1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd May 30, 2021 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_debug 107.Pq Vt bool 108If set to 109.Dq Li YES , 110enable output of debug messages from rc scripts. 111This variable can be helpful in diagnosing mistakes when 112editing or integrating new scripts. 113Beware that this produces copious output to the terminal and 114.Xr syslog 3 . 115.It Va rc_info 116.Pq Vt bool 117If set to 118.Dq Li NO , 119disable informational messages from the rc scripts. 120Informational messages are displayed when 121a condition that is not serious enough to warrant a warning or an error occurs. 122.It Va rc_startmsgs 123.Pq Vt bool 124If set to 125.Dq Li YES , 126show 127.Dq Starting foo: 128when faststart is used (e.g., at boot time). 129.It Va swapfile 130.Pq Vt str 131If set to 132.Dq Li NO , 133no swapfile is installed, otherwise the value is used as the full 134pathname to a file to use for additional swap space. 135The 136.Xr vn 4 137driver is needed for a swapfile and will be loaded if it is not 138already compiled into the kernel or loaded via 139.Xr loader.conf 5 . 140.It Ao Ar module Ac Ns Ar _load 141.Pq Vt bool 142If set to 143.Dq YES , 144that kernel module will be loaded. 145If no 146.Ao Ar module Ac Ns Ar _name 147is defined (see below), the 148module's name is taken to be 149.Aq Ar module . 150.It Ao Ar module Ac Ns Ar _name 151.Pq Vt str 152Defines the name of the module. 153.It Va devd_enable 154.Pq Vt bool 155Run 156.Xr devd 8 157to handle device added, removed or unknown events from the kernel. 158.It Va devd_flags 159.Pq Vt str 160If 161.Va devd_enable 162is set to 163.Dq Li YES , 164these are the flags to pass to the 165.Xr devd 8 166daemon. 167.It Va powerd_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Setting this to 173.Dq Li YES 174enables 175.Xr powerd 8 , 176a CPU speed control daemon. 177.It Va powerd_flags 178.Pq Vt str 179Empty by default. 180Additional flags passed to the 181.Xr powerd 8 182program. 183.Pp 184If you are running a serial port at 115200 baud we recommend setting 185the flags to "-l 1500" as lower frequencies will cause characters to 186drop. 187.It Va sensorsd_enable 188.Pq Vt bool 189Set to 190.Dq Li NO 191by default. 192Setting this to 193.Dq Li YES 194enables 195.Xr sensorsd 8 , 196a sensors monitoring and logging daemon. 197.It Va sensorsd_flags 198.Pq Vt str 199Empty by default. 200Additional flags passed to the 201.Xr sensorsd 8 202program. 203.It Va sysvipcd_enable 204.Pq Vt bool 205Set to 206.Dq Li NO 207by default. 208Setting this to 209.Dq Li YES 210enables 211.Xr sysvipcd 8 , 212a daemon needed for the userspace implementation of the XSI Interprocess 213Communication functions. 214.It Va sysvipcd_flags 215.Pq Vt str 216Empty by default. 217Additional flags passed to the 218.Xr sysvipcd 8 219program. 220.It Va hotplugd_enable 221.Pq Vt bool 222Set to 223.Dq Li NO 224by default. 225Setting this to 226.Dq Li YES 227enables 228.Xr hotplugd 8 , 229a devices hot plugging monitoring daemon. 230.It Va hotplugd_flags 231.Pq Vt str 232Empty by default. 233Additional flags passed to the 234.Xr hotplugd 8 235program. 236.It Va pccard_ifconfig 237.Pq Vt str 238List of arguments to be passed to 239.Xr ifconfig 8 240at boot time or on insertion of the card (e.g.\& 241.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 242for a fixed address or 243.Dq Li DHCP 244for a DHCP client). 245.It Va removable_interfaces 246.Pq Vt str 247List of removable network interfaces to be supported by 248.Pa /etc/pccard_ether . 249.It Va local_startup 250.Pq Vt str 251List of directories to search for startup script files. 252.It Va script_name_sep 253.Pq Vt str 254The field separator to use for breaking down the list of startup script files 255into individual filenames. 256The default is a space. 257It is not necessary to change this unless there are startup scripts with names 258containing spaces. 259.It Va hostname 260.Pq Vt str 261The fully qualified domain name (FQDN) of this host on the network. 262This should almost certainly be set to something meaningful, even if 263there is no network connection. 264If DHCP is used to set the hostname, 265this variable should be set to an empty string. 266.It Va ipv6_enable 267.Pq Vt bool 268Enable support for IPv6 networking. 269Note that this requires that the kernel have been compiled with 270.Cd "options INET6" . 271.It Va nisdomainname 272.Pq Vt str 273The NIS domain name of this host, or 274.Dq Li NO 275if NIS is not used. 276.It Va dhcp_client 277.Pq Vt str 278Set the rc script that is called to start the DHCP client. 279This can be set to 280.Dq Li dhclient 281(default) or 282.Dq Li dhcpcd . 283.It Va dhclient_program 284.Pq Vt str 285Path to the 286.Xr dhclient 8 287program (default 288.Pa /sbin/dhclient ) . 289.It Va dhclient_flags 290.Pq Vt str 291Additional flags to pass to the 292.Xr dhclient 8 293program. 294.It Va dhcpcd_enable 295.Pq Vt bool 296Set to 297.Dq Li YES 298to run 299.Xr dhcpcd 8 300in master mode (i.e., configure all available Ethernet interfaces) at startup. 301.It Va dhcpcd_program 302.Pq Vt str 303Path to the 304.Xr dhcpcd 8 305program (default 306.Pa /sbin/dhcpcd ) . 307.It Va dhcpcd_flags 308.Pq Vt str 309Additional flags to pass to the 310.Xr dhcpcd 8 311program. 312The default value is 313.Fl b , 314i.e., tell 315.Xr dhcpcd 8 316to go to background immediately. 317.It Va pf_enable 318.Pq Vt bool 319Set to 320.Dq Li YES 321to load 322.Xr pf 4 323at startup. 324If the kernel was not built with 325.Cd "device pf" , 326the 327.Pa pf.ko 328kernel module will be loaded. 329See also 330.Va firewall_enable . 331.It Va pf_rules 332.Pq Vt str 333Path to the 334.Xr pf 4 335ruleset definition file. 336.It Va pf_program 337.Pq Vt str 338Path to 339.Xr pfctl 8 . 340.It Va pf_flags 341.Pq Vt str 342If 343.Va pf_enable 344is set to 345.Dq Li YES , 346these are the flags to pass to 347.Xr pfctl 8 348when loading the ruleset. 349.It Va pflog_enable 350.Pq Vt bool 351Set this to 352.Dq Li YES 353to enable 354.Xr pflogd 8 355which logs packets from 356.Xr pf 4 . 357.It Va pflog_logfile 358.Pq Vt str 359If 360.Va pflog_enable 361is set to 362.Dq Li YES 363this specifies the path of the log file. 364.It Va pflog_program 365.Pq Vt str 366Path to 367.Xr pflogd 8 . 368.It Va pflog_flags 369.Pq Vt str 370If 371.Va pflog_enable 372is set to 373.Dq Li YES , 374these are the flags to pass to 375.Xr pflogd 8 . 376.It Va firewall_enable 377.Pq Vt bool 378Set to 379.Dq Li YES 380to load firewall rules at startup. 381If the kernel was not built with 382.Cd "options IPFIREWALL" , 383the 384.Pa ipfw.ko 385kernel module will be loaded. 386See also 387.Va pf_enable . 388.It Va ipv6_firewall_enable 389.Pq Vt bool 390The IPv6 equivalent of 391.Va firewall_enable . 392Set to 393.Dq Li YES 394to load IPv6 firewall rules at startup. 395If the kernel was not built with 396.Cd "options IPV6FIREWALL" , 397the 398.Pa ip6fw.ko 399kernel module will be loaded. 400.It Va firewall_script 401.Pq Vt str 402The full path to the firewall script to run 403(default 404.Pa /etc/rc.firewall ) . 405.It Va ipv6_firewall_script 406.Pq Vt str 407The IPv6 equivalent of 408.Va firewall_script . 409.It Va firewall_type 410.Pq Vt str 411Names the firewall type from the selection in 412.Pa /etc/rc.firewall , 413or the file which contains the local firewall ruleset. 414Valid selections from 415.Pa /etc/rc.firewall 416are: 417.Pp 418.Bl -tag -width ".Li simple" -compact 419.It Li open 420unrestricted IP access 421.It Li closed 422all IP services disabled, except via 423.Dq Li lo0 424.It Li client 425basic protection for a workstation on a LAN 426.It Li simple 427alias for 428.Li client . 429.El 430.Pp 431If a filename is specified, the full path must be given. 432.It Va firewall_trusted_nets 433.Pq Vt str 434List of trusted networks (if 435.Va firewall_type 436is set to 437.Li client ) . 438.It Va firewall_trusted_interfaces 439.Pq Vt str 440List of trusted network interfaces (if 441.Va firewall_type 442is set to 443.Li client ) . 444.It Va firewall_allowed_icmp_types 445.Pq Vt str 446List of allowed ICMP types (if 447.Va firewall_type 448is set to 449.Li client ) . 450.It Va firewall_open_tcp_ports 451.Pq Vt str 452List of TCP ports to open (if 453.Va firewall_type 454is set to 455.Li client ) . 456.It Va firewall_open_udp_ports 457.Pq Vt str 458List of UDP ports to open (if 459.Va firewall_type 460is set to 461.Li client ) . 462.It Va ipv6_firewall_type 463.Pq Vt str 464The IPv6 equivalent of 465.Va firewall_type . 466.It Va firewall_quiet 467.Pq Vt bool 468Set to 469.Dq Li YES 470to disable the display of firewall rules on the console during boot. 471.It Va ipv6_firewall_quiet 472.Pq Vt bool 473The IPv6 equivalent of 474.Va firewall_quiet . 475.It Va firewall_logging 476.Pq Vt bool 477Set to 478.Dq Li YES 479to enable firewall event logging. 480This is equivalent to the 481.Dv IPFIREWALL_VERBOSE 482kernel option. 483.It Va ipv6_firewall_logging 484.Pq Vt bool 485The IPv6 equivalent of 486.Va firewall_logging . 487.It Va firewall_flags 488.Pq Vt str 489Flags passed to 490.Xr ipfw 8 491if 492.Va firewall_type 493specifies a filename. 494.It Va ipv6_firewall_flags 495.Pq Vt str 496The IPv6 equivalent of 497.Va firewall_flags . 498.It Va ipfw3_enable 499.Pq Vt bool 500Set to 501.Dq Li YES 502to enable 503.Xr ipfw3 8 . 504.It Va ipfw3_program 505.Pq Vt str 506Path to 507.Xr ipfw3 8 . 508.It Va ipfw3_script 509.Pq Vt str 510The full path to the shell script to run to set up the ipfw3 511firewall rules (default 512.Pa /etc/ipfw3.rules ) . 513.It Va ipfw3_modules 514.Pq Vt str 515List of ipfw3 modules to be loaded before executing the above 516.Va ipfw3_script . 517(default 518.Dq Li ipfw3 ipfw3_basic ) . 519.It Va natd_program 520.Pq Vt str 521Path to 522.Xr natd 8 . 523.It Va natd_enable 524.Pq Vt bool 525Set to 526.Dq Li YES 527to enable 528.Xr natd 8 . 529.Va firewall_enable 530must also be set to 531.Dq Li YES , 532and 533.Xr divert 4 534sockets must be enabled in the kernel. 535.It Va natd_interface 536.Pq Vt str 537This is the name of the public interface on which 538.Xr natd 8 539should run. 540The interface may be given as an interface name or as an IP address. 541.It Va natd_flags 542.Pq Vt str 543Additional 544.Xr natd 8 545flags should be placed here. 546The 547.Fl n 548or 549.Fl a 550flag is automatically added with the above 551.Va natd_interface 552as an argument. 553.It Va tcp_extensions 554.Pq Vt bool 555Set to 556.Dq Li YES 557by default. 558Setting this to 559.Dq Li NO 560disables certain TCP options as described by 561.Rs 562.%T "RFC 1323" 563.Re 564Setting this to 565.Dq Li NO 566might help remedy such problems with connections as randomly hanging 567or other weird behavior. 568Some network devices are known to be broken with respect to these options. 569.It Va log_in_vain 570.Pq Vt int 571Set to 0 by default. 572The 573.Xr sysctl 8 574variables, 575.Va net.inet.tcp.log_in_vain 576and 577.Va net.inet.udp.log_in_vain , 578as described in 579.Xr tcp 4 580and 581.Xr udp 4 , 582are set to the given value. 583.It Va tcp_keepalive 584.Pq Vt bool 585Set to 586.Dq Li YES 587by default. 588Setting to 589.Dq Li NO 590will disable probing idle TCP connections to verify that the 591peer is still up and reachable. 592.It Va tcp_drop_synfin 593.Pq Vt bool 594Set to 595.Dq Li NO 596by default. 597Setting to 598.Dq Li YES 599will cause the kernel to ignore TCP frames that have both 600the SYN and FIN flags set. 601This prevents OS fingerprinting, but may break some legitimate applications. 602This option is only available if the kernel was built with the 603.Dv TCP_DROP_SYNFIN 604option. 605.It Va icmp_drop_redirect 606.Pq Vt bool 607Set to 608.Dq Li NO 609by default. 610Setting to 611.Dq Li YES 612will cause the kernel to ignore ICMP REDIRECT packets. 613Refer to 614.Xr icmp 4 615for more information. 616.It Va icmp_log_redirect 617.Pq Vt bool 618Set to 619.Dq Li NO 620by default. 621Setting to 622.Dq Li YES 623will cause the kernel to log ICMP REDIRECT packets. 624Note that 625the log messages are not rate-limited, so this option should only be used 626for troubleshooting networks. 627Refer to 628.Xr icmp 4 629for more information. 630.It Va icmp_bmcastecho 631.Pq Vt bool 632Set to 633.Dq Li YES 634to respond to broadcast or multicast ICMP ping packets. 635Refer to 636.Xr icmp 4 637for more information. 638.It Va ip_portrange_first 639.Pq Vt int 640If not set to 641.Dq Li NO , 642this is the first port in the default portrange. 643Refer to 644.Xr ip 4 645for more information. 646.It Va ip_portrange_last 647.Pq Vt int 648If not set to 649.Dq Li NO , 650this is the last port in the default portrange. 651Refer to 652.Xr ip 4 653for more information. 654.\" 655.It Va ifconfig_ Ns Aq Ar interface 656.Pq Vt str 657Configuration for 658.Dq interface . 659Typically includes IP address. 660Assuming that the interface in question was 661.Li ed0 , 662it might look something like this: 663.Bd -literal 664ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 665.Ed 666.Pp 667If the 668.Pa /etc/start_if. Ns Aq Ar interface 669file is present, it is read and executed by the 670.Xr sh 1 671interpreter before configuring the interface as specified in the 672.Va ifconfig_ Ns Aq Ar interface 673and 674.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 675variables. 676.Pp 677It is possible to bring up an interface with DHCP by adding 678.Dq Li DHCP 679to the 680.Va ifconfig_ Ns Aq Ar interface 681variable. 682For instance, to initialize the 683.Li ed0 684device via DHCP, it is possible to use something like: 685.Bd -literal 686ifconfig_ed0="DHCP" 687.Ed 688.Pp 689If a 690.Va vlans_ Ns Aq Ar interface 691variable is set, 692a 693.Xr vlan 4 694interface will be created for each item in the list with the 695.Ar vlandev 696argument set to 697.Ar interface . 698If a vlan interface's name is a number, 699then that number is used as the vlan tag and the new vlan interface is 700named 701.Ar interface . Ns Ar tag . 702Otherwise, 703the vlan tag must be specified via a 704.Va vlan 705parameter in the 706.Va create_args_ Ns Aq Ar interface 707variable. 708.Pp 709To create a vlan device named 710.Li em0.101 711on 712.Li em0 713with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 714.Bd -literal 715vlans_em0="101" 716ifconfig_em0_101="inet 192.0.2.1/24" 717.Ed 718.Pp 719To create a vlan device named 720.Li myvlan 721on 722.Li em0 723with the vlan tag 102: 724.Bd -literal 725vlans_em0="myvlan" 726create_args_myvlan="vlan 102" 727.Ed 728.Pp 729If a 730.Va wlans_ Ns Aq Ar interface 731variable is set, 732an 733.Xr wlan 4 734interface will be created for each item in the list with the 735.Ar wlandev 736argument set to 737.Ar interface . 738Further wlan cloning arguments may be passed to the 739.Xr ifconfig 8 740.Cm create 741command by setting the 742.Va create_args_ Ns Aq Ar interface 743variable. 744One or more 745.Xr wlan 4 746devices must be created for each wireless devices as of 747.Dx 2.5 . 748Debugging flags for 749.Xr wlan 4 750devices as set by 751.Xr wlandebug 8 752may be specified with an 753.Va wlandebug_ Ns Aq Ar interface 754variable. 755The contents of this variable will be passed directly to 756.Xr wlandebug 8 . 757.Pp 758Also, if your interface needs WPA authentication, it is possible to add 759.Dq Li WPA 760to the 761.Va ifconfig_ Ns Aq Ar interface 762variable. 763This will start 764.Xr wpa_supplicant 8 . 765See 766.Xr wpa_supplicant.conf 5 767for configuring authentication information. 768But see also 769.Va wpa_supplicant_enable . 770.Pp 771Finally, you can add 772.Xr ifconfig 8 773options in this variable, in addition to the 774.Pa /etc/start_if. Ns Aq Ar interface 775file. 776For instance, to initialize the 777.Li wi0 778device via DHCP, using WPA authentication and 802.11b mode, it is 779possible to use something like: 780.Bd -literal 781wlans_wi0="wlan0" 782ifconfig_wlan0="up DHCP WPA mode 11b" 783.Ed 784.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 785.Pq Vt str 786Configuration to establish an additional network address for 787.Dq interface . 788Assuming that the interface in question was 789.Li ed0 , 790it might look something like this: 791.Bd -literal 792ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 793ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 794.Ed 795.Pp 796And so on. 797For each 798.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 799entry that is found, its contents are passed to 800.Xr ifconfig 8 . 801Execution stops at the first unsuccessful access, so if 802something like this is present: 803.Bd -literal 804ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 805ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 806ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 807ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 808.Ed 809.Pp 810Then note that alias4 would 811.Em not 812be added since the search would stop with the missing alias3 entry. 813.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 814.Pq Vt str 815New name for 816.Dq interface . 817It is possible to rename interface by doing: 818.Bd -literal 819ifconfig_ed0_name="net0" 820ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 821.Ed 822.It Va netif_enable 823.Pq Vt bool 824Set to 825.Dq Li YES 826by default. 827Setting to 828.Dq Li NO 829will disable the configuration of network interfaces. 830.It Va network_interfaces 831.Pq Vt str 832The list of network interfaces to configure on this host, 833or 834.Dq Li auto 835to configure all network interfaces 836(default 837.Dq Li auto ) . 838For example, if the only network devices to be configured are the loopback device 839.Pq Li lo0 840and a NIC using the 841.Xr em 4 842driver, this could be set to 843.Dq Li "lo0 em0" . 844An 845.Va ifconfig_ Ns Aq Ar interface 846variable is assumed to exist for each value of 847.Ar interface . 848.It Va ipv6_network_interfaces 849.Pq Vt str 850This is the IPv6 equivalent of 851.Va network_interfaces . 852Instead of setting the ifconfig variables as 853.Va ifconfig_ Ns Aq Ar interface 854they should be set as 855.Va ipv6_ifconfig_ Ns Aq Ar interface . 856Aliases should be set as 857.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 858Interfaces that do not have a 859.Va ipv6_ifconfig_ Ns Aq Ar interface 860setting will be auto configured by 861.Xr rtsol 8 862if the 863.Va ipv6_gateway_enable 864is set to 865.Dq Li NO . 866Note that the IPv6 networking code does not support the 867.Pa /etc/start_if. Ns Aq Ar interface 868files. 869.It Va ipv6_prefix_ Ns Aq Ar interface 870.Pq Vt str 871Assign prefix to 872.Ar interface , 873prefixlen 64 is used. 874.It Va ipv6_default_interface 875.Pq Vt str 876If not set to 877.Dq Li NO , 878this is the default output interface for scoped addresses. 879Now this works only for IPv6 link local multicast addresses. 880.It Va ip6addrctl_enable 881.Pq Vt bool 882This variable is to enable configuring the default address selection policy table 883.Pq RFC 3484 . 884The default value is 885.Dq Li YES , 886and the policy table to be installed is specified by the 887.Va ip6addrctl_policy 888variable below. 889.It Va ip6addrctl_policy 890.Pq Vt str 891This variable specifies the policy table to be installed, 892and can be one of the following keywords: 893.Dq Li ipv4_prefer , 894.Dq Li ipv6_prefer , 895or 896.Dq Li AUTO 897(default). 898.Pp 899If 900.Dq Li ipv4_prefer 901or 902.Dq Li ipv6_prefer 903is specified, 904.Xr ip6addrctl 8 905installs a pre-defined policy table described in Section 2.1 906.Pq IPv6-preferred 907or 10.3 908.Pq IPv4-preferred 909of RFC 3484. 910.Pp 911If 912.Dq Li AUTO 913is specified, it attempts to read a file 914.Pa /etc/ip6addrctl.conf 915first. 916If this file is found, 917.Xr ip6addrctl 8 918reads and installs it. 919If not found, a policy is automatically set 920according to 921.Va ipv6_enable 922variable; if the variable is set to 923.Dq Li YES 924the IPv6-preferred one is used. 925Otherwise IPv4-preferred. 926.It Va ip6addrctl_verbose 927.Pq Vt bool 928If set to 929.Dq Li YES , 930print the installed policy table after configuring. 931The default value is 932.Dq Li NO . 933.It Va cloned_interfaces 934.Pq Vt str 935Set to the list of clonable network interfaces to create on this host. 936Entries in 937.Va cloned_interfaces 938are automatically appended to 939.Va network_interfaces 940for configuration. 941.It Va gif_interfaces 942.Pq Vt str 943Set to the list of 944.Xr gif 4 945tunnel interfaces to configure on this host. 946A 947.Va gifconfig_ Ns Aq Ar interface 948variable is assumed to exist for each value of 949.Ar interface . 950The value of this variable is used to configure the link layer of the 951tunnel according to the syntax of the 952.Cm tunnel 953option to 954.Xr ifconfig 8 . 955Additionally, this option ensures that each listed interface is created via the 956.Cm create 957option to 958.Xr ifconfig 8 959before attempting to configure it. 960.It Va sppp_interfaces 961.Pq Vt str 962Set to the list of 963.Xr sppp 4 964interfaces to configure on this host. 965A 966.Va spppconfig_ Ns Aq Ar interface 967variable is assumed to exist for each value of 968.Ar interface . 969Each interface should also be configured by a general 970.Va ifconfig_ Ns Aq Ar interface 971setting. 972Refer to 973.Xr spppcontrol 8 974for more information about available options. 975.It Va ppp_enable 976.Pq Vt bool 977If set to 978.Dq Li YES , 979run the 980.Xr ppp 8 981daemon. 982.It Va ppp_mode 983.Pq Vt str 984Mode in which to run the 985.Xr ppp 8 986daemon. 987Accepted modes are 988.Dq Li auto , 989.Dq Li ddial , 990.Dq Li direct 991and 992.Dq Li dedicated . 993See the manual for a full description. 994.It Va ppp_nat 995.Pq Vt bool 996If set to 997.Dq Li YES , 998enables network address translation. 999Used in conjunction with 1000.Va gateway_enable 1001allows hosts on private network addresses access to the Internet using 1002this host as a network address translating router. 1003.It Va ppp_profile 1004.Pq Vt str 1005The name of the profile to use from 1006.Pa /etc/ppp/ppp.conf . 1007Also used for per-profile overrides of 1008.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1009Where the profile contains any of the characters 1010.Dq Li .-/+ 1011they are translated to 1012.Dq Li _ 1013for the purposes of the override variable names. 1014.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1015.Pq Vt int 1016Set the unit number to be used for this profile. 1017See the manual description of 1018.Fl unit Ns Ar N 1019in 1020.Xr ppp 8 1021for details. 1022.It Va ppp_user 1023.Pq Vt str 1024The name of the user under which 1025.Xr ppp 8 1026should be started. 1027By default, 1028.Xr ppp 8 1029is started as 1030.Dq Li root . 1031.It Va rc_conf_files 1032.Pq Vt str 1033This option is used to specify a list of files that will override 1034the settings in 1035.Pa /etc/defaults/rc.conf . 1036The files will be read in the order in which they are specified and should 1037include the full path to the file. 1038By default, the files specified are 1039.Pa /etc/rc.conf 1040and 1041.Pa /etc/rc.conf.local 1042.It Va fsck_y_enable 1043.Pq Vt bool 1044If set to 1045.Dq Li YES , 1046.Xr fsck 8 1047will be run with the 1048.Fl y 1049flag if the initial preen of the file systems fails. 1050.It Va netfs_types 1051.Pq Vt str 1052List of file system types that are network-based. 1053This list should generally not be modified by end users. 1054Use 1055.Va extra_netfs_types 1056instead. 1057.It Va extra_netfs_types 1058.Pq Vt str 1059If set to something other than 1060.Dq Li NO 1061(the default), this variable extends the list of file system types 1062for which automatic mounting at startup by 1063.Xr rc 8 1064should be delayed until the network is initialized. 1065It should contain 1066a whitespace-separated list of network file system descriptor pairs, 1067each consisting of a file system type as passed to 1068.Xr mount 8 1069and a human-readable, one-word description, joined with a colon 1070.Pq Ql \&: . 1071Extending the default list in this way is only necessary 1072when third party file system types are used. 1073.It Va devfs_config_files 1074.Pq Vt str 1075This option is used to specify a list of configuration files containing 1076.Xr devfs 5 1077rules that will be applied by 1078.Xr devfsctl 8 1079in the order in which they are specified and must include the full path 1080to the file. 1081.It Va tmpfs_var_run 1082.Pq Vt bool 1083If set to 1084.Dq Li YES , 1085a 1086.Xr tmpfs 5 1087will be mounted at 1088.Pa /var/run . 1089Necessary directories under there will be automatically created. 1090.It Va tmpfs_tmp 1091.Pq Vt bool 1092If set to 1093.Dq Li YES , 1094a 1095.Xr tmpfs 5 1096will be mounted at 1097.Pa /tmp . 1098.It Va syslogd_enable 1099.Pq Vt bool 1100If set to 1101.Dq Li YES , 1102run the 1103.Xr syslogd 8 1104daemon. 1105.It Va syslogd_program 1106.Pq Vt str 1107Path to 1108.Xr syslogd 8 1109(default 1110.Pa /usr/sbin/syslogd ) . 1111.It Va syslogd_flags 1112.Pq Vt str 1113If 1114.Va syslogd_enable 1115is set to 1116.Dq Li YES , 1117these are the flags to pass to 1118.Xr syslogd 8 . 1119.It Va inetd_enable 1120.Pq Vt bool 1121If set to 1122.Dq Li YES , 1123run the 1124.Xr inetd 8 1125daemon. 1126.It Va inetd_program 1127.Pq Vt str 1128Path to 1129.Xr inetd 8 1130(default 1131.Pa /usr/sbin/inetd ) . 1132.It Va inetd_flags 1133.Pq Vt str 1134If 1135.Va inetd_enable 1136is set to 1137.Dq Li YES , 1138these are the flags to pass to 1139.Xr inetd 8 . 1140.It Va rwhod_enable 1141.Pq Vt bool 1142If set to 1143.Dq Li YES , 1144run the 1145.Xr rwhod 8 1146daemon at boot time. 1147.It Va rwhod_flags 1148.Pq Vt str 1149If 1150.Va rwhod_enable 1151is set to 1152.Dq Li YES , 1153these are the flags to pass to it. 1154.It Va update_motd 1155.Pq Vt bool 1156If set to 1157.Dq Li YES , 1158.Pa /etc/motd 1159will be updated at boot time to reflect the kernel release being run. 1160If set to 1161.Dq Li NO , 1162.Pa /etc/motd 1163will not be updated. 1164.It Va nfs_client_enable 1165.Pq Vt bool 1166If set to 1167.Dq Li YES , 1168setup NFS client parameters at boot time. 1169.It Va nfs_access_cache 1170.Pq Vt int 1171If 1172.Va nfs_client_enable 1173is set to 1174.Dq Li YES , 1175this can be set to 1176.Dq Li 0 1177to disable NFS ACCESS RPC caching, or to the number of seconds for which 1178NFS ACCESS results should be cached. 1179A value of 2-10 seconds will substantially reduce network traffic for 1180many NFS operations. 1181The default is 5 seconds. 1182Note that the attribute cache holds stat information only. 1183The NFS data cache is independent of the attribute cache and is only 1184invalidated when the client detects that the server has modified the 1185underlying file. 1186This value specifies a maximum timeout. 1187The NFS client will automatically use a shorter timeout for files which 1188have been recently modified. 1189.It Va nfs_neg_cache 1190.Pq Vt int 1191If 1192.Va nfs_client_enable 1193is set to 1194.Dq Li YES , 1195this can be set to 1196.Dq Li 0 1197to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1198filenames), or to the number of seconds for which negative lookups should 1199be cached. 1200A value of 2-10 seconds will substantially reduce network 1201traffic for many NFS operations, especially source code builds. 1202The default is 3 seconds. 1203.It Va nfs_server_enable 1204.Pq Vt bool 1205If set to 1206.Dq Li YES , 1207run the NFS server daemons at boot time. 1208.It Va nfs_server_flags 1209.Pq Vt str 1210If 1211.Va nfs_server_enable 1212is set to 1213.Dq Li YES , 1214these are the flags to pass to the 1215.Xr nfsd 8 1216daemon. 1217.It Va mountd_enable 1218.Pq Vt bool 1219If set to 1220.Dq Li YES , 1221and no 1222.Va nfs_server_enable 1223is set, start 1224.Xr mountd 8 , 1225but not 1226.Xr nfsd 8 1227daemon. 1228It is commonly needed to run CFS without real NFS used. 1229.It Va mountd_flags 1230.Pq Vt str 1231If 1232.Va mountd_enable 1233is set to 1234.Dq Li YES , 1235these are the flags to pass to the 1236.Xr mountd 8 1237daemon. 1238.It Va weak_mountd_authentication 1239.Pq Vt bool 1240If set to 1241.Dq Li YES , 1242allow services like PCNFSD to make non-privileged mount requests. 1243.It Va nfs_reserved_port_only 1244.Pq Vt bool 1245If set to 1246.Dq Li YES , 1247provide NFS services only on a secure port. 1248.It Va nfs_bufpackets 1249.Pq Vt int 1250If set to a number, indicates the number of packets worth of 1251socket buffer space to reserve on an NFS client. 1252The kernel default is typically 4. 1253Using a higher number may be useful on gigabit networks to improve performance. 1254The minimum value is 2 and the maximum is 64. 1255.It Va rpc_umntall_enable 1256.Pq Vt bool 1257If set to 1258.Dq Li YES 1259(default) and we are also an NFS client, run 1260.Xr rpc.umntall 8 1261at boot time to clear out old mounts on remote servers. 1262If set to 1263.Dq Li NO 1264then 1265.Xr rpc.umntall 8 1266will not be run at boot time. 1267.It Va rpc_lockd_enable 1268.Pq Vt bool 1269If set to 1270.Dq Li YES 1271and also an NFS server, run 1272.Xr rpc.lockd 8 1273at boot time. 1274.It Va rpc_lockd_flags 1275.Pq Vt str 1276If 1277.Va rpc_lockd_enable 1278is set to 1279.Dq Li YES , 1280these are the flags to pass to 1281.Xr rpc.lockd 8 . 1282.It Va rpc_statd_enable 1283.Pq Vt bool 1284If set to 1285.Dq Li YES 1286and also an NFS server, run 1287.Xr rpc.statd 8 1288at boot time. 1289.It Va rpc_statd_flags 1290.Pq Vt str 1291If 1292.Va rpc_statd_enable 1293is set to 1294.Dq Li YES , 1295these are the flags to pass to 1296.Xr rpc.statd 8 . 1297.It Va rpcbind_program 1298.Pq Vt str 1299Path to program for rpcbind daemon 1300(default 1301.Pa /usr/sbin/rpcbind ) . 1302.It Va rpcbind_enable 1303.Pq Vt bool 1304If set to 1305.Dq Li YES , 1306run 1307.Va rpcbind_program 1308at boot time. 1309.It Va rpcbind_flags 1310.Pq Vt str 1311If 1312.Va rpcbind_enable 1313is set to 1314.Dq Li YES , 1315these are the flags to pass to 1316.Va rpcbind_program . 1317.It Va keyserv_enable 1318.Pq Vt bool 1319If set to 1320.Dq Li YES , 1321run the 1322.Xr keyserv 8 1323daemon on boot for running Secure RPC. 1324.It Va keyserv_flags 1325.Pq Vt str 1326If 1327.Va keyserv_enable 1328is set to 1329.Dq Li YES , 1330these are the flags to pass to 1331.Xr keyserv 8 1332daemon. 1333.It Va pppoed_enable 1334.Pq Vt bool 1335If set to 1336.Dq Li YES , 1337run the 1338.Xr pppoed 8 1339daemon at boot time to provide PPP over Ethernet services. 1340.It Va pppoed_provider 1341.Pq Vt str 1342.Xr pppoed 8 1343listens to requests to this provider and ultimately runs 1344.Xr ppp 8 1345with a 1346.Ar system 1347argument of the same name. 1348.It Va pppoed_flags 1349.Pq Vt str 1350Additional flags to pass to 1351.Xr pppoed 8 . 1352.It Va pppoed_interface 1353.Pq Vt str 1354The network interface to run 1355.Xr pppoed 8 1356on. 1357This is mandatory when 1358.Va pppoed_enable 1359is set to 1360.Dq Li YES . 1361.It Va dntpd_enable 1362.Pq Vt bool 1363If set to 1364.Dq Li YES , 1365run 1366.Xr dntpd 8 1367at system boot time. 1368.It Va dntpd_program 1369.Pq Vt str 1370Path to 1371.Xr dntpd 8 1372(default 1373.Pa /usr/sbin/dntpd ) . 1374.It Va dntpd_flags 1375.Pq Vt str 1376If 1377.Va dntpd_enable 1378is set to 1379.Dq Li YES , 1380these are the flags to pass to the 1381.Xr dntpd 8 1382daemon. 1383.It Va btconfig_enable 1384.Pq Vt bool 1385If set to 1386.Dq Li YES , 1387configure Bluetooth devices via 1388.Xr btconfig 8 1389at system boot time. 1390.It Va btconfig_devices 1391.Pq Vt str 1392If 1393.Va btconfig_enable 1394is set to 1395.Dq Li YES , 1396this is the list of Bluetooth devices to configure. 1397If 1398.Va btconfig_devices 1399is not specified, all devices known to the system will be configured. 1400A 1401.Va btconfig_ Ns Aq Ar device 1402variable can be set to specify parameters to be passed to 1403.Ar device . 1404.It Va btconfig_args 1405.Pq Vt str 1406If 1407.Va btconfig_enable 1408is set to 1409.Dq Li YES , 1410this is the list of configuration parameters to pass to all Bluetooth 1411devices. 1412.It Va sdpd_enable 1413.Pq Vt bool 1414If set to 1415.Dq Li YES , 1416run the Service Discovery Profile daemon 1417.Xr ( sdpd 8 ) 1418at system boot time. 1419.It Va sdpd_flags 1420.Pq Vt str 1421If 1422.Va sdpd_enable 1423is set to 1424.Dq Li YES , 1425these are the flags to pass to the 1426.Xr sdpd 8 1427daemon. 1428.It Va bthcid_enable 1429.Pq Vt bool 1430If set to 1431.Dq Li YES , 1432run the Bluetooth Link Key/PIN Code Manager daemon 1433.Xr ( bthcid 8 ) 1434at system boot time. 1435.It Va bthcid_flags 1436.Pq Vt str 1437If 1438.Va bthcid_enable 1439is set to 1440.Dq Li YES , 1441these are the flags to pass to the 1442.Xr bthcid 8 1443daemon. 1444.It Va nis_client_enable 1445.Pq Vt bool 1446If set to 1447.Dq Li YES , 1448run the 1449.Xr ypbind 8 1450service at system boot time. 1451.It Va nis_client_flags 1452.Pq Vt str 1453If 1454.Va nis_client_enable 1455is set to 1456.Dq Li YES , 1457these are the flags to pass to the 1458.Xr ypbind 8 1459service. 1460.It Va nis_ypset_enable 1461.Pq Vt bool 1462If set to 1463.Dq Li YES , 1464run the 1465.Xr ypset 8 1466daemon at system boot time. 1467.It Va nis_ypset_flags 1468.Pq Vt str 1469If 1470.Va nis_ypset_enable 1471is set to 1472.Dq Li YES , 1473these are the flags to pass to the 1474.Xr ypset 8 1475daemon. 1476.It Va nis_server_enable 1477.Pq Vt bool 1478If set to 1479.Dq Li YES , 1480run the 1481.Xr ypserv 8 1482daemon at system boot time. 1483.It Va nis_server_flags 1484.Pq Vt str 1485If 1486.Va nis_server_enable 1487is set to 1488.Dq Li YES , 1489these are the flags to pass to the 1490.Xr ypserv 8 1491daemon. 1492.It Va nis_ypxfrd_enable 1493.Pq Vt bool 1494If set to 1495.Dq Li YES , 1496run the 1497.Xr rpc.ypxfrd 8 1498daemon at system boot time. 1499.It Va nis_ypxfrd_flags 1500.Pq Vt str 1501If 1502.Va nis_ypxfrd_enable 1503is set to 1504.Dq Li YES , 1505these are the flags to pass to the 1506.Xr rpc.ypxfrd 8 1507daemon. 1508.It Va nis_yppasswdd_enable 1509.Pq Vt bool 1510If set to 1511.Dq Li YES , 1512run the 1513.Xr rpc.yppasswdd 8 1514daemon at system boot time. 1515.It Va nis_yppasswdd_flags 1516.Pq Vt str 1517If 1518.Va nis_yppasswdd_enable 1519is set to 1520.Dq Li YES , 1521these are the flags to pass to the 1522.Xr rpc.yppasswdd 8 1523daemon. 1524.It Va rpc_ypupdated_enable 1525.Pq Vt bool 1526If set to 1527.Dq Li YES , 1528run the 1529.Nm rpc.ypupdated 1530daemon at system boot time. 1531.It Va defaultrouter 1532.Pq Vt str 1533If not set to 1534.Dq Li NO , 1535create a default route to this host name or IP address 1536(use an IP address if this router is also required to get to the 1537name server!). 1538.It Va ipv6_defaultrouter 1539.Pq Vt str 1540The IPv6 equivalent of 1541.Va defaultrouter . 1542.It Va static_routes 1543.Pq Vt str 1544Set to the list of static routes that are to be added at system boot time. 1545If not set to 1546.Dq Li NO 1547then for each whitespace separated 1548.Ar element 1549in the value, a 1550.Va route_ Ns Aq Ar element 1551variable is assumed to exist whose contents will later be passed to a 1552.Dq Nm route Cm add 1553operation. 1554.It Va change_routes 1555.Pq Vt str 1556Set to the list of static routes that are to be changed at system boot time 1557(such as those added by the kernel). 1558If not set to 1559.Dq Li NO 1560then for each whitespace separated 1561.Ar element 1562in the value, a 1563.Va change_route_ Ns Aq Ar element 1564variable is assumed to exist whose contents will later be passed to a 1565.Dq Nm route Cm change 1566operation. 1567.It Va ipv6_static_routes 1568.Pq Vt str 1569The IPv6 equivalent of 1570.Va static_routes . 1571If not set to 1572.Dq Li NO 1573then for each whitespace separated 1574.Ar element 1575in the value, a 1576.Va ipv6_route_ Ns Aq Ar element 1577variable is assumed to exist whose contents will later be passed to a 1578.Dq Nm route Cm add Fl inet6 1579operation. 1580.It Va gateway_enable 1581.Pq Vt bool 1582If set to 1583.Dq Li YES , 1584configure host to act as an IP router, e.g. to forward packets 1585between interfaces. 1586.It Va ipv6_gateway_enable 1587.Pq Vt bool 1588The IPv6 equivalent of 1589.Va gateway_enable . 1590.It Va router_enable 1591.Pq Vt bool 1592If set to 1593.Dq Li YES , 1594run a routing daemon of some sort, based on the settings of 1595.Va router_program 1596and 1597.Va router_flags . 1598.It Va ipv6_router_enable 1599.Pq Vt bool 1600The IPv6 equivalent of 1601.Va router_enable . 1602If set to 1603.Dq Li YES , 1604run a routing daemon of some sort, based on the settings of 1605.Va ipv6_router_program 1606and 1607.Va ipv6_router_flags . 1608.It Va router_program 1609.Pq Vt str 1610If 1611.Va router_enable 1612is set to 1613.Dq Li YES , 1614this is the name of the routing daemon to use 1615(default 1616.Pa /sbin/routed ) . 1617.It Va ipv6_router_program 1618.Pq Vt str 1619The IPv6 equivalent of 1620.Va router_program 1621(default 1622.Pa /sbin/route6d ) . 1623.It Va router_flags 1624.Pq Vt str 1625If 1626.Va router_enable 1627is set to 1628.Dq Li YES , 1629these are the flags to pass to the routing daemon. 1630.It Va ipv6_router_flags 1631.Pq Vt str 1632The IPv6 equivalent of 1633.Va router_flags . 1634.It Va rtadvd_enable 1635.Pq Vt bool 1636If set to 1637.Dq Li YES , 1638run the 1639.Xr rtadvd 8 1640daemon at boot time. 1641.Xr rtadvd 8 1642will only run if 1643.Va ipv6_gateway_enable 1644is also set to 1645.Dq Li YES . 1646The 1647.Xr rtadvd 8 1648utility sends router advertisement packets to the interfaces specified in 1649.Va rtadvd_interfaces . 1650.Xr rtadvd 8 1651and should only be enabled with great care. 1652You may want to fine-tune 1653.Xr rtadvd.conf 5 . 1654.It Va rtadvd_interfaces 1655.Pq Vt str 1656If 1657.Va rtadvd_enable 1658is set to 1659.Dq Li YES 1660this is the list of interfaces to use. 1661.It Va rtsold_enable 1662.Pq Vt bool 1663If set to 1664.Dq Li YES , 1665run the 1666.Xr rtsold 8 1667daemon at boot time. 1668The 1669.Xr rtsold 8 1670daemon is used for automatic discovery of non-link local addresses. 1671.It Va rtsold_flags 1672.Pq Vt str 1673If 1674.Va rtsold_enable 1675is set to 1676.Dq Li YES , 1677these are the flags to pass to the 1678.Xr rtsold 8 1679daemon. 1680.It Va arpproxy_all 1681.Pq Vt bool 1682If set to 1683.Dq Li YES , 1684enable global proxy ARP. 1685.It Va forward_sourceroute 1686.Pq Vt bool 1687If set to 1688.Dq Li YES 1689and 1690.Va gateway_enable 1691is also set to 1692.Dq Li YES , 1693source-routed packets are forwarded. 1694.It Va accept_sourceroute 1695.Pq Vt bool 1696If set to 1697.Dq Li YES , 1698the system will accept source-routed packets directed at it. 1699.It Va rarpd_enable 1700.Pq Vt bool 1701If set to 1702.Dq Li YES , 1703run the 1704.Xr rarpd 8 1705daemon at system boot time. 1706.It Va rarpd_flags 1707.Pq Vt str 1708If 1709.Va rarpd_enable 1710is set to 1711.Dq Li YES , 1712these are the flags to pass to the 1713.Xr rarpd 8 1714daemon. 1715.It Va wpa_supplicant_enable 1716.Pq Vt bool 1717If set to 1718.Dq Li YES , 1719run the 1720.Xr wpa_supplicant 8 1721daemon in 1722.Dq interface matching mode 1723at system boot time. 1724.It Va wpa_supplicant_program 1725.Pq Vt str 1726Path to 1727.Xr wpa_supplicant 8 . 1728.It Va wpa_supplicant_flags 1729.Pq Vt str 1730If 1731.Va wpa_supplicant_enable 1732is set to 1733.Dq Li YES , 1734these are the flags to pass to the 1735.Xr wpa_supplicant 8 1736daemon. 1737.It Va bootparamd_enable 1738.Pq Vt bool 1739If set to 1740.Dq Li YES , 1741run the 1742.Xr bootparamd 8 1743daemon at system boot time. 1744.It Va bootparamd_flags 1745.Pq Vt str 1746If 1747.Va bootparamd_enable 1748is set to 1749.Dq Li YES , 1750these are the flags to pass to the 1751.Xr bootparamd 8 1752daemon. 1753.It Va stf_interface_ipv4addr 1754.Pq Vt str 1755If not set to 1756.Dq Li NO , 1757this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1758Specify this entry to enable the 6to4 interface. 1759.It Va stf_interface_ipv4plen 1760.Pq Vt int 1761Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1762An effective value is 0-31. 1763.It Va stf_interface_ipv6_ifid 1764.Pq Vt str 1765IPv6 interface ID for 1766.Xr stf 4 . 1767This can be set to 1768.Dq Li AUTO . 1769.It Va stf_interface_ipv6_slaid 1770.Pq Vt str 1771IPv6 Site Level Aggregator for 1772.Xr stf 4 . 1773.It Va keybell 1774.Pq Vt str 1775The keyboard bell sound. 1776Set to 1777.Dq Li normal , 1778.Dq Li visual , 1779.Dq Li off , 1780or 1781.Dq Li NO 1782if the default behavior is desired. 1783For details, refer to the 1784.Xr kbdcontrol 1 1785manpage. 1786.It Va keymap 1787.Pq Vt str 1788If set to 1789.Dq Li NO , 1790no keymap is installed, otherwise the value is used to install 1791the keymap file in 1792.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1793.It Va keyrate 1794.Pq Vt str 1795The keyboard repeat speed. 1796Set to 1797.Dq Li slow , 1798.Dq Li normal , 1799.Dq Li fast , 1800or 1801.Dq Li NO 1802if the default behavior is desired. 1803.It Va keychange 1804.Pq Vt str 1805If not set to 1806.Dq Li NO , 1807attempt to program the function keys with the value. 1808The value should be a single string of the form: 1809.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1810.It Va cursor 1811.Pq Vt str 1812Can be set to the value of 1813.Dq Li normal , 1814.Dq Li blink , 1815.Dq Li destructive , 1816or 1817.Dq Li NO 1818to set the cursor behavior explicitly or choose the default behavior. 1819.It Va scrnmap 1820.Pq Vt str 1821If set to 1822.Dq Li NO , 1823no screen map is installed, otherwise the value is used to install 1824the screen map file in 1825.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1826.It Va font8x16 1827.Pq Vt str 1828If set to 1829.Dq Li NO , 1830the default 8x16 font value is used for screen size requests, otherwise 1831the value in 1832.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1833is used. 1834.It Va font8x14 1835.Pq Vt str 1836If set to 1837.Dq Li NO , 1838the default 8x14 font value is used for screen size requests, otherwise 1839the value in 1840.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1841is used. 1842.It Va font8x8 1843.Pq Vt str 1844If set to 1845.Dq Li NO , 1846the default 8x8 font value is used for screen size requests, otherwise 1847the value in 1848.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1849is used. 1850.It Va blanktime 1851.Pq Vt int 1852If set to 1853.Dq Li NO , 1854the default screen blanking interval is used, otherwise it is set to 1855.Ar value 1856seconds. 1857.It Va saver 1858.Pq Vt str 1859If not set to 1860.Dq Li NO , 1861this is the actual screen saver to use 1862.Li ( blank , snake , daemon , 1863etc). 1864.It Va moused_nondefault_enable 1865.Pq Vt str 1866If set to 1867.Dq Li NO , 1868the mouse device specified on 1869the command line is not automatically treated as enabled by the 1870.Pa /etc/rc.d/moused 1871script. 1872Having this variable set to 1873.Dq Li YES 1874allows a 1875.Xr usb 4 1876mouse, 1877for example, 1878to be enabled as soon as it is plugged in. 1879.It Va moused_enable 1880.Pq Vt str 1881If set to 1882.Dq Li YES , 1883the 1884.Xr moused 8 1885daemon is started for doing cut/paste selection on the console. 1886.It Va moused_type 1887.Pq Vt str 1888If 1889.Va moused_enable 1890is set to 1891.Dq Li YES , 1892this is the protocol type of the mouse connected to this host. 1893The default type is 1894.Dq Li auto . 1895The 1896.Xr moused 8 1897daemon 1898is able to detect the appropriate mouse type automatically in many cases. 1899Leave this variable at the default 1900.Dq Li auto 1901to let the daemon detect it, or 1902select one from the following list if the automatic detection fails. 1903.Pp 1904If the mouse is attached to the PS/2 mouse port, leave the variable at the 1905default 1906.Dq Li auto 1907or set it to 1908.Dq Li ps/2 , 1909regardless of the brand and model of the mouse. 1910Likewise, if the mouse is attached to the bus mouse port, leave it at 1911.Dq Li auto 1912or set it to 1913.Dq Li busmouse . 1914All other protocols are for serial mice and will not work with 1915the PS/2 and bus mice. 1916If this is a USB mouse, 1917.Dq Li auto 1918is the only protocol type which will work. 1919.Pp 1920.Bl -tag -width ".Li x10mouseremote" -compact 1921.It Li microsoft 1922Microsoft mouse (serial) 1923.It Li intellimouse 1924Microsoft IntelliMouse (serial) 1925.It Li mousesystems 1926Mouse systems Corp. mouse (serial) 1927.It Li mmseries 1928MM Series mouse (serial) 1929.It Li logitech 1930Logitech mouse (serial) 1931.It Li busmouse 1932A bus mouse 1933.It Li mouseman 1934Logitech MouseMan and TrackMan (serial) 1935.It Li glidepoint 1936ALPS GlidePoint (serial) 1937.It Li thinkingmouse 1938Kensington ThinkingMouse (serial) 1939.It Li ps/2 1940PS/2 mouse 1941.It Li mmhittab 1942MM HitTablet (serial) 1943.It Li x10mouseremote 1944X10 MouseRemote (serial) 1945.It Li versapad 1946Interlink VersaPad (serial) 1947.El 1948.Pp 1949Even if the mouse is not in the above list, it may be compatible 1950with one in the list. 1951Refer to the man page for 1952.Xr moused 8 1953for compatibility information. 1954.Pp 1955It should also be noted that while this is enabled, any 1956other client of the mouse (such as an X server) should access 1957the mouse through the virtual mouse device, 1958.Pa /dev/sysmouse , 1959and configure it as a 1960.Dq Li sysmouse 1961type mouse, since all 1962mouse data is converted to this single canonical format when using 1963.Xr moused 8 . 1964If the client program does not support the 1965.Dq Li sysmouse 1966type, specify the 1967.Dq Li mousesystems 1968type. 1969It is the second preferred type. 1970.It Va moused_port 1971.Pq Vt str 1972If 1973.Va moused_enable 1974is set to 1975.Dq Li YES , 1976this is the actual port the mouse is on. 1977It might be 1978.Pa /dev/cuaa0 1979for a COM1 serial mouse or 1980.Pa /dev/psm0 1981for a PS/2 mouse, for example. 1982.It Va moused_flags 1983.Pq Vt str 1984If 1985.Va moused_type 1986is set, these are the additional flags to pass to the 1987.Xr moused 8 1988daemon. 1989.It Va mousechar_start 1990.Pq Vt int 1991If set to 1992.Dq Li NO , 1993the default mouse cursor character range 1994.Li 0xd0 Ns - Ns Li 0xd3 1995is used, otherwise the range start is set to 1996.Ar value 1997character, see 1998.Xr vidcontrol 1 . 1999Use if the default range is occupied in the language code table. 2000.It Va vidhistory 2001.Pq Vt int 2002Set the size of the history (scrollback) buffer in lines. 2003.It Va allscreens_flags 2004.Pq Vt str 2005If set, 2006.Xr vidcontrol 1 2007is run with these options for each of the virtual terminals 2008.Pq Pa /dev/ttyv* . 2009For example, 2010.Dq Fl m Cm on 2011will enable the mouse pointer on all virtual terminals if 2012.Va moused_enable 2013is set to 2014.Dq Li YES . 2015.It Va allscreens_kbdflags 2016.Pq Vt str 2017If set, 2018.Xr kbdcontrol 1 2019is run with these options for each of the virtual terminals 2020.Pq Pa /dev/ttyv* . 2021For example, 2022.Dq Fl h Li 200 2023will set the 2024.Xr syscons 4 2025scrollback (history) buffer to 200 lines. 2026.It Va cron_enable 2027.Pq Vt bool 2028If set to 2029.Dq Li YES , 2030run the 2031.Xr cron 8 2032daemon at system boot time. 2033.It Va cron_program 2034.Pq Vt str 2035Path to 2036.Xr cron 8 2037(default 2038.Pa /usr/sbin/cron ) . 2039.It Va cron_flags 2040.Pq Vt str 2041If 2042.Va cron_enable 2043is set to 2044.Dq Li YES , 2045these are the flags to pass to 2046.Xr cron 8 . 2047.It Va lpd_program 2048.Pq Vt str 2049Path to 2050.Xr lpd 8 2051(default 2052.Pa /usr/sbin/lpd ) . 2053.It Va lpd_enable 2054.Pq Vt bool 2055If set to 2056.Dq Li YES , 2057run the 2058.Xr lpd 8 2059daemon at system boot time. 2060.It Va lpd_flags 2061.Pq Vt str 2062If 2063.Va lpd_enable 2064is set to 2065.Dq Li YES , 2066these are the flags to pass to the 2067.Xr lpd 8 2068daemon. 2069.It Va nscd_enable 2070.Pq Vt bool 2071If set to 2072.Dq Li YES , 2073run the 2074.Xr nscd 8 2075daemon at system boot time. 2076.It Va mixer_enable 2077.Pq Vt bool 2078If set to 2079.Dq Li YES , 2080preserve 2081.Xr mixer 8 2082settings across reboots. 2083.It Va mta_start_script 2084.Pq Vt str 2085The full path to the script to run to start 2086a mail transfer agent. 2087The default is 2088.Pa /etc/rc.sendmail . 2089The 2090.Va sendmail_* 2091variables which 2092.Pa /etc/rc.sendmail 2093uses are documented in the 2094.Xr rc.sendmail 8 2095man page. 2096.It Va fixbootfile 2097.Pq Vt bool 2098In a 2099.Sq HAMMER ROOT with UFS /boot 2100setup, the boot loader will not set up the 2101.Va kern.bootfile 2102sysctl correctly. 2103The system will attempt to fix this on its own. 2104Set this variable to 2105.Dq Li NO 2106to turn this behavior off. 2107.It Va dumpdev 2108.Pq Vt str 2109Indicates the device (usually a swap partition) to which a crash dump 2110should be written in the event of a system crash. 2111The value of this variable is passed as the argument to 2112.Xr dumpon 8 2113and 2114.Xr savecore 8 . 2115To disable crash dumps, set this variable to 2116.Dq Li NO . 2117.It Va dumpdir 2118.Pq Vt str 2119When the system reboots after a crash and a crash dump is found on the 2120device specified by the 2121.Va dumpdev 2122variable, 2123.Xr savecore 8 2124will save that crash dump and a copy of the kernel to the directory 2125specified by the 2126.Va dumpdir 2127variable. 2128The default value is 2129.Pa /var/crash . 2130Set to 2131.Dq Li NO 2132to not run 2133.Xr savecore 8 2134at boot time when 2135.Va dumpdir 2136is set. 2137.It Va savecore_flags 2138.Pq Vt str 2139If crash dumps are enabled, these are the flags to pass to the 2140.Xr savecore 8 2141utility. 2142.It Va crashinfo_enable 2143.Pq Vt bool 2144Set to 2145.Dq Li YES 2146to turn on automatic crash dump summary generation using the utility 2147specified by the 2148.Va crashinfo_program 2149variable. 2150.It Va crashinfo_program 2151.Pq Vt str 2152Program to run to generate a crash dump summary if the variable 2153.Va crashinfo_enable 2154is set to 2155.Dq Li YES . 2156The default value is 2157.Pa /usr/sbin/crashinfo . 2158.It Va enable_quotas 2159.Pq Vt bool 2160Set to 2161.Dq Li YES 2162to turn on user disk quotas on system startup via the 2163.Xr quotaon 8 2164command. 2165.It Va check_quotas 2166.Pq Vt bool 2167Set to 2168.Dq Li YES 2169to enable user disk quota checking via the 2170.Xr quotacheck 8 2171command. 2172.It Va accounting_enable 2173.Pq Vt bool 2174Set to 2175.Dq Li YES 2176to enable system accounting through the 2177.Xr accton 8 2178facility. 2179.\" ----- cleanvar_enable setting-------------------------------- 2180.It Va cleanvar_enable 2181.Pq Vt bool 2182Set to 2183.Dq Li YES 2184to have 2185.Pa /var/run , 2186.Pa /var/spool/lock 2187and 2188.Pa /var/spool/uucp/.Temp/* 2189cleaned at startup. 2190.\" ----- clear_tmp_enable setting------------------------------- 2191.It Va clear_tmp_enable 2192.Pq Vt bool 2193Set to 2194.Dq Li YES 2195to have 2196.Pa /tmp 2197cleaned at startup. 2198.\" ----- ldconfig_paths setting -------------------------------- 2199.It Va ldconfig_paths 2200.Pq Vt str 2201Set to the list of shared library paths to use with 2202.Xr ldconfig 8 . 2203NOTE: 2204.Pa /usr/lib 2205will always be added first, so it need not appear in this list. 2206.It Va ldconfig_insecure 2207.Pq Vt bool 2208The 2209.Xr ldconfig 8 2210utility normally refuses to use directories 2211which are writable by anyone except root. 2212Set this variable to 2213.Dq Li YES 2214to disable that security check during system startup. 2215.It Va ldconfig_local_dirs 2216.Pq Vt str 2217Set to the list of local 2218.Xr ldconfig 8 2219directories. 2220The names of all files in the directories listed will be 2221passed as arguments to 2222.Xr ldconfig 8 . 2223.It Va kern_securelevel 2224.Pq Vt int 2225The kernel security level to set at startup. 2226The allowed range of 2227.Ar value 2228ranges from \-1 (the compile time default) to 3 (the most secure). 2229See 2230.Xr init 8 2231for the list of possible security levels and their effect on system operation. 2232.It Va start_vinum 2233.Pq Vt bool 2234Set to 2235.Dq Li YES 2236to start 2237.Xr vinum 8 2238at system boot time. 2239.It Va sshd_enable 2240.Pq Vt bool 2241Set to 2242.Dq Li YES 2243to start 2244.Xr sshd 8 2245at system boot time. 2246.It Va sshd_program 2247.Pq Vt str 2248Path to the SSH server program 2249(default 2250.Pa /usr/sbin/sshd ) . 2251.It Va sshd_flags 2252.Pq Vt str 2253If 2254.Va sshd_enable 2255is set to 2256.Dq Li YES , 2257these are the flags to pass to the 2258.Xr sshd 8 2259daemon. 2260.It Va ftpd_enable 2261.Pq Vt bool 2262Set to 2263.Dq Li YES 2264to start 2265.Xr ftpd 8 2266at system boot time. 2267.It Va ftpd_flags 2268.Pq Vt str 2269If 2270.Va ftpd_enable 2271is set to 2272.Dq Li YES , 2273these are the flags to pass to the 2274.Xr ftpd 8 2275daemon. 2276.It Va watchdogd_enable 2277.Pq Vt bool 2278If set to 2279.Dq Li YES , 2280start the 2281.Xr watchdogd 8 2282daemon at boot time. 2283.It Va jail_enable 2284.Pq Vt bool 2285If set to 2286.Dq Li NO , 2287any configured jails will not be started. 2288.It Va jail_list 2289.Pq Vt str 2290A space separated list of names for jails. 2291This is purely a configuration aid to help identify and 2292configure multiple jails. 2293The names specified in this list will be used to 2294identify settings common to an instance of a jail. 2295Assuming that the jail in question was named 2296.Li vjail , 2297you would have the following dependent variables: 2298.Bd -literal 2299jail_vjail_hostname="jail.example.com" 2300jail_vjail_ip="192.168.1.100" 2301jail_vjail_rootdir="/var/jails/vjail/root" 2302.Ed 2303.It Va jail_flags 2304.Pq Vt str 2305Unset by default. 2306When set, use as default value for 2307.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2308for every jail in 2309.Va jail_list . 2310.It Va jail_interface 2311.Pq Vt str 2312Unset by default. 2313When set, use as default value for 2314.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2315for every jail in 2316.Va jail_list . 2317.It Va jail_fstab 2318.Pq Vt str 2319Unset by default. 2320When set, use as default value for 2321.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2322for every jail in 2323.Va jail_list . 2324.It Va jail_mount_enable 2325.Pq Vt bool 2326Set to 2327.Dq Li NO 2328by default. 2329When set to 2330.Dq Li YES , 2331sets 2332.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2333to 2334.Dq Li YES 2335by default for every jail in 2336.Va jail_list . 2337.It Va jail_procfs_enable 2338.Pq Vt bool 2339Set to 2340.Dq Li NO 2341by default. 2342When set to 2343.Dq Li YES , 2344sets 2345.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2346to 2347.Dq Li YES 2348by default for every jail in 2349.Va jail_list . 2350.It Va jail_devfs_enable 2351.Pq Vt bool 2352Set to 2353.Dq Li NO 2354by default. 2355When set to 2356.Dq Li YES , 2357sets 2358.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2359to 2360.Dq Li YES 2361by default for every jail in 2362.Va jail_list . 2363.It Va jail_exec_start 2364.Pq Vt str 2365Unset by default. 2366When set, use as default value for 2367.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2368for every jail in 2369.Va jail_list . 2370.It Va jail_exec_stop 2371Unset by default. 2372When set, use as default value for 2373.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2374for every jail in 2375.Va jail_list . 2376.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2377.Pq Vt str 2378Unset by default. 2379Set to the root directory used by jail 2380.Va jname . 2381.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2382.Pq Vt str 2383Unset by default. 2384Set to the fully qualified domain name (FQDN) assigned to jail 2385.Va jname . 2386.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2387.Pq Vt str 2388Unset by default. 2389Set to the IP address assigned to jail 2390.Va jname . 2391.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2392.Pq Vt str 2393Set to 2394.Dq Li -l -U root 2395by default. 2396These are flags to pass to 2397.Xr jail 8 . 2398.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2399.Pq Vt str 2400Unset by default. 2401When set, sets the interface to use when setting IP address alias. 2402Note that the alias is created at jail startup and removed at jail shutdown. 2403.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2404.Pq Vt str 2405Set to 2406.Pa /etc/fstab. Ns Aq Ar jname 2407by default. 2408This is the file system information file to use for jail 2409.Va jname . 2410.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2411.Pq Vt bool 2412Set to 2413.Dq Li NO 2414by default. 2415When set to 2416.Dq Li YES , 2417mount all file systems from 2418.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2419at jail startup. 2420.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2421.Pq Vt bool 2422Set to 2423.Dq Li NO 2424by default. 2425When set to 2426.Dq Li YES , 2427mount the process file system inside jail 2428.Ar jname 2429at jail startup. 2430.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2431.Pq Vt bool 2432Set to 2433.Dq Li NO 2434by default. 2435When set to 2436.Dq Li YES , 2437mount the device file system inside jail 2438.Ar jname 2439at jail startup. 2440.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2441.Pq Vt str 2442Set to 2443.Dq Li /bin/sh /etc/rc 2444by default. 2445This is the command executed at jail startup. 2446.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2447.Pq Vt str 2448Set to 2449.Dq Li /bin/sh /etc/rc.shutdown 2450by default. 2451This is the command executed at jail shutdown. 2452.It Va jail_default_set_hostname_allow 2453.Pq Vt bool 2454If set to 2455.Dq Li NO , 2456do not allow the root user in a jail to set its hostname. 2457.It Va jail_default_socket_unixiproute_only 2458.Pq Vt bool 2459If set to 2460.Dq Li YES , 2461do not allow any sockets, 2462besides UNIX/IP/route sockets, 2463to be used within a jail. 2464.It Va jail_default_sysvipc_allow 2465.Pq Vt bool 2466If set to 2467.Dq Li YES , 2468allow applications within a jail to use System V IPC. 2469.It Va jail_default_chflags_allow 2470.Pq Vt bool 2471If set to 2472.Dq Li YES , 2473allow applications within a jail to alter system file flags. 2474.It Va jail_default_raw_sockets_allow 2475.Pq Vt bool 2476If set to 2477.Dq Li YES , 2478allow applications within a jail to user raw sockets. 2479.It Va jail_default_allow_listen_override 2480.Pq Vt bool 2481If set to 2482.Dq Li YES , 2483 allows both wildcard and non-wildcard listen sockets in the jail to 2484override wildcard listen sockets on the host. 2485.It Va lvm_enable 2486.Pq Vt bool 2487If set to 2488.Dq Li YES 2489LVM volumes will be discovered and configured on boot. 2490.It Va newsyslog_enable 2491.Pq Vt bool 2492If set to 2493.Dq Li YES , 2494run 2495.Xr newsyslog 8 2496before syslogd starts. 2497.It Va newsyslog_flags 2498.Pq Vt str 2499If 2500.Va newsyslog_enable 2501is set to 2502.Dq Li YES , 2503these are the flags passed to 2504.Xr newsyslog 8 . 2505.It Va resident_enable 2506.Pq Vt bool 2507If set to 2508.Dq Li YES , 2509make the dynamic binaries listed in 2510.Pa /etc/resident.conf 2511resident. 2512.It Va varsym_enable 2513.Pq Vt bool 2514If set to 2515.Dq Li YES , 2516process 2517.Pa /etc/varsym.conf 2518to set system-wide variables for variant symlinks. 2519.It Va rand_irqs 2520.Pq Vt str 2521Set either to 2522.Dq Li NO 2523or a whitespace separated list of IRQ numbers which will be used as a source of 2524randomness. 2525.\" ----------------------------------------------------- 2526.It Va entropy_dir 2527.Pq Vt str 2528Set to 2529.Dq Li NO 2530to disable caching entropy via 2531.Xr cron 8 . 2532Otherwise set to the directory used to store entropy files in. 2533.It Va entropy_file 2534.Pq Vt str 2535Set to 2536.Dq Li NO 2537to disable caching entropy through reboots. 2538Otherwise set to the filename used to store cached entropy through reboots. 2539This file should be located on the root file system to seed the 2540.Xr random 4 2541device as early as possible in the boot process. 2542.It Va entropy_save_sz 2543.Pq Vt int 2544Determines the size of the entropy cache files used for entropy cached 2545through reboots and also entropy cached via 2546.Xr cron 8 . 2547The entropy is fed to the system in blocks of 512 bytes, so this number 2548should be large enough to fill as many of the entropy pools in the kernel 2549CSPRNG as possible. 2550By default, it is set to 16384, which should be able to seed all 32 entropy 2551pools in the Fortuna CSPRNG. 2552.It Va dmesg_enable 2553.Pq Vt bool 2554Set to 2555.Dq Li YES 2556to save 2557.Xr dmesg 8 2558to 2559.Pa /var/run/dmesg.boot 2560on boot. 2561.It Va rcshutdown_timeout 2562.Pq Vt int 2563If set, start a watchdog timer in the background which will terminate 2564.Pa rc.shutdown 2565if 2566.Xr shutdown 8 2567has not completed within the specified time (in seconds). 2568Notice that in addition to this soft timeout, 2569.Xr init 8 2570also applies a hard timeout for the execution of 2571.Pa rc.shutdown . 2572This is configured via 2573.Xr sysctl 8 2574variable 2575.Va kern.init_shutdown_timeout 2576and defaults to 120 seconds. Setting the value of 2577.Va rcshutdown_timeout 2578to more than 120 seconds will have no effect until the 2579.Xr sysctl 8 2580variable 2581.Va kern.init_shutdown_timeout 2582is also increased. 2583.It Va udevd_enable 2584.Pq Vt bool 2585If set to 2586.Dq Li YES , 2587the udevd daemon will be started on boot. 2588.It Va vfs_quota_enable 2589.Pq Vt bool 2590If set to 2591.Dq Li YES , 2592vfs quota rc.d scripts will be run on boot. 2593.It Va vfs_quota_sync 2594.Pq Vt str 2595List of mount points whose counters are to be synchronized with on-disk 2596usage during system startup. 2597See also 2598.Xr vquota 8 . 2599.It Va vknetd_enable 2600.Pq Vt bool 2601If set to 2602.Dq Li YES , 2603.Xr vknetd 8 2604will be started on boot. 2605.It Va vknetd_flags 2606.Pq Vt bool 2607Additional flags passed to 2608.Xr vknetd 8 . 2609Usually address/cidrbits is specified here. 2610When no flags are passed, default option 2611.Fl U 2612will be used. 2613.It Va vkernel_enable 2614.Pq Vt bool 2615If set to 2616.Dq Li NO , 2617any configured vkernels will not be started. 2618.It Va vkernel_kill_timeout 2619.Pq Vt int 2620This defines the default number of seconds that we will wait for the 2621vkernel to shut down on its own. 2622If after this time it's still alive, 2623it will be killed with SIGKILL. 2624.It Va vkernel_bin 2625.Pq Vt str 2626Defines the default path to the vkernel binary. 2627.It Va vkernel_list 2628.Pq Vt str 2629A space separated list of names for vkernels. 2630This is purely a configuration aid to help identify and 2631configure multiple vkernels. 2632The names specified in this list will be used to 2633identify settings common to a vkernel instance. 2634Assuming that the vkernel in question was named 2635.Li example , 2636you would have the following dependent variables 2637(filled with reference values in this text): 2638.Bd -literal 2639vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2640vkernel_example_memsize="64m" 2641vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2642vkernel_example_memimg="/var/vkernel/memimg.000001" 2643vkernel_example_user="myuser" 2644vkernel_example_iface_list="auto:bridge0" 2645vkernel_example_logfile="/dev/null" 2646vkernel_example_flags="-U" 2647vkernel_example_kill_timeout="45" 2648.Ed 2649.Pp 2650The last six are optional. 2651They default to an empty string if not set, except for logfile which defaults to 2652.Pa /dev/null 2653if it is not set. 2654.Pp 2655Note that in case 2656.Va vkernel_memimg 2657is not set, the 2658.Pa rc.d 2659script will create 2660.Pa /var/vkernel , 2661which is the vkernel's default directory for memory images, 2662with permissions of 1777, i.e. world writable with the sticky bit set 2663(see 2664.Xr sticky 8 ) . 2665.It Va autofs_enable 2666.Pq Vt bool 2667If set to 2668.Dq Li YES , 2669start the 2670.Xr automount 8 2671utility and the 2672.Xr automountd 8 2673and 2674.Xr autounmountd 8 2675daemons at boot time. 2676.It Va automount_flags 2677.Pq Vt str 2678If 2679.Va autofs_enable 2680is set to 2681.Dq Li YES , 2682these are the flags to pass to the 2683.Xr automount 8 2684program. 2685By default no flags are passed. 2686.It Va automountd_flags 2687.Pq Vt str 2688If 2689.Va autofs_enable 2690is set to 2691.Dq Li YES , 2692these are the flags to pass to the 2693.Xr automountd 8 2694daemon. 2695By default no flags are passed. 2696.It Va autounmountd_flags 2697.Pq Vt str 2698If 2699.Va autofs_enable 2700is set to 2701.Dq Li YES , 2702these are the flags to pass to the 2703.Xr autounmountd 8 2704daemon. 2705By default no flags are passed. 2706.El 2707.Sh FILES 2708.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2709.It Pa /etc/defaults/rc.conf 2710.It Pa /etc/rc.conf 2711.It Pa /etc/rc.conf.local 2712.It Pa /etc/start_if. Ns Aq Ar interface 2713.El 2714.Sh SEE ALSO 2715.Xr gdb 1 , 2716.Xr info 1 , 2717.Xr kbdcontrol 1 , 2718.Xr varsym 1 , 2719.Xr vidcontrol 1 , 2720.Xr ip 4 , 2721.Xr ipfw 4 , 2722.Xr kld 4 , 2723.Xr pf 4 , 2724.Xr tcp 4 , 2725.Xr udp 4 , 2726.Xr vlan 4 , 2727.Xr autofs 5 , 2728.Xr auto_master 5 , 2729.Xr exports 5 , 2730.Xr motd 5 , 2731.Xr resident.conf 5 , 2732.Xr varsym.conf 5 , 2733.Xr accton 8 , 2734.Xr automount 8 , 2735.Xr automountd 8 , 2736.Xr autounmountd 8 , 2737.Xr btconfig 8 , 2738.Xr bthcid 8 , 2739.Xr cron 8 , 2740.Xr devd 8 , 2741.Xr dhclient 8 , 2742.Xr dhcpcd 8 , 2743.Xr dntpd 8 , 2744.Xr ftpd 8 , 2745.Xr ifconfig 8 , 2746.Xr inetd 8 , 2747.Xr ip6addrctl 8 , 2748.Xr jail 8 , 2749.Xr lpd 8 , 2750.Xr makewhatis 8 , 2751.Xr mixer 8 , 2752.Xr mountd 8 , 2753.Xr moused 8 , 2754.Xr nfsd 8 , 2755.Xr pcnfsd 8 , 2756.Xr pfctl 8 , 2757.Xr pflogd 8 , 2758.Xr quotacheck 8 , 2759.Xr quotaon 8 , 2760.Xr rc 8 , 2761.Xr rc.sendmail 8 , 2762.Xr resident 8 , 2763.Xr rndcontrol 8 , 2764.Xr route 8 , 2765.Xr routed 8 , 2766.Xr rpcbind 8 , 2767.Xr rpc.lockd 8 , 2768.Xr rpc.statd 8 , 2769.Xr rtadvd 8 , 2770.Xr rtsold 8 , 2771.Xr rwhod 8 , 2772.Xr savecore 8 , 2773.Xr sdpd 8 , 2774.Xr sensorsd 8 , 2775.Xr sshd 8 , 2776.Xr swapon 8 , 2777.Xr sysctl 8 , 2778.Xr syslogd 8 , 2779.Xr sysvipcd 8 , 2780.Xr vinum 8 , 2781.Xr wpa_supplicant 8 , 2782.Xr yp 8 , 2783.Xr ypbind 8 , 2784.Xr ypserv 8 , 2785.Xr ypset 8 2786.Sh HISTORY 2787The 2788.Nm 2789file appeared in 2790.Fx 2.2.2 . 2791.Sh AUTHORS 2792.An Jordan K. Hubbard . 2793