Annotation of src/etc/defaults/rc.conf, Revision 1.160
1.160 ! msaitoh 1: # $NetBSD: rc.conf,v 1.159 2020/09/11 09:59:35 kim Exp $
1.128 tron 2: #
3: # /etc/defaults/rc.conf --
4: # default configuration of /etc/rc.conf
5: #
6: # see rc.conf(5) for more information.
7: #
8: # DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE.
9: # EDIT /etc/rc.conf INSTEAD.
10: #
11:
12: #
13: # Use program=YES to enable program, NO to disable it. program_flags are
14: # passed to the program on the command line.
15: #
16:
17: # Uncomment this if you want to use local paths in rc.
18: #
19: #export PATH=$PATH:/usr/pkg/sbin:/usr/pkg/bin:/usr/local/sbin:/usr/local/bin
20:
21: # Uncomment the following to execute each /etc/rc.d script in
22: # the current shell rather than in a subshell. This may be
23: # faster on very slow machines that have an expensive fork(2).
24: # NOTE: USE THIS AT YOUR OWN RISK; A ROGUE COMMAND
25: # MAY INADVERTENTLY PREVENT BOOT TO MULTIUSER.
26: #
27: #rc_fast_and_loose=YES
28:
29: # If rc_silent is true then /etc/rc will suppress most output to
30: # the console. The default is taken from the AB_SILENT flag passed
31: # from the boot loader to the kernel in the boothowto(9) variable.
32: #
33: # rc_silent_cmd is executed once for each suppressed line of output.
34: # Useful values are ":" and "twiddle".
35: #
36: rc_silent=$( [ "$(( $(/sbin/sysctl -n kern.boothowto 2>/dev/null || echo 0) \
37: & 0x40000 ))" != 0 ] && echo true || echo false )
38: rc_silent_cmd=twiddle
39:
40: # Additional flags to the rcorder(8) that's run by /etc/rc.
41: #
42: rc_rcorder_flags=""
43:
44: # The directories searched for rc scripts.
45: # These directories must be part of the root file system.
46: rc_directories=/etc/rc.d
47:
48: # If this is set to NO, shutdown(8) will not run /etc/rc.shutdown.
49: #
50: do_rcshutdown=YES
51:
52: # Additional flags to the rcorder(8) that's run by /etc/rc.shutdown.
53: #
54: rcshutdown_rcorder_flags=""
55:
56: # If this is non-blank, use as the number of seconds to run a watchdog
57: # timer which will terminate /etc/rc.shutdown if the timeout expires.
58: #
59: rcshutdown_timeout=""
60:
61:
62: # Basic network configuration
63: #
64:
65: # Fully Qualified Internet Domain Name (a.k.a. hostname, e.g. foo.baz.edu).
66: # If blank, use /etc/myname.
67: #
68: hostname=""
69:
70: # If there's only one way out of your IPv4 network, set this to the hostname
71: # or the IPv4 address of the router that will get your packets off the LAN.
72: # If blank, use /etc/mygate.
73: #
74: defaultroute=""
75:
76: # Same thing for IPv6. If blank, use /etc/mygate6.
77: #
78: defaultroute6=""
79:
80: # The NIS domain name (formerly known as Yellow Pages); not in any way
81: # related to Internet domain names.
82: # If blank, use /etc/defaultdomain.
83: #
84: domainname=""
85:
86: # Filesystems to mount early in boot-up.
87: # Note that `/var' is needed in $critical_filesystems_local (or
88: # implied as part of `/') as certain services that need /var (such as
1.144 roy 89: # dhcpcd) may be needed to get the network operational enough to mount
1.128 tron 90: # the $critical_filesystems_remote. Prepending "OPTIONAL:" means it
91: # will not be an error if that file system is not present in fstab(5).
92: #
93: critical_filesystems_local="OPTIONAL:/var"
94: critical_filesystems_remote="OPTIONAL:/usr"
95:
96: # Swap device controls.
97: #
98: no_swap=NO # Set to YES if you have purposefully setup no swap
99: # partitions and don't want to be warned about it.
100: swapoff=YES # Remove block-type swap partitions upon shutdown
101: # This defaults to yes, so that raids shutdown cleanly
1.146 martin 102: swapoff_umount=auto # Set to 'manual' to umount the tmpfs partitions listed
103: # in swapoff_umount_fs before removing swap. Set to
1.160 ! msaitoh 104: # 'auto' to umount all tmpfs partitions that contain
1.146 martin 105: # no device nodes.
106: swapoff_umount_fs= # space-separated list of tmpfs mount points to umount
107: # before removing swap if swapoff_umount=manual
1.128 tron 108:
109: # Concatenated disk driver.
110: #
111: ccd=YES
112:
113: # RAIDframe driver (manually configured devices).
114: #
115: raidframe=YES
116:
117: # Crypto file system.
118: #
119: cgd=YES
120:
121: # Logical Volume Manager
122: #
123: lvm=NO
124:
125: # One-time actions and programs on boot-up.
126: #
127: savecore=YES savecore_flags="-z"
128: savecore_dir="/var/crash"
1.155 jmcneill 129: resize_disklabel=NO # resize disklabel to fill disk
130: resize_gpt=NO # resize GPT to fill disk
1.133 chopps 131: resize_root=NO # resize root to fill partition
1.128 tron 132: per_user_tmp=NO # per-user /tmp directories
133: per_user_tmp_dir="/private/tmp" # real storage for /tmp
134: clear_tmp=YES # clear /tmp after reboot
135: update_motd=YES # updates /etc/motd
1.159 kim 136: update_motd_release=NO motd_release_tag="" # release info in /etc/motd
1.142 martin 137: dmesg=YES dmesg_flags="-t" # write /var/run/dmesg.boot
1.128 tron 138: accounting=NO # uses /var/account/acct
139: newsyslog=NO newsyslog_flags="" # trim log files
140: quota=YES # check and enable quotas
141: ldconfig=YES # rebuild a.out ldconfig cache
142: sysdb=YES # build system databases
143: rndctl=NO rndctl_flags="" # configure rndctl(8)
144: gpio=NO # configure GPIO devices
1.132 jmcneill 145: modules=YES # process /etc/modules.conf
1.128 tron 146:
147: # cope with other OSes using the real time clock at localtime on this
148: # machine (by adjusting kern.rtc_offset at boot)
149: rtclocaltime=NO
150:
151: # NOTE: default coredump name now set in /etc/sysctl.conf
152:
153: #
154: # File system check flags; default to preen mode, checking file systems
155: # that are listed in /etc/fstab in parallel as the fsck pass number
156: # permits. Fix minor faults automatically, and exit with non 0 only
157: # when major errors occur.
158: #
159: fsck_flags=-p
160:
161: # Security setting. If $securelevel is non-empty, the system securelevel
162: # is set to this value early in the boot sequence. Otherwise the default
163: # action is taken (see init(8)).
164: #
165: securelevel="" # securelevel to set to
166:
167: # To set the IP address of an interface either use
168: # ifconfig_xxN="IP-NO"
169: # where xxN is the interface. If this variable is not set then
170: # contents of the file /etc/ifconfig.xxN is used.
171:
172: # Networking startup.
173: #
1.136 roy 174: # Wait up to 15 seconds for the tentative flag to clear from all addresses.
175: # Wait up to 5 seconds for the detached flag to clear from all addresses.
176: # Addresses are detached if there is no carrier, thus we have a small
177: # wait to see if we get a carrier.
178: # Even a wired interface may not recognise it has a carrier right away.
179: ifconfig_wait_dad_flags="-w 15 -W 5"
180:
1.128 tron 181: mdnsd=NO
182: npf=NO
1.157 christos 183: npfd=NO npfd_flags=""
1.128 tron 184: ipfilter=NO ipfilter_flags="" # uses /etc/ipf.conf
185: ipnat=NO # uses /etc/ipnat.conf
186: ipfs=NO ipfs_flags="" # save/load ipnat and ipf states
187: ipsec=NO # uses /etc/ipsec.conf
188: ipmon=NO ipmon_flags="-Dns" # syslog ipfilter messages
189: pf=NO pf_rules="/etc/pf.conf" pf_flags=""
190: pflogd=NO
191: ftp_proxy=NO
192: racoon=NO # IKE daemon
193: auto_ifconfig=YES # config all avail. interfaces
194: net_interfaces="" # used only if above is NO
195: flushroutes=YES # flush routes in netstart
1.144 roy 196: dhcpcd=NO dhcpcd_flags="-qM" # For ifconfig_XXX=dhcp.
1.128 tron 197: ntpdate=NO ntpdate_flags="-b -s" # May need '-u' thru firewall
198: ppp=YES ppp_peers="" # /etc/ppp/peers to call
199: ip6mode=host # host, autohost or router
200: ip6uniquelocal=NO # IPv6 unique-local forwarding
1.20 martin 201:
202: # Special treatment for interfaces that need to be downed on
1.63 dsainty 203: # shutdown (because they might cause unnecessary costs or block resources
1.20 martin 204: # on the peer). All pppoe* interfaces are automatically included in this
205: # list, add others here manually.
1.44 lukem 206: #force_down_interfaces=""
1.25 martin 207:
208: ifwatchd=NO # execute up/down scripts for in-kernel PPPoE interfaces
209: ifwatchd_flags="-u /etc/ppp/ip-up -d /etc/ppp/ip-down pppoe0"
1.11 thorpej 210:
211: # ALTQ configuration/monitoring daemon
212: altqd=NO altqd_flags=""
1.1 lukem 213:
214: # Daemons required by servers. These are not needed for strictly client use.
215: #
216:
217: # inetd is used to start the IP-based services enabled in /etc/inetd.conf
218: #
219: inetd=YES inetd_flags="-l" # -l logs libwrap
220:
1.55 christos 221: # identd
222: #
223: identd=NO identd_flags="-b -l -u nobody"
224:
1.1 lukem 225: # rpcbind (formerly known as 'portmap') is used to look up RPC-based services.
226: #
227: rpcbind=NO rpcbind_flags="-l" # -l logs libwrap
228:
229: # Commonly used daemons.
230: #
231: syslogd=YES syslogd_flags="-s" # -s "secure" unix domain only
232: cron=YES
1.10 lukem 233: named=NO named_flags="" # see below for named_chrootdir
1.1 lukem 234: timed=NO timed_flags=""
1.26 lukem 235: ntpd=NO ntpd_flags="" # see below for ntpd_chrootdir
1.90 pavel 236: # The default setting for postfix here is YES, but gets re-examined by
237: # the rc.d/postfix startup script when it runs. The script sets
238: # _rc_d_postfix to "check", and then causes all rc.conf settings to
239: # be re-evaluated. If the value of $postfix after this is "check",
240: # the script then checks to see if /etc/mailer.conf selects the system
241: # postfix. If not, it does print a warning and does not start postfix
242: # to avoid conflict with a different MTA.
243: postfix=${_rc_d_postfix:-YES}
1.1 lukem 244: lpd=NO lpd_flags="-s" # -s "secure" unix domain only
245: sshd=NO sshd_flags=""
1.121 riastrad 246: ssh_keygen_flags=""
1.68 peter 247: ftpd=NO ftpd_flags="-ll"
1.97 mishka 248: httpd=NO httpd_flags=""
249: httpd_wwwdir="/var/www"
250: httpd_wwwuser="_httpd"
1.47 atatat 251:
1.10 lukem 252: # To run the named(8) DNS server as an unprivileged user under a
253: # chroot(2) cage, uncomment the following after migrating the contents
1.23 lukem 254: # of /etc/namedb to /var/chroot/named/etc/namedb
1.10 lukem 255: #
1.23 lukem 256: #named_chrootdir="/var/chroot/named"
1.26 lukem 257:
258: # To run the ntpd(8) NTP server as an unprivileged user under a
1.39 lukem 259: # chroot(2) cage, uncomment the following, after ensuring that:
260: # - The kernel has "pseudo-device clockctl" compiled in
261: # - /dev/clockctl is present
1.26 lukem 262: #
263: #ntpd_chrootdir="/var/chroot/ntpd"
1.1 lukem 264:
265: # Routing daemons.
266: #
267: routed=NO routed_flags="-q"
1.13 pk 268: gated=NO
1.1 lukem 269: mrouted=NO mrouted_flags=""
270: route6d=NO route6d_flags=""
1.110 kefren 271: ldpd=NO
1.1 lukem 272:
273: # Daemons used to boot other hosts over a network.
274: #
275: rarpd=NO rarpd_flags="-a"
276: bootparamd=NO bootparamd_flags=""
277: dhcpd=NO dhcpd_flags="-q"
1.140 is 278: dhcpd6=NO dhcpd6_flags="-q -cf /etc/dhcpd6.conf"
1.1 lukem 279: dhcrelay=NO dhcrelay_flags=""
280: rbootd=NO rbootd_flags=""
281: mopd=NO mopd_flags="-a"
1.16 fredette 282: ndbootd=NO ndbootd_flags="-s /tftpboot /tftpboot/bootyy"
1.1 lukem 283: rtadvd=NO rtadvd_flags=""
1.118 tsutsui 284: isibootd=NO isibootd_flags=""
1.1 lukem 285:
286: # X11 daemons.
287: #
288: xfs=NO xfs_flags="" # X11 font server
289: xdm=NO xdm_flags="" # X11 display manager; needs
290: # wscons=YES for local displays.
291:
1.112 jmcneill 292: # Update fontconfig cache at boot
293: fccache=YES
294:
1.1 lukem 295: # YP (NIS) daemons.
296: #
297: ypbind=NO ypbind_flags=""
298: ypserv=NO ypserv_flags="-d"
299: yppasswdd=NO yppasswdd_flags=""
300:
301: # NFS daemons and parameters.
302: #
1.18 lukem 303: mountd=NO mountd_flags="" # NFS mount requests daemon
1.1 lukem 304: nfs_client=NO # enable client daemons
305: nfs_server=NO # enable server daemons
1.120 christos 306: nfsd_flags=""
1.1 lukem 307: lockd=NO lockd_flags=""
308: statd=NO statd_flags=""
309: amd=NO amd_flags="-l syslog -x error,noinfo,nostats"
310: amd_dir=/amd # mount dir
311:
312: # Heimdal Kerberos 5 KDC (with Kerberos IV compatibility)
1.91 mlelstv 313: kdc=NO kdc_flags="--detach"
1.5 martin 314:
1.73 agc 315: # iSCSI target
316: iscsi_target=NO iscsi_target_flags=""
1.131 joerg 317: # iSCSI kernel initiator
318: iscsid=NO
1.73 agc 319:
1.75 rpaulo 320: # WPA daemons.
1.153 roy 321: hostapd=NO hostapd_flags="-Bs /etc/hostapd.conf"
1.147 roy 322: wpa_supplicant=NO wpa_supplicant_flags="-Ms -c /etc/wpa_supplicant.conf"
1.75 rpaulo 323:
1.113 plunky 324: # Bluetooth configuration
325: bluetooth=NO
326: # and the following are used when bluetooth=YES
327: btconfig_devices="" # all
328: bthcid=YES bthcid_flags=""
329: sdpd=YES sdpd_flags=""
1.78 gdamore 330:
1.1 lukem 331: # Other daemons.
332: #
1.69 tsarna 333: rwhod=NO rwhod_flags="-u _rwhod"
1.115 riz 334: devpubd=NO devpubd_flags="" # autocreate nodes for new devs
1.87 xtraeme 335: envsys=NO # Set /etc/envsys.conf preferences
1.141 christos 336: autofs=NO automount_flags=""
337: automountd_flags=""
338: autounmountd_flags=""
1.1 lukem 339:
340: # Hardware daemons.
341: #
342: apmd=NO apmd_flags="" # APM power management daemon.
1.49 thorpej 343: powerd=NO powerd_flags="" # power management daemon
1.1 lukem 344: screenblank=NO screenblank_flags="" # wscons and FBIO screenblanker
1.24 augustss 345:
346: moused=NO # serial mouse handler
347: moused_flags="-p /dev/tty00"
1.41 thorpej 348:
349: wdogctl=NO # watchdog timer control
350: # wdogctl_flags="-k devicename"
1.76 rpaulo 351: irdaattach=NO # attach serial lines to IrDA
352: irdaattach_flags="tty00"
1.1 lukem 353:
354: # Configuration of "wscons" console driver virtual screens.
355: #
356: wscons=NO wscons_flags="" # setup wscons from wscons.conf
1.40 christos 357:
358: # Configuration of "wsmoused" console driver cut-n-paste support
359: #
360: wsmoused=NO wsmoused_flags=""
1.42 takemura 361:
362: # Configuration of "tpctl" touch panel calibration utility
363: #
364: tpctl=NO tpctl_flags=""
1.43 kent 365:
366: # Mixer setting
367: #
368: mixerctl=NO mixerctl_mixers="" # "mixer0 mixer1" means saving
369: # and restoring their settings
1.53 uebayasi 370:
371: # Vi recovery notification. Vi(1)'s -r option can recover files which were
1.63 dsainty 372: # accidentally closed. See vi(1) for more details.
1.53 uebayasi 373: #
374: virecover=YES
1.54 blymn 375:
1.82 elad 376: # Veriexec signature loading.
1.54 blymn 377: #
378: veriexec=NO
1.70 elad 379: veriexec_strict=0
380: veriexec_verbose=0
1.86 elad 381: veriexec_flags="-k"
1.114 jym 382:
1.117 tls 383: # Entropy load/save to/from /dev/random at startup/shutdown
384: #
385: random_seed=YES
1.119 joerg 386:
387: # Creating / updating of man page index on boot
388: makemandb=YES
1.130 christos 389:
1.148 maxv 390: # Disable Simultaneous Multi-Threading
391: smtoff=NO
392:
1.158 christos 393: # blocklist daemon, needs npf
394: blocklistd=NO
1.134 christos 395:
396: # IPv6 address selection policy
1.135 plunky 397: ip6addrctl=NO
1.134 christos 398: # ipv6_prefer, ipv4_prefer, auto
399: ip6addrctl_policy=auto
400: ip6addrctl_verbose=NO
1.137 christos 401:
402: # Unbound
403: unbound=NO
404: unbound_chrootdir=/var/chroot/unbound
1.139 christos 405:
406: # Nsd
407: nsd=NO
408: nsd_chrootdir=/var/chroot/nsd
409: nsd_flags="-t ${nsd_chrootdir}"
1.152 brad 410:
411: # ZFS
412: zfs=NO
CVSweb <webmaster@jp.NetBSD.org>