version 1.59, 2011/02/01 20:43:48 |
version 1.108, 2017/01/09 20:08:26 |
|
|
.\" |
.\" |
.\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95 |
.\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95 |
.\" |
.\" |
.Dd February 1, 2011 |
.Dd November 17, 2016 |
.Dt SYSCTL 7 |
.Dt SYSCTL 7 |
.Os |
.Os |
.Sh NAME |
.Sh NAME |
|
|
for more information. |
for more information. |
.Ss The vfs.* subtree |
.Ss The vfs.* subtree |
A distinguished second level name, |
A distinguished second level name, |
.Li vfs.generic ( VFS_GENERIC ) , |
.Li vfs.generic ( Dv VFS_GENERIC ) , |
is used to get general information about all file systems. |
is used to get general information about all file systems. |
It has the following third level identifiers: |
It has the following third level identifiers: |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li vfs.generic.maxtypenum ( VFS_MAXTYPENUM ) |
.It Li vfs.generic.maxtypenum ( Dv VFS_MAXTYPENUM ) |
The highest valid file system type number. |
The highest valid file system type number. |
.It Li vfs.generic.conf ( VFS_CONF ) |
.It Li vfs.generic.conf ( Dv VFS_CONF ) |
Returns configuration information about the file system type given as a fourth |
Returns configuration information about the file system type given as a fourth |
level identifier. |
level identifier. |
.It Li vfs.generic.usermount ( VFS_USERMOUNT ) |
.It Li vfs.generic.usermount ( Dv VFS_USERMOUNT ) |
Determines if non superuser mounts are allowed, default to no |
Determines if non superuser mounts are allowed, defaults to |
.Dv 0 . |
.Dv 0 . |
.It Li vfs.generic.magiclinks ( VFS_MAGICLINKS ) |
.It Li vfs.generic.magiclinks ( Dv VFS_MAGICLINKS ) |
Controls if expansion of variables is going to be performed on pathnames |
Controls if expansion of variables is going to be performed on pathnames |
or not. |
or not. |
Defaults to no variable expansion, |
Defaults to no variable expansion, |
.Dv 0 . |
.Dv 0 . |
Variables are of the form |
Variables are of the form |
.Li @name |
.Li @name |
and the following names are supported: |
and the variables supported are described in |
.Bl -tag -width "kernel_ident" |
.Xr symlink 7 |
.It domainname |
under |
The domain name as determined by |
.Dq "MAGIC SYMLINKS" . |
.Xr getdomainname 2 |
|
.It emul |
|
The current process emulation name. |
|
Defaults to |
|
.Dv netbsd . |
|
Other valid emulations are: |
|
.Dv aout , |
|
.Dv aoutm68k , |
|
.Dv darwin , |
|
.Dv freebsd , |
|
.Dv ibcs2 , |
|
.Dv irix , |
|
.Dv linux , |
|
.Dv linux32 , |
|
.Dv m68k4k , |
|
.Dv mach , |
|
.Dv netbsd32 , |
|
.Dv osf1 , |
|
.Dv pecoff , |
|
.Dv sunos , |
|
.Dv sunos32 , |
|
.Dv svr4 , |
|
.Dv svr4_32 , |
|
.Dv ultrix , |
|
.Dv vax1k . |
|
.It gid |
|
The effective group id of the current process. |
|
.It hostname |
|
The host name as determined by |
|
.Xr gethostname 2 |
|
.It kernel_ident |
|
The kernel identifier, as specified by config. |
|
For example |
|
.Dv GENERIC . |
|
.It machine |
|
The type of machine as determined by the |
|
.Xr sysctl 3 |
|
.Dq hw.machine . |
|
.It machine_arch |
|
The architecture of the processor as determined by the |
|
.Xr sysctl 3 |
|
.Dq hw.machine_arch . |
|
.It osrelease |
|
The kernel release number as determined by the |
|
.Xr sysctl 3 |
|
.Dq kern.osrelease . |
|
.Xr sysctl 3 |
|
.It ostype |
|
The kernel operating system type as determined by the |
|
.Xr sysctl 3 |
|
.Dq kern.ostype . |
|
Defaults to |
|
.Dv NetBSD . |
|
.It rgid |
|
The real group id of the current process. |
|
.It ruid |
|
The real user id of the current process. |
|
.It uid |
|
The effective user id of the current process. |
|
.El |
|
.El |
.El |
.Pp |
.Pp |
A second level name for controlling the |
A second level name for controlling the |
Line 224 capabilities with the following third le |
|
Line 164 capabilities with the following third le |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li vfs.wapbl.flush_disk_cache |
.It Li vfs.wapbl.flush_disk_cache |
Controls whether to attempt to flush the disk cache on each commit. |
Controls whether to attempt to flush the disk cache on each commit. |
It defaults to 1 and it should always be on to ensure data integrity in |
It defaults to 1 and it should always be on to ensure integrity |
case of a crash. |
of file system metadata in the event of a power loss. |
For slow disks, turning it off can improve performance. |
For slow disks, turning it off can improve performance. |
.It Li vfs.wapbl.verbose_commit |
.It Li vfs.wapbl.verbose_commit |
For each transaction log commit, print the number of bytes written |
For each transaction log commit, print the number of bytes written |
Line 248 level is detailed below. |
|
Line 188 level is detailed below. |
|
The changeable column shows whether a process with appropriate |
The changeable column shows whether a process with appropriate |
privilege may change the value. |
privilege may change the value. |
.Bl -column "hw.machine_arch" "integer" "Changeable" -offset indent |
.Bl -column "hw.machine_arch" "integer" "Changeable" -offset indent |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It hw.alignbytes integer no |
.It hw.alignbytes integer no |
.It hw.byteorder integer no |
.It hw.byteorder integer no |
.It hw.cnmagic string yes |
.It hw.cnmagic string yes |
Line 258 privilege may change the value. |
|
Line 198 privilege may change the value. |
|
.It hw.machine_arch string no |
.It hw.machine_arch string no |
.It hw.model string no |
.It hw.model string no |
.It hw.ncpu integer no |
.It hw.ncpu integer no |
|
.It hw.ncpuonline integer no |
.It hw.pagesize integer no |
.It hw.pagesize integer no |
.It hw.physmem integer no |
.It hw.physmem integer no |
.It hw.physmem64 quad no |
.It hw.physmem64 quad no |
.It hw.usermem integer no |
.It hw.usermem integer no |
.It hw.usermem64 quad no |
.It hw.usermem64 quad no |
.El |
.El |
.Pp |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li hw.alignbytes ( HW_ALIGNBYTES ) |
.It Li hw.alignbytes ( Dv HW_ALIGNBYTES ) |
Alignment constraint for all possible data types. |
Alignment constraint for all possible data types. |
This shows the value |
This shows the value |
.Dv ALIGNBYTES |
.Dv ALIGNBYTES |
in |
in |
.In machine/param.h , |
.In machine/param.h , |
at the kernel compilation time. |
at the kernel compilation time. |
.It Li hw.byteorder ( HW_BYTEORDER ) |
.It Li hw.byteorder ( Dv HW_BYTEORDER ) |
The byteorder (4321, or 1234). |
The byteorder (4321, or 1234). |
.It Li hw.cnmagic ( HW_CNMAGIC ) |
.It Li hw.cnmagic ( Dv HW_CNMAGIC ) |
The console magic key sequence. |
The console magic key sequence. |
.It Li hw.disknames ( HW_DISKNAMES ) |
.It Li hw.disknames ( Dv HW_DISKNAMES ) |
The list of (space separated) disk device names on the system. |
The list of (space separated) disk device names on the system. |
.It Li hw.iostatnames ( HW_IOSTATNAMES ) |
.It Li hw.iostatnames ( Dv HW_IOSTATNAMES ) |
A space separated list of devices that will have I/O statistics |
A space separated list of devices that will have I/O statistics |
collected on them. |
collected on them. |
.It Li hw.iostats ( HW_IOSTATS ) |
.It Li hw.iostats ( Dv HW_IOSTATS ) |
Return statistical information on the NFS mounts, disk and tape |
Return statistical information on the NFS mounts, disk and tape |
devices on the system. |
devices on the system. |
An array of |
An array of |
|
|
(tape drive), or |
(tape drive), or |
.Dv IOSTAT_NFS |
.Dv IOSTAT_NFS |
(NFS mount). |
(NFS mount). |
.It Li hw.machine ( HW_MACHINE ) |
.It Li hw.machine ( Dv HW_MACHINE ) |
The machine class. |
The machine class. |
.It Li hw.machine_arch ( HW_MACHINE_ARCH ) |
.It Li hw.machine_arch ( Dv HW_MACHINE_ARCH ) |
The machine CPU class. |
The machine CPU class. |
.It Li hw.model ( HW_MODEL ) |
.It Li hw.model ( Dv HW_MODEL ) |
The machine model. |
The machine model. |
.It Li hw.ncpu ( HW_NCPU ) |
.It Li hw.ncpu ( Dv HW_NCPU ) |
The number of CPUs. |
The number of CPUs configured. |
.It Li hw.pagesize ( HW_PAGESIZE ) |
.It Li hw.ncpuonline ( Dv HW_NCPUONLINE ) |
|
The number of CPUs online. |
|
.It Li hw.pagesize ( Dv HW_PAGESIZE ) |
The software page size. |
The software page size. |
.It Li hw.physmem ( HW_PHYSMEM ) |
.It Li hw.physmem ( Dv HW_PHYSMEM ) |
The bytes of physical memory as a 32-bit integer. |
The bytes of physical memory as a 32-bit integer. |
.It Li hw.physmem64 ( HW_PHYSMEM64 ) |
.It Li hw.physmem64 ( Dv HW_PHYSMEM64 ) |
The bytes of physical memory as a 64-bit integer. |
The bytes of physical memory as a 64-bit integer. |
.It Li hw.usermem ( HW_USERMEM ) |
.It Li hw.usermem ( Dv HW_USERMEM ) |
The bytes of non-kernel memory as a 32-bit integer. |
The bytes of non-kernel memory as a 32-bit integer. |
.It Li hw.usermem64 ( HW_USERMEM64 ) |
.It Li hw.usermem64 ( Dv HW_USERMEM64 ) |
The bytes of non-kernel memory as a 64-bit integer. |
The bytes of non-kernel memory as a 64-bit integer. |
.El |
.El |
.Ss The kern.* subtree |
.Ss The kern.* subtree |
Line 330 The changeable column shows whether a pr |
|
Line 272 The changeable column shows whether a pr |
|
privilege may change the value. |
privilege may change the value. |
.Bl -column "kern.posix_reader_writer_locks" \ |
.Bl -column "kern.posix_reader_writer_locks" \ |
"struct kinfo_drivers" "not applicable" |
"struct kinfo_drivers" "not applicable" |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It kern.aio_listio_max integer yes |
.It kern.aio_listio_max integer yes |
.It kern.aio_max integer yes |
.It kern.aio_max integer yes |
.It kern.arandom integer no |
.It kern.arandom integer no |
.It kern.argmax integer no |
.It kern.argmax integer no |
.It kern.boothowto integer no |
.It kern.boothowto integer no |
.It kern.boottime struct timeval no |
.It kern.boottime struct timeval no |
|
.It kern.buildinfo string no |
.\".It kern.bufq node not applicable |
.\".It kern.bufq node not applicable |
.It kern.ccpu integer no |
.It kern.ccpu integer no |
.It kern.clockrate struct clockinfo no |
.It kern.clockrate struct clockinfo no |
Line 366 privilege may change the value. |
|
Line 309 privilege may change the value. |
|
.It kern.logsigexit integer yes |
.It kern.logsigexit integer yes |
.It kern.mapped_files integer no |
.It kern.mapped_files integer no |
.It kern.maxfiles integer yes |
.It kern.maxfiles integer yes |
|
.It kern.maxlwp integer yes |
.It kern.maxpartitions integer no |
.It kern.maxpartitions integer no |
.It kern.maxphys integer no |
.It kern.maxphys integer no |
.It kern.maxproc integer yes |
.It kern.maxproc integer yes |
.It kern.maxptys integer yes |
.It kern.maxptys integer yes |
.It kern.maxvnodes integer yes |
.It kern.maxvnodes integer yes |
|
.It kern.messages integer yes |
.It kern.mbuf node not applicable |
.It kern.mbuf node not applicable |
.It kern.memlock integer no |
.It kern.memlock integer no |
.It kern.memlock_range integer no |
.It kern.memlock_range integer no |
Line 388 privilege may change the value. |
|
Line 333 privilege may change the value. |
|
.It kern.ostype string no |
.It kern.ostype string no |
.\".It kern.panic_now integer yes |
.\".It kern.panic_now integer yes |
.It kern.pipe node not applicable |
.It kern.pipe node not applicable |
|
.It kern.pool struct pool_sysctl no |
.\" .It kern.posix node not applicable |
.\" .It kern.posix node not applicable |
.It kern.posix1version integer no |
.It kern.posix1version integer no |
.It kern.posix_aio integer no |
.It kern.posix_aio integer no |
Line 409 privilege may change the value. |
|
Line 355 privilege may change the value. |
|
.It kern.rtc_offset integer yes |
.It kern.rtc_offset integer yes |
.It kern.saved_ids integer no |
.It kern.saved_ids integer no |
.It kern.sbmax integer yes |
.It kern.sbmax integer yes |
.\".It kern.sched node not applicable |
.It kern.sched node not applicable |
.It kern.securelevel integer raise only |
.It kern.securelevel integer raise only |
.It kern.somaxkva integer yes |
.It kern.somaxkva integer yes |
.It kern.synchronized_io integer no |
.It kern.synchronized_io integer no |
.It kern.timecounter node not applicable |
.It kern.timecounter node not applicable |
.It kern.timex struct no |
.It kern.timex struct no |
.It kern.tkstat node not applicable |
.It kern.tkstat node not applicable |
|
.It kern.tty node not applicable |
.It kern.urandom integer no |
.It kern.urandom integer no |
.It kern.usercrypto integer yes |
.It kern.usercrypto integer yes |
.It kern.userasymcrypto integer yes |
.It kern.userasymcrypto integer yes |
Line 440 The used random number generator |
|
Line 387 The used random number generator |
|
.Pf ( Tn RNG ) |
.Pf ( Tn RNG ) |
is based on |
is based on |
.Xr arc4random 3 . |
.Xr arc4random 3 . |
.It Li kern.argmax ( KERN_ARGMAX ) |
.It Li kern.argmax ( Dv KERN_ARGMAX ) |
The maximum bytes of argument to |
The maximum bytes of argument to |
.Xr execve 2 . |
.Xr execve 2 . |
.It Li kern.boothowto |
.It Li kern.boothowto |
Flags passed from the boot loader; see |
Flags passed from the boot loader; see |
.Xr reboot 2 |
.Xr reboot 2 |
for the meanings of the flags. |
for the meanings of the flags. |
.It Li kern.boottime ( KERN_BOOTTIME ) |
.It Li kern.boottime ( Dv KERN_BOOTTIME ) |
A |
A |
.Vt struct timeval |
.Vt struct timeval |
structure is returned. |
structure is returned. |
This structure contains the time that the system was booted. |
This structure contains the time that the system was booted. |
.\" .It Li kern.bufq |
.It Li kern.bufq |
.\" XXX: Undocumented. |
This variable contains information on the |
.It Li kern.ccpu ( KERN_CCPU ) |
.Xr bufq 9 |
|
subsystem. |
|
Currently, the only third level name implemented is |
|
.Dv kern.bufq.strategies |
|
which provides a list of buffer queue strategies currently available. |
|
.It Li kern.buildinfo |
|
When the kernel is built, the build environment may optionally provide |
|
arbitrary information to be stored in this variable. |
|
.It Li kern.ccpu ( Dv KERN_CCPU ) |
The scheduler exponential decay value. |
The scheduler exponential decay value. |
.It Li kern.clockrate ( KERN_CLOCKRATE ) |
.It Li kern.clockrate ( Dv KERN_CLOCKRATE ) |
A |
A |
.Vt struct clockinfo |
.Vt struct clockinfo |
structure is returned. |
structure is returned. |
|
|
Refer to |
Refer to |
.Xr hz 9 |
.Xr hz 9 |
for additional details. |
for additional details. |
.It Li kern.consdev ( KERN_CONSDEV ) |
.It Li kern.consdev ( Dv KERN_CONSDEV ) |
Console device. |
Console device. |
.It Li kern.coredump |
.It Li kern.coredump |
Settings related to set-id processes coredumps. |
Settings related to set-id processes coredumps. |
Line 479 The third level name is |
|
Line 434 The third level name is |
|
.Dv kern.coredump.setid |
.Dv kern.coredump.setid |
and fourth level variables are described below. |
and fourth level variables are described below. |
.Bl -column "kern.coredump.setid.group" "integer" "Changeable" -offset indent |
.Bl -column "kern.coredump.setid.group" "integer" "Changeable" -offset indent |
.It Sy Fourth level name Type Changeable |
.It Sy Fourth level name Ta Sy Type Ta Sy Changeable |
.It kern.coredump.setid.dump integer yes |
.It kern.coredump.setid.dump integer yes |
.It kern.coredump.setid.group integer yes |
.It kern.coredump.setid.group integer yes |
.It kern.coredump.setid.mode integer yes |
.It kern.coredump.setid.mode integer yes |
|
|
The path to which set-id processes' coredumps will be saved to. |
The path to which set-id processes' coredumps will be saved to. |
Same syntax as kern.defcorename. |
Same syntax as kern.defcorename. |
.El |
.El |
.It Li kern.cp_id ( KERN_CP_ID ) |
.It Li kern.cp_id ( Dv KERN_CP_ID ) |
Mapping of CPU number to CPU id. |
Mapping of CPU number to CPU id. |
.It Li kern.cp_time ( KERN_CP_TIME ) |
.It Li kern.cp_time ( Dv KERN_CP_TIME ) |
Returns an array of |
Returns an array of |
.Dv CPUSTATES |
.Dv CPUSTATES |
.Vt uint64_t Ns s. |
.Vt uint64_t Ns s . |
This array contains the |
This array contains the |
number of clock ticks spent in different CPU states. |
number of clock ticks spent in different CPU states. |
On multi-processor systems, the sum across all CPUs is returned unless |
On multi-processor systems, the sum across all CPUs is returned unless |
Line 529 non-accelerated transforms (handling the |
|
Line 484 non-accelerated transforms (handling the |
|
.It Dv \*[Gt] 0 |
.It Dv \*[Gt] 0 |
Allow user requests only for transforms which are hardware-accelerated. |
Allow user requests only for transforms which are hardware-accelerated. |
.El |
.El |
.It Li kern.defcorename ( KERN_DEFCORENAME ) |
.It Li kern.defcorename ( Dv KERN_DEFCORENAME ) |
Default template for the name of core dump files (see also |
Default template for the name of core dump files (see also |
.Li proc.pid.corename |
.Li proc.pid.corename |
in the per-process variables |
in the per-process variables |
Line 546 and can be changed with the kernel confi |
|
Line 501 and can be changed with the kernel confi |
|
). |
). |
.It Li kern.detachall |
.It Li kern.detachall |
Detach all devices at shutdown. |
Detach all devices at shutdown. |
.It Li kern.domainname ( KERN_DOMAINNAME ) |
.It Li kern.domainname ( Dv KERN_DOMAINNAME ) |
Get or set the YP domain name. |
Get or set the YP domain name. |
.It Li kern.drivers ( KERN_DRIVERS ) |
.It Li kern.drivers ( Dv KERN_DRIVERS ) |
Return an array of |
Return an array of |
.Vt struct kinfo_drivers |
.Vt struct kinfo_drivers |
that contains the name and major device numbers of all the device drivers |
that contains the name and major device numbers of all the device drivers |
Line 559 field is always a NUL terminated string. |
|
Line 514 field is always a NUL terminated string. |
|
The |
The |
.Va d_bmajor |
.Va d_bmajor |
field will be set to \-1 if the driver doesn't have a block device. |
field will be set to \-1 if the driver doesn't have a block device. |
.It Li kern.dump_on_panic ( KERN_DUMP_ON_PANIC ) |
.It Li kern.dump_on_panic ( Dv KERN_DUMP_ON_PANIC ) |
Perform a crash dump on system |
Perform a crash dump on system |
.Xr panic 9 . |
.Xr panic 9 . |
.It Li kern.file ( KERN_FILE ) |
.It Li kern.file ( Dv KERN_FILE ) |
Return the entire file table. |
Return the entire file table. |
The returned data consists of a single |
The returned data consists of a single |
.Vt struct filelist |
.Vt struct filelist |
followed by an array of |
followed by an array of |
.Vt struct file , |
.Vt struct file , |
whose size depends on the current number of such objects in the system. |
whose size depends on the current number of such objects in the system. |
.It Li kern.forkfsleep ( KERN_FORKFSLEEP ) |
.It Li kern.forkfsleep ( Dv KERN_FORKFSLEEP ) |
If |
If |
.Xr fork 2 |
.Xr fork 2 |
system call fails due to limit on number of processes (either |
system call fails due to limit on number of processes (either |
Line 580 error to process. |
|
Line 535 error to process. |
|
Useful to keep heavily forking runaway processes in bay. |
Useful to keep heavily forking runaway processes in bay. |
Default zero (no sleep). |
Default zero (no sleep). |
Maximum is 20 seconds. |
Maximum is 20 seconds. |
.It Li kern.fscale ( KERN_FSCALE ) |
.It Li kern.fscale ( Dv KERN_FSCALE ) |
The kernel fixed-point scale factor. |
The kernel fixed-point scale factor. |
.It Li kern.fsync ( KERN_FSYNC ) |
.It Li kern.fsync ( Dv KERN_FSYNC ) |
Return 1 if the |
Return 1 if the |
.St -p1003.1b-93 |
.St -p1003.1b-93 |
File Synchronization Option is available |
File Synchronization Option is available |
on this system, |
on this system, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.hardclock_ticks ( KERN_HARDCLOCK_TICKS ) |
.It Li kern.hardclock_ticks ( Dv KERN_HARDCLOCK_TICKS ) |
Returns the number of |
Returns the number of |
.Xr hardclock 9 |
.Xr hardclock 9 |
ticks. |
ticks. |
.It Li kern.hostid ( KERN_HOSTID ) |
.It Li kern.hist |
|
This variable contains kernel history data if the kernel was |
|
configured for any of the options |
|
.Dv UVHMIST , |
|
.Dv USB_DEBUG , |
|
.Dv BIOHIST , |
|
or |
|
.Dv SCDEBUG . |
|
(See |
|
.Xr options 4 |
|
for more details.) |
|
The third-level names correspond to each available history table. |
|
The values of the history tables are in an internal format, and can be |
|
decoded by the |
|
.Xr vmstat 1 |
|
utility's |
|
.Fl U |
|
and |
|
.Fl u |
|
options; |
|
the |
|
.Fl l |
|
option can be used to see which tables are available. |
|
.It Li kern.hostid ( Dv KERN_HOSTID ) |
Get or set the host identifier. |
Get or set the host identifier. |
This is aimed to replace the legacy |
This is aimed to replace the legacy |
.Xr gethostid 3 |
.Xr gethostid 3 |
and |
and |
.Xr sethostid 3 |
.Xr sethostid 3 |
system calls. |
system calls. |
.It Li kern.hostname ( KERN_HOSTNAME ) |
.It Li kern.hostname ( Dv KERN_HOSTNAME ) |
Get or set the |
Get or set the |
.Xr hostname 1 . |
.Xr hostname 1 . |
.It Li kern.iov_max ( KERN_IOV_MAX ) |
.It Li kern.iov_max ( Dv KERN_IOV_MAX ) |
Return the maximum number of |
Return the maximum number of |
.Vt iovec |
.Vt iovec |
structures that a process has available for use with |
structures that a process has available for use with |
Line 613 structures that a process has available |
|
Line 591 structures that a process has available |
|
.Xr sendmsg 2 |
.Xr sendmsg 2 |
and |
and |
.Xr writev 2 . |
.Xr writev 2 . |
.It Li kern.ipc ( KERN_SYSVIPC ) |
.It Li kern.ipc ( Dv KERN_SYSVIPC ) |
Return information about the SysV IPC parameters. |
Return information about the SysV IPC parameters. |
The third level names for the ipc variables are detailed below. |
The third level names for the ipc variables are detailed below. |
.Bl -column "kern.ipc.shm_use_phys" "integer" "Changeable" -offset indent |
.Bl -column "kern.ipc.shm_use_phys" "integer" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.ipc.sysvmsg integer no |
.It kern.ipc.sysvmsg integer no |
.It kern.ipc.sysvsem integer no |
.It kern.ipc.sysvsem integer no |
.It kern.ipc.sysvshm integer no |
.It kern.ipc.sysvshm integer no |
Line 634 The third level names for the ipc variab |
|
Line 612 The third level names for the ipc variab |
|
.It kern.ipc.semmnu integer yes |
.It kern.ipc.semmnu integer yes |
.El |
.El |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li kern.ipc.sysvmsg ( KERN_SYSVIPC_MSG ) |
.It Li kern.ipc.sysvmsg ( Dv KERN_SYSVIPC_MSG ) |
Returns 1 if System V style message queue functionality is available |
Returns 1 if System V style message queue functionality is available |
on this system, |
on this system, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.ipc.sysvsem ( KERN_SYSVIPC_SEM ) |
.It Li kern.ipc.sysvsem ( Dv KERN_SYSVIPC_SEM ) |
Returns 1 if System V style semaphore functionality is available |
Returns 1 if System V style semaphore functionality is available |
on this system, |
on this system, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.ipc.sysvshm ( KERN_SYSVIPC_SHM ) |
.It Li kern.ipc.sysvshm ( Dv KERN_SYSVIPC_SHM ) |
Returns 1 if System V style share memory functionality is available |
Returns 1 if System V style share memory functionality is available |
on this system, |
on this system, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.ipc.sysvipc_info ( KERN_SYSVIPC_INFO ) |
.It Li kern.ipc.sysvipc_info ( Dv KERN_SYSVIPC_INFO ) |
Return System V style IPC configuration and run-time information. |
Return System V style IPC configuration and run-time information. |
The fourth level name selects the System V style IPC facility. |
The fourth level name selects the System V style IPC facility. |
.Bl -column "KERN_SYSVIPC_MSG_INFO" "struct shm_sysctl_info" -offset indent |
.Bl -column "KERN_SYSVIPC_MSG_INFO" "struct shm_sysctl_info" -offset indent |
.It Sy Fourth level name Type |
.It Sy Fourth level name Ta Sy Type |
.It KERN_SYSVIPC_MSG_INFO struct msg_sysctl_info |
.It KERN_SYSVIPC_MSG_INFO struct msg_sysctl_info |
.It KERN_SYSVIPC_SEM_INFO struct sem_sysctl_info |
.It KERN_SYSVIPC_SEM_INFO struct sem_sysctl_info |
.It KERN_SYSVIPC_SHM_INFO struct shm_sysctl_info |
.It KERN_SYSVIPC_SHM_INFO struct shm_sysctl_info |
.El |
.El |
.Pp |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li KERN_SYSVIPC_MSG_INFO |
.It Li KERN_SYSVIPC_MSG_INFO |
Return information on the System V style message facility. |
Return information on the System V style message facility. |
|
|
structure is defined in |
structure is defined in |
.In sys/shm.h . |
.In sys/shm.h . |
.El |
.El |
.It Li kern.ipc.shmmax ( KERN_SYSVIPC_SHMMAX ) |
.It Li kern.ipc.shmmax ( Dv KERN_SYSVIPC_SHMMAX ) |
Max shared memory segment size in bytes. |
Max shared memory segment size in bytes. |
.It Li kern.ipc.shmmni ( KERN_SYSVIPC_SHMMNI ) |
.It Li kern.ipc.shmmni ( Dv KERN_SYSVIPC_SHMMNI ) |
Max number of shared memory identifiers. |
Max number of shared memory identifiers. |
.It Li kern.ipc.shmseg ( KERN_SYSVIPC_SHMSEG ) |
.It Li kern.ipc.shmseg ( Dv KERN_SYSVIPC_SHMSEG ) |
Max shared memory segments per process. |
Max shared memory segments per process. |
.It Li kern.ipc.shmmaxpgs ( KERN_SYSVIPC_SHMMAXPGS ) |
.It Li kern.ipc.shmmaxpgs ( Dv KERN_SYSVIPC_SHMMAXPGS ) |
Max amount of shared memory in pages. |
Max amount of shared memory in pages. |
.It Li kern.ipc.shm_use_phys ( KERN_SYSVIPC_SHMUSEPHYS ) |
.It Li kern.ipc.shm_use_phys ( Dv KERN_SYSVIPC_SHMUSEPHYS ) |
Locking of shared memory in physical memory. |
Locking of shared memory in physical memory. |
If 0, memory can be swapped |
If 0, memory can be swapped |
out, otherwise it will be locked in physical memory. |
out, otherwise it will be locked in physical memory. |
Line 699 Max number of number of semaphores in sy |
|
Line 676 Max number of number of semaphores in sy |
|
.It Li kern.ipc.semmnu |
.It Li kern.ipc.semmnu |
Max number of undo structures in system. |
Max number of undo structures in system. |
.El |
.El |
.It Li kern.job_control ( KERN_JOB_CONTROL ) |
.It Li kern.job_control ( Dv KERN_JOB_CONTROL ) |
Return 1 if job control is available on this system, otherwise\ 0. |
Return 1 if job control is available on this system, otherwise\ 0. |
.It Li kern.labeloffset ( KERN_LABELOFFSET ) |
.It Li kern.labeloffset ( Dv KERN_LABELOFFSET ) |
The offset within the sector specified by |
The offset within the sector specified by |
.Dv KERN_LABELSECTOR |
.Dv KERN_LABELSECTOR |
of the |
of the |
.Xr disklabel 5 . |
.Xr disklabel 5 . |
.It Li kern.labelsector ( KERN_LABELSECTOR ) |
.It Li kern.labelsector ( Dv KERN_LABELSECTOR ) |
The sector number containing the |
The sector number containing the |
.Xr disklabel 5 . |
.Xr disklabel 5 . |
.It Li kern.login_name_max ( KERN_LOGIN_NAME_MAX ) |
.It Li kern.login_name_max ( Dv KERN_LOGIN_NAME_MAX ) |
The size of the storage required for a login name, in bytes, |
The size of the storage required for a login name, in bytes, |
including the terminating NUL. |
including the terminating NUL. |
.It Li kern.logsigexit ( KERN_LOGSIGEXIT ) |
.It Li kern.logsigexit ( Dv KERN_LOGSIGEXIT ) |
If this flag is non-zero, the kernel will |
If this flag is non-zero, the kernel will |
.Xr log 9 |
.Xr log 9 |
all process exits due to signals which create a |
all process exits due to signals which create a |
.Xr core 5 |
.Xr core 5 |
file, and whether the coredump was created. |
file, and whether the coredump was created. |
.It Li kern.mapped_files ( KERN_MAPPED_FILES ) |
.It Li kern.mapped_files ( Dv KERN_MAPPED_FILES ) |
Returns 1 if the |
Returns 1 if the |
.St -p1003.1b-93 |
.St -p1003.1b-93 |
Memory Mapped Files Option is available on this system, |
Memory Mapped Files Option is available on this system, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.maxfiles ( KERN_MAXFILES ) |
.It Li kern.maxfiles ( Dv KERN_MAXFILES ) |
The maximum number of open files that may be open in the system. |
The maximum number of open files that may be open in the system. |
.It Li kern.maxpartitions ( KERN_MAXPARTITIONS ) |
.It Li kern.maxpartitions ( Dv KERN_MAXPARTITIONS ) |
The maximum number of partitions allowed per disk. |
The maximum number of partitions allowed per disk. |
.It Li kern.maxphys ( KERN_MAXPHYS ) |
.It Li kern.maxlwp |
|
The maximum number of Lightweight Processes (threads) the system allows |
|
per uid. |
|
.It Li kern.maxphys ( Dv KERN_MAXPHYS ) |
Maximum raw I/O transfer size. |
Maximum raw I/O transfer size. |
.It Li kern.maxproc ( KERN_MAXPROC ) |
.It Li kern.maxproc ( Dv KERN_MAXPROC ) |
The maximum number of simultaneous processes the system will allow. |
The maximum number of simultaneous processes the system will allow. |
.It Li kern.maxptys ( KERN_MAXPTYS ) |
.It Li kern.maxptys ( Dv KERN_MAXPTYS ) |
The maximum number of pseudo terminals. |
The maximum number of pseudo terminals. |
This value can be both raised and lowered, though it cannot |
This value can be both raised and lowered, though it cannot |
be set lower than number of currently used ptys. |
be set lower than number of currently used ptys. |
See also |
See also |
.Xr pty 4 . |
.Xr pty 4 . |
.It Li kern.maxvnodes ( KERN_MAXVNODES ) |
.It Li kern.maxvnodes ( Dv KERN_MAXVNODES ) |
The maximum number of vnodes available on the system. |
The maximum number of vnodes available on the system. |
This can only be raised. |
This can only be raised. |
.It Li kern.mbuf ( KERN_MBUF ) |
.It Li kern.mbuf ( Dv KERN_MBUF ) |
Return information about the mbuf control variables. |
Return information about the mbuf control variables. |
Mbufs are data structures which store network packets and other data |
Mbufs are data structures which store network packets and other data |
structures in the networking code, see |
structures in the networking code, see |
Line 749 The third level names for the mbuf varia |
|
Line 729 The third level names for the mbuf varia |
|
The changeable column shows whether a process with appropriate |
The changeable column shows whether a process with appropriate |
privilege may change the value. |
privilege may change the value. |
.Bl -column "kern.mbuf.nmbclusters" "integer" "Changeable" -offset indent |
.Bl -column "kern.mbuf.nmbclusters" "integer" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.\" XXX Changeable? really? |
.\" XXX Changeable? really? |
.It kern.mbuf.mblowat integer yes |
.It kern.mbuf.mblowat integer yes |
.It kern.mbuf.mclbytes integer yes |
.It kern.mbuf.mclbytes integer yes |
Line 760 privilege may change the value. |
|
Line 740 privilege may change the value. |
|
.Pp |
.Pp |
The variables are as follows: |
The variables are as follows: |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li kern.mbuf.mblowat ( MBUF_MBLOWAT ) |
.It Li kern.mbuf.mblowat ( Dv MBUF_MBLOWAT ) |
The mbuf low water mark. |
The mbuf low water mark. |
.It Li kern.mbuf.mclbytes ( MBUF_MCLBYTES ) |
.It Li kern.mbuf.mclbytes ( Dv MBUF_MCLBYTES ) |
The mbuf cluster size. |
The mbuf cluster size. |
.It Li kern.mbuf.mcllowat ( MBUF_MCLLOWAT ) |
.It Li kern.mbuf.mcllowat ( Dv MBUF_MCLLOWAT ) |
The mbuf cluster low water mark. |
The mbuf cluster low water mark. |
.It Li kern.mbuf.msize ( MBUF_MSIZE ) |
.It Li kern.mbuf.msize ( Dv MBUF_MSIZE ) |
The mbuf base size. |
The mbuf base size. |
.It Li kern.mbuf.nmbclusters ( MBUF_NMBCLUSTERS ) |
.It Li kern.mbuf.nmbclusters ( Dv MBUF_NMBCLUSTERS ) |
The limit on the number of mbuf clusters. |
The limit on the number of mbuf clusters. |
The variable can only be increased, and only increased on machines with |
The variable can only be increased, and only increased on machines with |
direct-mapped pool pages. |
direct-mapped pool pages. |
.El |
.El |
.It Li kern.memlock ( KERN_MEMLOCK ) |
.It Li kern.memlock ( Dv KERN_MEMLOCK ) |
Returns 1 if the |
Returns 1 if the |
.St -p1003.1b-93 |
.St -p1003.1b-93 |
Process Memory Locking Option is available on this system, |
Process Memory Locking Option is available on this system, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.memlock_range ( KERN_MEMLOCK_RANGE ) |
.It Li kern.memlock_range ( Dv KERN_MEMLOCK_RANGE ) |
Returns 1 if the |
Returns 1 if the |
.St -p1003.1b-93 |
.St -p1003.1b-93 |
Range Memory Locking Option is available on this system, |
Range Memory Locking Option is available on this system, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.memory_protection ( KERN_MEMORY_PROTECTION ) |
.It Li kern.memory_protection ( Dv KERN_MEMORY_PROTECTION ) |
Returns 1 if the |
Returns 1 if the |
.St -p1003.1b-93 |
.St -p1003.1b-93 |
Memory Protection Option is available on this system, |
Memory Protection Option is available on this system, |
otherwise\ 0. |
otherwise\ 0. |
|
.It Li kern.messages |
|
Kernel console message verbosity. |
|
See |
|
.Sy \<sys/reboot.h\> |
|
.Bl -column "verbosity" "setting" -offset indent |
|
.It Sy Verbosity Setting |
|
.It \ \ \ \ 0 Silent Sy AB_SILENT |
|
.It \ \ \ \ 1 Quiet Sy AB_QUIET |
|
.It \ \ \ \ 2 Normal Sy AB_NORMAL |
|
.It \ \ \ \ 3 Verbose Sy AB_VERBOSE |
|
.It \ \ \ \ 4 Debug Sy AB_DEBUG |
|
.El |
.It Li kern.module |
.It Li kern.module |
Settings related to kernel modules. |
Settings related to kernel modules. |
The third level names for the settings are described below. |
The third level names for the settings are described below. |
.Bl -column "kern.module.autoload" "integer" "Changeable" -offset indent |
.Bl -column "kern.module.autoload" "integer" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.module.autoload integer yes |
.It kern.module.autoload integer yes |
|
.It kern.module.autotime integer yes |
.It kern.module.verbose integer yes |
.It kern.module.verbose integer yes |
.El |
.El |
.Pp |
.Pp |
Line 804 A boolean that controls whether kernel m |
|
Line 797 A boolean that controls whether kernel m |
|
See |
See |
.Xr module 7 |
.Xr module 7 |
for additional details. |
for additional details. |
|
.It Li kern.module.autotime |
|
An integer that controls the delay before an attempt is made to |
|
automatically unload a module that was auto-loaded. |
|
Setting this value to zero disables the auto-unload function. |
.It Li kern.module.verbose |
.It Li kern.module.verbose |
A boolean that enables or disables verbose |
A boolean that enables or disables verbose |
debug messages related to kernel modules. |
debug messages related to kernel modules. |
.El |
.El |
.It Li kern.monotonic_clock ( KERN_MONOTONIC_CLOCK ) |
.It Li kern.monotonic_clock ( Dv KERN_MONOTONIC_CLOCK ) |
Returns the standard version the implementation of the |
Returns the standard version the implementation of the |
.St -p1003.1b-93 |
.St -p1003.1b-93 |
Monotonic Clock Option conforms to, |
Monotonic Clock Option conforms to, |
Line 822 This node is created dynamically when |
|
Line 819 This node is created dynamically when |
|
the corresponding kernel module is loaded. |
the corresponding kernel module is loaded. |
The third level names for the settings are described below. |
The third level names for the settings are described below. |
.Bl -column "kern.mqueue.mq_max_msgsize" "integer" "Changeable" -offset indent |
.Bl -column "kern.mqueue.mq_max_msgsize" "integer" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.mqueue.mq_open_max integer yes |
.It kern.mqueue.mq_open_max integer yes |
.It kern.mqueue.mq_prio_max integer yes |
.It kern.mqueue.mq_prio_max integer yes |
.It kern.mqueue.mq_max_msgsize integer yes |
.It kern.mqueue.mq_max_msgsize integer yes |
Line 843 The default maximum message count. |
|
Line 840 The default maximum message count. |
|
.It Li kern.mqueue.mq_max_maxmsg |
.It Li kern.mqueue.mq_max_maxmsg |
The maximum number of messages in a message queue. |
The maximum number of messages in a message queue. |
.El |
.El |
.It Li kern.msgbuf ( KERN_MSGBUF ) |
.It Li kern.msgbuf ( Dv KERN_MSGBUF ) |
The kernel message buffer, rotated so that the head of the circular kernel |
The kernel message buffer, rotated so that the head of the circular kernel |
message buffer is at the start of the returned data. |
message buffer is at the start of the returned data. |
The returned data may contain NUL bytes. |
The returned data may contain NUL bytes. |
.It Li kern.msgbufsize ( KERN_MSGBUFSIZE ) |
.It Li kern.msgbufsize ( Dv KERN_MSGBUFSIZE ) |
The maximum number of characters that the kernel message buffer can hold. |
The maximum number of characters that the kernel message buffer can hold. |
.It Li kern.ngroups ( KERN_NGROUPS ) |
.It Li kern.ngroups ( Dv KERN_NGROUPS ) |
The maximum number of supplemental groups. |
The maximum number of supplemental groups. |
.\" .It Li kern.no_sa_support |
.\" .It Li kern.no_sa_support |
.\" XXX: Undocumented. |
.\" XXX: Undocumented. |
.It Li kern.ntptime ( KERN_NTPTIME ) |
.It Li kern.ntptime ( Dv KERN_NTPTIME ) |
A |
A |
.Vt struct ntptimeval |
.Vt struct ntptimeval |
structure is returned. |
structure is returned. |
This structure contains data used by the |
This structure contains data used by the |
.Xr ntpd 8 |
.Xr ntpd 8 |
program. |
program. |
.It Li kern.osrelease ( KERN_OSRELEASE ) |
.It Li kern.osrelease ( Dv KERN_OSRELEASE ) |
The system release string. |
The system release string. |
.It Li kern.osrevision ( KERN_OSREV ) |
.It Li kern.osrevision ( Dv KERN_OSREV ) |
The system revision string. |
The system revision string. |
.It Li kern.ostype ( KERN_OSTYPE ) |
.It Li kern.ostype ( Dv KERN_OSTYPE ) |
The system type string. |
The system type string. |
.\".It Li kern.panic_now |
.\".It Li kern.panic_now |
.\" XXX: Undocumented. |
.\" XXX: Undocumented. |
.It Li kern.pipe ( KERN_PIPE ) |
.It Li kern.pipe ( Dv KERN_PIPE ) |
Pipe settings. |
Pipe settings. |
The third level names for the integer pipe settings is detailed below. |
The third level names for the integer pipe settings is detailed below. |
The changeable column shows whether a process with appropriate |
The changeable column shows whether a process with appropriate |
privilege may change the value. |
privilege may change the value. |
.Bl -column "kern.pipe.maxbigpipes" "integer" "Changeable" -offset indent |
.Bl -column "kern.pipe.maxbigpipes" "integer" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.pipe.kvasiz integer yes |
.It kern.pipe.kvasiz integer yes |
.It kern.pipe.maxbigpipes integer yes |
.It kern.pipe.maxbigpipes integer yes |
.It kern.pipe.maxkvasz integer yes |
.It kern.pipe.maxkvasz integer yes |
Line 884 privilege may change the value. |
|
Line 881 privilege may change the value. |
|
.Pp |
.Pp |
The variables are as follows: |
The variables are as follows: |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li kern.pipe.kvasiz ( KERN_PIPE_KVASIZ ) |
.It Li kern.pipe.kvasiz ( Dv KERN_PIPE_KVASIZ ) |
Amount of kernel memory consumed by pipe buffers. |
Amount of kernel memory consumed by pipe buffers. |
.It Li kern.pipe.maxbigpipes ( KERN_PIPE_MAXBIGPIPES ) |
.It Li kern.pipe.maxbigpipes ( Dv KERN_PIPE_MAXBIGPIPES ) |
Maximum number of |
Maximum number of |
.Dq big |
.Dq big |
pipes. |
pipes. |
.It Li kern.pipe.maxkvasz ( KERN_PIPE_MAXKVASZ ) |
.It Li kern.pipe.maxkvasz ( Dv KERN_PIPE_MAXKVASZ ) |
Maximum amount of kernel memory to be used for pipes. |
Maximum amount of kernel memory to be used for pipes. |
.It Li kern.pipe.limitkva ( KERN_PIPE_LIMITKVA ) |
.It Li kern.pipe.limitkva ( Dv KERN_PIPE_LIMITKVA ) |
Limit for direct transfers via page loan. |
Limit for direct transfers via page loan. |
.It Li kern.pipe.nbigpipes ( KERN_PIPE_NBIGPIPES ) |
.It Li kern.pipe.nbigpipes ( Dv KERN_PIPE_NBIGPIPES ) |
Number of |
Number of |
.Dq big |
.Dq big |
pipes. |
pipes. |
.El |
.El |
|
.It Li kern.pool |
|
Provides statistics about the |
|
.Xr pool 9 |
|
and |
|
.Xr pool_cache 9 |
|
subsystems. |
.\" XXX: Undocumented .It Li kern.posix ( ? ) |
.\" XXX: Undocumented .It Li kern.posix ( ? ) |
.\" This is a node in which the only variable is semmax. |
.\" This is a node in which the only variable is semmax. |
.It Li kern.posix1version ( KERN_POSIX1 ) |
.It Li kern.posix1version ( Dv KERN_POSIX1 ) |
The version of ISO/IEC 9945 |
The version of ISO/IEC 9945 |
.Pq St -p1003.1 |
.Pq St -p1003.1 |
with which the system attempts to comply. |
with which the system attempts to comply. |
Line 909 with which the system attempts to comply |
|
Line 912 with which the system attempts to comply |
|
The version of |
The version of |
.St -p1003.1 |
.St -p1003.1 |
and its Asynchronous I/O option to which the system attempts to conform. |
and its Asynchronous I/O option to which the system attempts to conform. |
.It Li kern.posix_barriers ( KERN_POSIX_BARRIERS ) |
.It Li kern.posix_barriers ( Dv KERN_POSIX_BARRIERS ) |
The version of |
The version of |
.St -p1003.1 |
.St -p1003.1 |
and its |
and its |
Barriers |
Barriers |
option to which the system attempts to conform, |
option to which the system attempts to conform, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.posix_reader_writer_locks ( KERN_POSIX_READER_WRITER_LOCKS ) |
.It Li kern.posix_reader_writer_locks ( Dv KERN_POSIX_READER_WRITER_LOCKS ) |
The version of |
The version of |
.St -p1003.1 |
.St -p1003.1 |
and its |
and its |
Line 925 option to which the system attempts to c |
|
Line 928 option to which the system attempts to c |
|
otherwise\ 0. |
otherwise\ 0. |
.\".It Li kern.posix_sched |
.\".It Li kern.posix_sched |
.\" XXX: Undocumented. |
.\" XXX: Undocumented. |
.It Li kern.posix_semaphores ( KERN_POSIX_SEMAPHORES ) |
.It Li kern.posix_semaphores ( Dv KERN_POSIX_SEMAPHORES ) |
The version of |
The version of |
.St -p1003.1 |
.St -p1003.1 |
and its |
and its |
Semaphores |
Semaphores |
option to which the system attempts to conform, |
option to which the system attempts to conform, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.posix_spin_locks ( KERN_POSIX_SPIN_LOCKS ) |
.It Li kern.posix_spin_locks ( Dv KERN_POSIX_SPIN_LOCKS ) |
The version of |
The version of |
.St -p1003.1 |
.St -p1003.1 |
and its |
and its |
Spin Locks |
Spin Locks |
option to which the system attempts to conform, |
option to which the system attempts to conform, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.posix_threads ( KERN_POSIX_THREADS ) |
.It Li kern.posix_threads ( Dv KERN_POSIX_THREADS ) |
The version of |
The version of |
.St -p1003.1 |
.St -p1003.1 |
and its |
and its |
Threads |
Threads |
option to which the system attempts to conform, |
option to which the system attempts to conform, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.posix_timers ( KERN_POSIX_TIMERS ) |
.It Li kern.posix_timers ( Dv KERN_POSIX_TIMERS ) |
The version of |
The version of |
.St -p1003.1 |
.St -p1003.1 |
and its |
and its |
Timers |
Timers |
option to which the system attempts to conform, |
option to which the system attempts to conform, |
otherwise\ 0. |
otherwise\ 0. |
.It Li kern.proc ( KERN_PROC ) |
.It Li kern.proc ( Dv KERN_PROC ) |
Return the entire process table, or a subset of it. |
Return the entire process table, or a subset of it. |
An array of |
An array of |
.Vt struct kinfo_proc |
.Vt struct kinfo_proc |
Line 961 structures is returned, |
|
Line 964 structures is returned, |
|
whose size depends on the current number of such objects in the system. |
whose size depends on the current number of such objects in the system. |
The third and fourth level numeric names are as follows: |
The third and fourth level numeric names are as follows: |
.Bl -column "KERN_PROC_SESSION" "Fourth level is:" -offset indent |
.Bl -column "KERN_PROC_SESSION" "Fourth level is:" -offset indent |
.It Sy Third level name Fourth level is: |
.It Sy Third level name Ta Sy Fourth level is: |
.It KERN_PROC_ALL None |
.It KERN_PROC_ALL None |
.It KERN_PROC_GID A group ID |
.It KERN_PROC_GID A group ID |
.It KERN_PROC_PID A process ID |
.It KERN_PROC_PID A process ID |
Line 972 The third and fourth level numeric names |
|
Line 975 The third and fourth level numeric names |
|
.It KERN_PROC_TTY A tty device |
.It KERN_PROC_TTY A tty device |
.It KERN_PROC_UID A user ID |
.It KERN_PROC_UID A user ID |
.El |
.El |
.It Li kern.proc2 ( KERN_PROC2 ) |
.It Li kern.proc2 ( Dv KERN_PROC2 ) |
As for |
As for |
.Dv KERN_PROC , |
.Dv KERN_PROC , |
but an array of |
but an array of |
Line 981 structures are returned. |
|
Line 984 structures are returned. |
|
The fifth level name is the size of the |
The fifth level name is the size of the |
.Vt struct kinfo_proc2 |
.Vt struct kinfo_proc2 |
and the sixth level name is the number of structures to return. |
and the sixth level name is the number of structures to return. |
.It Li kern.proc_args ( KERN_PROC_ARGS ) |
.It Li kern.proc_args ( Dv KERN_PROC_ARGS ) |
Return the argv or environment strings (or the number thereof) |
Return the argv or environment strings (or the number thereof) |
of a process. |
of a process. |
Multiple strings are returned separated by NUL characters. |
Multiple strings are returned separated by NUL characters. |
The third level name is the process ID. |
The third level name is the process ID. |
The fourth level name is as follows: |
The fourth level name is as follows: |
.Bl -column "KERN_PROG_NARGV" "The number of environ strings" -offset indent |
.Bl -column "KERN_PROG_PATHNAME" "The full pathname of the executable" -offset indent |
.It KERN_PROC_ARGV The argv strings |
.It Dv KERN_PROC_ARGV The argv strings |
.It KERN_PROC_ENV The environ strings |
.It Dv KERN_PROC_ENV The environ strings |
.It KERN_PROC_NARGV The number of argv strings |
.It Dv KERN_PROC_NARGV The number of argv strings |
.It KERN_PROC_NENV The number of environ strings |
.It Dv KERN_PROC_NENV The number of environ strings |
|
.It Dv KERN_PROC_PATHNAME The full pathname of the executable |
.El |
.El |
.It Li kern.profiling ( KERN_PROF ) |
.It Li kern.profiling ( Dv KERN_PROF ) |
Return profiling information about the kernel. |
Return profiling information about the kernel. |
If the kernel is not compiled for profiling, |
If the kernel is not compiled for profiling, |
attempts to retrieve any of the |
attempts to retrieve any of the |
Line 1005 is detailed below. |
|
Line 1009 is detailed below. |
|
The changeable column shows whether a process with appropriate |
The changeable column shows whether a process with appropriate |
privilege may change the value. |
privilege may change the value. |
.Bl -column "kern.profiling.gmonparam" "struct gmonparam" "Changeable" -offset indent |
.Bl -column "kern.profiling.gmonparam" "struct gmonparam" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.profiling.count u_short[\|] yes |
.It kern.profiling.count u_short[\|] yes |
.It kern.profiling.froms u_short[\|] yes |
.It kern.profiling.froms u_short[\|] yes |
.It kern.profiling.gmonparam struct gmonparam no |
.It kern.profiling.gmonparam struct gmonparam no |
Line 1015 privilege may change the value. |
|
Line 1019 privilege may change the value. |
|
.Pp |
.Pp |
The variables are as follows: |
The variables are as follows: |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li kern.profiling.count ( GPROF_COUNT ) |
.It Li kern.profiling.count ( Dv GPROF_COUNT ) |
Array of statistical program counter counts. |
Array of statistical program counter counts. |
.It Li kern.profiling.froms ( GPROF_FROMS ) |
.It Li kern.profiling.froms ( Dv GPROF_FROMS ) |
Array indexed by program counter of call-from points. |
Array indexed by program counter of call-from points. |
.It Li kern.profiling.gmonparams ( GPROF_GMONPARAM ) |
.It Li kern.profiling.gmonparams ( Dv GPROF_GMONPARAM ) |
Structure giving the sizes of the above arrays. |
Structure giving the sizes of the above arrays. |
.It Li kern.profiling.state ( GPROF_STATE ) |
.It Li kern.profiling.state ( Dv GPROF_STATE ) |
Profiling state. |
Profiling state. |
If set to |
If set to |
.Dv GMON_PROF_ON , |
.Dv GMON_PROF_ON , |
Line 1029 starts profiling. |
|
Line 1033 starts profiling. |
|
If set to |
If set to |
.Dv GMON_PROF_OFF , |
.Dv GMON_PROF_OFF , |
stops profiling. |
stops profiling. |
.It Li kern.profiling.tos ( GPROF_TOS ) |
.It Li kern.profiling.tos ( Dv GPROF_TOS ) |
Array of |
Array of |
.Vt struct tostruct |
.Vt struct tostruct |
describing destination of calls and their counts. |
describing destination of calls and their counts. |
.El |
.El |
.\" .It Li kern.pset |
.\" .It Li kern.pset |
.\" XXX: Undocumented. |
.\" XXX: Undocumented. |
.It Li kern.rawpartition ( KERN_RAWPARTITION ) |
.It Li kern.rawpartition ( Dv KERN_RAWPARTITION ) |
The raw partition of a disk (a == 0). |
The raw partition of a disk (a == 0). |
.It Li kern.root_device ( KERN_ROOT_DEVICE ) |
.It Li kern.root_device ( Dv KERN_ROOT_DEVICE ) |
The name of the root device (e.g., |
The name of the root device (e.g., |
.Dq wd0 ) . |
.Dq wd0 ) . |
.It Li kern.root_partition ( KERN_ROOT_PARTITION ) |
.It Li kern.root_partition ( Dv KERN_ROOT_PARTITION ) |
The root partition on the root device (a == 0). |
The root partition on the root device (a == 0). |
.It Li kern.rtc_offset ( KERN_RTC_OFFSET ) |
.It Li kern.rtc_offset ( Dv KERN_RTC_OFFSET ) |
Return the offset of real time clock from UTC in minutes. |
Return the offset of real time clock from UTC in minutes. |
.It Li kern.saved_ids ( KERN_SAVED_IDS ) |
.It Li kern.saved_ids ( Dv KERN_SAVED_IDS ) |
Returns 1 if saved set-group and saved set-user ID is available. |
Returns 1 if saved set-group and saved set-user ID is available. |
.It Li kern.sbmax ( KERN_SBMAX ) |
.It Li kern.sbmax ( Dv KERN_SBMAX ) |
Maximum socket buffer size. |
Maximum socket buffer size. |
.\" XXX units? |
.\" XXX units? |
.It Li kern.securelevel ( KERN_SECURELVL ) |
.It Li kern.securelevel ( Dv KERN_SECURELVL ) |
See |
See |
.Xr secmodel_securelevel 9 . |
.Xr secmodel_securelevel 9 . |
.\" .It Li kern.sched |
.It Li kern.sched ( dynamic ) |
.\" XXX: Undocumented. |
Influence the scheduling of LWPs, their priorisation and how they are |
.It Li kern.somaxkva ( KERN_SOMAXKVA ) |
distributed on and moved between CPUs. |
|
.Bl -column "kern.sched.balance_period" "integer" "Changeable" -offset indent |
|
.It Sy Third level name Sy Type Sy Changeable |
|
.It kern.sched.cacheht_time integer yes |
|
.It kern.sched.balance_period integer yes |
|
.It kern.sched.average_weight integer yes |
|
.It kern.sched.min_catch integer yes |
|
.It kern.sched.timesoftints integer yes |
|
.It kern.sched.kpreempt_pri integer yes |
|
.It kern.sched.upreempt_pri integer yes |
|
.It kern.sched.maxts integer yes |
|
.It kern.sched.mints integer yes |
|
.It kern.sched.name string no |
|
.It kern.sched.rtts integer no |
|
.It kern.sched.pri_min integer no |
|
.It kern.sched.pri_max integer no |
|
.El |
|
.Pp |
|
The variables are as follows: |
|
.Bl -tag -width "123456" |
|
.It Li kern.sched.cacheht_time ( dynamic ) |
|
Cache hotness time in which a LWP is kept on one particular CPU |
|
and not moved to another CPU. This reduces the overhead of flushing |
|
and reloading caches. |
|
Defaults to 3ms. |
|
Needs to be given in |
|
.Dq hz |
|
units, see |
|
.Xr mstohz 9 . |
|
.It Li kern.sched.balance_period ( dynamic ) |
|
Interval at which the CPU queues are checked for re-balancing. |
|
Defaults to 300ms. |
|
Needs to be given in |
|
.Dq hz |
|
units, see |
|
.Xr mstohz 9 . |
|
.It Li kern.sched.average_weight ( dynamic ) |
|
Can be used to influence how likely LWPs are to be migrated from |
|
one CPU's queue of LWPs that are ready to run to a different, idle CPU. |
|
The value gives the percentage for weighting the average count of |
|
migratable threads from the past against the current number of |
|
migratable threads. |
|
A small value gives more weight to the past, a larger values more weight |
|
on the current situation. |
|
Defaults to 50 and must be between 0 and 100. |
|
.It Li kern.sched.min_catch ( dynamic ) |
|
Minimum count of migratable (runable) threads for catching (stealing) |
|
from another CPU. |
|
Defaults to 1 but can be increased to decrease chance of thread |
|
migration between CPUs. |
|
.It Li kern.sched.timesoftints ( dynamic ) |
|
Enable tracking of CPU time for soft interrupts |
|
as part of a LWP's real execution time. |
|
Set to a non-zero value to enable, |
|
and see |
|
.Xr ps 1 |
|
for printing CPU times. |
|
.It Li kern.sched.kpreempt_pri ( dynamic ) |
|
Minimum priority to trigger kernel preemption. |
|
.It Li kern.sched.upreempt_pri ( dynamic ) |
|
Minimum priority to trigger user preemption. |
|
.It Li kern.sched.maxts ( dynamic ) |
|
Scheduler specific maximal time quantum (in milliseconds). |
|
Must be set to a value larger than |
|
.Dq mints |
|
and between 10 and |
|
.Dq hz |
|
as given by the |
|
.Dv kern.clockrate |
|
sysctl. |
|
Provided by the M2 scheduler. |
|
.It Li kern.sched.mints ( dynamic ) |
|
Scheduler specific minimal time quantum (in milliseconds). |
|
Must be set to a value smaller than |
|
.Dq maxts |
|
and between 1 and |
|
.Dq hz |
|
as given by the |
|
.Dq kern.clockrate |
|
sysctl. |
|
Provided by the M2 scheduler. |
|
.It Li kern.sched.name ( dynamic ) |
|
Scheduler name. |
|
Provided both by the M2 and the 4BSD scheduler. |
|
.It Li kern.sched.rtts ( dynamic ) |
|
Fixed scheduler specific round-robin time quantum in milliseconds. |
|
Provided both by the M2 and the 4BSD scheduler. |
|
.It Li kern.sched.pri_min ( dynamic ) |
|
Minimal POSIX real-time priority. |
|
See |
|
.Xr sched 3 . |
|
.It Li kern.sched.pri_max ( dynamic ) |
|
Maximal POSIX real-time priority. |
|
See |
|
.Xr sched 3 . |
|
.El |
|
.It Li kern.somaxkva ( Dv KERN_SOMAXKVA ) |
Maximum amount of kernel memory to be used for socket buffers. |
Maximum amount of kernel memory to be used for socket buffers. |
.\" XXX units? |
.\" XXX units? |
.It Li kern.synchronized_io ( KERN_SYNCHRONIZED_IO ) |
.It Li kern.synchronized_io ( Dv KERN_SYNCHRONIZED_IO ) |
Returns 1 if the |
Returns 1 if the |
.St -p1003.1b-93 |
.St -p1003.1b-93 |
Synchronized I/O Option is available on this system, |
Synchronized I/O Option is available on this system, |
|
|
.It Li kern.timecounter ( dynamic ) |
.It Li kern.timecounter ( dynamic ) |
Display and control the timecounter source of the system. |
Display and control the timecounter source of the system. |
.Bl -column "kern.timecounter.timestepwarnings" "integer" "Changeable" -offset indent |
.Bl -column "kern.timecounter.timestepwarnings" "integer" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.timecounter.choice string no |
.It kern.timecounter.choice string no |
.It kern.timecounter.hardware string yes |
.It kern.timecounter.hardware string yes |
.It kern.timecounter.timestepwarnings integer yes |
.It kern.timecounter.timestepwarnings integer yes |
Line 1081 The currently selected timecounter sourc |
|
Line 1181 The currently selected timecounter sourc |
|
.It Li kern.timecounter.timestepwarnings ( dynamic ) |
.It Li kern.timecounter.timestepwarnings ( dynamic ) |
If non-zero display a message each time the time is stepped. |
If non-zero display a message each time the time is stepped. |
.El |
.El |
.It Li kern.timex ( KERN_TIMEX ) |
.It Li kern.timex ( Dv KERN_TIMEX ) |
Not available. |
Not available. |
.It Li kern.tkstat ( KERN_TKSTAT ) |
.It Li kern.tkstat ( Dv KERN_TKSTAT ) |
Return information about the number of characters sent and received |
Return information about the number of characters sent and received |
on ttys. |
on ttys. |
The third level names for the tty statistic variables are detailed below. |
The third level names for the tty statistic variables are detailed below. |
The changeable column shows whether a process |
The changeable column shows whether a process |
with appropriate privilege may change the value. |
with appropriate privilege may change the value. |
.Bl -column "kern.tkstat.cancc" "quad" "Changeable" -offset indent |
.Bl -column "kern.tkstat.cancc" "quad" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.tkstat.cancc quad no |
.It kern.tkstat.cancc quad no |
.It kern.tkstat.nin quad no |
.It kern.tkstat.nin quad no |
.It kern.tkstat.nout quad no |
.It kern.tkstat.nout quad no |
Line 1099 with appropriate privilege may change th |
|
Line 1199 with appropriate privilege may change th |
|
.Pp |
.Pp |
The variables are as follows: |
The variables are as follows: |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li kern.tkstat.cancc ( KERN_TKSTAT_CANCC ) |
.It Li kern.tkstat.cancc ( Dv KERN_TKSTAT_CANCC ) |
The number of canonical input characters. |
The number of canonical input characters. |
.It Li kern.tkstat.nin ( KERN_TKSTAT_NIN ) |
.It Li kern.tkstat.nin ( Dv KERN_TKSTAT_NIN ) |
The total number of input characters. |
The total number of input characters. |
.It Li kern.tkstat.nout ( KERN_TKSTAT_NOUT ) |
.It Li kern.tkstat.nout ( Dv KERN_TKSTAT_NOUT ) |
The total number of output characters. |
The total number of output characters. |
.It Li kern.tkstat.rawcc ( KERN_TKSTAT_RAWCC ) |
.It Li kern.tkstat.rawcc ( Dv KERN_TKSTAT_RAWCC ) |
The number of raw input characters. |
The number of raw input characters. |
.El |
.El |
.It Li kern.urandom ( KERN_URND ) |
.It Li kern.tty |
|
The third level names for the tty setup variables are detailed below. |
|
The changeable column shows whether a process |
|
with appropriate privilege may change the value. |
|
.Bl -column "kern.tty.qsize" "int" "Changeable" -offset indent |
|
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
|
.It kern.tty.qsize int yes |
|
.El |
|
.Pp |
|
The variables are as follows: |
|
.Bl -tag -width "123456" |
|
.It Li kern.tty.qsize |
|
Control/display the size of the default input and output queues selected |
|
during tty creation. |
|
Is converted to a power of two and its range is between |
|
.Dv 1024 |
|
and |
|
.Dv 65536 . |
|
.El |
|
.It Li kern.uidinfo |
|
Resource usage for the current user. |
|
.Bl -column "kern.uidinfo.proccnt" "integer" "Changeable" -offset indent |
|
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
|
.It kern.uidinfo.proccnt integer no |
|
.It kern.uidinfo.lwpcnt integer no |
|
.It kern.uidinfo.lockcnt integer no |
|
.It kern.uidinfo.sbsize integer no |
|
.El |
|
.Bl -tag -width "123456" |
|
.It Li kern.uidinfo.proccnt |
|
Returns the number of active processes for the current user. |
|
.It Li kern.uidinfo.lwpcnt |
|
Returns the number of active threads for the current user; the first thread |
|
of each process is not counted. |
|
.It Li kern.uidinfo.lockcnt |
|
Number of locks held by the current user. |
|
.It Li kern.uidinfo.sbsize |
|
Number of bytes in socket buffers allocated to the current user. |
|
.El |
|
.It Li kern.urandom ( Dv KERN_URND ) |
Random integer value. |
Random integer value. |
.It Li kern.usercrypto |
.It Li kern.usercrypto |
When enabled, allows userland to |
When enabled, allows userland to |
|
|
Runtime information for |
Runtime information for |
.Xr veriexec 8 . |
.Xr veriexec 8 . |
.Bl -column "kern.veriexec.algorithms" "integer" "Changeable" -offset indent |
.Bl -column "kern.veriexec.algorithms" "integer" "Changeable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It kern.veriexec.algorithms string no |
.It kern.veriexec.algorithms string no |
.It kern.veriexec.count node not applicable |
.It kern.veriexec.count node not applicable |
.It kern.veriexec.strict integer yes |
.It kern.veriexec.strict integer yes |
Line 1145 point, the file system type, and the num |
|
Line 1284 point, the file system type, and the num |
|
.It Li kern.veriexec.strict |
.It Li kern.veriexec.strict |
Controls the strict level of Veriexec. |
Controls the strict level of Veriexec. |
See |
See |
.Xr security 8 |
.Xr security 7 |
for more information on each level's implications. |
for more information on each level's implications. |
.It Li kern.veriexec.verbose |
.It Li kern.veriexec.verbose |
Controls the verbosity level of Veriexec. |
Controls the verbosity level of Veriexec. |
Line 1157 If 1, more messages will be printed (ie. |
|
Line 1296 If 1, more messages will be printed (ie. |
|
fingerprint is accessed). |
fingerprint is accessed). |
Verbose level 2 is debug mode. |
Verbose level 2 is debug mode. |
.El |
.El |
.It Li kern.version ( KERN_VERSION ) |
.It Li kern.version ( Dv KERN_VERSION ) |
The system version string. |
The system version string. |
.It Li kern.vnode ( KERN_VNODE ) |
.It Li kern.vnode ( Dv KERN_VNODE ) |
Return the entire vnode table. |
Return the entire vnode table. |
Note, the vnode table is not necessarily a consistent snapshot of |
Note, the vnode table is not necessarily a consistent snapshot of |
the system. |
the system. |
Line 1175 followed by the vnode itself |
|
Line 1314 followed by the vnode itself |
|
The set of variables defined is architecture dependent. |
The set of variables defined is architecture dependent. |
Most architectures define at least the following variables. |
Most architectures define at least the following variables. |
.Bl -column "machdep.booted_kernel" "Type" "Changeable" -offset indent |
.Bl -column "machdep.booted_kernel" "Type" "Changeable" -offset indent |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It Li machdep.booted_kernel string no |
.It Li machdep.booted_kernel string no |
.El |
.El |
.\" XXX: Document the above. |
.\" XXX: Document the above. |
Line 1188 privilege may change the value. |
|
Line 1327 privilege may change the value. |
|
The second and third levels are typically the protocol family and |
The second and third levels are typically the protocol family and |
protocol number, though this is not always the case. |
protocol number, though this is not always the case. |
.Bl -column "Second level name" "IPsec key management values" "Changeable" -offset indent |
.Bl -column "Second level name" "IPsec key management values" "Changeable" -offset indent |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It net.route routing messages no |
.It net.route routing messages no |
.It net.inet IPv4 values yes |
.It net.inet IPv4 values yes |
.It net.inet6 IPv6 values yes |
.It net.inet6 IPv6 values yes |
.It net.key IPsec key management values yes |
.It net.key IPsec key management values yes |
.El |
.El |
.Pp |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li net.route ( PF_ROUTE ) |
.It Li net.route ( Dv PF_ROUTE ) |
.\" XXX really? |
.\" XXX really? |
Return the entire routing table or a subset of it. |
Return the entire routing table or a subset of it. |
The data is returned as a sequence of routing messages (see |
The data is returned as a sequence of routing messages (see |
Line 1209 The fourth level name is an address fami |
|
Line 1347 The fourth level name is an address fami |
|
select all address families. |
select all address families. |
The fifth and sixth level names are as follows: |
The fifth and sixth level names are as follows: |
.Bl -column "Fifth level name" "Sixth level is:" -offset indent |
.Bl -column "Fifth level name" "Sixth level is:" -offset indent |
.It Sy Fifth level name Sixth level is: |
.It Sy Fifth level name Ta Sy Sixth level is: |
.It NET_RT_FLAGS rtflags |
.It NET_RT_FLAGS rtflags |
.It NET_RT_DUMP None |
.It NET_RT_DUMP None |
.It NET_RT_IFLIST None |
.It NET_RT_IFLIST None |
.El |
.El |
.It Li net.inet ( PF_INET ) |
.It Li net.inet ( Dv PF_INET ) |
Get or set various global information about the IPv4 |
Get or set various global information about the IPv4 |
.Pq Internet Protocol version 4 . |
.Pq Internet Protocol version 4 . |
The third level name is the protocol. |
The third level name is the protocol. |
The fourth level name is the variable name. |
The fourth level name is the variable name. |
The currently defined protocols and names are: |
The currently defined protocols and names are: |
.Bl -column "Protocol name" "sack.globalmaxholes" "integer" "Changeable" -offset 4n |
.Bl -column "Protocol" "anonportalgo.available" "integer" "Changeable" -offset indent |
.It Sy Protocol name Variable name Type Changeable |
.It Sy Protocol Variable Ta Sy Type Ta Sy Changeable |
.It arp down integer yes |
.It arp down integer yes |
.It arp keep integer yes |
.It arp keep integer yes |
.It arp prune integer yes |
.It arp log_movements integer yes |
.It arp refresh integer yes |
.It arp log_permanent_modify integer yes |
|
.It arp log_unknown_network integer yes |
|
.It arp log_wrong_iface integer yes |
.It carp allow integer yes |
.It carp allow integer yes |
.It carp preempt integer yes |
.It carp preempt integer yes |
.It carp log integer yes |
.It carp log integer yes |
Line 1236 The currently defined protocols and name |
|
Line 1376 The currently defined protocols and name |
|
.It icmp redirtimeout integer yes |
.It icmp redirtimeout integer yes |
.It icmp bmcastecho integer yes |
.It icmp bmcastecho integer yes |
.It ip allowsrcrt integer yes |
.It ip allowsrcrt integer yes |
|
.It ip anonportalgo.selected string yes |
|
.It ip anonportalgo.available string yes |
|
.It ip anonportalgo.reserve struct yes |
.It ip anonportmax integer yes |
.It ip anonportmax integer yes |
.It ip anonportmin integer yes |
.It ip anonportmin integer yes |
.It ip checkinterface integer yes |
.It ip checkinterface integer yes |
|
.It ip dad_count integer yes |
.It ip directed-broadcast integer yes |
.It ip directed-broadcast integer yes |
.It ip do_loopback_cksum integer yes |
.It ip do_loopback_cksum integer yes |
.It ip forwarding integer yes |
.It ip forwarding integer yes |
Line 1304 The variables are as follows: |
|
Line 1448 The variables are as follows: |
|
Failed ARP entry lifetime. |
Failed ARP entry lifetime. |
.It Li arp.keep |
.It Li arp.keep |
Valid ARP entry lifetime. |
Valid ARP entry lifetime. |
.It Li arp.prune |
|
ARP cache pruning interval. |
|
.It Li arp.refresh |
|
ARP entry refresh interval. |
|
.It Li carp.allow |
.It Li carp.allow |
If set to 0, incoming |
If set to 0, incoming |
.Xr carp 4 |
.Xr carp 4 |
Line 1338 believes it can send advertisements more |
|
Line 1478 believes it can send advertisements more |
|
Disabled by default. |
Disabled by default. |
.It Li ip.allowsrcrt |
.It Li ip.allowsrcrt |
If set to 1, the host accepts source routed packets. |
If set to 1, the host accepts source routed packets. |
|
.It Li ip.anonportalgo.available |
|
The available RFC 6056 port randomization algorithms. |
|
.It Li ip.anonportalgo.reserve |
|
A bitmask of ports that will not be used during anonymous or privileged |
|
port selection. |
|
.It Li ip.anonportalgo.selected |
|
The currently selected RFC 6056 port randomization algorithm. |
.It Li ip.anonportmax |
.It Li ip.anonportmax |
The highest port number to use for TCP and UDP ephemeral port allocation. |
The highest port number to use for TCP and UDP ephemeral port allocation. |
This cannot be set to less than 1024 or greater than 65535, and must |
This cannot be set to less than 1024 or greater than 65535, and must |
Line 1353 Currently, this must be disabled if ipna |
|
Line 1500 Currently, this must be disabled if ipna |
|
destination address to another local interface, or if addresses |
destination address to another local interface, or if addresses |
are added to the loopback interface instead of the interface where |
are added to the loopback interface instead of the interface where |
the packets for those packets are received. |
the packets for those packets are received. |
|
.It Li ip.dad_count |
|
The number of |
|
.Xr arp 4 |
|
probes sent for Address Conflict Detection. |
|
Set to 0 to disable this. |
.It Li ip.directed-broadcast |
.It Li ip.directed-broadcast |
If set to 1, enables directed broadcast behavior for the host. |
If set to 1, enables directed broadcast behavior for the host. |
.It Li ip.do_loopback_cksum |
.It Li ip.do_loopback_cksum |
Line 1475 Number of ticks to delay sending an ACK. |
|
Line 1627 Number of ticks to delay sending an ACK. |
|
Perform TCP checksum on loopback. |
Perform TCP checksum on loopback. |
.It Li tcp.init_win |
.It Li tcp.init_win |
A value indicating the TCP initial congestion window. |
A value indicating the TCP initial congestion window. |
If this value is 0, an auto-tuning algorithm designed to use an initial |
The valid range |
window of approximately 4K bytes is in use. |
is 0 to 10 (maximum specified by RFC6928), |
Otherwise, this value indicates a fixed number of packets. |
with a default of 4 (approximately 4K per RFC3390). |
.It Li tcp.init_win_local |
.It Li tcp.init_win_local |
Like |
Like |
.Li tcp.init_win , |
.Li tcp.init_win , |
Line 1574 It has no effect unless tcp.abc.enable i |
|
Line 1726 It has no effect unless tcp.abc.enable i |
|
If set to 1, UDP checksums are being computed. |
If set to 1, UDP checksums are being computed. |
Received non-zero UDP checksums are always checked. |
Received non-zero UDP checksums are always checked. |
Disabling UDP checksums is strongly discouraged. |
Disabling UDP checksums is strongly discouraged. |
.It Li udp.sendspace |
|
The default UDP send buffer size. |
|
.It Li udp.recvspace |
.It Li udp.recvspace |
The default UDP receive buffer size. |
The default UDP receive buffer size. |
|
.It Li udp.sendspace |
|
The default UDP send buffer size. |
.El |
.El |
.Pp |
.Pp |
For variables net.*.ipsec, please refer to |
For variables net.*.ipsec, please refer to |
.Xr ipsec 4 . |
.Xr ipsec 4 . |
.It Li net.inet6 ( PF_INET6 ) |
.It Li net.inet6 ( Dv PF_INET6 ) |
Get or set various global information about the IPv6 |
Get or set various global information about the IPv6 |
.Pq Internet Protocol version 6 . |
.Pq Internet Protocol version 6 . |
The third level name is the protocol. |
The third level name is the protocol. |
The fourth level name is the variable name. |
The fourth level name is the variable name. |
The currently defined protocols and names are: |
The currently defined protocols and names are: |
.Bl -column "Protocol name" "do_loopback_cksum" "integer" "Changeable" -offset indent |
.Bl -column "Protocol" "anonportalgo.available" "integer" "Changeable" -offset indent |
.It Sy Protocol name Variable name Type Changeable |
.It Sy Protocol Variable Ta Sy Type Ta Sy Changeable |
.It icmp6 errppslimit integer yes |
.It icmp6 errppslimit integer yes |
.It icmp6 mtudisc_hiwat integer yes |
.It icmp6 mtudisc_hiwat integer yes |
.It icmp6 mtudisc_lowat integer yes |
.It icmp6 mtudisc_lowat integer yes |
Line 1604 The currently defined protocols and name |
|
Line 1756 The currently defined protocols and name |
|
.It icmp6 rediraccept integer yes |
.It icmp6 rediraccept integer yes |
.It icmp6 redirtimeout integer yes |
.It icmp6 redirtimeout integer yes |
.It ip6 accept_rtadv integer yes |
.It ip6 accept_rtadv integer yes |
|
.It ip6 addctlpolicy struct in6_addrpolicy no |
|
.It ip6 anonportalgo.selected string yes |
|
.It ip6 anonportalgo.available string yes |
|
.It ip6 anonportalgo.reserve struct yes |
.It ip6 anonportmax integer yes |
.It ip6 anonportmax integer yes |
.It ip6 anonportmin integer yes |
.It ip6 anonportmin integer yes |
.It ip6 auto_flowlabel integer yes |
.It ip6 auto_flowlabel integer yes |
Line 1619 The currently defined protocols and name |
|
Line 1775 The currently defined protocols and name |
|
.It ip6 log_interval integer yes |
.It ip6 log_interval integer yes |
.It ip6 lowportmax integer yes |
.It ip6 lowportmax integer yes |
.It ip6 lowportmin integer yes |
.It ip6 lowportmin integer yes |
|
.It ip6 maxdynroutes integer yes |
|
.It ip6 maxifprefixes integer yes |
|
.It ip6 maxifdefrouters integer yes |
.It ip6 maxflows integer yes |
.It ip6 maxflows integer yes |
.It ip6 maxfragpackets integer yes |
.It ip6 maxfragpackets integer yes |
.It ip6 maxfrags integer yes |
.It ip6 maxfrags integer yes |
|
.It ip6 neighborgcthresh integer yes |
.It ip6 redirect integer yes |
.It ip6 redirect integer yes |
.It ip6 rr_prune integer yes |
.It ip6 rr_prune integer yes |
.It ip6 use_deprecated integer yes |
.It ip6 use_deprecated integer yes |
Line 1639 and autoconfigures address prefixes and |
|
Line 1799 and autoconfigures address prefixes and |
|
The node must be a host |
The node must be a host |
.Pq not a router |
.Pq not a router |
for the option to be meaningful. |
for the option to be meaningful. |
|
.It Li ip6.anonportalgo.available |
|
The available RFC 6056 port randomization algorithms. |
|
.It Li ip6.anonportalgo.reserve |
|
A bitmask of ports that will not be used during anonymous or privileged |
|
port selection. |
|
.It Li ip6.anonportalgo.selected |
|
The currently selected RFC 6056 port randomization algorithm. |
.It Li ip6.anonportmax |
.It Li ip6.anonportmax |
The highest port number to use for TCP and UDP ephemeral port allocation. |
The highest port number to use for TCP and UDP ephemeral port allocation. |
This cannot be set to less than 1024 or greater than 65535, and must |
This cannot be set to less than 1024 or greater than 65535, and must |
Line 1716 The lowest port number to use for TCP an |
|
Line 1883 The lowest port number to use for TCP an |
|
This cannot be set to less than 0 or greater than 1024, and must |
This cannot be set to less than 0 or greater than 1024, and must |
be smaller than |
be smaller than |
.Li ip6.lowportmax . |
.Li ip6.lowportmax . |
|
.It Li ip6.maxdynroutes |
|
Maximum number of routes created by redirect. |
|
Set it to negative to disable. |
|
The default value is 4096. |
|
.It Li ip6.maxifprefixes |
|
Maximum number of prefixes created by route advertisements per interface. |
|
Set it to negative to disable. |
|
The default value is 16. |
|
.It Li ip6.maxifdefrouters 16 |
|
Maximum number of default routers created by route advertisements per interface. |
|
Set it to negative to disable. |
|
The default value is 16. |
.It Li ip6.maxflows |
.It Li ip6.maxflows |
IPv6 Fast Forwarding is enabled by default. |
IPv6 Fast Forwarding is enabled by default. |
If set to 0, IPv6 Fast Forwarding is disabled. |
If set to 0, IPv6 Fast Forwarding is disabled. |
Line 1732 The maximum number of fragments the node |
|
Line 1911 The maximum number of fragments the node |
|
0 means that the node will not accept any fragments. |
0 means that the node will not accept any fragments. |
\-1 means that the node will accept as many fragments as it receives. |
\-1 means that the node will accept as many fragments as it receives. |
The flag is provided basically for avoiding possible DoS attacks. |
The flag is provided basically for avoiding possible DoS attacks. |
|
.It Li ip6.neighborgcthresh |
|
Maximum number of entries in neighbor cache per interface. |
|
Set to negative to disable. |
|
The default value is 2048. |
.It Li ip6.redirect |
.It Li ip6.redirect |
If set to 1, ICMPv6 redirects may be sent by the node. |
If set to 1, ICMPv6 redirects may be sent by the node. |
This option is ignored unless the node is routing IP packets, |
This option is ignored unless the node is routing IP packets, |
Line 1850 Please refer to |
|
Line 2033 Please refer to |
|
section above. |
section above. |
For variables net.*.ipsec6, please refer to |
For variables net.*.ipsec6, please refer to |
.Xr ipsec 4 . |
.Xr ipsec 4 . |
.It Li net.key ( PF_KEY ) |
.It Li net.key ( Dv PF_KEY ) |
Get or set various global information about the IPsec key management. |
Get or set various global information about the IPsec key management. |
The third level name is the variable name. |
The third level name is the variable name. |
The currently defined variable and names are: |
The currently defined variable and names are: |
.Bl -column "blockacq_lifetime" "integer" "Changeable" -offset indent |
.Bl -column "blockacq_lifetime" "integer" "Changeable" -offset indent |
.It Sy Variable name Type Changeable |
.It Sy Variable Type Ta Sy Changeable |
.It debug integer yes |
.It debug integer yes |
|
.It enabled integer yes |
|
.It used integer no |
.It spi_try integer yes |
.It spi_try integer yes |
.It spi_min_value integer yes |
.It spi_min_value integer yes |
.It spi_max_value integer yes |
.It spi_max_value integer yes |
Line 1874 The variables are as follows: |
|
Line 2059 The variables are as follows: |
|
Turn on debugging message from within the kernel. |
Turn on debugging message from within the kernel. |
The value is a bitmap, as defined in |
The value is a bitmap, as defined in |
.In netkey/key_debug.h . |
.In netkey/key_debug.h . |
|
.It Li enabled |
|
Control processing of IPsec control messages. |
|
.Bl -tag -width indent |
|
.It 0 |
|
Never allow IPsec processing |
|
.It 1 |
|
Allow IPsec processing when SPD policies are present. |
|
.It 2 |
|
Force IPsec processing even when SPD policies are not present. |
|
.El |
|
.It Li used |
|
Based on if IPsec is enabled, and SPD rule existance, show if |
|
IPsec is being used. |
|
Note that currenly once IPsec is being used, it cannot be disabled. |
.It Li spi_try |
.It Li spi_try |
The number of times the kernel will try to obtain an unique SPI |
The number of times the kernel will try to obtain an unique SPI |
when it generates it from random number generator. |
when it generates it from random number generator. |
Line 1919 value of PROC_PID_CORENAME is reset to t |
|
Line 2118 value of PROC_PID_CORENAME is reset to t |
|
The second level name is either the magic value PROC_CURPROC, which |
The second level name is either the magic value PROC_CURPROC, which |
points to the current process, or the PID of the target process. |
points to the current process, or the PID of the target process. |
.Bl -column "proc.pid.corename" "string" "not applicable" -offset indent |
.Bl -column "proc.pid.corename" "string" "not applicable" -offset indent |
.It Sy Third level name Type Changeable |
.It Sy Third level name Ta Sy Type Ta Sy Changeable |
.It proc.pid.corename string yes |
.It proc.pid.corename string yes |
.It proc.pid.rlimit node not applicable |
.It proc.pid.rlimit node not applicable |
.It proc.pid.stopfork int yes |
.It proc.pid.stopfork int yes |
Line 1927 points to the current process, or the PI |
|
Line 2126 points to the current process, or the PI |
|
.It proc.pid.stopexit int yes |
.It proc.pid.stopexit int yes |
.El |
.El |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li proc.pid.corename ( PROC_PID_CORENAME ) |
.It Li proc.pid.corename ( Dv PROC_PID_CORENAME ) |
The template used for the core dump file name (see |
The template used for the core dump file name (see |
.Xr core 5 |
.Xr core 5 |
for details). |
for details). |
Line 1938 or end with the suffix |
|
Line 2137 or end with the suffix |
|
(the super-user may set arbitrary names). |
(the super-user may set arbitrary names). |
By default it points to |
By default it points to |
.Dv KERN_DEFCORENAME . |
.Dv KERN_DEFCORENAME . |
.It Li proc.pid.rlimit ( PROC_PID_LIMIT ) |
.It Li proc.pid.rlimit ( Dv PROC_PID_LIMIT ) |
Return resources limits, as defined for the |
Return resources limits, as defined for the |
.Xr getrlimit 2 |
.Xr getrlimit 2 |
and |
and |
|
|
system calls. |
system calls. |
The fourth level name is one of: |
The fourth level name is one of: |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li proc.pid.rlimit.cputime ( PROC_PID_LIMIT_CPU ) |
.It Li proc.pid.rlimit.cputime ( Dv PROC_PID_LIMIT_CPU ) |
The maximum amount of CPU time (in seconds) to be used by each process. |
The maximum amount of CPU time (in seconds) to be used by each process. |
.It Li proc.pid.rlimit.filesize ( PROC_PID_LIMIT_FSIZE ) |
.It Li proc.pid.rlimit.filesize ( Dv PROC_PID_LIMIT_FSIZE ) |
The largest size (in bytes) file that may be created. |
The largest size (in bytes) file that may be created. |
.It Li proc.pid.rlimit.datasize ( PROC_PID_LIMIT_DATA ) |
.It Li proc.pid.rlimit.datasize ( Dv PROC_PID_LIMIT_DATA ) |
The maximum size (in bytes) of the data segment for a process; |
The maximum size (in bytes) of the data segment for a process; |
this defines how far a program may extend its break with the |
this defines how far a program may extend its break with the |
.Xr sbrk 2 |
.Xr sbrk 2 |
system call. |
system call. |
.It Li proc.pid.rlimit.stacksize ( PROC_PID_LIMIT_STACK ) |
.It Li proc.pid.rlimit.stacksize ( Dv PROC_PID_LIMIT_STACK ) |
The maximum size (in bytes) of the stack segment for a process; |
The maximum size (in bytes) of the stack segment for a process; |
this defines how far a program's stack segment may be extended. |
this defines how far a program's stack segment may be extended. |
Stack extension is performed automatically by the system. |
Stack extension is performed automatically by the system. |
.It Li proc.pid.rlimit.coredumpsize ( PROC_PID_LIMIT_CORE ) |
.It Li proc.pid.rlimit.coredumpsize ( Dv PROC_PID_LIMIT_CORE ) |
The largest size (in bytes) |
The largest size (in bytes) |
.Pa core |
.Pa core |
file that may be created. |
file that may be created. |
.It Li proc.pid.rlimit.memoryuse ( PROC_PID_LIMIT_RSS ) |
.It Li proc.pid.rlimit.memoryuse ( Dv PROC_PID_LIMIT_RSS ) |
The maximum size (in bytes) to which a process's resident set size may |
The maximum size (in bytes) to which a process's resident set size may |
grow. |
grow. |
This imposes a limit on the amount of physical memory to be given to |
This imposes a limit on the amount of physical memory to be given to |
a process; if memory is tight, the system will prefer to take memory |
a process; if memory is tight, the system will prefer to take memory |
from processes that are exceeding their declared resident set size. |
from processes that are exceeding their declared resident set size. |
.It Li proc.pid.rlimit.memorylocked ( PROC_PID_LIMIT_MEMLOCK ) |
.It Li proc.pid.rlimit.memorylocked ( Dv PROC_PID_LIMIT_MEMLOCK ) |
The maximum size (in bytes) which a process may lock into memory |
The maximum size (in bytes) which a process may lock into memory |
using the |
using the |
.Xr mlock 2 |
.Xr mlock 2 |
function. |
function. |
.It Li proc.pid.rlimit.maxproc ( PROC_PID_LIMIT_NPROC ) |
.It Li proc.pid.rlimit.maxproc ( Dv PROC_PID_LIMIT_NPROC ) |
The maximum number of simultaneous processes for this user id. |
The maximum number of simultaneous processes for this user id. |
.It Li proc.pid.rlimit.descriptors ( PROC_PID_LIMIT_NOFILE ) |
.It Li proc.pid.rlimit.descriptors ( Dv PROC_PID_LIMIT_NOFILE ) |
The maximum number of open files for this process. |
The maximum number of open files for this process. |
.It Li proc.pid.rlimit.sbsize ( PROC_PID_LIMIT_SBSIZE ) |
.It Li proc.pid.rlimit.sbsize ( Dv PROC_PID_LIMIT_SBSIZE ) |
The maximum size (in bytes) of the socket buffers |
The maximum size (in bytes) of the socket buffers |
set by the |
set by the |
.Xr setsockopt 2 |
.Xr setsockopt 2 |
|
|
and |
and |
.Dv SO_SNDBUF |
.Dv SO_SNDBUF |
options. |
options. |
|
.It Li proc.pid.rlimit.vmemoryuse ( Dv PROC_PID_LIMIT_AS ) |
|
The maximum size (in bytes) which a process can obtain. |
|
.It Li proc.pid.rlimit.maxlwp ( Dv PROC_PID_LIMIT_NTHR ) |
|
The maximum number of threads that cen be created and running at one time in |
|
the process. |
|
The first thread of each process is not counted against this. |
.El |
.El |
.Pp |
.Pp |
The fifth level name is one of |
The fifth level name is one of |
.Li soft ( PROC_PID_LIMIT_TYPE_SOFT ) |
.Li soft ( Dv PROC_PID_LIMIT_TYPE_SOFT ) |
or |
or |
.Li hard ( PROC_PID_LIMIT_TYPE_HARD ) , |
.Li hard ( Dv PROC_PID_LIMIT_TYPE_HARD ) , |
to select respectively the soft or hard limit. |
to select respectively the soft or hard limit. |
Both are of type integer. |
Both are of type integer. |
.It Li proc.pid.stopfork ( PROC_PID_STOPFORK ) |
.It Li proc.pid.stopfork ( Dv PROC_PID_STOPFORK ) |
If non zero, the process' children will be stopped after |
If non zero, the process' children will be stopped after |
.Xr fork 2 |
.Xr fork 2 |
calls. |
calls. |
Line 2009 apply to emulation specific system calls |
|
Line 2214 apply to emulation specific system calls |
|
.Fn sproc |
.Fn sproc |
or |
or |
.Fn clone . |
.Fn clone . |
.It Li proc.pid.stopexec ( PROC_PID_STOPEXEC ) |
.It Li proc.pid.stopexec ( Dv PROC_PID_STOPEXEC ) |
If non zero, the process will be stopped on next |
If non zero, the process will be stopped on next |
.Xr exec 3 |
.Xr exec 3 |
call. |
call. |
Line 2022 This feature helps attaching a process w |
|
Line 2227 This feature helps attaching a process w |
|
before it had the opportunity to actually do anything. |
before it had the opportunity to actually do anything. |
.Pp |
.Pp |
This value is inherited by the process's children. |
This value is inherited by the process's children. |
.It Li proc.pid.stopexit ( PROC_PID_STOPEXIT ) |
.It Li proc.pid.stopexit ( Dv PROC_PID_STOPEXIT ) |
If non zero, the process will be stopped on when it has cause to exit, |
If non zero, the process will be stopped on when it has cause to exit, |
either by way of calling |
either by way of calling |
.Xr exit 3 , |
.Xr exit 3 , |
Line 2040 before it disappears. |
|
Line 2245 before it disappears. |
|
.Pp |
.Pp |
This value is also inherited by the process's children. |
This value is also inherited by the process's children. |
.El |
.El |
.Ss The user.* subtree ( CTL_USER ) |
.Ss The user.* subtree ( Dv CTL_USER ) |
The string and integer information available for the |
The string and integer information available for the |
.Li user |
.Li user |
level is detailed below. |
level is detailed below. |
The changeable column shows whether a process with appropriate |
The changeable column shows whether a process with appropriate |
privilege may change the value. |
privilege may change the value. |
.Bl -column "user.coll_weights_max" "integer" "Changeable" -offset indent |
.Bl -column "user.coll_weights_max" "integer" "Changeable" -offset indent |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It user.atexit_max integer no |
.It user.atexit_max integer no |
.It user.bc_base_max integer no |
.It user.bc_base_max integer no |
.It user.bc_dim_max integer no |
.It user.bc_dim_max integer no |
Line 2072 privilege may change the value. |
|
Line 2277 privilege may change the value. |
|
.It user.tzname_max integer no |
.It user.tzname_max integer no |
.El |
.El |
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li user.atexit_max ( USER_ATEXIT_MAX ) |
.It Li user.atexit_max ( Dv USER_ATEXIT_MAX ) |
The maximum number of functions that may be registered with |
The maximum number of functions that may be registered with |
.Xr atexit 3 . |
.Xr atexit 3 . |
.It Li user.bc_base_max ( USER_BC_BASE_MAX ) |
.It Li user.bc_base_max ( Dv USER_BC_BASE_MAX ) |
The maximum ibase/obase values in the |
The maximum ibase/obase values in the |
.Xr bc 1 |
.Xr bc 1 |
utility. |
utility. |
.It Li user.bc_dim_max ( USER_BC_DIM_MAX ) |
.It Li user.bc_dim_max ( Dv USER_BC_DIM_MAX ) |
The maximum array size in the |
The maximum array size in the |
.Xr bc 1 |
.Xr bc 1 |
utility. |
utility. |
.It Li user.bc_scale_max ( USER_BC_SCALE_MAX ) |
.It Li user.bc_scale_max ( Dv USER_BC_SCALE_MAX ) |
The maximum scale value in the |
The maximum scale value in the |
.Xr bc 1 |
.Xr bc 1 |
utility. |
utility. |
.It Li user.bc_string_max ( USER_BC_STRING_MAX ) |
.It Li user.bc_string_max ( Dv USER_BC_STRING_MAX ) |
The maximum string length in the |
The maximum string length in the |
.Xr bc 1 |
.Xr bc 1 |
utility. |
utility. |
.It Li user.coll_weights_max ( USER_COLL_WEIGHTS_MAX ) |
.It Li user.coll_weights_max ( Dv USER_COLL_WEIGHTS_MAX ) |
The maximum number of weights that can be assigned to any entry of |
The maximum number of weights that can be assigned to any entry of |
the LC_COLLATE order keyword in the locale definition file. |
the LC_COLLATE order keyword in the locale definition file. |
.It Li user.cs_path ( USER_CS_PATH ) |
.It Li user.cs_path ( USER_CS_PATH ) |
Return a value for the |
Return a value for the |
.Ev PATH |
.Ev PATH |
environment variable that finds all the standard utilities. |
environment variable that finds all the standard utilities. |
.It Li user.expr_nest_max ( USER_EXPR_NEST_MAX ) |
.It Li user.expr_nest_max ( Dv USER_EXPR_NEST_MAX ) |
The maximum number of expressions that can be nested within |
The maximum number of expressions that can be nested within |
parenthesis by the |
parenthesis by the |
.Xr expr 1 |
.Xr expr 1 |
utility. |
utility. |
.It Li user.line_max ( USER_LINE_MAX ) |
.It Li user.line_max ( Dv USER_LINE_MAX ) |
The maximum length in bytes of a text-processing utility's input |
The maximum length in bytes of a text-processing utility's input |
line. |
line. |
.It Li user.posix2_char_term ( USER_POSIX2_CHAR_TERM ) |
.It Li user.posix2_char_term ( Dv USER_POSIX2_CHAR_TERM ) |
Return 1 if the system supports at least one terminal type capable of |
Return 1 if the system supports at least one terminal type capable of |
all operations described in |
all operations described in |
.St -p1003.2 , |
.St -p1003.2 , |
otherwise\ 0. |
otherwise\ 0. |
.It Li user.posix2_c_bind ( USER_POSIX2_C_BIND ) |
.It Li user.posix2_c_bind ( Dv USER_POSIX2_C_BIND ) |
Return 1 if the system's C-language development facilities support the |
Return 1 if the system's C-language development facilities support the |
C-Language Bindings Option, otherwise\ 0. |
C-Language Bindings Option, otherwise\ 0. |
.It Li user.posix2_c_dev ( USER_POSIX2_C_DEV ) |
.It Li user.posix2_c_dev ( Dv USER_POSIX2_C_DEV ) |
Return 1 if the system supports the C-Language Development Utilities Option, |
Return 1 if the system supports the C-Language Development Utilities Option, |
otherwise\ 0. |
otherwise\ 0. |
.It Li user.posix2_fort_dev ( USER_POSIX2_FORT_DEV ) |
.It Li user.posix2_fort_dev ( Dv USER_POSIX2_FORT_DEV ) |
Return 1 if the system supports the FORTRAN Development Utilities Option, |
Return 1 if the system supports the FORTRAN Development Utilities Option, |
otherwise\ 0. |
otherwise\ 0. |
.It Li user.posix2_fort_run ( USER_POSIX2_FORT_RUN ) |
.It Li user.posix2_fort_run ( Dv USER_POSIX2_FORT_RUN ) |
Return 1 if the system supports the FORTRAN Runtime Utilities Option, |
Return 1 if the system supports the FORTRAN Runtime Utilities Option, |
otherwise\ 0. |
otherwise\ 0. |
.It Li user.posix2_localedef ( USER_POSIX2_LOCALEDEF ) |
.It Li user.posix2_localedef ( Dv USER_POSIX2_LOCALEDEF ) |
Return 1 if the system supports the creation of locales, otherwise\ 0. |
Return 1 if the system supports the creation of locales, otherwise\ 0. |
.It Li user.posix2_sw_dev ( USER_POSIX2_SW_DEV ) |
.It Li user.posix2_sw_dev ( Dv USER_POSIX2_SW_DEV ) |
Return 1 if the system supports the Software Development Utilities Option, |
Return 1 if the system supports the Software Development Utilities Option, |
otherwise\ 0. |
otherwise\ 0. |
.It Li user.posix2_upe ( USER_POSIX2_UPE ) |
.It Li user.posix2_upe ( Dv USER_POSIX2_UPE ) |
Return 1 if the system supports the User Portability Utilities Option, |
Return 1 if the system supports the User Portability Utilities Option, |
otherwise\ 0. |
otherwise\ 0. |
.It Li user.posix2_version ( USER_POSIX2_VERSION ) |
.It Li user.posix2_version ( Dv USER_POSIX2_VERSION ) |
The version of |
The version of |
.St -p1003.2 |
.St -p1003.2 |
with which the system attempts to comply. |
with which the system attempts to comply. |
.It Li user.re_dup_max ( USER_RE_DUP_MAX ) |
.It Li user.re_dup_max ( Dv USER_RE_DUP_MAX ) |
The maximum number of repeated occurrences of a regular expression |
The maximum number of repeated occurrences of a regular expression |
permitted when using interval notation. |
permitted when using interval notation. |
.It Li user.stream_max ( USER_STREAM_MAX ) |
.It Li user.stream_max ( Dv USER_STREAM_MAX ) |
The minimum maximum number of streams that a process may have open |
The minimum maximum number of streams that a process may have open |
at any one time. |
at any one time. |
.It Li user.tzname_max ( USER_TZNAME_MAX ) |
.It Li user.tzname_max ( Dv USER_TZNAME_MAX ) |
The minimum maximum number of types supported for the name of a |
The minimum maximum number of types supported for the name of a |
timezone. |
timezone. |
.El |
.El |
.Ss The vm.* subtree ( CTL_VM ) |
.Ss The vm.* subtree ( Dv CTL_VM ) |
The string and integer information available for the |
The string and integer information available for the |
.Li vm |
.Li vm |
level is detailed below. |
level is detailed below. |
The changeable column shows whether a process with appropriate |
The changeable column shows whether a process with appropriate |
privilege may change the value. |
privilege may change the value. |
.Bl -column "Second level name" "struct uvmexp_sysctl" "Changeable" -offset indent |
.Bl -column "Second level name" "struct uvmexp_sysctl" "Changeable" -offset indent |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It vm.anonmax int yes |
.It vm.anonmax int yes |
.It vm.anonmin int yes |
.It vm.anonmin int yes |
.It vm.bufcache int yes |
.It vm.bufcache int yes |
Line 2170 privilege may change the value. |
|
Line 2375 privilege may change the value. |
|
.It vm.uvmexp struct uvmexp no |
.It vm.uvmexp struct uvmexp no |
.It vm.uvmexp2 struct uvmexp_sysctl no |
.It vm.uvmexp2 struct uvmexp_sysctl no |
.It vm.vmmeter struct vmtotal no |
.It vm.vmmeter struct vmtotal no |
|
.It vm.proc.map struct kinfo_vmentry no |
.El |
.El |
.Pp |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li vm.anonmax ( VM_ANONMAX ) |
.It Li vm.anonmax ( Dv VM_ANONMAX ) |
The percentage of physical memory which will be reclaimed |
The percentage of physical memory which will be reclaimed |
from other types of memory usage to store anonymous application data. |
from other types of memory usage to store anonymous application data. |
.It Li vm.anonmin ( VM_ANONMIN ) |
.It Li vm.anonmin ( Dv VM_ANONMIN ) |
The percentage of physical memory which will be always be available for |
The percentage of physical memory which will be always be available for |
anonymous application data. |
anonymous application data. |
.It Li vm.bufcache ( VM_BUFCACHE ) |
.It Li vm.bufcache ( Dv VM_BUFCACHE ) |
The percentage of physical memory which will be available |
The percentage of physical memory which will be available |
for the buffer cache. |
for the buffer cache. |
.It Li vm.bufmem ( VM_BUFMEM ) |
.It Li vm.bufmem ( Dv VM_BUFMEM ) |
The amount of kernel memory that is being used by the buffer cache. |
The amount of kernel memory that is being used by the buffer cache. |
.It Li vm.bufmem_lowater ( VM_BUFMEM_LOWATER ) |
.It Li vm.bufmem_lowater ( Dv VM_BUFMEM_LOWATER ) |
The minimum amount of kernel memory to reserve for the |
The minimum amount of kernel memory to reserve for the |
buffer cache. |
buffer cache. |
.It Li vm.bufmem_hiwater ( VM_BUFMEM_HIWATER ) |
.It Li vm.bufmem_hiwater ( Dv VM_BUFMEM_HIWATER ) |
The maximum amount of kernel memory to be used for the |
The maximum amount of kernel memory to be used for the |
buffer cache. |
buffer cache. |
.It Li vm.execmax ( VM_EXECMAX ) |
.It Li vm.execmax ( Dv VM_EXECMAX ) |
The percentage of physical memory which will be reclaimed |
The percentage of physical memory which will be reclaimed |
from other types of memory usage to store cached executable data. |
from other types of memory usage to store cached executable data. |
.It Li vm.execmin ( VM_EXECMIN ) |
.It Li vm.execmin ( Dv VM_EXECMIN ) |
The percentage of physical memory which will be always be available for |
The percentage of physical memory which will be always be available for |
cached executable data. |
cached executable data. |
.It Li vm.filemax ( VM_FILEMAX ) |
.It Li vm.filemax ( Dv VM_FILEMAX ) |
The percentage of physical memory which will be reclaimed |
The percentage of physical memory which will be reclaimed |
from other types of memory usage to store cached file data. |
from other types of memory usage to store cached file data. |
.It Li vm.filemin ( VM_FILEMIN ) |
.It Li vm.filemin ( Dv VM_FILEMIN ) |
The percentage of physical memory which will be always be available for |
The percentage of physical memory which will be always be available for |
cached file data. |
cached file data. |
.It Li vm.loadavg ( VM_LOADAVG ) |
.It Li vm.loadavg ( Dv VM_LOADAVG ) |
Return the load average history. |
Return the load average history. |
The returned data consists of a |
The returned data consists of a |
.Vt struct loadavg . |
.Vt struct loadavg . |
.It Li vm.maxslp ( VM_MAXSLP ) |
.It Li vm.maxslp ( Dv VM_MAXSLP ) |
The value of the maxslp kernel global variable. |
The value of the maxslp kernel global variable. |
.It Li vm.vmmeter ( VM_METER ) |
.It Li vm.vmmeter ( Dv VM_METER ) |
Return system wide virtual memory statistics. |
Return system wide virtual memory statistics. |
The returned data consists of a |
The returned data consists of a |
.Vt struct vmtotal . |
.Vt struct vmtotal . |
.It vm.user_va0_disable |
.It vm.user_va0_disable |
A flag which controls whether user processes can map virtual address\ 0. |
A flag which controls whether user processes can map virtual address\ 0. |
.It Li vm.uspace ( VM_USPACE ) |
.It Li vm.proc.map ( Dv VM_PROC ) |
|
The third level is |
|
.dv VM_PROC_MAP , |
|
the fourth is the pid of the process to display the vm object entries for, and |
|
the fifth is the size of |
|
.Vt struct kinfo_vmentry . |
|
Returns an array of |
|
.Vt struct kinfo_vmentry |
|
objects. |
|
.It Li vm.uspace ( Dv VM_USPACE ) |
The number of bytes allocated for each kernel stack. |
The number of bytes allocated for each kernel stack. |
.It Li vm.uvmexp ( VM_UVMEXP ) |
.It Li vm.uvmexp ( Dv VM_UVMEXP ) |
Return system wide virtual memory statistics. |
Return system wide virtual memory statistics. |
The returned data consists of a |
The returned data consists of a |
.Vt struct uvmexp . |
.Vt struct uvmexp . |
.It Li vm.uvmexp2 ( VM_UVMEXP2 ) |
.It Li vm.uvmexp2 ( Dv VM_UVMEXP2 ) |
Return system wide virtual memory statistics. |
Return system wide virtual memory statistics. |
The returned data consists of a |
The returned data consists of a |
.Vt struct uvmexp_sysctl . |
.Vt struct uvmexp_sysctl . |
.\" XXX vm.idlezero |
.\" XXX vm.idlezero |
.El |
.El |
.Ss The ddb.* subtree ( CTL_DDB ) |
.Ss The ddb.* subtree ( Dv CTL_DDB ) |
The information available for the |
The information available for the |
.Li ddb |
.Li ddb |
level is detailed below. |
level is detailed below. |
Line 2234 The changeable column shows whether a pr |
|
Line 2448 The changeable column shows whether a pr |
|
privilege may change the value. |
privilege may change the value. |
.\" XXX sort |
.\" XXX sort |
.Bl -column "Second level name" "integer" "Changeable" -offset indent |
.Bl -column "Second level name" "integer" "Changeable" -offset indent |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It ddb.radix integer yes |
.It ddb.radix integer yes |
.It ddb.maxoff integer yes |
.It ddb.maxoff integer yes |
.It ddb.maxwidth integer yes |
.It ddb.maxwidth integer yes |
Line 2245 privilege may change the value. |
|
Line 2459 privilege may change the value. |
|
.It ddb.tee_msgbuf integer yes |
.It ddb.tee_msgbuf integer yes |
.It ddb.commandonenter string yes |
.It ddb.commandonenter string yes |
.El |
.El |
.Pp |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li ddb.radix ( DDBCTL_RADIX ) |
.It Li ddb.radix ( Dv DDBCTL_RADIX ) |
The input and output radix. |
The input and output radix. |
.It Li ddb.maxoff ( DDBCTL_MAXOFF ) |
.It Li ddb.maxoff ( Dv DDBCTL_MAXOFF ) |
The maximum symbol offset. |
The maximum symbol offset. |
.It Li ddb.maxwidth ( DDBCTL_MAXWIDTH ) |
.It Li ddb.maxwidth ( Dv DDBCTL_MAXWIDTH ) |
The maximum output line width. |
The maximum output line width. |
.It Li ddb.lines ( DDBCTL_LINES ) |
.It Li ddb.lines ( Dv DDBCTL_LINES ) |
Number of display lines. |
Number of display lines. |
.It Li ddb.tabstops ( DDBCTL_TABSTOPS ) |
.It Li ddb.tabstops ( Dv DDBCTL_TABSTOPS ) |
Tab width. |
Tab width. |
.It Li ddb.onpanic ( DDBCTL_ONPANIC ) |
.It Li ddb.onpanic ( Dv DDBCTL_ONPANIC ) |
If non-zero, DDB will be entered if the kernel panics. |
If greater than zero, DDB will be entered if the kernel panics. |
.It Li ddb.fromconsole ( DDBCTL_FROMCONSOLE ) |
A value of 1 causes the system to enter DDB on panic, while a value of 2 |
|
causes the kernel to attempt to print out a stack trace before entering DDB. |
|
A value of 0 causes the kernel to attempt to print a stack trace, then |
|
reboot, while a value of \-1 means neither a stack trace will be printed |
|
nor DDB entered. |
|
.It Li ddb.fromconsole ( Dv DDBCTL_FROMCONSOLE ) |
If not zero, DDB may be entered by sending a break on a serial |
If not zero, DDB may be entered by sending a break on a serial |
console or by a special key sequence on a graphics console. |
console or by a special key sequence on a graphics console. |
.It Li ddb.tee_msgbuf |
.It Li ddb.tee_msgbuf |
Line 2278 nodes are also available as variables fr |
|
Line 2496 nodes are also available as variables fr |
|
See |
See |
.Xr ddb 4 |
.Xr ddb 4 |
for more details. |
for more details. |
.Ss The security.* subtree ( CTL_SECURITY ) |
.Ss The security.* subtree ( Dv CTL_SECURITY ) |
The |
The |
.Li security |
.Li security |
level contains various security-related settings for |
level contains various security-related settings for |
the system. |
the system. |
The available second level names are: |
The available second level names are: |
.Bl -column "Second level name" "integer" "Changeable" -offset indent |
.Bl -column "Second level name" "integer" "Changeable" -offset indent |
.It Sy Second level name Type Changeable |
.It Sy Second level name Ta Sy Type Ta Sy Changeable |
.It Li security.curtain integer yes |
.It Li security.curtain integer yes |
.It Li security.models node not applicable |
.It Li security.models node not applicable |
.It Li security.pax node not applicable |
.It Li security.pax node not applicable |
.El |
.El |
.Pp |
.Pp |
Available settings are detailed below. |
Available settings are detailed below. |
.Pp |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li security.curtain |
.It Li security.curtain |
If non-zero, will filter return objects according to the user |
If non-zero, will filter return objects according to the user |
.Tn ID |
.Tn ID |
requesting information about them, preventing from users any |
requesting information about them, preventing users from |
access to objects they do not own. |
accessing any objects they do not own. |
.Pp |
.Pp |
At the moment, it affects |
At the moment, it affects |
.Xr ps 1 , |
.Xr ps 1 , |
Line 2328 Settings for PaX -- exploit mitigation f |
|
Line 2545 Settings for PaX -- exploit mitigation f |
|
For more information on any of the PaX features, please see |
For more information on any of the PaX features, please see |
.Xr paxctl 8 |
.Xr paxctl 8 |
and |
and |
.Xr security 8 . |
.Xr security 7 . |
The available third and fourth level names are: |
The available third and fourth level names are: |
.Bl -column "security.pax.segvguard.suspend_timeout" "integer" "Changeable" \ |
.Bl -column "security.pax.segvguard.suspend_timeout" "integer" "Changeable" \ |
-offset 2n |
-offset 2n |
Line 2340 The available third and fourth level nam |
|
Line 2557 The available third and fourth level nam |
|
.\".It Li security.pax.aslr.stack_len integer yes |
.\".It Li security.pax.aslr.stack_len integer yes |
.It Li security.pax.mprotect.enabled integer yes |
.It Li security.pax.mprotect.enabled integer yes |
.It Li security.pax.mprotect.global integer yes |
.It Li security.pax.mprotect.global integer yes |
|
.It Li security.pax.mprotect.ptrace integer yes |
.It Li security.pax.segvguard.enabled integer yes |
.It Li security.pax.segvguard.enabled integer yes |
.It Li security.pax.segvguard.expiry_timeout integer yes |
.It Li security.pax.segvguard.expiry_timeout integer yes |
.It Li security.pax.segvguard.global integer yes |
.It Li security.pax.segvguard.global integer yes |
.It Li security.pax.segvguard.max_crashes integer yes |
.It Li security.pax.segvguard.max_crashes integer yes |
.It Li security.pax.segvguard.suspend_timeout integer yes |
.It Li security.pax.segvguard.suspend_timeout integer yes |
.El |
.El |
.Pp |
|
.Bl -tag -width "123456" |
.Bl -tag -width "123456" |
.It Li security.pax.aslr.enabled |
.It Li security.pax.aslr.enabled |
Enable PaX ASLR (Address Space Layout Randomization). |
Enable PaX ASLR (Address Space Layout Randomization). |
Line 2361 Specifies the default global policy for |
|
Line 2578 Specifies the default global policy for |
|
explicit enable/disable flag. |
explicit enable/disable flag. |
.Pp |
.Pp |
When non-zero, all programs will get PaX ASLR, except those exempted with |
When non-zero, all programs will get PaX ASLR, except those exempted with |
.Xr paxctl 8 . |
.Xr paxctl 8 . |
Otherwise, all programs will not get PaX ASLR, except those specifically |
Otherwise, all programs will not get PaX ASLR, except those specifically |
marked as such with |
marked as such with |
.Xr paxctl 8 . |
.Xr paxctl 8 . |
Line 2384 explicit enable/disable flag. |
|
Line 2601 explicit enable/disable flag. |
|
.Pp |
.Pp |
When non-zero, all programs will get the PaX MPROTECT restrictions, |
When non-zero, all programs will get the PaX MPROTECT restrictions, |
except those exempted with |
except those exempted with |
.Xr paxctl 8 . |
.Xr paxctl 8 . |
Otherwise, all programs will not get the PaX MPROTECT restrictions, |
Otherwise, all programs will not get the PaX MPROTECT restrictions, |
except those specifically marked as such with |
except those specifically marked as such with |
.Xr paxctl 8 . |
.Xr paxctl 8 . |
|
.It Li security.pax.mprotect.ptrace |
|
This variable allows |
|
.Xr ptrace 2 |
|
to override PaX MPROTECT permissions. |
|
It can have the following values: |
|
.Bl -tag -width XX -compact |
|
.It 0 |
|
Does not let override any permissions. |
|
.It 1 |
|
Disables PaX MPROTECT from processes that start executing while traced (default). |
|
.It 2 |
|
Bypasses PaX MPROTECT for all processes being traced. |
|
.El |
.It Li security.pax.segvguard.enabled |
.It Li security.pax.segvguard.enabled |
Enable PaX Segvguard. |
Enable PaX Segvguard. |
.Pp |
.Pp |
Line 2409 explicit enable/disable flag. |
|
Line 2639 explicit enable/disable flag. |
|
.Pp |
.Pp |
When non-zero, all programs will get the PaX Segvguard, |
When non-zero, all programs will get the PaX Segvguard, |
except those exempted with |
except those exempted with |
.Xr paxctl 8 . |
.Xr paxctl 8 . |
Otherwise, no program will get the PaX Segvguard restrictions, |
Otherwise, no program will get the PaX Segvguard restrictions, |
except those specifically marked as such with |
except those specifically marked as such with |
.Xr paxctl 8 . |
.Xr paxctl 8 . |
Line 2420 Number of seconds to suspend a user from |
|
Line 2650 Number of seconds to suspend a user from |
|
limit was exceeded. |
limit was exceeded. |
.El |
.El |
.El |
.El |
.Ss The vendor.* subtree ( CTL_VENDOR ) |
.Ss The vendor.* subtree ( Dv CTL_VENDOR ) |
The |
The |
.Li vendor |
.Li vendor |
toplevel name is reserved to be used by vendors who wish to |
toplevel name is reserved to be used by vendors who wish to |
Line 2431 Intended use is to store values under |
|
Line 2661 Intended use is to store values under |
|
.Xr sysctl 3 , |
.Xr sysctl 3 , |
.Xr ipsec 4 , |
.Xr ipsec 4 , |
.Xr tcp 4 , |
.Xr tcp 4 , |
.Xr security 8 , |
.Xr security 7 , |
.Xr sysctl 8 |
.Xr sysctl 8 |
.Sh HISTORY |
.Sh HISTORY |
The |
The |