xref: /dragonfly/share/man/man5/rc.conf.5 (revision a68e0df0) 
1.\" Copyright (c) 1995
2.\"	Jordan K. Hubbard
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $
26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.61 2008/10/20 07:35:08 swildner Exp $
27.Dd December 12, 2009
28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
38started up at system initial boot time.
39In new installations, the
40.Nm
41file is generally initialized by the installer.
42.Pp
43The purpose of
44.Nm
45is not to run commands or perform system startup actions directly.
46Instead, it is included by the various generic startup scripts in
47.Pa /etc
48which conditionalize their
49internal actions according to the settings found there.
50.Pp
51The
52.Pa /etc/defaults/rc.conf
53file specifies the default settings for all the available options,
54the
55.Pa /etc/rc.conf
56file specifies override settings.
57Options need only be specified in
58.Pa /etc/rc.conf
59when the system administrator wishes to override the defaults.
60The file
61.Pa /etc/rc.conf.local
62is used to override settings in
63.Pa /etc/rc.conf
64for historical reasons.
65See the
66.Va rc_conf_files
67variable below.
68.Pp
69The following list provides a name and short description for each
70variable that can be set in the
71.Nm
72file.
73To set a variable of
74.Vt bool
75type, specify either
76.Dq Li YES ,
77.Dq Li TRUE ,
78.Dq Li ON ,
79or
80.Dq Li 1 .
81To unset, specify
82.Dq Li NO ,
83.Dq Li FALSE ,
84.Dq Li OFF ,
85or
86.Dq Li 0 .
87These values are case insensitive.
88The
89.Va _enable
90postfix in the name of a variable for starting a service can be
91omitted (as in
92.Nx ) .
93.Bl -tag -width indent-two
94.It Va rc_debug
95.Pq Vt bool
96If set to
97.Dq Li YES ,
98enable output of debug messages from rc scripts.
99This variable can be helpful in diagnosing mistakes when
100editing or integrating new scripts.
101Beware that this produces copious output to the terminal and
102.Xr syslog 3 .
103.It Va rc_info
104.Pq Vt bool
105If set to
106.Dq Li NO ,
107disable informational messages from the rc scripts.
108Informational messages are displayed when
109a condition that is not serious enough to warrant a warning or an error occurs.
110.It Va swapfile
111.Pq Vt str
112If set to
113.Dq Li NO ,
114no swapfile is installed, otherwise the value is used as the full
115pathname to a file to use for additional swap space.
116.It Va apm_enable
117.Pq Vt bool
118If set to
119.Dq Li YES ,
120enable support for Automatic Power Management with the
121.Xr apm 8
122command.
123.It Va apmd_enable
124.Pq Vt bool
125Run
126.Xr apmd 8
127to handle APM event from userland.
128This also enables support for APM.
129.It Va apmd_flags
130.Pq Vt str
131If
132.Va apmd_enable
133is set to
134.Dq Li YES ,
135these are the flags to pass to the
136.Xr apmd 8
137daemon.
138.It Va battd_enable
139Enable
140.Xr battd 8
141to monitor the status of batteries present in the system.
142This also enables support for APM.
143.It Va battd_flags
144.Pq Vt str
145If
146.Va battd_enable
147is set to
148.Dq Li YES ,
149these are the flags to pass to the
150.Xr battd 8
151daemon.
152.It Va devd_enable
153.Pq Vt bool
154Run
155.Xr devd 8
156to handle device added, removed or unknown events from the kernel.
157.It Va devd_flags
158.Pq Vt str
159If
160.Va devd_enable
161is set to
162.Dq Li YES ,
163these are the flags to pass to the
164.Xr devd 8
165daemon.
166.It Va sensorsd_enable
167.Pq Vt bool
168Set to
169.Dq Li NO
170by default.
171Setting this to
172.Dq Li YES
173enables
174.Xr sensorsd 8 ,
175a sensors monitoring and logging daemon.
176.It Va sensorsd_flags
177.Pq Vt str
178Empty by default.
179Additional flags passed to the
180.Xr sensorsd 8
181program.
182.It Va hotplugd_enable
183.Pq Vt bool
184Set to
185.Dq Li NO
186by default.
187Setting this to
188.Dq Li YES
189enables
190.Xr hotplugd 8 ,
191a devices hot plugging monitoring daemon.
192.It Va hotplugd_flags
193.Pq Vt str
194Empty by default.
195Additional flags passed to the
196.Xr hotplugd 8
197program.
198.It Va pccard_ifconfig
199.Pq Vt str
200List of arguments to be passed to
201.Xr ifconfig 8
202at boot time or on insertion of the card (e.g.\&
203.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0
204for a fixed address or
205.Dq Li DHCP
206for a DHCP client).
207.It Va pccard_ether_delay
208.Pq Vt str
209Set the delay before starting
210.Xr dhclient 8
211in the
212.Pa /etc/pccard_ether
213script.
214This defaults to 5 seconds to work around a bug in the
215.Xr ed 4
216driver which can lead to system hangs when using some newer
217.Xr ed 4
218based cards.
219.It Va removable_interfaces
220.Pq Vt str
221List of removable network interfaces to be supported by
222.Pa /etc/pccard_ether .
223.It Va local_startup
224.Pq Vt str
225List of directories to search for startup script files.
226.It Va script_name_sep
227.Pq Vt str
228The field separator to use for breaking down the list of startup script files
229into individual filenames.
230The default is a space.
231It is not necessary to change this unless there are startup scripts with names
232containing spaces.
233.It Va hostapd_enable
234.Pq Vt bool
235Set to
236.Dq Li YES
237to start
238.Xr hostapd 8
239at system boot time.
240.It Va hostname
241.Pq Vt str
242The fully qualified domain name (FQDN) of this host on the network.
243This should almost certainly be set to something meaningful, even if
244there is no network connection.
245If
246.Xr dhclient 8
247is used to set the hostname via DHCP,
248this variable should be set to an empty string.
249.It Va ipv6_enable
250.Pq Vt bool
251Enable support for IPv6 networking.
252Note that this requires that the kernel have been compiled with
253.Cd "options INET6" .
254.It Va nisdomainname
255.Pq Vt str
256The NIS domain name of this host, or
257.Dq Li NO
258if NIS is not used.
259.It Va dhclient_program
260.Pq Vt str
261Path to the DHCP client program
262(default
263.Pa /sbin/dhclient ) .
264.It Va dhclient_flags
265.Pq Vt str
266Additional flags to pass to the DHCP client program.
267.It Va pf_enable
268.Pq Vt bool
269Set to
270.Dq Li YES
271to load
272.Xr pf 4
273at startup.
274If the kernel was not built with
275.Cd "device pf" ,
276the
277.Pa pf.ko
278kernel module will be loaded.
279See also
280.Va firewall_enable
281and
282.Va ipfilter_enable .
283.It Va pf_rules
284.Pq Vt str
285Path to the
286.Xr pf 4
287ruleset definition file.
288.It Va pf_program
289.Pq Vt str
290Path to
291.Xr pfctl 8 .
292.It Va pf_flags
293.Pq Vt str
294If
295.Va pf_enable
296is set to
297.Dq Li YES ,
298these are the flags to pass to
299.Xr pfctl 8
300when loading the ruleset.
301.It Va pflog_enable
302.Pq Vt bool
303Set this to
304.Dq Li YES
305to enable
306.Xr pflogd 8
307which logs packets from
308.Xr pf 4 .
309.It Va pflog_logfile
310.Pq Vt str
311If
312.Va pflog_enable
313is set to
314.Dq Li YES
315this specifies the path of the log file.
316.It Va pflog_program
317.Pq Vt str
318Path to
319.Xr pflogd 8 .
320.It Va pflog_flags
321.Pq Vt str
322If
323.Va pflog_enable
324is set to
325.Dq Li YES ,
326these are the flags to pass to
327.Xr pflogd 8 .
328.It Va firewall_enable
329.Pq Vt bool
330Set to
331.Dq Li YES
332to load firewall rules at startup.
333If the kernel was not built with
334.Cd "options IPFIREWALL" ,
335the
336.Pa ipfw.ko
337kernel module will be loaded.
338See also
339.Va pf_enable
340and
341.Va ipfilter_enable .
342.It Va ipv6_firewall_enable
343.Pq Vt bool
344The IPv6 equivalent of
345.Va firewall_enable .
346Set to
347.Dq Li YES
348to load IPv6 firewall rules at startup.
349If the kernel was not built with
350.Cd "options IPV6FIREWALL" ,
351the
352.Pa ip6fw.ko
353kernel module will be loaded.
354.It Va firewall_script
355.Pq Vt str
356The full path to the firewall script to run
357(default
358.Pa /etc/rc.firewall ) .
359.It Va ipv6_firewall_script
360.Pq Vt str
361The IPv6 equivalent of
362.Va firewall_script .
363.It Va firewall_type
364.Pq Vt str
365Names the firewall type from the selection in
366.Pa /etc/rc.firewall ,
367or the file which contains the local firewall ruleset.
368Valid selections from
369.Pa /etc/rc.firewall
370are:
371.Pp
372.Bl -tag -width ".Li simple" -compact
373.It Li open
374unrestricted IP access
375.It Li closed
376all IP services disabled, except via
377.Dq Li lo0
378.It Li client
379basic protection for a workstation on a LAN
380.It Li simple
381alias for
382.Li client .
383.El
384.Pp
385If a filename is specified, the full path must be given.
386.It Va firewall_trusted_nets
387.Pq Vt str
388List of trusted networks (if
389.Va firewall_type
390is set to
391.Li client ) .
392.It Va firewall_trusted_interfaces
393.Pq Vt str
394List of trusted network interfaces (if
395.Va firewall_type
396is set to
397.Li client ) .
398.It Va firewall_allowed_icmp_types
399.Pq Vt str
400List of allowed ICMP types (if
401.Va firewall_type
402is set to
403.Li client ) .
404.It Va firewall_open_tcp_ports
405.Pq Vt str
406List of TCP ports to open (if
407.Va firewall_type
408is set to
409.Li client ) .
410.It Va firewall_open_udp_ports
411.Pq Vt str
412List of UDP ports to open (if
413.Va firewall_type
414is set to
415.Li client ) .
416.It Va ipv6_firewall_type
417.Pq Vt str
418The IPv6 equivalent of
419.Va firewall_type .
420.It Va firewall_quiet
421.Pq Vt bool
422Set to
423.Dq Li YES
424to disable the display of firewall rules on the console during boot.
425.It Va ipv6_firewall_quiet
426.Pq Vt bool
427The IPv6 equivalent of
428.Va firewall_quiet .
429.It Va firewall_logging
430.Pq Vt bool
431Set to
432.Dq Li YES
433to enable firewall event logging.
434This is equivalent to the
435.Dv IPFIREWALL_VERBOSE
436kernel option.
437.It Va ipv6_firewall_logging
438.Pq Vt bool
439The IPv6 equivalent of
440.Va firewall_logging .
441.It Va firewall_flags
442.Pq Vt str
443Flags passed to
444.Xr ipfw 8
445if
446.Va firewall_type
447specifies a filename.
448.It Va ipv6_firewall_flags
449.Pq Vt str
450The IPv6 equivalent of
451.Va firewall_flags .
452.It Va natd_program
453.Pq Vt str
454Path to
455.Xr natd 8 .
456.It Va natd_enable
457.Pq Vt bool
458Set to
459.Dq Li YES
460to enable
461.Xr natd 8 .
462.Va firewall_enable
463must also be set to
464.Dq Li YES ,
465and
466.Xr divert 4
467sockets must be enabled in the kernel.
468.It Va natd_interface
469.Pq Vt str
470This is the name of the public interface on which
471.Xr natd 8
472should run.
473The interface may be given as an interface name or as an IP address.
474.It Va natd_flags
475.Pq Vt str
476Additional
477.Xr natd 8
478flags should be placed here.
479The
480.Fl n
481or
482.Fl a
483flag is automatically added with the above
484.Va natd_interface
485as an argument.
486.\" ----- ipfilter_enable setting --------------------------------
487.It Va ipfilter_enable
488.Pq Vt bool
489Set to
490.Dq Li NO
491by default.
492Setting this to
493.Dq Li YES
494enables
495.Xr ipf 8
496packet filtering.
497.Pp
498Typical usage will require putting
499.Bd -literal
500ipfilter_enable="YES"
501ipnat_enable="YES"
502ipmon_enable="YES"
503ipfs_enable="YES"
504.Ed
505.Pp
506into
507.Pa /etc/rc.conf
508and editing
509.Pa /etc/ipf.rules
510and
511.Pa /etc/ipnat.rules
512appropriately.
513.Pp
514Note that
515.Va ipfilter_enable
516and
517.Va ipnat_enable
518can be enabled independently.
519.Va ipmon_enable
520and
521.Va ipfs_enable
522both require at least one of
523.Va ipfilter_enable
524and
525.Va ipnat_enable
526to be enabled.
527.Pp
528Having
529.Bd -literal
530options IPFILTER
531options IPFILTER_LOG
532options IPFILTER_DEFAULT_BLOCK
533.Ed
534.Pp
535in the kernel configuration file is a good idea, too.
536See also
537.Va pf_enable
538and
539.Va firewall_enable .
540.\" ----- ipfilter_program setting ------------------------------
541.It Va ipfilter_program
542.Pq Vt str
543Path to
544.Xr ipf 8
545(default
546.Pa /sbin/ipf ) .
547.\" ----- ipfilter_rules setting --------------------------------
548.It Va ipfilter_rules
549.Pq Vt str
550Set to
551.Pa /etc/ipf.rules
552by default.
553The name of the filter rule definition file.
554The file is expected to be readable for the
555.Xr ipf 8
556command to execute.
557.\" ----- ipv6_ipfilter_rules setting ---------------------------
558.It Va ipv6_ipfilter_rules
559.Pq Vt str
560Set to
561.Pa /etc/ipf6.rules
562by default.
563The name of the IPv6 filter rule definition file.
564The file is expected to be readable for the
565.Xr ipf 8
566command to execute.
567.\" ----- ipfilter_flags setting --------------------------------
568.It Va ipfilter_flags
569.Pq Vt str
570Empty by default.
571Flags passed to the
572.Xr ipf 8
573program.
574.\" ----- ipnat_enable setting ----------------------------------
575.It Va ipnat_enable
576.Pq Vt bool
577Set to
578.Dq Li NO
579by default.
580Set it to
581.Dq Li YES
582to enable
583.Xr ipnat 8
584network address translation.
585See
586.Va ipfilter_enable
587for a detailed discussion.
588.\" ----- ipnat_program setting ---------------------------------
589.It Va ipnat_program
590.Pq Vt str
591Path to
592.Xr ipnat 8
593(default
594.Pa /sbin/ipnat ) .
595.\" ----- ipnat_rules setting -----------------------------------
596.It Va ipnat_rules
597.Pq Vt str
598Set to
599.Pa /etc/ipnat.rules
600by default.
601The name of the file
602holding the network address translation definition.
603This file is expected to be readable for the
604.Xr ipnat 8
605command to execute.
606.\" ----- ipnat_flags setting -----------------------------------
607.It Va ipnat_flags
608.Pq Vt str
609Empty by default.
610Flags passed to the
611.Xr ipnat 8
612program.
613.\" ----- ipmon_enable setting ----------------------------------
614.It Va ipmon_enable
615.Pq Vt bool
616Set to
617.Dq Li NO
618by default.
619Set it to
620.Dq Li YES
621to enable
622.Xr ipmon 8
623monitoring (logging
624.Xr ipf 8
625and
626.Xr ipnat 8
627events).
628Setting this variable needs setting
629.Va ipfilter_enable
630or
631.Va ipnat_enable
632too.
633See
634.Va ipfilter_enable
635for a detailed discussion.
636.\" ----- ipmon_program setting ---------------------------------
637.It Va ipmon_program
638.Pq Vt str
639Path to
640.Xr ipmon 8
641(default
642.Pa /sbin/ipmon ) .
643.\" ----- ipmon_flags setting -----------------------------------
644.It Va ipmon_flags
645.Pq Vt str
646Set to
647.Dq Li -Ds
648by default.
649Flags passed to the
650.Xr ipmon 8
651program.
652Another typical example would be
653.Dq Fl D Pa /var/log/ipflog
654to have
655.Xr ipmon 8
656log directly to a file bypassing
657.Xr syslogd 8 .
658Make sure to adjust
659.Pa /etc/newsyslog.conf
660in such case like this:
661.Bd -literal
662/var/log/ipflog  640  10  100  *  Z  /var/run/ipmon.pid
663.Ed
664.\" ----- ipfs_enable setting -----------------------------------
665.It Va ipfs_enable
666.Pq Vt bool
667Set to
668.Dq Li NO
669by default.
670Set it to
671.Dq Li YES
672to enable
673.Xr ipfs 8
674saving the filter and NAT state tables during shutdown
675and reloading them during startup again.
676Setting this variable needs setting
677.Va ipfilter_enable
678or
679.Va ipnat_enable
680to
681.Dq Li YES
682too.
683See
684.Va ipfilter_enable
685for a detailed discussion.
686Note that if
687.Va kern_securelevel
688is set to 3,
689.Va ipfs_enable
690cannot be used because the raised securelevel will prevent
691.Xr ipfs 8
692from saving the state tables at shutdown time.
693.\" ----- ipfs_program setting ----------------------------------
694.It Va ipfs_program
695.Pq Vt str
696Path to
697.Xr ipfs 8
698(default
699.Pa /sbin/ipfs ) .
700.\" ----- ipfs_flags setting ------------------------------------
701.It Va ipfs_flags
702.Pq Vt str
703Empty by default.
704Flags passed to the
705.Xr ipfs 8
706program.
707.\" ----- end of added ipf hook ---------------------------------
708.It Va tcp_extensions
709.Pq Vt bool
710Set to
711.Dq Li YES
712by default.
713Setting this to
714.Dq Li NO
715disables certain TCP options as described by
716.Rs
717.%T "RFC 1323"
718.Re
719Setting this to
720.Dq Li NO
721might help remedy such problems with connections as randomly hanging
722or other weird behavior.
723Some network devices are known to be broken with respect to these options.
724.It Va log_in_vain
725.Pq Vt int
726Set to 0 by default.
727The
728.Xr sysctl 8
729variables,
730.Va net.inet.tcp.log_in_vain
731and
732.Va net.inet.udp.log_in_vain ,
733as described in
734.Xr tcp 4
735and
736.Xr udp 4 ,
737are set to the given value.
738.It Va tcp_keepalive
739.Pq Vt bool
740Set to
741.Dq Li YES
742by default.
743Setting to
744.Dq Li NO
745will disable probing idle TCP connections to verify that the
746peer is still up and reachable.
747.It Va tcp_drop_synfin
748.Pq Vt bool
749Set to
750.Dq Li NO
751by default.
752Setting to
753.Dq Li YES
754will cause the kernel to ignore TCP frames that have both
755the SYN and FIN flags set.
756This prevents OS fingerprinting, but may break some legitimate applications.
757This option is only available if the kernel was built with the
758.Dv TCP_DROP_SYNFIN
759option.
760.It Va icmp_drop_redirect
761.Pq Vt bool
762Set to
763.Dq Li NO
764by default.
765Setting to
766.Dq Li YES
767will cause the kernel to ignore ICMP REDIRECT packets.
768Refer to
769.Xr icmp 4
770for more information.
771.It Va icmp_log_redirect
772.Pq Vt bool
773Set to
774.Dq Li NO
775by default.
776Setting to
777.Dq Li YES
778will cause the kernel to log ICMP REDIRECT packets.
779Note that
780the log messages are not rate-limited, so this option should only be used
781for troubleshooting networks.
782Refer to
783.Xr icmp 4
784for more information.
785.It Va icmp_bmcastecho
786.Pq Vt bool
787Set to
788.Dq Li YES
789to respond to broadcast or multicast ICMP ping packets.
790Refer to
791.Xr icmp 4
792for more information.
793.It Va ip_portrange_first
794.Pq Vt int
795If not set to
796.Dq Li NO ,
797this is the first port in the default portrange.
798Refer to
799.Xr ip 4
800for more information.
801.It Va ip_portrange_last
802.Pq Vt int
803If not set to
804.Dq Li NO ,
805this is the last port in the default portrange.
806Refer to
807.Xr ip 4
808for more information.
809.\"
810.It Va ifconfig_ Ns Aq Ar interface
811.Pq Vt str
812Configuration for
813.Dq interface .
814Typically includes IP address.
815Assuming that the interface in question was
816.Li ed0 ,
817it might look something like this:
818.Bd -literal
819ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000"
820.Ed
821.Pp
822If the
823.Pa /etc/start_if. Ns Aq Ar interface
824file is present, it is read and executed by the
825.Xr sh 1
826interpreter before configuring the interface as specified in the
827.Va ifconfig_ Ns Aq Ar interface
828and
829.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
830variables.
831.Pp
832It is possible to bring up an interface with DHCP by adding
833.Dq Li DHCP
834to the
835.Va ifconfig_ Ns Aq Ar interface
836variable.
837For instance, to initialize the
838.Li ed0
839device via DHCP, it is possible to use something like:
840.Bd -literal
841ifconfig_ed0="DHCP"
842.Ed
843.Pp
844Also, if your interface needs WPA authentication, it is possible to add
845.Dq Li WPA
846to the
847.Va ifconfig_ Ns Aq Ar interface
848variable.
849This will start
850.Xr wpa_supplicant 8 .
851See
852.Xr wpa_supplicant.conf 5
853for configuring authentication information.
854.Pp
855Finally, you can add
856.Xr ifconfig 8
857options in this variable, in addition to the
858.Pa /etc/start_if. Ns Aq Ar interface
859file.
860For instance, to initialize the
861.Li wi0
862device via DHCP, using WPA authentication and 802.11b mode, it is
863possible to use something like:
864.Bd -literal
865ifconfig_wi0="up DHCP WPA mode 11b"
866.Ed
867.Pp
868.\"
869.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
870.Pq Vt str
871Configuration to establish an additional network address for
872.Dq interface .
873Assuming that the interface in question was
874.Li ed0 ,
875it might look something like this:
876.Bd -literal
877ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
878ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
879.Ed
880.Pp
881And so on.
882For each
883.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
884entry that is found, its contents are passed to
885.Xr ifconfig 8 .
886Execution stops at the first unsuccessful access, so if
887something like this is present:
888.Bd -literal
889ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
890ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
891ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
892ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
893.Ed
894.Pp
895Then note that alias4 would
896.Em not
897be added since the search would stop with the missing alias3 entry.
898.Pp
899.\"
900.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name
901.Pq Vt str
902New name for
903.Dq interface .
904It is possible to rename interface by doing:
905.Bd -literal
906ifconfig_ed0_name="net0"
907ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
908.Ed
909.It Va network_interfaces
910.Pq Vt str
911The list of network interfaces to configure on this host,
912or
913.Dq Li auto
914to configure all network interfaces
915(default
916.Dq Li auto ) .
917For example, if the only network devices to be configured are the loopback device
918.Pq Li lo0
919and a NIC using the
920.Xr ed 4
921driver, this could be set to
922.Dq Li "lo0 ed0" .
923An
924.Va ifconfig_ Ns Aq Ar interface
925variable is assumed to exist for each value of
926.Ar interface .
927.It Va ipv6_network_interfaces
928.Pq Vt str
929This is the IPv6 equivalent of
930.Va network_interfaces .
931Instead of setting the ifconfig variables as
932.Va ifconfig_ Ns Aq Ar interface
933they should be set as
934.Va ipv6_ifconfig_ Ns Aq Ar interface .
935Aliases should be set as
936.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
937Interfaces that do not have a
938.Va ipv6_ifconfig_ Ns Aq Ar interface
939setting will be auto configured by
940.Xr rtsol 8
941if the
942.Va ipv6_gateway_enable
943is set to
944.Dq Li NO .
945Note that the IPv6 networking code does not support the
946.Pa /etc/start_if. Ns Aq Ar interface
947files.
948.It Va ipv6_prefix_ Ns Aq Ar interface
949.Pq Vt str
950Assign prefix to
951.Ar interface ,
952prefixlen 64 is used.
953.It Va ipv6_default_interface
954.Pq Vt str
955If not set to
956.Dq Li NO ,
957this is the default output interface for scoped addresses.
958Now this works only for IPv6 link local multicast addresses.
959.It Va cloned_interfaces
960.Pq Vt str
961Set to the list of clonable network interfaces to create on this host.
962Entries in
963.Va cloned_interfaces
964are automatically appended to
965.Va network_interfaces
966for configuration.
967.It Va gif_interfaces
968.Pq Vt str
969Set to the list of
970.Xr gif 4
971tunnel interfaces to configure on this host.
972A
973.Va gifconfig_ Ns Aq Ar interface
974variable is assumed to exist for each value of
975.Ar interface .
976The value of this variable is used to configure the link layer of the
977tunnel according to the syntax of the
978.Cm tunnel
979option to
980.Xr ifconfig 8 .
981Additionally, this option ensures that each listed interface is created via the
982.Cm create
983option to
984.Xr ifconfig 8
985before attempting to configure it.
986.It Va sppp_interfaces
987.Pq Vt str
988Set to the list of
989.Xr sppp 4
990interfaces to configure on this host.
991A
992.Va spppconfig_ Ns Aq Ar interface
993variable is assumed to exist for each value of
994.Ar interface .
995Each interface should also be configured by a general
996.Va ifconfig_ Ns Aq Ar interface
997setting.
998Refer to
999.Xr spppcontrol 8
1000for more information about available options.
1001.It Va ppp_enable
1002.Pq Vt bool
1003If set to
1004.Dq Li YES ,
1005run the
1006.Xr ppp 8
1007daemon.
1008.It Va ppp_mode
1009.Pq Vt str
1010Mode in which to run the
1011.Xr ppp 8
1012daemon.
1013Accepted modes are
1014.Dq Li auto ,
1015.Dq Li ddial ,
1016.Dq Li direct
1017and
1018.Dq Li dedicated .
1019See the manual for a full description.
1020.It Va ppp_nat
1021.Pq Vt bool
1022If set to
1023.Dq Li YES ,
1024enables network address translation.
1025Used in conjunction with
1026.Va gateway_enable
1027allows hosts on private network addresses access to the Internet using
1028this host as a network address translating router.
1029.It Va ppp_profile
1030.Pq Vt str
1031The name of the profile to use from
1032.Pa /etc/ppp/ppp.conf .
1033.It Va ppp_user
1034.Pq Vt str
1035The name of the user under which
1036.Xr ppp 8
1037should be started.
1038By default,
1039.Xr ppp 8
1040is started as
1041.Dq Li root .
1042.It Va rc_conf_files
1043.Pq Vt str
1044This option is used to specify a list of files that will override
1045the settings in
1046.Pa /etc/defaults/rc.conf .
1047The files will be read in the order in which they are specified and should
1048include the full path to the file.
1049By default, the files specified are
1050.Pa /etc/rc.conf
1051and
1052.Pa /etc/rc.conf.local
1053.It Va fsck_y_enable
1054.Pq Vt bool
1055If set to
1056.Dq Li YES ,
1057.Xr fsck 8
1058will be run with the
1059.Fl y
1060flag if the initial preen of the file systems fails.
1061.It Va netfs_types
1062.Pq Vt str
1063List of file system types that are network-based.
1064This list should generally not be modified by end users.
1065Use
1066.Va extra_netfs_types
1067instead.
1068.It Va extra_netfs_types
1069.Pq Vt str
1070If set to something other than
1071.Dq Li NO
1072(the default), this variable extends the list of file system types
1073for which automatic mounting at startup by
1074.Xr rc 8
1075should be delayed until the network is initialized.
1076It should contain
1077a whitespace-separated list of network file system descriptor pairs,
1078each consisting of a file system type as passed to
1079.Xr mount 8
1080and a human-readable, one-word description, joined with a colon
1081.Pq Ql \&: .
1082Extending the default list in this way is only necessary
1083when third party file system types are used.
1084.It Va devfs_config_files
1085.Pq Vt str
1086This option is used to specify a list of configuration files containing
1087.Xr devfs 5
1088rules that will be applied by
1089.Xr devfsctl 8
1090in the order in which they are specified and must include the full path
1091to the file.
1092.It Va syslogd_enable
1093.Pq Vt bool
1094If set to
1095.Dq Li YES ,
1096run the
1097.Xr syslogd 8
1098daemon.
1099.It Va syslogd_program
1100.Pq Vt str
1101Path to
1102.Xr syslogd 8
1103(default
1104.Pa /usr/sbin/syslogd ) .
1105.It Va syslogd_flags
1106.Pq Vt str
1107If
1108.Va syslogd_enable
1109is set to
1110.Dq Li YES ,
1111these are the flags to pass to
1112.Xr syslogd 8 .
1113.It Va inetd_enable
1114.Pq Vt bool
1115If set to
1116.Dq Li YES ,
1117run the
1118.Xr inetd 8
1119daemon.
1120.It Va inetd_program
1121.Pq Vt str
1122Path to
1123.Xr inetd 8
1124(default
1125.Pa /usr/sbin/inetd ) .
1126.It Va inetd_flags
1127.Pq Vt str
1128If
1129.Va inetd_enable
1130is set to
1131.Dq Li YES ,
1132these are the flags to pass to
1133.Xr inetd 8 .
1134.It Va named_enable
1135.Pq Vt bool
1136If set to
1137.Dq Li YES ,
1138run the
1139.Xr named 8
1140daemon.
1141.It Va named_program
1142.Pq Vt str
1143Path to
1144.Xr named 8
1145(default
1146.Pa /usr/sbin/named ) .
1147.It Va named_flags
1148.Pq Vt str
1149If
1150.Va named_enable
1151is set to
1152.Dq Li YES ,
1153these are the flags to pass to
1154.Xr named 8 .
1155.It Va named_pidfile
1156.Pq Vt str
1157This is the default path to the
1158.Xr named 8
1159daemon's PID file.
1160Change it if you change the location in
1161.Pa /etc/namedb/named.conf .
1162.It Va named_chrootdir
1163.Pq Vt str
1164The root directory for a name server run in a
1165.Xr chroot 8
1166environment.
1167If left empty
1168.Xr named 8
1169will not be run in a
1170.Xr chroot 8
1171environment.
1172.It Va rwhod_enable
1173.Pq Vt bool
1174If set to
1175.Dq Li YES ,
1176run the
1177.Xr rwhod 8
1178daemon at boot time.
1179.It Va rwhod_flags
1180.Pq Vt str
1181If
1182.Va rwhod_enable
1183is set to
1184.Dq Li YES ,
1185these are the flags to pass to it.
1186.It Va amd_enable
1187.Pq Vt bool
1188If set to
1189.Dq Li YES ,
1190run the
1191.Xr amd 8
1192daemon at boot time.
1193.It Va amd_flags
1194.Pq Vt str
1195If
1196.Va amd_enable
1197is set to
1198.Dq Li YES ,
1199these are the flags to pass to it.
1200See the
1201.Xr amd 8
1202manpage for more information.
1203.It Va amd_map_program
1204.Pq Vt str
1205If set, the specified program is run to get the list of
1206.Xr amd 8
1207maps.
1208For example, if the
1209.Xr amd 8
1210maps are stored in NIS, one can set this to run
1211.Xr ypcat 1
1212to get a list of
1213.Xr amd 8
1214maps from the
1215.Pa amd.master
1216NIS map.
1217.It Va update_motd
1218.Pq Vt bool
1219If set to
1220.Dq Li YES ,
1221.Pa /etc/motd
1222will be updated at boot time to reflect the kernel release being run.
1223If set to
1224.Dq Li NO ,
1225.Pa /etc/motd
1226will not be updated.
1227.It Va nfs_client_enable
1228.Pq Vt bool
1229If set to
1230.Dq Li YES ,
1231setup NFS client parameters at boot time.
1232.It Va nfs_access_cache
1233.Pq Vt int
1234If
1235.Va nfs_client_enable
1236is set to
1237.Dq Li YES ,
1238this can be set to
1239.Dq Li 0
1240to disable NFS ACCESS RPC caching, or to the number of seconds for which
1241NFS ACCESS results should be cached.
1242A value of 2-10 seconds will substantially reduce network traffic for
1243many NFS operations.
1244The default is 5 seconds.
1245Note that the attribute cache holds stat information only.
1246The NFS data cache is independent of the attribute cache and is only
1247invalidated when the client detects that the server has modified the
1248underlying file.
1249This value specifies a maximum timeout.
1250The NFS client will automatically use a shorter timeout for files which
1251have been recently modified.
1252.It Va nfs_neg_cache
1253.Pq Vt int
1254If
1255.Va nfs_client_enable
1256is set to
1257.Dq Li YES ,
1258this can be set to
1259.Dq Li 0
1260to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent
1261filenames), or to the number of seconds for which negative lookups should
1262be cached.
1263A value of 2-10 seconds will substantially reduce network
1264traffic for many NFS operations, especially source code builds.
1265The default is 3 seconds.
1266.It Va nfs_server_enable
1267.Pq Vt bool
1268If set to
1269.Dq Li YES ,
1270run the NFS server daemons at boot time.
1271.It Va nfs_server_flags
1272.Pq Vt str
1273If
1274.Va nfs_server_enable
1275is set to
1276.Dq Li YES ,
1277these are the flags to pass to the
1278.Xr nfsd 8
1279daemon.
1280.It Va mountd_enable
1281.Pq Vt bool
1282If set to
1283.Dq Li YES ,
1284and no
1285.Va nfs_server_enable
1286is set, start
1287.Xr mountd 8 ,
1288but not
1289.Xr nfsd 8
1290daemon.
1291It is commonly needed to run CFS without real NFS used.
1292.It Va mountd_flags
1293.Pq Vt str
1294If
1295.Va mountd_enable
1296is set to
1297.Dq Li YES ,
1298these are the flags to pass to the
1299.Xr mountd 8
1300daemon.
1301.It Va weak_mountd_authentication
1302.Pq Vt bool
1303If set to
1304.Dq Li YES ,
1305allow services like PCNFSD to make non-privileged mount requests.
1306.It Va nfs_reserved_port_only
1307.Pq Vt bool
1308If set to
1309.Dq Li YES ,
1310provide NFS services only on a secure port.
1311.It Va nfs_bufpackets
1312.Pq Vt int
1313If set to a number, indicates the number of packets worth of
1314socket buffer space to reserve on an NFS client.
1315The kernel default is typically 4.
1316Using a higher number may be useful on gigabit networks to improve performance.
1317The minimum value is 2 and the maximum is 64.
1318.It Va rpc_umntall_enable
1319.Pq Vt bool
1320If set to
1321.Dq Li YES
1322(default) and we are also an NFS client, run
1323.Xr rpc.umntall 8
1324at boot time to clear out old mounts on remote servers.
1325If set to
1326.Dq Li NO
1327then
1328.Xr rpc.umntall 8
1329will not be run at boot time.
1330.It Va rpc_lockd_enable
1331.Pq Vt bool
1332If set to
1333.Dq Li YES
1334and also an NFS server, run
1335.Xr rpc.lockd 8
1336at boot time.
1337.It Va rpc_lockd_flags
1338.Pq Vt str
1339If
1340.Va rpc_lockd_enable
1341is set to
1342.Dq Li YES ,
1343these are the flags to pass to
1344.Xr rpc.lockd 8 .
1345.It Va rpc_statd_enable
1346.Pq Vt bool
1347If set to
1348.Dq Li YES
1349and also an NFS server, run
1350.Xr rpc.statd 8
1351at boot time.
1352.It Va rpc_statd_flags
1353.Pq Vt str
1354If
1355.Va rpc_statd_enable
1356is set to
1357.Dq Li YES ,
1358these are the flags to pass to
1359.Xr rpc.statd 8 .
1360.It Va rpcbind_program
1361.Pq Vt str
1362Path to program for rpcbind daemon
1363(default
1364.Pa /usr/sbin/rpcbind ) .
1365.It Va rpcbind_enable
1366.Pq Vt bool
1367If set to
1368.Dq Li YES ,
1369run
1370.Va rpcbind_program
1371at boot time.
1372.It Va rpcbind_flags
1373.Pq Vt str
1374If
1375.Va rpcbind_enable
1376is set to
1377.Dq Li YES ,
1378these are the flags to pass to
1379.Va rpcbind_program .
1380.It Va keyserv_enable
1381.Pq Vt bool
1382If set to
1383.Dq Li YES ,
1384run the
1385.Xr keyserv 8
1386daemon on boot for running Secure RPC.
1387.It Va keyserv_flags
1388.Pq Vt str
1389If
1390.Va keyserv_enable
1391is set to
1392.Dq Li YES ,
1393these are the flags to pass to
1394.Xr keyserv 8
1395daemon.
1396.It Va pppoed_enable
1397.Pq Vt bool
1398If set to
1399.Dq Li YES ,
1400run the
1401.Xr pppoed 8
1402daemon at boot time to provide PPP over Ethernet services.
1403.It Va pppoed_provider
1404.Pq Vt str
1405.Xr pppoed 8
1406listens to requests to this provider and ultimately runs
1407.Xr ppp 8
1408with a
1409.Ar system
1410argument of the same name.
1411.It Va pppoed_flags
1412.Pq Vt str
1413Additional flags to pass to
1414.Xr pppoed 8 .
1415.It Va pppoed_interface
1416.Pq Vt str
1417The network interface to run
1418.Xr pppoed 8
1419on.
1420This is mandatory when
1421.Va pppoed_enable
1422is set to
1423.Dq Li YES .
1424.It Va timed_enable
1425.Pq Vt bool
1426If set to
1427.Dq Li YES ,
1428run the
1429.Xr timed 8
1430service at boot time.
1431This command is intended for networks of machines where a consistent
1432.Dq "network time"
1433for all hosts must be established.
1434This is often useful in large NFS environments where time stamps on
1435files are expected to be consistent network-wide.
1436.It Va timed_flags
1437.Pq Vt str
1438If
1439.Va timed_enable
1440is set to
1441.Dq Li YES ,
1442these are the flags to pass to the
1443.Xr timed 8
1444service.
1445.It Va dntpd_enable
1446.Pq Vt bool
1447If set to
1448.Dq Li YES ,
1449run
1450.Xr dntpd 8
1451at system boot time.
1452.It Va dntpd_program
1453.Pq Vt str
1454Path to
1455.Xr dntpd 8
1456(default
1457.Pa /usr/sbin/dntpd ) .
1458.It Va dntpd_flags
1459.Pq Vt str
1460If
1461.Va dntpd_enable
1462is set to
1463.Dq Li YES ,
1464these are the flags to pass to the
1465.Xr dntpd 8
1466daemon.
1467.It Va btconfig_enable
1468.Pq Vt bool
1469If set to
1470.Dq Li YES ,
1471configure Bluetooth devices via
1472.Xr btconfig 8
1473at system boot time.
1474.It Va btconfig_devices
1475.Pq Vt str
1476If
1477.Va btconfig_enable
1478is set to
1479.Dq Li YES ,
1480this is the list of Bluetooth devices to configure.
1481If
1482.Va btconfig_devices
1483is not specified, all devices known to the system will be configured.
1484A
1485.Va btconfig_ Ns Aq Ar device
1486variable can be set to specify parameters to be passed to
1487.Ar device .
1488.It Va btconfig_args
1489.Pq Vt str
1490If
1491.Va btconfig_enable
1492is set to
1493.Dq Li YES ,
1494this is the list of configuration parameters to pass to all Bluetooth
1495devices.
1496.It Va sdpd_enable
1497.Pq Vt bool
1498If set to
1499.Dq Li YES ,
1500run the Service Discovery Profile daemon
1501.Xr ( sdpd 8 )
1502at system boot time.
1503.It Va sdpd_flags
1504.Pq Vt str
1505If
1506.Va sdpd_enable
1507is set to
1508.Dq Li YES ,
1509these are the flags to pass to the
1510.Xr sdpd 8
1511daemon.
1512.It Va bthcid_enable
1513.Pq Vt bool
1514If set to
1515.Dq Li YES ,
1516run the Bluetooth Link Key/PIN Code Manager daemon
1517.Xr ( bthcid 8 )
1518at system boot time.
1519.It Va bthcid_flags
1520.Pq Vt str
1521If
1522.Va bthcid_enable
1523is set to
1524.Dq Li YES ,
1525these are the flags to pass to the
1526.Xr bthcid 8
1527daemon.
1528.It Va nis_client_enable
1529.Pq Vt bool
1530If set to
1531.Dq Li YES ,
1532run the
1533.Xr ypbind 8
1534service at system boot time.
1535.It Va nis_client_flags
1536.Pq Vt str
1537If
1538.Va nis_client_enable
1539is set to
1540.Dq Li YES ,
1541these are the flags to pass to the
1542.Xr ypbind 8
1543service.
1544.It Va nis_ypset_enable
1545.Pq Vt bool
1546If set to
1547.Dq Li YES ,
1548run the
1549.Xr ypset 8
1550daemon at system boot time.
1551.It Va nis_ypset_flags
1552.Pq Vt str
1553If
1554.Va nis_ypset_enable
1555is set to
1556.Dq Li YES ,
1557these are the flags to pass to the
1558.Xr ypset 8
1559daemon.
1560.It Va nis_server_enable
1561.Pq Vt bool
1562If set to
1563.Dq Li YES ,
1564run the
1565.Xr ypserv 8
1566daemon at system boot time.
1567.It Va nis_server_flags
1568.Pq Vt str
1569If
1570.Va nis_server_enable
1571is set to
1572.Dq Li YES ,
1573these are the flags to pass to the
1574.Xr ypserv 8
1575daemon.
1576.It Va nis_ypxfrd_enable
1577.Pq Vt bool
1578If set to
1579.Dq Li YES ,
1580run the
1581.Xr rpc.ypxfrd 8
1582daemon at system boot time.
1583.It Va nis_ypxfrd_flags
1584.Pq Vt str
1585If
1586.Va nis_ypxfrd_enable
1587is set to
1588.Dq Li YES ,
1589these are the flags to pass to the
1590.Xr rpc.ypxfrd 8
1591daemon.
1592.It Va nis_yppasswdd_enable
1593.Pq Vt bool
1594If set to
1595.Dq Li YES ,
1596run the
1597.Xr rpc.yppasswdd 8
1598daemon at system boot time.
1599.It Va nis_yppasswdd_flags
1600.Pq Vt str
1601If
1602.Va nis_yppasswdd_enable
1603is set to
1604.Dq Li YES ,
1605these are the flags to pass to the
1606.Xr rpc.yppasswdd 8
1607daemon.
1608.It Va rpc_ypupdated_enable
1609.Pq Vt bool
1610If set to
1611.Dq Li YES ,
1612run the
1613.Nm rpc.ypupdated
1614daemon at system boot time.
1615.It Va defaultrouter
1616.Pq Vt str
1617If not set to
1618.Dq Li NO ,
1619create a default route to this host name or IP address
1620(use an IP address if this router is also required to get to the
1621name server!).
1622.It Va ipv6_defaultrouter
1623.Pq Vt str
1624The IPv6 equivalent of
1625.Va defaultrouter .
1626.It Va static_routes
1627.Pq Vt str
1628Set to the list of static routes that are to be added at system boot time.
1629If not set to
1630.Dq Li NO
1631then for each whitespace separated
1632.Ar element
1633in the value, a
1634.Va route_ Ns Aq Ar element
1635variable is assumed to exist whose contents will later be passed to a
1636.Dq Nm route Cm add
1637operation.
1638.It Va ipv6_static_routes
1639.Pq Vt str
1640The IPv6 equivalent of
1641.Va static_routes .
1642If not set to
1643.Dq Li NO
1644then for each whitespace separated
1645.Ar element
1646in the value, a
1647.Va ipv6_route_ Ns Aq Ar element
1648variable is assumed to exist whose contents will later be passed to a
1649.Dq Nm route Cm add Fl inet6
1650operation.
1651.It Va gateway_enable
1652.Pq Vt bool
1653If set to
1654.Dq Li YES ,
1655configure host to act as an IP router, e.g. to forward packets
1656between interfaces.
1657.It Va ipv6_gateway_enable
1658.Pq Vt bool
1659The IPv6 equivalent of
1660.Va gateway_enable .
1661.It Va router_enable
1662.Pq Vt bool
1663If set to
1664.Dq Li YES ,
1665run a routing daemon of some sort, based on the settings of
1666.Va router_program
1667and
1668.Va router_flags .
1669.It Va ipv6_router_enable
1670.Pq Vt bool
1671The IPv6 equivalent of
1672.Va router_enable .
1673If set to
1674.Dq Li YES ,
1675run a routing daemon of some sort, based on the settings of
1676.Va ipv6_router_program
1677and
1678.Va ipv6_router_flags .
1679.It Va router_program
1680.Pq Vt str
1681If
1682.Va router_enable
1683is set to
1684.Dq Li YES ,
1685this is the name of the routing daemon to use
1686(default
1687.Pa /sbin/routed ) .
1688.It Va ipv6_router_program
1689.Pq Vt str
1690The IPv6 equivalent of
1691.Va router_program
1692(default
1693.Pa /sbin/route6d ) .
1694.It Va router_flags
1695.Pq Vt str
1696If
1697.Va router_enable
1698is set to
1699.Dq Li YES ,
1700these are the flags to pass to the routing daemon.
1701.It Va ipv6_router_flags
1702.Pq Vt str
1703The IPv6 equivalent of
1704.Va router_flags .
1705.It Va mrouted_enable
1706.Pq Vt bool
1707If set to
1708.Dq Li YES ,
1709run the multicast routing daemon,
1710.Xr mrouted 8 .
1711.It Va mroute6d_enable
1712.Pq Vt bool
1713The IPv6 equivalent of
1714.Va mrouted_enable .
1715If set to
1716.Dq Li YES ,
1717run the IPv6 multicast routing daemon.
1718Note that no IPv6 multicast routing daemon is included in the
1719.Dx
1720base system but
1721.Xr pim6dd 8
1722can be installed from the
1723.Xr pkgsrc 7
1724collection.
1725.It Va mrouted_flags
1726.Pq Vt str
1727If
1728.Va mrouted_enable
1729is set to
1730.Dq Li YES ,
1731these are the flags to pass to the
1732.Xr mrouted 8
1733daemon.
1734.It Va mroute6d_flags
1735.Pq Vt str
1736The IPv6 equivalent of
1737.Va mrouted_flags .
1738If
1739.Va mroute6d_enable
1740is set to
1741.Dq Li YES ,
1742these are the flags passed to the IPv6 multicast routing daemon.
1743.It Va mroute6d_program
1744.Pq Vt str
1745If
1746.Va mroute6d_enable
1747is set to
1748.Dq Li YES ,
1749this is the path to the IPv6 multicast routing daemon.
1750.It Va rtadvd_enable
1751.Pq Vt bool
1752If set to
1753.Dq Li YES ,
1754run the
1755.Xr rtadvd 8
1756daemon at boot time.
1757.Xr rtadvd 8
1758will only run if
1759.Va ipv6_gateway_enable
1760is also set to
1761.Dq Li YES .
1762The
1763.Xr rtadvd 8
1764utility sends router advertisement packets to the interfaces specified in
1765.Va rtadvd_interfaces .
1766.Xr rtadvd 8
1767and should only be enabled with great care.
1768You may want to fine-tune
1769.Xr rtadvd.conf 5 .
1770.It Va rtadvd_interfaces
1771.Pq Vt str
1772If
1773.Va rtadvd_enable
1774is set to
1775.Dq Li YES
1776this is the list of interfaces to use.
1777.It Va rtsold_enable
1778.Pq Vt bool
1779If set to
1780.Dq Li YES ,
1781run the
1782.Xr rtsold 8
1783daemon at boot time.
1784The
1785.Xr rtsold 8
1786daemon is used for automatic discovery of non-link local addresses.
1787.It Va rtsold_flags
1788.Pq Vt str
1789If
1790.Va rtsold_enable
1791is set to
1792.Dq Li YES ,
1793these are the flags to pass to the
1794.Xr rtsold 8
1795daemon.
1796.It Va ipxgateway_enable
1797.Pq Vt bool
1798If set to
1799.Dq Li YES ,
1800enable the routing of IPX traffic.
1801.It Va ipxrouted_enable
1802.Pq Vt bool
1803If set to
1804.Dq Li YES ,
1805run the
1806.Xr IPXrouted 8
1807daemon at system boot time.
1808.It Va ipxrouted_flags
1809.Pq Vt str
1810If
1811.Va ipxrouted_enable
1812is set to
1813.Dq Li YES ,
1814these are the flags to pass to the
1815.Xr IPXrouted 8
1816daemon.
1817.It Va arpproxy_all
1818.Pq Vt bool
1819If set to
1820.Dq Li YES ,
1821enable global proxy ARP.
1822.It Va forward_sourceroute
1823.Pq Vt bool
1824If set to
1825.Dq Li YES
1826and
1827.Va gateway_enable
1828is also set to
1829.Dq Li YES ,
1830source-routed packets are forwarded.
1831.It Va accept_sourceroute
1832.Pq Vt bool
1833If set to
1834.Dq Li YES ,
1835the system will accept source-routed packets directed at it.
1836.It Va rarpd_enable
1837.Pq Vt bool
1838If set to
1839.Dq Li YES ,
1840run the
1841.Xr rarpd 8
1842daemon at system boot time.
1843.It Va rarpd_flags
1844.Pq Vt str
1845If
1846.Va rarpd_enable
1847is set to
1848.Dq Li YES ,
1849these are the flags to pass to the
1850.Xr rarpd 8
1851daemon.
1852.It Va bootparamd_enable
1853.Pq Vt bool
1854If set to
1855.Dq Li YES ,
1856run the
1857.Xr bootparamd 8
1858daemon at system boot time.
1859.It Va bootparamd_flags
1860.Pq Vt str
1861If
1862.Va bootparamd_enable
1863is set to
1864.Dq Li YES ,
1865these are the flags to pass to the
1866.Xr bootparamd 8
1867daemon.
1868.It Va stf_interface_ipv4addr
1869.Pq Vt str
1870If not set to
1871.Dq Li NO ,
1872this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface).
1873Specify this entry to enable the 6to4 interface.
1874.It Va stf_interface_ipv4plen
1875.Pq Vt int
1876Prefix length for 6to4 IPv4 addresses, to limit peer address range.
1877An effective value is 0-31.
1878.It Va stf_interface_ipv6_ifid
1879.Pq Vt str
1880IPv6 interface ID for
1881.Xr stf 4 .
1882This can be set to
1883.Dq Li AUTO .
1884.It Va stf_interface_ipv6_slaid
1885.Pq Vt str
1886IPv6 Site Level Aggregator for
1887.Xr stf 4 .
1888.It Va ipv6_faith_prefix
1889.Pq Vt str
1890If not set to
1891.Dq Li NO ,
1892this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator.
1893You also need
1894.Xr faithd 8
1895setup.
1896.It Va ipv6_ipv4mapping
1897.Pq Vt bool
1898If set to
1899.Dq Li YES
1900this enables IPv4 mapped IPv6 address communication (like
1901.Li ::ffff:a.b.c.d ) .
1902.It Va atm_enable
1903.Pq Vt bool
1904Set to
1905.Dq Li YES
1906to enable the configuration of ATM interfaces at system boot time.
1907For all of the ATM variables described below, please refer to the
1908.Xr atm 8
1909man page for further details on the available command parameters.
1910Also refer to the files in
1911.Pa /usr/share/examples/atm
1912for more detailed configuration information.
1913.It Va atm_netif_ Ns Aq Ar intf
1914.Pq Vt str
1915For the ATM physical interface
1916.Ar intf ,
1917this variable defines the name prefix and count for the ATM network
1918interfaces to be created.
1919The value will be passed as the parameters of an
1920.Dq Nm atm Cm "set netif" Ar intf
1921command.
1922.It Va atm_sigmgr_ Ns Aq Ar intf
1923.Pq Vt str
1924For the ATM physical interface
1925.Ar intf ,
1926this variable defines the ATM signalling manager to be used.
1927The value will be passed as the parameters of an
1928.Dq Nm atm Cm attach Ar intf
1929command.
1930.It Va atm_prefix_ Ns Aq Ar intf
1931.Pq Vt str
1932For the ATM physical interface
1933.Ar intf ,
1934this variable defines the NSAP prefix for interfaces using a UNI signalling
1935manager.
1936If set to
1937.Dq Li ILMI ,
1938the prefix will automatically be set via the
1939.Xr ilmid 8
1940daemon.
1941Otherwise, the value will be passed as the parameters of an
1942.Dq Nm atm Cm "set prefix" Ar intf
1943command.
1944.It Va atm_macaddr_ Ns Aq Ar intf
1945.Pq Vt str
1946For the ATM physical interface
1947.Ar intf ,
1948this variable defines the MAC address for interfaces using a UNI signalling
1949manager.
1950If set to
1951.Dq Li NO ,
1952the hardware MAC address contained in the ATM interface card will be used.
1953Otherwise, the value will be passed as the parameters of an
1954.Dq Nm atm Cm "set mac" Ar intf
1955command.
1956.It Va atm_arpserver_ Ns Aq Ar netif
1957.Pq Vt str
1958For the ATM network interface
1959.Ar netif ,
1960this variable defines the ATM address for a host which is to provide ATMARP
1961service.
1962This variable is only applicable to interfaces using a UNI signalling manager.
1963If set to
1964.Dq Li local ,
1965this host will become an ATMARP server.
1966The value will be passed as the parameters of an
1967.Dq Nm atm Cm "set arpserver" Ar netif
1968command.
1969.It Va atm_scsparp_ Ns Aq Ar netif
1970.Pq Vt bool
1971If set to
1972.Dq Li YES ,
1973SCSP/ATMARP service for the network interface
1974.Ar netif
1975will be initiated using the
1976.Xr scspd 8
1977and
1978.Xr atmarpd 8
1979daemons.
1980This variable is only applicable if
1981.Va atm_arpserver_ Ns Aq Ar netif
1982is set to
1983.Dq Li local .
1984.It Va atm_arps
1985.Pq Vt str
1986Set to the list of permanent ATM ARP entries to be added at system boot time.
1987For each whitespace separated
1988.Ar element
1989in the value, an
1990.Va atm_arp_ Ns Aq Ar element
1991variable is assumed to exist.
1992The value of each of these variables will be passed as the parameters of an
1993.Dq Nm atm Cm "add arp"
1994command.
1995.It Va keybell
1996.Pq Vt str
1997The keyboard bell sound.
1998Set to
1999.Dq Li normal ,
2000.Dq Li visual ,
2001.Dq Li off ,
2002or
2003.Dq Li NO
2004if the default behavior is desired.
2005For details, refer to the
2006.Xr kbdcontrol 1
2007manpage.
2008.It Va keymap
2009.Pq Vt str
2010If set to
2011.Dq Li NO ,
2012no keymap is installed, otherwise the value is used to install
2013the keymap file in
2014.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
2015.It Va keyrate
2016.Pq Vt str
2017The keyboard repeat speed.
2018Set to
2019.Dq Li slow ,
2020.Dq Li normal ,
2021.Dq Li fast ,
2022or
2023.Dq Li NO
2024if the default behavior is desired.
2025.It Va keychange
2026.Pq Vt str
2027If not set to
2028.Dq Li NO ,
2029attempt to program the function keys with the value.
2030The value should be a single string of the form:
2031.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
2032.It Va cursor
2033.Pq Vt str
2034Can be set to the value of
2035.Dq Li normal ,
2036.Dq Li blink ,
2037.Dq Li destructive ,
2038or
2039.Dq Li NO
2040to set the cursor behavior explicitly or choose the default behavior.
2041.It Va scrnmap
2042.Pq Vt str
2043If set to
2044.Dq Li NO ,
2045no screen map is installed, otherwise the value is used to install
2046the screen map file in
2047.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
2048.It Va font8x16
2049.Pq Vt str
2050If set to
2051.Dq Li NO ,
2052the default 8x16 font value is used for screen size requests, otherwise
2053the value in
2054.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2055is used.
2056.It Va font8x14
2057.Pq Vt str
2058If set to
2059.Dq Li NO ,
2060the default 8x14 font value is used for screen size requests, otherwise
2061the value in
2062.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2063is used.
2064.It Va font8x8
2065.Pq Vt str
2066If set to
2067.Dq Li NO ,
2068the default 8x8 font value is used for screen size requests, otherwise
2069the value in
2070.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2071is used.
2072.It Va blanktime
2073.Pq Vt int
2074If set to
2075.Dq Li NO ,
2076the default screen blanking interval is used, otherwise it is set to
2077.Ar value
2078seconds.
2079.It Va saver
2080.Pq Vt str
2081If not set to
2082.Dq Li NO ,
2083this is the actual screen saver to use
2084.Li ( blank , snake , daemon ,
2085etc).
2086.It Va moused_enable
2087.Pq Vt str
2088If set to
2089.Dq Li YES ,
2090the
2091.Xr moused 8
2092daemon is started for doing cut/paste selection on the console.
2093.It Va moused_type
2094.Pq Vt str
2095This is the protocol type of the mouse connected to this host.
2096This variable must be set if
2097.Va moused_enable
2098is set to
2099.Dq Li YES .
2100The
2101.Xr moused 8
2102daemon
2103is able to detect the appropriate mouse type automatically in many cases.
2104Set this variable to
2105.Dq Li auto
2106to let the daemon detect it, or
2107select one from the following list if the automatic detection fails.
2108.Pp
2109If the mouse is attached to the PS/2 mouse port, choose
2110.Dq Li auto
2111or
2112.Dq Li ps/2 ,
2113regardless of the brand and model of the mouse.
2114Likewise, if the mouse is attached to the bus mouse port, choose
2115.Dq Li auto
2116or
2117.Dq Li busmouse .
2118All other protocols are for serial mice and will not work with
2119the PS/2 and bus mice.
2120If this is a USB mouse,
2121.Dq Li auto
2122is the only protocol type which will work.
2123.Pp
2124.Bl -tag -width ".Li x10mouseremote" -compact
2125.It Li microsoft
2126Microsoft mouse (serial)
2127.It Li intellimouse
2128Microsoft IntelliMouse (serial)
2129.It Li mousesystems
2130Mouse systems Corp. mouse (serial)
2131.It Li mmseries
2132MM Series mouse (serial)
2133.It Li logitech
2134Logitech mouse (serial)
2135.It Li busmouse
2136A bus mouse
2137.It Li mouseman
2138Logitech MouseMan and TrackMan (serial)
2139.It Li glidepoint
2140ALPS GlidePoint (serial)
2141.It Li thinkingmouse
2142Kensington ThinkingMouse (serial)
2143.It Li ps/2
2144PS/2 mouse
2145.It Li mmhittab
2146MM HitTablet (serial)
2147.It Li x10mouseremote
2148X10 MouseRemote (serial)
2149.It Li versapad
2150Interlink VersaPad (serial)
2151.El
2152.Pp
2153Even if the mouse is not in the above list, it may be compatible
2154with one in the list.
2155Refer to the man page for
2156.Xr moused 8
2157for compatibility information.
2158.Pp
2159It should also be noted that while this is enabled, any
2160other client of the mouse (such as an X server) should access
2161the mouse through the virtual mouse device,
2162.Pa /dev/sysmouse ,
2163and configure it as a
2164.Dq Li sysmouse
2165type mouse, since all
2166mouse data is converted to this single canonical format when using
2167.Xr moused 8 .
2168If the client program does not support the
2169.Dq Li sysmouse
2170type, specify the
2171.Dq Li mousesystems
2172type.
2173It is the second preferred type.
2174.It Va moused_port
2175.Pq Vt str
2176If
2177.Va moused_enable
2178is set to
2179.Dq Li YES ,
2180this is the actual port the mouse is on.
2181It might be
2182.Pa /dev/cuaa0
2183for a COM1 serial mouse,
2184.Pa /dev/psm0
2185for a PS/2 mouse or
2186.Pa /dev/mse0
2187for a bus mouse, for example.
2188.It Va moused_flags
2189.Pq Vt str
2190If
2191.Va moused_type
2192is set, these are the additional flags to pass to the
2193.Xr moused 8
2194daemon.
2195.It Va mousechar_start
2196.Pq Vt int
2197If set to
2198.Dq Li NO ,
2199the default mouse cursor character range
2200.Li 0xd0 Ns - Ns Li 0xd3
2201is used, otherwise the range start is set to
2202.Ar value
2203character, see
2204.Xr vidcontrol 1 .
2205Use if the default range is occupied in the language code table.
2206.It Va vidhistory
2207.Pq Vt int
2208Set the size of the history (scrollback) buffer in lines.
2209.It Va allscreens_flags
2210.Pq Vt str
2211If set,
2212.Xr vidcontrol 1
2213is run with these options for each of the virtual terminals
2214.Pq Pa /dev/ttyv* .
2215For example,
2216.Dq Fl m Cm on
2217will enable the mouse pointer on all virtual terminals if
2218.Va moused_enable
2219is set to
2220.Dq Li YES .
2221.It Va allscreens_kbdflags
2222.Pq Vt str
2223If set,
2224.Xr kbdcontrol 1
2225is run with these options for each of the virtual terminals
2226.Pq Pa /dev/ttyv* .
2227For example,
2228.Dq Fl h Li 200
2229will set the
2230.Xr syscons 4
2231scrollback (history) buffer to 200 lines.
2232.It Va cron_enable
2233.Pq Vt bool
2234If set to
2235.Dq Li YES ,
2236run the
2237.Xr cron 8
2238daemon at system boot time.
2239.It Va cron_program
2240.Pq Vt str
2241Path to
2242.Xr cron 8
2243(default
2244.Pa /usr/sbin/cron ) .
2245.It Va cron_flags
2246.Pq Vt str
2247If
2248.Va cron_enable
2249is set to
2250.Dq Li YES ,
2251these are the flags to pass to
2252.Xr cron 8 .
2253.It Va lpd_program
2254.Pq Vt str
2255Path to
2256.Xr lpd 8
2257(default
2258.Pa /usr/sbin/lpd ) .
2259.It Va lpd_enable
2260.Pq Vt bool
2261If set to
2262.Dq Li YES ,
2263run the
2264.Xr lpd 8
2265daemon at system boot time.
2266.It Va lpd_flags
2267.Pq Vt str
2268If
2269.Va lpd_enable
2270is set to
2271.Dq Li YES ,
2272these are the flags to pass to the
2273.Xr lpd 8
2274daemon.
2275.It Va nscd_enable
2276.Pq Vt bool
2277If set to
2278.Dq Li YES ,
2279run the
2280.Xr nscd 8
2281daemon at system boot time.
2282.It Va mixer_enable
2283.Pq Vt bool
2284If set to
2285.Dq Li YES ,
2286preserve
2287.Xr mixer 8
2288settings across reboots.
2289.It Va mta_start_script
2290.Pq Vt str
2291The full path to the script to run to start
2292a mail transfer agent.
2293The default is
2294.Pa /etc/rc.sendmail .
2295The
2296.Va sendmail_*
2297variables which
2298.Pa /etc/rc.sendmail
2299uses are documented in the
2300.Xr rc.sendmail 8
2301man page.
2302.It Va fixbootfile
2303.Pq Vt bool
2304In a
2305.Sq HAMMER ROOT with UFS /boot
2306setup, the boot loader will not set up the
2307.Va kern.bootfile
2308sysctl correctly.
2309The system will attempt to fix this on its own.
2310Set this variable to
2311.Dq Li NO
2312to turn this behavior off.
2313.It Va dumpdev
2314.Pq Vt str
2315Indicates the device (usually a swap partition) to which a crash dump
2316should be written in the event of a system crash.
2317The value of this variable is passed as the argument to
2318.Xr dumpon 8 .
2319To disable crash dumps, set this variable to
2320.Dq Li NO .
2321.It Va dumpdir
2322.Pq Vt str
2323When the system reboots after a crash and a crash dump is found on the
2324device specified by the
2325.Va dumpdev
2326variable,
2327.Xr savecore 8
2328will save that crash dump and a copy of the kernel to the directory
2329specified by the
2330.Va dumpdir
2331variable.
2332The default value is
2333.Pa /var/crash .
2334Set to
2335.Dq Li NO
2336to not run
2337.Xr savecore 8
2338at boot time when
2339.Va dumpdir
2340is set.
2341.It Va savecore_flags
2342.Pq Vt str
2343If crash dumps are enabled, these are the flags to pass to the
2344.Xr savecore 8
2345utility.
2346.It Va enable_quotas
2347.Pq Vt bool
2348Set to
2349.Dq Li YES
2350to turn on user disk quotas on system startup via the
2351.Xr quotaon 8
2352command.
2353.It Va check_quotas
2354.Pq Vt bool
2355Set to
2356.Dq Li YES
2357to enable user disk quota checking via the
2358.Xr quotacheck 8
2359command.
2360.It Va accounting_enable
2361.Pq Vt bool
2362Set to
2363.Dq Li YES
2364to enable system accounting through the
2365.Xr accton 8
2366facility.
2367.It Va linux_enable
2368.Pq Vt bool
2369Set to
2370.Dq Li YES
2371to enable Linux/ELF binary emulation at system initial boot time.
2372.It Va sysvipc_enable
2373.Pq Vt bool
2374If set to
2375.Dq Li YES ,
2376load System V IPC primitives at boot time.
2377.\" ----- cleanvar_enable setting--------------------------------
2378.It Va cleanvar_enable
2379.Pq Vt bool
2380Set to
2381.Dq Li YES
2382to have
2383.Pa /var/run ,
2384.Pa /var/spool/lock
2385and
2386.Pa /var/spool/uucp/.Temp/*
2387cleaned at startup.
2388.\" ----- clear_tmp_enable setting-------------------------------
2389.It Va clear_tmp_enable
2390.Pq Vt bool
2391Set to
2392.Dq Li YES
2393to have
2394.Pa /tmp
2395cleaned at startup.
2396.\" ----- ldconfig_paths setting --------------------------------
2397.It Va ldconfig_paths
2398.Pq Vt str
2399Set to the list of shared library paths to use with
2400.Xr ldconfig 8 .
2401NOTE:
2402.Pa /usr/lib
2403will always be added first, so it need not appear in this list.
2404.It Va ldconfig_insecure
2405.Pq Vt bool
2406The
2407.Xr ldconfig 8
2408utility normally refuses to use directories
2409which are writable by anyone except root.
2410Set this variable to
2411.Dq Li YES
2412to disable that security check during system startup.
2413.It Va kern_securelevel
2414.Pq Vt int
2415The kernel security level to set at startup.
2416The allowed range of
2417.Ar value
2418ranges from \-1 (the compile time default) to 3 (the most secure).
2419See
2420.Xr init 8
2421for the list of possible security levels and their effect on system operation.
2422.It Va start_vinum
2423.Pq Vt bool
2424Set to
2425.Dq Li YES
2426to start
2427.Xr vinum 8
2428at system boot time.
2429.It Va sshd_enable
2430.Pq Vt bool
2431Set to
2432.Dq Li YES
2433to start
2434.Xr sshd 8
2435at system boot time.
2436.It Va sshd_program
2437.Pq Vt str
2438Path to the SSH server program
2439(default
2440.Pa /usr/sbin/sshd ) .
2441.It Va sshd_flags
2442.Pq Vt str
2443If
2444.Va sshd_enable
2445is set to
2446.Dq Li YES ,
2447these are the flags to pass to the
2448.Xr sshd 8
2449daemon.
2450.It Va ftpd_enable
2451.Pq Vt bool
2452Set to
2453.Dq Li YES
2454to start
2455.Xr ftpd 8
2456at system boot time.
2457.It Va ftpd_flags
2458.Pq Vt str
2459If
2460.Va ftpd_enable
2461is set to
2462.Dq Li YES ,
2463these are the flags to pass to the
2464.Xr ftpd 8
2465daemon.
2466.It Va usbd_enable
2467.Pq Vt bool
2468If set to
2469.Dq Li YES ,
2470run the
2471.Xr usbd 8
2472daemon at boot time.
2473.It Va usbd_flags
2474.Pq Vt str
2475If
2476.Va usbd_enable
2477is set to
2478.Dq Li YES ,
2479these are the flags passed to
2480.Xr usbd 8
2481daemon.
2482.It Va watchdogd_enable
2483.Pq Vt bool
2484If set to
2485.Dq Li YES ,
2486start the
2487.Xr watchdogd 8
2488daemon at boot time.
2489This requires that the kernel have been compiled with
2490.Cd "options WATCHDOG" .
2491.It Va jail_enable
2492.Pq Vt bool
2493If set to
2494.Dq Li NO ,
2495any configured jails will not be started.
2496.It Va jail_list
2497.Pq Vt str
2498A space separated list of names for jails.
2499This is purely a configuration aid to help identify and
2500configure multiple jails.
2501The names specified in this list will be used to
2502identify settings common to an instance of a jail.
2503Assuming that the jail in question was named
2504.Li vjail ,
2505you would have the following dependent variables:
2506.Bd -literal
2507jail_vjail_hostname="jail.example.com"
2508jail_vjail_ip="192.168.1.100"
2509jail_vjail_rootdir="/var/jails/vjail/root"
2510.Ed
2511.Pp
2512.It Va jail_flags
2513.Pq Vt str
2514Unset by default.
2515When set, use as default value for
2516.Va jail_ Ns Ao Ar jname Ac Ns Va _flags
2517for every jail in
2518.Va jail_list .
2519.It Va jail_interface
2520.Pq Vt str
2521Unset by default.
2522When set, use as default value for
2523.Va jail_ Ns Ao Ar jname Ac Ns Va _interface
2524for every jail in
2525.Va jail_list .
2526.It Va jail_fstab
2527.Pq Vt str
2528Unset by default.
2529When set, use as default value for
2530.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2531for every jail in
2532.Va jail_list .
2533.It Va jail_mount_enable
2534.Pq Vt bool
2535Set to
2536.Dq Li NO
2537by default.
2538When set to
2539.Dq Li YES ,
2540sets
2541.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
2542to
2543.Dq Li YES
2544by default for every jail in
2545.Va jail_list .
2546.It Va jail_fdesc_enable
2547.Pq Vt bool
2548Set to
2549.Dq Li NO
2550by default.
2551When set to
2552.Dq Li YES ,
2553sets
2554.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable
2555to
2556.Dq Li YES
2557by default for every jail in
2558.Va jail_list .
2559.It Va jail_procfs_enable
2560.Pq Vt bool
2561Set to
2562.Dq Li NO
2563by default.
2564When set to
2565.Dq Li YES ,
2566sets
2567.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable
2568to
2569.Dq Li YES
2570by default for every jail in
2571.Va jail_list .
2572.It Va jail_exec_start
2573.Pq Vt str
2574Unset by default.
2575When set, use as default value for
2576.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
2577for every jail in
2578.Va jail_list .
2579.It Va jail_exec_stop
2580Unset by default.
2581When set, use as default value for
2582.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
2583for every jail in
2584.Va jail_list .
2585.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
2586.Pq Vt str
2587Unset by default.
2588Set to the root directory used by jail
2589.Va jname .
2590.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
2591.Pq Vt str
2592Unset by default.
2593Set to the fully qualified domain name (FQDN) assigned to jail
2594.Va jname .
2595.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip
2596.Pq Vt str
2597Unset by default.
2598Set to the IP address assigned to jail
2599.Va jname .
2600.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags
2601.Pq Vt str
2602Set to
2603.Dq Li -l -U root
2604by default.
2605These are flags to pass to
2606.Xr jail 8 .
2607.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface
2608.Pq Vt str
2609Unset by default.
2610When set, sets the interface to use when setting IP address alias.
2611Note that the alias is created at jail startup and removed at jail shutdown.
2612.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2613.Pq Vt str
2614Set to
2615.Pa /etc/fstab. Ns Aq Ar jname
2616by default.
2617This is the file system information file to use for jail
2618.Va jname .
2619.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
2620.Pq Vt bool
2621Set to
2622.Dq Li NO
2623by default.
2624When set to
2625.Dq Li YES ,
2626mount all file systems from
2627.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
2628at jail startup.
2629.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable
2630.Pq Vt bool
2631Set to
2632.Dq Li NO
2633by default.
2634When set to
2635.Dq Li YES ,
2636mount the file-descriptor file system inside jail
2637.Ar jname
2638at jail startup.
2639.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
2640.Pq Vt bool
2641Set to
2642.Dq Li NO
2643by default.
2644When set to
2645.Dq Li YES ,
2646mount the process file system inside jail
2647.Ar jname
2648at jail startup.
2649.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
2650.Pq Vt str
2651Set to
2652.Dq Li /bin/sh /etc/rc
2653by default.
2654This is the command executed at jail startup.
2655.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
2656.Pq Vt str
2657Set to
2658.Dq Li /bin/sh /etc/rc.shutdown
2659by default.
2660This is the command executed at jail shutdown.
2661.It Va jail_set_hostname_allow
2662.Pq Vt bool
2663If set to
2664.Dq Li NO ,
2665do not allow the root user in a jail to set its hostname.
2666.It Va jail_socket_unixiproute_only
2667.Pq Vt bool
2668If set to
2669.Dq Li YES ,
2670do not allow any sockets,
2671besides UNIX/IP/route sockets,
2672to be used within a jail.
2673.It Va jail_sysvipc_allow
2674.Pq Vt bool
2675If set to
2676.Dq Li YES ,
2677allow applications within a jail to use System V IPC.
2678.It Va newsyslog_enable
2679.Pq Vt bool
2680If set to
2681.Dq Li YES ,
2682run
2683.Xr newsyslog 8
2684before syslogd starts.
2685.It Va newsyslog_flags
2686.Pq Vt str
2687If
2688.Va newsyslog_enable
2689is set to
2690.Dq Li YES ,
2691these are the flags passed to
2692.Xr newsyslog 8 .
2693.It Va resident_enable
2694.Pq Vt bool
2695If set to
2696.Dq Li YES ,
2697make the dynamic binaries listed in
2698.Pa /etc/resident.conf
2699resident.
2700.It Va varsym_enable
2701.Pq Vt bool
2702If set to
2703.Dq Li YES ,
2704process
2705.Pa /etc/varsym.conf
2706to set system-wide variables for variant symlinks.
2707.It Va rand_irqs
2708.Pq Vt str
2709Set either to
2710.Dq Li NO
2711or a whitespace separated list of IRQ numbers which will be used as a source of
2712randomness.
2713.\" ----- isdn settings ---------------------------------
2714.It Va isdn_enable
2715.Pq Vt bool
2716Set to
2717.Dq Li NO
2718by default.
2719When set to
2720.Dq Li YES ,
2721starts the
2722.Xr isdnd 8
2723daemon at system boot time.
2724.It Va isdn_flags
2725.Pq Vt str
2726Set to
2727.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9
2728by default.
2729Additional flags to pass to
2730.Xr isdnd 8
2731(but see
2732.Va isdn_fsdev
2733and
2734.Va isdn_ttype
2735for certain tunable parameters).
2736.It Va isdn_ttype
2737.Pq Vt str
2738Set to
2739.Dq Li cons25
2740by default.
2741The terminal type of the output device when
2742.Xr isdnd 8
2743operates in full-screen mode.
2744.It Va isdn_screenflags
2745.Pq Vt str
2746Set to
2747.Dq Li NO
2748by default.
2749The video mode for full-screen mode (only for
2750.Xr syscons 4
2751console driver, see
2752.Xr vidcontrol 1
2753for valid modes).
2754.It Va isdn_fsdev
2755.Pq Vt str
2756Set to
2757.Dq Li NO
2758by default.
2759The output device for
2760.Xr isdnd 8
2761in full-screen mode (or
2762.Dq Li NO
2763for daemon mode).
2764.It Va isdn_trace
2765.Pq Vt bool
2766Set to
2767.Dq Li NO
2768by default.
2769When set to
2770.Dq Li YES ,
2771enables the ISDN protocol trace utility
2772.Xr isdntrace 8
2773at system boot time.
2774.It Va isdn_traceflags
2775.Pq Vt str
2776Set to
2777.Dq Fl f Pa /var/tmp/isdntrace0
2778by default.
2779Flags for
2780.Xr isdntrace 8 .
2781.\" -----------------------------------------------------
2782.It Va entropy_dir
2783.Pq Vt str
2784Set to
2785.Dq Li NO
2786to disable caching entropy via
2787.Xr cron 8 .
2788Otherwise set to the directory used to store entropy files in.
2789.It Va entropy_file
2790.Pq Vt str
2791Set to
2792.Dq Li NO
2793to disable caching entropy through reboots.
2794Otherwise set to the filename used to store cached entropy through reboots.
2795This file should be located on the root file system to seed the
2796.Xr random 4
2797device as early as possible in the boot process.
2798.It Va ipsec_enable
2799.Pq Vt bool
2800Set to
2801.Dq Li YES
2802to run
2803.Xr setkey 8
2804on
2805.Va ipsec_file
2806at boot time.
2807.It Va ipsec_file
2808.Pq Vt str
2809Configuration file for
2810.Xr setkey 8 .
2811.It Va dmesg_enable
2812.Pq Vt bool
2813Set to
2814.Dq Li YES
2815to save
2816.Xr dmesg 8
2817to
2818.Pa /var/run/dmesg.boot
2819on boot.
2820.It Va rcshutdown_timeout
2821.Pq Vt int
2822If set, start a watchdog timer in the background which will terminate
2823.Pa rc.shutdown
2824if
2825.Xr shutdown 8
2826has not completed within the specified time (in seconds).
2827.El
2828.Sh FILES
2829.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact
2830.It Pa /etc/defaults/rc.conf
2831.It Pa /etc/rc.conf
2832.It Pa /etc/rc.conf.local
2833.It Pa /etc/start_if. Ns Aq Ar interface
2834.El
2835.Sh SEE ALSO
2836.Xr catman 1 ,
2837.Xr gdb 1 ,
2838.Xr info 1 ,
2839.Xr kbdcontrol 1 ,
2840.Xr varsym 1 ,
2841.Xr vidcontrol 1 ,
2842.Xr ip 4 ,
2843.Xr ipf 4 ,
2844.Xr ipfw 4 ,
2845.Xr kld 4 ,
2846.Xr pf 4 ,
2847.Xr tcp 4 ,
2848.Xr udp 4 ,
2849.Xr exports 5 ,
2850.Xr motd 5 ,
2851.Xr resident.conf 5 ,
2852.Xr varsym.conf 5 ,
2853.Xr accton 8 ,
2854.Xr amd 8 ,
2855.Xr apm 8 ,
2856.Xr atm 8 ,
2857.Xr btconfig 8 ,
2858.Xr bthcid 8 ,
2859.Xr cron 8 ,
2860.Xr devd 8 ,
2861.Xr dhclient 8 ,
2862.Xr dntpd 8 ,
2863.Xr ftpd 8 ,
2864.Xr ifconfig 8 ,
2865.Xr inetd 8 ,
2866.Xr isdnd 8 ,
2867.Xr isdntrace 8 ,
2868.Xr jail 8 ,
2869.Xr lpd 8 ,
2870.Xr makewhatis 8 ,
2871.Xr mixer 8 ,
2872.Xr mountd 8 ,
2873.Xr moused 8 ,
2874.Xr mrouted 8 ,
2875.Xr named 8 ,
2876.Xr nfsd 8 ,
2877.Xr pcnfsd 8 ,
2878.Xr pfctl 8 ,
2879.Xr pflogd 8 ,
2880.Xr quotacheck 8 ,
2881.Xr quotaon 8 ,
2882.Xr rc 8 ,
2883.Xr rc.sendmail 8 ,
2884.Xr resident 8 ,
2885.Xr rndcontrol 8 ,
2886.Xr route 8 ,
2887.Xr routed 8 ,
2888.Xr rpcbind 8 ,
2889.Xr rpc.lockd 8 ,
2890.Xr rpc.statd 8 ,
2891.Xr rtadvd 8 ,
2892.Xr rtsold 8 ,
2893.Xr rwhod 8 ,
2894.Xr savecore 8 ,
2895.Xr sdpd 8 ,
2896.Xr sensorsd 8 ,
2897.Xr sshd 8 ,
2898.Xr swapon 8 ,
2899.Xr sysctl 8 ,
2900.Xr syslogd 8 ,
2901.Xr timed 8 ,
2902.Xr usbd 8 ,
2903.Xr vinum 8 ,
2904.Xr yp 8 ,
2905.Xr ypbind 8 ,
2906.Xr ypserv 8 ,
2907.Xr ypset 8
2908.Sh HISTORY
2909The
2910.Nm
2911file appeared in
2912.Fx 2.2.2 .
2913.Sh AUTHORS
2914.An Jordan K. Hubbard .
2915