1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd November 14, 2018 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_debug 107.Pq Vt bool 108If set to 109.Dq Li YES , 110enable output of debug messages from rc scripts. 111This variable can be helpful in diagnosing mistakes when 112editing or integrating new scripts. 113Beware that this produces copious output to the terminal and 114.Xr syslog 3 . 115.It Va rc_info 116.Pq Vt bool 117If set to 118.Dq Li NO , 119disable informational messages from the rc scripts. 120Informational messages are displayed when 121a condition that is not serious enough to warrant a warning or an error occurs. 122.It Va rc_startmsgs 123.Pq Vt bool 124If set to 125.Dq Li YES , 126show 127.Dq Starting foo: 128when faststart is used (e.g., at boot time). 129.It Va swapfile 130.Pq Vt str 131If set to 132.Dq Li NO , 133no swapfile is installed, otherwise the value is used as the full 134pathname to a file to use for additional swap space. 135The 136.Xr vn 4 137driver is needed for a swapfile and will be loaded if it is not 138already compiled into the kernel or loaded via 139.Xr loader.conf 5 . 140.It Ao Ar module Ac Ns Ar _load 141.Pq Vt bool 142If set to 143.Dq YES , 144that kernel module will be loaded. 145If no 146.Ao Ar module Ac Ns Ar _name 147is defined (see below), the 148module's name is taken to be 149.Aq Ar module . 150.It Ao Ar module Ac Ns Ar _name 151.Pq Vt str 152Defines the name of the module. 153.It Va devd_enable 154.Pq Vt bool 155Run 156.Xr devd 8 157to handle device added, removed or unknown events from the kernel. 158.It Va devd_flags 159.Pq Vt str 160If 161.Va devd_enable 162is set to 163.Dq Li YES , 164these are the flags to pass to the 165.Xr devd 8 166daemon. 167.It Va powerd_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Setting this to 173.Dq Li YES 174enables 175.Xr powerd 8 , 176a CPU speed control daemon. 177.It Va powerd_flags 178.Pq Vt str 179Empty by default. 180Additional flags passed to the 181.Xr powerd 8 182program. 183.It Va sensorsd_enable 184.Pq Vt bool 185Set to 186.Dq Li NO 187by default. 188Setting this to 189.Dq Li YES 190enables 191.Xr sensorsd 8 , 192a sensors monitoring and logging daemon. 193.It Va sensorsd_flags 194.Pq Vt str 195Empty by default. 196Additional flags passed to the 197.Xr sensorsd 8 198program. 199.It Va sysvipcd_enable 200.Pq Vt bool 201Set to 202.Dq Li NO 203by default. 204Setting this to 205.Dq Li YES 206enables 207.Xr sysvipcd 8 , 208a daemon needed for the userspace implementation of the XSI Interprocess 209Communication functions. 210.It Va sysvipcd_flags 211.Pq Vt str 212Empty by default. 213Additional flags passed to the 214.Xr sysvipcd 8 215program. 216.It Va hotplugd_enable 217.Pq Vt bool 218Set to 219.Dq Li NO 220by default. 221Setting this to 222.Dq Li YES 223enables 224.Xr hotplugd 8 , 225a devices hot plugging monitoring daemon. 226.It Va hotplugd_flags 227.Pq Vt str 228Empty by default. 229Additional flags passed to the 230.Xr hotplugd 8 231program. 232.It Va pccard_ifconfig 233.Pq Vt str 234List of arguments to be passed to 235.Xr ifconfig 8 236at boot time or on insertion of the card (e.g.\& 237.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 238for a fixed address or 239.Dq Li DHCP 240for a DHCP client). 241.It Va pccard_ether_delay 242.Pq Vt str 243Set the delay before starting the DHCP client (configured with 244.Va dhcp_client ) 245in the 246.Pa /etc/pccard_ether 247script. 248This defaults to 249.Dq Li 5 250seconds to work around a bug in the 251.Xr ed 4 252driver which can lead to system hangs when using some newer 253.Xr ed 4 254based cards. 255.It Va removable_interfaces 256.Pq Vt str 257List of removable network interfaces to be supported by 258.Pa /etc/pccard_ether . 259.It Va local_startup 260.Pq Vt str 261List of directories to search for startup script files. 262.It Va script_name_sep 263.Pq Vt str 264The field separator to use for breaking down the list of startup script files 265into individual filenames. 266The default is a space. 267It is not necessary to change this unless there are startup scripts with names 268containing spaces. 269.It Va hostname 270.Pq Vt str 271The fully qualified domain name (FQDN) of this host on the network. 272This should almost certainly be set to something meaningful, even if 273there is no network connection. 274If DHCP is used to set the hostname, 275this variable should be set to an empty string. 276.It Va ipv6_enable 277.Pq Vt bool 278Enable support for IPv6 networking. 279Note that this requires that the kernel have been compiled with 280.Cd "options INET6" . 281.It Va nisdomainname 282.Pq Vt str 283The NIS domain name of this host, or 284.Dq Li NO 285if NIS is not used. 286.It Va dhcp_client 287.Pq Vt str 288Set the rc script that is called to start the DHCP client. 289This can be set to 290.Dq Li dhclient 291(default) or 292.Dq Li dhcpcd . 293.It Va dhclient_program 294.Pq Vt str 295Path to the 296.Xr dhclient 8 297program (default 298.Pa /sbin/dhclient ) . 299.It Va dhclient_flags 300.Pq Vt str 301Additional flags to pass to the 302.Xr dhclient 8 303program. 304.It Va dhcpcd_enable 305.Pq Vt bool 306Set to 307.Dq Li YES 308to run 309.Xr dhcpcd 8 310in master mode (i.e., configure all available Ethernet interfaces) at startup. 311.It Va dhcpcd_program 312.Pq Vt str 313Path to the 314.Xr dhcpcd 8 315program (default 316.Pa /sbin/dhcpcd ) . 317.It Va dhcpcd_flags 318.Pq Vt str 319Additional flags to pass to the 320.Xr dhcpcd 8 321program. 322.It Va pf_enable 323.Pq Vt bool 324Set to 325.Dq Li YES 326to load 327.Xr pf 4 328at startup. 329If the kernel was not built with 330.Cd "device pf" , 331the 332.Pa pf.ko 333kernel module will be loaded. 334See also 335.Va firewall_enable . 336.It Va pf_rules 337.Pq Vt str 338Path to the 339.Xr pf 4 340ruleset definition file. 341.It Va pf_program 342.Pq Vt str 343Path to 344.Xr pfctl 8 . 345.It Va pf_flags 346.Pq Vt str 347If 348.Va pf_enable 349is set to 350.Dq Li YES , 351these are the flags to pass to 352.Xr pfctl 8 353when loading the ruleset. 354.It Va pflog_enable 355.Pq Vt bool 356Set this to 357.Dq Li YES 358to enable 359.Xr pflogd 8 360which logs packets from 361.Xr pf 4 . 362.It Va pflog_logfile 363.Pq Vt str 364If 365.Va pflog_enable 366is set to 367.Dq Li YES 368this specifies the path of the log file. 369.It Va pflog_program 370.Pq Vt str 371Path to 372.Xr pflogd 8 . 373.It Va pflog_flags 374.Pq Vt str 375If 376.Va pflog_enable 377is set to 378.Dq Li YES , 379these are the flags to pass to 380.Xr pflogd 8 . 381.It Va firewall_enable 382.Pq Vt bool 383Set to 384.Dq Li YES 385to load firewall rules at startup. 386If the kernel was not built with 387.Cd "options IPFIREWALL" , 388the 389.Pa ipfw.ko 390kernel module will be loaded. 391See also 392.Va pf_enable . 393.It Va ipv6_firewall_enable 394.Pq Vt bool 395The IPv6 equivalent of 396.Va firewall_enable . 397Set to 398.Dq Li YES 399to load IPv6 firewall rules at startup. 400If the kernel was not built with 401.Cd "options IPV6FIREWALL" , 402the 403.Pa ip6fw.ko 404kernel module will be loaded. 405.It Va firewall_script 406.Pq Vt str 407The full path to the firewall script to run 408(default 409.Pa /etc/rc.firewall ) . 410.It Va ipv6_firewall_script 411.Pq Vt str 412The IPv6 equivalent of 413.Va firewall_script . 414.It Va firewall_type 415.Pq Vt str 416Names the firewall type from the selection in 417.Pa /etc/rc.firewall , 418or the file which contains the local firewall ruleset. 419Valid selections from 420.Pa /etc/rc.firewall 421are: 422.Pp 423.Bl -tag -width ".Li simple" -compact 424.It Li open 425unrestricted IP access 426.It Li closed 427all IP services disabled, except via 428.Dq Li lo0 429.It Li client 430basic protection for a workstation on a LAN 431.It Li simple 432alias for 433.Li client . 434.El 435.Pp 436If a filename is specified, the full path must be given. 437.It Va firewall_trusted_nets 438.Pq Vt str 439List of trusted networks (if 440.Va firewall_type 441is set to 442.Li client ) . 443.It Va firewall_trusted_interfaces 444.Pq Vt str 445List of trusted network interfaces (if 446.Va firewall_type 447is set to 448.Li client ) . 449.It Va firewall_allowed_icmp_types 450.Pq Vt str 451List of allowed ICMP types (if 452.Va firewall_type 453is set to 454.Li client ) . 455.It Va firewall_open_tcp_ports 456.Pq Vt str 457List of TCP ports to open (if 458.Va firewall_type 459is set to 460.Li client ) . 461.It Va firewall_open_udp_ports 462.Pq Vt str 463List of UDP ports to open (if 464.Va firewall_type 465is set to 466.Li client ) . 467.It Va ipv6_firewall_type 468.Pq Vt str 469The IPv6 equivalent of 470.Va firewall_type . 471.It Va firewall_quiet 472.Pq Vt bool 473Set to 474.Dq Li YES 475to disable the display of firewall rules on the console during boot. 476.It Va ipv6_firewall_quiet 477.Pq Vt bool 478The IPv6 equivalent of 479.Va firewall_quiet . 480.It Va firewall_logging 481.Pq Vt bool 482Set to 483.Dq Li YES 484to enable firewall event logging. 485This is equivalent to the 486.Dv IPFIREWALL_VERBOSE 487kernel option. 488.It Va ipv6_firewall_logging 489.Pq Vt bool 490The IPv6 equivalent of 491.Va firewall_logging . 492.It Va firewall_flags 493.Pq Vt str 494Flags passed to 495.Xr ipfw 8 496if 497.Va firewall_type 498specifies a filename. 499.It Va ipv6_firewall_flags 500.Pq Vt str 501The IPv6 equivalent of 502.Va firewall_flags . 503.It Va ipfw3_enable 504.Pq Vt bool 505Set to 506.Dq Li YES 507to enable 508.Xr ipfw3 8 . 509.It Va ipfw3_program 510.Pq Vt str 511Path to 512.Xr ipfw3 8 . 513.It Va ipfw3_script 514.Pq Vt str 515The full path to the shell script to run to set up the ipfw3 516firewall rules (default 517.Pa /etc/ipfw3.rules ) . 518.It Va ipfw3_modules 519.Pq Vt str 520List of ipfw3 modules to be loaded before executing the above 521.Va ipfw3_script . 522(default 523.Dq Li ipfw3 ipfw3_basic ) . 524.It Va natd_program 525.Pq Vt str 526Path to 527.Xr natd 8 . 528.It Va natd_enable 529.Pq Vt bool 530Set to 531.Dq Li YES 532to enable 533.Xr natd 8 . 534.Va firewall_enable 535must also be set to 536.Dq Li YES , 537and 538.Xr divert 4 539sockets must be enabled in the kernel. 540.It Va natd_interface 541.Pq Vt str 542This is the name of the public interface on which 543.Xr natd 8 544should run. 545The interface may be given as an interface name or as an IP address. 546.It Va natd_flags 547.Pq Vt str 548Additional 549.Xr natd 8 550flags should be placed here. 551The 552.Fl n 553or 554.Fl a 555flag is automatically added with the above 556.Va natd_interface 557as an argument. 558.It Va tcp_extensions 559.Pq Vt bool 560Set to 561.Dq Li YES 562by default. 563Setting this to 564.Dq Li NO 565disables certain TCP options as described by 566.Rs 567.%T "RFC 1323" 568.Re 569Setting this to 570.Dq Li NO 571might help remedy such problems with connections as randomly hanging 572or other weird behavior. 573Some network devices are known to be broken with respect to these options. 574.It Va log_in_vain 575.Pq Vt int 576Set to 0 by default. 577The 578.Xr sysctl 8 579variables, 580.Va net.inet.tcp.log_in_vain 581and 582.Va net.inet.udp.log_in_vain , 583as described in 584.Xr tcp 4 585and 586.Xr udp 4 , 587are set to the given value. 588.It Va tcp_keepalive 589.Pq Vt bool 590Set to 591.Dq Li YES 592by default. 593Setting to 594.Dq Li NO 595will disable probing idle TCP connections to verify that the 596peer is still up and reachable. 597.It Va tcp_drop_synfin 598.Pq Vt bool 599Set to 600.Dq Li NO 601by default. 602Setting to 603.Dq Li YES 604will cause the kernel to ignore TCP frames that have both 605the SYN and FIN flags set. 606This prevents OS fingerprinting, but may break some legitimate applications. 607This option is only available if the kernel was built with the 608.Dv TCP_DROP_SYNFIN 609option. 610.It Va icmp_drop_redirect 611.Pq Vt bool 612Set to 613.Dq Li NO 614by default. 615Setting to 616.Dq Li YES 617will cause the kernel to ignore ICMP REDIRECT packets. 618Refer to 619.Xr icmp 4 620for more information. 621.It Va icmp_log_redirect 622.Pq Vt bool 623Set to 624.Dq Li NO 625by default. 626Setting to 627.Dq Li YES 628will cause the kernel to log ICMP REDIRECT packets. 629Note that 630the log messages are not rate-limited, so this option should only be used 631for troubleshooting networks. 632Refer to 633.Xr icmp 4 634for more information. 635.It Va icmp_bmcastecho 636.Pq Vt bool 637Set to 638.Dq Li YES 639to respond to broadcast or multicast ICMP ping packets. 640Refer to 641.Xr icmp 4 642for more information. 643.It Va ip_portrange_first 644.Pq Vt int 645If not set to 646.Dq Li NO , 647this is the first port in the default portrange. 648Refer to 649.Xr ip 4 650for more information. 651.It Va ip_portrange_last 652.Pq Vt int 653If not set to 654.Dq Li NO , 655this is the last port in the default portrange. 656Refer to 657.Xr ip 4 658for more information. 659.\" 660.It Va ifconfig_ Ns Aq Ar interface 661.Pq Vt str 662Configuration for 663.Dq interface . 664Typically includes IP address. 665Assuming that the interface in question was 666.Li ed0 , 667it might look something like this: 668.Bd -literal 669ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 670.Ed 671.Pp 672If the 673.Pa /etc/start_if. Ns Aq Ar interface 674file is present, it is read and executed by the 675.Xr sh 1 676interpreter before configuring the interface as specified in the 677.Va ifconfig_ Ns Aq Ar interface 678and 679.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 680variables. 681.Pp 682It is possible to bring up an interface with DHCP by adding 683.Dq Li DHCP 684to the 685.Va ifconfig_ Ns Aq Ar interface 686variable. 687For instance, to initialize the 688.Li ed0 689device via DHCP, it is possible to use something like: 690.Bd -literal 691ifconfig_ed0="DHCP" 692.Ed 693.Pp 694If a 695.Va vlans_ Ns Aq Ar interface 696variable is set, 697a 698.Xr vlan 4 699interface will be created for each item in the list with the 700.Ar vlandev 701argument set to 702.Ar interface . 703If a vlan interface's name is a number, 704then that number is used as the vlan tag and the new vlan interface is 705named 706.Ar interface . Ns Ar tag . 707Otherwise, 708the vlan tag must be specified via a 709.Va vlan 710parameter in the 711.Va create_args_ Ns Aq Ar interface 712variable. 713.Pp 714To create a vlan device named 715.Li em0.101 716on 717.Li em0 718with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 719.Bd -literal 720vlans_em0="101" 721ifconfig_em0_101="inet 192.0.2.1/24" 722.Ed 723.Pp 724To create a vlan device named 725.Li myvlan 726on 727.Li em0 728with the vlan tag 102: 729.Bd -literal 730vlans_em0="myvlan" 731create_args_myvlan="vlan 102" 732.Ed 733.Pp 734If a 735.Va wlans_ Ns Aq Ar interface 736variable is set, 737an 738.Xr wlan 4 739interface will be created for each item in the list with the 740.Ar wlandev 741argument set to 742.Ar interface . 743Further wlan cloning arguments may be passed to the 744.Xr ifconfig 8 745.Cm create 746command by setting the 747.Va create_args_ Ns Aq Ar interface 748variable. 749One or more 750.Xr wlan 4 751devices must be created for each wireless devices as of 752.Dx 2.5 . 753Debugging flags for 754.Xr wlan 4 755devices as set by 756.Xr wlandebug 8 757may be specified with an 758.Va wlandebug_ Ns Aq Ar interface 759variable. 760The contents of this variable will be passed directly to 761.Xr wlandebug 8 . 762.Pp 763Also, if your interface needs WPA authentication, it is possible to add 764.Dq Li WPA 765to the 766.Va ifconfig_ Ns Aq Ar interface 767variable. 768This will start 769.Xr wpa_supplicant 8 . 770See 771.Xr wpa_supplicant.conf 5 772for configuring authentication information. 773.Pp 774Finally, you can add 775.Xr ifconfig 8 776options in this variable, in addition to the 777.Pa /etc/start_if. Ns Aq Ar interface 778file. 779For instance, to initialize the 780.Li wi0 781device via DHCP, using WPA authentication and 802.11b mode, it is 782possible to use something like: 783.Bd -literal 784wlans_wi0="wlan0" 785ifconfig_wlan0="up DHCP WPA mode 11b" 786.Ed 787.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 788.Pq Vt str 789Configuration to establish an additional network address for 790.Dq interface . 791Assuming that the interface in question was 792.Li ed0 , 793it might look something like this: 794.Bd -literal 795ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 796ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 797.Ed 798.Pp 799And so on. 800For each 801.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 802entry that is found, its contents are passed to 803.Xr ifconfig 8 . 804Execution stops at the first unsuccessful access, so if 805something like this is present: 806.Bd -literal 807ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 808ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 809ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 810ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 811.Ed 812.Pp 813Then note that alias4 would 814.Em not 815be added since the search would stop with the missing alias3 entry. 816.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 817.Pq Vt str 818New name for 819.Dq interface . 820It is possible to rename interface by doing: 821.Bd -literal 822ifconfig_ed0_name="net0" 823ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 824.Ed 825.It Va network_interfaces 826.Pq Vt str 827The list of network interfaces to configure on this host, 828or 829.Dq Li auto 830to configure all network interfaces 831(default 832.Dq Li auto ) . 833For example, if the only network devices to be configured are the loopback device 834.Pq Li lo0 835and a NIC using the 836.Xr ed 4 837driver, this could be set to 838.Dq Li "lo0 ed0" . 839An 840.Va ifconfig_ Ns Aq Ar interface 841variable is assumed to exist for each value of 842.Ar interface . 843.It Va ipv6_network_interfaces 844.Pq Vt str 845This is the IPv6 equivalent of 846.Va network_interfaces . 847Instead of setting the ifconfig variables as 848.Va ifconfig_ Ns Aq Ar interface 849they should be set as 850.Va ipv6_ifconfig_ Ns Aq Ar interface . 851Aliases should be set as 852.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 853Interfaces that do not have a 854.Va ipv6_ifconfig_ Ns Aq Ar interface 855setting will be auto configured by 856.Xr rtsol 8 857if the 858.Va ipv6_gateway_enable 859is set to 860.Dq Li NO . 861Note that the IPv6 networking code does not support the 862.Pa /etc/start_if. Ns Aq Ar interface 863files. 864.It Va ipv6_prefix_ Ns Aq Ar interface 865.Pq Vt str 866Assign prefix to 867.Ar interface , 868prefixlen 64 is used. 869.It Va ipv6_default_interface 870.Pq Vt str 871If not set to 872.Dq Li NO , 873this is the default output interface for scoped addresses. 874Now this works only for IPv6 link local multicast addresses. 875.It Va ip6addrctl_enable 876.Pq Vt bool 877This variable is to enable configuring the default address selection policy table 878.Pq RFC 3484 . 879The default value is 880.Dq Li YES , 881and the policy table to be installed is specified by the 882.Va ip6addrctl_policy 883variable below. 884.It Va ip6addrctl_policy 885.Pq Vt str 886This variable specifies the policy table to be installed, 887and can be one of the following keywords: 888.Dq Li ipv4_prefer , 889.Dq Li ipv6_prefer , 890or 891.Dq Li AUTO 892(default). 893.Pp 894If 895.Dq Li ipv4_prefer 896or 897.Dq Li ipv6_prefer 898is specified, 899.Xr ip6addrctl 8 900installs a pre-defined policy table described in Section 2.1 901.Pq IPv6-preferred 902or 10.3 903.Pq IPv4-preferred 904of RFC 3484. 905.Pp 906If 907.Dq Li AUTO 908is specified, it attempts to read a file 909.Pa /etc/ip6addrctl.conf 910first. 911If this file is found, 912.Xr ip6addrctl 8 913reads and installs it. 914If not found, a policy is automatically set 915according to 916.Va ipv6_enable 917variable; if the variable is set to 918.Dq Li YES 919the IPv6-preferred one is used. 920Otherwise IPv4-preferred. 921.It Va ip6addrctl_verbose 922.Pq Vt bool 923If set to 924.Dq Li YES , 925print the installed policy table after configuring. 926The default value is 927.Dq Li NO . 928.It Va cloned_interfaces 929.Pq Vt str 930Set to the list of clonable network interfaces to create on this host. 931Entries in 932.Va cloned_interfaces 933are automatically appended to 934.Va network_interfaces 935for configuration. 936.It Va gif_interfaces 937.Pq Vt str 938Set to the list of 939.Xr gif 4 940tunnel interfaces to configure on this host. 941A 942.Va gifconfig_ Ns Aq Ar interface 943variable is assumed to exist for each value of 944.Ar interface . 945The value of this variable is used to configure the link layer of the 946tunnel according to the syntax of the 947.Cm tunnel 948option to 949.Xr ifconfig 8 . 950Additionally, this option ensures that each listed interface is created via the 951.Cm create 952option to 953.Xr ifconfig 8 954before attempting to configure it. 955.It Va sppp_interfaces 956.Pq Vt str 957Set to the list of 958.Xr sppp 4 959interfaces to configure on this host. 960A 961.Va spppconfig_ Ns Aq Ar interface 962variable is assumed to exist for each value of 963.Ar interface . 964Each interface should also be configured by a general 965.Va ifconfig_ Ns Aq Ar interface 966setting. 967Refer to 968.Xr spppcontrol 8 969for more information about available options. 970.It Va ppp_enable 971.Pq Vt bool 972If set to 973.Dq Li YES , 974run the 975.Xr ppp 8 976daemon. 977.It Va ppp_mode 978.Pq Vt str 979Mode in which to run the 980.Xr ppp 8 981daemon. 982Accepted modes are 983.Dq Li auto , 984.Dq Li ddial , 985.Dq Li direct 986and 987.Dq Li dedicated . 988See the manual for a full description. 989.It Va ppp_nat 990.Pq Vt bool 991If set to 992.Dq Li YES , 993enables network address translation. 994Used in conjunction with 995.Va gateway_enable 996allows hosts on private network addresses access to the Internet using 997this host as a network address translating router. 998.It Va ppp_profile 999.Pq Vt str 1000The name of the profile to use from 1001.Pa /etc/ppp/ppp.conf . 1002Also used for per-profile overrides of 1003.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1004Where the profile contains any of the characters 1005.Dq Li .-/+ 1006they are translated to 1007.Dq Li _ 1008for the purposes of the override variable names. 1009.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1010.Pq Vt int 1011Set the unit number to be used for this profile. 1012See the manual description of 1013.Fl unit Ns Ar N 1014in 1015.Xr ppp 8 1016for details. 1017.It Va ppp_user 1018.Pq Vt str 1019The name of the user under which 1020.Xr ppp 8 1021should be started. 1022By default, 1023.Xr ppp 8 1024is started as 1025.Dq Li root . 1026.It Va rc_conf_files 1027.Pq Vt str 1028This option is used to specify a list of files that will override 1029the settings in 1030.Pa /etc/defaults/rc.conf . 1031The files will be read in the order in which they are specified and should 1032include the full path to the file. 1033By default, the files specified are 1034.Pa /etc/rc.conf 1035and 1036.Pa /etc/rc.conf.local 1037.It Va fsck_y_enable 1038.Pq Vt bool 1039If set to 1040.Dq Li YES , 1041.Xr fsck 8 1042will be run with the 1043.Fl y 1044flag if the initial preen of the file systems fails. 1045.It Va netfs_types 1046.Pq Vt str 1047List of file system types that are network-based. 1048This list should generally not be modified by end users. 1049Use 1050.Va extra_netfs_types 1051instead. 1052.It Va extra_netfs_types 1053.Pq Vt str 1054If set to something other than 1055.Dq Li NO 1056(the default), this variable extends the list of file system types 1057for which automatic mounting at startup by 1058.Xr rc 8 1059should be delayed until the network is initialized. 1060It should contain 1061a whitespace-separated list of network file system descriptor pairs, 1062each consisting of a file system type as passed to 1063.Xr mount 8 1064and a human-readable, one-word description, joined with a colon 1065.Pq Ql \&: . 1066Extending the default list in this way is only necessary 1067when third party file system types are used. 1068.It Va devfs_config_files 1069.Pq Vt str 1070This option is used to specify a list of configuration files containing 1071.Xr devfs 5 1072rules that will be applied by 1073.Xr devfsctl 8 1074in the order in which they are specified and must include the full path 1075to the file. 1076.It Va syslogd_enable 1077.Pq Vt bool 1078If set to 1079.Dq Li YES , 1080run the 1081.Xr syslogd 8 1082daemon. 1083.It Va syslogd_program 1084.Pq Vt str 1085Path to 1086.Xr syslogd 8 1087(default 1088.Pa /usr/sbin/syslogd ) . 1089.It Va syslogd_flags 1090.Pq Vt str 1091If 1092.Va syslogd_enable 1093is set to 1094.Dq Li YES , 1095these are the flags to pass to 1096.Xr syslogd 8 . 1097.It Va inetd_enable 1098.Pq Vt bool 1099If set to 1100.Dq Li YES , 1101run the 1102.Xr inetd 8 1103daemon. 1104.It Va inetd_program 1105.Pq Vt str 1106Path to 1107.Xr inetd 8 1108(default 1109.Pa /usr/sbin/inetd ) . 1110.It Va inetd_flags 1111.Pq Vt str 1112If 1113.Va inetd_enable 1114is set to 1115.Dq Li YES , 1116these are the flags to pass to 1117.Xr inetd 8 . 1118.It Va rwhod_enable 1119.Pq Vt bool 1120If set to 1121.Dq Li YES , 1122run the 1123.Xr rwhod 8 1124daemon at boot time. 1125.It Va rwhod_flags 1126.Pq Vt str 1127If 1128.Va rwhod_enable 1129is set to 1130.Dq Li YES , 1131these are the flags to pass to it. 1132.It Va update_motd 1133.Pq Vt bool 1134If set to 1135.Dq Li YES , 1136.Pa /etc/motd 1137will be updated at boot time to reflect the kernel release being run. 1138If set to 1139.Dq Li NO , 1140.Pa /etc/motd 1141will not be updated. 1142.It Va nfs_client_enable 1143.Pq Vt bool 1144If set to 1145.Dq Li YES , 1146setup NFS client parameters at boot time. 1147.It Va nfs_access_cache 1148.Pq Vt int 1149If 1150.Va nfs_client_enable 1151is set to 1152.Dq Li YES , 1153this can be set to 1154.Dq Li 0 1155to disable NFS ACCESS RPC caching, or to the number of seconds for which 1156NFS ACCESS results should be cached. 1157A value of 2-10 seconds will substantially reduce network traffic for 1158many NFS operations. 1159The default is 5 seconds. 1160Note that the attribute cache holds stat information only. 1161The NFS data cache is independent of the attribute cache and is only 1162invalidated when the client detects that the server has modified the 1163underlying file. 1164This value specifies a maximum timeout. 1165The NFS client will automatically use a shorter timeout for files which 1166have been recently modified. 1167.It Va nfs_neg_cache 1168.Pq Vt int 1169If 1170.Va nfs_client_enable 1171is set to 1172.Dq Li YES , 1173this can be set to 1174.Dq Li 0 1175to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1176filenames), or to the number of seconds for which negative lookups should 1177be cached. 1178A value of 2-10 seconds will substantially reduce network 1179traffic for many NFS operations, especially source code builds. 1180The default is 3 seconds. 1181.It Va nfs_server_enable 1182.Pq Vt bool 1183If set to 1184.Dq Li YES , 1185run the NFS server daemons at boot time. 1186.It Va nfs_server_flags 1187.Pq Vt str 1188If 1189.Va nfs_server_enable 1190is set to 1191.Dq Li YES , 1192these are the flags to pass to the 1193.Xr nfsd 8 1194daemon. 1195.It Va mountd_enable 1196.Pq Vt bool 1197If set to 1198.Dq Li YES , 1199and no 1200.Va nfs_server_enable 1201is set, start 1202.Xr mountd 8 , 1203but not 1204.Xr nfsd 8 1205daemon. 1206It is commonly needed to run CFS without real NFS used. 1207.It Va mountd_flags 1208.Pq Vt str 1209If 1210.Va mountd_enable 1211is set to 1212.Dq Li YES , 1213these are the flags to pass to the 1214.Xr mountd 8 1215daemon. 1216.It Va weak_mountd_authentication 1217.Pq Vt bool 1218If set to 1219.Dq Li YES , 1220allow services like PCNFSD to make non-privileged mount requests. 1221.It Va nfs_reserved_port_only 1222.Pq Vt bool 1223If set to 1224.Dq Li YES , 1225provide NFS services only on a secure port. 1226.It Va nfs_bufpackets 1227.Pq Vt int 1228If set to a number, indicates the number of packets worth of 1229socket buffer space to reserve on an NFS client. 1230The kernel default is typically 4. 1231Using a higher number may be useful on gigabit networks to improve performance. 1232The minimum value is 2 and the maximum is 64. 1233.It Va rpc_umntall_enable 1234.Pq Vt bool 1235If set to 1236.Dq Li YES 1237(default) and we are also an NFS client, run 1238.Xr rpc.umntall 8 1239at boot time to clear out old mounts on remote servers. 1240If set to 1241.Dq Li NO 1242then 1243.Xr rpc.umntall 8 1244will not be run at boot time. 1245.It Va rpc_lockd_enable 1246.Pq Vt bool 1247If set to 1248.Dq Li YES 1249and also an NFS server, run 1250.Xr rpc.lockd 8 1251at boot time. 1252.It Va rpc_lockd_flags 1253.Pq Vt str 1254If 1255.Va rpc_lockd_enable 1256is set to 1257.Dq Li YES , 1258these are the flags to pass to 1259.Xr rpc.lockd 8 . 1260.It Va rpc_statd_enable 1261.Pq Vt bool 1262If set to 1263.Dq Li YES 1264and also an NFS server, run 1265.Xr rpc.statd 8 1266at boot time. 1267.It Va rpc_statd_flags 1268.Pq Vt str 1269If 1270.Va rpc_statd_enable 1271is set to 1272.Dq Li YES , 1273these are the flags to pass to 1274.Xr rpc.statd 8 . 1275.It Va rpcbind_program 1276.Pq Vt str 1277Path to program for rpcbind daemon 1278(default 1279.Pa /usr/sbin/rpcbind ) . 1280.It Va rpcbind_enable 1281.Pq Vt bool 1282If set to 1283.Dq Li YES , 1284run 1285.Va rpcbind_program 1286at boot time. 1287.It Va rpcbind_flags 1288.Pq Vt str 1289If 1290.Va rpcbind_enable 1291is set to 1292.Dq Li YES , 1293these are the flags to pass to 1294.Va rpcbind_program . 1295.It Va keyserv_enable 1296.Pq Vt bool 1297If set to 1298.Dq Li YES , 1299run the 1300.Xr keyserv 8 1301daemon on boot for running Secure RPC. 1302.It Va keyserv_flags 1303.Pq Vt str 1304If 1305.Va keyserv_enable 1306is set to 1307.Dq Li YES , 1308these are the flags to pass to 1309.Xr keyserv 8 1310daemon. 1311.It Va pppoed_enable 1312.Pq Vt bool 1313If set to 1314.Dq Li YES , 1315run the 1316.Xr pppoed 8 1317daemon at boot time to provide PPP over Ethernet services. 1318.It Va pppoed_provider 1319.Pq Vt str 1320.Xr pppoed 8 1321listens to requests to this provider and ultimately runs 1322.Xr ppp 8 1323with a 1324.Ar system 1325argument of the same name. 1326.It Va pppoed_flags 1327.Pq Vt str 1328Additional flags to pass to 1329.Xr pppoed 8 . 1330.It Va pppoed_interface 1331.Pq Vt str 1332The network interface to run 1333.Xr pppoed 8 1334on. 1335This is mandatory when 1336.Va pppoed_enable 1337is set to 1338.Dq Li YES . 1339.It Va timed_enable 1340.Pq Vt bool 1341If set to 1342.Dq Li YES , 1343run the 1344.Xr timed 8 1345service at boot time. 1346This command is intended for networks of machines where a consistent 1347.Dq "network time" 1348for all hosts must be established. 1349This is often useful in large NFS environments where time stamps on 1350files are expected to be consistent network-wide. 1351.It Va timed_flags 1352.Pq Vt str 1353If 1354.Va timed_enable 1355is set to 1356.Dq Li YES , 1357these are the flags to pass to the 1358.Xr timed 8 1359service. 1360.It Va dntpd_enable 1361.Pq Vt bool 1362If set to 1363.Dq Li YES , 1364run 1365.Xr dntpd 8 1366at system boot time. 1367.It Va dntpd_program 1368.Pq Vt str 1369Path to 1370.Xr dntpd 8 1371(default 1372.Pa /usr/sbin/dntpd ) . 1373.It Va dntpd_flags 1374.Pq Vt str 1375If 1376.Va dntpd_enable 1377is set to 1378.Dq Li YES , 1379these are the flags to pass to the 1380.Xr dntpd 8 1381daemon. 1382.It Va btconfig_enable 1383.Pq Vt bool 1384If set to 1385.Dq Li YES , 1386configure Bluetooth devices via 1387.Xr btconfig 8 1388at system boot time. 1389.It Va btconfig_devices 1390.Pq Vt str 1391If 1392.Va btconfig_enable 1393is set to 1394.Dq Li YES , 1395this is the list of Bluetooth devices to configure. 1396If 1397.Va btconfig_devices 1398is not specified, all devices known to the system will be configured. 1399A 1400.Va btconfig_ Ns Aq Ar device 1401variable can be set to specify parameters to be passed to 1402.Ar device . 1403.It Va btconfig_args 1404.Pq Vt str 1405If 1406.Va btconfig_enable 1407is set to 1408.Dq Li YES , 1409this is the list of configuration parameters to pass to all Bluetooth 1410devices. 1411.It Va sdpd_enable 1412.Pq Vt bool 1413If set to 1414.Dq Li YES , 1415run the Service Discovery Profile daemon 1416.Xr ( sdpd 8 ) 1417at system boot time. 1418.It Va sdpd_flags 1419.Pq Vt str 1420If 1421.Va sdpd_enable 1422is set to 1423.Dq Li YES , 1424these are the flags to pass to the 1425.Xr sdpd 8 1426daemon. 1427.It Va bthcid_enable 1428.Pq Vt bool 1429If set to 1430.Dq Li YES , 1431run the Bluetooth Link Key/PIN Code Manager daemon 1432.Xr ( bthcid 8 ) 1433at system boot time. 1434.It Va bthcid_flags 1435.Pq Vt str 1436If 1437.Va bthcid_enable 1438is set to 1439.Dq Li YES , 1440these are the flags to pass to the 1441.Xr bthcid 8 1442daemon. 1443.It Va nis_client_enable 1444.Pq Vt bool 1445If set to 1446.Dq Li YES , 1447run the 1448.Xr ypbind 8 1449service at system boot time. 1450.It Va nis_client_flags 1451.Pq Vt str 1452If 1453.Va nis_client_enable 1454is set to 1455.Dq Li YES , 1456these are the flags to pass to the 1457.Xr ypbind 8 1458service. 1459.It Va nis_ypset_enable 1460.Pq Vt bool 1461If set to 1462.Dq Li YES , 1463run the 1464.Xr ypset 8 1465daemon at system boot time. 1466.It Va nis_ypset_flags 1467.Pq Vt str 1468If 1469.Va nis_ypset_enable 1470is set to 1471.Dq Li YES , 1472these are the flags to pass to the 1473.Xr ypset 8 1474daemon. 1475.It Va nis_server_enable 1476.Pq Vt bool 1477If set to 1478.Dq Li YES , 1479run the 1480.Xr ypserv 8 1481daemon at system boot time. 1482.It Va nis_server_flags 1483.Pq Vt str 1484If 1485.Va nis_server_enable 1486is set to 1487.Dq Li YES , 1488these are the flags to pass to the 1489.Xr ypserv 8 1490daemon. 1491.It Va nis_ypxfrd_enable 1492.Pq Vt bool 1493If set to 1494.Dq Li YES , 1495run the 1496.Xr rpc.ypxfrd 8 1497daemon at system boot time. 1498.It Va nis_ypxfrd_flags 1499.Pq Vt str 1500If 1501.Va nis_ypxfrd_enable 1502is set to 1503.Dq Li YES , 1504these are the flags to pass to the 1505.Xr rpc.ypxfrd 8 1506daemon. 1507.It Va nis_yppasswdd_enable 1508.Pq Vt bool 1509If set to 1510.Dq Li YES , 1511run the 1512.Xr rpc.yppasswdd 8 1513daemon at system boot time. 1514.It Va nis_yppasswdd_flags 1515.Pq Vt str 1516If 1517.Va nis_yppasswdd_enable 1518is set to 1519.Dq Li YES , 1520these are the flags to pass to the 1521.Xr rpc.yppasswdd 8 1522daemon. 1523.It Va rpc_ypupdated_enable 1524.Pq Vt bool 1525If set to 1526.Dq Li YES , 1527run the 1528.Nm rpc.ypupdated 1529daemon at system boot time. 1530.It Va defaultrouter 1531.Pq Vt str 1532If not set to 1533.Dq Li NO , 1534create a default route to this host name or IP address 1535(use an IP address if this router is also required to get to the 1536name server!). 1537.It Va ipv6_defaultrouter 1538.Pq Vt str 1539The IPv6 equivalent of 1540.Va defaultrouter . 1541.It Va static_routes 1542.Pq Vt str 1543Set to the list of static routes that are to be added at system boot time. 1544If not set to 1545.Dq Li NO 1546then for each whitespace separated 1547.Ar element 1548in the value, a 1549.Va route_ Ns Aq Ar element 1550variable is assumed to exist whose contents will later be passed to a 1551.Dq Nm route Cm add 1552operation. 1553.It Va change_routes 1554.Pq Vt str 1555Set to the list of static routes that are to be changed at system boot time 1556(such as those added by the kernel). 1557If not set to 1558.Dq Li NO 1559then for each whitespace separated 1560.Ar element 1561in the value, a 1562.Va change_route_ Ns Aq Ar element 1563variable is assumed to exist whose contents will later be passed to a 1564.Dq Nm route Cm change 1565operation. 1566.It Va ipv6_static_routes 1567.Pq Vt str 1568The IPv6 equivalent of 1569.Va static_routes . 1570If not set to 1571.Dq Li NO 1572then for each whitespace separated 1573.Ar element 1574in the value, a 1575.Va ipv6_route_ Ns Aq Ar element 1576variable is assumed to exist whose contents will later be passed to a 1577.Dq Nm route Cm add Fl inet6 1578operation. 1579.It Va gateway_enable 1580.Pq Vt bool 1581If set to 1582.Dq Li YES , 1583configure host to act as an IP router, e.g. to forward packets 1584between interfaces. 1585.It Va ipv6_gateway_enable 1586.Pq Vt bool 1587The IPv6 equivalent of 1588.Va gateway_enable . 1589.It Va router_enable 1590.Pq Vt bool 1591If set to 1592.Dq Li YES , 1593run a routing daemon of some sort, based on the settings of 1594.Va router_program 1595and 1596.Va router_flags . 1597.It Va ipv6_router_enable 1598.Pq Vt bool 1599The IPv6 equivalent of 1600.Va router_enable . 1601If set to 1602.Dq Li YES , 1603run a routing daemon of some sort, based on the settings of 1604.Va ipv6_router_program 1605and 1606.Va ipv6_router_flags . 1607.It Va router_program 1608.Pq Vt str 1609If 1610.Va router_enable 1611is set to 1612.Dq Li YES , 1613this is the name of the routing daemon to use 1614(default 1615.Pa /sbin/routed ) . 1616.It Va ipv6_router_program 1617.Pq Vt str 1618The IPv6 equivalent of 1619.Va router_program 1620(default 1621.Pa /sbin/route6d ) . 1622.It Va router_flags 1623.Pq Vt str 1624If 1625.Va router_enable 1626is set to 1627.Dq Li YES , 1628these are the flags to pass to the routing daemon. 1629.It Va ipv6_router_flags 1630.Pq Vt str 1631The IPv6 equivalent of 1632.Va router_flags . 1633.It Va mrouted_enable 1634.Pq Vt bool 1635If set to 1636.Dq Li YES , 1637run the multicast routing daemon, 1638.Xr mrouted 8 . 1639.It Va mroute6d_enable 1640.Pq Vt bool 1641The IPv6 equivalent of 1642.Va mrouted_enable . 1643If set to 1644.Dq Li YES , 1645run the IPv6 multicast routing daemon. 1646Note that no IPv6 multicast routing daemon is included in the 1647.Dx 1648base system but 1649.Xr pim6dd 8 1650can be installed from the 1651.Xr dports 7 1652collection 1653.Pa ( net/mcast-tools ) . 1654.It Va mrouted_flags 1655.Pq Vt str 1656If 1657.Va mrouted_enable 1658is set to 1659.Dq Li YES , 1660these are the flags to pass to the 1661.Xr mrouted 8 1662daemon. 1663.It Va mroute6d_flags 1664.Pq Vt str 1665The IPv6 equivalent of 1666.Va mrouted_flags . 1667If 1668.Va mroute6d_enable 1669is set to 1670.Dq Li YES , 1671these are the flags passed to the IPv6 multicast routing daemon. 1672.It Va mroute6d_program 1673.Pq Vt str 1674If 1675.Va mroute6d_enable 1676is set to 1677.Dq Li YES , 1678this is the path to the IPv6 multicast routing daemon. 1679.It Va rtadvd_enable 1680.Pq Vt bool 1681If set to 1682.Dq Li YES , 1683run the 1684.Xr rtadvd 8 1685daemon at boot time. 1686.Xr rtadvd 8 1687will only run if 1688.Va ipv6_gateway_enable 1689is also set to 1690.Dq Li YES . 1691The 1692.Xr rtadvd 8 1693utility sends router advertisement packets to the interfaces specified in 1694.Va rtadvd_interfaces . 1695.Xr rtadvd 8 1696and should only be enabled with great care. 1697You may want to fine-tune 1698.Xr rtadvd.conf 5 . 1699.It Va rtadvd_interfaces 1700.Pq Vt str 1701If 1702.Va rtadvd_enable 1703is set to 1704.Dq Li YES 1705this is the list of interfaces to use. 1706.It Va rtsold_enable 1707.Pq Vt bool 1708If set to 1709.Dq Li YES , 1710run the 1711.Xr rtsold 8 1712daemon at boot time. 1713The 1714.Xr rtsold 8 1715daemon is used for automatic discovery of non-link local addresses. 1716.It Va rtsold_flags 1717.Pq Vt str 1718If 1719.Va rtsold_enable 1720is set to 1721.Dq Li YES , 1722these are the flags to pass to the 1723.Xr rtsold 8 1724daemon. 1725.It Va arpproxy_all 1726.Pq Vt bool 1727If set to 1728.Dq Li YES , 1729enable global proxy ARP. 1730.It Va forward_sourceroute 1731.Pq Vt bool 1732If set to 1733.Dq Li YES 1734and 1735.Va gateway_enable 1736is also set to 1737.Dq Li YES , 1738source-routed packets are forwarded. 1739.It Va accept_sourceroute 1740.Pq Vt bool 1741If set to 1742.Dq Li YES , 1743the system will accept source-routed packets directed at it. 1744.It Va rarpd_enable 1745.Pq Vt bool 1746If set to 1747.Dq Li YES , 1748run the 1749.Xr rarpd 8 1750daemon at system boot time. 1751.It Va rarpd_flags 1752.Pq Vt str 1753If 1754.Va rarpd_enable 1755is set to 1756.Dq Li YES , 1757these are the flags to pass to the 1758.Xr rarpd 8 1759daemon. 1760.It Va bootparamd_enable 1761.Pq Vt bool 1762If set to 1763.Dq Li YES , 1764run the 1765.Xr bootparamd 8 1766daemon at system boot time. 1767.It Va bootparamd_flags 1768.Pq Vt str 1769If 1770.Va bootparamd_enable 1771is set to 1772.Dq Li YES , 1773these are the flags to pass to the 1774.Xr bootparamd 8 1775daemon. 1776.It Va stf_interface_ipv4addr 1777.Pq Vt str 1778If not set to 1779.Dq Li NO , 1780this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1781Specify this entry to enable the 6to4 interface. 1782.It Va stf_interface_ipv4plen 1783.Pq Vt int 1784Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1785An effective value is 0-31. 1786.It Va stf_interface_ipv6_ifid 1787.Pq Vt str 1788IPv6 interface ID for 1789.Xr stf 4 . 1790This can be set to 1791.Dq Li AUTO . 1792.It Va stf_interface_ipv6_slaid 1793.Pq Vt str 1794IPv6 Site Level Aggregator for 1795.Xr stf 4 . 1796.It Va keybell 1797.Pq Vt str 1798The keyboard bell sound. 1799Set to 1800.Dq Li normal , 1801.Dq Li visual , 1802.Dq Li off , 1803or 1804.Dq Li NO 1805if the default behavior is desired. 1806For details, refer to the 1807.Xr kbdcontrol 1 1808manpage. 1809.It Va keymap 1810.Pq Vt str 1811If set to 1812.Dq Li NO , 1813no keymap is installed, otherwise the value is used to install 1814the keymap file in 1815.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1816.It Va keyrate 1817.Pq Vt str 1818The keyboard repeat speed. 1819Set to 1820.Dq Li slow , 1821.Dq Li normal , 1822.Dq Li fast , 1823or 1824.Dq Li NO 1825if the default behavior is desired. 1826.It Va keychange 1827.Pq Vt str 1828If not set to 1829.Dq Li NO , 1830attempt to program the function keys with the value. 1831The value should be a single string of the form: 1832.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1833.It Va cursor 1834.Pq Vt str 1835Can be set to the value of 1836.Dq Li normal , 1837.Dq Li blink , 1838.Dq Li destructive , 1839or 1840.Dq Li NO 1841to set the cursor behavior explicitly or choose the default behavior. 1842.It Va scrnmap 1843.Pq Vt str 1844If set to 1845.Dq Li NO , 1846no screen map is installed, otherwise the value is used to install 1847the screen map file in 1848.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1849.It Va font8x16 1850.Pq Vt str 1851If set to 1852.Dq Li NO , 1853the default 8x16 font value is used for screen size requests, otherwise 1854the value in 1855.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1856is used. 1857.It Va font8x14 1858.Pq Vt str 1859If set to 1860.Dq Li NO , 1861the default 8x14 font value is used for screen size requests, otherwise 1862the value in 1863.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1864is used. 1865.It Va font8x8 1866.Pq Vt str 1867If set to 1868.Dq Li NO , 1869the default 8x8 font value is used for screen size requests, otherwise 1870the value in 1871.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1872is used. 1873.It Va blanktime 1874.Pq Vt int 1875If set to 1876.Dq Li NO , 1877the default screen blanking interval is used, otherwise it is set to 1878.Ar value 1879seconds. 1880.It Va saver 1881.Pq Vt str 1882If not set to 1883.Dq Li NO , 1884this is the actual screen saver to use 1885.Li ( blank , snake , daemon , 1886etc). 1887.It Va moused_nondefault_enable 1888.Pq Vt str 1889If set to 1890.Dq Li NO , 1891the mouse device specified on 1892the command line is not automatically treated as enabled by the 1893.Pa /etc/rc.d/moused 1894script. 1895Having this variable set to 1896.Dq Li YES 1897allows a 1898.Xr usb 4 1899mouse, 1900for example, 1901to be enabled as soon as it is plugged in. 1902.It Va moused_enable 1903.Pq Vt str 1904If set to 1905.Dq Li YES , 1906the 1907.Xr moused 8 1908daemon is started for doing cut/paste selection on the console. 1909.It Va moused_type 1910.Pq Vt str 1911If 1912.Va moused_enable 1913is set to 1914.Dq Li YES , 1915this is the protocol type of the mouse connected to this host. 1916The default type is 1917.Dq Li auto . 1918The 1919.Xr moused 8 1920daemon 1921is able to detect the appropriate mouse type automatically in many cases. 1922Leave this variable at the default 1923.Dq Li auto 1924to let the daemon detect it, or 1925select one from the following list if the automatic detection fails. 1926.Pp 1927If the mouse is attached to the PS/2 mouse port, leave the variable at the 1928default 1929.Dq Li auto 1930or set it to 1931.Dq Li ps/2 , 1932regardless of the brand and model of the mouse. 1933Likewise, if the mouse is attached to the bus mouse port, leave it at 1934.Dq Li auto 1935or set it to 1936.Dq Li busmouse . 1937All other protocols are for serial mice and will not work with 1938the PS/2 and bus mice. 1939If this is a USB mouse, 1940.Dq Li auto 1941is the only protocol type which will work. 1942.Pp 1943.Bl -tag -width ".Li x10mouseremote" -compact 1944.It Li microsoft 1945Microsoft mouse (serial) 1946.It Li intellimouse 1947Microsoft IntelliMouse (serial) 1948.It Li mousesystems 1949Mouse systems Corp. mouse (serial) 1950.It Li mmseries 1951MM Series mouse (serial) 1952.It Li logitech 1953Logitech mouse (serial) 1954.It Li busmouse 1955A bus mouse 1956.It Li mouseman 1957Logitech MouseMan and TrackMan (serial) 1958.It Li glidepoint 1959ALPS GlidePoint (serial) 1960.It Li thinkingmouse 1961Kensington ThinkingMouse (serial) 1962.It Li ps/2 1963PS/2 mouse 1964.It Li mmhittab 1965MM HitTablet (serial) 1966.It Li x10mouseremote 1967X10 MouseRemote (serial) 1968.It Li versapad 1969Interlink VersaPad (serial) 1970.El 1971.Pp 1972Even if the mouse is not in the above list, it may be compatible 1973with one in the list. 1974Refer to the man page for 1975.Xr moused 8 1976for compatibility information. 1977.Pp 1978It should also be noted that while this is enabled, any 1979other client of the mouse (such as an X server) should access 1980the mouse through the virtual mouse device, 1981.Pa /dev/sysmouse , 1982and configure it as a 1983.Dq Li sysmouse 1984type mouse, since all 1985mouse data is converted to this single canonical format when using 1986.Xr moused 8 . 1987If the client program does not support the 1988.Dq Li sysmouse 1989type, specify the 1990.Dq Li mousesystems 1991type. 1992It is the second preferred type. 1993.It Va moused_port 1994.Pq Vt str 1995If 1996.Va moused_enable 1997is set to 1998.Dq Li YES , 1999this is the actual port the mouse is on. 2000It might be 2001.Pa /dev/cuaa0 2002for a COM1 serial mouse or 2003.Pa /dev/psm0 2004for a PS/2 mouse, for example. 2005.It Va moused_flags 2006.Pq Vt str 2007If 2008.Va moused_type 2009is set, these are the additional flags to pass to the 2010.Xr moused 8 2011daemon. 2012.It Va mousechar_start 2013.Pq Vt int 2014If set to 2015.Dq Li NO , 2016the default mouse cursor character range 2017.Li 0xd0 Ns - Ns Li 0xd3 2018is used, otherwise the range start is set to 2019.Ar value 2020character, see 2021.Xr vidcontrol 1 . 2022Use if the default range is occupied in the language code table. 2023.It Va vidhistory 2024.Pq Vt int 2025Set the size of the history (scrollback) buffer in lines. 2026.It Va allscreens_flags 2027.Pq Vt str 2028If set, 2029.Xr vidcontrol 1 2030is run with these options for each of the virtual terminals 2031.Pq Pa /dev/ttyv* . 2032For example, 2033.Dq Fl m Cm on 2034will enable the mouse pointer on all virtual terminals if 2035.Va moused_enable 2036is set to 2037.Dq Li YES . 2038.It Va allscreens_kbdflags 2039.Pq Vt str 2040If set, 2041.Xr kbdcontrol 1 2042is run with these options for each of the virtual terminals 2043.Pq Pa /dev/ttyv* . 2044For example, 2045.Dq Fl h Li 200 2046will set the 2047.Xr syscons 4 2048scrollback (history) buffer to 200 lines. 2049.It Va cron_enable 2050.Pq Vt bool 2051If set to 2052.Dq Li YES , 2053run the 2054.Xr cron 8 2055daemon at system boot time. 2056.It Va cron_program 2057.Pq Vt str 2058Path to 2059.Xr cron 8 2060(default 2061.Pa /usr/sbin/cron ) . 2062.It Va cron_flags 2063.Pq Vt str 2064If 2065.Va cron_enable 2066is set to 2067.Dq Li YES , 2068these are the flags to pass to 2069.Xr cron 8 . 2070.It Va lpd_program 2071.Pq Vt str 2072Path to 2073.Xr lpd 8 2074(default 2075.Pa /usr/sbin/lpd ) . 2076.It Va lpd_enable 2077.Pq Vt bool 2078If set to 2079.Dq Li YES , 2080run the 2081.Xr lpd 8 2082daemon at system boot time. 2083.It Va lpd_flags 2084.Pq Vt str 2085If 2086.Va lpd_enable 2087is set to 2088.Dq Li YES , 2089these are the flags to pass to the 2090.Xr lpd 8 2091daemon. 2092.It Va nscd_enable 2093.Pq Vt bool 2094If set to 2095.Dq Li YES , 2096run the 2097.Xr nscd 8 2098daemon at system boot time. 2099.It Va mixer_enable 2100.Pq Vt bool 2101If set to 2102.Dq Li YES , 2103preserve 2104.Xr mixer 8 2105settings across reboots. 2106.It Va mta_start_script 2107.Pq Vt str 2108The full path to the script to run to start 2109a mail transfer agent. 2110The default is 2111.Pa /etc/rc.sendmail . 2112The 2113.Va sendmail_* 2114variables which 2115.Pa /etc/rc.sendmail 2116uses are documented in the 2117.Xr rc.sendmail 8 2118man page. 2119.It Va fixbootfile 2120.Pq Vt bool 2121In a 2122.Sq HAMMER ROOT with UFS /boot 2123setup, the boot loader will not set up the 2124.Va kern.bootfile 2125sysctl correctly. 2126The system will attempt to fix this on its own. 2127Set this variable to 2128.Dq Li NO 2129to turn this behavior off. 2130.It Va dumpdev 2131.Pq Vt str 2132Indicates the device (usually a swap partition) to which a crash dump 2133should be written in the event of a system crash. 2134The value of this variable is passed as the argument to 2135.Xr dumpon 8 2136and 2137.Xr savecore 8 . 2138To disable crash dumps, set this variable to 2139.Dq Li NO . 2140.It Va dumpdir 2141.Pq Vt str 2142When the system reboots after a crash and a crash dump is found on the 2143device specified by the 2144.Va dumpdev 2145variable, 2146.Xr savecore 8 2147will save that crash dump and a copy of the kernel to the directory 2148specified by the 2149.Va dumpdir 2150variable. 2151The default value is 2152.Pa /var/crash . 2153Set to 2154.Dq Li NO 2155to not run 2156.Xr savecore 8 2157at boot time when 2158.Va dumpdir 2159is set. 2160.It Va savecore_flags 2161.Pq Vt str 2162If crash dumps are enabled, these are the flags to pass to the 2163.Xr savecore 8 2164utility. 2165.It Va crashinfo_enable 2166.Pq Vt bool 2167Set to 2168.Dq Li YES 2169to turn on automatic crash dump summary generation using the utility 2170specified by the 2171.Va crashinfo_program 2172variable. 2173.It Va crashinfo_program 2174.Pq Vt str 2175Program to run to generate a crash dump summary if the variable 2176.Va crashinfo_enable 2177is set to 2178.Dq Li YES . 2179The default value is 2180.Pa /usr/sbin/crashinfo . 2181.It Va enable_quotas 2182.Pq Vt bool 2183Set to 2184.Dq Li YES 2185to turn on user disk quotas on system startup via the 2186.Xr quotaon 8 2187command. 2188.It Va check_quotas 2189.Pq Vt bool 2190Set to 2191.Dq Li YES 2192to enable user disk quota checking via the 2193.Xr quotacheck 8 2194command. 2195.It Va accounting_enable 2196.Pq Vt bool 2197Set to 2198.Dq Li YES 2199to enable system accounting through the 2200.Xr accton 8 2201facility. 2202.\" ----- cleanvar_enable setting-------------------------------- 2203.It Va cleanvar_enable 2204.Pq Vt bool 2205Set to 2206.Dq Li YES 2207to have 2208.Pa /var/run , 2209.Pa /var/spool/lock 2210and 2211.Pa /var/spool/uucp/.Temp/* 2212cleaned at startup. 2213.\" ----- clear_tmp_enable setting------------------------------- 2214.It Va clear_tmp_enable 2215.Pq Vt bool 2216Set to 2217.Dq Li YES 2218to have 2219.Pa /tmp 2220cleaned at startup. 2221.\" ----- ldconfig_paths setting -------------------------------- 2222.It Va ldconfig_paths 2223.Pq Vt str 2224Set to the list of shared library paths to use with 2225.Xr ldconfig 8 . 2226NOTE: 2227.Pa /usr/lib 2228will always be added first, so it need not appear in this list. 2229.It Va ldconfig_insecure 2230.Pq Vt bool 2231The 2232.Xr ldconfig 8 2233utility normally refuses to use directories 2234which are writable by anyone except root. 2235Set this variable to 2236.Dq Li YES 2237to disable that security check during system startup. 2238.It Va ldconfig_local_dirs 2239.Pq Vt str 2240Set to the list of local 2241.Xr ldconfig 8 2242directories. 2243The names of all files in the directories listed will be 2244passed as arguments to 2245.Xr ldconfig 8 . 2246.It Va kern_securelevel 2247.Pq Vt int 2248The kernel security level to set at startup. 2249The allowed range of 2250.Ar value 2251ranges from \-1 (the compile time default) to 3 (the most secure). 2252See 2253.Xr init 8 2254for the list of possible security levels and their effect on system operation. 2255.It Va start_vinum 2256.Pq Vt bool 2257Set to 2258.Dq Li YES 2259to start 2260.Xr vinum 8 2261at system boot time. 2262.It Va sshd_enable 2263.Pq Vt bool 2264Set to 2265.Dq Li YES 2266to start 2267.Xr sshd 8 2268at system boot time. 2269.It Va sshd_program 2270.Pq Vt str 2271Path to the SSH server program 2272(default 2273.Pa /usr/sbin/sshd ) . 2274.It Va sshd_flags 2275.Pq Vt str 2276If 2277.Va sshd_enable 2278is set to 2279.Dq Li YES , 2280these are the flags to pass to the 2281.Xr sshd 8 2282daemon. 2283.It Va ftpd_enable 2284.Pq Vt bool 2285Set to 2286.Dq Li YES 2287to start 2288.Xr ftpd 8 2289at system boot time. 2290.It Va ftpd_flags 2291.Pq Vt str 2292If 2293.Va ftpd_enable 2294is set to 2295.Dq Li YES , 2296these are the flags to pass to the 2297.Xr ftpd 8 2298daemon. 2299.It Va watchdogd_enable 2300.Pq Vt bool 2301If set to 2302.Dq Li YES , 2303start the 2304.Xr watchdogd 8 2305daemon at boot time. 2306.It Va jail_enable 2307.Pq Vt bool 2308If set to 2309.Dq Li NO , 2310any configured jails will not be started. 2311.It Va jail_list 2312.Pq Vt str 2313A space separated list of names for jails. 2314This is purely a configuration aid to help identify and 2315configure multiple jails. 2316The names specified in this list will be used to 2317identify settings common to an instance of a jail. 2318Assuming that the jail in question was named 2319.Li vjail , 2320you would have the following dependent variables: 2321.Bd -literal 2322jail_vjail_hostname="jail.example.com" 2323jail_vjail_ip="192.168.1.100" 2324jail_vjail_rootdir="/var/jails/vjail/root" 2325.Ed 2326.It Va jail_flags 2327.Pq Vt str 2328Unset by default. 2329When set, use as default value for 2330.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2331for every jail in 2332.Va jail_list . 2333.It Va jail_interface 2334.Pq Vt str 2335Unset by default. 2336When set, use as default value for 2337.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2338for every jail in 2339.Va jail_list . 2340.It Va jail_fstab 2341.Pq Vt str 2342Unset by default. 2343When set, use as default value for 2344.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2345for every jail in 2346.Va jail_list . 2347.It Va jail_mount_enable 2348.Pq Vt bool 2349Set to 2350.Dq Li NO 2351by default. 2352When set to 2353.Dq Li YES , 2354sets 2355.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2356to 2357.Dq Li YES 2358by default for every jail in 2359.Va jail_list . 2360.It Va jail_procfs_enable 2361.Pq Vt bool 2362Set to 2363.Dq Li NO 2364by default. 2365When set to 2366.Dq Li YES , 2367sets 2368.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2369to 2370.Dq Li YES 2371by default for every jail in 2372.Va jail_list . 2373.It Va jail_devfs_enable 2374.Pq Vt bool 2375Set to 2376.Dq Li NO 2377by default. 2378When set to 2379.Dq Li YES , 2380sets 2381.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2382to 2383.Dq Li YES 2384by default for every jail in 2385.Va jail_list . 2386.It Va jail_exec_start 2387.Pq Vt str 2388Unset by default. 2389When set, use as default value for 2390.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2391for every jail in 2392.Va jail_list . 2393.It Va jail_exec_stop 2394Unset by default. 2395When set, use as default value for 2396.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2397for every jail in 2398.Va jail_list . 2399.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2400.Pq Vt str 2401Unset by default. 2402Set to the root directory used by jail 2403.Va jname . 2404.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2405.Pq Vt str 2406Unset by default. 2407Set to the fully qualified domain name (FQDN) assigned to jail 2408.Va jname . 2409.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2410.Pq Vt str 2411Unset by default. 2412Set to the IP address assigned to jail 2413.Va jname . 2414.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2415.Pq Vt str 2416Set to 2417.Dq Li -l -U root 2418by default. 2419These are flags to pass to 2420.Xr jail 8 . 2421.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2422.Pq Vt str 2423Unset by default. 2424When set, sets the interface to use when setting IP address alias. 2425Note that the alias is created at jail startup and removed at jail shutdown. 2426.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2427.Pq Vt str 2428Set to 2429.Pa /etc/fstab. Ns Aq Ar jname 2430by default. 2431This is the file system information file to use for jail 2432.Va jname . 2433.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2434.Pq Vt bool 2435Set to 2436.Dq Li NO 2437by default. 2438When set to 2439.Dq Li YES , 2440mount all file systems from 2441.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2442at jail startup. 2443.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2444.Pq Vt bool 2445Set to 2446.Dq Li NO 2447by default. 2448When set to 2449.Dq Li YES , 2450mount the process file system inside jail 2451.Ar jname 2452at jail startup. 2453.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2454.Pq Vt bool 2455Set to 2456.Dq Li NO 2457by default. 2458When set to 2459.Dq Li YES , 2460mount the device file system inside jail 2461.Ar jname 2462at jail startup. 2463.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2464.Pq Vt str 2465Set to 2466.Dq Li /bin/sh /etc/rc 2467by default. 2468This is the command executed at jail startup. 2469.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2470.Pq Vt str 2471Set to 2472.Dq Li /bin/sh /etc/rc.shutdown 2473by default. 2474This is the command executed at jail shutdown. 2475.It Va jail_set_hostname_allow 2476.Pq Vt bool 2477If set to 2478.Dq Li NO , 2479do not allow the root user in a jail to set its hostname. 2480.It Va jail_socket_unixiproute_only 2481.Pq Vt bool 2482If set to 2483.Dq Li YES , 2484do not allow any sockets, 2485besides UNIX/IP/route sockets, 2486to be used within a jail. 2487.It Va jail_sysvipc_allow 2488.Pq Vt bool 2489If set to 2490.Dq Li YES , 2491allow applications within a jail to use System V IPC. 2492.It Va lvm_enable 2493.Pq Vt bool 2494If set to 2495.Dq Li YES 2496LVM volumes will be discovered and configured on boot. 2497.It Va newsyslog_enable 2498.Pq Vt bool 2499If set to 2500.Dq Li YES , 2501run 2502.Xr newsyslog 8 2503before syslogd starts. 2504.It Va newsyslog_flags 2505.Pq Vt str 2506If 2507.Va newsyslog_enable 2508is set to 2509.Dq Li YES , 2510these are the flags passed to 2511.Xr newsyslog 8 . 2512.It Va resident_enable 2513.Pq Vt bool 2514If set to 2515.Dq Li YES , 2516make the dynamic binaries listed in 2517.Pa /etc/resident.conf 2518resident. 2519.It Va varsym_enable 2520.Pq Vt bool 2521If set to 2522.Dq Li YES , 2523process 2524.Pa /etc/varsym.conf 2525to set system-wide variables for variant symlinks. 2526.It Va rand_irqs 2527.Pq Vt str 2528Set either to 2529.Dq Li NO 2530or a whitespace separated list of IRQ numbers which will be used as a source of 2531randomness. 2532.\" ----------------------------------------------------- 2533.It Va entropy_dir 2534.Pq Vt str 2535Set to 2536.Dq Li NO 2537to disable caching entropy via 2538.Xr cron 8 . 2539Otherwise set to the directory used to store entropy files in. 2540.It Va entropy_file 2541.Pq Vt str 2542Set to 2543.Dq Li NO 2544to disable caching entropy through reboots. 2545Otherwise set to the filename used to store cached entropy through reboots. 2546This file should be located on the root file system to seed the 2547.Xr random 4 2548device as early as possible in the boot process. 2549.It Va entropy_save_sz 2550.Pq Vt int 2551Determines the size of the entropy cache files used for entropy cached 2552through reboots and also entropy cached via 2553.Xr cron 8 . 2554The entropy is fed to the system in blocks of 512 bytes, so this number 2555should be large enough to fill as many of the entropy pools in the kernel 2556CSPRNG as possible. 2557By default, it is set to 16384, which should be able to seed all 32 entropy 2558pools in the Fortuna CSPRNG. 2559.It Va dmesg_enable 2560.Pq Vt bool 2561Set to 2562.Dq Li YES 2563to save 2564.Xr dmesg 8 2565to 2566.Pa /var/run/dmesg.boot 2567on boot. 2568.It Va rcshutdown_timeout 2569.Pq Vt int 2570If set, start a watchdog timer in the background which will terminate 2571.Pa rc.shutdown 2572if 2573.Xr shutdown 8 2574has not completed within the specified time (in seconds). 2575Notice that in addition to this soft timeout, 2576.Xr init 8 2577also applies a hard timeout for the execution of 2578.Pa rc.shutdown . 2579This is configured via 2580.Xr sysctl 8 2581variable 2582.Va kern.init_shutdown_timeout 2583and defaults to 120 seconds. Setting the value of 2584.Va rcshutdown_timeout 2585to more than 120 seconds will have no effect until the 2586.Xr sysctl 8 2587variable 2588.Va kern.init_shutdown_timeout 2589is also increased. 2590.It Va udevd_enable 2591.Pq Vt bool 2592If set to 2593.Dq Li YES , 2594the udevd daemon will be started on boot. 2595.It Va vfs_quota_enable 2596.Pq Vt bool 2597If set to 2598.Dq Li YES , 2599vfs quota rc.d scripts will be run on boot. 2600.It Va vfs_quota_sync 2601.Pq Vt str 2602List of mount points whose counters are to be synchronized with on-disk 2603usage during system startup. 2604See also 2605.Xr vquota 8 . 2606.It Va vknetd_enable 2607.Pq Vt bool 2608If set to 2609.Dq Li YES , 2610.Xr vknetd 8 2611will be started on boot. 2612.It Va vknetd_flags 2613.Pq Vt bool 2614Additional flags passed to 2615.Xr vknetd 8 . 2616Usually address/cidrbits is specified here. 2617When no flags are passed, default option 2618.Fl U 2619will be used. 2620.It Va vkernel_enable 2621.Pq Vt bool 2622If set to 2623.Dq Li NO , 2624any configured vkernels will not be started. 2625.It Va vkernel_kill_timeout 2626.Pq Vt int 2627This defines the default number of seconds that we will wait for the 2628vkernel to shut down on its own. 2629If after this time it's still alive, 2630it will be killed with SIGKILL. 2631.It Va vkernel_bin 2632.Pq Vt str 2633Defines the default path to the vkernel binary. 2634.It Va vkernel_list 2635.Pq Vt str 2636A space separated list of names for vkernels. 2637This is purely a configuration aid to help identify and 2638configure multiple vkernels. 2639The names specified in this list will be used to 2640identify settings common to a vkernel instance. 2641Assuming that the vkernel in question was named 2642.Li example , 2643you would have the following dependent variables 2644(filled with reference values in this text): 2645.Bd -literal 2646vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2647vkernel_example_memsize="64m" 2648vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2649vkernel_example_memimg="/var/vkernel/memimg.000001" 2650vkernel_example_user="myuser" 2651vkernel_example_iface_list="auto:bridge0" 2652vkernel_example_logfile="/dev/null" 2653vkernel_example_flags="-U" 2654vkernel_example_kill_timeout="45" 2655.Ed 2656.Pp 2657The last six are optional. 2658They default to an empty string if not set, except for logfile which defaults to 2659.Pa /dev/null 2660if it is not set. 2661.Pp 2662Note that in case 2663.Va vkernel_memimg 2664is not set, the 2665.Pa rc.d 2666script will create 2667.Pa /var/vkernel , 2668which is the vkernel's default directory for memory images, 2669with permissions of 1777, i.e. world writable with the sticky bit set 2670(see 2671.Xr sticky 8 ) . 2672.It Va autofs_enable 2673.Pq Vt bool 2674If set to 2675.Dq Li YES , 2676start the 2677.Xr automount 8 2678utility and the 2679.Xr automountd 8 2680and 2681.Xr autounmountd 8 2682daemons at boot time. 2683.It Va automount_flags 2684.Pq Vt str 2685If 2686.Va autofs_enable 2687is set to 2688.Dq Li YES , 2689these are the flags to pass to the 2690.Xr automount 8 2691program. 2692By default no flags are passed. 2693.It Va automountd_flags 2694.Pq Vt str 2695If 2696.Va autofs_enable 2697is set to 2698.Dq Li YES , 2699these are the flags to pass to the 2700.Xr automountd 8 2701daemon. 2702By default no flags are passed. 2703.It Va autounmountd_flags 2704.Pq Vt str 2705If 2706.Va autofs_enable 2707is set to 2708.Dq Li YES , 2709these are the flags to pass to the 2710.Xr autounmountd 8 2711daemon. 2712By default no flags are passed. 2713.El 2714.Sh FILES 2715.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2716.It Pa /etc/defaults/rc.conf 2717.It Pa /etc/rc.conf 2718.It Pa /etc/rc.conf.local 2719.It Pa /etc/start_if. Ns Aq Ar interface 2720.El 2721.Sh SEE ALSO 2722.Xr catman 1 , 2723.Xr gdb 1 , 2724.Xr info 1 , 2725.Xr kbdcontrol 1 , 2726.Xr varsym 1 , 2727.Xr vidcontrol 1 , 2728.Xr ip 4 , 2729.Xr ipfw 4 , 2730.Xr kld 4 , 2731.Xr pf 4 , 2732.Xr tcp 4 , 2733.Xr udp 4 , 2734.Xr vlan 4 , 2735.Xr autofs 5 , 2736.Xr auto_master 5 , 2737.Xr exports 5 , 2738.Xr motd 5 , 2739.Xr resident.conf 5 , 2740.Xr varsym.conf 5 , 2741.Xr accton 8 , 2742.Xr automount 8 , 2743.Xr automountd 8 , 2744.Xr autounmountd 8 , 2745.Xr btconfig 8 , 2746.Xr bthcid 8 , 2747.Xr cron 8 , 2748.Xr devd 8 , 2749.Xr dhclient 8 , 2750.Xr dhcpcd 8 , 2751.Xr dntpd 8 , 2752.Xr ftpd 8 , 2753.Xr ifconfig 8 , 2754.Xr inetd 8 , 2755.Xr ip6addrctl 8 , 2756.Xr jail 8 , 2757.Xr lpd 8 , 2758.Xr makewhatis 8 , 2759.Xr mixer 8 , 2760.Xr mountd 8 , 2761.Xr moused 8 , 2762.Xr mrouted 8 , 2763.Xr nfsd 8 , 2764.Xr pcnfsd 8 , 2765.Xr pfctl 8 , 2766.Xr pflogd 8 , 2767.Xr quotacheck 8 , 2768.Xr quotaon 8 , 2769.Xr rc 8 , 2770.Xr rc.sendmail 8 , 2771.Xr resident 8 , 2772.Xr rndcontrol 8 , 2773.Xr route 8 , 2774.Xr routed 8 , 2775.Xr rpcbind 8 , 2776.Xr rpc.lockd 8 , 2777.Xr rpc.statd 8 , 2778.Xr rtadvd 8 , 2779.Xr rtsold 8 , 2780.Xr rwhod 8 , 2781.Xr savecore 8 , 2782.Xr sdpd 8 , 2783.Xr sensorsd 8 , 2784.Xr sshd 8 , 2785.Xr swapon 8 , 2786.Xr sysctl 8 , 2787.Xr syslogd 8 , 2788.Xr sysvipcd 8 , 2789.Xr timed 8 , 2790.Xr vinum 8 , 2791.Xr yp 8 , 2792.Xr ypbind 8 , 2793.Xr ypserv 8 , 2794.Xr ypset 8 2795.Sh HISTORY 2796The 2797.Nm 2798file appeared in 2799.Fx 2.2.2 . 2800.Sh AUTHORS 2801.An Jordan K. Hubbard . 2802