| version 1.52, 2010/12/11 19:55:53 |
version 1.82, 2014/06/13 19:09:07 |
|
|
| .\" |
.\" |
| .\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95 |
.\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95 |
| .\" |
.\" |
| .Dd December 11, 2010 |
.Dd June 13, 2014 |
| .Dt SYSCTL 7 |
.Dt SYSCTL 7 |
| .Os |
.Os |
| .Sh NAME |
.Sh NAME |
|
|
| .Xr sysctl 3 |
.Xr sysctl 3 |
| manual page for programming examples. |
manual page for programming examples. |
| .Ss Top level names |
.Ss Top level names |
| The top level names are defined with a CTL_ prefix in |
The top level names are defined with a |
| |
.Va CTL_ |
| |
prefix in |
| .In sys/sysctl.h , |
.In sys/sysctl.h , |
| and are as follows. |
and are as follows. |
| The next and subsequent levels down are found in the include files |
The next and subsequent levels down are found in the include files |
| listed here, and described in separate sections below. |
listed here, and described in separate sections below. |
| .Bl -column security CTL_SECURITY "Next level names" "High kernel limits" |
.Bl -column "security" ".Dv CTL_SECURITY" ".In uvm/uvm_param.h" "High kernel limits" |
| .It Sy Name Constant Next level names Description |
.It Sy Name Ta Sy Constant Ta Sy Next level names Ta Sy Description |
| .It kern CTL_KERN sys/sysctl.h High kernel limits |
.It kern Ta Dv CTL_KERN Ta In sys/sysctl.h Ta High kernel limits |
| .It vm CTL_VM uvm/uvm_param.h Virtual memory |
.It vm Ta Dv CTL_VM Ta In uvm/uvm_param.h Ta Virtual memory |
| .It vfs CTL_VFS sys/mount.h Filesystem |
.It vfs Ta Dv CTL_VFS Ta In sys/mount.h Ta Filesystem |
| .It net CTL_NET sys/socket.h Networking |
.It net Ta Dv CTL_NET Ta In sys/socket.h Ta Networking |
| .It debug CTL_DEBUG sys/sysctl.h Debugging |
.It debug Ta Dv CTL_DEBUG Ta In sys/sysctl.h Ta Debugging |
| .It hw CTL_HW sys/sysctl.h Generic CPU, I/O |
.It hw Ta Dv CTL_HW Ta In sys/sysctl.h Ta Generic CPU, I/O |
| .It machdep CTL_MACHDEP sys/sysctl.h Machine dependent |
.It machdep Ta Dv CTL_MACHDEP Ta In sys/sysctl.h Ta Machine dependent |
| .It user CTL_USER sys/sysctl.h User-level |
.It user Ta Dv CTL_USER Ta In sys/sysctl.h Ta User-level |
| .It ddb CTL_DDB sys/sysctl.h In-kernel debugger |
.It ddb Ta Dv CTL_DDB Ta In sys/sysctl.h Ta In-kernel debugger |
| .It proc CTL_PROC sys/sysctl.h Per-process |
.It proc Ta Dv CTL_PROC Ta In sys/sysctl.h Ta Per-process |
| .It vendor CTL_VENDOR ? Vendor specific |
.It vendor Ta Dv CTL_VENDOR Ta ? Ta Vendor specific |
| .It emul CTL_EMUL sys/sysctl.h Emulation settings |
.It emul Ta Dv CTL_EMUL Ta In sys/sysctl.h Ta Emulation settings |
| .It security CTL_SECURITY sys/sysctl.h Security settings |
.It security Ta Dv CTL_SECURITY Ta In sys/sysctl.h Ta Security settings |
| .El |
.El |
| .Ss The debug.* subtree |
.Ss The debug.* subtree |
| The debugging variables vary from system to system. |
The debugging variables vary from system to system. |
| Line 100 Each time it runs, |
|
| Line 102 Each time it runs, |
|
| gets the list of debugging variables from the kernel and |
gets the list of debugging variables from the kernel and |
| displays their current values. |
displays their current values. |
| The system defines twenty |
The system defines twenty |
| .Va ( struct ctldebug ) |
.Vt ( struct ctldebug ) |
| variables named |
variables named |
| .Dv debug0 |
.Dv debug0 |
| through |
through |
| Line 110 individually initialized at the location |
|
| Line 112 individually initialized at the location |
|
| The loader prevents multiple use of the same variable by issuing errors |
The loader prevents multiple use of the same variable by issuing errors |
| if a variable is initialized in more than one place. |
if a variable is initialized in more than one place. |
| For example, to export the variable |
For example, to export the variable |
| .Dv dospecialcheck |
.Va dospecialcheck |
| as a debugging variable, the following declaration would be used: |
as a debugging variable, the following declaration would be used: |
| .Pp |
.Pp |
| .Bd -literal -offset indent -compact |
.Bd -literal -offset indent -compact |
| Line 131 for more information. |
|
| Line 133 for more information. |
|
| .Ss The vfs.* subtree |
.Ss The vfs.* subtree |
| A distinguished second level name, |
A distinguished second level name, |
| .Li vfs.generic ( VFS_GENERIC ) , |
.Li vfs.generic ( VFS_GENERIC ) , |
| is used to get general information about all filesystems. |
is used to get general information about all file systems. |
| It has the following third level identifiers: |
It has the following third level identifiers: |
| .Bl -tag -width compact |
.Bl -tag -width "123456" |
| .It vfs.generic.maxtypenum ( VFS_MAXTYPENUM ) |
.It Li vfs.generic.maxtypenum ( VFS_MAXTYPENUM ) |
| The highest valid filesystem type number. |
The highest valid file system type number. |
| .It vfs.generic.conf ( VFS_CONF ) |
.It Li vfs.generic.conf ( VFS_CONF ) |
| Returns configuration information about the file-system type given as a fourth |
Returns configuration information about the file system type given as a fourth |
| level identifier. |
level identifier. |
| |
.It Li vfs.generic.usermount ( VFS_USERMOUNT ) |
| |
Determines if non superuser mounts are allowed, defaults to |
| |
.Dv 0 . |
| |
.It Li vfs.generic.magiclinks ( VFS_MAGICLINKS ) |
| |
Controls if expansion of variables is going to be performed on pathnames |
| |
or not. |
| |
Defaults to no variable expansion, |
| |
.Dv 0 . |
| |
Variables are of the form |
| |
.Li @name |
| |
and the variables supported are described in |
| |
.Xr symlink 7 |
| |
under |
| |
.Dq "MAGIC SYMLINKS" . |
| |
.El |
| |
.Pp |
| |
A second level name for controlling the |
| |
.Xr wapbl 4 |
| |
(Write Ahead Physical Block Logging file system journalling) |
| |
capabilities with the following third level identifiers: |
| |
.Bl -tag -width "123456" |
| |
.It Li vfs.wapbl.flush_disk_cache |
| |
Controls whether to attempt to flush the disk cache on each commit. |
| |
It defaults to 1 and it should always be on to ensure integrity |
| |
of file system metadata in the event of a power loss. |
| |
For slow disks, turning it off can improve performance. |
| |
.It Li vfs.wapbl.verbose_commit |
| |
For each transaction log commit, print the number of bytes written |
| |
and the time it took to commit as seconds.nanoseconds. |
| .El |
.El |
| .Pp |
.Pp |
| The remaining second level identifiers are the file-system names, identified |
The remaining second level identifiers are the file system names, identified |
| by the type number returned by a |
by the type number returned by a |
| .Xr statvfs 2 |
.Xr statvfs 2 |
| call or from |
call or from |
| .Li vfs.generic.conf . |
.Li vfs.generic.conf . |
| The third level identifiers available for each filesystem |
.Pp |
| |
The third level identifiers available for each file system |
| are given in the header file that defines the mount |
are given in the header file that defines the mount |
| argument structure for that filesystem. |
argument structure for that file system. |
| .Ss The hw.* subtree |
.Ss The hw.* subtree |
| The string and integer information available for the |
The string and integer information available for the |
| .Li hw |
.Li hw |
| Line 179 Alignment constraint for all possible da |
|
| Line 211 Alignment constraint for all possible da |
|
| This shows the value |
This shows the value |
| .Dv ALIGNBYTES |
.Dv ALIGNBYTES |
| in |
in |
| .Pa /usr/include/machine/param.h , |
.In machine/param.h , |
| at the kernel compilation time. |
at the kernel compilation time. |
| .It Li hw.byteorder ( HW_BYTEORDER ) |
.It Li hw.byteorder ( HW_BYTEORDER ) |
| The byteorder (4,321, or 1,234). |
The byteorder (4321, or 1234). |
| .It Li hw.cnmagic ( HW_CNMAGIC ) |
.It Li hw.cnmagic ( HW_CNMAGIC ) |
| The console magic key sequence. |
The console magic key sequence. |
| .It Li hw.disknames ( HW_DISKNAMES ) |
.It Li hw.disknames ( HW_DISKNAMES ) |
| Line 194 collected on them. |
|
| Line 226 collected on them. |
|
| Return statistical information on the NFS mounts, disk and tape |
Return statistical information on the NFS mounts, disk and tape |
| devices on the system. |
devices on the system. |
| An array of |
An array of |
| .Va struct io_sysctl |
.Vt struct io_sysctl |
| structures is returned, |
structures is returned, |
| whose size depends on the current number of such objects in the system. |
whose size depends on the current number of such objects in the system. |
| The third level name is the size of the |
The third level name is the size of the |
| .Va struct io_sysctl . |
.Vt struct io_sysctl . |
| The type of object can be determined by examining the |
The type of object can be determined by examining the |
| .Va type |
.Va type |
| element of |
element of |
| .Va struct io_sysctl . |
.Vt struct io_sysctl . |
| Which can be |
Which can be |
| .Dv IOSTAT_DISK |
.Dv IOSTAT_DISK |
| (disk drive), |
(disk drive), |
| Line 274 privilege may change the value. |
|
| Line 306 privilege may change the value. |
|
| .It kern.logsigexit integer yes |
.It kern.logsigexit integer yes |
| .It kern.mapped_files integer no |
.It kern.mapped_files integer no |
| .It kern.maxfiles integer yes |
.It kern.maxfiles integer yes |
| |
.It kern.maxlwp integer yes |
| .It kern.maxpartitions integer no |
.It kern.maxpartitions integer no |
| .It kern.maxphys integer no |
.It kern.maxphys integer no |
| .It kern.maxproc integer yes |
.It kern.maxproc integer yes |
| Line 296 privilege may change the value. |
|
| Line 329 privilege may change the value. |
|
| .It kern.ostype string no |
.It kern.ostype string no |
| .\".It kern.panic_now integer yes |
.\".It kern.panic_now integer yes |
| .It kern.pipe node not applicable |
.It kern.pipe node not applicable |
| |
.It kern.pool struct pool_sysctl no |
| .\" .It kern.posix node not applicable |
.\" .It kern.posix node not applicable |
| .It kern.posix1version integer no |
.It kern.posix1version integer no |
| .It kern.posix_aio integer no |
.It kern.posix_aio integer no |
| Line 324 privilege may change the value. |
|
| Line 358 privilege may change the value. |
|
| .It kern.timecounter node not applicable |
.It kern.timecounter node not applicable |
| .It kern.timex struct no |
.It kern.timex struct no |
| .It kern.tkstat node not applicable |
.It kern.tkstat node not applicable |
| |
.It kern.tty node not applicable |
| .It kern.urandom integer no |
.It kern.urandom integer no |
| .It kern.usercrypto integer yes |
.It kern.usercrypto integer yes |
| .It kern.userasymcrypto integer yes |
.It kern.userasymcrypto integer yes |
| Line 345 The maximum number of asynchronous I/O o |
|
| Line 380 The maximum number of asynchronous I/O o |
|
| .It Li kern.arandom |
.It Li kern.arandom |
| This variable picks a random number each time it is queried. |
This variable picks a random number each time it is queried. |
| The used random number generator |
The used random number generator |
| .Pq Tn RNG |
.Pf ( Tn RNG ) |
| is based on |
is based on |
| .Xr arc4random 3 . |
.Xr arc4random 3 . |
| .It Li kern.argmax ( KERN_ARGMAX ) |
.It Li kern.argmax ( KERN_ARGMAX ) |
| Line 357 Flags passed from the boot loader; see |
|
| Line 392 Flags passed from the boot loader; see |
|
| for the meanings of the flags. |
for the meanings of the flags. |
| .It Li kern.boottime ( KERN_BOOTTIME ) |
.It Li kern.boottime ( KERN_BOOTTIME ) |
| A |
A |
| .Va struct timeval |
.Vt struct timeval |
| structure is returned. |
structure is returned. |
| This structure contains the time that the system was booted. |
This structure contains the time that the system was booted. |
| .\" .It Li kern.bufq |
.\" .It Li kern.bufq |
| Line 366 This structure contains the time that th |
|
| Line 401 This structure contains the time that th |
|
| The scheduler exponential decay value. |
The scheduler exponential decay value. |
| .It Li kern.clockrate ( KERN_CLOCKRATE ) |
.It Li kern.clockrate ( KERN_CLOCKRATE ) |
| A |
A |
| .Va struct clockinfo |
.Vt struct clockinfo |
| structure is returned. |
structure is returned. |
| This structure contains the clock, statistics clock and profiling clock |
This structure contains the clock, statistics clock and profiling clock |
| frequencies, the number of micro-seconds per hz tick, and the clock |
frequencies, the number of micro-seconds per hz tick, and the clock |
| Line 413 Same syntax as kern.defcorename. |
|
| Line 448 Same syntax as kern.defcorename. |
|
| .It Li kern.cp_id ( KERN_CP_ID ) |
.It Li kern.cp_id ( KERN_CP_ID ) |
| Mapping of CPU number to CPU id. |
Mapping of CPU number to CPU id. |
| .It Li kern.cp_time ( KERN_CP_TIME ) |
.It Li kern.cp_time ( KERN_CP_TIME ) |
| Returns an array of CPUSTATES uint64_ts. |
Returns an array of |
| |
.Dv CPUSTATES |
| |
.Vt uint64_t Ns s. |
| This array contains the |
This array contains the |
| number of clock ticks spent in different CPU states. |
number of clock ticks spent in different CPU states. |
| On multi-processor systems, the sum across all CPUs is returned unless |
On multi-processor systems, the sum across all CPUs is returned unless |
|
|
| .Xr core 5 |
.Xr core 5 |
| for format of this template). |
for format of this template). |
| The default value is |
The default value is |
| .Nm %n.core |
.Pa %n.core |
| and can be changed with the kernel configuration option |
and can be changed with the kernel configuration option |
| .Cd options DEFCORENAME |
.Cd options DEFCORENAME |
| (see |
(see |
| Line 456 Detach all devices at shutdown. |
|
| Line 493 Detach all devices at shutdown. |
|
| Get or set the YP domain name. |
Get or set the YP domain name. |
| .It Li kern.drivers ( KERN_DRIVERS ) |
.It Li kern.drivers ( KERN_DRIVERS ) |
| Return an array of |
Return an array of |
| .Va struct kinfo_drivers |
.Vt struct kinfo_drivers |
| that contains the name and major device numbers of all the device drivers |
that contains the name and major device numbers of all the device drivers |
| in the current kernel. |
in the current kernel. |
| The |
The |
| Line 471 Perform a crash dump on system |
|
| Line 508 Perform a crash dump on system |
|
| .It Li kern.file ( KERN_FILE ) |
.It Li kern.file ( KERN_FILE ) |
| Return the entire file table. |
Return the entire file table. |
| The returned data consists of a single |
The returned data consists of a single |
| .Va struct filelist |
.Vt struct filelist |
| followed by an array of |
followed by an array of |
| .Va struct file , |
.Vt struct file , |
| whose size depends on the current number of such objects in the system. |
whose size depends on the current number of such objects in the system. |
| .It Li kern.forkfsleep ( KERN_FORKFSLEEP ) |
.It Li kern.forkfsleep ( KERN_FORKFSLEEP ) |
| If |
If |
| Line 489 Maximum is 20 seconds. |
|
| Line 526 Maximum is 20 seconds. |
|
| .It Li kern.fscale ( KERN_FSCALE ) |
.It Li kern.fscale ( KERN_FSCALE ) |
| The kernel fixed-point scale factor. |
The kernel fixed-point scale factor. |
| .It Li kern.fsync ( KERN_FSYNC ) |
.It Li kern.fsync ( KERN_FSYNC ) |
| Return 1 if the POSIX 1003.1b File Synchronization Option is available |
Return 1 if the |
| |
.St -p1003.1b-93 |
| |
File Synchronization Option is available |
| on this system, |
on this system, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.hardclock_ticks ( KERN_HARDCLOCK_TICKS ) |
.It Li kern.hardclock_ticks ( KERN_HARDCLOCK_TICKS ) |
| Returns the number of |
Returns the number of |
| .Xr hardclock 9 |
.Xr hardclock 9 |
|
|
| .Xr hostname 1 . |
.Xr hostname 1 . |
| .It Li kern.iov_max ( KERN_IOV_MAX ) |
.It Li kern.iov_max ( KERN_IOV_MAX ) |
| Return the maximum number of |
Return the maximum number of |
| .Va iovec |
.Vt iovec |
| structures that a process has available for use with |
structures that a process has available for use with |
| .Xr preadv 2 , |
.Xr preadv 2 , |
| .Xr pwritev 2 , |
.Xr pwritev 2 , |
| Line 541 The third level names for the ipc variab |
|
| Line 580 The third level names for the ipc variab |
|
| .It Li kern.ipc.sysvmsg ( KERN_SYSVIPC_MSG ) |
.It Li kern.ipc.sysvmsg ( KERN_SYSVIPC_MSG ) |
| Returns 1 if System V style message queue functionality is available |
Returns 1 if System V style message queue functionality is available |
| on this system, |
on this system, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.ipc.sysvsem ( KERN_SYSVIPC_SEM ) |
.It Li kern.ipc.sysvsem ( KERN_SYSVIPC_SEM ) |
| Returns 1 if System V style semaphore functionality is available |
Returns 1 if System V style semaphore functionality is available |
| on this system, |
on this system, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.ipc.sysvshm ( KERN_SYSVIPC_SHM ) |
.It Li kern.ipc.sysvshm ( KERN_SYSVIPC_SHM ) |
| Returns 1 if System V style share memory functionality is available |
Returns 1 if System V style share memory functionality is available |
| on this system, |
on this system, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.ipc.sysvipc_info ( KERN_SYSVIPC_INFO ) |
.It Li kern.ipc.sysvipc_info ( KERN_SYSVIPC_INFO ) |
| Return System V style IPC configuration and run-time information. |
Return System V style IPC configuration and run-time information. |
| The fourth level name selects the System V style IPC facility. |
The fourth level name selects the System V style IPC facility. |
| Line 604 Max number of number of semaphores in sy |
|
| Line 643 Max number of number of semaphores in sy |
|
| Max number of undo structures in system. |
Max number of undo structures in system. |
| .El |
.El |
| .It Li kern.job_control ( KERN_JOB_CONTROL ) |
.It Li kern.job_control ( KERN_JOB_CONTROL ) |
| Return 1 if job control is available on this system, otherwise 0. |
Return 1 if job control is available on this system, otherwise\ 0. |
| .It Li kern.labeloffset ( KERN_LABELOFFSET ) |
.It Li kern.labeloffset ( KERN_LABELOFFSET ) |
| The offset within the sector specified by KERN_LABELSECTOR of the |
The offset within the sector specified by |
| |
.Dv KERN_LABELSECTOR |
| |
of the |
| .Xr disklabel 5 . |
.Xr disklabel 5 . |
| .It Li kern.labelsector ( KERN_LABELSECTOR ) |
.It Li kern.labelsector ( KERN_LABELSECTOR ) |
| The sector number containing the |
The sector number containing the |
| Line 621 all process exits due to signals which c |
|
| Line 662 all process exits due to signals which c |
|
| .Xr core 5 |
.Xr core 5 |
| file, and whether the coredump was created. |
file, and whether the coredump was created. |
| .It Li kern.mapped_files ( KERN_MAPPED_FILES ) |
.It Li kern.mapped_files ( KERN_MAPPED_FILES ) |
| Returns 1 if the POSIX 1003.1b Memory Mapped Files Option is available |
Returns 1 if the |
| on this system, |
.St -p1003.1b-93 |
| otherwise 0. |
Memory Mapped Files Option is available on this system, |
| |
otherwise\ 0. |
| .It Li kern.maxfiles ( KERN_MAXFILES ) |
.It Li kern.maxfiles ( KERN_MAXFILES ) |
| The maximum number of open files that may be open in the system. |
The maximum number of open files that may be open in the system. |
| .It Li kern.maxpartitions ( KERN_MAXPARTITIONS ) |
.It Li kern.maxpartitions ( KERN_MAXPARTITIONS ) |
| The maximum number of partitions allowed per disk. |
The maximum number of partitions allowed per disk. |
| |
.It Li kern.maxlwp |
| |
The maximum number of Lightweight Processes (threads) the system allows |
| |
per uid. |
| .It Li kern.maxphys ( KERN_MAXPHYS ) |
.It Li kern.maxphys ( KERN_MAXPHYS ) |
| Maximum raw I/O transfer size. |
Maximum raw I/O transfer size. |
| .It Li kern.maxproc ( KERN_MAXPROC ) |
.It Li kern.maxproc ( KERN_MAXPROC ) |
| Line 675 The variable can only be increased, and |
|
| Line 720 The variable can only be increased, and |
|
| direct-mapped pool pages. |
direct-mapped pool pages. |
| .El |
.El |
| .It Li kern.memlock ( KERN_MEMLOCK ) |
.It Li kern.memlock ( KERN_MEMLOCK ) |
| Returns 1 if the POSIX 1003.1b Process Memory Locking Option is available |
Returns 1 if the |
| on this system, |
.St -p1003.1b-93 |
| otherwise 0. |
Process Memory Locking Option is available on this system, |
| |
otherwise\ 0. |
| .It Li kern.memlock_range ( KERN_MEMLOCK_RANGE ) |
.It Li kern.memlock_range ( KERN_MEMLOCK_RANGE ) |
| Returns 1 if the POSIX 1003.1b Range Memory Locking Option is available |
Returns 1 if the |
| on this system, |
.St -p1003.1b-93 |
| otherwise 0. |
Range Memory Locking Option is available on this system, |
| |
otherwise\ 0. |
| .It Li kern.memory_protection ( KERN_MEMORY_PROTECTION ) |
.It Li kern.memory_protection ( KERN_MEMORY_PROTECTION ) |
| Returns 1 if the POSIX 1003.1b Memory Protection Option is available |
Returns 1 if the |
| on this system, |
.St -p1003.1b-93 |
| otherwise 0. |
Memory Protection Option is available on this system, |
| |
otherwise\ 0. |
| .It Li kern.module |
.It Li kern.module |
| Settings related to kernel modules. |
Settings related to kernel modules. |
| The third level names for the settings are described below. |
The third level names for the settings are described below. |
| .Bl -column "kern.module.autoload" "integer" "Changeable" -offset indent |
.Bl -column "kern.module.autoload" "integer" "Changeable" -offset indent |
| .It Sy Third level name Type Changeable |
.It Sy Third level name Type Changeable |
| .It kern.module.autoload integer yes |
.It kern.module.autoload integer yes |
| |
.It kern.module.autotime integer yes |
| .It kern.module.verbose integer yes |
.It kern.module.verbose integer yes |
| .El |
.El |
| .Pp |
.Pp |
| Line 700 The variables are as follows: |
|
| Line 749 The variables are as follows: |
|
| .It Li kern.module.autoload |
.It Li kern.module.autoload |
| A boolean that controls whether kernel modules are loaded automatically. |
A boolean that controls whether kernel modules are loaded automatically. |
| See |
See |
| .Xr module 9 |
.Xr module 7 |
| for additional details. |
for additional details. |
| |
.It Li kern.module.autotime |
| |
An integer that controls the delay before an attempt is made to |
| |
automatically unload a module that was auto-loaded. |
| |
Setting this value to zero disables the auto-unload function. |
| .It Li kern.module.verbose |
.It Li kern.module.verbose |
| A boolean that enables or disables verbose |
A boolean that enables or disables verbose |
| debug messages related to kernel modules. |
debug messages related to kernel modules. |
| .El |
.El |
| .It Li kern.monotonic_clock ( KERN_MONOTONIC_CLOCK ) |
.It Li kern.monotonic_clock ( KERN_MONOTONIC_CLOCK ) |
| Returns the standard version the implementation of the POSIX 1003.1b |
Returns the standard version the implementation of the |
| |
.St -p1003.1b-93 |
| Monotonic Clock Option conforms to, |
Monotonic Clock Option conforms to, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.mqueue |
.It Li kern.mqueue |
| Settings related to |
Settings related to |
| .Tn POSIX |
.Tn POSIX |
| Line 752 The maximum number of supplemental group |
|
| Line 806 The maximum number of supplemental group |
|
| .\" XXX: Undocumented. |
.\" XXX: Undocumented. |
| .It Li kern.ntptime ( KERN_NTPTIME ) |
.It Li kern.ntptime ( KERN_NTPTIME ) |
| A |
A |
| .Va struct ntptimeval |
.Vt struct ntptimeval |
| structure is returned. |
structure is returned. |
| This structure contains data used by the |
This structure contains data used by the |
| .Xr ntpd 8 |
.Xr ntpd 8 |
| Line 784 The variables are as follows: |
|
| Line 838 The variables are as follows: |
|
| .It Li kern.pipe.kvasiz ( KERN_PIPE_KVASIZ ) |
.It Li kern.pipe.kvasiz ( KERN_PIPE_KVASIZ ) |
| Amount of kernel memory consumed by pipe buffers. |
Amount of kernel memory consumed by pipe buffers. |
| .It Li kern.pipe.maxbigpipes ( KERN_PIPE_MAXBIGPIPES ) |
.It Li kern.pipe.maxbigpipes ( KERN_PIPE_MAXBIGPIPES ) |
| Maximum number of "big" pipes. |
Maximum number of |
| |
.Dq big |
| |
pipes. |
| .It Li kern.pipe.maxkvasz ( KERN_PIPE_MAXKVASZ ) |
.It Li kern.pipe.maxkvasz ( KERN_PIPE_MAXKVASZ ) |
| Maximum amount of kernel memory to be used for pipes. |
Maximum amount of kernel memory to be used for pipes. |
| .It Li kern.pipe.limitkva ( KERN_PIPE_LIMITKVA ) |
.It Li kern.pipe.limitkva ( KERN_PIPE_LIMITKVA ) |
| Limit for direct transfers via page loan. |
Limit for direct transfers via page loan. |
| .It Li kern.pipe.nbigpipes ( KERN_PIPE_NBIGPIPES ) |
.It Li kern.pipe.nbigpipes ( KERN_PIPE_NBIGPIPES ) |
| Number of "big" pipes. |
Number of |
| .El |
.Dq big |
| |
pipes. |
| |
.El |
| |
.It Li kern.pool |
| |
Provides statistics about the |
| |
.Xr pool 9 |
| |
and |
| |
.Xr pool_cache 9 |
| |
subsystems. |
| .\" XXX: Undocumented .It Li kern.posix ( ? ) |
.\" XXX: Undocumented .It Li kern.posix ( ? ) |
| .\" This is a node in which the only variable is semmax. |
.\" This is a node in which the only variable is semmax. |
| .It Li kern.posix1version ( KERN_POSIX1 ) |
.It Li kern.posix1version ( KERN_POSIX1 ) |
| The version of ISO/IEC 9945 (POSIX 1003.1) with which the system |
The version of ISO/IEC 9945 |
| attempts to comply. |
.Pq St -p1003.1 |
| |
with which the system attempts to comply. |
| .It Li kern.posix_aio |
.It Li kern.posix_aio |
| The version of |
The version of |
| .St -p1003.1 |
.St -p1003.1 |
|
|
| and its |
and its |
| Barriers |
Barriers |
| option to which the system attempts to conform, |
option to which the system attempts to conform, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.posix_reader_writer_locks ( KERN_POSIX_READER_WRITER_LOCKS ) |
.It Li kern.posix_reader_writer_locks ( KERN_POSIX_READER_WRITER_LOCKS ) |
| The version of |
The version of |
| .St -p1003.1 |
.St -p1003.1 |
| and its |
and its |
| Read-Write Locks |
Read-Write Locks |
| option to which the system attempts to conform, |
option to which the system attempts to conform, |
| otherwise 0. |
otherwise\ 0. |
| .\".It Li kern.posix_sched |
.\".It Li kern.posix_sched |
| .\" XXX: Undocumented. |
.\" XXX: Undocumented. |
| .It Li kern.posix_semaphores ( KERN_POSIX_SEMAPHORES ) |
.It Li kern.posix_semaphores ( KERN_POSIX_SEMAPHORES ) |
|
|
| and its |
and its |
| Semaphores |
Semaphores |
| option to which the system attempts to conform, |
option to which the system attempts to conform, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.posix_spin_locks ( KERN_POSIX_SPIN_LOCKS ) |
.It Li kern.posix_spin_locks ( KERN_POSIX_SPIN_LOCKS ) |
| The version of |
The version of |
| .St -p1003.1 |
.St -p1003.1 |
| and its |
and its |
| Spin Locks |
Spin Locks |
| option to which the system attempts to conform, |
option to which the system attempts to conform, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.posix_threads ( KERN_POSIX_THREADS ) |
.It Li kern.posix_threads ( KERN_POSIX_THREADS ) |
| The version of |
The version of |
| .St -p1003.1 |
.St -p1003.1 |
| and its |
and its |
| Threads |
Threads |
| option to which the system attempts to conform, |
option to which the system attempts to conform, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.posix_timers ( KERN_POSIX_TIMERS ) |
.It Li kern.posix_timers ( KERN_POSIX_TIMERS ) |
| The version of |
The version of |
| .St -p1003.1 |
.St -p1003.1 |
| and its |
and its |
| Timers |
Timers |
| option to which the system attempts to conform, |
option to which the system attempts to conform, |
| otherwise 0. |
otherwise\ 0. |
| .It Li kern.proc ( KERN_PROC ) |
.It Li kern.proc ( KERN_PROC ) |
| Return the entire process table, or a subset of it. |
Return the entire process table, or a subset of it. |
| An array of |
An array of |
| .Va struct kinfo_proc |
.Vt struct kinfo_proc |
| structures is returned, |
structures is returned, |
| whose size depends on the current number of such objects in the system. |
whose size depends on the current number of such objects in the system. |
| The third and fourth level numeric names are as follows: |
The third and fourth level numeric names are as follows: |
| Line 865 The third and fourth level numeric names |
|
| Line 930 The third and fourth level numeric names |
|
| .It KERN_PROC_UID A user ID |
.It KERN_PROC_UID A user ID |
| .El |
.El |
| .It Li kern.proc2 ( KERN_PROC2 ) |
.It Li kern.proc2 ( KERN_PROC2 ) |
| As for KERN_PROC, but an array of |
As for |
| .Va struct kinfo_proc2 |
.Dv KERN_PROC , |
| |
but an array of |
| |
.Vt struct kinfo_proc2 |
| structures are returned. |
structures are returned. |
| The fifth level name is the size of the |
The fifth level name is the size of the |
| .Va struct kinfo_proc2 |
.Vt struct kinfo_proc2 |
| and the sixth level name is the number of structures to return. |
and the sixth level name is the number of structures to return. |
| .It Li kern.proc_args ( KERN_PROC_ARGS ) |
.It Li kern.proc_args ( KERN_PROC_ARGS ) |
| Return the argv or environment strings (or the number thereof) |
Return the argv or environment strings (or the number thereof) |
| Line 886 The fourth level name is as follows: |
|
| Line 953 The fourth level name is as follows: |
|
| .It Li kern.profiling ( KERN_PROF ) |
.It Li kern.profiling ( KERN_PROF ) |
| Return profiling information about the kernel. |
Return profiling information about the kernel. |
| If the kernel is not compiled for profiling, |
If the kernel is not compiled for profiling, |
| attempts to retrieve any of the KERN_PROF values will |
attempts to retrieve any of the |
| fail with |
.Dv KERN_PROF |
| |
values will fail with |
| .Er EOPNOTSUPP . |
.Er EOPNOTSUPP . |
| The third level names for the string and integer profiling information |
The third level names for the string and integer profiling information |
| is detailed below. |
is detailed below. |
| Line 912 Array indexed by program counter of call |
|
| Line 980 Array indexed by program counter of call |
|
| Structure giving the sizes of the above arrays. |
Structure giving the sizes of the above arrays. |
| .It Li kern.profiling.state ( GPROF_STATE ) |
.It Li kern.profiling.state ( GPROF_STATE ) |
| Profiling state. |
Profiling state. |
| If set to GMON_PROF_ON, starts profiling. |
If set to |
| If set to GMON_PROF_OFF, stops profiling. |
.Dv GMON_PROF_ON , |
| |
starts profiling. |
| |
If set to |
| |
.Dv GMON_PROF_OFF , |
| |
stops profiling. |
| .It Li kern.profiling.tos ( GPROF_TOS ) |
.It Li kern.profiling.tos ( GPROF_TOS ) |
| Array of |
Array of |
| .Va struct tostruct |
.Vt struct tostruct |
| describing destination of calls and their counts. |
describing destination of calls and their counts. |
| .El |
.El |
| .\" .It Li kern.pset |
.\" .It Li kern.pset |
|
|
| Maximum amount of kernel memory to be used for socket buffers. |
Maximum amount of kernel memory to be used for socket buffers. |
| .\" XXX units? |
.\" XXX units? |
| .It Li kern.synchronized_io ( KERN_SYNCHRONIZED_IO ) |
.It Li kern.synchronized_io ( KERN_SYNCHRONIZED_IO ) |
| Returns 1 if the POSIX 1003.1b Synchronized I/O Option is available |
Returns 1 if the |
| on this system, |
.St -p1003.1b-93 |
| otherwise 0. |
Synchronized I/O Option is available on this system, |
| |
otherwise\ 0. |
| .It Li kern.timecounter ( dynamic ) |
.It Li kern.timecounter ( dynamic ) |
| Display and control the timecounter source of the system. |
Display and control the timecounter source of the system. |
| .Bl -column "kern.timecounter.timestepwarnings" "integer" "Changeable" -offset indent |
.Bl -column "kern.timecounter.timestepwarnings" "integer" "Changeable" -offset indent |
| Line 992 The total number of output characters. |
|
| Line 1065 The total number of output characters. |
|
| .It Li kern.tkstat.rawcc ( KERN_TKSTAT_RAWCC ) |
.It Li kern.tkstat.rawcc ( KERN_TKSTAT_RAWCC ) |
| The number of raw input characters. |
The number of raw input characters. |
| .El |
.El |
| |
.It Li kern.tty |
| |
The third level names for the tty setup variables are detailed below. |
| |
The changeable column shows whether a process |
| |
with appropriate privilege may change the value. |
| |
.Bl -column "kern.tty.qsize" "int" "Changeable" -offset indent |
| |
.It Sy Third level name Type Changeable |
| |
.It kern.tty.qsize int yes |
| |
.El |
| |
.Pp |
| |
The variables are as follows: |
| |
.Bl -tag -width "123456" |
| |
.It Li kern.tty.qsize |
| |
Control/display the size of the default input and output queues selected |
| |
during tty creation. |
| |
Is converted to a power of two and its range is between |
| |
.Dv 1024 |
| |
and |
| |
.Dv 65536 . |
| |
.El |
| |
.It Li kern.uidinfo |
| |
Resource usage for the current user. |
| |
.Bl -column "kern.uidinfo.proccnt" "integer" "Changeable" -offset indent |
| |
.It Sy Third level name Type Changeable |
| |
.It kern.uidinfo.proccnt integer no |
| |
.It kern.uidinfo.lwpcnt integer no |
| |
.It kern.uidinfo.lockcnt integer no |
| |
.It kern.uidinfo.sbsize integer no |
| |
.El |
| |
.Bl -tag -width "123456" |
| |
.It Li kern.uidinfo.proccnt |
| |
Returns the number of active processes for the current user. |
| |
.It Li kern.uidinfo.lwpcnt |
| |
Returns the number of active threads for the current user; the first thread |
| |
of each process is not counted. |
| |
.It Li kern.uidinfo.lockcnt |
| |
Number of locks held by the current user. |
| |
.It Li kern.uidinfo.sbsize |
| |
Number of bytes in socket buffers allocated to the current user. |
| |
.El |
| .It Li kern.urandom ( KERN_URND ) |
.It Li kern.urandom ( KERN_URND ) |
| Random integer value. |
Random integer value. |
| .It Li kern.usercrypto |
.It Li kern.usercrypto |
| Line 1025 Each mount will be under its own |
|
| Line 1137 Each mount will be under its own |
|
| .No tableN |
.No tableN |
| node. |
node. |
| Under each node there will be three variables, indicating the mount |
Under each node there will be three variables, indicating the mount |
| point, the file-system type, and the number of entries. |
point, the file system type, and the number of entries. |
| .It Li kern.veriexec.strict |
.It Li kern.veriexec.strict |
| Controls the strict level of Veriexec. |
Controls the strict level of Veriexec. |
| See |
See |
| .Xr security 8 |
.Xr security 7 |
| for more information on each level's implications. |
for more information on each level's implications. |
| .It Li kern.veriexec.verbose |
.It Li kern.veriexec.verbose |
| Controls the verbosity level of Veriexec. |
Controls the verbosity level of Veriexec. |
|
|
| The returned data consists of an array whose size depends on the |
The returned data consists of an array whose size depends on the |
| current number of such objects in the system. |
current number of such objects in the system. |
| Each element of the array contains the kernel address of a vnode |
Each element of the array contains the kernel address of a vnode |
| .Va struct vnode * |
.Vt struct vnode * |
| followed by the vnode itself |
followed by the vnode itself |
| .Va struct vnode . |
.Vt struct vnode . |
| .\" XXX: Undocumented: kern.lwp: no children? |
.\" XXX: Undocumented: kern.lwp: no children? |
| .El |
.El |
| .Ss The machdep.* subtree |
.Ss The machdep.* subtree |
| Line 1088 The data is returned as a sequence of ro |
|
| Line 1200 The data is returned as a sequence of ro |
|
| for the header file, format and meaning). |
for the header file, format and meaning). |
| The length of each message is contained in the message header. |
The length of each message is contained in the message header. |
| .Pp |
.Pp |
| The third level name is a protocol number, which is currently always 0. |
The third level name is a protocol number, which is currently always\ 0. |
| The fourth level name is an address family, which may be set to 0 to |
The fourth level name is an address family, which may be set to 0 to |
| select all address families. |
select all address families. |
| The fifth and sixth level names are as follows: |
The fifth and sixth level names are as follows: |
| Line 1108 The currently defined protocols and name |
|
| Line 1220 The currently defined protocols and name |
|
| .It Sy Protocol name Variable name Type Changeable |
.It Sy Protocol name Variable name Type Changeable |
| .It arp down integer yes |
.It arp down integer yes |
| .It arp keep integer yes |
.It arp keep integer yes |
| |
.It arp log_movements integer yes |
| |
.It arp log_permanent_modify integer yes |
| |
.It arp log_wrong_iface integer yes |
| .It arp prune integer yes |
.It arp prune integer yes |
| .It arp refresh integer yes |
.It arp refresh integer yes |
| .It carp allow integer yes |
.It carp allow integer yes |
| Line 1120 The currently defined protocols and name |
|
| Line 1235 The currently defined protocols and name |
|
| .It icmp redirtimeout integer yes |
.It icmp redirtimeout integer yes |
| .It icmp bmcastecho integer yes |
.It icmp bmcastecho integer yes |
| .It ip allowsrcrt integer yes |
.It ip allowsrcrt integer yes |
| |
.It ip anonportalgo.selected string yes |
| |
.It ip anonportalgo.available string yes |
| |
.It ip anonportalgo.reserve struct yes |
| .It ip anonportmax integer yes |
.It ip anonportmax integer yes |
| .It ip anonportmin integer yes |
.It ip anonportmin integer yes |
| .It ip checkinterface integer yes |
.It ip checkinterface integer yes |
| Line 1222 believes it can send advertisements more |
|
| Line 1340 believes it can send advertisements more |
|
| Disabled by default. |
Disabled by default. |
| .It Li ip.allowsrcrt |
.It Li ip.allowsrcrt |
| If set to 1, the host accepts source routed packets. |
If set to 1, the host accepts source routed packets. |
| |
.It Li ip.anonportalgo.available |
| |
The available RFC 6056 port randomization algorithms. |
| |
.It Li ip.anonportalgo.reserve |
| |
A bitmask of ports that will not be used during anonymous or privileged |
| |
port selection. |
| |
.It Li ip.anonportalgo.selected |
| |
The currently selected RFC 6056 port randomization algorithm. |
| .It Li ip.anonportmax |
.It Li ip.anonportmax |
| The highest port number to use for TCP and UDP ephemeral port allocation. |
The highest port number to use for TCP and UDP ephemeral port allocation. |
| This cannot be set to less than 1024 or greater than 65535, and must |
This cannot be set to less than 1024 or greater than 65535, and must |
| Line 1359 Number of ticks to delay sending an ACK. |
|
| Line 1484 Number of ticks to delay sending an ACK. |
|
| Perform TCP checksum on loopback. |
Perform TCP checksum on loopback. |
| .It Li tcp.init_win |
.It Li tcp.init_win |
| A value indicating the TCP initial congestion window. |
A value indicating the TCP initial congestion window. |
| If this value is 0, an auto-tuning algorithm designed to use an initial |
The valid range |
| window of approximately 4K bytes is in use. |
is 0 to 10 (maximum specified by draft-ietf-tcpm-initcwnd-08.txt), |
| Otherwise, this value indicates a fixed number of packets. |
with a default of 4 (approximately 4K per RFC3390). |
| .It Li tcp.init_win_local |
.It Li tcp.init_win_local |
| Like |
Like |
| .Li tcp.init_win , |
.Li tcp.init_win , |
| Line 1458 It has no effect unless tcp.abc.enable i |
|
| Line 1583 It has no effect unless tcp.abc.enable i |
|
| If set to 1, UDP checksums are being computed. |
If set to 1, UDP checksums are being computed. |
| Received non-zero UDP checksums are always checked. |
Received non-zero UDP checksums are always checked. |
| Disabling UDP checksums is strongly discouraged. |
Disabling UDP checksums is strongly discouraged. |
| .It Li udp.sendspace |
|
| The default UDP send buffer size. |
|
| .It Li udp.recvspace |
.It Li udp.recvspace |
| The default UDP receive buffer size. |
The default UDP receive buffer size. |
| |
.It Li udp.sendspace |
| |
The default UDP send buffer size. |
| .El |
.El |
| .Pp |
.Pp |
| For variables net.*.ipsec, please refer to |
For variables net.*.ipsec, please refer to |
| Line 1488 The currently defined protocols and name |
|
| Line 1613 The currently defined protocols and name |
|
| .It icmp6 rediraccept integer yes |
.It icmp6 rediraccept integer yes |
| .It icmp6 redirtimeout integer yes |
.It icmp6 redirtimeout integer yes |
| .It ip6 accept_rtadv integer yes |
.It ip6 accept_rtadv integer yes |
| |
.It ip6 anonportalgo.selected string yes |
| |
.It ip6 anonportalgo.available string yes |
| |
.It ip6 anonportalgo.reserve struct yes |
| .It ip6 anonportmax integer yes |
.It ip6 anonportmax integer yes |
| .It ip6 anonportmin integer yes |
.It ip6 anonportmin integer yes |
| .It ip6 auto_flowlabel integer yes |
.It ip6 auto_flowlabel integer yes |
| Line 1503 The currently defined protocols and name |
|
| Line 1631 The currently defined protocols and name |
|
| .It ip6 log_interval integer yes |
.It ip6 log_interval integer yes |
| .It ip6 lowportmax integer yes |
.It ip6 lowportmax integer yes |
| .It ip6 lowportmin integer yes |
.It ip6 lowportmin integer yes |
| |
.It ip6 maxdynroutes integer yes |
| |
.It ip6 maxifprefixes integer yes |
| |
.It ip6 maxifdefrouters integer yes |
| .It ip6 maxflows integer yes |
.It ip6 maxflows integer yes |
| .It ip6 maxfragpackets integer yes |
.It ip6 maxfragpackets integer yes |
| .It ip6 maxfrags integer yes |
.It ip6 maxfrags integer yes |
| |
.It ip6 neighborgcthresh integer yes |
| .It ip6 redirect integer yes |
.It ip6 redirect integer yes |
| .It ip6 rr_prune integer yes |
.It ip6 rr_prune integer yes |
| .It ip6 use_deprecated integer yes |
.It ip6 use_deprecated integer yes |
| Line 1523 and autoconfigures address prefixes and |
|
| Line 1655 and autoconfigures address prefixes and |
|
| The node must be a host |
The node must be a host |
| .Pq not a router |
.Pq not a router |
| for the option to be meaningful. |
for the option to be meaningful. |
| |
.It Li ip6.anonportalgo.available |
| |
The available RFC 6056 port randomization algorithms. |
| |
.It Li ip6.anonportalgo.reserve |
| |
A bitmask of ports that will not be used during anonymous or privileged |
| |
port selection. |
| |
.It Li ip6.anonportalgo.selected |
| |
The currently selected RFC 6056 port randomization algorithm. |
| .It Li ip6.anonportmax |
.It Li ip6.anonportmax |
| The highest port number to use for TCP and UDP ephemeral port allocation. |
The highest port number to use for TCP and UDP ephemeral port allocation. |
| This cannot be set to less than 1024 or greater than 65535, and must |
This cannot be set to less than 1024 or greater than 65535, and must |
| Line 1566 The number of IPv6 extension headers per |
|
| Line 1705 The number of IPv6 extension headers per |
|
| If set to 0, the node will accept as many extension headers as possible. |
If set to 0, the node will accept as many extension headers as possible. |
| .It Li ip6.hashsize |
.It Li ip6.hashsize |
| The size of IPv6 Fast Forward hash table. |
The size of IPv6 Fast Forward hash table. |
| This value must be a power of 2 (64, 256...). |
This value must be a power of 2 (64, 256, ...). |
| A larger hash table size results in fewer collisions. |
A larger hash table size results in fewer collisions. |
| Also see |
Also see |
| .Li ip6.maxflows . |
.Li ip6.maxflows . |
| Line 1600 The lowest port number to use for TCP an |
|
| Line 1739 The lowest port number to use for TCP an |
|
| This cannot be set to less than 0 or greater than 1024, and must |
This cannot be set to less than 0 or greater than 1024, and must |
| be smaller than |
be smaller than |
| .Li ip6.lowportmax . |
.Li ip6.lowportmax . |
| |
.It Li ip6.maxdynroutes |
| |
Maximum number of routes created by redirect. |
| |
Set it to negative to disable. |
| |
The default value is 4096. |
| |
.It Li ip6.maxifprefixes |
| |
Maximum number of prefixes created by route advertisements per interface. |
| |
Set it to negative to disable. |
| |
The default value is 16. |
| |
.It Li ip6.maxifdefrouters 16 |
| |
Maximum number of default routers created by route advertisements per interface. |
| |
Set it to negative to disable. |
| |
The default value is 16. |
| .It Li ip6.maxflows |
.It Li ip6.maxflows |
| IPv6 Fast Forwarding is enabled by default. |
IPv6 Fast Forwarding is enabled by default. |
| If set to 0, IPv6 Fast Forwarding is disabled. |
If set to 0, IPv6 Fast Forwarding is disabled. |
| Line 1616 The maximum number of fragments the node |
|
| Line 1767 The maximum number of fragments the node |
|
| 0 means that the node will not accept any fragments. |
0 means that the node will not accept any fragments. |
| \-1 means that the node will accept as many fragments as it receives. |
\-1 means that the node will accept as many fragments as it receives. |
| The flag is provided basically for avoiding possible DoS attacks. |
The flag is provided basically for avoiding possible DoS attacks. |
| |
.It Li ip6.neighborgcthresh |
| |
Maximum number of entries in neighbor cache. |
| |
Set to negative to disable. |
| |
The default value is 2048. |
| .It Li ip6.redirect |
.It Li ip6.redirect |
| If set to 1, ICMPv6 redirects may be sent by the node. |
If set to 1, ICMPv6 redirects may be sent by the node. |
| This option is ignored unless the node is routing IP packets, |
This option is ignored unless the node is routing IP packets, |
| Line 1741 The currently defined variable and names |
|
| Line 1896 The currently defined variable and names |
|
| .Bl -column "blockacq_lifetime" "integer" "Changeable" -offset indent |
.Bl -column "blockacq_lifetime" "integer" "Changeable" -offset indent |
| .It Sy Variable name Type Changeable |
.It Sy Variable name Type Changeable |
| .It debug integer yes |
.It debug integer yes |
| |
.It enabled integer yes |
| |
.It used integer no |
| .It spi_try integer yes |
.It spi_try integer yes |
| .It spi_min_value integer yes |
.It spi_min_value integer yes |
| .It spi_max_value integer yes |
.It spi_max_value integer yes |
| Line 1757 The variables are as follows: |
|
| Line 1914 The variables are as follows: |
|
| .It Li debug |
.It Li debug |
| Turn on debugging message from within the kernel. |
Turn on debugging message from within the kernel. |
| The value is a bitmap, as defined in |
The value is a bitmap, as defined in |
| .Pa /usr/include/netkey/key_debug.h . |
.In netkey/key_debug.h . |
| |
.It Li enabled |
| |
Control processing of IPsec control messages. |
| |
.Bl -tag -width indent |
| |
.It 0 |
| |
Never allow IPsec processing |
| |
.It 1 |
| |
Allow IPsec processing when SPD policies are present. |
| |
.It 2 |
| |
Force IPsec processing even when SPD policies are not present. |
| |
.El |
| |
.It Li used |
| |
Based on if IPsec is enabled, and SPD rule existance, show if |
| |
IPsec is being used. |
| |
Note that currenly once IPsec is being used, it cannot be disabled. |
| .It Li spi_try |
.It Li spi_try |
| The number of times the kernel will try to obtain an unique SPI |
The number of times the kernel will try to obtain an unique SPI |
| when it generates it from random number generator. |
when it generates it from random number generator. |
| Line 1816 The template used for the core dump file |
|
| Line 1987 The template used for the core dump file |
|
| .Xr core 5 |
.Xr core 5 |
| for details). |
for details). |
| The base name must either be |
The base name must either be |
| .Nm core |
.Pa core |
| or end with the suffix ``.core'' (the super-user may set arbitrary names). |
or end with the suffix |
| By default it points to KERN_DEFCORENAME. |
.Pa .core |
| |
(the super-user may set arbitrary names). |
| |
By default it points to |
| |
.Dv KERN_DEFCORENAME . |
| .It Li proc.pid.rlimit ( PROC_PID_LIMIT ) |
.It Li proc.pid.rlimit ( PROC_PID_LIMIT ) |
| Return resources limits, as defined for the |
Return resources limits, as defined for the |
| .Xr getrlimit 2 |
.Xr getrlimit 2 |
|
|
| .Xr setrlimit 2 |
.Xr setrlimit 2 |
| system calls. |
system calls. |
| The fourth level name is one of: |
The fourth level name is one of: |
| .Bl -tag -width PROC_PID_LIMIT_MEMLOCKAA |
.Bl -tag -width "123456" |
| .It Li proc.pid.rlimit.cputime ( PROC_PID_LIMIT_CPU ) |
.It Li proc.pid.rlimit.cputime ( PROC_PID_LIMIT_CPU ) |
| The maximum amount of CPU time (in seconds) to be used by each process. |
The maximum amount of CPU time (in seconds) to be used by each process. |
| .It Li proc.pid.rlimit.filesize ( PROC_PID_LIMIT_FSIZE ) |
.It Li proc.pid.rlimit.filesize ( PROC_PID_LIMIT_FSIZE ) |
|
|
| .El |
.El |
| .Pp |
.Pp |
| The fifth level name is one of |
The fifth level name is one of |
| .Li soft ( PROC_PID_LIMIT_TYPE_SOFT ) or |
.Li soft ( PROC_PID_LIMIT_TYPE_SOFT ) |
| |
or |
| .Li hard ( PROC_PID_LIMIT_TYPE_HARD ) , |
.Li hard ( PROC_PID_LIMIT_TYPE_HARD ) , |
| to select respectively the soft or hard limit. |
to select respectively the soft or hard limit. |
| Both are of type integer. |
Both are of type integer. |
| Line 1988 The maximum length in bytes of a text-pr |
|
| Line 2163 The maximum length in bytes of a text-pr |
|
| line. |
line. |
| .It Li user.posix2_char_term ( USER_POSIX2_CHAR_TERM ) |
.It Li user.posix2_char_term ( USER_POSIX2_CHAR_TERM ) |
| Return 1 if the system supports at least one terminal type capable of |
Return 1 if the system supports at least one terminal type capable of |
| all operations described in POSIX 1003.2, otherwise 0. |
all operations described in |
| |
.St -p1003.2 , |
| |
otherwise\ 0. |
| .It Li user.posix2_c_bind ( USER_POSIX2_C_BIND ) |
.It Li user.posix2_c_bind ( USER_POSIX2_C_BIND ) |
| Return 1 if the system's C-language development facilities support the |
Return 1 if the system's C-language development facilities support the |
| C-Language Bindings Option, otherwise 0. |
C-Language Bindings Option, otherwise\ 0. |
| .It Li user.posix2_c_dev ( USER_POSIX2_C_DEV ) |
.It Li user.posix2_c_dev ( USER_POSIX2_C_DEV ) |
| Return 1 if the system supports the C-Language Development Utilities Option, |
Return 1 if the system supports the C-Language Development Utilities Option, |
| otherwise 0. |
otherwise\ 0. |
| .It Li user.posix2_fort_dev ( USER_POSIX2_FORT_DEV ) |
.It Li user.posix2_fort_dev ( USER_POSIX2_FORT_DEV ) |
| Return 1 if the system supports the FORTRAN Development Utilities Option, |
Return 1 if the system supports the FORTRAN Development Utilities Option, |
| otherwise 0. |
otherwise\ 0. |
| .It Li user.posix2_fort_run ( USER_POSIX2_FORT_RUN ) |
.It Li user.posix2_fort_run ( USER_POSIX2_FORT_RUN ) |
| Return 1 if the system supports the FORTRAN Runtime Utilities Option, |
Return 1 if the system supports the FORTRAN Runtime Utilities Option, |
| otherwise 0. |
otherwise\ 0. |
| .It Li user.posix2_localedef ( USER_POSIX2_LOCALEDEF ) |
.It Li user.posix2_localedef ( USER_POSIX2_LOCALEDEF ) |
| Return 1 if the system supports the creation of locales, otherwise 0. |
Return 1 if the system supports the creation of locales, otherwise\ 0. |
| .It Li user.posix2_sw_dev ( USER_POSIX2_SW_DEV ) |
.It Li user.posix2_sw_dev ( USER_POSIX2_SW_DEV ) |
| Return 1 if the system supports the Software Development Utilities Option, |
Return 1 if the system supports the Software Development Utilities Option, |
| otherwise 0. |
otherwise\ 0. |
| .It Li user.posix2_upe ( USER_POSIX2_UPE ) |
.It Li user.posix2_upe ( USER_POSIX2_UPE ) |
| Return 1 if the system supports the User Portability Utilities Option, |
Return 1 if the system supports the User Portability Utilities Option, |
| otherwise 0. |
otherwise\ 0. |
| .It Li user.posix2_version ( USER_POSIX2_VERSION ) |
.It Li user.posix2_version ( USER_POSIX2_VERSION ) |
| The version of POSIX 1003.2 with which the system attempts to comply. |
The version of |
| |
.St -p1003.2 |
| |
with which the system attempts to comply. |
| .It Li user.re_dup_max ( USER_RE_DUP_MAX ) |
.It Li user.re_dup_max ( USER_RE_DUP_MAX ) |
| The maximum number of repeated occurrences of a regular expression |
The maximum number of repeated occurrences of a regular expression |
| permitted when using interval notation. |
permitted when using interval notation. |
| Line 2081 cached file data. |
|
| Line 2260 cached file data. |
|
| .It Li vm.loadavg ( VM_LOADAVG ) |
.It Li vm.loadavg ( VM_LOADAVG ) |
| Return the load average history. |
Return the load average history. |
| The returned data consists of a |
The returned data consists of a |
| .Va struct loadavg . |
.Vt struct loadavg . |
| .It Li vm.maxslp ( VM_MAXSLP ) |
.It Li vm.maxslp ( VM_MAXSLP ) |
| The value of the maxslp kernel global variable. |
The value of the maxslp kernel global variable. |
| .It Li vm.vmmeter ( VM_METER ) |
.It Li vm.vmmeter ( VM_METER ) |
| Return system wide virtual memory statistics. |
Return system wide virtual memory statistics. |
| The returned data consists of a |
The returned data consists of a |
| .Va struct vmtotal . |
.Vt struct vmtotal . |
| .It vm.user_va0_disable |
.It vm.user_va0_disable |
| A flag which controls whether user processes can map virtual address 0. |
A flag which controls whether user processes can map virtual address\ 0. |
| .It Li vm.uspace ( VM_USPACE ) |
.It Li vm.uspace ( VM_USPACE ) |
| The number of bytes allocated for each kernel stack. |
The number of bytes allocated for each kernel stack. |
| .It Li vm.uvmexp ( VM_UVMEXP ) |
.It Li vm.uvmexp ( VM_UVMEXP ) |
| Return system wide virtual memory statistics. |
Return system wide virtual memory statistics. |
| The returned data consists of a |
The returned data consists of a |
| .Va struct uvmexp . |
.Vt struct uvmexp . |
| .It Li vm.uvmexp2 ( VM_UVMEXP2 ) |
.It Li vm.uvmexp2 ( VM_UVMEXP2 ) |
| Return system wide virtual memory statistics. |
Return system wide virtual memory statistics. |
| The returned data consists of a |
The returned data consists of a |
| .Va struct uvmexp_sysctl . |
.Vt struct uvmexp_sysctl . |
| .\" XXX vm.idlezero |
.\" XXX vm.idlezero |
| .El |
.El |
| .Ss The ddb.* subtree ( CTL_DDB ) |
.Ss The ddb.* subtree ( CTL_DDB ) |
| Line 2134 Number of display lines. |
|
| Line 2313 Number of display lines. |
|
| .It Li ddb.tabstops ( DDBCTL_TABSTOPS ) |
.It Li ddb.tabstops ( DDBCTL_TABSTOPS ) |
| Tab width. |
Tab width. |
| .It Li ddb.onpanic ( DDBCTL_ONPANIC ) |
.It Li ddb.onpanic ( DDBCTL_ONPANIC ) |
| If non-zero, DDB will be entered if the kernel panics. |
If greater than zero, DDB will be entered if the kernel panics. |
| |
A value of 1 causes the system to enter DDB on panic, while a value of 2 |
| |
causes the kernel to attempt to print out a stack trace before entering DDB. |
| |
A value of 0 causes the kernel to attempt to print a stack trace, then |
| |
reboot, while a value of \-1 means neither a stack trace will be printed |
| |
nor DDB entered. |
| .It Li ddb.fromconsole ( DDBCTL_FROMCONSOLE ) |
.It Li ddb.fromconsole ( DDBCTL_FROMCONSOLE ) |
| If not zero, DDB may be entered by sending a break on a serial |
If not zero, DDB may be entered by sending a break on a serial |
| console or by a special key sequence on a graphics console. |
console or by a special key sequence on a graphics console. |
| Line 2204 Settings for PaX -- exploit mitigation f |
|
| Line 2388 Settings for PaX -- exploit mitigation f |
|
| For more information on any of the PaX features, please see |
For more information on any of the PaX features, please see |
| .Xr paxctl 8 |
.Xr paxctl 8 |
| and |
and |
| .Xr security 8 . |
.Xr security 7 . |
| The available third and fourth level names are: |
The available third and fourth level names are: |
| .Bl -column "security.pax.segvguard.suspend_timeout" "integer" "Changeable" \ |
.Bl -column "security.pax.segvguard.suspend_timeout" "integer" "Changeable" \ |
| -offset 2n |
-offset 2n |
| Line 2237 Specifies the default global policy for |
|
| Line 2421 Specifies the default global policy for |
|
| explicit enable/disable flag. |
explicit enable/disable flag. |
| .Pp |
.Pp |
| When non-zero, all programs will get PaX ASLR, except those exempted with |
When non-zero, all programs will get PaX ASLR, except those exempted with |
| .Xr paxctl 8 . |
.Xr paxctl 8 . |
| Otherwise, all programs will not get PaX ASLR, except those specifically |
Otherwise, all programs will not get PaX ASLR, except those specifically |
| marked as such with |
marked as such with |
| .Xr paxctl 8 . |
.Xr paxctl 8 . |
| Line 2260 explicit enable/disable flag. |
|
| Line 2444 explicit enable/disable flag. |
|
| .Pp |
.Pp |
| When non-zero, all programs will get the PaX MPROTECT restrictions, |
When non-zero, all programs will get the PaX MPROTECT restrictions, |
| except those exempted with |
except those exempted with |
| .Xr paxctl 8 . |
.Xr paxctl 8 . |
| Otherwise, all programs will not get the PaX MPROTECT restrictions, |
Otherwise, all programs will not get the PaX MPROTECT restrictions, |
| except those specifically marked as such with |
except those specifically marked as such with |
| .Xr paxctl 8 . |
.Xr paxctl 8 . |
| Line 2285 explicit enable/disable flag. |
|
| Line 2469 explicit enable/disable flag. |
|
| .Pp |
.Pp |
| When non-zero, all programs will get the PaX Segvguard, |
When non-zero, all programs will get the PaX Segvguard, |
| except those exempted with |
except those exempted with |
| .Xr paxctl 8 . |
.Xr paxctl 8 . |
| Otherwise, no program will get the PaX Segvguard restrictions, |
Otherwise, no program will get the PaX Segvguard restrictions, |
| except those specifically marked as such with |
except those specifically marked as such with |
| .Xr paxctl 8 . |
.Xr paxctl 8 . |
| Line 2307 Intended use is to store values under |
|
| Line 2491 Intended use is to store values under |
|
| .Xr sysctl 3 , |
.Xr sysctl 3 , |
| .Xr ipsec 4 , |
.Xr ipsec 4 , |
| .Xr tcp 4 , |
.Xr tcp 4 , |
| .Xr security 8 , |
.Xr security 7 , |
| .Xr sysctl 8 |
.Xr sysctl 8 |
| .Sh HISTORY |
.Sh HISTORY |
| The |
The |
![[BACK]](/icons/back.gif){kind=icon}
Return to sysctl.7 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / share / man / man7