the 489.Sy dhclient_flags 490variable. 491You must not provide ifconfig information or ifaliases 492information for any interface that is to be configured using the DHCP client. 493Interface aliases can be set up in the DHCP client configuration 494file if needed - see 495.Xr dhclient.conf 5 496for details. 497.Pp 498Passes 499.Sy dhclient_flags 500to the DHCP client. 501See 502.Xr dhclient 8 503for complete documentation. 504If you wish to configure all broadcast 505network interfaces using the DHCP client, you can leave this blank. 506To configure only specific interfaces, name the interfaces to be configured 507on the command line. 508.Pp 509If you must run the DHCP client before mounting critical file systems, 510then you should specify an alternate location for the DHCP client's lease 511file in the 512.Sy dhclient_flags 513variable - for example, "-lf /tmp/dhclient.leases". 514.It Sy dhcpcd_flags 515Additional arguments to pass to 516.Xr dhcpcd 8 517when requesting configuration via 518.Sy ifconfig_xxN . 519.It Sy flushroutes 520.Sq YES 521or 522.Sq NO . 523Flushes the route table on networking startup. 524Useful when coming up to multiuser mode after going down to 525single-user mode. 526.It Sy hostapd 527.Sq YES 528or 529.Sq NO . 530Runs 531.Xr hostapd 8 , 532the authenticator for IEEE 802.11 networks. 533.It Sy ifaliases_* 534A string. 535List of 536.Sq Em "address netmask" 537pairs to configure additional network addresses for the given 538configured interface 539.Dq * 540(e.g. 541.Sy ifaliases_le0 ) . 542If 543.Em netmask 544is 545.Dq - , 546then use the default netmask for the interface. 547.Pp 548.Sy ifaliases_* 549covers limited cases only and considered unrecommended. 550We recommend using 551.Pa /etc/ifconfig.xxN 552with multiple lines instead. 553.It Sy ifwatchd 554.Sq YES 555or 556.Sq NO . 557Monitor dynamic interfaces and perform actions upon address changes. 558Passes 559.Sy ifwatchd_flags . 560.It Sy ip6mode 561A string. 562An IPv6 node can be a router 563.Pq nodes that forward packet for others 564or a host 565.Pq nodes that do not forward . 566A host can be autoconfigured 567based on the information advertised by adjacent IPv6 routers. 568By setting 569.Sy ip6mode 570to 571.Dq Li router , 572.Dq Li host , 573or 574.Dq Li autohost , 575you can configure your node as a router, 576a non-autoconfigured host, or an autoconfigured host. 577Invalid values will be ignored, and the node will be configured as 578a non-autoconfigured host. 579You may want to check 580.Sy rtsol 581and 582.Sy rtsold 583as well, if you set the variable to 584.Dq Li autohost . 585.It Sy ip6uniquelocal 586.Sq YES 587or 588.Sq NO . 589If 590.Sy ip6mode 591is equal to 592.Dq Li router 593and 594.Sy ip6uniquelocal 595is set to 596.Sq NO 597a reject route will be installed on boot to avoid misconfiguration relating 598to unique-local addresses. 599If set to 600.Sq YES 601the reject route won't be installed. 602.It Sy ipfilter 603.Sq YES 604or 605.Sq NO . 606Runs 607.Xr ipf 8 608to load in packet filter specifications from 609.Pa /etc/ipf.conf 610at network boot time, before any interfaces are configured. 611See 612.Xr ipf.conf 5 . 613.It Sy ipfs 614.Sq YES 615or 616.Sq NO . 617Runs 618.Xr ipfs 8 619to save and restore information for ipnat and ipfilter state tables. 620The information is stored in 621.Pa /var/db/ipf/ipstate.ipf 622and 623.Pa /var/db/ipf/ipnat.ipf . 624Passes 625.Sy ipfs_flags . 626.It Sy ipmon 627.Sq YES 628or 629.Sq NO . 630Runs 631.Xr ipmon 8 632to read 633.Xr ipf 8 634packet log information and log it to a file or the system log. 635Passes 636.Sy ipmon_flags . 637.It Sy ipmon_flags 638A string. 639Specifies arguments to supply to 640.Xr ipmon 8 . 641Defaults to 642.Dq Li -ns . 643A typical example would be 644.Dq Fl nD Pa /var/log/ipflog 645to have 646.Xr ipmon 8 647log directly to a file bypassing 648.Xr syslogd 8 . 649If the 650.Dq -D 651argument is used, remember to modify 652.Pa /etc/newsyslog.conf 653accordingly; for example: 654.Bd -literal 655/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 656.Ed 657.It Sy ipnat 658.Sq YES 659or 660.Sq NO . 661Runs 662.Xr ipnat 8 663to load in the IP network address translation (NAT) rules from 664.Pa /etc/ipnat.conf 665at network boot time, before any interfaces are configured. 666See 667.Xr ipnat.conf 5 . 668.It Sy ipsec 669.Sq YES 670or 671.Sq NO . 672Runs 673.Xr setkey 8 674to load in IPsec manual keys and policies from 675.Pa /etc/ipsec.conf 676at network boot time, before any interfaces are configured. 677.It Sy net_interfaces 678A string. 679The list of network interfaces to be configured at boot time. 680For each interface "xxN", the system first looks for ifconfig 681parameters in 682.Pa /etc/ifconfig.xxN 683and then in the variable 684.Sy ifconfig_xxN . 685If this variable is equal to 686.Dq dhcp , 687.Xr dhcpcd 8 688is started for the interface. 689Otherwise the contents of the file or the variable are handed to ifconfig 690after the interface name. 691If 692.Sy auto_ifconfig 693is set to "NO" and neither the file nor the variable is found, 694a warning is printed. 695Refer to 696.Xr ifconfig.if 5 697for more details on 698.Pa /etc/ifconfig.xxN . 699.It Sy ntpdate 700.Sq YES 701or 702.Sq NO . 703Runs 704.Xr ntpdate 8 705to set the system time from one of the hosts in 706.Sy ntpdate_hosts . 707If 708.Sy ntpdate_hosts 709is empty, it will attempt to find a list of hosts in 710.Pa /etc/ntp.conf . 711Passes 712.Sy ntpdate_flags . 713.It Sy pf 714.Sq YES 715or 716.Sq NO . 717Enable 718.Xr pf 4 719at network boot time: 720Load the initial configuration 721.Xr pf.boot.conf 5 722before the network is up. 723After the network has been configured, then load the final ruleset 724.Xr pf.conf 5 . 725.It Sy pf_rules 726A string. 727The path of the 728.Xr pf.conf 5 729ruleset that will be used when loading the final ruleset. 730.It Sy pflogd 731.Sq YES 732or 733.Sq NO . 734Run 735.Xr pflogd 8 736for dumping packet filter logging information to a file. 737.It Sy ppp_peers 738A string. 739If 740.Sy ppp_peers 741is not empty, then 742.Pa /etc/rc.d/ppp 743will check each word in 744.Sy ppp_peers 745for a corresponding ppp configuration file in 746.Pa /etc/ppp/peers 747and will call 748.Xr pppd 8 749with the 750.Dq call Sy peer 751option. 752.It Sy racoon 753.Sq YES 754or 755.Sq NO . 756Runs 757.Xr racoon 8 , 758the IKE (ISAKMP/Oakley) key management daemon. 759.It Sy rtsol 760.Sq YES 761or 762.Sq NO . 763Run 764.Xr rtsol 8 , 765router solicitation command for IPv6 hosts. 766On nomadic hosts like notebook computers, you may want to enable 767.Sy rtsold 768as well. 769Passes 770.Sy rtsol_flags . 771This is only for autoconfigured IPv6 hosts, so set 772.Sy ip6mode 773to 774.Dq Li autohost 775if you use it. 776.It Sy wpa_supplicant 777.Sq YES 778or 779.Sq NO . 780Run 781.Xr wpa_supplicant 8 , 782WPA/802.11i Supplicant for wireless network devices. 783.El 784.Ss Daemons required by other daemons 785.Bl -tag -width net_interfaces 786.It Sy inetd 787.Sq YES 788or 789.Sq NO . 790Runs the 791.Xr inetd 8 792daemon to start network server processes (as listed in 793.Pa /etc/inetd.conf ) 794as necessary. 795Passes 796.Sy inetd_flags . 797The 798.Dq Li -l 799flag turns on libwrap connection logging. 800.It Sy rpcbind 801.Sq YES 802or 803.Sq NO . 804The 805.Xr rpcbind 8 806daemon is required for any 807.Xr rpc 3 808services. 809These include NFS, 810.Tn NIS , 811.Xr bootparamd 8 , 812.Xr rstatd 8 , 813.Xr rusersd 8 , 814and 815.Xr rwalld 8 . 816Passes 817.Sy rpcbind_flags . 818.El 819.Ss Commonly used daemons 820.Bl -tag -width net_interfaces 821.It Sy cron 822.Sq YES 823or 824.Sq NO . 825Run 826.Xr cron 8 . 827.It Sy lpd 828.Sq YES 829or 830.Sq NO . 831Runs 832.Xr lpd 8 833and passes 834.Sy lpd_flags . 835The 836.Dq Li -l 837flag will turn on extra logging. 838.It Sy named 839.Sq YES 840or 841.Sq NO . 842Runs 843.Xr named 8 844and passes 845.Sy named_flags . 846.It Sy named_chrootdir 847A string. 848If non-blank and 849.Sy named 850is 851.Sq YES , 852run 853.Xr named 8 854as the unprivileged user and group 855.Sq named , 856.Xr chroot 2 Ns ed 857to 858.Sy named_chrootdir . 859.Sy named_chrootdir Ns Pa /var/run/log 860will be added to the list of log sockets that 861.Xr syslogd 8 862listens to. 863.It Sy ntpd 864.Sq YES 865or 866.Sq NO . 867Runs 868.Xr ntpd 8 869and passes 870.Sy ntpd_flags . 871.It Sy ntpd_chrootdir 872A string. 873If non-blank and 874.Sy ntpd 875is 876.Sq YES , 877run 878.Xr ntpd 8 879as the unprivileged user and group 880.Sq ntpd , 881.Xr chroot 2 Ns ed 882to 883.Sy ntpd_chrootdir . 884.Sy ntpd_chrootdir Ns Pa /var/run/log 885will be added to the list of log sockets that 886.Xr syslogd 8 887listens to. 888This option requires that the kernel has 889.Dl pseudo-device clockctl 890compiled in, and that 891.Pa /dev/clockctl 892is present. 893.It Sy postfix 894.Sq YES 895or 896.Sq NO . 897Starts 898.Xr postfix 1 899mail system. 900.It Sy sshd 901.Sq YES 902or 903.Sq NO . 904Runs 905.Xr sshd 8 906and passes 907.Sy sshd_flags . 908.It Sy syslogd 909.Sq YES 910or 911.Sq NO . 912Runs 913.Xr syslogd 8 914and passes 915.Sy syslogd_flags . 916.It Sy timed 917.Sq YES 918or 919.Sq NO . 920Runs 921.Xr timed 8 922and passes 923.Sy timed_flags . 924The 925.Dq Li -M 926option allows 927.Xr timed 8 928to be a master time source as well as a slave. 929If you are also running 930.Xr ntpd 8 , 931only one machine running both should have the 932.Dq Li -M 933flag given to 934.Xr timed 8 . 935.El 936.Ss Routing daemons 937.Bl -tag -width net_interfaces 938.It Sy mrouted 939.Sq YES 940or 941.Sq NO . 942Runs 943.Xr mrouted 8 , 944the DVMRP multicast routing protocol daemon. 945Passes 946.Sy mrouted_flags . 947.It Sy route6d 948.Sq YES 949or 950.Sq NO . 951Runs 952.Xr route6d 8 , 953the RIPng routing protocol daemon for IPv6. 954Passes 955.Sy route6d_flags . 956.It Sy routed 957.Sq YES 958or 959.Sq NO . 960Runs 961.Xr routed 8 , 962the RIP routing protocol daemon. 963Passes 964.Sy routed_flags . 965.\" This should be 966.\" .Sq NO 967.\" if 968.\" .Sy gated 969.\" is 970.\" .Sq YES . 971.It Sy rtsold 972.Sq YES 973or 974.Sq NO . 975Runs 976.Xr rtsold 8 , 977the IPv6 router solicitation daemon. 978.Xr rtsold 8 979periodically transmits router solicitation packets 980to find IPv6 routers on the network. 981This configuration is mainly for nomadic hosts like notebook computers. 982Stationary hosts should work fine with just 983.Sy rtsol . 984Passes 985.Sy rtsold_flags . 986This is only for autoconfigured IPv6 hosts, so set 987.Sy ip6mode 988to 989.Dq Li autohost 990if you use it. 991.El 992.Ss Daemons used to boot other hosts over a network 993.Bl -tag -width net_interfaces 994.It Sy bootparamd 995.Sq YES 996or 997.Sq NO . 998Runs 999.Xr bootparamd 8 , 1000the boot parameter server, with 1001.Sy bootparamd_flags 1002as options. 1003Used to boot 1004.Nx 1005and 1006.Tn "SunOS 4.x" 1007systems. 1008.It Sy dhcpd 1009.Sq YES 1010or 1011.Sq NO . 1012Runs 1013.Xr dhcpd 8 , 1014the Dynamic Host Configuration Protocol (DHCP) daemon, 1015for assigning IP addresses to hosts and passing boot information. 1016Passes 1017.Sy dhcpd_flags . 1018.It Sy dhcrelay 1019.Sq YES 1020or 1021.Sq NO . 1022Runs 1023.Xr dhcrelay 8 . 1024Passes 1025.Sy dhcrelay_flags . 1026.It Sy mopd 1027.Sq YES 1028or 1029.Sq NO . 1030Runs 1031.Xr mopd 8 , 1032the 1033.Tn DEC 1034.Tn MOP 1035protocol daemon; used for booting 1036.Tn VAX 1037and other 1038.Tn DEC 1039machines. 1040Passes 1041.Sy mopd_flags . 1042.It Sy ndbootd 1043.Sq YES 1044or 1045.Sq NO . 1046Runs 1047.Xr ndbootd 8 , 1048the Sun Network Disk (ND) Protocol server. 1049Passes 1050.Sy ndbootd_flags . 1051.It Sy rarpd 1052.Sq YES 1053or 1054.Sq NO . 1055Runs 1056.Xr rarpd 8 , 1057the reverse ARP daemon, often used to boot 1058.Nx 1059and Sun workstations. 1060Passes 1061.Sy rarpd_flags . 1062.It Sy rbootd 1063.Sq YES 1064or 1065.Sq NO . 1066Runs 1067.Xr rbootd 8 , 1068the 1069.Tn HP 1070boot protocol daemon; used for booting 1071.Tn HP 1072workstations. 1073Passes 1074.Sy rbootd_flags . 1075.It Sy rtadvd 1076.Sq YES 1077or 1078.Sq NO . 1079Runs 1080.Xr rtadvd 8 , 1081the IPv6 router advertisement daemon, which is used to advertise 1082information about the subnet to IPv6 end hosts. 1083Passes 1084.Sy rtadvd_flags . 1085This is only for IPv6 routers, so set 1086.Sy ip6mode 1087to 1088.Dq Li router 1089if you use it. 1090.El 1091.Ss X Window System daemons 1092.Bl -tag -width net_interfaces 1093.It Sy xdm 1094.Sq YES 1095or 1096.Sq NO . 1097Runs the 1098.Xr xdm 1 1099X display manager. 1100These X daemons are available only with the optional X distribution of 1101.Nx . 1102.It Sy xfs 1103.Sq YES 1104or 1105.Sq NO . 1106Runs the 1107.Xr xfs 1 1108X11 font server, which supplies local X font files to X terminals. 1109.El 1110.Ss NIS (YP) daemons 1111.Bl -tag -width net_interfaces 1112.It Sy ypbind 1113.Sq YES 1114or 1115.Sq NO . 1116Runs 1117.Xr ypbind 8 , 1118which lets 1119.Tn NIS 1120(YP) clients use information from a 1121.Tn NIS 1122server. 1123Passes 1124.Sy ypbind_flags . 1125.It Sy yppasswdd 1126.Sq YES 1127or 1128.Sq NO . 1129Runs 1130.Xr yppasswdd 8 , 1131which allows remote 1132.Tn NIS 1133users to update password on master server. 1134Passes 1135.Sy yppasswdd_flags . 1136.It Sy ypserv 1137.Sq YES 1138or 1139.Sq NO . 1140Runs 1141.Xr ypserv 8 , 1142the 1143.Tn NIS 1144(YP) server for distributing information from certain files in 1145.Pa /etc . 1146Passes 1147.Sy ypserv_flags . 1148The 1149.Dq Li -d 1150flag causes it to use DNS for lookups in 1151.Pa /etc/hosts 1152that fail. 1153.El 1154.Ss NFS daemons and parameters 1155.Bl -tag -width net_interfaces 1156.It Sy amd 1157.Sq YES 1158or 1159.Sq NO . 1160Runs 1161.Xr amd 8 , 1162the automounter daemon, which automatically mounts NFS file systems 1163whenever a file or directory within that file system is accessed. 1164Passes 1165.Sy amd_flags . 1166.It Sy amd_dir 1167A string. 1168The 1169.Xr amd 8 1170mount directory. 1171Used only if 1172.Sy amd 1173is set to 1174.Sq YES . 1175.It Sy lockd 1176.Sq YES 1177or 1178.Sq NO . 1179Runs 1180.Xr rpc.lockd 8 1181if 1182.Sy nfs_server 1183and/or 1184.Sy nfs_client 1185are set to 1186.Sq YES . 1187Passes 1188.Sy lockd_flags . 1189.It Sy mountd 1190.Sq YES 1191or 1192.Sq NO . 1193Runs 1194.Xr mountd 8 1195and passes 1196.Sy mountd_flags . 1197.It Sy nfs_client 1198.Sq YES 1199or 1200.Sq NO . 1201The number of local NFS asynchronous I/O server is now controlled via 1202.Xr sysctl 8 . 1203.It Sy nfs_server 1204.Sq YES 1205or 1206.Sq NO . 1207Sets up a host to be a NFS server by running 1208.Xr nfsd 8 1209and passing 1210.Sy nfsd_flags . 1211.It Sy statd 1212.Sq YES 1213or 1214.Sq NO . 1215Runs 1216.Xr rpc.statd 8 , 1217a status monitoring daemon used when 1218.Xr rpc.lockd 8 1219is running, if 1220.Sy nfs_server 1221and/or 1222.Sy nfs_client 1223are set to 1224.Sq YES . 1225Passes 1226.Sy statd_flags . 1227.El 1228.Ss Bluetooth configuration and daemons 1229.Bl -tag -width net_interfaces 1230.It Sy btattach 1231.Sq YES 1232or 1233.Sq NO . 1234Attach serial bluetooth interfaces as listed in the configuration file 1235.Pa /etc/bluetooth/btdevctl.conf . 1236.It Sy btconfig 1237.Sq YES 1238or 1239.Sq NO . 1240Configure bluetooth devices. 1241If the 1242.Sy btconfig_devices 1243variable below is not specified, all devices known to the system 1244will be configured. 1245For each device, configuration arguments are first looked for 1246in the 1247.Sy btconfig_{dev} 1248variable, otherwise the value of the 1249.Sy btconfig_args 1250variable will be used, and if that is not specified the default string is 1251.Sq enable . 1252.It Sy btconfig_devices 1253An optional space separated list of bluetooth devices to be configured at 1254boot time. 1255.It Sy btconfig_args 1256An optional string, containing default arguments for bluetooth devices to 1257be configured. 1258.It Sy btdevctl 1259.Sq YES 1260or 1261.Sq NO . 1262Configure Bluetooth devices as listed in the configuration file 1263.Pa /etc/bluetooth/btdevctl.conf . 1264.It Sy bthcid 1265.Sq YES 1266or 1267.Sq NO . 1268Runs 1269.Xr bthcid 8 , 1270the Bluetooth HCI daemon, which manages link keys and PIN codes for 1271Bluetooth links. 1272Passes 1273.Sy bthcid_flags . 1274.It Sy sdpd 1275.Sq YES 1276or 1277.Sq NO . 1278Runs the Service Discovery Profile daemon, 1279.Xr sdpd 8 . 1280Passes 1281.Sy sdpd_flags . 1282.El 1283.Ss Other daemons 1284.Bl -tag -width net_interfaces 1285.It Sy isdnd 1286.Sq YES 1287or 1288.Sq NO . 1289Runs 1290.Xr isdnd 8 , 1291the isdn4bsd ISDN connection management daemon. 1292Passes 1293.Sy isdnd_flags . 1294.It Sy isdn_autoupdown 1295.Sq YES 1296or 1297.Sq NO . 1298Set all configured ISDN interfaces to 1299.Dq up . 1300If 1301.Sy isdn_interfaces 1302is not blank, only the listed interfaces will be modified. 1303Used only if 1304.Sy isdnd 1305is set to 1306.Sq YES . 1307.It Sy kdc 1308.Sq YES 1309or 1310.Sq NO . 1311Runs the 1312.Xr kdc 8 1313Kerberos v4 and v5 server. 1314This should be run on Kerberos master and slave servers. 1315.It Sy rwhod 1316.Sq YES 1317or 1318.Sq NO . 1319Runs 1320.Xr rwhod 8 1321to support the 1322.Xr rwho 1 1323and 1324.Xr ruptime 1 1325commands. 1326.El 1327.Ss Hardware daemons 1328.Bl -tag -width net_interfaces 1329.It Sy apmd 1330.Sq YES 1331or 1332.Sq NO . 1333Runs 1334.Xr apmd 8 1335and passes 1336.Sy apmd_flags . 1337.It Sy irdaattach 1338.Sq YES 1339or 1340.Sq NO . 1341Runs 1342.Xr irdaattach 8 1343and passes 1344.Sy irdaattach_flags . 1345.It Sy moused 1346.Sq YES 1347or 1348.Sq NO . 1349Runs 1350.Xr moused 8 , 1351to pass serial mouse data to the wscons mouse mux. 1352Passes 1353.Sy moused_flags . 1354.It Sy poffd 1355.Sq YES 1356or 1357.Sq NO . 1358Runs 1359.Xr poffd 8 1360x68k shutdown daemon 1361(only for 1362.Nx Ns /x68k ) . 1363Passes 1364.Sy poffd_flags . 1365.It Sy screenblank 1366.Sq YES 1367or 1368.Sq NO . 1369Runs 1370.Xr screenblank 1 1371and passes 1372.Sy screenblank_flags . 1373.It Sy wscons 1374.Sq YES 1375or 1376.Sq NO . 1377Configures the 1378.Xr wscons 4 1379console driver, from the configuration file 1380.Pa /etc/wscons.conf . 1381.It Sy wsmoused 1382.Sq YES 1383or 1384.Sq NO . 1385Runs 1386.Xr wsmoused 8 , 1387to provide copy and paste text support in wscons displays. 1388Passes 1389.Sy wsmoused_flags . 1390.El 1391.Sh FILES 1392.Bl -tag -width /etc/defaults/rc.conf -compact 1393.It Pa /etc/rc.conf 1394The file 1395.Nm 1396resides in 1397.Pa /etc . 1398.It Pa /etc/defaults/rc.conf 1399Default settings for 1400.Nm , 1401sourced by 1402.Nm 1403before the end-user configuration section. 1404.It Pa /etc/rc.conf.d/ Ns Ar foo 1405.Ar foo Ns No -specific 1406.Nm 1407overrides. 1408.El 1409.Sh SEE ALSO 1410.Xr boot 8 , 1411.Xr rc 8 , 1412.Xr rc.d 8 , 1413.Xr rc.subr 8 , 1414.Xr rcorder 8 1415.Sh HISTORY 1416The 1417.Nm 1418file appeared in 1419.Nx 1.3 . 1420