1.\" $NetBSD: sysctl.8,v 1.78 2002/05/28 03:17:26 itojun Exp $ 2.\" 3.\" Copyright (c) 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" @(#)sysctl.8 8.1 (Berkeley) 6/6/93 35.\" 36.Dd June 6, 1993 37.Dt SYSCTL 8 38.Os 39.Sh NAME 40.Nm sysctl 41.Nd get or set kernel state 42.Sh SYNOPSIS 43.Nm sysctl 44.Op Fl n 45.Ar name ... 46.Nm sysctl 47.Op Fl n 48.Op Fl q 49.Fl w 50.Ar name Ns Li = Ns Ar value ... 51.Nm sysctl 52.Op Fl n 53.Fl a 54.Nm sysctl 55.Op Fl n 56.Fl A 57.Nm sysctl 58.Op Fl n 59.Op Fl q 60.Fl f 61.Ar file 62.Sh DESCRIPTION 63The 64.Nm sysctl 65utility retrieves kernel state and allows processes with 66appropriate privilege to set kernel state. 67The state to be retrieved or set is described using a 68``Management Information Base'' (``MIB'') style name, 69described as a dotted set of components. 70The 71.Fl a 72flag can be used to list all the currently available string or integer values. 73The 74.Fl A 75flag will list all the known MIB names including tables. 76Those with string or integer values will be printed as with the 77.Fl a 78flag; for the table values, 79the name of the utility to retrieve them is given. 80.Pp 81The 82.Fl n 83flag specifies that the printing of the field name should be 84suppressed and that only its value should be output. 85This flag is useful for setting shell variables. 86For example, to save the pagesize in variable psize, use: 87.Bd -literal -offset indent -compact 88set psize=`sysctl -n hw.pagesize` 89.Ed 90.Pp 91If just a MIB style name is given, 92the corresponding value is retrieved. 93If a value is to be set, the 94.Fl w 95flag must be specified and the MIB name followed 96by an equal sign and the new value to be used. 97.Pp 98The 99.Fl f 100flag specifies the name of a file to read and process. Blank lines and 101comments (beginning with 102.Ql # ) 103are ignored. Line continuations with 104.Ql \e 105are permitted. Remaining lines are processed similarly to 106command line arguments of the form 107.Ar name 108or 109.Ar name Ns Li = Ns Ar value . 110The 111.Fl w 112flag is implied by 113.Fl f . 114.Pp 115The 116.Fl q 117flag may be used with 118.Fl f 119and 120.Fl w 121to indicate that nothing should be printed for writes unless an error is 122detected. 123.Pp 124The 125.Ql proc 126top-level MIB has a special semantic: it represent per-process values 127and as such may differ from one process to another. The second-level name 128is the pid of the process (in decimal form), or the special word 129.Ql curproc . 130For variables below 131.Ql proc.\*[Lt]pid\*[Gt].rlimit , 132the integer value may be replaced 133with the string 134.Ql unlimited 135if it matches the magic value used to disable 136a limit. 137.Pp 138The information available from 139.Nm sysctl 140consists of integers, strings, and tables. 141The tabular information can only be retrieved by special 142purpose programs such as 143.Nm ps , 144.Nm systat , 145and 146.Nm netstat . 147The string and integer information is summarized below. 148For a detailed description of these variable see 149.Xr sysctl 3 . 150The changeable column indicates whether a process with appropriate 151privilege can change the value. 152.Bl -column proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.hardxxxxxx integerxxx 153.It Sy Name Type Changeable 154.It ddb.fromconsole integer yes 155.It ddb.lines integer yes 156.It ddb.maxoff integer yes 157.It ddb.maxwidth integer yes 158.It ddb.onpanic integer yes 159.It ddb.radix integer yes 160.It ddb.tabstops integer yes 161.It hw.alignbytes integer no 162.It hw.byteorder integer no 163.It hw.disknames string no 164.It hw.diskstats struct no 165.It hw.machine string no 166.It hw.machine_arch string no 167.It hw.model string no 168.It hw.ncpu integer no 169.It hw.pagesize integer no 170.It hw.physmem integer no 171.It hw.usermem integer no 172.It hw.cnmagic string yes 173.It kern.argmax integer no 174.It kern.autonicetime integer yes 175.It kern.autoniceval integer yes 176.It kern.boottime struct no 177.It kern.chown_restricted integer no 178.It kern.clockrate struct no 179.It kern.defcorename string yes 180.It kern.fsync integer no 181.It kern.hostid integer yes 182.It kern.hostname string yes 183.It kern.iov_max integer no 184.It kern.job_control integer no 185.It kern.link_max integer no 186.It kern.login_name_max integer no 187.It kern.logsigexit integer yes 188.It kern.max_canon integer no 189.It kern.max_input integer no 190.It kern.maxfiles integer yes 191.It kern.maxpartitions integer no 192.It kern.maxproc integer yes 193.It kern.maxptys integer yes, special 194.It kern.maxvnodes integer raise only 195.It kern.mapped_files integer no 196.It kern.memlock integer no 197.It kern.memlock_rage integer no 198.It kern.memory_protection integer no 199.It kern.mbuf.mblowat integer yes 200.It kern.mbuf.mcllowat integer yes 201.It kern.mbuf.mclsize integer no 202.It kern.mbuf.msize integer no 203.It kern.mbuf.nmbclusters integer raise only 204.It kern.msgbufsize integer no 205.It kern.name_max integer no 206.It kern.ngroups integer no 207.It kern.no_trunc integer no 208.It kern.osrelease string no 209.It kern.osrevision integer no 210.It kern.ostype string no 211.It kern.path_max integer no 212.It kern.pipe.maxkvasz integer yes 213.It kern.pipe.maxloankvasz integer yes 214.It kern.pipe.maxbigpipes integer yes 215.It kern.pipe.nbigpipes integer no 216.It kern.pipe.kvasize integer no 217.It kern.posix1version integer no 218.It kern.rawpartition integer no 219.It kern.saved_ids integer no 220.It kern.securelevel integer raise only 221.It kern.synchronized_io integer no 222.It kern.sysvmsg integer no 223.It kern.sysvsem integer no 224.It kern.sysvshm integer no 225.It kern.tkstat.nin quad no 226.It kern.tkstat.nout quad no 227.It kern.tkstat.cancc quad no 228.It kern.tkstat.rawcc quad no 229.It kern.vdisable integer no 230.It kern.version string no 231.It machdep.console_device dev_t no 232.It net.inet.icmp.maskrepl integer yes 233.It net.inet.icmp.errppslimit integer yes 234.It net.inet.icmp.rediraccept integer yes 235.It net.inet.icmp.redirtimeout integer yes 236.It net.inet.ip.allowsrcrt integer yes 237.It net.inet.ip.anonportmax integer yes 238.It net.inet.ip.anonportmin integer yes 239.It net.inet.ip.directed-broadcast integer yes 240.It net.inet.ip.forwarding integer yes 241.It net.inet.ip.forwsrcrt integer yes 242.It net.inet.ip.maxfragpacket integer yes 243.It net.inet.ip.lowportmax integer yes 244.It net.inet.ip.lowportmin integer yes 245.It net.inet.ip.mtudisc integer yes 246.It net.inet.ip.mtudisctimeout integer yes 247.It net.inet.ip.redirect integer yes 248.It net.inet.ip.subnetsarelocal integer yes 249.It net.inet.ip.ttl integer yes 250.It net.inet.ipsec.ah_cleartos integer yes 251.It net.inet.ipsec.ah_net_deflev integer yes 252.It net.inet.ipsec.ah_offsetmask integer yes 253.It net.inet.ipsec.ah_trans_deflev integer yes 254.It net.inet.ipsec.def_policy integer yes 255.It net.inet.ipsec.dfbit integer yes 256.It net.inet.ipsec.ecn integer yes 257.It net.inet.ipsec.esp_net_deflev integer yes 258.It net.inet.ipsec.esp_trans_deflev integer yes 259.It net.inet.ipsec.inbound_call_ike integer yes 260.It net.inet.tcp.ack_on_push integer yes 261.It net.inet.tcp.compat_42 integer yes 262.It net.inet.tcp.cwm integer yes 263.It net.inet.tcp.cwm_burstsize integer yes 264.It net.inet.tcp.init_win integer yes 265.It net.inet.tcp.keepcnt integer yes 266.It net.inet.tcp.keepidle integer yes 267.It net.inet.tcp.keepintvl integer yes 268.It net.inet.tcp.log_refused integer yes 269.It net.inet.tcp.mss_ifmtu integer yes 270.It net.inet.tcp.mssdflt integer yes 271.It net.inet.tcp.recvspace integer yes 272.It net.inet.tcp.rfc1323 integer yes 273.It net.inet.tcp.rstppslimit integer yes 274.It net.inet.tcp.sack integer yes 275.It net.inet.tcp.sendspace integer yes 276.It net.inet.tcp.slowhz integer no 277.It net.inet.tcp.syn_bucket_limit integer yes 278.It net.inet.tcp.syn_cache_interval integer yes 279.It net.inet.tcp.syn_cache_limit integer yes 280.It net.inet.tcp.timestamps integer yes 281.It net.inet.tcp.win_scale integer yes 282.It net.inet.udp.checksum integer yes 283.It net.inet.udp.recvspace integer yes 284.It net.inet.udp.sendspace integer yes 285.It net.inet6.icmp6.errppslimit integer yes 286.It net.inet6.icmp6.mtudisc_hiwat integer yes 287.It net.inet6.icmp6.mtudisc_lowat integer yes 288.It net.inet6.icmp6.nd6_debug integer yes 289.It net.inet6.icmp6.nd6_delay integer yes 290.It net.inet6.icmp6.nd6_maxnudhint integer yes 291.It net.inet6.icmp6.nd6_mmaxtries integer yes 292.It net.inet6.icmp6.nd6_prune integer yes 293.It net.inet6.icmp6.nd6_umaxtries integer yes 294.It net.inet6.icmp6.nd6_useloopback integer yes 295.It net.inet6.icmp6.nodeinfo integer yes 296.It net.inet6.icmp6.rediraccept integer yes 297.It net.inet6.icmp6.redirtimeout integer yes 298.It net.inet6.ip6.accept_rtadv integer yes 299.It net.inet6.ip6.anonportmax integer yes 300.It net.inet6.ip6.anonportmin integer yes 301.It net.inet6.ip6.auto_flowlabel integer yes 302.It net.inet6.ip6.v6only integer yes 303.It net.inet6.ip6.dad_count integer yes 304.It net.inet6.ip6.defmcasthlim integer yes 305.It net.inet6.ip6.forwarding integer yes 306.It net.inet6.ip6.gif_hlim integer yes 307.It net.inet6.ip6.hdrnestlimit integer yes 308.It net.inet6.ip6.hlim integer yes 309.It net.inet6.ip6.kame_version string no 310.It net.inet6.ip6.keepfaith integer yes 311.It net.inet6.ip6.log_interval integer yes 312.It net.inet6.ip6.lowportmax integer yes 313.It net.inet6.ip6.lowportmin integer yes 314.It net.inet6.ip6.maxfragpackets integer yes 315.It net.inet6.ip6.maxfrags integer yes 316.It net.inet6.ip6.redirect integer yes 317.It net.inet6.ip6.rr_prune integer yes 318.It net.inet6.ip6.use_deprecated integer yes 319.It net.inet6.ipsec6.ah_net_deflev integer yes 320.It net.inet6.ipsec6.ah_trans_deflev integer yes 321.It net.inet6.ipsec6.def_policy integer yes 322.It net.inet6.ipsec6.ecn integer yes 323.It net.inet6.ipsec6.esp_net_deflev integer yes 324.It net.inet6.ipsec6.esp_trans_deflev integer yes 325.It net.inet6.ipsec6.inbound_call_ike integer yes 326.It net.inet6.udp6.recvspace integer yes 327.It net.inet6.udp6.sendspace integer yes 328.It net.key.acq_exp_int integer yes 329.It net.key.acq_maxtime integer yes 330.It net.key.ah_keymin integer yes 331.It net.key.debug integer yes 332.It net.key.esp_auth integer yes 333.It net.key.esp_keymin integer yes 334.It net.key.kill_int integer yes 335.It net.key.random_int integer yes 336.It net.key.spi_max_value integer yes 337.It net.key.spi_min_value integer yes 338.It net.key.spi_try integer yes 339.It proc.\*[Lt]pid\*[Gt].corename string yes 340.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.hard integer yes 341.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.soft integer yes 342.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.hard integer yes 343.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.soft integer yes 344.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.hard integer yes 345.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.soft integer yes 346.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.hard integer yes 347.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.soft integer yes 348.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.hard integer yes 349.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.soft integer yes 350.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.hard integer yes 351.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.soft integer yes 352.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.hard integer yes 353.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.soft integer yes 354.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.hard integer yes 355.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.soft integer yes 356.It user.bc_base_max integer no 357.It user.bc_dim_max integer no 358.It user.bc_scale_max integer no 359.It user.bc_string_max integer no 360.It user.coll_weights_max integer no 361.It user.cs_path string no 362.It user.expr_nest_max integer no 363.It user.line_max integer no 364.It user.posix2_c_bind integer no 365.It user.posix2_c_dev integer no 366.It user.posix2_char_term integer no 367.It user.posix2_fort_dev integer no 368.It user.posix2_fort_run integer no 369.It user.posix2_localedef integer no 370.It user.posix2_sw_dev integer no 371.It user.posix2_upe integer no 372.It user.posix2_version integer no 373.It user.re_dup_max integer no 374.It vendor.\*[Lt]vendor\*[Gt].* ? vendor specific 375.It vfs.generic.usermount integer yes 376.It vm.anonmax integer yes 377.It vm.anonmin integer yes 378.It vm.execmax integer yes 379.It vm.execmin integer yes 380.It vm.filemax integer yes 381.It vm.filemin integer yes 382.It vm.loadavg struct no 383.It vm.nkmempages integer no 384.It vm.uvmexp struct no 385.It vm.uvmexp2 struct no 386.It vm.vmmeter struct no 387.El 388.Pp 389Entries found under 390.Dq vendor.\*[Lt]vendor\*[Gt] 391are left to be specified (and used) by vendors 392using the 393.Nx 394operating system in their products. 395Values and structure are vendor-defined, and no registry 396exists right now. 397.Sh FILES 398.Bl -tag -width \*[Lt]netinet6/udp6Xvar.h\*[Gt] -compact 399.It Pa \*[Lt]sys/sysctl.h\*[Gt] 400definitions for top level identifiers, second level kernel and hardware 401identifiers, and user level identifiers 402.It Pa \*[Lt]sys/socket.h\*[Gt] 403definitions for second level network identifiers 404.It Pa \*[Lt]sys/gmon.h\*[Gt] 405definitions for third level profiling identifiers 406.It Pa \*[Lt]uvm/uvm_param.h\*[Gt] 407definitions for second level virtual memory identifiers 408.It Pa \*[Lt]netinet/in.h\*[Gt] 409definitions for third level IPv4/v6 identifiers and 410fourth level IPv4/v6 identifiers 411.It Pa \*[Lt]netinet/icmp_var.h\*[Gt] 412definitions for fourth level ICMP identifiers 413.It Pa \*[Lt]netinet/icmp6.h\*[Gt] 414definitions for fourth level ICMPv6 identifiers 415.It Pa \*[Lt]netinet/tcp_var.h\*[Gt] 416definitions for fourth level TCP identifiers 417.It Pa \*[Lt]netinet/udp_var.h\*[Gt] 418definitions for fourth level UDP identifiers 419.It Pa \*[Lt]netinet6/udp6_var.h\*[Gt] 420definitions for fourth level IPv6 UDP identifiers 421.It Pa \*[Lt]netinet6/ipsec.h\*[Gt] 422definitions for fourth level IPsec identifiers 423.It Pa \*[Lt]netkey/key_var.h\*[Gt] 424definitions for third level PF_KEY identifiers 425.El 426.Sh EXAMPLES 427For example, to retrieve the maximum number of processes allowed 428in the system, one would use the following request: 429.Bd -literal -offset indent -compact 430sysctl kern.maxproc 431.Ed 432.Pp 433To set the maximum number of processes allowed 434in the system to 1000, one would use the following request: 435.Bd -literal -offset indent -compact 436sysctl -w kern.maxproc=1000 437.Ed 438.Pp 439Information about the system clock rate may be obtained with: 440.Bd -literal -offset indent -compact 441sysctl kern.clockrate 442.Ed 443.Pp 444Information about the load average history may be obtained with: 445.Bd -literal -offset indent -compact 446sysctl vm.loadavg 447.Ed 448.Pp 449To view the values of the per-process variables of the current shell, 450the request: 451.Bd -literal -offset indent -compact 452sysctl proc.$$ 453.Ed 454can be used if the shell interpreter replaces $$ with it's pid (this is true 455for most shells). 456.Pp 457To redirect core dumps to the /var/tmp/\*[Lt]username\*[Gt] directory, 458.Bd -literal -offset indent -compact 459sysctl -w proc.$$.corename=/var/tmp/%u/%n.core 460.Ed 461Shall be used. 462.Bd -literal -offset indent -compact 463sysctl -w proc.curproc.corename=/var/tmp/%u/%n.core 464.Ed 465changes the value for the sysctl process itself, and will not have the desired 466effect. 467.Sh SEE ALSO 468.Xr sysctl 3 469.Sh HISTORY 470.Nm sysctl 471first appeared in 472.Bx 4.4 . 473