1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd May 20, 2019 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_debug 107.Pq Vt bool 108If set to 109.Dq Li YES , 110enable output of debug messages from rc scripts. 111This variable can be helpful in diagnosing mistakes when 112editing or integrating new scripts. 113Beware that this produces copious output to the terminal and 114.Xr syslog 3 . 115.It Va rc_info 116.Pq Vt bool 117If set to 118.Dq Li NO , 119disable informational messages from the rc scripts. 120Informational messages are displayed when 121a condition that is not serious enough to warrant a warning or an error occurs. 122.It Va rc_startmsgs 123.Pq Vt bool 124If set to 125.Dq Li YES , 126show 127.Dq Starting foo: 128when faststart is used (e.g., at boot time). 129.It Va swapfile 130.Pq Vt str 131If set to 132.Dq Li NO , 133no swapfile is installed, otherwise the value is used as the full 134pathname to a file to use for additional swap space. 135The 136.Xr vn 4 137driver is needed for a swapfile and will be loaded if it is not 138already compiled into the kernel or loaded via 139.Xr loader.conf 5 . 140.It Ao Ar module Ac Ns Ar _load 141.Pq Vt bool 142If set to 143.Dq YES , 144that kernel module will be loaded. 145If no 146.Ao Ar module Ac Ns Ar _name 147is defined (see below), the 148module's name is taken to be 149.Aq Ar module . 150.It Ao Ar module Ac Ns Ar _name 151.Pq Vt str 152Defines the name of the module. 153.It Va devd_enable 154.Pq Vt bool 155Run 156.Xr devd 8 157to handle device added, removed or unknown events from the kernel. 158.It Va devd_flags 159.Pq Vt str 160If 161.Va devd_enable 162is set to 163.Dq Li YES , 164these are the flags to pass to the 165.Xr devd 8 166daemon. 167.It Va powerd_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Setting this to 173.Dq Li YES 174enables 175.Xr powerd 8 , 176a CPU speed control daemon. 177.It Va powerd_flags 178.Pq Vt str 179Empty by default. 180Additional flags passed to the 181.Xr powerd 8 182program. 183.It Va sensorsd_enable 184.Pq Vt bool 185Set to 186.Dq Li NO 187by default. 188Setting this to 189.Dq Li YES 190enables 191.Xr sensorsd 8 , 192a sensors monitoring and logging daemon. 193.It Va sensorsd_flags 194.Pq Vt str 195Empty by default. 196Additional flags passed to the 197.Xr sensorsd 8 198program. 199.It Va sysvipcd_enable 200.Pq Vt bool 201Set to 202.Dq Li NO 203by default. 204Setting this to 205.Dq Li YES 206enables 207.Xr sysvipcd 8 , 208a daemon needed for the userspace implementation of the XSI Interprocess 209Communication functions. 210.It Va sysvipcd_flags 211.Pq Vt str 212Empty by default. 213Additional flags passed to the 214.Xr sysvipcd 8 215program. 216.It Va hotplugd_enable 217.Pq Vt bool 218Set to 219.Dq Li NO 220by default. 221Setting this to 222.Dq Li YES 223enables 224.Xr hotplugd 8 , 225a devices hot plugging monitoring daemon. 226.It Va hotplugd_flags 227.Pq Vt str 228Empty by default. 229Additional flags passed to the 230.Xr hotplugd 8 231program. 232.It Va pccard_ifconfig 233.Pq Vt str 234List of arguments to be passed to 235.Xr ifconfig 8 236at boot time or on insertion of the card (e.g.\& 237.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 238for a fixed address or 239.Dq Li DHCP 240for a DHCP client). 241.It Va pccard_ether_delay 242.Pq Vt str 243Set the delay before starting the DHCP client (configured with 244.Va dhcp_client ) 245in the 246.Pa /etc/pccard_ether 247script. 248This defaults to 249.Dq Li 5 250seconds. 251.It Va removable_interfaces 252.Pq Vt str 253List of removable network interfaces to be supported by 254.Pa /etc/pccard_ether . 255.It Va local_startup 256.Pq Vt str 257List of directories to search for startup script files. 258.It Va script_name_sep 259.Pq Vt str 260The field separator to use for breaking down the list of startup script files 261into individual filenames. 262The default is a space. 263It is not necessary to change this unless there are startup scripts with names 264containing spaces. 265.It Va hostname 266.Pq Vt str 267The fully qualified domain name (FQDN) of this host on the network. 268This should almost certainly be set to something meaningful, even if 269there is no network connection. 270If DHCP is used to set the hostname, 271this variable should be set to an empty string. 272.It Va ipv6_enable 273.Pq Vt bool 274Enable support for IPv6 networking. 275Note that this requires that the kernel have been compiled with 276.Cd "options INET6" . 277.It Va nisdomainname 278.Pq Vt str 279The NIS domain name of this host, or 280.Dq Li NO 281if NIS is not used. 282.It Va dhcp_client 283.Pq Vt str 284Set the rc script that is called to start the DHCP client. 285This can be set to 286.Dq Li dhclient 287(default) or 288.Dq Li dhcpcd . 289.It Va dhclient_program 290.Pq Vt str 291Path to the 292.Xr dhclient 8 293program (default 294.Pa /sbin/dhclient ) . 295.It Va dhclient_flags 296.Pq Vt str 297Additional flags to pass to the 298.Xr dhclient 8 299program. 300.It Va dhcpcd_enable 301.Pq Vt bool 302Set to 303.Dq Li YES 304to run 305.Xr dhcpcd 8 306in master mode (i.e., configure all available Ethernet interfaces) at startup. 307.It Va dhcpcd_program 308.Pq Vt str 309Path to the 310.Xr dhcpcd 8 311program (default 312.Pa /sbin/dhcpcd ) . 313.It Va dhcpcd_flags 314.Pq Vt str 315Additional flags to pass to the 316.Xr dhcpcd 8 317program. 318The default value is 319.Fl b , 320i.e., tell 321.Xr dhcpcd 8 322to go to background immediately. 323.It Va pf_enable 324.Pq Vt bool 325Set to 326.Dq Li YES 327to load 328.Xr pf 4 329at startup. 330If the kernel was not built with 331.Cd "device pf" , 332the 333.Pa pf.ko 334kernel module will be loaded. 335See also 336.Va firewall_enable . 337.It Va pf_rules 338.Pq Vt str 339Path to the 340.Xr pf 4 341ruleset definition file. 342.It Va pf_program 343.Pq Vt str 344Path to 345.Xr pfctl 8 . 346.It Va pf_flags 347.Pq Vt str 348If 349.Va pf_enable 350is set to 351.Dq Li YES , 352these are the flags to pass to 353.Xr pfctl 8 354when loading the ruleset. 355.It Va pflog_enable 356.Pq Vt bool 357Set this to 358.Dq Li YES 359to enable 360.Xr pflogd 8 361which logs packets from 362.Xr pf 4 . 363.It Va pflog_logfile 364.Pq Vt str 365If 366.Va pflog_enable 367is set to 368.Dq Li YES 369this specifies the path of the log file. 370.It Va pflog_program 371.Pq Vt str 372Path to 373.Xr pflogd 8 . 374.It Va pflog_flags 375.Pq Vt str 376If 377.Va pflog_enable 378is set to 379.Dq Li YES , 380these are the flags to pass to 381.Xr pflogd 8 . 382.It Va firewall_enable 383.Pq Vt bool 384Set to 385.Dq Li YES 386to load firewall rules at startup. 387If the kernel was not built with 388.Cd "options IPFIREWALL" , 389the 390.Pa ipfw.ko 391kernel module will be loaded. 392See also 393.Va pf_enable . 394.It Va ipv6_firewall_enable 395.Pq Vt bool 396The IPv6 equivalent of 397.Va firewall_enable . 398Set to 399.Dq Li YES 400to load IPv6 firewall rules at startup. 401If the kernel was not built with 402.Cd "options IPV6FIREWALL" , 403the 404.Pa ip6fw.ko 405kernel module will be loaded. 406.It Va firewall_script 407.Pq Vt str 408The full path to the firewall script to run 409(default 410.Pa /etc/rc.firewall ) . 411.It Va ipv6_firewall_script 412.Pq Vt str 413The IPv6 equivalent of 414.Va firewall_script . 415.It Va firewall_type 416.Pq Vt str 417Names the firewall type from the selection in 418.Pa /etc/rc.firewall , 419or the file which contains the local firewall ruleset. 420Valid selections from 421.Pa /etc/rc.firewall 422are: 423.Pp 424.Bl -tag -width ".Li simple" -compact 425.It Li open 426unrestricted IP access 427.It Li closed 428all IP services disabled, except via 429.Dq Li lo0 430.It Li client 431basic protection for a workstation on a LAN 432.It Li simple 433alias for 434.Li client . 435.El 436.Pp 437If a filename is specified, the full path must be given. 438.It Va firewall_trusted_nets 439.Pq Vt str 440List of trusted networks (if 441.Va firewall_type 442is set to 443.Li client ) . 444.It Va firewall_trusted_interfaces 445.Pq Vt str 446List of trusted network interfaces (if 447.Va firewall_type 448is set to 449.Li client ) . 450.It Va firewall_allowed_icmp_types 451.Pq Vt str 452List of allowed ICMP types (if 453.Va firewall_type 454is set to 455.Li client ) . 456.It Va firewall_open_tcp_ports 457.Pq Vt str 458List of TCP ports to open (if 459.Va firewall_type 460is set to 461.Li client ) . 462.It Va firewall_open_udp_ports 463.Pq Vt str 464List of UDP ports to open (if 465.Va firewall_type 466is set to 467.Li client ) . 468.It Va ipv6_firewall_type 469.Pq Vt str 470The IPv6 equivalent of 471.Va firewall_type . 472.It Va firewall_quiet 473.Pq Vt bool 474Set to 475.Dq Li YES 476to disable the display of firewall rules on the console during boot. 477.It Va ipv6_firewall_quiet 478.Pq Vt bool 479The IPv6 equivalent of 480.Va firewall_quiet . 481.It Va firewall_logging 482.Pq Vt bool 483Set to 484.Dq Li YES 485to enable firewall event logging. 486This is equivalent to the 487.Dv IPFIREWALL_VERBOSE 488kernel option. 489.It Va ipv6_firewall_logging 490.Pq Vt bool 491The IPv6 equivalent of 492.Va firewall_logging . 493.It Va firewall_flags 494.Pq Vt str 495Flags passed to 496.Xr ipfw 8 497if 498.Va firewall_type 499specifies a filename. 500.It Va ipv6_firewall_flags 501.Pq Vt str 502The IPv6 equivalent of 503.Va firewall_flags . 504.It Va ipfw3_enable 505.Pq Vt bool 506Set to 507.Dq Li YES 508to enable 509.Xr ipfw3 8 . 510.It Va ipfw3_program 511.Pq Vt str 512Path to 513.Xr ipfw3 8 . 514.It Va ipfw3_script 515.Pq Vt str 516The full path to the shell script to run to set up the ipfw3 517firewall rules (default 518.Pa /etc/ipfw3.rules ) . 519.It Va ipfw3_modules 520.Pq Vt str 521List of ipfw3 modules to be loaded before executing the above 522.Va ipfw3_script . 523(default 524.Dq Li ipfw3 ipfw3_basic ) . 525.It Va natd_program 526.Pq Vt str 527Path to 528.Xr natd 8 . 529.It Va natd_enable 530.Pq Vt bool 531Set to 532.Dq Li YES 533to enable 534.Xr natd 8 . 535.Va firewall_enable 536must also be set to 537.Dq Li YES , 538and 539.Xr divert 4 540sockets must be enabled in the kernel. 541.It Va natd_interface 542.Pq Vt str 543This is the name of the public interface on which 544.Xr natd 8 545should run. 546The interface may be given as an interface name or as an IP address. 547.It Va natd_flags 548.Pq Vt str 549Additional 550.Xr natd 8 551flags should be placed here. 552The 553.Fl n 554or 555.Fl a 556flag is automatically added with the above 557.Va natd_interface 558as an argument. 559.It Va tcp_extensions 560.Pq Vt bool 561Set to 562.Dq Li YES 563by default. 564Setting this to 565.Dq Li NO 566disables certain TCP options as described by 567.Rs 568.%T "RFC 1323" 569.Re 570Setting this to 571.Dq Li NO 572might help remedy such problems with connections as randomly hanging 573or other weird behavior. 574Some network devices are known to be broken with respect to these options. 575.It Va log_in_vain 576.Pq Vt int 577Set to 0 by default. 578The 579.Xr sysctl 8 580variables, 581.Va net.inet.tcp.log_in_vain 582and 583.Va net.inet.udp.log_in_vain , 584as described in 585.Xr tcp 4 586and 587.Xr udp 4 , 588are set to the given value. 589.It Va tcp_keepalive 590.Pq Vt bool 591Set to 592.Dq Li YES 593by default. 594Setting to 595.Dq Li NO 596will disable probing idle TCP connections to verify that the 597peer is still up and reachable. 598.It Va tcp_drop_synfin 599.Pq Vt bool 600Set to 601.Dq Li NO 602by default. 603Setting to 604.Dq Li YES 605will cause the kernel to ignore TCP frames that have both 606the SYN and FIN flags set. 607This prevents OS fingerprinting, but may break some legitimate applications. 608This option is only available if the kernel was built with the 609.Dv TCP_DROP_SYNFIN 610option. 611.It Va icmp_drop_redirect 612.Pq Vt bool 613Set to 614.Dq Li NO 615by default. 616Setting to 617.Dq Li YES 618will cause the kernel to ignore ICMP REDIRECT packets. 619Refer to 620.Xr icmp 4 621for more information. 622.It Va icmp_log_redirect 623.Pq Vt bool 624Set to 625.Dq Li NO 626by default. 627Setting to 628.Dq Li YES 629will cause the kernel to log ICMP REDIRECT packets. 630Note that 631the log messages are not rate-limited, so this option should only be used 632for troubleshooting networks. 633Refer to 634.Xr icmp 4 635for more information. 636.It Va icmp_bmcastecho 637.Pq Vt bool 638Set to 639.Dq Li YES 640to respond to broadcast or multicast ICMP ping packets. 641Refer to 642.Xr icmp 4 643for more information. 644.It Va ip_portrange_first 645.Pq Vt int 646If not set to 647.Dq Li NO , 648this is the first port in the default portrange. 649Refer to 650.Xr ip 4 651for more information. 652.It Va ip_portrange_last 653.Pq Vt int 654If not set to 655.Dq Li NO , 656this is the last port in the default portrange. 657Refer to 658.Xr ip 4 659for more information. 660.\" 661.It Va ifconfig_ Ns Aq Ar interface 662.Pq Vt str 663Configuration for 664.Dq interface . 665Typically includes IP address. 666Assuming that the interface in question was 667.Li ed0 , 668it might look something like this: 669.Bd -literal 670ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 671.Ed 672.Pp 673If the 674.Pa /etc/start_if. Ns Aq Ar interface 675file is present, it is read and executed by the 676.Xr sh 1 677interpreter before configuring the interface as specified in the 678.Va ifconfig_ Ns Aq Ar interface 679and 680.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 681variables. 682.Pp 683It is possible to bring up an interface with DHCP by adding 684.Dq Li DHCP 685to the 686.Va ifconfig_ Ns Aq Ar interface 687variable. 688For instance, to initialize the 689.Li ed0 690device via DHCP, it is possible to use something like: 691.Bd -literal 692ifconfig_ed0="DHCP" 693.Ed 694.Pp 695If a 696.Va vlans_ Ns Aq Ar interface 697variable is set, 698a 699.Xr vlan 4 700interface will be created for each item in the list with the 701.Ar vlandev 702argument set to 703.Ar interface . 704If a vlan interface's name is a number, 705then that number is used as the vlan tag and the new vlan interface is 706named 707.Ar interface . Ns Ar tag . 708Otherwise, 709the vlan tag must be specified via a 710.Va vlan 711parameter in the 712.Va create_args_ Ns Aq Ar interface 713variable. 714.Pp 715To create a vlan device named 716.Li em0.101 717on 718.Li em0 719with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 720.Bd -literal 721vlans_em0="101" 722ifconfig_em0_101="inet 192.0.2.1/24" 723.Ed 724.Pp 725To create a vlan device named 726.Li myvlan 727on 728.Li em0 729with the vlan tag 102: 730.Bd -literal 731vlans_em0="myvlan" 732create_args_myvlan="vlan 102" 733.Ed 734.Pp 735If a 736.Va wlans_ Ns Aq Ar interface 737variable is set, 738an 739.Xr wlan 4 740interface will be created for each item in the list with the 741.Ar wlandev 742argument set to 743.Ar interface . 744Further wlan cloning arguments may be passed to the 745.Xr ifconfig 8 746.Cm create 747command by setting the 748.Va create_args_ Ns Aq Ar interface 749variable. 750One or more 751.Xr wlan 4 752devices must be created for each wireless devices as of 753.Dx 2.5 . 754Debugging flags for 755.Xr wlan 4 756devices as set by 757.Xr wlandebug 8 758may be specified with an 759.Va wlandebug_ Ns Aq Ar interface 760variable. 761The contents of this variable will be passed directly to 762.Xr wlandebug 8 . 763.Pp 764Also, if your interface needs WPA authentication, it is possible to add 765.Dq Li WPA 766to the 767.Va ifconfig_ Ns Aq Ar interface 768variable. 769This will start 770.Xr wpa_supplicant 8 . 771See 772.Xr wpa_supplicant.conf 5 773for configuring authentication information. 774.Pp 775Finally, you can add 776.Xr ifconfig 8 777options in this variable, in addition to the 778.Pa /etc/start_if. Ns Aq Ar interface 779file. 780For instance, to initialize the 781.Li wi0 782device via DHCP, using WPA authentication and 802.11b mode, it is 783possible to use something like: 784.Bd -literal 785wlans_wi0="wlan0" 786ifconfig_wlan0="up DHCP WPA mode 11b" 787.Ed 788.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 789.Pq Vt str 790Configuration to establish an additional network address for 791.Dq interface . 792Assuming that the interface in question was 793.Li ed0 , 794it might look something like this: 795.Bd -literal 796ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 797ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 798.Ed 799.Pp 800And so on. 801For each 802.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 803entry that is found, its contents are passed to 804.Xr ifconfig 8 . 805Execution stops at the first unsuccessful access, so if 806something like this is present: 807.Bd -literal 808ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 809ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 810ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 811ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 812.Ed 813.Pp 814Then note that alias4 would 815.Em not 816be added since the search would stop with the missing alias3 entry. 817.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 818.Pq Vt str 819New name for 820.Dq interface . 821It is possible to rename interface by doing: 822.Bd -literal 823ifconfig_ed0_name="net0" 824ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 825.Ed 826.It Va netif_enable 827.Pq Vt bool 828Set to 829.Dq Li YES 830by default. 831Setting to 832.Dq Li NO 833will disable the configuration of network interfaces. 834.It Va network_interfaces 835.Pq Vt str 836The list of network interfaces to configure on this host, 837or 838.Dq Li auto 839to configure all network interfaces 840(default 841.Dq Li auto ) . 842For example, if the only network devices to be configured are the loopback device 843.Pq Li lo0 844and a NIC using the 845.Xr em 4 846driver, this could be set to 847.Dq Li "lo0 em0" . 848An 849.Va ifconfig_ Ns Aq Ar interface 850variable is assumed to exist for each value of 851.Ar interface . 852.It Va ipv6_network_interfaces 853.Pq Vt str 854This is the IPv6 equivalent of 855.Va network_interfaces . 856Instead of setting the ifconfig variables as 857.Va ifconfig_ Ns Aq Ar interface 858they should be set as 859.Va ipv6_ifconfig_ Ns Aq Ar interface . 860Aliases should be set as 861.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 862Interfaces that do not have a 863.Va ipv6_ifconfig_ Ns Aq Ar interface 864setting will be auto configured by 865.Xr rtsol 8 866if the 867.Va ipv6_gateway_enable 868is set to 869.Dq Li NO . 870Note that the IPv6 networking code does not support the 871.Pa /etc/start_if. Ns Aq Ar interface 872files. 873.It Va ipv6_prefix_ Ns Aq Ar interface 874.Pq Vt str 875Assign prefix to 876.Ar interface , 877prefixlen 64 is used. 878.It Va ipv6_default_interface 879.Pq Vt str 880If not set to 881.Dq Li NO , 882this is the default output interface for scoped addresses. 883Now this works only for IPv6 link local multicast addresses. 884.It Va ip6addrctl_enable 885.Pq Vt bool 886This variable is to enable configuring the default address selection policy table 887.Pq RFC 3484 . 888The default value is 889.Dq Li YES , 890and the policy table to be installed is specified by the 891.Va ip6addrctl_policy 892variable below. 893.It Va ip6addrctl_policy 894.Pq Vt str 895This variable specifies the policy table to be installed, 896and can be one of the following keywords: 897.Dq Li ipv4_prefer , 898.Dq Li ipv6_prefer , 899or 900.Dq Li AUTO 901(default). 902.Pp 903If 904.Dq Li ipv4_prefer 905or 906.Dq Li ipv6_prefer 907is specified, 908.Xr ip6addrctl 8 909installs a pre-defined policy table described in Section 2.1 910.Pq IPv6-preferred 911or 10.3 912.Pq IPv4-preferred 913of RFC 3484. 914.Pp 915If 916.Dq Li AUTO 917is specified, it attempts to read a file 918.Pa /etc/ip6addrctl.conf 919first. 920If this file is found, 921.Xr ip6addrctl 8 922reads and installs it. 923If not found, a policy is automatically set 924according to 925.Va ipv6_enable 926variable; if the variable is set to 927.Dq Li YES 928the IPv6-preferred one is used. 929Otherwise IPv4-preferred. 930.It Va ip6addrctl_verbose 931.Pq Vt bool 932If set to 933.Dq Li YES , 934print the installed policy table after configuring. 935The default value is 936.Dq Li NO . 937.It Va cloned_interfaces 938.Pq Vt str 939Set to the list of clonable network interfaces to create on this host. 940Entries in 941.Va cloned_interfaces 942are automatically appended to 943.Va network_interfaces 944for configuration. 945.It Va gif_interfaces 946.Pq Vt str 947Set to the list of 948.Xr gif 4 949tunnel interfaces to configure on this host. 950A 951.Va gifconfig_ Ns Aq Ar interface 952variable is assumed to exist for each value of 953.Ar interface . 954The value of this variable is used to configure the link layer of the 955tunnel according to the syntax of the 956.Cm tunnel 957option to 958.Xr ifconfig 8 . 959Additionally, this option ensures that each listed interface is created via the 960.Cm create 961option to 962.Xr ifconfig 8 963before attempting to configure it. 964.It Va sppp_interfaces 965.Pq Vt str 966Set to the list of 967.Xr sppp 4 968interfaces to configure on this host. 969A 970.Va spppconfig_ Ns Aq Ar interface 971variable is assumed to exist for each value of 972.Ar interface . 973Each interface should also be configured by a general 974.Va ifconfig_ Ns Aq Ar interface 975setting. 976Refer to 977.Xr spppcontrol 8 978for more information about available options. 979.It Va ppp_enable 980.Pq Vt bool 981If set to 982.Dq Li YES , 983run the 984.Xr ppp 8 985daemon. 986.It Va ppp_mode 987.Pq Vt str 988Mode in which to run the 989.Xr ppp 8 990daemon. 991Accepted modes are 992.Dq Li auto , 993.Dq Li ddial , 994.Dq Li direct 995and 996.Dq Li dedicated . 997See the manual for a full description. 998.It Va ppp_nat 999.Pq Vt bool 1000If set to 1001.Dq Li YES , 1002enables network address translation. 1003Used in conjunction with 1004.Va gateway_enable 1005allows hosts on private network addresses access to the Internet using 1006this host as a network address translating router. 1007.It Va ppp_profile 1008.Pq Vt str 1009The name of the profile to use from 1010.Pa /etc/ppp/ppp.conf . 1011Also used for per-profile overrides of 1012.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1013Where the profile contains any of the characters 1014.Dq Li .-/+ 1015they are translated to 1016.Dq Li _ 1017for the purposes of the override variable names. 1018.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1019.Pq Vt int 1020Set the unit number to be used for this profile. 1021See the manual description of 1022.Fl unit Ns Ar N 1023in 1024.Xr ppp 8 1025for details. 1026.It Va ppp_user 1027.Pq Vt str 1028The name of the user under which 1029.Xr ppp 8 1030should be started. 1031By default, 1032.Xr ppp 8 1033is started as 1034.Dq Li root . 1035.It Va rc_conf_files 1036.Pq Vt str 1037This option is used to specify a list of files that will override 1038the settings in 1039.Pa /etc/defaults/rc.conf . 1040The files will be read in the order in which they are specified and should 1041include the full path to the file. 1042By default, the files specified are 1043.Pa /etc/rc.conf 1044and 1045.Pa /etc/rc.conf.local 1046.It Va fsck_y_enable 1047.Pq Vt bool 1048If set to 1049.Dq Li YES , 1050.Xr fsck 8 1051will be run with the 1052.Fl y 1053flag if the initial preen of the file systems fails. 1054.It Va netfs_types 1055.Pq Vt str 1056List of file system types that are network-based. 1057This list should generally not be modified by end users. 1058Use 1059.Va extra_netfs_types 1060instead. 1061.It Va extra_netfs_types 1062.Pq Vt str 1063If set to something other than 1064.Dq Li NO 1065(the default), this variable extends the list of file system types 1066for which automatic mounting at startup by 1067.Xr rc 8 1068should be delayed until the network is initialized. 1069It should contain 1070a whitespace-separated list of network file system descriptor pairs, 1071each consisting of a file system type as passed to 1072.Xr mount 8 1073and a human-readable, one-word description, joined with a colon 1074.Pq Ql \&: . 1075Extending the default list in this way is only necessary 1076when third party file system types are used. 1077.It Va devfs_config_files 1078.Pq Vt str 1079This option is used to specify a list of configuration files containing 1080.Xr devfs 5 1081rules that will be applied by 1082.Xr devfsctl 8 1083in the order in which they are specified and must include the full path 1084to the file. 1085.It Va syslogd_enable 1086.Pq Vt bool 1087If set to 1088.Dq Li YES , 1089run the 1090.Xr syslogd 8 1091daemon. 1092.It Va syslogd_program 1093.Pq Vt str 1094Path to 1095.Xr syslogd 8 1096(default 1097.Pa /usr/sbin/syslogd ) . 1098.It Va syslogd_flags 1099.Pq Vt str 1100If 1101.Va syslogd_enable 1102is set to 1103.Dq Li YES , 1104these are the flags to pass to 1105.Xr syslogd 8 . 1106.It Va inetd_enable 1107.Pq Vt bool 1108If set to 1109.Dq Li YES , 1110run the 1111.Xr inetd 8 1112daemon. 1113.It Va inetd_program 1114.Pq Vt str 1115Path to 1116.Xr inetd 8 1117(default 1118.Pa /usr/sbin/inetd ) . 1119.It Va inetd_flags 1120.Pq Vt str 1121If 1122.Va inetd_enable 1123is set to 1124.Dq Li YES , 1125these are the flags to pass to 1126.Xr inetd 8 . 1127.It Va rwhod_enable 1128.Pq Vt bool 1129If set to 1130.Dq Li YES , 1131run the 1132.Xr rwhod 8 1133daemon at boot time. 1134.It Va rwhod_flags 1135.Pq Vt str 1136If 1137.Va rwhod_enable 1138is set to 1139.Dq Li YES , 1140these are the flags to pass to it. 1141.It Va update_motd 1142.Pq Vt bool 1143If set to 1144.Dq Li YES , 1145.Pa /etc/motd 1146will be updated at boot time to reflect the kernel release being run. 1147If set to 1148.Dq Li NO , 1149.Pa /etc/motd 1150will not be updated. 1151.It Va nfs_client_enable 1152.Pq Vt bool 1153If set to 1154.Dq Li YES , 1155setup NFS client parameters at boot time. 1156.It Va nfs_access_cache 1157.Pq Vt int 1158If 1159.Va nfs_client_enable 1160is set to 1161.Dq Li YES , 1162this can be set to 1163.Dq Li 0 1164to disable NFS ACCESS RPC caching, or to the number of seconds for which 1165NFS ACCESS results should be cached. 1166A value of 2-10 seconds will substantially reduce network traffic for 1167many NFS operations. 1168The default is 5 seconds. 1169Note that the attribute cache holds stat information only. 1170The NFS data cache is independent of the attribute cache and is only 1171invalidated when the client detects that the server has modified the 1172underlying file. 1173This value specifies a maximum timeout. 1174The NFS client will automatically use a shorter timeout for files which 1175have been recently modified. 1176.It Va nfs_neg_cache 1177.Pq Vt int 1178If 1179.Va nfs_client_enable 1180is set to 1181.Dq Li YES , 1182this can be set to 1183.Dq Li 0 1184to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1185filenames), or to the number of seconds for which negative lookups should 1186be cached. 1187A value of 2-10 seconds will substantially reduce network 1188traffic for many NFS operations, especially source code builds. 1189The default is 3 seconds. 1190.It Va nfs_server_enable 1191.Pq Vt bool 1192If set to 1193.Dq Li YES , 1194run the NFS server daemons at boot time. 1195.It Va nfs_server_flags 1196.Pq Vt str 1197If 1198.Va nfs_server_enable 1199is set to 1200.Dq Li YES , 1201these are the flags to pass to the 1202.Xr nfsd 8 1203daemon. 1204.It Va mountd_enable 1205.Pq Vt bool 1206If set to 1207.Dq Li YES , 1208and no 1209.Va nfs_server_enable 1210is set, start 1211.Xr mountd 8 , 1212but not 1213.Xr nfsd 8 1214daemon. 1215It is commonly needed to run CFS without real NFS used. 1216.It Va mountd_flags 1217.Pq Vt str 1218If 1219.Va mountd_enable 1220is set to 1221.Dq Li YES , 1222these are the flags to pass to the 1223.Xr mountd 8 1224daemon. 1225.It Va weak_mountd_authentication 1226.Pq Vt bool 1227If set to 1228.Dq Li YES , 1229allow services like PCNFSD to make non-privileged mount requests. 1230.It Va nfs_reserved_port_only 1231.Pq Vt bool 1232If set to 1233.Dq Li YES , 1234provide NFS services only on a secure port. 1235.It Va nfs_bufpackets 1236.Pq Vt int 1237If set to a number, indicates the number of packets worth of 1238socket buffer space to reserve on an NFS client. 1239The kernel default is typically 4. 1240Using a higher number may be useful on gigabit networks to improve performance. 1241The minimum value is 2 and the maximum is 64. 1242.It Va rpc_umntall_enable 1243.Pq Vt bool 1244If set to 1245.Dq Li YES 1246(default) and we are also an NFS client, run 1247.Xr rpc.umntall 8 1248at boot time to clear out old mounts on remote servers. 1249If set to 1250.Dq Li NO 1251then 1252.Xr rpc.umntall 8 1253will not be run at boot time. 1254.It Va rpc_lockd_enable 1255.Pq Vt bool 1256If set to 1257.Dq Li YES 1258and also an NFS server, run 1259.Xr rpc.lockd 8 1260at boot time. 1261.It Va rpc_lockd_flags 1262.Pq Vt str 1263If 1264.Va rpc_lockd_enable 1265is set to 1266.Dq Li YES , 1267these are the flags to pass to 1268.Xr rpc.lockd 8 . 1269.It Va rpc_statd_enable 1270.Pq Vt bool 1271If set to 1272.Dq Li YES 1273and also an NFS server, run 1274.Xr rpc.statd 8 1275at boot time. 1276.It Va rpc_statd_flags 1277.Pq Vt str 1278If 1279.Va rpc_statd_enable 1280is set to 1281.Dq Li YES , 1282these are the flags to pass to 1283.Xr rpc.statd 8 . 1284.It Va rpcbind_program 1285.Pq Vt str 1286Path to program for rpcbind daemon 1287(default 1288.Pa /usr/sbin/rpcbind ) . 1289.It Va rpcbind_enable 1290.Pq Vt bool 1291If set to 1292.Dq Li YES , 1293run 1294.Va rpcbind_program 1295at boot time. 1296.It Va rpcbind_flags 1297.Pq Vt str 1298If 1299.Va rpcbind_enable 1300is set to 1301.Dq Li YES , 1302these are the flags to pass to 1303.Va rpcbind_program . 1304.It Va keyserv_enable 1305.Pq Vt bool 1306If set to 1307.Dq Li YES , 1308run the 1309.Xr keyserv 8 1310daemon on boot for running Secure RPC. 1311.It Va keyserv_flags 1312.Pq Vt str 1313If 1314.Va keyserv_enable 1315is set to 1316.Dq Li YES , 1317these are the flags to pass to 1318.Xr keyserv 8 1319daemon. 1320.It Va pppoed_enable 1321.Pq Vt bool 1322If set to 1323.Dq Li YES , 1324run the 1325.Xr pppoed 8 1326daemon at boot time to provide PPP over Ethernet services. 1327.It Va pppoed_provider 1328.Pq Vt str 1329.Xr pppoed 8 1330listens to requests to this provider and ultimately runs 1331.Xr ppp 8 1332with a 1333.Ar system 1334argument of the same name. 1335.It Va pppoed_flags 1336.Pq Vt str 1337Additional flags to pass to 1338.Xr pppoed 8 . 1339.It Va pppoed_interface 1340.Pq Vt str 1341The network interface to run 1342.Xr pppoed 8 1343on. 1344This is mandatory when 1345.Va pppoed_enable 1346is set to 1347.Dq Li YES . 1348.It Va timed_enable 1349.Pq Vt bool 1350If set to 1351.Dq Li YES , 1352run the 1353.Xr timed 8 1354service at boot time. 1355This command is intended for networks of machines where a consistent 1356.Dq "network time" 1357for all hosts must be established. 1358This is often useful in large NFS environments where time stamps on 1359files are expected to be consistent network-wide. 1360.It Va timed_flags 1361.Pq Vt str 1362If 1363.Va timed_enable 1364is set to 1365.Dq Li YES , 1366these are the flags to pass to the 1367.Xr timed 8 1368service. 1369.It Va dntpd_enable 1370.Pq Vt bool 1371If set to 1372.Dq Li YES , 1373run 1374.Xr dntpd 8 1375at system boot time. 1376.It Va dntpd_program 1377.Pq Vt str 1378Path to 1379.Xr dntpd 8 1380(default 1381.Pa /usr/sbin/dntpd ) . 1382.It Va dntpd_flags 1383.Pq Vt str 1384If 1385.Va dntpd_enable 1386is set to 1387.Dq Li YES , 1388these are the flags to pass to the 1389.Xr dntpd 8 1390daemon. 1391.It Va btconfig_enable 1392.Pq Vt bool 1393If set to 1394.Dq Li YES , 1395configure Bluetooth devices via 1396.Xr btconfig 8 1397at system boot time. 1398.It Va btconfig_devices 1399.Pq Vt str 1400If 1401.Va btconfig_enable 1402is set to 1403.Dq Li YES , 1404this is the list of Bluetooth devices to configure. 1405If 1406.Va btconfig_devices 1407is not specified, all devices known to the system will be configured. 1408A 1409.Va btconfig_ Ns Aq Ar device 1410variable can be set to specify parameters to be passed to 1411.Ar device . 1412.It Va btconfig_args 1413.Pq Vt str 1414If 1415.Va btconfig_enable 1416is set to 1417.Dq Li YES , 1418this is the list of configuration parameters to pass to all Bluetooth 1419devices. 1420.It Va sdpd_enable 1421.Pq Vt bool 1422If set to 1423.Dq Li YES , 1424run the Service Discovery Profile daemon 1425.Xr ( sdpd 8 ) 1426at system boot time. 1427.It Va sdpd_flags 1428.Pq Vt str 1429If 1430.Va sdpd_enable 1431is set to 1432.Dq Li YES , 1433these are the flags to pass to the 1434.Xr sdpd 8 1435daemon. 1436.It Va bthcid_enable 1437.Pq Vt bool 1438If set to 1439.Dq Li YES , 1440run the Bluetooth Link Key/PIN Code Manager daemon 1441.Xr ( bthcid 8 ) 1442at system boot time. 1443.It Va bthcid_flags 1444.Pq Vt str 1445If 1446.Va bthcid_enable 1447is set to 1448.Dq Li YES , 1449these are the flags to pass to the 1450.Xr bthcid 8 1451daemon. 1452.It Va nis_client_enable 1453.Pq Vt bool 1454If set to 1455.Dq Li YES , 1456run the 1457.Xr ypbind 8 1458service at system boot time. 1459.It Va nis_client_flags 1460.Pq Vt str 1461If 1462.Va nis_client_enable 1463is set to 1464.Dq Li YES , 1465these are the flags to pass to the 1466.Xr ypbind 8 1467service. 1468.It Va nis_ypset_enable 1469.Pq Vt bool 1470If set to 1471.Dq Li YES , 1472run the 1473.Xr ypset 8 1474daemon at system boot time. 1475.It Va nis_ypset_flags 1476.Pq Vt str 1477If 1478.Va nis_ypset_enable 1479is set to 1480.Dq Li YES , 1481these are the flags to pass to the 1482.Xr ypset 8 1483daemon. 1484.It Va nis_server_enable 1485.Pq Vt bool 1486If set to 1487.Dq Li YES , 1488run the 1489.Xr ypserv 8 1490daemon at system boot time. 1491.It Va nis_server_flags 1492.Pq Vt str 1493If 1494.Va nis_server_enable 1495is set to 1496.Dq Li YES , 1497these are the flags to pass to the 1498.Xr ypserv 8 1499daemon. 1500.It Va nis_ypxfrd_enable 1501.Pq Vt bool 1502If set to 1503.Dq Li YES , 1504run the 1505.Xr rpc.ypxfrd 8 1506daemon at system boot time. 1507.It Va nis_ypxfrd_flags 1508.Pq Vt str 1509If 1510.Va nis_ypxfrd_enable 1511is set to 1512.Dq Li YES , 1513these are the flags to pass to the 1514.Xr rpc.ypxfrd 8 1515daemon. 1516.It Va nis_yppasswdd_enable 1517.Pq Vt bool 1518If set to 1519.Dq Li YES , 1520run the 1521.Xr rpc.yppasswdd 8 1522daemon at system boot time. 1523.It Va nis_yppasswdd_flags 1524.Pq Vt str 1525If 1526.Va nis_yppasswdd_enable 1527is set to 1528.Dq Li YES , 1529these are the flags to pass to the 1530.Xr rpc.yppasswdd 8 1531daemon. 1532.It Va rpc_ypupdated_enable 1533.Pq Vt bool 1534If set to 1535.Dq Li YES , 1536run the 1537.Nm rpc.ypupdated 1538daemon at system boot time. 1539.It Va defaultrouter 1540.Pq Vt str 1541If not set to 1542.Dq Li NO , 1543create a default route to this host name or IP address 1544(use an IP address if this router is also required to get to the 1545name server!). 1546.It Va ipv6_defaultrouter 1547.Pq Vt str 1548The IPv6 equivalent of 1549.Va defaultrouter . 1550.It Va static_routes 1551.Pq Vt str 1552Set to the list of static routes that are to be added at system boot time. 1553If not set to 1554.Dq Li NO 1555then for each whitespace separated 1556.Ar element 1557in the value, a 1558.Va route_ Ns Aq Ar element 1559variable is assumed to exist whose contents will later be passed to a 1560.Dq Nm route Cm add 1561operation. 1562.It Va change_routes 1563.Pq Vt str 1564Set to the list of static routes that are to be changed at system boot time 1565(such as those added by the kernel). 1566If not set to 1567.Dq Li NO 1568then for each whitespace separated 1569.Ar element 1570in the value, a 1571.Va change_route_ Ns Aq Ar element 1572variable is assumed to exist whose contents will later be passed to a 1573.Dq Nm route Cm change 1574operation. 1575.It Va ipv6_static_routes 1576.Pq Vt str 1577The IPv6 equivalent of 1578.Va static_routes . 1579If not set to 1580.Dq Li NO 1581then for each whitespace separated 1582.Ar element 1583in the value, a 1584.Va ipv6_route_ Ns Aq Ar element 1585variable is assumed to exist whose contents will later be passed to a 1586.Dq Nm route Cm add Fl inet6 1587operation. 1588.It Va gateway_enable 1589.Pq Vt bool 1590If set to 1591.Dq Li YES , 1592configure host to act as an IP router, e.g. to forward packets 1593between interfaces. 1594.It Va ipv6_gateway_enable 1595.Pq Vt bool 1596The IPv6 equivalent of 1597.Va gateway_enable . 1598.It Va router_enable 1599.Pq Vt bool 1600If set to 1601.Dq Li YES , 1602run a routing daemon of some sort, based on the settings of 1603.Va router_program 1604and 1605.Va router_flags . 1606.It Va ipv6_router_enable 1607.Pq Vt bool 1608The IPv6 equivalent of 1609.Va router_enable . 1610If set to 1611.Dq Li YES , 1612run a routing daemon of some sort, based on the settings of 1613.Va ipv6_router_program 1614and 1615.Va ipv6_router_flags . 1616.It Va router_program 1617.Pq Vt str 1618If 1619.Va router_enable 1620is set to 1621.Dq Li YES , 1622this is the name of the routing daemon to use 1623(default 1624.Pa /sbin/routed ) . 1625.It Va ipv6_router_program 1626.Pq Vt str 1627The IPv6 equivalent of 1628.Va router_program 1629(default 1630.Pa /sbin/route6d ) . 1631.It Va router_flags 1632.Pq Vt str 1633If 1634.Va router_enable 1635is set to 1636.Dq Li YES , 1637these are the flags to pass to the routing daemon. 1638.It Va ipv6_router_flags 1639.Pq Vt str 1640The IPv6 equivalent of 1641.Va router_flags . 1642.It Va mrouted_enable 1643.Pq Vt bool 1644If set to 1645.Dq Li YES , 1646run the multicast routing daemon, 1647.Xr mrouted 8 . 1648.It Va mroute6d_enable 1649.Pq Vt bool 1650The IPv6 equivalent of 1651.Va mrouted_enable . 1652If set to 1653.Dq Li YES , 1654run the IPv6 multicast routing daemon. 1655Note that no IPv6 multicast routing daemon is included in the 1656.Dx 1657base system but 1658.Xr pim6dd 8 1659can be installed from the 1660.Xr dports 7 1661collection 1662.Pa ( net/mcast-tools ) . 1663.It Va mrouted_flags 1664.Pq Vt str 1665If 1666.Va mrouted_enable 1667is set to 1668.Dq Li YES , 1669these are the flags to pass to the 1670.Xr mrouted 8 1671daemon. 1672.It Va mroute6d_flags 1673.Pq Vt str 1674The IPv6 equivalent of 1675.Va mrouted_flags . 1676If 1677.Va mroute6d_enable 1678is set to 1679.Dq Li YES , 1680these are the flags passed to the IPv6 multicast routing daemon. 1681.It Va mroute6d_program 1682.Pq Vt str 1683If 1684.Va mroute6d_enable 1685is set to 1686.Dq Li YES , 1687this is the path to the IPv6 multicast routing daemon. 1688.It Va rtadvd_enable 1689.Pq Vt bool 1690If set to 1691.Dq Li YES , 1692run the 1693.Xr rtadvd 8 1694daemon at boot time. 1695.Xr rtadvd 8 1696will only run if 1697.Va ipv6_gateway_enable 1698is also set to 1699.Dq Li YES . 1700The 1701.Xr rtadvd 8 1702utility sends router advertisement packets to the interfaces specified in 1703.Va rtadvd_interfaces . 1704.Xr rtadvd 8 1705and should only be enabled with great care. 1706You may want to fine-tune 1707.Xr rtadvd.conf 5 . 1708.It Va rtadvd_interfaces 1709.Pq Vt str 1710If 1711.Va rtadvd_enable 1712is set to 1713.Dq Li YES 1714this is the list of interfaces to use. 1715.It Va rtsold_enable 1716.Pq Vt bool 1717If set to 1718.Dq Li YES , 1719run the 1720.Xr rtsold 8 1721daemon at boot time. 1722The 1723.Xr rtsold 8 1724daemon is used for automatic discovery of non-link local addresses. 1725.It Va rtsold_flags 1726.Pq Vt str 1727If 1728.Va rtsold_enable 1729is set to 1730.Dq Li YES , 1731these are the flags to pass to the 1732.Xr rtsold 8 1733daemon. 1734.It Va arpproxy_all 1735.Pq Vt bool 1736If set to 1737.Dq Li YES , 1738enable global proxy ARP. 1739.It Va forward_sourceroute 1740.Pq Vt bool 1741If set to 1742.Dq Li YES 1743and 1744.Va gateway_enable 1745is also set to 1746.Dq Li YES , 1747source-routed packets are forwarded. 1748.It Va accept_sourceroute 1749.Pq Vt bool 1750If set to 1751.Dq Li YES , 1752the system will accept source-routed packets directed at it. 1753.It Va rarpd_enable 1754.Pq Vt bool 1755If set to 1756.Dq Li YES , 1757run the 1758.Xr rarpd 8 1759daemon at system boot time. 1760.It Va rarpd_flags 1761.Pq Vt str 1762If 1763.Va rarpd_enable 1764is set to 1765.Dq Li YES , 1766these are the flags to pass to the 1767.Xr rarpd 8 1768daemon. 1769.It Va bootparamd_enable 1770.Pq Vt bool 1771If set to 1772.Dq Li YES , 1773run the 1774.Xr bootparamd 8 1775daemon at system boot time. 1776.It Va bootparamd_flags 1777.Pq Vt str 1778If 1779.Va bootparamd_enable 1780is set to 1781.Dq Li YES , 1782these are the flags to pass to the 1783.Xr bootparamd 8 1784daemon. 1785.It Va stf_interface_ipv4addr 1786.Pq Vt str 1787If not set to 1788.Dq Li NO , 1789this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1790Specify this entry to enable the 6to4 interface. 1791.It Va stf_interface_ipv4plen 1792.Pq Vt int 1793Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1794An effective value is 0-31. 1795.It Va stf_interface_ipv6_ifid 1796.Pq Vt str 1797IPv6 interface ID for 1798.Xr stf 4 . 1799This can be set to 1800.Dq Li AUTO . 1801.It Va stf_interface_ipv6_slaid 1802.Pq Vt str 1803IPv6 Site Level Aggregator for 1804.Xr stf 4 . 1805.It Va keybell 1806.Pq Vt str 1807The keyboard bell sound. 1808Set to 1809.Dq Li normal , 1810.Dq Li visual , 1811.Dq Li off , 1812or 1813.Dq Li NO 1814if the default behavior is desired. 1815For details, refer to the 1816.Xr kbdcontrol 1 1817manpage. 1818.It Va keymap 1819.Pq Vt str 1820If set to 1821.Dq Li NO , 1822no keymap is installed, otherwise the value is used to install 1823the keymap file in 1824.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1825.It Va keyrate 1826.Pq Vt str 1827The keyboard repeat speed. 1828Set to 1829.Dq Li slow , 1830.Dq Li normal , 1831.Dq Li fast , 1832or 1833.Dq Li NO 1834if the default behavior is desired. 1835.It Va keychange 1836.Pq Vt str 1837If not set to 1838.Dq Li NO , 1839attempt to program the function keys with the value. 1840The value should be a single string of the form: 1841.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1842.It Va cursor 1843.Pq Vt str 1844Can be set to the value of 1845.Dq Li normal , 1846.Dq Li blink , 1847.Dq Li destructive , 1848or 1849.Dq Li NO 1850to set the cursor behavior explicitly or choose the default behavior. 1851.It Va scrnmap 1852.Pq Vt str 1853If set to 1854.Dq Li NO , 1855no screen map is installed, otherwise the value is used to install 1856the screen map file in 1857.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1858.It Va font8x16 1859.Pq Vt str 1860If set to 1861.Dq Li NO , 1862the default 8x16 font value is used for screen size requests, otherwise 1863the value in 1864.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1865is used. 1866.It Va font8x14 1867.Pq Vt str 1868If set to 1869.Dq Li NO , 1870the default 8x14 font value is used for screen size requests, otherwise 1871the value in 1872.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1873is used. 1874.It Va font8x8 1875.Pq Vt str 1876If set to 1877.Dq Li NO , 1878the default 8x8 font value is used for screen size requests, otherwise 1879the value in 1880.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1881is used. 1882.It Va blanktime 1883.Pq Vt int 1884If set to 1885.Dq Li NO , 1886the default screen blanking interval is used, otherwise it is set to 1887.Ar value 1888seconds. 1889.It Va saver 1890.Pq Vt str 1891If not set to 1892.Dq Li NO , 1893this is the actual screen saver to use 1894.Li ( blank , snake , daemon , 1895etc). 1896.It Va moused_nondefault_enable 1897.Pq Vt str 1898If set to 1899.Dq Li NO , 1900the mouse device specified on 1901the command line is not automatically treated as enabled by the 1902.Pa /etc/rc.d/moused 1903script. 1904Having this variable set to 1905.Dq Li YES 1906allows a 1907.Xr usb 4 1908mouse, 1909for example, 1910to be enabled as soon as it is plugged in. 1911.It Va moused_enable 1912.Pq Vt str 1913If set to 1914.Dq Li YES , 1915the 1916.Xr moused 8 1917daemon is started for doing cut/paste selection on the console. 1918.It Va moused_type 1919.Pq Vt str 1920If 1921.Va moused_enable 1922is set to 1923.Dq Li YES , 1924this is the protocol type of the mouse connected to this host. 1925The default type is 1926.Dq Li auto . 1927The 1928.Xr moused 8 1929daemon 1930is able to detect the appropriate mouse type automatically in many cases. 1931Leave this variable at the default 1932.Dq Li auto 1933to let the daemon detect it, or 1934select one from the following list if the automatic detection fails. 1935.Pp 1936If the mouse is attached to the PS/2 mouse port, leave the variable at the 1937default 1938.Dq Li auto 1939or set it to 1940.Dq Li ps/2 , 1941regardless of the brand and model of the mouse. 1942Likewise, if the mouse is attached to the bus mouse port, leave it at 1943.Dq Li auto 1944or set it to 1945.Dq Li busmouse . 1946All other protocols are for serial mice and will not work with 1947the PS/2 and bus mice. 1948If this is a USB mouse, 1949.Dq Li auto 1950is the only protocol type which will work. 1951.Pp 1952.Bl -tag -width ".Li x10mouseremote" -compact 1953.It Li microsoft 1954Microsoft mouse (serial) 1955.It Li intellimouse 1956Microsoft IntelliMouse (serial) 1957.It Li mousesystems 1958Mouse systems Corp. mouse (serial) 1959.It Li mmseries 1960MM Series mouse (serial) 1961.It Li logitech 1962Logitech mouse (serial) 1963.It Li busmouse 1964A bus mouse 1965.It Li mouseman 1966Logitech MouseMan and TrackMan (serial) 1967.It Li glidepoint 1968ALPS GlidePoint (serial) 1969.It Li thinkingmouse 1970Kensington ThinkingMouse (serial) 1971.It Li ps/2 1972PS/2 mouse 1973.It Li mmhittab 1974MM HitTablet (serial) 1975.It Li x10mouseremote 1976X10 MouseRemote (serial) 1977.It Li versapad 1978Interlink VersaPad (serial) 1979.El 1980.Pp 1981Even if the mouse is not in the above list, it may be compatible 1982with one in the list. 1983Refer to the man page for 1984.Xr moused 8 1985for compatibility information. 1986.Pp 1987It should also be noted that while this is enabled, any 1988other client of the mouse (such as an X server) should access 1989the mouse through the virtual mouse device, 1990.Pa /dev/sysmouse , 1991and configure it as a 1992.Dq Li sysmouse 1993type mouse, since all 1994mouse data is converted to this single canonical format when using 1995.Xr moused 8 . 1996If the client program does not support the 1997.Dq Li sysmouse 1998type, specify the 1999.Dq Li mousesystems 2000type. 2001It is the second preferred type. 2002.It Va moused_port 2003.Pq Vt str 2004If 2005.Va moused_enable 2006is set to 2007.Dq Li YES , 2008this is the actual port the mouse is on. 2009It might be 2010.Pa /dev/cuaa0 2011for a COM1 serial mouse or 2012.Pa /dev/psm0 2013for a PS/2 mouse, for example. 2014.It Va moused_flags 2015.Pq Vt str 2016If 2017.Va moused_type 2018is set, these are the additional flags to pass to the 2019.Xr moused 8 2020daemon. 2021.It Va mousechar_start 2022.Pq Vt int 2023If set to 2024.Dq Li NO , 2025the default mouse cursor character range 2026.Li 0xd0 Ns - Ns Li 0xd3 2027is used, otherwise the range start is set to 2028.Ar value 2029character, see 2030.Xr vidcontrol 1 . 2031Use if the default range is occupied in the language code table. 2032.It Va vidhistory 2033.Pq Vt int 2034Set the size of the history (scrollback) buffer in lines. 2035.It Va allscreens_flags 2036.Pq Vt str 2037If set, 2038.Xr vidcontrol 1 2039is run with these options for each of the virtual terminals 2040.Pq Pa /dev/ttyv* . 2041For example, 2042.Dq Fl m Cm on 2043will enable the mouse pointer on all virtual terminals if 2044.Va moused_enable 2045is set to 2046.Dq Li YES . 2047.It Va allscreens_kbdflags 2048.Pq Vt str 2049If set, 2050.Xr kbdcontrol 1 2051is run with these options for each of the virtual terminals 2052.Pq Pa /dev/ttyv* . 2053For example, 2054.Dq Fl h Li 200 2055will set the 2056.Xr syscons 4 2057scrollback (history) buffer to 200 lines. 2058.It Va cron_enable 2059.Pq Vt bool 2060If set to 2061.Dq Li YES , 2062run the 2063.Xr cron 8 2064daemon at system boot time. 2065.It Va cron_program 2066.Pq Vt str 2067Path to 2068.Xr cron 8 2069(default 2070.Pa /usr/sbin/cron ) . 2071.It Va cron_flags 2072.Pq Vt str 2073If 2074.Va cron_enable 2075is set to 2076.Dq Li YES , 2077these are the flags to pass to 2078.Xr cron 8 . 2079.It Va lpd_program 2080.Pq Vt str 2081Path to 2082.Xr lpd 8 2083(default 2084.Pa /usr/sbin/lpd ) . 2085.It Va lpd_enable 2086.Pq Vt bool 2087If set to 2088.Dq Li YES , 2089run the 2090.Xr lpd 8 2091daemon at system boot time. 2092.It Va lpd_flags 2093.Pq Vt str 2094If 2095.Va lpd_enable 2096is set to 2097.Dq Li YES , 2098these are the flags to pass to the 2099.Xr lpd 8 2100daemon. 2101.It Va nscd_enable 2102.Pq Vt bool 2103If set to 2104.Dq Li YES , 2105run the 2106.Xr nscd 8 2107daemon at system boot time. 2108.It Va mixer_enable 2109.Pq Vt bool 2110If set to 2111.Dq Li YES , 2112preserve 2113.Xr mixer 8 2114settings across reboots. 2115.It Va mta_start_script 2116.Pq Vt str 2117The full path to the script to run to start 2118a mail transfer agent. 2119The default is 2120.Pa /etc/rc.sendmail . 2121The 2122.Va sendmail_* 2123variables which 2124.Pa /etc/rc.sendmail 2125uses are documented in the 2126.Xr rc.sendmail 8 2127man page. 2128.It Va fixbootfile 2129.Pq Vt bool 2130In a 2131.Sq HAMMER ROOT with UFS /boot 2132setup, the boot loader will not set up the 2133.Va kern.bootfile 2134sysctl correctly. 2135The system will attempt to fix this on its own. 2136Set this variable to 2137.Dq Li NO 2138to turn this behavior off. 2139.It Va dumpdev 2140.Pq Vt str 2141Indicates the device (usually a swap partition) to which a crash dump 2142should be written in the event of a system crash. 2143The value of this variable is passed as the argument to 2144.Xr dumpon 8 2145and 2146.Xr savecore 8 . 2147To disable crash dumps, set this variable to 2148.Dq Li NO . 2149.It Va dumpdir 2150.Pq Vt str 2151When the system reboots after a crash and a crash dump is found on the 2152device specified by the 2153.Va dumpdev 2154variable, 2155.Xr savecore 8 2156will save that crash dump and a copy of the kernel to the directory 2157specified by the 2158.Va dumpdir 2159variable. 2160The default value is 2161.Pa /var/crash . 2162Set to 2163.Dq Li NO 2164to not run 2165.Xr savecore 8 2166at boot time when 2167.Va dumpdir 2168is set. 2169.It Va savecore_flags 2170.Pq Vt str 2171If crash dumps are enabled, these are the flags to pass to the 2172.Xr savecore 8 2173utility. 2174.It Va crashinfo_enable 2175.Pq Vt bool 2176Set to 2177.Dq Li YES 2178to turn on automatic crash dump summary generation using the utility 2179specified by the 2180.Va crashinfo_program 2181variable. 2182.It Va crashinfo_program 2183.Pq Vt str 2184Program to run to generate a crash dump summary if the variable 2185.Va crashinfo_enable 2186is set to 2187.Dq Li YES . 2188The default value is 2189.Pa /usr/sbin/crashinfo . 2190.It Va enable_quotas 2191.Pq Vt bool 2192Set to 2193.Dq Li YES 2194to turn on user disk quotas on system startup via the 2195.Xr quotaon 8 2196command. 2197.It Va check_quotas 2198.Pq Vt bool 2199Set to 2200.Dq Li YES 2201to enable user disk quota checking via the 2202.Xr quotacheck 8 2203command. 2204.It Va accounting_enable 2205.Pq Vt bool 2206Set to 2207.Dq Li YES 2208to enable system accounting through the 2209.Xr accton 8 2210facility. 2211.\" ----- cleanvar_enable setting-------------------------------- 2212.It Va cleanvar_enable 2213.Pq Vt bool 2214Set to 2215.Dq Li YES 2216to have 2217.Pa /var/run , 2218.Pa /var/spool/lock 2219and 2220.Pa /var/spool/uucp/.Temp/* 2221cleaned at startup. 2222.\" ----- clear_tmp_enable setting------------------------------- 2223.It Va clear_tmp_enable 2224.Pq Vt bool 2225Set to 2226.Dq Li YES 2227to have 2228.Pa /tmp 2229cleaned at startup. 2230.\" ----- ldconfig_paths setting -------------------------------- 2231.It Va ldconfig_paths 2232.Pq Vt str 2233Set to the list of shared library paths to use with 2234.Xr ldconfig 8 . 2235NOTE: 2236.Pa /usr/lib 2237will always be added first, so it need not appear in this list. 2238.It Va ldconfig_insecure 2239.Pq Vt bool 2240The 2241.Xr ldconfig 8 2242utility normally refuses to use directories 2243which are writable by anyone except root. 2244Set this variable to 2245.Dq Li YES 2246to disable that security check during system startup. 2247.It Va ldconfig_local_dirs 2248.Pq Vt str 2249Set to the list of local 2250.Xr ldconfig 8 2251directories. 2252The names of all files in the directories listed will be 2253passed as arguments to 2254.Xr ldconfig 8 . 2255.It Va kern_securelevel 2256.Pq Vt int 2257The kernel security level to set at startup. 2258The allowed range of 2259.Ar value 2260ranges from \-1 (the compile time default) to 3 (the most secure). 2261See 2262.Xr init 8 2263for the list of possible security levels and their effect on system operation. 2264.It Va start_vinum 2265.Pq Vt bool 2266Set to 2267.Dq Li YES 2268to start 2269.Xr vinum 8 2270at system boot time. 2271.It Va sshd_enable 2272.Pq Vt bool 2273Set to 2274.Dq Li YES 2275to start 2276.Xr sshd 8 2277at system boot time. 2278.It Va sshd_program 2279.Pq Vt str 2280Path to the SSH server program 2281(default 2282.Pa /usr/sbin/sshd ) . 2283.It Va sshd_flags 2284.Pq Vt str 2285If 2286.Va sshd_enable 2287is set to 2288.Dq Li YES , 2289these are the flags to pass to the 2290.Xr sshd 8 2291daemon. 2292.It Va ftpd_enable 2293.Pq Vt bool 2294Set to 2295.Dq Li YES 2296to start 2297.Xr ftpd 8 2298at system boot time. 2299.It Va ftpd_flags 2300.Pq Vt str 2301If 2302.Va ftpd_enable 2303is set to 2304.Dq Li YES , 2305these are the flags to pass to the 2306.Xr ftpd 8 2307daemon. 2308.It Va watchdogd_enable 2309.Pq Vt bool 2310If set to 2311.Dq Li YES , 2312start the 2313.Xr watchdogd 8 2314daemon at boot time. 2315.It Va jail_enable 2316.Pq Vt bool 2317If set to 2318.Dq Li NO , 2319any configured jails will not be started. 2320.It Va jail_list 2321.Pq Vt str 2322A space separated list of names for jails. 2323This is purely a configuration aid to help identify and 2324configure multiple jails. 2325The names specified in this list will be used to 2326identify settings common to an instance of a jail. 2327Assuming that the jail in question was named 2328.Li vjail , 2329you would have the following dependent variables: 2330.Bd -literal 2331jail_vjail_hostname="jail.example.com" 2332jail_vjail_ip="192.168.1.100" 2333jail_vjail_rootdir="/var/jails/vjail/root" 2334.Ed 2335.It Va jail_flags 2336.Pq Vt str 2337Unset by default. 2338When set, use as default value for 2339.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2340for every jail in 2341.Va jail_list . 2342.It Va jail_interface 2343.Pq Vt str 2344Unset by default. 2345When set, use as default value for 2346.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2347for every jail in 2348.Va jail_list . 2349.It Va jail_fstab 2350.Pq Vt str 2351Unset by default. 2352When set, use as default value for 2353.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2354for every jail in 2355.Va jail_list . 2356.It Va jail_mount_enable 2357.Pq Vt bool 2358Set to 2359.Dq Li NO 2360by default. 2361When set to 2362.Dq Li YES , 2363sets 2364.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2365to 2366.Dq Li YES 2367by default for every jail in 2368.Va jail_list . 2369.It Va jail_procfs_enable 2370.Pq Vt bool 2371Set to 2372.Dq Li NO 2373by default. 2374When set to 2375.Dq Li YES , 2376sets 2377.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2378to 2379.Dq Li YES 2380by default for every jail in 2381.Va jail_list . 2382.It Va jail_devfs_enable 2383.Pq Vt bool 2384Set to 2385.Dq Li NO 2386by default. 2387When set to 2388.Dq Li YES , 2389sets 2390.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2391to 2392.Dq Li YES 2393by default for every jail in 2394.Va jail_list . 2395.It Va jail_exec_start 2396.Pq Vt str 2397Unset by default. 2398When set, use as default value for 2399.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2400for every jail in 2401.Va jail_list . 2402.It Va jail_exec_stop 2403Unset by default. 2404When set, use as default value for 2405.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2406for every jail in 2407.Va jail_list . 2408.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2409.Pq Vt str 2410Unset by default. 2411Set to the root directory used by jail 2412.Va jname . 2413.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2414.Pq Vt str 2415Unset by default. 2416Set to the fully qualified domain name (FQDN) assigned to jail 2417.Va jname . 2418.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2419.Pq Vt str 2420Unset by default. 2421Set to the IP address assigned to jail 2422.Va jname . 2423.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2424.Pq Vt str 2425Set to 2426.Dq Li -l -U root 2427by default. 2428These are flags to pass to 2429.Xr jail 8 . 2430.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2431.Pq Vt str 2432Unset by default. 2433When set, sets the interface to use when setting IP address alias. 2434Note that the alias is created at jail startup and removed at jail shutdown. 2435.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2436.Pq Vt str 2437Set to 2438.Pa /etc/fstab. Ns Aq Ar jname 2439by default. 2440This is the file system information file to use for jail 2441.Va jname . 2442.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2443.Pq Vt bool 2444Set to 2445.Dq Li NO 2446by default. 2447When set to 2448.Dq Li YES , 2449mount all file systems from 2450.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2451at jail startup. 2452.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2453.Pq Vt bool 2454Set to 2455.Dq Li NO 2456by default. 2457When set to 2458.Dq Li YES , 2459mount the process file system inside jail 2460.Ar jname 2461at jail startup. 2462.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2463.Pq Vt bool 2464Set to 2465.Dq Li NO 2466by default. 2467When set to 2468.Dq Li YES , 2469mount the device file system inside jail 2470.Ar jname 2471at jail startup. 2472.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2473.Pq Vt str 2474Set to 2475.Dq Li /bin/sh /etc/rc 2476by default. 2477This is the command executed at jail startup. 2478.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2479.Pq Vt str 2480Set to 2481.Dq Li /bin/sh /etc/rc.shutdown 2482by default. 2483This is the command executed at jail shutdown. 2484.It Va jail_set_hostname_allow 2485.Pq Vt bool 2486If set to 2487.Dq Li NO , 2488do not allow the root user in a jail to set its hostname. 2489.It Va jail_socket_unixiproute_only 2490.Pq Vt bool 2491If set to 2492.Dq Li YES , 2493do not allow any sockets, 2494besides UNIX/IP/route sockets, 2495to be used within a jail. 2496.It Va jail_sysvipc_allow 2497.Pq Vt bool 2498If set to 2499.Dq Li YES , 2500allow applications within a jail to use System V IPC. 2501.It Va lvm_enable 2502.Pq Vt bool 2503If set to 2504.Dq Li YES 2505LVM volumes will be discovered and configured on boot. 2506.It Va newsyslog_enable 2507.Pq Vt bool 2508If set to 2509.Dq Li YES , 2510run 2511.Xr newsyslog 8 2512before syslogd starts. 2513.It Va newsyslog_flags 2514.Pq Vt str 2515If 2516.Va newsyslog_enable 2517is set to 2518.Dq Li YES , 2519these are the flags passed to 2520.Xr newsyslog 8 . 2521.It Va resident_enable 2522.Pq Vt bool 2523If set to 2524.Dq Li YES , 2525make the dynamic binaries listed in 2526.Pa /etc/resident.conf 2527resident. 2528.It Va varsym_enable 2529.Pq Vt bool 2530If set to 2531.Dq Li YES , 2532process 2533.Pa /etc/varsym.conf 2534to set system-wide variables for variant symlinks. 2535.It Va rand_irqs 2536.Pq Vt str 2537Set either to 2538.Dq Li NO 2539or a whitespace separated list of IRQ numbers which will be used as a source of 2540randomness. 2541.\" ----------------------------------------------------- 2542.It Va entropy_dir 2543.Pq Vt str 2544Set to 2545.Dq Li NO 2546to disable caching entropy via 2547.Xr cron 8 . 2548Otherwise set to the directory used to store entropy files in. 2549.It Va entropy_file 2550.Pq Vt str 2551Set to 2552.Dq Li NO 2553to disable caching entropy through reboots. 2554Otherwise set to the filename used to store cached entropy through reboots. 2555This file should be located on the root file system to seed the 2556.Xr random 4 2557device as early as possible in the boot process. 2558.It Va entropy_save_sz 2559.Pq Vt int 2560Determines the size of the entropy cache files used for entropy cached 2561through reboots and also entropy cached via 2562.Xr cron 8 . 2563The entropy is fed to the system in blocks of 512 bytes, so this number 2564should be large enough to fill as many of the entropy pools in the kernel 2565CSPRNG as possible. 2566By default, it is set to 16384, which should be able to seed all 32 entropy 2567pools in the Fortuna CSPRNG. 2568.It Va dmesg_enable 2569.Pq Vt bool 2570Set to 2571.Dq Li YES 2572to save 2573.Xr dmesg 8 2574to 2575.Pa /var/run/dmesg.boot 2576on boot. 2577.It Va rcshutdown_timeout 2578.Pq Vt int 2579If set, start a watchdog timer in the background which will terminate 2580.Pa rc.shutdown 2581if 2582.Xr shutdown 8 2583has not completed within the specified time (in seconds). 2584Notice that in addition to this soft timeout, 2585.Xr init 8 2586also applies a hard timeout for the execution of 2587.Pa rc.shutdown . 2588This is configured via 2589.Xr sysctl 8 2590variable 2591.Va kern.init_shutdown_timeout 2592and defaults to 120 seconds. Setting the value of 2593.Va rcshutdown_timeout 2594to more than 120 seconds will have no effect until the 2595.Xr sysctl 8 2596variable 2597.Va kern.init_shutdown_timeout 2598is also increased. 2599.It Va udevd_enable 2600.Pq Vt bool 2601If set to 2602.Dq Li YES , 2603the udevd daemon will be started on boot. 2604.It Va vfs_quota_enable 2605.Pq Vt bool 2606If set to 2607.Dq Li YES , 2608vfs quota rc.d scripts will be run on boot. 2609.It Va vfs_quota_sync 2610.Pq Vt str 2611List of mount points whose counters are to be synchronized with on-disk 2612usage during system startup. 2613See also 2614.Xr vquota 8 . 2615.It Va vknetd_enable 2616.Pq Vt bool 2617If set to 2618.Dq Li YES , 2619.Xr vknetd 8 2620will be started on boot. 2621.It Va vknetd_flags 2622.Pq Vt bool 2623Additional flags passed to 2624.Xr vknetd 8 . 2625Usually address/cidrbits is specified here. 2626When no flags are passed, default option 2627.Fl U 2628will be used. 2629.It Va vkernel_enable 2630.Pq Vt bool 2631If set to 2632.Dq Li NO , 2633any configured vkernels will not be started. 2634.It Va vkernel_kill_timeout 2635.Pq Vt int 2636This defines the default number of seconds that we will wait for the 2637vkernel to shut down on its own. 2638If after this time it's still alive, 2639it will be killed with SIGKILL. 2640.It Va vkernel_bin 2641.Pq Vt str 2642Defines the default path to the vkernel binary. 2643.It Va vkernel_list 2644.Pq Vt str 2645A space separated list of names for vkernels. 2646This is purely a configuration aid to help identify and 2647configure multiple vkernels. 2648The names specified in this list will be used to 2649identify settings common to a vkernel instance. 2650Assuming that the vkernel in question was named 2651.Li example , 2652you would have the following dependent variables 2653(filled with reference values in this text): 2654.Bd -literal 2655vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2656vkernel_example_memsize="64m" 2657vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2658vkernel_example_memimg="/var/vkernel/memimg.000001" 2659vkernel_example_user="myuser" 2660vkernel_example_iface_list="auto:bridge0" 2661vkernel_example_logfile="/dev/null" 2662vkernel_example_flags="-U" 2663vkernel_example_kill_timeout="45" 2664.Ed 2665.Pp 2666The last six are optional. 2667They default to an empty string if not set, except for logfile which defaults to 2668.Pa /dev/null 2669if it is not set. 2670.Pp 2671Note that in case 2672.Va vkernel_memimg 2673is not set, the 2674.Pa rc.d 2675script will create 2676.Pa /var/vkernel , 2677which is the vkernel's default directory for memory images, 2678with permissions of 1777, i.e. world writable with the sticky bit set 2679(see 2680.Xr sticky 8 ) . 2681.It Va autofs_enable 2682.Pq Vt bool 2683If set to 2684.Dq Li YES , 2685start the 2686.Xr automount 8 2687utility and the 2688.Xr automountd 8 2689and 2690.Xr autounmountd 8 2691daemons at boot time. 2692.It Va automount_flags 2693.Pq Vt str 2694If 2695.Va autofs_enable 2696is set to 2697.Dq Li YES , 2698these are the flags to pass to the 2699.Xr automount 8 2700program. 2701By default no flags are passed. 2702.It Va automountd_flags 2703.Pq Vt str 2704If 2705.Va autofs_enable 2706is set to 2707.Dq Li YES , 2708these are the flags to pass to the 2709.Xr automountd 8 2710daemon. 2711By default no flags are passed. 2712.It Va autounmountd_flags 2713.Pq Vt str 2714If 2715.Va autofs_enable 2716is set to 2717.Dq Li YES , 2718these are the flags to pass to the 2719.Xr autounmountd 8 2720daemon. 2721By default no flags are passed. 2722.El 2723.Sh FILES 2724.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2725.It Pa /etc/defaults/rc.conf 2726.It Pa /etc/rc.conf 2727.It Pa /etc/rc.conf.local 2728.It Pa /etc/start_if. Ns Aq Ar interface 2729.El 2730.Sh SEE ALSO 2731.Xr gdb 1 , 2732.Xr info 1 , 2733.Xr kbdcontrol 1 , 2734.Xr varsym 1 , 2735.Xr vidcontrol 1 , 2736.Xr ip 4 , 2737.Xr ipfw 4 , 2738.Xr kld 4 , 2739.Xr pf 4 , 2740.Xr tcp 4 , 2741.Xr udp 4 , 2742.Xr vlan 4 , 2743.Xr autofs 5 , 2744.Xr auto_master 5 , 2745.Xr exports 5 , 2746.Xr motd 5 , 2747.Xr resident.conf 5 , 2748.Xr varsym.conf 5 , 2749.Xr accton 8 , 2750.Xr automount 8 , 2751.Xr automountd 8 , 2752.Xr autounmountd 8 , 2753.Xr btconfig 8 , 2754.Xr bthcid 8 , 2755.Xr cron 8 , 2756.Xr devd 8 , 2757.Xr dhclient 8 , 2758.Xr dhcpcd 8 , 2759.Xr dntpd 8 , 2760.Xr ftpd 8 , 2761.Xr ifconfig 8 , 2762.Xr inetd 8 , 2763.Xr ip6addrctl 8 , 2764.Xr jail 8 , 2765.Xr lpd 8 , 2766.Xr makewhatis 8 , 2767.Xr mixer 8 , 2768.Xr mountd 8 , 2769.Xr moused 8 , 2770.Xr mrouted 8 , 2771.Xr nfsd 8 , 2772.Xr pcnfsd 8 , 2773.Xr pfctl 8 , 2774.Xr pflogd 8 , 2775.Xr quotacheck 8 , 2776.Xr quotaon 8 , 2777.Xr rc 8 , 2778.Xr rc.sendmail 8 , 2779.Xr resident 8 , 2780.Xr rndcontrol 8 , 2781.Xr route 8 , 2782.Xr routed 8 , 2783.Xr rpcbind 8 , 2784.Xr rpc.lockd 8 , 2785.Xr rpc.statd 8 , 2786.Xr rtadvd 8 , 2787.Xr rtsold 8 , 2788.Xr rwhod 8 , 2789.Xr savecore 8 , 2790.Xr sdpd 8 , 2791.Xr sensorsd 8 , 2792.Xr sshd 8 , 2793.Xr swapon 8 , 2794.Xr sysctl 8 , 2795.Xr syslogd 8 , 2796.Xr sysvipcd 8 , 2797.Xr timed 8 , 2798.Xr vinum 8 , 2799.Xr yp 8 , 2800.Xr ypbind 8 , 2801.Xr ypserv 8 , 2802.Xr ypset 8 2803.Sh HISTORY 2804The 2805.Nm 2806file appeared in 2807.Fx 2.2.2 . 2808.Sh AUTHORS 2809.An Jordan K. Hubbard . 2810