1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd June 4, 2020 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_debug 107.Pq Vt bool 108If set to 109.Dq Li YES , 110enable output of debug messages from rc scripts. 111This variable can be helpful in diagnosing mistakes when 112editing or integrating new scripts. 113Beware that this produces copious output to the terminal and 114.Xr syslog 3 . 115.It Va rc_info 116.Pq Vt bool 117If set to 118.Dq Li NO , 119disable informational messages from the rc scripts. 120Informational messages are displayed when 121a condition that is not serious enough to warrant a warning or an error occurs. 122.It Va rc_startmsgs 123.Pq Vt bool 124If set to 125.Dq Li YES , 126show 127.Dq Starting foo: 128when faststart is used (e.g., at boot time). 129.It Va swapfile 130.Pq Vt str 131If set to 132.Dq Li NO , 133no swapfile is installed, otherwise the value is used as the full 134pathname to a file to use for additional swap space. 135The 136.Xr vn 4 137driver is needed for a swapfile and will be loaded if it is not 138already compiled into the kernel or loaded via 139.Xr loader.conf 5 . 140.It Ao Ar module Ac Ns Ar _load 141.Pq Vt bool 142If set to 143.Dq YES , 144that kernel module will be loaded. 145If no 146.Ao Ar module Ac Ns Ar _name 147is defined (see below), the 148module's name is taken to be 149.Aq Ar module . 150.It Ao Ar module Ac Ns Ar _name 151.Pq Vt str 152Defines the name of the module. 153.It Va devd_enable 154.Pq Vt bool 155Run 156.Xr devd 8 157to handle device added, removed or unknown events from the kernel. 158.It Va devd_flags 159.Pq Vt str 160If 161.Va devd_enable 162is set to 163.Dq Li YES , 164these are the flags to pass to the 165.Xr devd 8 166daemon. 167.It Va powerd_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Setting this to 173.Dq Li YES 174enables 175.Xr powerd 8 , 176a CPU speed control daemon. 177.It Va powerd_flags 178.Pq Vt str 179Empty by default. 180Additional flags passed to the 181.Xr powerd 8 182program. 183.Pp 184If you are running a serial port at 115200 baud we recommend setting 185the flags to "-l 1500" as lower frequencies will cause characters to 186drop. 187.It Va sensorsd_enable 188.Pq Vt bool 189Set to 190.Dq Li NO 191by default. 192Setting this to 193.Dq Li YES 194enables 195.Xr sensorsd 8 , 196a sensors monitoring and logging daemon. 197.It Va sensorsd_flags 198.Pq Vt str 199Empty by default. 200Additional flags passed to the 201.Xr sensorsd 8 202program. 203.It Va sysvipcd_enable 204.Pq Vt bool 205Set to 206.Dq Li NO 207by default. 208Setting this to 209.Dq Li YES 210enables 211.Xr sysvipcd 8 , 212a daemon needed for the userspace implementation of the XSI Interprocess 213Communication functions. 214.It Va sysvipcd_flags 215.Pq Vt str 216Empty by default. 217Additional flags passed to the 218.Xr sysvipcd 8 219program. 220.It Va hotplugd_enable 221.Pq Vt bool 222Set to 223.Dq Li NO 224by default. 225Setting this to 226.Dq Li YES 227enables 228.Xr hotplugd 8 , 229a devices hot plugging monitoring daemon. 230.It Va hotplugd_flags 231.Pq Vt str 232Empty by default. 233Additional flags passed to the 234.Xr hotplugd 8 235program. 236.It Va pccard_ifconfig 237.Pq Vt str 238List of arguments to be passed to 239.Xr ifconfig 8 240at boot time or on insertion of the card (e.g.\& 241.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 242for a fixed address or 243.Dq Li DHCP 244for a DHCP client). 245.It Va pccard_ether_delay 246.Pq Vt str 247Set the delay before starting the DHCP client (configured with 248.Va dhcp_client ) 249in the 250.Pa /etc/pccard_ether 251script. 252This defaults to 253.Dq Li 5 254seconds. 255.It Va removable_interfaces 256.Pq Vt str 257List of removable network interfaces to be supported by 258.Pa /etc/pccard_ether . 259.It Va local_startup 260.Pq Vt str 261List of directories to search for startup script files. 262.It Va script_name_sep 263.Pq Vt str 264The field separator to use for breaking down the list of startup script files 265into individual filenames. 266The default is a space. 267It is not necessary to change this unless there are startup scripts with names 268containing spaces. 269.It Va hostname 270.Pq Vt str 271The fully qualified domain name (FQDN) of this host on the network. 272This should almost certainly be set to something meaningful, even if 273there is no network connection. 274If DHCP is used to set the hostname, 275this variable should be set to an empty string. 276.It Va ipv6_enable 277.Pq Vt bool 278Enable support for IPv6 networking. 279Note that this requires that the kernel have been compiled with 280.Cd "options INET6" . 281.It Va nisdomainname 282.Pq Vt str 283The NIS domain name of this host, or 284.Dq Li NO 285if NIS is not used. 286.It Va dhcp_client 287.Pq Vt str 288Set the rc script that is called to start the DHCP client. 289This can be set to 290.Dq Li dhclient 291(default) or 292.Dq Li dhcpcd . 293.It Va dhclient_program 294.Pq Vt str 295Path to the 296.Xr dhclient 8 297program (default 298.Pa /sbin/dhclient ) . 299.It Va dhclient_flags 300.Pq Vt str 301Additional flags to pass to the 302.Xr dhclient 8 303program. 304.It Va dhcpcd_enable 305.Pq Vt bool 306Set to 307.Dq Li YES 308to run 309.Xr dhcpcd 8 310in master mode (i.e., configure all available Ethernet interfaces) at startup. 311.It Va dhcpcd_program 312.Pq Vt str 313Path to the 314.Xr dhcpcd 8 315program (default 316.Pa /sbin/dhcpcd ) . 317.It Va dhcpcd_flags 318.Pq Vt str 319Additional flags to pass to the 320.Xr dhcpcd 8 321program. 322The default value is 323.Fl b , 324i.e., tell 325.Xr dhcpcd 8 326to go to background immediately. 327.It Va pf_enable 328.Pq Vt bool 329Set to 330.Dq Li YES 331to load 332.Xr pf 4 333at startup. 334If the kernel was not built with 335.Cd "device pf" , 336the 337.Pa pf.ko 338kernel module will be loaded. 339See also 340.Va firewall_enable . 341.It Va pf_rules 342.Pq Vt str 343Path to the 344.Xr pf 4 345ruleset definition file. 346.It Va pf_program 347.Pq Vt str 348Path to 349.Xr pfctl 8 . 350.It Va pf_flags 351.Pq Vt str 352If 353.Va pf_enable 354is set to 355.Dq Li YES , 356these are the flags to pass to 357.Xr pfctl 8 358when loading the ruleset. 359.It Va pflog_enable 360.Pq Vt bool 361Set this to 362.Dq Li YES 363to enable 364.Xr pflogd 8 365which logs packets from 366.Xr pf 4 . 367.It Va pflog_logfile 368.Pq Vt str 369If 370.Va pflog_enable 371is set to 372.Dq Li YES 373this specifies the path of the log file. 374.It Va pflog_program 375.Pq Vt str 376Path to 377.Xr pflogd 8 . 378.It Va pflog_flags 379.Pq Vt str 380If 381.Va pflog_enable 382is set to 383.Dq Li YES , 384these are the flags to pass to 385.Xr pflogd 8 . 386.It Va firewall_enable 387.Pq Vt bool 388Set to 389.Dq Li YES 390to load firewall rules at startup. 391If the kernel was not built with 392.Cd "options IPFIREWALL" , 393the 394.Pa ipfw.ko 395kernel module will be loaded. 396See also 397.Va pf_enable . 398.It Va ipv6_firewall_enable 399.Pq Vt bool 400The IPv6 equivalent of 401.Va firewall_enable . 402Set to 403.Dq Li YES 404to load IPv6 firewall rules at startup. 405If the kernel was not built with 406.Cd "options IPV6FIREWALL" , 407the 408.Pa ip6fw.ko 409kernel module will be loaded. 410.It Va firewall_script 411.Pq Vt str 412The full path to the firewall script to run 413(default 414.Pa /etc/rc.firewall ) . 415.It Va ipv6_firewall_script 416.Pq Vt str 417The IPv6 equivalent of 418.Va firewall_script . 419.It Va firewall_type 420.Pq Vt str 421Names the firewall type from the selection in 422.Pa /etc/rc.firewall , 423or the file which contains the local firewall ruleset. 424Valid selections from 425.Pa /etc/rc.firewall 426are: 427.Pp 428.Bl -tag -width ".Li simple" -compact 429.It Li open 430unrestricted IP access 431.It Li closed 432all IP services disabled, except via 433.Dq Li lo0 434.It Li client 435basic protection for a workstation on a LAN 436.It Li simple 437alias for 438.Li client . 439.El 440.Pp 441If a filename is specified, the full path must be given. 442.It Va firewall_trusted_nets 443.Pq Vt str 444List of trusted networks (if 445.Va firewall_type 446is set to 447.Li client ) . 448.It Va firewall_trusted_interfaces 449.Pq Vt str 450List of trusted network interfaces (if 451.Va firewall_type 452is set to 453.Li client ) . 454.It Va firewall_allowed_icmp_types 455.Pq Vt str 456List of allowed ICMP types (if 457.Va firewall_type 458is set to 459.Li client ) . 460.It Va firewall_open_tcp_ports 461.Pq Vt str 462List of TCP ports to open (if 463.Va firewall_type 464is set to 465.Li client ) . 466.It Va firewall_open_udp_ports 467.Pq Vt str 468List of UDP ports to open (if 469.Va firewall_type 470is set to 471.Li client ) . 472.It Va ipv6_firewall_type 473.Pq Vt str 474The IPv6 equivalent of 475.Va firewall_type . 476.It Va firewall_quiet 477.Pq Vt bool 478Set to 479.Dq Li YES 480to disable the display of firewall rules on the console during boot. 481.It Va ipv6_firewall_quiet 482.Pq Vt bool 483The IPv6 equivalent of 484.Va firewall_quiet . 485.It Va firewall_logging 486.Pq Vt bool 487Set to 488.Dq Li YES 489to enable firewall event logging. 490This is equivalent to the 491.Dv IPFIREWALL_VERBOSE 492kernel option. 493.It Va ipv6_firewall_logging 494.Pq Vt bool 495The IPv6 equivalent of 496.Va firewall_logging . 497.It Va firewall_flags 498.Pq Vt str 499Flags passed to 500.Xr ipfw 8 501if 502.Va firewall_type 503specifies a filename. 504.It Va ipv6_firewall_flags 505.Pq Vt str 506The IPv6 equivalent of 507.Va firewall_flags . 508.It Va ipfw3_enable 509.Pq Vt bool 510Set to 511.Dq Li YES 512to enable 513.Xr ipfw3 8 . 514.It Va ipfw3_program 515.Pq Vt str 516Path to 517.Xr ipfw3 8 . 518.It Va ipfw3_script 519.Pq Vt str 520The full path to the shell script to run to set up the ipfw3 521firewall rules (default 522.Pa /etc/ipfw3.rules ) . 523.It Va ipfw3_modules 524.Pq Vt str 525List of ipfw3 modules to be loaded before executing the above 526.Va ipfw3_script . 527(default 528.Dq Li ipfw3 ipfw3_basic ) . 529.It Va natd_program 530.Pq Vt str 531Path to 532.Xr natd 8 . 533.It Va natd_enable 534.Pq Vt bool 535Set to 536.Dq Li YES 537to enable 538.Xr natd 8 . 539.Va firewall_enable 540must also be set to 541.Dq Li YES , 542and 543.Xr divert 4 544sockets must be enabled in the kernel. 545.It Va natd_interface 546.Pq Vt str 547This is the name of the public interface on which 548.Xr natd 8 549should run. 550The interface may be given as an interface name or as an IP address. 551.It Va natd_flags 552.Pq Vt str 553Additional 554.Xr natd 8 555flags should be placed here. 556The 557.Fl n 558or 559.Fl a 560flag is automatically added with the above 561.Va natd_interface 562as an argument. 563.It Va tcp_extensions 564.Pq Vt bool 565Set to 566.Dq Li YES 567by default. 568Setting this to 569.Dq Li NO 570disables certain TCP options as described by 571.Rs 572.%T "RFC 1323" 573.Re 574Setting this to 575.Dq Li NO 576might help remedy such problems with connections as randomly hanging 577or other weird behavior. 578Some network devices are known to be broken with respect to these options. 579.It Va log_in_vain 580.Pq Vt int 581Set to 0 by default. 582The 583.Xr sysctl 8 584variables, 585.Va net.inet.tcp.log_in_vain 586and 587.Va net.inet.udp.log_in_vain , 588as described in 589.Xr tcp 4 590and 591.Xr udp 4 , 592are set to the given value. 593.It Va tcp_keepalive 594.Pq Vt bool 595Set to 596.Dq Li YES 597by default. 598Setting to 599.Dq Li NO 600will disable probing idle TCP connections to verify that the 601peer is still up and reachable. 602.It Va tcp_drop_synfin 603.Pq Vt bool 604Set to 605.Dq Li NO 606by default. 607Setting to 608.Dq Li YES 609will cause the kernel to ignore TCP frames that have both 610the SYN and FIN flags set. 611This prevents OS fingerprinting, but may break some legitimate applications. 612This option is only available if the kernel was built with the 613.Dv TCP_DROP_SYNFIN 614option. 615.It Va icmp_drop_redirect 616.Pq Vt bool 617Set to 618.Dq Li NO 619by default. 620Setting to 621.Dq Li YES 622will cause the kernel to ignore ICMP REDIRECT packets. 623Refer to 624.Xr icmp 4 625for more information. 626.It Va icmp_log_redirect 627.Pq Vt bool 628Set to 629.Dq Li NO 630by default. 631Setting to 632.Dq Li YES 633will cause the kernel to log ICMP REDIRECT packets. 634Note that 635the log messages are not rate-limited, so this option should only be used 636for troubleshooting networks. 637Refer to 638.Xr icmp 4 639for more information. 640.It Va icmp_bmcastecho 641.Pq Vt bool 642Set to 643.Dq Li YES 644to respond to broadcast or multicast ICMP ping packets. 645Refer to 646.Xr icmp 4 647for more information. 648.It Va ip_portrange_first 649.Pq Vt int 650If not set to 651.Dq Li NO , 652this is the first port in the default portrange. 653Refer to 654.Xr ip 4 655for more information. 656.It Va ip_portrange_last 657.Pq Vt int 658If not set to 659.Dq Li NO , 660this is the last port in the default portrange. 661Refer to 662.Xr ip 4 663for more information. 664.\" 665.It Va ifconfig_ Ns Aq Ar interface 666.Pq Vt str 667Configuration for 668.Dq interface . 669Typically includes IP address. 670Assuming that the interface in question was 671.Li ed0 , 672it might look something like this: 673.Bd -literal 674ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 675.Ed 676.Pp 677If the 678.Pa /etc/start_if. Ns Aq Ar interface 679file is present, it is read and executed by the 680.Xr sh 1 681interpreter before configuring the interface as specified in the 682.Va ifconfig_ Ns Aq Ar interface 683and 684.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 685variables. 686.Pp 687It is possible to bring up an interface with DHCP by adding 688.Dq Li DHCP 689to the 690.Va ifconfig_ Ns Aq Ar interface 691variable. 692For instance, to initialize the 693.Li ed0 694device via DHCP, it is possible to use something like: 695.Bd -literal 696ifconfig_ed0="DHCP" 697.Ed 698.Pp 699If a 700.Va vlans_ Ns Aq Ar interface 701variable is set, 702a 703.Xr vlan 4 704interface will be created for each item in the list with the 705.Ar vlandev 706argument set to 707.Ar interface . 708If a vlan interface's name is a number, 709then that number is used as the vlan tag and the new vlan interface is 710named 711.Ar interface . Ns Ar tag . 712Otherwise, 713the vlan tag must be specified via a 714.Va vlan 715parameter in the 716.Va create_args_ Ns Aq Ar interface 717variable. 718.Pp 719To create a vlan device named 720.Li em0.101 721on 722.Li em0 723with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 724.Bd -literal 725vlans_em0="101" 726ifconfig_em0_101="inet 192.0.2.1/24" 727.Ed 728.Pp 729To create a vlan device named 730.Li myvlan 731on 732.Li em0 733with the vlan tag 102: 734.Bd -literal 735vlans_em0="myvlan" 736create_args_myvlan="vlan 102" 737.Ed 738.Pp 739If a 740.Va wlans_ Ns Aq Ar interface 741variable is set, 742an 743.Xr wlan 4 744interface will be created for each item in the list with the 745.Ar wlandev 746argument set to 747.Ar interface . 748Further wlan cloning arguments may be passed to the 749.Xr ifconfig 8 750.Cm create 751command by setting the 752.Va create_args_ Ns Aq Ar interface 753variable. 754One or more 755.Xr wlan 4 756devices must be created for each wireless devices as of 757.Dx 2.5 . 758Debugging flags for 759.Xr wlan 4 760devices as set by 761.Xr wlandebug 8 762may be specified with an 763.Va wlandebug_ Ns Aq Ar interface 764variable. 765The contents of this variable will be passed directly to 766.Xr wlandebug 8 . 767.Pp 768Also, if your interface needs WPA authentication, it is possible to add 769.Dq Li WPA 770to the 771.Va ifconfig_ Ns Aq Ar interface 772variable. 773This will start 774.Xr wpa_supplicant 8 . 775See 776.Xr wpa_supplicant.conf 5 777for configuring authentication information. 778But see also 779.Va wpa_supplicant_enable . 780.Pp 781Finally, you can add 782.Xr ifconfig 8 783options in this variable, in addition to the 784.Pa /etc/start_if. Ns Aq Ar interface 785file. 786For instance, to initialize the 787.Li wi0 788device via DHCP, using WPA authentication and 802.11b mode, it is 789possible to use something like: 790.Bd -literal 791wlans_wi0="wlan0" 792ifconfig_wlan0="up DHCP WPA mode 11b" 793.Ed 794.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 795.Pq Vt str 796Configuration to establish an additional network address for 797.Dq interface . 798Assuming that the interface in question was 799.Li ed0 , 800it might look something like this: 801.Bd -literal 802ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 803ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 804.Ed 805.Pp 806And so on. 807For each 808.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 809entry that is found, its contents are passed to 810.Xr ifconfig 8 . 811Execution stops at the first unsuccessful access, so if 812something like this is present: 813.Bd -literal 814ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 815ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 816ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 817ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 818.Ed 819.Pp 820Then note that alias4 would 821.Em not 822be added since the search would stop with the missing alias3 entry. 823.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 824.Pq Vt str 825New name for 826.Dq interface . 827It is possible to rename interface by doing: 828.Bd -literal 829ifconfig_ed0_name="net0" 830ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 831.Ed 832.It Va netif_enable 833.Pq Vt bool 834Set to 835.Dq Li YES 836by default. 837Setting to 838.Dq Li NO 839will disable the configuration of network interfaces. 840.It Va network_interfaces 841.Pq Vt str 842The list of network interfaces to configure on this host, 843or 844.Dq Li auto 845to configure all network interfaces 846(default 847.Dq Li auto ) . 848For example, if the only network devices to be configured are the loopback device 849.Pq Li lo0 850and a NIC using the 851.Xr em 4 852driver, this could be set to 853.Dq Li "lo0 em0" . 854An 855.Va ifconfig_ Ns Aq Ar interface 856variable is assumed to exist for each value of 857.Ar interface . 858.It Va ipv6_network_interfaces 859.Pq Vt str 860This is the IPv6 equivalent of 861.Va network_interfaces . 862Instead of setting the ifconfig variables as 863.Va ifconfig_ Ns Aq Ar interface 864they should be set as 865.Va ipv6_ifconfig_ Ns Aq Ar interface . 866Aliases should be set as 867.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 868Interfaces that do not have a 869.Va ipv6_ifconfig_ Ns Aq Ar interface 870setting will be auto configured by 871.Xr rtsol 8 872if the 873.Va ipv6_gateway_enable 874is set to 875.Dq Li NO . 876Note that the IPv6 networking code does not support the 877.Pa /etc/start_if. Ns Aq Ar interface 878files. 879.It Va ipv6_prefix_ Ns Aq Ar interface 880.Pq Vt str 881Assign prefix to 882.Ar interface , 883prefixlen 64 is used. 884.It Va ipv6_default_interface 885.Pq Vt str 886If not set to 887.Dq Li NO , 888this is the default output interface for scoped addresses. 889Now this works only for IPv6 link local multicast addresses. 890.It Va ip6addrctl_enable 891.Pq Vt bool 892This variable is to enable configuring the default address selection policy table 893.Pq RFC 3484 . 894The default value is 895.Dq Li YES , 896and the policy table to be installed is specified by the 897.Va ip6addrctl_policy 898variable below. 899.It Va ip6addrctl_policy 900.Pq Vt str 901This variable specifies the policy table to be installed, 902and can be one of the following keywords: 903.Dq Li ipv4_prefer , 904.Dq Li ipv6_prefer , 905or 906.Dq Li AUTO 907(default). 908.Pp 909If 910.Dq Li ipv4_prefer 911or 912.Dq Li ipv6_prefer 913is specified, 914.Xr ip6addrctl 8 915installs a pre-defined policy table described in Section 2.1 916.Pq IPv6-preferred 917or 10.3 918.Pq IPv4-preferred 919of RFC 3484. 920.Pp 921If 922.Dq Li AUTO 923is specified, it attempts to read a file 924.Pa /etc/ip6addrctl.conf 925first. 926If this file is found, 927.Xr ip6addrctl 8 928reads and installs it. 929If not found, a policy is automatically set 930according to 931.Va ipv6_enable 932variable; if the variable is set to 933.Dq Li YES 934the IPv6-preferred one is used. 935Otherwise IPv4-preferred. 936.It Va ip6addrctl_verbose 937.Pq Vt bool 938If set to 939.Dq Li YES , 940print the installed policy table after configuring. 941The default value is 942.Dq Li NO . 943.It Va cloned_interfaces 944.Pq Vt str 945Set to the list of clonable network interfaces to create on this host. 946Entries in 947.Va cloned_interfaces 948are automatically appended to 949.Va network_interfaces 950for configuration. 951.It Va gif_interfaces 952.Pq Vt str 953Set to the list of 954.Xr gif 4 955tunnel interfaces to configure on this host. 956A 957.Va gifconfig_ Ns Aq Ar interface 958variable is assumed to exist for each value of 959.Ar interface . 960The value of this variable is used to configure the link layer of the 961tunnel according to the syntax of the 962.Cm tunnel 963option to 964.Xr ifconfig 8 . 965Additionally, this option ensures that each listed interface is created via the 966.Cm create 967option to 968.Xr ifconfig 8 969before attempting to configure it. 970.It Va sppp_interfaces 971.Pq Vt str 972Set to the list of 973.Xr sppp 4 974interfaces to configure on this host. 975A 976.Va spppconfig_ Ns Aq Ar interface 977variable is assumed to exist for each value of 978.Ar interface . 979Each interface should also be configured by a general 980.Va ifconfig_ Ns Aq Ar interface 981setting. 982Refer to 983.Xr spppcontrol 8 984for more information about available options. 985.It Va ppp_enable 986.Pq Vt bool 987If set to 988.Dq Li YES , 989run the 990.Xr ppp 8 991daemon. 992.It Va ppp_mode 993.Pq Vt str 994Mode in which to run the 995.Xr ppp 8 996daemon. 997Accepted modes are 998.Dq Li auto , 999.Dq Li ddial , 1000.Dq Li direct 1001and 1002.Dq Li dedicated . 1003See the manual for a full description. 1004.It Va ppp_nat 1005.Pq Vt bool 1006If set to 1007.Dq Li YES , 1008enables network address translation. 1009Used in conjunction with 1010.Va gateway_enable 1011allows hosts on private network addresses access to the Internet using 1012this host as a network address translating router. 1013.It Va ppp_profile 1014.Pq Vt str 1015The name of the profile to use from 1016.Pa /etc/ppp/ppp.conf . 1017Also used for per-profile overrides of 1018.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1019Where the profile contains any of the characters 1020.Dq Li .-/+ 1021they are translated to 1022.Dq Li _ 1023for the purposes of the override variable names. 1024.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1025.Pq Vt int 1026Set the unit number to be used for this profile. 1027See the manual description of 1028.Fl unit Ns Ar N 1029in 1030.Xr ppp 8 1031for details. 1032.It Va ppp_user 1033.Pq Vt str 1034The name of the user under which 1035.Xr ppp 8 1036should be started. 1037By default, 1038.Xr ppp 8 1039is started as 1040.Dq Li root . 1041.It Va rc_conf_files 1042.Pq Vt str 1043This option is used to specify a list of files that will override 1044the settings in 1045.Pa /etc/defaults/rc.conf . 1046The files will be read in the order in which they are specified and should 1047include the full path to the file. 1048By default, the files specified are 1049.Pa /etc/rc.conf 1050and 1051.Pa /etc/rc.conf.local 1052.It Va fsck_y_enable 1053.Pq Vt bool 1054If set to 1055.Dq Li YES , 1056.Xr fsck 8 1057will be run with the 1058.Fl y 1059flag if the initial preen of the file systems fails. 1060.It Va netfs_types 1061.Pq Vt str 1062List of file system types that are network-based. 1063This list should generally not be modified by end users. 1064Use 1065.Va extra_netfs_types 1066instead. 1067.It Va extra_netfs_types 1068.Pq Vt str 1069If set to something other than 1070.Dq Li NO 1071(the default), this variable extends the list of file system types 1072for which automatic mounting at startup by 1073.Xr rc 8 1074should be delayed until the network is initialized. 1075It should contain 1076a whitespace-separated list of network file system descriptor pairs, 1077each consisting of a file system type as passed to 1078.Xr mount 8 1079and a human-readable, one-word description, joined with a colon 1080.Pq Ql \&: . 1081Extending the default list in this way is only necessary 1082when third party file system types are used. 1083.It Va devfs_config_files 1084.Pq Vt str 1085This option is used to specify a list of configuration files containing 1086.Xr devfs 5 1087rules that will be applied by 1088.Xr devfsctl 8 1089in the order in which they are specified and must include the full path 1090to the file. 1091.It Va tmpfs_var_run 1092.Pq Vt bool 1093If set to 1094.Dq Li YES , 1095a 1096.Xr tmpfs 5 1097will be mounted at 1098.Pa /var/run . 1099Necessary directories under there will be automatically created. 1100.It Va tmpfs_tmp 1101.Pq Vt bool 1102If set to 1103.Dq Li YES , 1104a 1105.Xr tmpfs 5 1106will be mounted at 1107.Pa /tmp . 1108.It Va syslogd_enable 1109.Pq Vt bool 1110If set to 1111.Dq Li YES , 1112run the 1113.Xr syslogd 8 1114daemon. 1115.It Va syslogd_program 1116.Pq Vt str 1117Path to 1118.Xr syslogd 8 1119(default 1120.Pa /usr/sbin/syslogd ) . 1121.It Va syslogd_flags 1122.Pq Vt str 1123If 1124.Va syslogd_enable 1125is set to 1126.Dq Li YES , 1127these are the flags to pass to 1128.Xr syslogd 8 . 1129.It Va inetd_enable 1130.Pq Vt bool 1131If set to 1132.Dq Li YES , 1133run the 1134.Xr inetd 8 1135daemon. 1136.It Va inetd_program 1137.Pq Vt str 1138Path to 1139.Xr inetd 8 1140(default 1141.Pa /usr/sbin/inetd ) . 1142.It Va inetd_flags 1143.Pq Vt str 1144If 1145.Va inetd_enable 1146is set to 1147.Dq Li YES , 1148these are the flags to pass to 1149.Xr inetd 8 . 1150.It Va rwhod_enable 1151.Pq Vt bool 1152If set to 1153.Dq Li YES , 1154run the 1155.Xr rwhod 8 1156daemon at boot time. 1157.It Va rwhod_flags 1158.Pq Vt str 1159If 1160.Va rwhod_enable 1161is set to 1162.Dq Li YES , 1163these are the flags to pass to it. 1164.It Va update_motd 1165.Pq Vt bool 1166If set to 1167.Dq Li YES , 1168.Pa /etc/motd 1169will be updated at boot time to reflect the kernel release being run. 1170If set to 1171.Dq Li NO , 1172.Pa /etc/motd 1173will not be updated. 1174.It Va nfs_client_enable 1175.Pq Vt bool 1176If set to 1177.Dq Li YES , 1178setup NFS client parameters at boot time. 1179.It Va nfs_access_cache 1180.Pq Vt int 1181If 1182.Va nfs_client_enable 1183is set to 1184.Dq Li YES , 1185this can be set to 1186.Dq Li 0 1187to disable NFS ACCESS RPC caching, or to the number of seconds for which 1188NFS ACCESS results should be cached. 1189A value of 2-10 seconds will substantially reduce network traffic for 1190many NFS operations. 1191The default is 5 seconds. 1192Note that the attribute cache holds stat information only. 1193The NFS data cache is independent of the attribute cache and is only 1194invalidated when the client detects that the server has modified the 1195underlying file. 1196This value specifies a maximum timeout. 1197The NFS client will automatically use a shorter timeout for files which 1198have been recently modified. 1199.It Va nfs_neg_cache 1200.Pq Vt int 1201If 1202.Va nfs_client_enable 1203is set to 1204.Dq Li YES , 1205this can be set to 1206.Dq Li 0 1207to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1208filenames), or to the number of seconds for which negative lookups should 1209be cached. 1210A value of 2-10 seconds will substantially reduce network 1211traffic for many NFS operations, especially source code builds. 1212The default is 3 seconds. 1213.It Va nfs_server_enable 1214.Pq Vt bool 1215If set to 1216.Dq Li YES , 1217run the NFS server daemons at boot time. 1218.It Va nfs_server_flags 1219.Pq Vt str 1220If 1221.Va nfs_server_enable 1222is set to 1223.Dq Li YES , 1224these are the flags to pass to the 1225.Xr nfsd 8 1226daemon. 1227.It Va mountd_enable 1228.Pq Vt bool 1229If set to 1230.Dq Li YES , 1231and no 1232.Va nfs_server_enable 1233is set, start 1234.Xr mountd 8 , 1235but not 1236.Xr nfsd 8 1237daemon. 1238It is commonly needed to run CFS without real NFS used. 1239.It Va mountd_flags 1240.Pq Vt str 1241If 1242.Va mountd_enable 1243is set to 1244.Dq Li YES , 1245these are the flags to pass to the 1246.Xr mountd 8 1247daemon. 1248.It Va weak_mountd_authentication 1249.Pq Vt bool 1250If set to 1251.Dq Li YES , 1252allow services like PCNFSD to make non-privileged mount requests. 1253.It Va nfs_reserved_port_only 1254.Pq Vt bool 1255If set to 1256.Dq Li YES , 1257provide NFS services only on a secure port. 1258.It Va nfs_bufpackets 1259.Pq Vt int 1260If set to a number, indicates the number of packets worth of 1261socket buffer space to reserve on an NFS client. 1262The kernel default is typically 4. 1263Using a higher number may be useful on gigabit networks to improve performance. 1264The minimum value is 2 and the maximum is 64. 1265.It Va rpc_umntall_enable 1266.Pq Vt bool 1267If set to 1268.Dq Li YES 1269(default) and we are also an NFS client, run 1270.Xr rpc.umntall 8 1271at boot time to clear out old mounts on remote servers. 1272If set to 1273.Dq Li NO 1274then 1275.Xr rpc.umntall 8 1276will not be run at boot time. 1277.It Va rpc_lockd_enable 1278.Pq Vt bool 1279If set to 1280.Dq Li YES 1281and also an NFS server, run 1282.Xr rpc.lockd 8 1283at boot time. 1284.It Va rpc_lockd_flags 1285.Pq Vt str 1286If 1287.Va rpc_lockd_enable 1288is set to 1289.Dq Li YES , 1290these are the flags to pass to 1291.Xr rpc.lockd 8 . 1292.It Va rpc_statd_enable 1293.Pq Vt bool 1294If set to 1295.Dq Li YES 1296and also an NFS server, run 1297.Xr rpc.statd 8 1298at boot time. 1299.It Va rpc_statd_flags 1300.Pq Vt str 1301If 1302.Va rpc_statd_enable 1303is set to 1304.Dq Li YES , 1305these are the flags to pass to 1306.Xr rpc.statd 8 . 1307.It Va rpcbind_program 1308.Pq Vt str 1309Path to program for rpcbind daemon 1310(default 1311.Pa /usr/sbin/rpcbind ) . 1312.It Va rpcbind_enable 1313.Pq Vt bool 1314If set to 1315.Dq Li YES , 1316run 1317.Va rpcbind_program 1318at boot time. 1319.It Va rpcbind_flags 1320.Pq Vt str 1321If 1322.Va rpcbind_enable 1323is set to 1324.Dq Li YES , 1325these are the flags to pass to 1326.Va rpcbind_program . 1327.It Va keyserv_enable 1328.Pq Vt bool 1329If set to 1330.Dq Li YES , 1331run the 1332.Xr keyserv 8 1333daemon on boot for running Secure RPC. 1334.It Va keyserv_flags 1335.Pq Vt str 1336If 1337.Va keyserv_enable 1338is set to 1339.Dq Li YES , 1340these are the flags to pass to 1341.Xr keyserv 8 1342daemon. 1343.It Va pppoed_enable 1344.Pq Vt bool 1345If set to 1346.Dq Li YES , 1347run the 1348.Xr pppoed 8 1349daemon at boot time to provide PPP over Ethernet services. 1350.It Va pppoed_provider 1351.Pq Vt str 1352.Xr pppoed 8 1353listens to requests to this provider and ultimately runs 1354.Xr ppp 8 1355with a 1356.Ar system 1357argument of the same name. 1358.It Va pppoed_flags 1359.Pq Vt str 1360Additional flags to pass to 1361.Xr pppoed 8 . 1362.It Va pppoed_interface 1363.Pq Vt str 1364The network interface to run 1365.Xr pppoed 8 1366on. 1367This is mandatory when 1368.Va pppoed_enable 1369is set to 1370.Dq Li YES . 1371.It Va dntpd_enable 1372.Pq Vt bool 1373If set to 1374.Dq Li YES , 1375run 1376.Xr dntpd 8 1377at system boot time. 1378.It Va dntpd_program 1379.Pq Vt str 1380Path to 1381.Xr dntpd 8 1382(default 1383.Pa /usr/sbin/dntpd ) . 1384.It Va dntpd_flags 1385.Pq Vt str 1386If 1387.Va dntpd_enable 1388is set to 1389.Dq Li YES , 1390these are the flags to pass to the 1391.Xr dntpd 8 1392daemon. 1393.It Va btconfig_enable 1394.Pq Vt bool 1395If set to 1396.Dq Li YES , 1397configure Bluetooth devices via 1398.Xr btconfig 8 1399at system boot time. 1400.It Va btconfig_devices 1401.Pq Vt str 1402If 1403.Va btconfig_enable 1404is set to 1405.Dq Li YES , 1406this is the list of Bluetooth devices to configure. 1407If 1408.Va btconfig_devices 1409is not specified, all devices known to the system will be configured. 1410A 1411.Va btconfig_ Ns Aq Ar device 1412variable can be set to specify parameters to be passed to 1413.Ar device . 1414.It Va btconfig_args 1415.Pq Vt str 1416If 1417.Va btconfig_enable 1418is set to 1419.Dq Li YES , 1420this is the list of configuration parameters to pass to all Bluetooth 1421devices. 1422.It Va sdpd_enable 1423.Pq Vt bool 1424If set to 1425.Dq Li YES , 1426run the Service Discovery Profile daemon 1427.Xr ( sdpd 8 ) 1428at system boot time. 1429.It Va sdpd_flags 1430.Pq Vt str 1431If 1432.Va sdpd_enable 1433is set to 1434.Dq Li YES , 1435these are the flags to pass to the 1436.Xr sdpd 8 1437daemon. 1438.It Va bthcid_enable 1439.Pq Vt bool 1440If set to 1441.Dq Li YES , 1442run the Bluetooth Link Key/PIN Code Manager daemon 1443.Xr ( bthcid 8 ) 1444at system boot time. 1445.It Va bthcid_flags 1446.Pq Vt str 1447If 1448.Va bthcid_enable 1449is set to 1450.Dq Li YES , 1451these are the flags to pass to the 1452.Xr bthcid 8 1453daemon. 1454.It Va nis_client_enable 1455.Pq Vt bool 1456If set to 1457.Dq Li YES , 1458run the 1459.Xr ypbind 8 1460service at system boot time. 1461.It Va nis_client_flags 1462.Pq Vt str 1463If 1464.Va nis_client_enable 1465is set to 1466.Dq Li YES , 1467these are the flags to pass to the 1468.Xr ypbind 8 1469service. 1470.It Va nis_ypset_enable 1471.Pq Vt bool 1472If set to 1473.Dq Li YES , 1474run the 1475.Xr ypset 8 1476daemon at system boot time. 1477.It Va nis_ypset_flags 1478.Pq Vt str 1479If 1480.Va nis_ypset_enable 1481is set to 1482.Dq Li YES , 1483these are the flags to pass to the 1484.Xr ypset 8 1485daemon. 1486.It Va nis_server_enable 1487.Pq Vt bool 1488If set to 1489.Dq Li YES , 1490run the 1491.Xr ypserv 8 1492daemon at system boot time. 1493.It Va nis_server_flags 1494.Pq Vt str 1495If 1496.Va nis_server_enable 1497is set to 1498.Dq Li YES , 1499these are the flags to pass to the 1500.Xr ypserv 8 1501daemon. 1502.It Va nis_ypxfrd_enable 1503.Pq Vt bool 1504If set to 1505.Dq Li YES , 1506run the 1507.Xr rpc.ypxfrd 8 1508daemon at system boot time. 1509.It Va nis_ypxfrd_flags 1510.Pq Vt str 1511If 1512.Va nis_ypxfrd_enable 1513is set to 1514.Dq Li YES , 1515these are the flags to pass to the 1516.Xr rpc.ypxfrd 8 1517daemon. 1518.It Va nis_yppasswdd_enable 1519.Pq Vt bool 1520If set to 1521.Dq Li YES , 1522run the 1523.Xr rpc.yppasswdd 8 1524daemon at system boot time. 1525.It Va nis_yppasswdd_flags 1526.Pq Vt str 1527If 1528.Va nis_yppasswdd_enable 1529is set to 1530.Dq Li YES , 1531these are the flags to pass to the 1532.Xr rpc.yppasswdd 8 1533daemon. 1534.It Va rpc_ypupdated_enable 1535.Pq Vt bool 1536If set to 1537.Dq Li YES , 1538run the 1539.Nm rpc.ypupdated 1540daemon at system boot time. 1541.It Va defaultrouter 1542.Pq Vt str 1543If not set to 1544.Dq Li NO , 1545create a default route to this host name or IP address 1546(use an IP address if this router is also required to get to the 1547name server!). 1548.It Va ipv6_defaultrouter 1549.Pq Vt str 1550The IPv6 equivalent of 1551.Va defaultrouter . 1552.It Va static_routes 1553.Pq Vt str 1554Set to the list of static routes that are to be added at system boot time. 1555If not set to 1556.Dq Li NO 1557then for each whitespace separated 1558.Ar element 1559in the value, a 1560.Va route_ Ns Aq Ar element 1561variable is assumed to exist whose contents will later be passed to a 1562.Dq Nm route Cm add 1563operation. 1564.It Va change_routes 1565.Pq Vt str 1566Set to the list of static routes that are to be changed at system boot time 1567(such as those added by the kernel). 1568If not set to 1569.Dq Li NO 1570then for each whitespace separated 1571.Ar element 1572in the value, a 1573.Va change_route_ Ns Aq Ar element 1574variable is assumed to exist whose contents will later be passed to a 1575.Dq Nm route Cm change 1576operation. 1577.It Va ipv6_static_routes 1578.Pq Vt str 1579The IPv6 equivalent of 1580.Va static_routes . 1581If not set to 1582.Dq Li NO 1583then for each whitespace separated 1584.Ar element 1585in the value, a 1586.Va ipv6_route_ Ns Aq Ar element 1587variable is assumed to exist whose contents will later be passed to a 1588.Dq Nm route Cm add Fl inet6 1589operation. 1590.It Va gateway_enable 1591.Pq Vt bool 1592If set to 1593.Dq Li YES , 1594configure host to act as an IP router, e.g. to forward packets 1595between interfaces. 1596.It Va ipv6_gateway_enable 1597.Pq Vt bool 1598The IPv6 equivalent of 1599.Va gateway_enable . 1600.It Va router_enable 1601.Pq Vt bool 1602If set to 1603.Dq Li YES , 1604run a routing daemon of some sort, based on the settings of 1605.Va router_program 1606and 1607.Va router_flags . 1608.It Va ipv6_router_enable 1609.Pq Vt bool 1610The IPv6 equivalent of 1611.Va router_enable . 1612If set to 1613.Dq Li YES , 1614run a routing daemon of some sort, based on the settings of 1615.Va ipv6_router_program 1616and 1617.Va ipv6_router_flags . 1618.It Va router_program 1619.Pq Vt str 1620If 1621.Va router_enable 1622is set to 1623.Dq Li YES , 1624this is the name of the routing daemon to use 1625(default 1626.Pa /sbin/routed ) . 1627.It Va ipv6_router_program 1628.Pq Vt str 1629The IPv6 equivalent of 1630.Va router_program 1631(default 1632.Pa /sbin/route6d ) . 1633.It Va router_flags 1634.Pq Vt str 1635If 1636.Va router_enable 1637is set to 1638.Dq Li YES , 1639these are the flags to pass to the routing daemon. 1640.It Va ipv6_router_flags 1641.Pq Vt str 1642The IPv6 equivalent of 1643.Va router_flags . 1644.It Va rtadvd_enable 1645.Pq Vt bool 1646If set to 1647.Dq Li YES , 1648run the 1649.Xr rtadvd 8 1650daemon at boot time. 1651.Xr rtadvd 8 1652will only run if 1653.Va ipv6_gateway_enable 1654is also set to 1655.Dq Li YES . 1656The 1657.Xr rtadvd 8 1658utility sends router advertisement packets to the interfaces specified in 1659.Va rtadvd_interfaces . 1660.Xr rtadvd 8 1661and should only be enabled with great care. 1662You may want to fine-tune 1663.Xr rtadvd.conf 5 . 1664.It Va rtadvd_interfaces 1665.Pq Vt str 1666If 1667.Va rtadvd_enable 1668is set to 1669.Dq Li YES 1670this is the list of interfaces to use. 1671.It Va rtsold_enable 1672.Pq Vt bool 1673If set to 1674.Dq Li YES , 1675run the 1676.Xr rtsold 8 1677daemon at boot time. 1678The 1679.Xr rtsold 8 1680daemon is used for automatic discovery of non-link local addresses. 1681.It Va rtsold_flags 1682.Pq Vt str 1683If 1684.Va rtsold_enable 1685is set to 1686.Dq Li YES , 1687these are the flags to pass to the 1688.Xr rtsold 8 1689daemon. 1690.It Va arpproxy_all 1691.Pq Vt bool 1692If set to 1693.Dq Li YES , 1694enable global proxy ARP. 1695.It Va forward_sourceroute 1696.Pq Vt bool 1697If set to 1698.Dq Li YES 1699and 1700.Va gateway_enable 1701is also set to 1702.Dq Li YES , 1703source-routed packets are forwarded. 1704.It Va accept_sourceroute 1705.Pq Vt bool 1706If set to 1707.Dq Li YES , 1708the system will accept source-routed packets directed at it. 1709.It Va rarpd_enable 1710.Pq Vt bool 1711If set to 1712.Dq Li YES , 1713run the 1714.Xr rarpd 8 1715daemon at system boot time. 1716.It Va rarpd_flags 1717.Pq Vt str 1718If 1719.Va rarpd_enable 1720is set to 1721.Dq Li YES , 1722these are the flags to pass to the 1723.Xr rarpd 8 1724daemon. 1725.It Va wpa_supplicant_enable 1726.Pq Vt bool 1727If set to 1728.Dq Li YES , 1729run the 1730.Xr wpa_supplicant 8 1731daemon in 1732.Dq interface matching mode 1733at system boot time. 1734.It Va wpa_supplicant_program 1735.Pq Vt str 1736Path to 1737.Xr wpa_supplicant 8 . 1738.It Va wpa_supplicant_flags 1739.Pq Vt str 1740If 1741.Va wpa_supplicant_enable 1742is set to 1743.Dq Li YES , 1744these are the flags to pass to the 1745.Xr wpa_supplicant 8 1746daemon. 1747.It Va bootparamd_enable 1748.Pq Vt bool 1749If set to 1750.Dq Li YES , 1751run the 1752.Xr bootparamd 8 1753daemon at system boot time. 1754.It Va bootparamd_flags 1755.Pq Vt str 1756If 1757.Va bootparamd_enable 1758is set to 1759.Dq Li YES , 1760these are the flags to pass to the 1761.Xr bootparamd 8 1762daemon. 1763.It Va stf_interface_ipv4addr 1764.Pq Vt str 1765If not set to 1766.Dq Li NO , 1767this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1768Specify this entry to enable the 6to4 interface. 1769.It Va stf_interface_ipv4plen 1770.Pq Vt int 1771Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1772An effective value is 0-31. 1773.It Va stf_interface_ipv6_ifid 1774.Pq Vt str 1775IPv6 interface ID for 1776.Xr stf 4 . 1777This can be set to 1778.Dq Li AUTO . 1779.It Va stf_interface_ipv6_slaid 1780.Pq Vt str 1781IPv6 Site Level Aggregator for 1782.Xr stf 4 . 1783.It Va keybell 1784.Pq Vt str 1785The keyboard bell sound. 1786Set to 1787.Dq Li normal , 1788.Dq Li visual , 1789.Dq Li off , 1790or 1791.Dq Li NO 1792if the default behavior is desired. 1793For details, refer to the 1794.Xr kbdcontrol 1 1795manpage. 1796.It Va keymap 1797.Pq Vt str 1798If set to 1799.Dq Li NO , 1800no keymap is installed, otherwise the value is used to install 1801the keymap file in 1802.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1803.It Va keyrate 1804.Pq Vt str 1805The keyboard repeat speed. 1806Set to 1807.Dq Li slow , 1808.Dq Li normal , 1809.Dq Li fast , 1810or 1811.Dq Li NO 1812if the default behavior is desired. 1813.It Va keychange 1814.Pq Vt str 1815If not set to 1816.Dq Li NO , 1817attempt to program the function keys with the value. 1818The value should be a single string of the form: 1819.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1820.It Va cursor 1821.Pq Vt str 1822Can be set to the value of 1823.Dq Li normal , 1824.Dq Li blink , 1825.Dq Li destructive , 1826or 1827.Dq Li NO 1828to set the cursor behavior explicitly or choose the default behavior. 1829.It Va scrnmap 1830.Pq Vt str 1831If set to 1832.Dq Li NO , 1833no screen map is installed, otherwise the value is used to install 1834the screen map file in 1835.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1836.It Va font8x16 1837.Pq Vt str 1838If set to 1839.Dq Li NO , 1840the default 8x16 font value is used for screen size requests, otherwise 1841the value in 1842.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1843is used. 1844.It Va font8x14 1845.Pq Vt str 1846If set to 1847.Dq Li NO , 1848the default 8x14 font value is used for screen size requests, otherwise 1849the value in 1850.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1851is used. 1852.It Va font8x8 1853.Pq Vt str 1854If set to 1855.Dq Li NO , 1856the default 8x8 font value is used for screen size requests, otherwise 1857the value in 1858.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1859is used. 1860.It Va blanktime 1861.Pq Vt int 1862If set to 1863.Dq Li NO , 1864the default screen blanking interval is used, otherwise it is set to 1865.Ar value 1866seconds. 1867.It Va saver 1868.Pq Vt str 1869If not set to 1870.Dq Li NO , 1871this is the actual screen saver to use 1872.Li ( blank , snake , daemon , 1873etc). 1874.It Va moused_nondefault_enable 1875.Pq Vt str 1876If set to 1877.Dq Li NO , 1878the mouse device specified on 1879the command line is not automatically treated as enabled by the 1880.Pa /etc/rc.d/moused 1881script. 1882Having this variable set to 1883.Dq Li YES 1884allows a 1885.Xr usb 4 1886mouse, 1887for example, 1888to be enabled as soon as it is plugged in. 1889.It Va moused_enable 1890.Pq Vt str 1891If set to 1892.Dq Li YES , 1893the 1894.Xr moused 8 1895daemon is started for doing cut/paste selection on the console. 1896.It Va moused_type 1897.Pq Vt str 1898If 1899.Va moused_enable 1900is set to 1901.Dq Li YES , 1902this is the protocol type of the mouse connected to this host. 1903The default type is 1904.Dq Li auto . 1905The 1906.Xr moused 8 1907daemon 1908is able to detect the appropriate mouse type automatically in many cases. 1909Leave this variable at the default 1910.Dq Li auto 1911to let the daemon detect it, or 1912select one from the following list if the automatic detection fails. 1913.Pp 1914If the mouse is attached to the PS/2 mouse port, leave the variable at the 1915default 1916.Dq Li auto 1917or set it to 1918.Dq Li ps/2 , 1919regardless of the brand and model of the mouse. 1920Likewise, if the mouse is attached to the bus mouse port, leave it at 1921.Dq Li auto 1922or set it to 1923.Dq Li busmouse . 1924All other protocols are for serial mice and will not work with 1925the PS/2 and bus mice. 1926If this is a USB mouse, 1927.Dq Li auto 1928is the only protocol type which will work. 1929.Pp 1930.Bl -tag -width ".Li x10mouseremote" -compact 1931.It Li microsoft 1932Microsoft mouse (serial) 1933.It Li intellimouse 1934Microsoft IntelliMouse (serial) 1935.It Li mousesystems 1936Mouse systems Corp. mouse (serial) 1937.It Li mmseries 1938MM Series mouse (serial) 1939.It Li logitech 1940Logitech mouse (serial) 1941.It Li busmouse 1942A bus mouse 1943.It Li mouseman 1944Logitech MouseMan and TrackMan (serial) 1945.It Li glidepoint 1946ALPS GlidePoint (serial) 1947.It Li thinkingmouse 1948Kensington ThinkingMouse (serial) 1949.It Li ps/2 1950PS/2 mouse 1951.It Li mmhittab 1952MM HitTablet (serial) 1953.It Li x10mouseremote 1954X10 MouseRemote (serial) 1955.It Li versapad 1956Interlink VersaPad (serial) 1957.El 1958.Pp 1959Even if the mouse is not in the above list, it may be compatible 1960with one in the list. 1961Refer to the man page for 1962.Xr moused 8 1963for compatibility information. 1964.Pp 1965It should also be noted that while this is enabled, any 1966other client of the mouse (such as an X server) should access 1967the mouse through the virtual mouse device, 1968.Pa /dev/sysmouse , 1969and configure it as a 1970.Dq Li sysmouse 1971type mouse, since all 1972mouse data is converted to this single canonical format when using 1973.Xr moused 8 . 1974If the client program does not support the 1975.Dq Li sysmouse 1976type, specify the 1977.Dq Li mousesystems 1978type. 1979It is the second preferred type. 1980.It Va moused_port 1981.Pq Vt str 1982If 1983.Va moused_enable 1984is set to 1985.Dq Li YES , 1986this is the actual port the mouse is on. 1987It might be 1988.Pa /dev/cuaa0 1989for a COM1 serial mouse or 1990.Pa /dev/psm0 1991for a PS/2 mouse, for example. 1992.It Va moused_flags 1993.Pq Vt str 1994If 1995.Va moused_type 1996is set, these are the additional flags to pass to the 1997.Xr moused 8 1998daemon. 1999.It Va mousechar_start 2000.Pq Vt int 2001If set to 2002.Dq Li NO , 2003the default mouse cursor character range 2004.Li 0xd0 Ns - Ns Li 0xd3 2005is used, otherwise the range start is set to 2006.Ar value 2007character, see 2008.Xr vidcontrol 1 . 2009Use if the default range is occupied in the language code table. 2010.It Va vidhistory 2011.Pq Vt int 2012Set the size of the history (scrollback) buffer in lines. 2013.It Va allscreens_flags 2014.Pq Vt str 2015If set, 2016.Xr vidcontrol 1 2017is run with these options for each of the virtual terminals 2018.Pq Pa /dev/ttyv* . 2019For example, 2020.Dq Fl m Cm on 2021will enable the mouse pointer on all virtual terminals if 2022.Va moused_enable 2023is set to 2024.Dq Li YES . 2025.It Va allscreens_kbdflags 2026.Pq Vt str 2027If set, 2028.Xr kbdcontrol 1 2029is run with these options for each of the virtual terminals 2030.Pq Pa /dev/ttyv* . 2031For example, 2032.Dq Fl h Li 200 2033will set the 2034.Xr syscons 4 2035scrollback (history) buffer to 200 lines. 2036.It Va cron_enable 2037.Pq Vt bool 2038If set to 2039.Dq Li YES , 2040run the 2041.Xr cron 8 2042daemon at system boot time. 2043.It Va cron_program 2044.Pq Vt str 2045Path to 2046.Xr cron 8 2047(default 2048.Pa /usr/sbin/cron ) . 2049.It Va cron_flags 2050.Pq Vt str 2051If 2052.Va cron_enable 2053is set to 2054.Dq Li YES , 2055these are the flags to pass to 2056.Xr cron 8 . 2057.It Va lpd_program 2058.Pq Vt str 2059Path to 2060.Xr lpd 8 2061(default 2062.Pa /usr/sbin/lpd ) . 2063.It Va lpd_enable 2064.Pq Vt bool 2065If set to 2066.Dq Li YES , 2067run the 2068.Xr lpd 8 2069daemon at system boot time. 2070.It Va lpd_flags 2071.Pq Vt str 2072If 2073.Va lpd_enable 2074is set to 2075.Dq Li YES , 2076these are the flags to pass to the 2077.Xr lpd 8 2078daemon. 2079.It Va nscd_enable 2080.Pq Vt bool 2081If set to 2082.Dq Li YES , 2083run the 2084.Xr nscd 8 2085daemon at system boot time. 2086.It Va mixer_enable 2087.Pq Vt bool 2088If set to 2089.Dq Li YES , 2090preserve 2091.Xr mixer 8 2092settings across reboots. 2093.It Va mta_start_script 2094.Pq Vt str 2095The full path to the script to run to start 2096a mail transfer agent. 2097The default is 2098.Pa /etc/rc.sendmail . 2099The 2100.Va sendmail_* 2101variables which 2102.Pa /etc/rc.sendmail 2103uses are documented in the 2104.Xr rc.sendmail 8 2105man page. 2106.It Va fixbootfile 2107.Pq Vt bool 2108In a 2109.Sq HAMMER ROOT with UFS /boot 2110setup, the boot loader will not set up the 2111.Va kern.bootfile 2112sysctl correctly. 2113The system will attempt to fix this on its own. 2114Set this variable to 2115.Dq Li NO 2116to turn this behavior off. 2117.It Va dumpdev 2118.Pq Vt str 2119Indicates the device (usually a swap partition) to which a crash dump 2120should be written in the event of a system crash. 2121The value of this variable is passed as the argument to 2122.Xr dumpon 8 2123and 2124.Xr savecore 8 . 2125To disable crash dumps, set this variable to 2126.Dq Li NO . 2127.It Va dumpdir 2128.Pq Vt str 2129When the system reboots after a crash and a crash dump is found on the 2130device specified by the 2131.Va dumpdev 2132variable, 2133.Xr savecore 8 2134will save that crash dump and a copy of the kernel to the directory 2135specified by the 2136.Va dumpdir 2137variable. 2138The default value is 2139.Pa /var/crash . 2140Set to 2141.Dq Li NO 2142to not run 2143.Xr savecore 8 2144at boot time when 2145.Va dumpdir 2146is set. 2147.It Va savecore_flags 2148.Pq Vt str 2149If crash dumps are enabled, these are the flags to pass to the 2150.Xr savecore 8 2151utility. 2152.It Va crashinfo_enable 2153.Pq Vt bool 2154Set to 2155.Dq Li YES 2156to turn on automatic crash dump summary generation using the utility 2157specified by the 2158.Va crashinfo_program 2159variable. 2160.It Va crashinfo_program 2161.Pq Vt str 2162Program to run to generate a crash dump summary if the variable 2163.Va crashinfo_enable 2164is set to 2165.Dq Li YES . 2166The default value is 2167.Pa /usr/sbin/crashinfo . 2168.It Va enable_quotas 2169.Pq Vt bool 2170Set to 2171.Dq Li YES 2172to turn on user disk quotas on system startup via the 2173.Xr quotaon 8 2174command. 2175.It Va check_quotas 2176.Pq Vt bool 2177Set to 2178.Dq Li YES 2179to enable user disk quota checking via the 2180.Xr quotacheck 8 2181command. 2182.It Va accounting_enable 2183.Pq Vt bool 2184Set to 2185.Dq Li YES 2186to enable system accounting through the 2187.Xr accton 8 2188facility. 2189.\" ----- cleanvar_enable setting-------------------------------- 2190.It Va cleanvar_enable 2191.Pq Vt bool 2192Set to 2193.Dq Li YES 2194to have 2195.Pa /var/run , 2196.Pa /var/spool/lock 2197and 2198.Pa /var/spool/uucp/.Temp/* 2199cleaned at startup. 2200.\" ----- clear_tmp_enable setting------------------------------- 2201.It Va clear_tmp_enable 2202.Pq Vt bool 2203Set to 2204.Dq Li YES 2205to have 2206.Pa /tmp 2207cleaned at startup. 2208.\" ----- ldconfig_paths setting -------------------------------- 2209.It Va ldconfig_paths 2210.Pq Vt str 2211Set to the list of shared library paths to use with 2212.Xr ldconfig 8 . 2213NOTE: 2214.Pa /usr/lib 2215will always be added first, so it need not appear in this list. 2216.It Va ldconfig_insecure 2217.Pq Vt bool 2218The 2219.Xr ldconfig 8 2220utility normally refuses to use directories 2221which are writable by anyone except root. 2222Set this variable to 2223.Dq Li YES 2224to disable that security check during system startup. 2225.It Va ldconfig_local_dirs 2226.Pq Vt str 2227Set to the list of local 2228.Xr ldconfig 8 2229directories. 2230The names of all files in the directories listed will be 2231passed as arguments to 2232.Xr ldconfig 8 . 2233.It Va kern_securelevel 2234.Pq Vt int 2235The kernel security level to set at startup. 2236The allowed range of 2237.Ar value 2238ranges from \-1 (the compile time default) to 3 (the most secure). 2239See 2240.Xr init 8 2241for the list of possible security levels and their effect on system operation. 2242.It Va start_vinum 2243.Pq Vt bool 2244Set to 2245.Dq Li YES 2246to start 2247.Xr vinum 8 2248at system boot time. 2249.It Va sshd_enable 2250.Pq Vt bool 2251Set to 2252.Dq Li YES 2253to start 2254.Xr sshd 8 2255at system boot time. 2256.It Va sshd_program 2257.Pq Vt str 2258Path to the SSH server program 2259(default 2260.Pa /usr/sbin/sshd ) . 2261.It Va sshd_flags 2262.Pq Vt str 2263If 2264.Va sshd_enable 2265is set to 2266.Dq Li YES , 2267these are the flags to pass to the 2268.Xr sshd 8 2269daemon. 2270.It Va ftpd_enable 2271.Pq Vt bool 2272Set to 2273.Dq Li YES 2274to start 2275.Xr ftpd 8 2276at system boot time. 2277.It Va ftpd_flags 2278.Pq Vt str 2279If 2280.Va ftpd_enable 2281is set to 2282.Dq Li YES , 2283these are the flags to pass to the 2284.Xr ftpd 8 2285daemon. 2286.It Va watchdogd_enable 2287.Pq Vt bool 2288If set to 2289.Dq Li YES , 2290start the 2291.Xr watchdogd 8 2292daemon at boot time. 2293.It Va jail_enable 2294.Pq Vt bool 2295If set to 2296.Dq Li NO , 2297any configured jails will not be started. 2298.It Va jail_list 2299.Pq Vt str 2300A space separated list of names for jails. 2301This is purely a configuration aid to help identify and 2302configure multiple jails. 2303The names specified in this list will be used to 2304identify settings common to an instance of a jail. 2305Assuming that the jail in question was named 2306.Li vjail , 2307you would have the following dependent variables: 2308.Bd -literal 2309jail_vjail_hostname="jail.example.com" 2310jail_vjail_ip="192.168.1.100" 2311jail_vjail_rootdir="/var/jails/vjail/root" 2312.Ed 2313.It Va jail_flags 2314.Pq Vt str 2315Unset by default. 2316When set, use as default value for 2317.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2318for every jail in 2319.Va jail_list . 2320.It Va jail_interface 2321.Pq Vt str 2322Unset by default. 2323When set, use as default value for 2324.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2325for every jail in 2326.Va jail_list . 2327.It Va jail_fstab 2328.Pq Vt str 2329Unset by default. 2330When set, use as default value for 2331.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2332for every jail in 2333.Va jail_list . 2334.It Va jail_mount_enable 2335.Pq Vt bool 2336Set to 2337.Dq Li NO 2338by default. 2339When set to 2340.Dq Li YES , 2341sets 2342.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2343to 2344.Dq Li YES 2345by default for every jail in 2346.Va jail_list . 2347.It Va jail_procfs_enable 2348.Pq Vt bool 2349Set to 2350.Dq Li NO 2351by default. 2352When set to 2353.Dq Li YES , 2354sets 2355.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2356to 2357.Dq Li YES 2358by default for every jail in 2359.Va jail_list . 2360.It Va jail_devfs_enable 2361.Pq Vt bool 2362Set to 2363.Dq Li NO 2364by default. 2365When set to 2366.Dq Li YES , 2367sets 2368.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2369to 2370.Dq Li YES 2371by default for every jail in 2372.Va jail_list . 2373.It Va jail_exec_start 2374.Pq Vt str 2375Unset by default. 2376When set, use as default value for 2377.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2378for every jail in 2379.Va jail_list . 2380.It Va jail_exec_stop 2381Unset by default. 2382When set, use as default value for 2383.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2384for every jail in 2385.Va jail_list . 2386.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2387.Pq Vt str 2388Unset by default. 2389Set to the root directory used by jail 2390.Va jname . 2391.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2392.Pq Vt str 2393Unset by default. 2394Set to the fully qualified domain name (FQDN) assigned to jail 2395.Va jname . 2396.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2397.Pq Vt str 2398Unset by default. 2399Set to the IP address assigned to jail 2400.Va jname . 2401.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2402.Pq Vt str 2403Set to 2404.Dq Li -l -U root 2405by default. 2406These are flags to pass to 2407.Xr jail 8 . 2408.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2409.Pq Vt str 2410Unset by default. 2411When set, sets the interface to use when setting IP address alias. 2412Note that the alias is created at jail startup and removed at jail shutdown. 2413.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2414.Pq Vt str 2415Set to 2416.Pa /etc/fstab. Ns Aq Ar jname 2417by default. 2418This is the file system information file to use for jail 2419.Va jname . 2420.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2421.Pq Vt bool 2422Set to 2423.Dq Li NO 2424by default. 2425When set to 2426.Dq Li YES , 2427mount all file systems from 2428.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2429at jail startup. 2430.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2431.Pq Vt bool 2432Set to 2433.Dq Li NO 2434by default. 2435When set to 2436.Dq Li YES , 2437mount the process file system inside jail 2438.Ar jname 2439at jail startup. 2440.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2441.Pq Vt bool 2442Set to 2443.Dq Li NO 2444by default. 2445When set to 2446.Dq Li YES , 2447mount the device file system inside jail 2448.Ar jname 2449at jail startup. 2450.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2451.Pq Vt str 2452Set to 2453.Dq Li /bin/sh /etc/rc 2454by default. 2455This is the command executed at jail startup. 2456.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2457.Pq Vt str 2458Set to 2459.Dq Li /bin/sh /etc/rc.shutdown 2460by default. 2461This is the command executed at jail shutdown. 2462.It Va jail_default_set_hostname_allow 2463.Pq Vt bool 2464If set to 2465.Dq Li NO , 2466do not allow the root user in a jail to set its hostname. 2467.It Va jail_default_socket_unixiproute_only 2468.Pq Vt bool 2469If set to 2470.Dq Li YES , 2471do not allow any sockets, 2472besides UNIX/IP/route sockets, 2473to be used within a jail. 2474.It Va jail_default_sysvipc_allow 2475.Pq Vt bool 2476If set to 2477.Dq Li YES , 2478allow applications within a jail to use System V IPC. 2479.It Va jail_default_chflags_allow 2480.Pq Vt bool 2481If set to 2482.Dq Li YES , 2483allow applications within a jail to alter system file flags. 2484.It Va jail_default_raw_sockets_allow 2485.Pq Vt bool 2486If set to 2487.Dq Li YES , 2488allow applications within a jail to user raw sockets. 2489.It Va lvm_enable 2490.Pq Vt bool 2491If set to 2492.Dq Li YES 2493LVM volumes will be discovered and configured on boot. 2494.It Va newsyslog_enable 2495.Pq Vt bool 2496If set to 2497.Dq Li YES , 2498run 2499.Xr newsyslog 8 2500before syslogd starts. 2501.It Va newsyslog_flags 2502.Pq Vt str 2503If 2504.Va newsyslog_enable 2505is set to 2506.Dq Li YES , 2507these are the flags passed to 2508.Xr newsyslog 8 . 2509.It Va resident_enable 2510.Pq Vt bool 2511If set to 2512.Dq Li YES , 2513make the dynamic binaries listed in 2514.Pa /etc/resident.conf 2515resident. 2516.It Va varsym_enable 2517.Pq Vt bool 2518If set to 2519.Dq Li YES , 2520process 2521.Pa /etc/varsym.conf 2522to set system-wide variables for variant symlinks. 2523.It Va rand_irqs 2524.Pq Vt str 2525Set either to 2526.Dq Li NO 2527or a whitespace separated list of IRQ numbers which will be used as a source of 2528randomness. 2529.\" ----------------------------------------------------- 2530.It Va entropy_dir 2531.Pq Vt str 2532Set to 2533.Dq Li NO 2534to disable caching entropy via 2535.Xr cron 8 . 2536Otherwise set to the directory used to store entropy files in. 2537.It Va entropy_file 2538.Pq Vt str 2539Set to 2540.Dq Li NO 2541to disable caching entropy through reboots. 2542Otherwise set to the filename used to store cached entropy through reboots. 2543This file should be located on the root file system to seed the 2544.Xr random 4 2545device as early as possible in the boot process. 2546.It Va entropy_save_sz 2547.Pq Vt int 2548Determines the size of the entropy cache files used for entropy cached 2549through reboots and also entropy cached via 2550.Xr cron 8 . 2551The entropy is fed to the system in blocks of 512 bytes, so this number 2552should be large enough to fill as many of the entropy pools in the kernel 2553CSPRNG as possible. 2554By default, it is set to 16384, which should be able to seed all 32 entropy 2555pools in the Fortuna CSPRNG. 2556.It Va dmesg_enable 2557.Pq Vt bool 2558Set to 2559.Dq Li YES 2560to save 2561.Xr dmesg 8 2562to 2563.Pa /var/run/dmesg.boot 2564on boot. 2565.It Va rcshutdown_timeout 2566.Pq Vt int 2567If set, start a watchdog timer in the background which will terminate 2568.Pa rc.shutdown 2569if 2570.Xr shutdown 8 2571has not completed within the specified time (in seconds). 2572Notice that in addition to this soft timeout, 2573.Xr init 8 2574also applies a hard timeout for the execution of 2575.Pa rc.shutdown . 2576This is configured via 2577.Xr sysctl 8 2578variable 2579.Va kern.init_shutdown_timeout 2580and defaults to 120 seconds. Setting the value of 2581.Va rcshutdown_timeout 2582to more than 120 seconds will have no effect until the 2583.Xr sysctl 8 2584variable 2585.Va kern.init_shutdown_timeout 2586is also increased. 2587.It Va udevd_enable 2588.Pq Vt bool 2589If set to 2590.Dq Li YES , 2591the udevd daemon will be started on boot. 2592.It Va vfs_quota_enable 2593.Pq Vt bool 2594If set to 2595.Dq Li YES , 2596vfs quota rc.d scripts will be run on boot. 2597.It Va vfs_quota_sync 2598.Pq Vt str 2599List of mount points whose counters are to be synchronized with on-disk 2600usage during system startup. 2601See also 2602.Xr vquota 8 . 2603.It Va vknetd_enable 2604.Pq Vt bool 2605If set to 2606.Dq Li YES , 2607.Xr vknetd 8 2608will be started on boot. 2609.It Va vknetd_flags 2610.Pq Vt bool 2611Additional flags passed to 2612.Xr vknetd 8 . 2613Usually address/cidrbits is specified here. 2614When no flags are passed, default option 2615.Fl U 2616will be used. 2617.It Va vkernel_enable 2618.Pq Vt bool 2619If set to 2620.Dq Li NO , 2621any configured vkernels will not be started. 2622.It Va vkernel_kill_timeout 2623.Pq Vt int 2624This defines the default number of seconds that we will wait for the 2625vkernel to shut down on its own. 2626If after this time it's still alive, 2627it will be killed with SIGKILL. 2628.It Va vkernel_bin 2629.Pq Vt str 2630Defines the default path to the vkernel binary. 2631.It Va vkernel_list 2632.Pq Vt str 2633A space separated list of names for vkernels. 2634This is purely a configuration aid to help identify and 2635configure multiple vkernels. 2636The names specified in this list will be used to 2637identify settings common to a vkernel instance. 2638Assuming that the vkernel in question was named 2639.Li example , 2640you would have the following dependent variables 2641(filled with reference values in this text): 2642.Bd -literal 2643vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2644vkernel_example_memsize="64m" 2645vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2646vkernel_example_memimg="/var/vkernel/memimg.000001" 2647vkernel_example_user="myuser" 2648vkernel_example_iface_list="auto:bridge0" 2649vkernel_example_logfile="/dev/null" 2650vkernel_example_flags="-U" 2651vkernel_example_kill_timeout="45" 2652.Ed 2653.Pp 2654The last six are optional. 2655They default to an empty string if not set, except for logfile which defaults to 2656.Pa /dev/null 2657if it is not set. 2658.Pp 2659Note that in case 2660.Va vkernel_memimg 2661is not set, the 2662.Pa rc.d 2663script will create 2664.Pa /var/vkernel , 2665which is the vkernel's default directory for memory images, 2666with permissions of 1777, i.e. world writable with the sticky bit set 2667(see 2668.Xr sticky 8 ) . 2669.It Va autofs_enable 2670.Pq Vt bool 2671If set to 2672.Dq Li YES , 2673start the 2674.Xr automount 8 2675utility and the 2676.Xr automountd 8 2677and 2678.Xr autounmountd 8 2679daemons at boot time. 2680.It Va automount_flags 2681.Pq Vt str 2682If 2683.Va autofs_enable 2684is set to 2685.Dq Li YES , 2686these are the flags to pass to the 2687.Xr automount 8 2688program. 2689By default no flags are passed. 2690.It Va automountd_flags 2691.Pq Vt str 2692If 2693.Va autofs_enable 2694is set to 2695.Dq Li YES , 2696these are the flags to pass to the 2697.Xr automountd 8 2698daemon. 2699By default no flags are passed. 2700.It Va autounmountd_flags 2701.Pq Vt str 2702If 2703.Va autofs_enable 2704is set to 2705.Dq Li YES , 2706these are the flags to pass to the 2707.Xr autounmountd 8 2708daemon. 2709By default no flags are passed. 2710.El 2711.Sh FILES 2712.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2713.It Pa /etc/defaults/rc.conf 2714.It Pa /etc/rc.conf 2715.It Pa /etc/rc.conf.local 2716.It Pa /etc/start_if. Ns Aq Ar interface 2717.El 2718.Sh SEE ALSO 2719.Xr gdb 1 , 2720.Xr info 1 , 2721.Xr kbdcontrol 1 , 2722.Xr varsym 1 , 2723.Xr vidcontrol 1 , 2724.Xr ip 4 , 2725.Xr ipfw 4 , 2726.Xr kld 4 , 2727.Xr pf 4 , 2728.Xr tcp 4 , 2729.Xr udp 4 , 2730.Xr vlan 4 , 2731.Xr autofs 5 , 2732.Xr auto_master 5 , 2733.Xr exports 5 , 2734.Xr motd 5 , 2735.Xr resident.conf 5 , 2736.Xr varsym.conf 5 , 2737.Xr accton 8 , 2738.Xr automount 8 , 2739.Xr automountd 8 , 2740.Xr autounmountd 8 , 2741.Xr btconfig 8 , 2742.Xr bthcid 8 , 2743.Xr cron 8 , 2744.Xr devd 8 , 2745.Xr dhclient 8 , 2746.Xr dhcpcd 8 , 2747.Xr dntpd 8 , 2748.Xr ftpd 8 , 2749.Xr ifconfig 8 , 2750.Xr inetd 8 , 2751.Xr ip6addrctl 8 , 2752.Xr jail 8 , 2753.Xr lpd 8 , 2754.Xr makewhatis 8 , 2755.Xr mixer 8 , 2756.Xr mountd 8 , 2757.Xr moused 8 , 2758.Xr nfsd 8 , 2759.Xr pcnfsd 8 , 2760.Xr pfctl 8 , 2761.Xr pflogd 8 , 2762.Xr quotacheck 8 , 2763.Xr quotaon 8 , 2764.Xr rc 8 , 2765.Xr rc.sendmail 8 , 2766.Xr resident 8 , 2767.Xr rndcontrol 8 , 2768.Xr route 8 , 2769.Xr routed 8 , 2770.Xr rpcbind 8 , 2771.Xr rpc.lockd 8 , 2772.Xr rpc.statd 8 , 2773.Xr rtadvd 8 , 2774.Xr rtsold 8 , 2775.Xr rwhod 8 , 2776.Xr savecore 8 , 2777.Xr sdpd 8 , 2778.Xr sensorsd 8 , 2779.Xr sshd 8 , 2780.Xr swapon 8 , 2781.Xr sysctl 8 , 2782.Xr syslogd 8 , 2783.Xr sysvipcd 8 , 2784.Xr vinum 8 , 2785.Xr wpa_supplicant 8 , 2786.Xr yp 8 , 2787.Xr ypbind 8 , 2788.Xr ypserv 8 , 2789.Xr ypset 8 2790.Sh HISTORY 2791The 2792.Nm 2793file appeared in 2794.Fx 2.2.2 . 2795.Sh AUTHORS 2796.An Jordan K. Hubbard . 2797