Annotation of src/share/man/man5/rc.conf.5, Revision 1.168.2.3
1.168.2.3! pgoyette 1: .\" $NetBSD: rc.conf.5,v 1.174 2018/09/23 09:21:00 maxv Exp $
1.1 mrg 2: .\"
3: .\" Copyright (c) 1996 Matthew R. Green
1.117 mrg 4: .\" All rights reserved.
5: .\"
6: .\" Redistribution and use in source and binary forms, with or without
7: .\" modification, are permitted provided that the following conditions
8: .\" are met:
9: .\" 1. Redistributions of source code must retain the above copyright
10: .\" notice, this list of conditions and the following disclaimer.
11: .\" 2. Redistributions in binary form must reproduce the above copyright
12: .\" notice, this list of conditions and the following disclaimer in the
13: .\" documentation and/or other materials provided with the distribution.
14: .\"
15: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
20: .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
21: .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
22: .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
23: .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25: .\" SUCH DAMAGE.
26: .\"
1.5 cjs 27: .\" Copyright (c) 1997 Curt J. Sampson
1.8 mikel 28: .\" Copyright (c) 1997 Michael W. Long
1.139 jruoho 29: .\" Copyright (c) 1998-2010 The NetBSD Foundation, Inc.
1.1 mrg 30: .\" All rights reserved.
31: .\"
1.27 lukem 32: .\" This document is derived from works contributed to The NetBSD Foundation
33: .\" by Luke Mewburn.
34: .\"
1.1 mrg 35: .\" Redistribution and use in source and binary forms, with or without
36: .\" modification, are permitted provided that the following conditions
37: .\" are met:
38: .\" 1. Redistributions of source code must retain the above copyright
39: .\" notice, this list of conditions and the following disclaimer.
40: .\" 2. Redistributions in binary form must reproduce the above copyright
41: .\" notice, this list of conditions and the following disclaimer in the
42: .\" documentation and/or other materials provided with the distribution.
1.12 mrg 43: .\" 3. The name of the author may not be used to endorse or promote products
1.1 mrg 44: .\" derived from this software without specific prior written permission.
45: .\"
46: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
47: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
48: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
49: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
50: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
51: .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
52: .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
53: .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
54: .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56: .\" SUCH DAMAGE.
57: .\"
1.168.2.3! pgoyette 58: .Dd September 23, 2018
1.1 mrg 59: .Dt RC.CONF 5
1.21 garbled 60: .Os
1.1 mrg 61: .Sh NAME
62: .Nm rc.conf
63: .Nd system startup configuration file
64: .Sh DESCRIPTION
65: The
66: .Nm
67: file specifies which services are enabled during system startup by
1.35 lukem 68: the startup scripts invoked by
1.67 wiz 69: .Pa /etc/rc
1.58 lukem 70: (see
71: .Xr rc 8 ) ,
72: and the shutdown scripts invoked by
73: .Pa /etc/rc.shutdown .
1.1 mrg 74: The
75: .Nm
76: file is a shell script that is sourced by
1.58 lukem 77: .Xr rc 8 ,
78: meaning that
1.1 mrg 79: .Nm
1.8 mikel 80: must contain valid shell commands.
1.1 mrg 81: .Pp
1.65 abs 82: Listed below are the standard
1.8 mikel 83: .Nm
1.11 mikel 84: variables that may be set, the values to which each may be set,
1.8 mikel 85: a brief description of what each variable does, and a reference to
1.71 grant 86: relevant manual pages.
87: Third party packages may test for additional variables.
1.10 cjs 88: .Pp
1.58 lukem 89: By default,
90: .Nm
91: reads
92: .Pa /etc/defaults/rc.conf
93: (if it is readable)
94: to obtain default values for various variables, and the end-user
95: may override these by appending appropriate entries to the end of
1.76 wiz 96: .Nm .
1.58 lukem 97: .Pp
98: .Xr rc.d 8
99: scripts that use
100: .Ic load_rc_config
101: from
102: .Xr rc.subr 8
103: also support sourcing an optional end-user provided per-script override
104: file
105: .Pa /etc/rc.conf.d/ Ns Ar service ,
106: (where
107: .Ar service
108: is the contents of the
109: .Sy name
110: variable in the
111: .Xr rc.d 8
112: script).
113: This may contain variable overrides, including allowing the end-user
114: to override various
115: .Ic run_rc_command
116: .Xr rc.d 8
117: control variables, and thus changing the operation of the script
118: without requiring editing of the script.
1.132 apb 119: .Ss Variable naming conventions and data types
120: Most variables are one of two types: enabling variables or flags
121: variables.
122: Enabling variables, such as
123: .Sy inetd ,
124: are generally named after the program or the system they enable,
125: and have boolean values (specified using
126: .Sq Ic YES ,
127: .Sq Ic TRUE ,
128: .Sq Ic ON
129: or
130: .Sq Ic 1
131: for true, and
132: .Sq Ic NO ,
133: .Sq Ic FALSE ,
134: .Sq Ic OFF
135: or
136: .Sq Ic 0
137: for false, with the values being case insensitive).
138: Flags variables, such as
139: .Sy inetd_flags
140: have the same name with "_flags" appended, and determine what
141: arguments are passed to the program if it is enabled.
142: .Pp
143: If a variable that
144: .Xr rc 8
145: expects to be set is not set, or the value is not one of the allowed
146: values, a warning will be printed.
1.49 wiz 147: .Ss Overall control
1.35 lukem 148: .Bl -tag -width net_interfaces
1.88 jmmv 149: .It Sy do_rcshutdown
1.132 apb 150: Boolean value.
151: If false,
1.88 jmmv 152: .Xr shutdown 8
153: will not run
154: .Pa /etc/rc.shutdown .
155: .It Sy rcshutdown_rcorder_flags
156: A string.
157: Extra arguments to the
158: .Xr rcorder 8
159: run by
160: .Pa /etc/rc.shutdown .
161: .It Sy rcshutdown_timeout
162: A number.
163: If non-blank, use this as the number of seconds to run a watchdog timer for
164: which will terminate
165: .Pa /etc/rc.shutdown
166: if the timer expires before the shutdown script completes.
1.35 lukem 167: .It Sy rc_configured
1.132 apb 168: Boolean value.
169: If false then the system will drop into single-user mode during boot.
1.50 lukem 170: .It Sy rc_fast_and_loose
1.54 lukem 171: If set to a non-empty string,
1.50 lukem 172: each script in
173: .Pa /etc/rc.d
174: will be executed in the current shell rather than a sub shell.
175: This may be faster on slow machines that have an expensive
176: .Xr fork 2
177: operation.
178: .Bl -hang
1.51 wiz 179: .It Em Note :
1.50 lukem 180: Use this at your own risk!
181: A rogue command or script may inadvertently prevent boot to multiuser.
182: .El
1.61 lukem 183: .It Sy rc_rcorder_flags
184: A string.
185: Extra arguments to the
186: .Xr rcorder 8
187: run by
188: .Pa /etc/rc .
1.129 joerg 189: .It Sy rc_directories
190: A string.
191: Space separated list of directories searched for rc scripts.
192: The default is
193: .Pa /etc/rc.d .
194: All directories in
195: .Ev rc_directories
1.161 wiz 196: must be located in the root file system, otherwise they will be silently
1.129 joerg 197: skipped.
1.133 apb 198: .It Sy rc_silent
199: Boolean value.
1.134 wiz 200: If true then the usual output is suppressed, and
1.133 apb 201: .Xr rc 8
202: invokes the command specified in the
203: .Va rc_silent_cmd
204: variable once for each line of suppressed output.
205: The default value of
206: .Va rc_silent
207: is set from the
208: .Dv AB_SILENT
209: flag in the kernel's
210: .Va boothowto
211: variable (see
212: .Xr boot 8 ,
213: .Xr reboot 2 ) .
214: .It Sy rc_silent_cmd
215: A command to be executed once per line of suppressed output, when
216: .Va rc_silent
217: is true.
218: The default value of
219: .Va rc_silent_cmd
220: is
221: .Dq twiddle ,
222: which will display a spinning symbol instead of each line of output.
223: Another useful value is
224: .Dq \&: ,
225: which will display nothing at all.
1.35 lukem 226: .El
1.49 wiz 227: .Ss Basic network configuration
1.11 mikel 228: .Bl -tag -width net_interfaces
1.50 lukem 229: .It Sy defaultroute
230: A string.
1.99 ghen 231: Default IPv4 network route.
1.50 lukem 232: If empty or not set, then the contents of
233: .Pa /etc/mygate
234: (if it exists) are used.
1.99 ghen 235: .It Sy defaultroute6
236: A string.
237: Default IPv6 network route.
238: If empty or not set, then the contents of
239: .Pa /etc/mygate6
240: (if it exists) are used.
1.9 lukem 241: .It Sy domainname
1.50 lukem 242: A string.
1.168 wiz 243: NIS (YP) domain of host.
1.9 lukem 244: If empty or not set, then the contents of
245: .Pa /etc/defaultdomain
246: (if it exists) are used.
1.74 martin 247: .It Sy force_down_interfaces
248: A space separated list of interface names.
1.161 wiz 249: These interfaces will be configured down when going from multiuser to single-user
1.74 martin 250: mode or on system shutdown.
1.168.2.2 pgoyette 251: .It Sy dns_domain
252: A string.
253: Sets domain in
254: .Pa /etc/resolv.conf .
255: .It Sy dns_search
256: A string.
257: Sets search in
258: .Pa /etc/resolv.conf .
259: .It Sy dns_nameservers
260: A string of space seperated domain name servers.
261: Sets nameserver for each value in
262: .Pa /etc/resolv.conf .
263: .It Sy dns_sortlist
264: A string.
265: Sets sortlist in
266: .Pa /etc/resolv.conf .
267: .It Sy dns_options
268: A string.
269: Sets options in
270: .Pa /etc/resolv.conf .
271: .It Sy dns_metric
272: An unsigned integer.
273: Sets the priority of the above DNS to other sources, lowest wins.
274: Defaults to 0.
1.74 martin 275: .Pp
1.168.2.3! pgoyette 276: This is important for some stateful interfaces, for example PPPoE interfaces
! 277: which have no direct means of noticing
1.74 martin 278: .Dq disconnect
279: events.
280: .Pp
281: All active
282: .Xr pppoe 4
283: interfaces will be automatically added to this list.
1.88 jmmv 284: .It Sy hostname
285: A string.
286: Name of host.
287: If empty or not set, then the contents of
288: .Pa /etc/myname
289: (if it exists) are used.
1.15 mrg 290: .El
1.49 wiz 291: .Ss Boottime file-system and swap configuration
1.35 lukem 292: .Bl -tag -width net_interfaces
1.57 lukem 293: .It Sy critical_filesystems_local
1.50 lukem 294: A string.
1.35 lukem 295: File systems mounted very early in the system boot before networking
296: services are available.
297: Usually
298: .Pa /var
299: is part of this, because it is needed by services such as
1.166 maya 300: .Xr dhcpcd 8
1.35 lukem 301: which may be required to get the network operational.
1.135 apb 302: The default is
303: .Dq "OPTIONAL:/var" ,
304: where the
1.153 jdf 305: .Dq "OPTIONAL:"
1.135 apb 306: prefix means that it's not an error if the file system is not
307: present in
1.136 wiz 308: .Xr fstab 5 .
1.57 lukem 309: .It Sy critical_filesystems_remote
1.50 lukem 310: A string.
1.35 lukem 311: File systems such as
1.15 mrg 312: .Pa /usr
1.35 lukem 313: that may require network services to be available to mount,
314: that must be available early in the system boot for general services to use.
1.135 apb 315: The default is
316: .Dq "OPTIONAL:/usr" ,
317: where the
1.153 jdf 318: .Dq "OPTIONAL:"
1.142 jruoho 319: prefix means that it is not an error if the file system is not
1.135 apb 320: present in
1.136 wiz 321: .Xr fstab 5 .
1.82 martti 322: .It Sy fsck_flags
323: A string.
324: A file system is checked with
325: .Xr fsck 8
326: during boot before mounting it.
327: This option may be used to override the default command-line options
328: passed to the
329: .Xr fsck 8
330: program.
331: .Pp
332: When set to
333: .Fl y ,
334: .Xr fsck 8
335: assumes yes as the answer to all operator questions during file system checks.
336: This might be important with hosts where the administrator does not have
337: access to the console and an unsuccessful shutdown must not make the host
338: unbootable even if the file system checks would fail in preen mode.
1.15 mrg 339: .It Sy no_swap
1.132 apb 340: Boolean value.
341: Should be true if you have deliberately configured your system with no swap.
342: If false and no swap devices are configured, the system will warn you.
1.158 chopps 343: .It Sy resize_root
344: Boolean value.
1.159 wiz 345: Set to true to have the system resize the root file system to fill its
1.158 chopps 346: partition.
347: Will only attempt to resize the root file system if it is of type ffs and does
348: not have logging enabled.
349: Defaults to false.
1.56 lukem 350: .It Sy swapoff
1.132 apb 351: Boolean value.
1.56 lukem 352: Remove block-type swap devices at shutdown time.
353: Useful if swapping onto RAIDframe devices.
1.9 lukem 354: .El
1.153 jdf 355: .Ss Block device subsystems
1.11 mikel 356: .Bl -tag -width net_interfaces
1.139 jruoho 357: .It Sy ccd
358: Boolean value.
359: Configures concatenated disk devices according to
360: .Xr ccd.conf 5 .
361: .It Sy cgd
362: Boolean value.
363: Configures cryptographic disk devices.
364: Requires
365: .Pa /etc/cgd/cgd.conf .
366: See
367: .Xr cgdconfig 8
368: for additional details.
1.153 jdf 369: .It Sy lvm
370: Boolean value.
371: Configures the logical volume manager.
372: See
373: .Xr lvm 8
374: for additional details.
375: .It Sy raidframe
376: Boolean value.
377: Configures
378: .Xr raid 4 ,
379: RAIDframe disk devices.
380: See
381: .Xr raidctl 8
382: for additional details.
383: .El
384: .Ss One-time actions to perform or programs to run on boot-up
385: .Bl -tag -width net_interfaces
386: .It Sy accounting
387: Boolean value.
388: Enables process accounting with
389: .Xr accton 8 .
390: Requires
391: .Pa /var/account/acct
392: to exist.
1.34 enami 393: .It Sy clear_tmp
1.132 apb 394: Boolean value.
1.139 jruoho 395: Clear
396: .Pa /tmp
397: after reboot.
1.27 lukem 398: .It Sy dmesg
1.132 apb 399: Boolean value.
1.27 lukem 400: Create
401: .Pa /var/run/dmesg.boot
402: from the output of
403: .Xr dmesg 8 .
404: Passes
405: .Sy dmesg_flags .
1.139 jruoho 406: .It Sy envsys
407: Boolean value.
408: Sets preferences for the environmental systems framework,
409: .Xr envsys 4 .
410: Requires
411: .Pa /etc/envsys.conf ,
412: which is described in
413: .Xr envsys.conf 5 .
1.130 mbalmer 414: .It Sy gpio
1.132 apb 415: Boolean value.
1.130 mbalmer 416: Configure
417: .Xr gpio 4
1.139 jruoho 418: devices.
1.130 mbalmer 419: See
420: .Xr gpio.conf 5 .
1.139 jruoho 421: .It Sy ldconfig
422: Boolean value.
423: Configures
424: .Xr a.out 5
425: runtime link editor directory cache.
1.88 jmmv 426: .It Sy mixerctl
1.132 apb 427: Boolean value.
1.88 jmmv 428: Read
429: .Xr mixerctl.conf 5
430: for how to set mixer values.
431: List in
432: .Sy mixerctl_mixers
433: the devices whose settings are to be saved at shutdown and
434: restored at start-up.
1.48 ad 435: .It Sy newsyslog
1.132 apb 436: Boolean value.
1.48 ad 437: Run
438: .Nm newsyslog
1.161 wiz 439: to trim log files before syslogd starts.
1.71 grant 440: Intended for laptop users.
1.50 lukem 441: Passes
442: .Sy newsyslog_flags .
1.112 elad 443: .It Sy per_user_tmp
1.132 apb 444: Boolean value.
1.112 elad 445: Enables a per-user
446: .Pa /tmp
447: directory.
448: .Sy per_user_tmp_dir
449: can be used to override the default location of the
450: .Dq real
451: temporary directories,
452: .Dq Pa /private/tmp .
1.142 jruoho 453: See
1.146 jruoho 454: .Xr security 7
1.142 jruoho 455: for additional details.
1.139 jruoho 456: .It Sy quota
457: Boolean value.
458: Checks and enables quotas by running
1.143 wiz 459: .Xr quotacheck 8
1.139 jruoho 460: and
461: .Xr quotaon 8 .
1.157 apb 462: .It Sy random_seed
463: Boolean value.
464: During boot-up, runs the
465: .Xr rndctl 8
466: utility with the
467: .Fl L
468: flag to seed the random number subsystem from an entropy file.
469: During shutdown, runs the
470: .Xr rndctl 8
471: utility with the
472: .Fl S
473: flag to save some random information to the entropy file.
474: The entropy file name is specified by the
475: .Sy random_file
476: variable, and defaults to
477: .Pa /var/db/entropy-file .
478: The entropy file must be on a local file system that is writable early during
479: boot-up (just after the file systems specified in
480: .Sy critical_filesystems_local
481: have been mounted), and correspondingly late during shutdown.
1.127 apb 482: .It Sy rndctl
1.132 apb 483: Boolean value.
1.127 apb 484: Runs the
485: .Xr rndctl 8
486: utility one or more times according to the specification in
487: .Sy rndctl_flags .
488: .Pp
489: If
490: .Sy rndctl_flags
491: does not contain a semicolon
492: .Pq Ql \&;
493: then it is expected to contain zero or more flags,
494: followed by one or more device or type names.
495: The
496: .Xr rndctl 8
497: command will be executed once for each device or type name.
498: If the specified flags do not include any of
499: .Fl c , C , e ,
500: or
501: .Fl E ,
502: then the flags
503: .Fl c
504: and
505: .Fl e
506: are added, to specify that entropy from the relevant device or type
507: should be both collected and estimated.
508: If the specified flags do not include either of
509: .Fl d
510: or
511: .Fl t ,
512: then the flag
513: .Fl d
514: is added, to specify that the non-flag arguments are device names,
515: not type names.
516: .Pp
517: .Sy rndctl_flags
518: may contain multiple semicolon-separated segments, in which each
519: segment contains flags and device or type names as described above.
520: This allows different flags to be associated with different
521: device or type names.
522: For example, given
523: .Li rndctl_flags="wd0 wd1; -t tty; -c -t net" ,
524: the following commands will be executed:
525: .Li "rndctl -c -e -d wd0" ;
526: .Li "rndctl -c -e -d wd1" ;
527: .Li "rndctl -c -e -t tty" ;
528: .Li "rndctl -c -t net" .
1.139 jruoho 529: .It Sy rtclocaltime
530: Boolean value.
531: Sets the real time clock to local time by adjusting the
532: .Xr sysctl 7
533: value of
534: .Pa kern.rtc_offset .
535: The offset from UTC is calculated automatically according
536: to the time zone information in the file
537: .Pa /etc/localtime .
1.88 jmmv 538: .It Sy savecore
1.132 apb 539: Boolean value.
1.88 jmmv 540: Runs the
541: .Xr savecore 8
542: utility.
543: Passes
544: .Sy savecore_flags .
1.89 atatat 545: The directory where crash dumps are stored is specified by
546: .Sy savecore_dir .
547: The default setting is
1.91 wiz 548: .Dq Pa /var/crash .
1.139 jruoho 549: .It Sy sysdb
550: Boolean value.
551: Builds various system databases, including
1.152 joerg 552: .Pa /var/run/dev.cdb ,
1.139 jruoho 553: .Pa /etc/spwd.db ,
554: .Pa /var/db/netgroup.db ,
1.152 joerg 555: .Pa /var/db/services.cdb ,
1.139 jruoho 556: and entries for
557: .Xr utmp 5 .
1.66 takemura 558: .It Sy tpctl
1.132 apb 559: Boolean value.
1.66 takemura 560: Run
561: .Xr tpctl 8
562: to calibrate touch panel device.
563: Passes
564: .Sy tpctl_flags .
1.88 jmmv 565: .It Sy update_motd
1.132 apb 566: Boolean value.
1.88 jmmv 567: Updates the
568: .Nx
569: version string in the
570: .Pa /etc/motd
571: file to reflect the version of the running kernel.
572: See
573: .Xr motd 5 .
1.85 uebayasi 574: .It Sy virecover
1.132 apb 575: Boolean value.
1.86 uebayasi 576: Send notification mail to users if any recoverable files exist in
1.85 uebayasi 577: .Pa /var/tmp/vi.recover .
1.108 reed 578: Read
579: .Xr virecover 8
580: for more information.
1.139 jruoho 581: .It Sy wdogctl
582: Boolean value.
583: Configures watchdog timers.
584: Passes
585: .Sy wdogctl_flags .
586: Refer to
587: .Xr wdogctl 8
588: for information on how to configure a timer.
1.19 mrg 589: .El
1.153 jdf 590: .Ss System security settings
1.35 lukem 591: .Bl -tag -width net_interfaces
1.19 mrg 592: .It Sy securelevel
1.34 enami 593: A number.
594: The system securelevel is set to the specified value early
1.19 mrg 595: in the boot process, before any external logins, or other programs
1.34 enami 596: that run users job, are started.
1.46 mjl 597: If set to nothing, the default action is taken, as described in
1.121 reed 598: .Xr init 8
599: and
600: .Xr secmodel_securelevel 9 ,
1.46 mjl 601: which contains definitive information about the system securelevel.
1.55 mrg 602: Note that setting
603: .Sy securelevel
604: to 0 in
605: .Nm
606: will actually result in the system booting with securelevel set to 1, as
607: .Xr init 8
608: will raise the level when
1.58 lukem 609: .Xr rc 8
610: completes.
1.93 elad 611: .It Sy permit_nonalpha
1.153 jdf 612: Boolean value.
1.93 elad 613: Allow passwords to include non-alpha characters, usually to allow
1.94 wiz 614: NIS/YP netgroups.
1.153 jdf 615: .It Sy veriexec
616: Boolean value.
617: Load Veriexec fingerprints during startup.
618: Read
619: .Xr veriexecctl 8
620: for more information.
1.95 elad 621: .It Sy veriexec_strict
622: A number.
623: Controls the strict level of Veriexec.
624: Level 0 is learning mode, used when building the signatures file.
625: It will only output messages but will not enforce anything.
626: Level 1 will only prevent access to files with a fingerprint
1.98 wiz 627: mismatch.
628: Level 2 will also deny writing to and removing of
1.95 elad 629: monitored files, as well as enforce access type (as specified in
1.98 wiz 630: the signatures file).
631: Level 3 will take a step further and prevent
1.95 elad 632: access to files that are not monitored.
633: .It Sy veriexec_verbose
634: A number.
635: Controls the verbosity of Veriexec.
636: Recommended operation is at level 0, verbose output (mostly used when
637: building the signatures file) is at level 1.
638: Level 2 is for debugging only and should not be used.
1.114 elad 639: .It Sy veriexec_flags
640: A string.
641: Flags to pass to the
642: .Nm veriexecctl
643: command.
1.8 mikel 644: .El
1.49 wiz 645: .Ss Networking startup
1.11 mikel 646: .Bl -tag -width net_interfaces
1.88 jmmv 647: .It Sy altqd
1.132 apb 648: Boolean value.
1.88 jmmv 649: ALTQ configuration/monitoring daemon.
650: Passes
651: .Sy altqd_flags .
652: .It Sy auto_ifconfig
1.132 apb 653: Boolean value.
1.88 jmmv 654: Sets the
655: .Sy net_interfaces
656: variable (see below) to the output of
657: .Xr ifconfig 8
658: with the
659: .Dq Li -l
660: flag and suppresses warnings about interfaces in this list that
661: do not have an ifconfig file or variable.
1.168.2.1 pgoyette 662: .It Sy blacklistd
663: Boolean value.
664: Runs
665: .Xr blacklistd 8
666: to dynamically block hosts on a DoS according to configuration set in
667: .Xr blacklistd.conf 5
1.154 roy 668: .It Sy dhcpcd
669: Boolean value.
670: Set true to configure some or all network interfaces using dhcpcd.
671: If you set
672: .Sy dhcpcd
673: true, then
674: .Pa /var
675: must be in
676: .Sy critical_filesystems_local ,
677: or
678: .Pa /var
679: must be on the root file system.
680: If you need to restrict dhcpcd to one or a number of interfaces,
681: or need a separate configuration per interface,
682: then this should be done in the configuration file - see
683: .Xr dhcpcd.conf 5
684: for details.
1.160 roy 685: dhcpcd presently ignores the
686: .Sy wpa_supplicant
1.161 wiz 687: variable in rc.conf and will start wpa_supplicant if a suitable
1.160 roy 688: wpa_supplicant.conf is found unless otherwise instructed in
689: .Xr dhcpcd.conf 5 .
1.116 joerg 690: .It Sy dhcpcd_flags
1.154 roy 691: Passes
692: .Sy dhcpcd_flags
693: to dhcpcd.
694: See
1.118 wiz 695: .Xr dhcpcd 8
1.154 roy 696: for complete documentation.
1.88 jmmv 697: .It Sy flushroutes
1.132 apb 698: Boolean value.
1.88 jmmv 699: Flushes the route table on networking startup.
700: Useful when coming up to multiuser mode after going down to
701: single-user mode.
1.139 jruoho 702: .It Sy ftp_proxy
703: Boolean value.
704: Runs
705: .Xr ftp-proxy 8 ,
706: the proxy daemon for the Internet File Transfer Protocol.
1.100 rpaulo 707: .It Sy hostapd
1.132 apb 708: Boolean value.
1.100 rpaulo 709: Runs
1.101 wiz 710: .Xr hostapd 8 ,
1.100 rpaulo 711: the authenticator for IEEE 802.11 networks.
1.88 jmmv 712: .It Sy ifaliases_*
713: A string.
714: List of
715: .Sq Em "address netmask"
716: pairs to configure additional network addresses for the given
717: configured interface
718: .Dq *
719: (e.g.
720: .Sy ifaliases_le0 ) .
721: If
722: .Em netmask
723: is
724: .Dq - ,
725: then use the default netmask for the interface.
726: .Pp
727: .Sy ifaliases_*
1.151 dholland 728: covers limited cases only and is considered unrecommended.
1.88 jmmv 729: We recommend using
1.120 apb 730: .Sy ifconfig_nnX
731: variables or
1.88 jmmv 732: .Pa /etc/ifconfig.xxN
1.120 apb 733: files with multiple lines instead.
1.88 jmmv 734: .It Sy ifwatchd
1.132 apb 735: Boolean value.
1.88 jmmv 736: Monitor dynamic interfaces and perform actions upon address changes.
737: Passes
738: .Sy ifwatchd_flags .
1.164 christos 739: .It Sy ip6addrctl
740: Boolean value.
1.165 wiz 741: Fine grain control of address and routing priorities.
1.164 christos 742: .It Sy ip6addrctl_policy
743: A string.
744: Can be:
745: .Bl -tag -width auto -compact
746: .It Li auto
747: automatically determine from system settings; will read priorities from
1.165 wiz 748: .Pa /etc/ip6addrctl.conf
1.164 christos 749: or if that file does not exist it will default to IPv6 first, then IPv4.
750: .It Li ipv4_prefer
751: try IPv4 before IPv6.
752: .It Li ipv6_prefer
753: try IPv6 before IPv4.
754: .El
755: .It Sy ip6addrctl_verbose
756: Boolean value.
757: If set, print the resulting prefixes and priorities map.
1.88 jmmv 758: .It Sy ip6mode
759: A string.
760: An IPv6 node can be a router
761: .Pq nodes that forward packet for others
762: or a host
763: .Pq nodes that do not forward .
764: A host can be autoconfigured
765: based on the information advertised by adjacent IPv6 routers.
766: By setting
767: .Sy ip6mode
768: to
769: .Dq Li router ,
770: .Dq Li host ,
771: or
772: .Dq Li autohost ,
773: you can configure your node as a router,
774: a non-autoconfigured host, or an autoconfigured host.
775: Invalid values will be ignored, and the node will be configured as
776: a non-autoconfigured host.
1.96 rpaulo 777: .It Sy ip6uniquelocal
1.132 apb 778: Boolean value.
1.96 rpaulo 779: If
780: .Sy ip6mode
781: is equal to
1.132 apb 782: .Dq Li router ,
1.96 rpaulo 783: and
784: .Sy ip6uniquelocal
1.132 apb 785: is false,
1.96 rpaulo 786: a reject route will be installed on boot to avoid misconfiguration relating
787: to unique-local addresses.
1.132 apb 788: If
789: .Sy ip6uniquelocal
790: is true, the reject route won't be installed.
1.7 cjs 791: .It Sy ipfilter
1.132 apb 792: Boolean value.
1.17 fair 793: Runs
1.7 cjs 794: .Xr ipf 8
1.11 mikel 795: to load in packet filter specifications from
1.7 cjs 796: .Pa /etc/ipf.conf
1.17 fair 797: at network boot time, before any interfaces are configured.
1.128 hannken 798: Passes
799: .Sy ipfilter_flags .
1.17 fair 800: See
1.35 lukem 801: .Xr ipf.conf 5 .
1.52 martti 802: .It Sy ipfs
1.132 apb 803: Boolean value.
1.52 martti 804: Runs
805: .Xr ipfs 8
806: to save and restore information for ipnat and ipfilter state tables.
807: The information is stored in
808: .Pa /var/db/ipf/ipstate.ipf
809: and
810: .Pa /var/db/ipf/ipnat.ipf .
811: Passes
812: .Sy ipfs_flags .
1.35 lukem 813: .It Sy ipmon
1.132 apb 814: Boolean value.
1.35 lukem 815: Runs
816: .Xr ipmon 8
817: to read
818: .Xr ipf 8
819: packet log information and log it to a file or the system log.
820: Passes
821: .Sy ipmon_flags .
1.70 grant 822: .It Sy ipmon_flags
1.73 wiz 823: A string.
824: Specifies arguments to supply to
1.72 grant 825: .Xr ipmon 8 .
826: Defaults to
827: .Dq Li -ns .
828: A typical example would be
1.70 grant 829: .Dq Fl nD Pa /var/log/ipflog
830: to have
831: .Xr ipmon 8
832: log directly to a file bypassing
833: .Xr syslogd 8 .
1.72 grant 834: If the
835: .Dq -D
836: argument is used, remember to modify
1.70 grant 837: .Pa /etc/newsyslog.conf
1.72 grant 838: accordingly; for example:
1.70 grant 839: .Bd -literal
840: /var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
841: .Ed
1.88 jmmv 842: .It Sy ipnat
1.132 apb 843: Boolean value.
1.50 lukem 844: Runs
1.88 jmmv 845: .Xr ipnat 8
846: to load in the IP network address translation (NAT) rules from
847: .Pa /etc/ipnat.conf
848: at network boot time, before any interfaces are configured.
849: See
850: .Xr ipnat.conf 5 .
851: .It Sy ipsec
1.132 apb 852: Boolean value.
1.88 jmmv 853: Runs
854: .Xr setkey 8
855: to load in IPsec manual keys and policies from
856: .Pa /etc/ipsec.conf
857: at network boot time, before any interfaces are configured.
1.168.2.1 pgoyette 858: .It Sy npf
859: Boolean value.
860: Loads
861: .Xr npf.conf 5
862: at network boot time, and starts
863: .Xr npf 7 .
864: .It Sy npfd
865: Boolean value.
866: Runs
867: .Xr npfd 8 ,
868: the NPF packet filter logging and state synchronization daemon.
1.10 cjs 869: .It Sy net_interfaces
1.50 lukem 870: A string.
1.10 cjs 871: The list of network interfaces to be configured at boot time.
1.42 itojun 872: For each interface "xxN", the system first looks for ifconfig
1.120 apb 873: parameters in the variable
874: .Sy ifconfig_xxN ,
875: and then in the file
876: .Pa /etc/ifconfig.xxN .
1.17 fair 877: If
1.10 cjs 878: .Sy auto_ifconfig
1.132 apb 879: is false, and neither the variable nor the file is found,
1.10 cjs 880: a warning is printed.
1.120 apb 881: Information in either the variable or the file is parsed identically,
882: except that, if an
883: .Sy ifconfig_xxN
884: variable contains a single line with embedded semicolons,
885: then the value is split into multiple lines prior to further parsing,
886: treating the semicolon as a line separator.
1.150 jruoho 887: .Pp
1.154 roy 888: One common case it to set the
1.120 apb 889: .Sy ifconfig_xxN
890: variable to a set of arguments to be passed to an
891: .Xr ifconfig 8
892: command after the interface name.
1.42 itojun 893: Refer to
894: .Xr ifconfig.if 5
895: for more details on
1.120 apb 896: .Pa /etc/ifconfig.xxN
897: files, and note that the information there also applies to
898: .Sy ifconfig_xxN
899: variables (after the variables are split into lines).
1.10 cjs 900: .It Sy ntpdate
1.132 apb 901: Boolean value.
1.17 fair 902: Runs
1.10 cjs 903: .Xr ntpdate 8
904: to set the system time from one of the hosts in
905: .Sy ntpdate_hosts .
906: If
907: .Sy ntpdate_hosts
908: is empty, it will attempt to find a list of hosts in
909: .Pa /etc/ntp.conf .
1.50 lukem 910: Passes
911: .Sy ntpdate_flags .
1.119 yamt 912: .It Sy pf
1.132 apb 913: Boolean value.
1.119 yamt 914: Enable
915: .Xr pf 4
916: at network boot time:
917: Load the initial configuration
918: .Xr pf.boot.conf 5
919: before the network is up.
1.161 wiz 920: After the network has been configured, then load the final rule set
1.119 yamt 921: .Xr pf.conf 5 .
922: .It Sy pf_rules
923: A string.
924: The path of the
925: .Xr pf.conf 5
1.161 wiz 926: rule set that will be used when loading the final rule set.
1.119 yamt 927: .It Sy pflogd
1.132 apb 928: Boolean value.
1.119 yamt 929: Run
930: .Xr pflogd 8
931: for dumping packet filter logging information to a file.
1.155 prlw1 932: .It Sy ppp
1.156 wiz 933: A boolean.
934: Toggles starting
1.155 prlw1 935: .Xr pppd 8
1.156 wiz 936: on startup.
937: See
1.155 prlw1 938: .Sy ppp_peers
939: below.
1.14 mrg 940: .It Sy ppp_peers
1.50 lukem 941: A string.
1.14 mrg 942: If
1.155 prlw1 943: .Sy ppp
944: is true and
1.14 mrg 945: .Sy ppp_peers
946: is not empty, then
1.50 lukem 947: .Pa /etc/rc.d/ppp
1.14 mrg 948: will check each word in
949: .Sy ppp_peers
1.50 lukem 950: for a corresponding ppp configuration file in
1.14 mrg 951: .Pa /etc/ppp/peers
952: and will call
953: .Xr pppd 8
954: with the
955: .Dq call Sy peer
956: option.
1.88 jmmv 957: .It Sy racoon
1.132 apb 958: Boolean value.
1.88 jmmv 959: Runs
960: .Xr racoon 8 ,
961: the IKE (ISAKMP/Oakley) key management daemon.
1.110 rpaulo 962: .It Sy wpa_supplicant
1.132 apb 963: Boolean value.
1.110 rpaulo 964: Run
965: .Xr wpa_supplicant 8 ,
966: WPA/802.11i Supplicant for wireless network devices.
1.137 apb 967: If you set
1.144 snj 968: .Sy wpa_supplicant
1.137 apb 969: true, then
970: .Pa /usr
971: must be in
972: .Sy critical_filesystems_local ,
973: or
974: .Pa /usr
975: must be on the root file system.
1.160 roy 976: dhcpcd ignores this variable, see the
977: .Sy dhcpcd
978: variable for details.
1.6 perry 979: .El
1.49 wiz 980: .Ss Daemons required by other daemons
1.11 mikel 981: .Bl -tag -width net_interfaces
1.10 cjs 982: .It Sy inetd
1.132 apb 983: Boolean value.
1.17 fair 984: Runs the
1.10 cjs 985: .Xr inetd 8
1.11 mikel 986: daemon to start network server processes (as listed in
1.5 cjs 987: .Pa /etc/inetd.conf )
1.17 fair 988: as necessary.
989: Passes
1.10 cjs 990: .Sy inetd_flags .
991: The
1.40 lukem 992: .Dq Li -l
1.10 cjs 993: flag turns on libwrap connection logging.
1.34 enami 994: .It Sy rpcbind
1.132 apb 995: Boolean value.
1.17 fair 996: The
1.34 enami 997: .Xr rpcbind 8
1.8 mikel 998: daemon is required for any
999: .Xr rpc 3
1.17 fair 1000: services.
1.168 wiz 1001: These include NFS, NIS,
1.138 reed 1002: .Xr rpc.bootparamd 8 ,
1003: .Xr rpc.rstatd 8 ,
1004: .Xr rpc.rusersd 8 ,
1.5 cjs 1005: and
1.138 reed 1006: .Xr rpc.rwalld 8 .
1.50 lukem 1007: Passes
1008: .Sy rpcbind_flags .
1.5 cjs 1009: .El
1.49 wiz 1010: .Ss Commonly used daemons
1.11 mikel 1011: .Bl -tag -width net_interfaces
1.88 jmmv 1012: .It Sy cron
1.132 apb 1013: Boolean value.
1.88 jmmv 1014: Run
1015: .Xr cron 8 .
1.139 jruoho 1016: .It Sy ftpd
1.153 jdf 1017: Boolean value.
1.139 jruoho 1018: Runs the
1019: .Xr ftpd 8
1020: daemon and passes
1021: .Sy ftpd_flags .
1.123 mishka 1022: .It Sy httpd
1.132 apb 1023: Boolean value.
1.124 wiz 1024: Runs the
1.123 mishka 1025: .Xr httpd 8
1026: daemon and passes
1027: .Sy httpd_flags .
1028: .It Sy httpd_wwwdir
1029: A string.
1.126 wiz 1030: The
1.123 mishka 1031: .Xr httpd 8
1032: WWW root directory.
1.126 wiz 1033: Used only if
1.123 mishka 1034: .Sy httpd
1.132 apb 1035: is true.
1.123 mishka 1036: The default setting is
1037: .Dq Pa /var/www .
1038: .It Sy httpd_wwwuser
1039: A string.
1040: If non-blank and
1041: .Sy httpd
1.132 apb 1042: is true, run
1.123 mishka 1043: .Xr httpd 8
1.124 wiz 1044: and cause it to switch to the specified user after initialization.
1.123 mishka 1045: It is preferred to
1046: .Sy httpd_user
1047: because
1048: .Xr httpd 8
1.124 wiz 1049: is requiring extra privileges to start listening on default port 80.
1.123 mishka 1050: The default setting is
1051: .Dq Dv _httpd .
1.88 jmmv 1052: .It Sy lpd
1.132 apb 1053: Boolean value.
1.88 jmmv 1054: Runs
1055: .Xr lpd 8
1056: and passes
1057: .Sy lpd_flags .
1058: The
1059: .Dq Li -l
1060: flag will turn on extra logging.
1.144 snj 1061: .It Sy mdnsd
1062: Boolean value.
1063: Runs
1064: .Xr mdnsd 8 .
1.10 cjs 1065: .It Sy named
1.132 apb 1066: Boolean value.
1.17 fair 1067: Runs
1.10 cjs 1068: .Xr named 8
1069: and passes
1070: .Sy named_flags .
1.50 lukem 1071: .It Sy named_chrootdir
1072: A string.
1073: If non-blank and
1074: .Sy named
1.132 apb 1075: is true, run
1.50 lukem 1076: .Xr named 8
1077: as the unprivileged user and group
1078: .Sq named ,
1079: .Xr chroot 2 Ns ed
1080: to
1081: .Sy named_chrootdir .
1.81 wiz 1082: .Sy named_chrootdir Ns Pa /var/run/log
1.50 lukem 1083: will be added to the list of log sockets that
1084: .Xr syslogd 8
1085: listens to.
1.34 enami 1086: .It Sy ntpd
1.132 apb 1087: Boolean value.
1.17 fair 1088: Runs
1.34 enami 1089: .Xr ntpd 8
1.10 cjs 1090: and passes
1.34 enami 1091: .Sy ntpd_flags .
1.50 lukem 1092: .It Sy ntpd_chrootdir
1093: A string.
1094: If non-blank and
1095: .Sy ntpd
1.132 apb 1096: is true, run
1.50 lukem 1097: .Xr ntpd 8
1098: as the unprivileged user and group
1099: .Sq ntpd ,
1100: .Xr chroot 2 Ns ed
1101: to
1102: .Sy ntpd_chrootdir .
1.81 wiz 1103: .Sy ntpd_chrootdir Ns Pa /var/run/log
1.50 lukem 1104: will be added to the list of log sockets that
1105: .Xr syslogd 8
1106: listens to.
1.62 lukem 1107: This option requires that the kernel has
1108: .Dl pseudo-device clockctl
1.63 lukem 1109: compiled in, and that
1110: .Pa /dev/clockctl
1111: is present.
1.88 jmmv 1112: .It Sy postfix
1.132 apb 1113: Boolean value.
1.88 jmmv 1114: Starts
1115: .Xr postfix 1
1116: mail system.
1117: .It Sy sshd
1.132 apb 1118: Boolean value.
1.88 jmmv 1119: Runs
1120: .Xr sshd 8
1121: and passes
1122: .Sy sshd_flags .
1123: .It Sy syslogd
1.132 apb 1124: Boolean value.
1.17 fair 1125: Runs
1.88 jmmv 1126: .Xr syslogd 8
1.10 cjs 1127: and passes
1.88 jmmv 1128: .Sy syslogd_flags .
1129: .It Sy timed
1.132 apb 1130: Boolean value.
1.36 lukem 1131: Runs
1.88 jmmv 1132: .Xr timed 8
1.36 lukem 1133: and passes
1.88 jmmv 1134: .Sy timed_flags .
1135: The
1136: .Dq Li -M
1137: option allows
1138: .Xr timed 8
1139: to be a master time source as well as a slave.
1140: If you are also running
1141: .Xr ntpd 8 ,
1142: only one machine running both should have the
1143: .Dq Li -M
1144: flag given to
1145: .Xr timed 8 .
1.5 cjs 1146: .El
1.49 wiz 1147: .Ss Routing daemons
1.11 mikel 1148: .Bl -tag -width net_interfaces
1.10 cjs 1149: .It Sy mrouted
1.132 apb 1150: Boolean value.
1.17 fair 1151: Runs
1.10 cjs 1152: .Xr mrouted 8 ,
1.17 fair 1153: the DVMRP multicast routing protocol daemon.
1154: Passes
1.10 cjs 1155: .Sy mrouted_flags .
1.24 itojun 1156: .It Sy route6d
1.132 apb 1157: Boolean value.
1.24 itojun 1158: Runs
1159: .Xr route6d 8 ,
1160: the RIPng routing protocol daemon for IPv6.
1161: Passes
1162: .Sy route6d_flags .
1.88 jmmv 1163: .It Sy routed
1.132 apb 1164: Boolean value.
1.88 jmmv 1165: Runs
1166: .Xr routed 8 ,
1167: the RIP routing protocol daemon.
1168: Passes
1169: .Sy routed_flags .
1.132 apb 1170: .\" This should be false
1.88 jmmv 1171: .\" if
1172: .\" .Sy gated
1.132 apb 1173: .\" is true.
1.5 cjs 1174: .El
1.49 wiz 1175: .Ss Daemons used to boot other hosts over a network
1.11 mikel 1176: .Bl -tag -width net_interfaces
1.10 cjs 1177: .It Sy bootparamd
1.132 apb 1178: Boolean value.
1.17 fair 1179: Runs
1.10 cjs 1180: .Xr bootparamd 8 ,
1181: the boot parameter server, with
1.11 mikel 1182: .Sy bootparamd_flags
1.17 fair 1183: as options.
1184: Used to boot
1.8 mikel 1185: .Nx
1.168 wiz 1186: and SunOS 4.x systems.
1.10 cjs 1187: .It Sy dhcpd
1.132 apb 1188: Boolean value.
1.17 fair 1189: Runs
1.10 cjs 1190: .Xr dhcpd 8 ,
1.17 fair 1191: the Dynamic Host Configuration Protocol (DHCP) daemon,
1192: for assigning IP addresses to hosts and passing boot information.
1193: Passes
1.10 cjs 1194: .Sy dhcpd_flags .
1.35 lukem 1195: .It Sy dhcrelay
1.132 apb 1196: Boolean value.
1.35 lukem 1197: Runs
1198: .Xr dhcrelay 8 .
1199: Passes
1200: .Sy dhcrelay_flags .
1.10 cjs 1201: .It Sy mopd
1.132 apb 1202: Boolean value.
1.17 fair 1203: Runs
1.10 cjs 1204: .Xr mopd 8 ,
1.168 wiz 1205: the DEC MOP protocol daemon; used for booting VAX and other DEC
1.17 fair 1206: machines.
1.10 cjs 1207: Passes
1208: .Sy mopd_flags .
1.50 lukem 1209: .It Sy ndbootd
1.132 apb 1210: Boolean value.
1.50 lukem 1211: Runs
1212: .Xr ndbootd 8 ,
1213: the Sun Network Disk (ND) Protocol server.
1214: Passes
1215: .Sy ndbootd_flags .
1.88 jmmv 1216: .It Sy rarpd
1.132 apb 1217: Boolean value.
1.88 jmmv 1218: Runs
1219: .Xr rarpd 8 ,
1220: the reverse ARP daemon, often used to boot
1221: .Nx
1222: and Sun workstations.
1223: Passes
1224: .Sy rarpd_flags .
1225: .It Sy rbootd
1.132 apb 1226: Boolean value.
1.88 jmmv 1227: Runs
1228: .Xr rbootd 8 ,
1.168 wiz 1229: the HP boot protocol daemon; used for booting HP workstations.
1.88 jmmv 1230: Passes
1231: .Sy rbootd_flags .
1.24 itojun 1232: .It Sy rtadvd
1.132 apb 1233: Boolean value.
1.24 itojun 1234: Runs
1235: .Xr rtadvd 8 ,
1236: the IPv6 router advertisement daemon, which is used to advertise
1237: information about the subnet to IPv6 end hosts.
1238: Passes
1239: .Sy rtadvd_flags .
1.60 lukem 1240: This is only for IPv6 routers, so set
1241: .Sy ip6mode
1.35 lukem 1242: to
1.60 lukem 1243: .Dq Li router
1.35 lukem 1244: if you use it.
1245: .El
1.49 wiz 1246: .Ss X Window System daemons
1.35 lukem 1247: .Bl -tag -width net_interfaces
1248: .It Sy xdm
1.132 apb 1249: Boolean value.
1.35 lukem 1250: Runs the
1251: .Xr xdm 1
1252: X display manager.
1253: These X daemons are available only with the optional X distribution of
1254: .Nx .
1.88 jmmv 1255: .It Sy xfs
1.132 apb 1256: Boolean value.
1.88 jmmv 1257: Runs the
1258: .Xr xfs 1
1259: X11 font server, which supplies local X font files to X terminals.
1.5 cjs 1260: .El
1.49 wiz 1261: .Ss NIS (YP) daemons
1.11 mikel 1262: .Bl -tag -width net_interfaces
1.10 cjs 1263: .It Sy ypbind
1.132 apb 1264: Boolean value.
1.17 fair 1265: Runs
1.10 cjs 1266: .Xr ypbind 8 ,
1.168 wiz 1267: which lets NIS (YP) clients use information from a NIS server.
1.17 fair 1268: Passes
1.10 cjs 1269: .Sy ypbind_flags .
1.88 jmmv 1270: .It Sy yppasswdd
1.132 apb 1271: Boolean value.
1.88 jmmv 1272: Runs
1273: .Xr yppasswdd 8 ,
1.168 wiz 1274: which allows remote NIS users to update password on master server.
1.88 jmmv 1275: Passes
1276: .Sy yppasswdd_flags .
1.10 cjs 1277: .It Sy ypserv
1.132 apb 1278: Boolean value.
1.17 fair 1279: Runs
1.10 cjs 1280: .Xr ypserv 8 ,
1.168 wiz 1281: the NIS (YP) server for distributing information from certain files
1282: in
1.5 cjs 1283: .Pa /etc .
1.10 cjs 1284: Passes
1285: .Sy ypserv_flags .
1286: The
1.40 lukem 1287: .Dq Li -d
1.10 cjs 1288: flag causes it to use DNS for lookups in
1289: .Pa /etc/hosts
1290: that fail.
1.88 jmmv 1291: .El
1292: .Ss NFS daemons and parameters
1293: .Bl -tag -width net_interfaces
1294: .It Sy amd
1.132 apb 1295: Boolean value.
1.88 jmmv 1296: Runs
1297: .Xr amd 8 ,
1298: the automounter daemon, which automatically mounts NFS file systems
1299: whenever a file or directory within that file system is accessed.
1300: Passes
1301: .Sy amd_flags .
1302: .It Sy amd_dir
1303: A string.
1304: The
1305: .Xr amd 8
1306: mount directory.
1307: Used only if
1308: .Sy amd
1.132 apb 1309: is true.
1.88 jmmv 1310: .It Sy lockd
1.132 apb 1311: Boolean value.
1.17 fair 1312: Runs
1.88 jmmv 1313: .Xr rpc.lockd 8
1314: if
1315: .Sy nfs_server
1316: and/or
1317: .Sy nfs_client
1.132 apb 1318: are true.
1.17 fair 1319: Passes
1.88 jmmv 1320: .Sy lockd_flags .
1.47 lukem 1321: .It Sy mountd
1.132 apb 1322: Boolean value.
1.47 lukem 1323: Runs
1324: .Xr mountd 8
1325: and passes
1326: .Sy mountd_flags .
1.5 cjs 1327: .It Sy nfs_client
1.132 apb 1328: Boolean value.
1.34 enami 1329: The number of local NFS asynchronous I/O server is now controlled via
1330: .Xr sysctl 8 .
1.1 mrg 1331: .It Sy nfs_server
1.132 apb 1332: Boolean value.
1.17 fair 1333: Sets up a host to be a NFS server by running
1.47 lukem 1334: .Xr nfsd 8
1.17 fair 1335: and passing
1.47 lukem 1336: .Sy nfsd_flags .
1.10 cjs 1337: .It Sy statd
1.132 apb 1338: Boolean value.
1.17 fair 1339: Runs
1.10 cjs 1340: .Xr rpc.statd 8 ,
1341: a status monitoring daemon used when
1.17 fair 1342: .Xr rpc.lockd 8
1.50 lukem 1343: is running, if
1.3 scottr 1344: .Sy nfs_server
1.50 lukem 1345: and/or
1.3 scottr 1346: .Sy nfs_client
1.132 apb 1347: are true.
1.17 fair 1348: Passes
1.10 cjs 1349: .Sy statd_flags .
1.13 jonathan 1350: .El
1.147 plunky 1351: .Ss Bluetooth support
1.102 gdamore 1352: .Bl -tag -width net_interfaces
1.147 plunky 1353: .It Sy bluetooth
1.132 apb 1354: Boolean value.
1.147 plunky 1355: Configure Bluetooth support, comprising the following tasks:
1356: .Bl -dash -compact
1357: .It
1358: attach serial Bluetooth controllers as listed in the
1.162 plunky 1359: .Pa /etc/bluetooth/btattach.conf
1.147 plunky 1360: configuration file.
1361: .It
1362: enable Bluetooth controllers with useful defaults, plus
1363: additional options as detailed below.
1364: .It
1365: optionally, start
1366: .Xr bthcid 8 ,
1367: the Bluetooth Link Key/PIN Code manager, passing
1368: .Sy bthcid_flags .
1369: .It
1370: configure local Bluetooth drivers as listed in the
1371: .Pa /etc/bluetooth/btdevctl.conf
1372: configuration file.
1373: .It
1374: optionally, start
1375: .Xr sdpd 8 ,
1376: the Service Discovery server, passing
1377: .Sy sdpd_flags .
1378: .El
1.102 gdamore 1379: .It Sy btconfig_devices
1.147 plunky 1380: A string.
1381: An optional list of Bluetooth controllers to configure.
1382: .It Sy btconfig_{dev}
1383: A string.
1384: Additional configuration options for specific Bluetooth controllers.
1.102 gdamore 1385: .It Sy btconfig_args
1.147 plunky 1386: A string.
1387: Additional configuration options for Bluetooth controllers without
1388: specific options as above.
1.102 gdamore 1389: .It Sy bthcid
1.132 apb 1390: Boolean value.
1.147 plunky 1391: If set to false, disable starting the Bluetooth Link Key/PIN Code manager.
1.102 gdamore 1392: .It Sy sdpd
1.132 apb 1393: Boolean value.
1.147 plunky 1394: If set to false, disable starting the Bluetooth Service Discovery server.
1.102 gdamore 1395: .El
1.49 wiz 1396: .Ss Other daemons
1.11 mikel 1397: .Bl -tag -width net_interfaces
1.139 jruoho 1398: .It Sy identd
1399: Boolean value.
1400: Runs
1401: .Xr identd 8 ,
1402: the daemon for the user identification protocol.
1403: Passes
1404: .Sy identd_flags .
1405: .It Sy iscsi_target
1406: Boolean value.
1407: Runs the server for iSCSI requests,
1408: .Xr iscsi-target 8 .
1409: Passes
1410: .Sy iscsi_target_flags .
1.88 jmmv 1411: .It Sy kdc
1.132 apb 1412: Boolean value.
1.88 jmmv 1413: Runs the
1414: .Xr kdc 8
1415: Kerberos v4 and v5 server.
1416: This should be run on Kerberos master and slave servers.
1.5 cjs 1417: .It Sy rwhod
1.132 apb 1418: Boolean value.
1.17 fair 1419: Runs
1.11 mikel 1420: .Xr rwhod 8
1.10 cjs 1421: to support the
1.11 mikel 1422: .Xr rwho 1
1.17 fair 1423: and
1424: .Xr ruptime 1
1425: commands.
1.167 christos 1426: .It Sy autofs
1427: Boolean value.
1428: If set to
1429: .Dq Li YES ,
1430: start the
1431: .Xr automount 8
1432: utility and the
1433: .Xr automountd 8
1434: and
1435: .Xr autounmountd 8
1436: daemons at boot time.
1437: .It Sy automount_flags
1438: A string.
1439: If
1440: .Sy autofs
1441: is set to
1442: .Dq Li YES ,
1443: these are the flags to pass to the
1444: .Xr automount 8
1445: program.
1446: By default no flags are passed.
1447: .It Sy automountd_flags
1448: A string.
1449: If
1450: .Sy autofs
1451: is set to
1452: .Dq Li YES ,
1453: these are the flags to pass to the
1454: .Xr automountd 8
1455: daemon.
1456: By default no flags are passed.
1457: .It Sy autounmountd_flags
1458: A string.
1459: If
1460: .Sy autofs
1461: is set to
1462: .Dq Li YES ,
1463: these are the flags to pass to the
1464: .Xr autounmountd 8
1465: daemon.
1466: By default no flags are passed.
1.35 lukem 1467: .El
1.49 wiz 1468: .Ss Hardware daemons
1.35 lukem 1469: .Bl -tag -width net_interfaces
1470: .It Sy apmd
1.132 apb 1471: Boolean value.
1.35 lukem 1472: Runs
1473: .Xr apmd 8
1474: and passes
1475: .Sy apmd_flags .
1.100 rpaulo 1476: .It Sy irdaattach
1.132 apb 1477: Boolean value.
1.100 rpaulo 1478: Runs
1479: .Xr irdaattach 8
1480: and passes
1481: .Sy irdaattach_flags .
1.88 jmmv 1482: .It Sy moused
1.132 apb 1483: Boolean value.
1.88 jmmv 1484: Runs
1485: .Xr moused 8 ,
1486: to pass serial mouse data to the wscons mouse mux.
1487: Passes
1488: .Sy moused_flags .
1.16 mrg 1489: .It Sy screenblank
1.132 apb 1490: Boolean value.
1.17 fair 1491: Runs
1492: .Xr screenblank 1
1.16 mrg 1493: and passes
1494: .Sy screenblank_flags .
1.35 lukem 1495: .It Sy wscons
1.132 apb 1496: Boolean value.
1.35 lukem 1497: Configures the
1498: .Xr wscons 4
1499: console driver, from the configuration file
1500: .Pa /etc/wscons.conf .
1.69 wiz 1501: .It Sy wsmoused
1.132 apb 1502: Boolean value.
1.69 wiz 1503: Runs
1504: .Xr wsmoused 8 ,
1505: to provide copy and paste text support in wscons displays.
1506: Passes
1507: .Sy wsmoused_flags .
1.1 mrg 1508: .El
1509: .Sh FILES
1.39 lukem 1510: .Bl -tag -width /etc/defaults/rc.conf -compact
1511: .It Pa /etc/rc.conf
1512: The file
1513: .Nm
1514: resides in
1515: .Pa /etc .
1516: .It Pa /etc/defaults/rc.conf
1517: Default settings for
1.76 wiz 1518: .Nm ,
1.58 lukem 1519: sourced by
1520: .Nm
1521: before the end-user configuration section.
1522: .It Pa /etc/rc.conf.d/ Ns Ar foo
1523: .Ar foo Ns No -specific
1524: .Nm
1525: overrides.
1.39 lukem 1526: .El
1.1 mrg 1527: .Sh SEE ALSO
1.8 mikel 1528: .Xr boot 8 ,
1.34 enami 1529: .Xr rc 8 ,
1.88 jmmv 1530: .Xr rc.d 8 ,
1.64 atatat 1531: .Xr rc.subr 8 ,
1.88 jmmv 1532: .Xr rcorder 8
1.1 mrg 1533: .Sh HISTORY
1534: The
1535: .Nm
1536: file appeared in
1537: .Nx 1.3 .
CVSweb <webmaster@jp.NetBSD.org>