1.\" $OpenBSD: sysctl.8,v 1.152 2009/10/04 16:08:37 michele Exp $ 2.\" $NetBSD: sysctl.8,v 1.4 1995/09/30 07:12:49 thorpej Exp $ 3.\" 4.\" Copyright (c) 1993 5.\" The Regents of the University of California. All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 3. Neither the name of the University nor the names of its contributors 16.\" may be used to endorse or promote products derived from this software 17.\" without specific prior written permission. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" 31.\" @(#)sysctl.8 8.2 (Berkeley) 5/9/95 32.\" 33.Dd $Mdocdate: October 4 2009 $ 34.Dt SYSCTL 8 35.Os 36.Sh NAME 37.Nm sysctl 38.Nd get or set kernel state 39.Sh SYNOPSIS 40.Nm sysctl 41.Op Fl Aan 42.Nm sysctl 43.Op Fl n 44.Ar name ... 45.Nm sysctl 46.Op Fl nq 47.Ar name Ns = Ns Ar value ... 48.Sh DESCRIPTION 49The 50.Nm 51utility retrieves kernel state and allows processes with 52appropriate privilege to set kernel state. 53The state to be retrieved or set is described using a 54.Dq Management Information Base 55.Pq MIB 56style name, described as a dotted set of components. 57.Pp 58When retrieving a variable, 59a subset of the MIB name may be specified to retrieve a list of 60variables in that subset. 61For example, to list all the machdep variables: 62.Pp 63.Dl $ sysctl machdep 64.Pp 65When setting a variable, 66the MIB name should be followed by an equal sign and the new value. 67.Pp 68The options are as follows: 69.Bl -tag -width xxx 70.It Fl A 71List all the known MIB names including tables. 72Those with string or integer values will be printed as with the 73.Fl a 74flag; for the table values, the name of the utility to retrieve them is given. 75.It Fl a 76List all the currently available string or integer values. 77This is the default, if no parameters are given to 78.Nm . 79.It Fl n 80Suppress printing of the field name, only output the field value. 81Useful for setting shell variables. 82For example, to set the psize shell variable to the pagesize of the hardware: 83.Pp 84.Dl # set psize=`sysctl -n hw.pagesize` 85.Pp 86.It Fl q 87Suppress all output when setting a variable. 88This option overrides the behaviour of 89.Fl n . 90.It Ar name Ns = Ns Ar value 91Attempt to set the specified variable 92.Ar name 93to 94.Ar value . 95.El 96.Pp 97The information available from 98.Nm 99consists of integers, strings, and tables. 100The tabular information can only be retrieved by special 101purpose programs such as 102.Xr ps 1 , 103.Xr systat 1 , 104and 105.Xr netstat 1 . 106The string and integer information is summarized below. 107For a detailed description of these variables, see 108.Xr sysctl 3 . 109The changeable column indicates whether a process with appropriate 110privilege can change the value. 111.Pp 112Note: 113not all of the variables are relevant to all architectures. 114.Bl -column net.inet.ip.ipsec-expire-acquirexxxx integerxxx 115.It Sy Name Type Changeable 116.It kern.ostype string no 117.It kern.osrelease string no 118.It kern.osrevision integer no 119.It kern.version string no 120.It kern.maxvnodes integer yes 121.It kern.maxproc integer yes 122.It kern.maxfiles integer yes 123.It kern.argmax integer no 124.It kern.securelevel integer raise only 125.It kern.hostname string yes 126.It kern.hostid u_int yes 127.It kern.clockrate struct no 128.It kern.posix1version integer no 129.It kern.ngroups integer no 130.It kern.job_control integer no 131.It kern.saved_ids integer no 132.It kern.boottime struct no 133.It kern.domainname string yes 134.It kern.maxpartitions integer no 135.It kern.rawpartition integer no 136.It kern.osversion string no 137.It kern.somaxconn integer yes 138.It kern.sominconn integer yes 139.It kern.usermount integer yes 140.It kern.random struct no 141.It kern.nosuidcoredump integer yes 142.It kern.fsync integer no 143.It kern.sysvmsg integer no 144.It kern.sysvsem integer no 145.It kern.sysvshm integer no 146.It kern.arandom u_int no 147.It kern.msgbufsize integer no 148.It kern.malloc.buckets string no 149.It kern.malloc.bucket.<sz> string no 150.It kern.malloc.kmemnames string no 151.It kern.malloc.kmemstat.<name> string no 152.It kern.cp_time struct no 153.It kern.nchstats struct no 154.It kern.forkstat struct no 155.It kern.nselcoll integer no 156.It kern.tty.tk_nin int64_t no 157.It kern.tty.tk_nout int64_t no 158.It kern.tty.tk_rawcc int64_t no 159.It kern.tty.tk_cancc int64_t no 160.It kern.tty.ttyinfo struct no 161.It kern.tty.maxptys integer yes 162.It kern.tty.nptys integer no 163.It kern.ccpu u_int no 164.It kern.fscale integer no 165.It kern.nprocs integer no 166.It kern.stackgap_random integer yes 167.It kern.usercrypto integer yes 168.It kern.cryptodevallowsoft integer yes 169.It kern.splassert integer yes 170.It kern.nfiles integer no 171.It kern.ttycount integer no 172.It kern.numvnodes integer no 173.It kern.userasymcrypto integer yes 174.It kern.seminfo.semmni integer yes 175.It kern.seminfo.semmns integer yes 176.It kern.seminfo.semmnu integer yes 177.It kern.seminfo.semmsl integer yes 178.It kern.seminfo.semopm integer yes 179.It kern.seminfo.semume integer no 180.It kern.seminfo.semusz integer no 181.It kern.seminfo.semvmx integer no 182.It kern.seminfo.semaem integer no 183.It kern.shminfo.shmmax integer yes 184.It kern.shminfo.shmmin integer yes 185.It kern.shminfo.shmmni integer yes 186.It kern.shminfo.shmseg integer yes 187.It kern.shminfo.shmall integer yes 188.It kern.watchdog.period integer yes 189.It kern.watchdog.auto integer yes 190.It kern.emul.nemuls integer no 191.It kern.emul.other integer yes 192.It kern.maxclusters integer yes 193.It kern.timecounter.tick integer no 194.It kern.timecounter.timestepwarnings integer yes 195.It kern.timecounter.hardware string yes 196.It kern.timecounter.choice string no 197.It kern.maxlocksperuid integer yes 198.It kern.bufcachepercent integer yes 199.It vm.vmmeter struct no 200.It vm.loadavg struct no 201.It vm.psstrings struct no 202.It vm.uvmexp struct no 203.It vm.swapencrypt.enable integer yes 204.It vm.swapencrypt.keyscreated integer no 205.It vm.swapencrypt.keysdeleted integer no 206.It vm.nkmempages integer no 207.It vm.anonmin integer yes 208.It vm.vtextmin integer yes 209.It vm.vnodemin integer yes 210.It vm.maxslp integer no 211.It vm.uspace integer no 212.It fs.posix.setuid integer yes 213.It net.inet.divert.recvspace integer yes 214.It net.inet.divert.sendspace integer yes 215.It net.inet.ip.forwarding integer yes 216.It net.inet.ip.redirect integer yes 217.It net.inet.ip.ttl integer yes 218.\" .It net.inet.ip.mtu integer yes 219.It net.inet.ip.sourceroute integer yes 220.It net.inet.ip.directed-broadcast integer yes 221.It net.inet.ip.portfirst integer yes 222.It net.inet.ip.portlast integer yes 223.It net.inet.ip.porthifirst integer yes 224.It net.inet.ip.porthilast integer yes 225.It net.inet.ip.maxqueue integer yes 226.It net.inet.ip.encdebug integer yes 227.It net.inet.ip.ipsec-expire-acquire integer yes 228.It net.inet.ip.ipsec-invalid-life integer yes 229.It net.inet.ip.ipsec-pfs integer yes 230.It net.inet.ip.ipsec-soft-allocs integer yes 231.It net.inet.ip.ipsec-allocs integer yes 232.It net.inet.ip.ipsec-soft-bytes integer yes 233.It net.inet.ip.ipsec-bytes integer yes 234.It net.inet.ip.ipsec-timeout integer yes 235.It net.inet.ip.ipsec-soft-timeout integer yes 236.It net.inet.ip.ipsec-soft-firstuse integer yes 237.It net.inet.ip.ipsec-firstuse integer yes 238.It net.inet.ip.ipsec-enc-alg string yes 239.It net.inet.ip.ipsec-auth-alg string yes 240.It net.inet.ip.mtudisc integer yes 241.It net.inet.ip.mtudisctimeout integer yes 242.It net.inet.ip.ipsec-comp-alg string yes 243.It net.inet.ip.mforwarding integer yes 244.It net.inet.ip.multipath integer yes 245.It net.inet.icmp.maskrepl integer yes 246.It net.inet.icmp.bmcastecho integer yes 247.It net.inet.icmp.errppslimit integer yes 248.It net.inet.icmp.rediraccept integer yes 249.It net.inet.icmp.redirtimeout integer yes 250.It net.inet.icmp.tstamprepl integer yes 251.It net.inet.ipip.allow integer yes 252.It net.inet.tcp.rfc1323 integer yes 253.It net.inet.tcp.keepinittime integer yes 254.It net.inet.tcp.keepidle integer yes 255.It net.inet.tcp.keepintvl integer yes 256.It net.inet.tcp.slowhz integer no 257.It net.inet.tcp.baddynamic array yes 258.It net.inet.tcp.recvspace integer yes 259.It net.inet.tcp.sendspace integer yes 260.It net.inet.tcp.sack integer yes 261.It net.inet.tcp.mssdflt integer yes 262.It net.inet.tcp.rstppslimit integer yes 263.It net.inet.tcp.ackonpush integer yes 264.It net.inet.tcp.ecn integer yes 265.It net.inet.tcp.syncachelimit integer yes 266.It net.inet.tcp.synbucketlimit integer yes 267.It net.inet.tcp.rfc3390 integer yes 268.It net.inet.tcp.reasslimit integer yes 269.It net.inet.udp.checksum integer yes 270.It net.inet.udp.baddynamic array yes 271.It net.inet.udp.recvspace integer yes 272.It net.inet.udp.sendspace integer yes 273.It net.inet.gre.allow integer yes 274.It net.inet.gre.wccp integer yes 275.It net.inet.esp.enable integer yes 276.It net.inet.esp.udpencap integer yes 277.It net.inet.esp.udpencap_port integer yes 278.It net.inet.ah.enable integer yes 279.It net.inet.mobileip.allow integer yes 280.It net.inet.etherip.allow integer yes 281.It net.inet.ipcomp.enable integer yes 282.It net.inet.carp.allow integer yes 283.It net.inet.carp.preempt integer yes 284.It net.inet.carp.log integer yes 285.It net.inet6.ip6.forwarding integer yes 286.It net.inet6.ip6.redirect integer yes 287.It net.inet6.ip6.hlim integer yes 288.It net.inet6.ip6.maxfragpackets integer yes 289.It net.inet6.ip6.accept_rtadv integer yes 290.It net.inet6.ip6.keepfaith integer yes 291.It net.inet6.ip6.log_interval integer yes 292.It net.inet6.ip6.hdrnestlimit integer yes 293.It net.inet6.ip6.dad_count integer yes 294.It net.inet6.ip6.auto_flowlabel integer yes 295.It net.inet6.ip6.defmcasthlim integer yes 296.It net.inet6.ip6.kame_version string no 297.It net.inet6.ip6.use_deprecated integer yes 298.It net.inet6.ip6.rr_prune integer yes 299.It net.inet6.ip6.v6only integer no 300.It net.inet6.ip6.maxfrags integer yes 301.It net.inet6.ip6.mforwarding integer yes 302.It net.inet6.ip6.multipath integer yes 303.It net.inet6.ip6.multicast_mtudisc integer yes 304.It net.inet6.icmp6.rediraccept integer yes 305.It net.inet6.icmp6.redirtimeout integer yes 306.It net.inet6.icmp6.nd6_prune integer yes 307.It net.inet6.icmp6.nd6_delay integer yes 308.It net.inet6.icmp6.nd6_umaxtries integer yes 309.It net.inet6.icmp6.nd6_mmaxtries integer yes 310.It net.inet6.icmp6.nd6_useloopback integer yes 311.It net.inet6.icmp6.nodeinfo integer yes 312.It net.inet6.icmp6.errppslimit integer yes 313.It net.inet6.icmp6.nd6_maxnudhint integer yes 314.It net.inet6.icmp6.mtudisc_hiwat integer yes 315.It net.inet6.icmp6.mtudisc_lowat integer yes 316.It net.inet6.icmp6.nd6_debug integer yes 317.It debug.syncprt integer yes 318.It debug.busyprt integer yes 319.It debug.doclusterread integer yes 320.It debug.doclusterwrite integer yes 321.It debug.doreallocblks integer yes 322.It debug.doasyncfree integer yes 323.It debug.prtrealloc integer yes 324.It hw.machine string no 325.It hw.model string no 326.It hw.ncpu integer no 327.It hw.byteorder integer no 328.It hw.physmem int64_t no 329.It hw.usermem int64_t no 330.It hw.pagesize integer no 331.It hw.diskstats struct no 332.It hw.disknames string no 333.It hw.diskcount integer no 334.It hw.sensors.<xname>.<type><numt> struct no 335.It hw.cpuspeed integer no 336.It hw.setperf integer yes 337.It hw.vendor string no 338.It hw.product string no 339.It hw.version string no 340.It hw.serialno string no 341.It hw.uuid string no 342.It machdep.console_device dev_t no 343.It machdep.unaligned_print integer yes 344.It machdep.unaligned_fix integer yes 345.It machdep.unaligned_sigbus integer yes 346.It machdep.apmwarn integer yes 347.It machdep.apmhalt integer yes 348.It machdep.kbdreset integer yes 349.It machdep.userldt integer yes 350.It machdep.osxsfr integer no 351.It machdep.sse integer no 352.It machdep.sse2 integer no 353.It machdep.xcrypt integer no 354.It machdep.allowaperture integer yes 355.It machdep.led_blink integer yes 356.It machdep.ceccerrs integer no 357.It machdep.cecclast quad no 358.It user.cs_path string no 359.It user.bc_base_max integer no 360.It user.bc_dim_max integer no 361.It user.bc_scale_max integer no 362.It user.bc_string_max integer no 363.It user.coll_weights_max integer no 364.It user.expr_nest_max integer no 365.It user.line_max integer no 366.It user.re_dup_max integer no 367.It user.posix2_version integer no 368.It user.posix2_c_bind integer no 369.It user.posix2_c_dev integer no 370.It user.posix2_char_term integer no 371.It user.posix2_fort_dev integer no 372.It user.posix2_fort_run integer no 373.It user.posix2_localedef integer no 374.It user.posix2_sw_dev integer no 375.It user.posix2_upe integer no 376.It user.stream_max integer no 377.It user.tzname_max integer no 378.It ddb.radix integer yes 379.It ddb.max_width integer yes 380.It ddb.max_line integer yes 381.It ddb.tab_stop_width integer yes 382.It ddb.panic integer yes 383.It ddb.console integer yes 384.It ddb.log integer yes 385.It ddb.trigger integer yes 386.It vfs.mounts.* struct no 387.It vfs.ffs.doclusterread integer yes 388.It vfs.ffs.doclusterwrite integer yes 389.It vfs.ffs.doreallocblks integer yes 390.It vfs.ffs.doasyncfree integer yes 391.It vfs.ffs.max_softdeps integer yes 392.It vfs.ffs.sd_tickdelay integer yes 393.It vfs.ffs.sd_worklist_push integer no 394.It vfs.ffs.sd_blk_limit_push integer no 395.It vfs.ffs.sd_ino_limit_push integer no 396.It vfs.ffs.sd_blk_limit_hit integer no 397.It vfs.ffs.sd_ino_limit_hit integer no 398.It vfs.ffs.sd_sync_limit_hit integer no 399.It vfs.ffs.sd_indir_blk_ptrs integer no 400.It vfs.ffs.sd_inode_bitmap integer no 401.It vfs.ffs.sd_direct_blk_ptrs integer no 402.It vfs.ffs.sd_dir_entry integer no 403.It vfs.ffs.dirhash_dirsize integer yes 404.It vfs.ffs.dirhash_maxmem integer yes 405.It vfs.ffs.dirhash_mem integer no 406.It vfs.nfs.iothreads integer yes 407.El 408.Pp 409The 410.Nm 411program can get or set debugging variables 412that have been identified for its display. 413This information can be obtained by using the command: 414.Pp 415.Dl $ sysctl debug 416.Pp 417In addition, 418.Nm 419can extract information about the filesystems that have been compiled 420into the running system. 421This information can be obtained by using the command: 422.Pp 423.Dl $ sysctl vfs.mounts 424.Pp 425By default, only filesystems that are actively being used are listed. 426Use of the 427.Fl A 428flag lists all the filesystems compiled into the running kernel. 429.Sh FILES 430.Bl -tag -width <uvm/uvm_swap_encrypt.h> -compact 431.It Aq Pa sys/sysctl.h 432definitions for top level identifiers, second level kernel and hardware 433identifiers, and user level identifiers 434.It Aq Pa dev/rndvar.h 435definitions for 436.Xr random 4 437device's statistics structure 438.It Aq Pa sys/socket.h 439definitions for second level network identifiers 440.It Aq Pa sys/gmon.h 441definitions for third level profiling identifiers 442.It Aq Pa uvm/uvm_param.h 443definitions for second level virtual memory identifiers 444.It Aq Pa uvm/uvm_swap_encrypt.h 445definitions for third level virtual memory identifiers 446.It Aq Pa netinet/in.h 447definitions for third level IPv4/v6 identifiers and 448fourth level IPv4/v6 identifiers 449.It Aq Pa netinet/ip_divert.h 450definitions for fourth level divert identifiers 451.It Aq Pa netinet/icmp_var.h 452definitions for fourth level ICMP identifiers 453.It Aq Pa netinet6/icmp6.h 454definitions for fourth level ICMPv6 identifiers 455.It Aq Pa netinet/tcp_var.h 456definitions for fourth level TCP identifiers 457.It Aq Pa netinet/udp_var.h 458definitions for fourth level UDP identifiers 459.It Aq Pa ddb/db_var.h 460definitions for second level ddb identifiers 461.It Aq Pa sys/mount.h 462definitions for second level vfs identifiers 463.It Aq Pa nfs/nfs.h 464definitions for third level NFS identifiers 465.It Aq Pa ufs/ffs/ffs_extern.h 466definitions for third level FFS identifiers 467.It Aq Pa machine/cpu.h 468definitions for second level CPU identifiers 469.El 470.Sh EXAMPLES 471To retrieve the maximum number of processes allowed 472in the system: 473.Pp 474.Dl $ sysctl kern.maxproc 475.Pp 476To set the maximum number of processes allowed 477in the system to 1000: 478.Pp 479.Dl # sysctl kern.maxproc=1000 480.Pp 481To retrieve information about the system clock rate: 482.Pp 483.Dl $ sysctl kern.clockrate 484.Pp 485To retrieve information about the load average history: 486.Pp 487.Dl $ sysctl vm.loadavg 488.Pp 489To make the 490.Xr chown 2 491system call use traditional BSD semantics (don't clear setuid/setgid bits): 492.Pp 493.Dl # sysctl fs.posix.setuid=0 494.Pp 495To set the list of reserved TCP ports that should not be allocated 496by the kernel dynamically: 497.Pp 498.Dl # sysctl net.inet.tcp.baddynamic=749,750,751,760,761,871 499.Pp 500This can be used to keep daemons 501from stealing a specific port that another program needs to function. 502List elements may be separated by commas and/or whitespace. 503.Pp 504It is also possible to add or remove ports from the current list: 505.Bd -literal -offset indent 506# sysctl net.inet.tcp.baddynamic=+748 507# sysctl net.inet.tcp.baddynamic=-871 508.Ed 509.Pp 510To adjust the number of kernel nfsio 511threads used to service asynchronous 512I/O requests on an NFS client machine: 513.Pp 514.Dl # sysctl vfs.nfs.iothreads=4 515.Pp 516The default is 4; 20 is the maximum. 517See 518.Xr nfssvc 2 519and 520.Xr nfsd 8 521for further discussion. 522.Pp 523To set the amount of shared memory available in the system and 524the maximum number of shared memory segments: 525.Bd -literal -offset indent 526# sysctl kern.shminfo.shmmax=33554432 527# sysctl kern.shminfo.shmseg=32 528.Ed 529.Sh SEE ALSO 530.Xr sysctl 3 , 531.Xr sysctl.conf 5 532.Sh HISTORY 533.Nm 534first appeared in 535.Bx 4.4 . 536