src/share/man/man7/sysctl.7 - diff

Return to sysctl.7 CVS log

Up to [cvs.NetBSD.org] / src / share / man / man7

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/share/man/man7/sysctl.7 between version 1.72 and 1.90

version 1.72, 2012/06/22 14:54:35

version 1.90, 2015/07/11 16:47:49

Line 29

.\"

.\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95

.\"

.Dd June 20, 2012

.Dd July 11, 2015

.Dt SYSCTL 7

.Os

.Sh NAME

Line 164 capabilities with the following third le

.Bl -tag -width "123456"

.It Li vfs.wapbl.flush_disk_cache

Controls whether to attempt to flush the disk cache on each commit.

It defaults to 1 and it should always be on to ensure data integrity in

It defaults to 1 and it should always be on to ensure integrity

case of a crash.

of file system metadata in the event of a power loss.

For slow disks, turning it off can improve performance.

.It Li vfs.wapbl.verbose_commit

For each transaction log commit, print the number of bytes written

Line 198 privilege may change the value.

.It hw.machine_arch string no

.It hw.model string no

.It hw.ncpu integer no

.It hw.ncpuonline integer no

.It hw.pagesize integer no

.It hw.physmem integer no

.It hw.physmem64 quad no

.It hw.usermem integer no

.It hw.usermem64 quad no

.El

.Pp

.Bl -tag -width "123456"

.It Li hw.alignbytes ( HW_ALIGNBYTES )

Alignment constraint for all possible data types.

Line 249 The machine CPU class.

.It Li hw.model ( HW_MODEL )

The machine model.

.It Li hw.ncpu ( HW_NCPU )

The number of CPUs.

The number of CPUs configured.

.It Li hw.ncpuonline ( HW_NCPUONLINE )

The number of CPUs online.

.It Li hw.pagesize ( HW_PAGESIZE )

The software page size.

.It Li hw.physmem ( HW_PHYSMEM )

Line 277 privilege may change the value.

Line 279 privilege may change the value.

.It kern.argmax integer no

.It kern.boothowto integer no

.It kern.boottime struct timeval no

.It kern.buildinfo string no

.\".It kern.bufq node not applicable

.It kern.ccpu integer no

.It kern.clockrate struct clockinfo no

Line 329 privilege may change the value.

Line 332 privilege may change the value.

.It kern.ostype string no

.\".It kern.panic_now integer yes

.It kern.pipe node not applicable

.It kern.pool struct pool_sysctl no

.\" .It kern.posix node not applicable

.It kern.posix1version integer no

.It kern.posix_aio integer no

Line 394 A

Line 398 A

.Vt struct timeval

structure is returned.

This structure contains the time that the system was booted.

.It Li kern.buildinfo

When the kernel is built, the build environment may optionally provide

arbitrary information to be stored in this variable.

.\" .It Li kern.bufq

.\" XXX: Undocumented.

.It Li kern.ccpu ( KERN_CCPU )

Line 597 The fourth level name selects the System

Line 604 The fourth level name selects the System

.It KERN_SYSVIPC_SEM_INFO struct sem_sysctl_info

.It KERN_SYSVIPC_SHM_INFO struct shm_sysctl_info

.El

.Pp

.Bl -tag -width "123456"

.It Li KERN_SYSVIPC_MSG_INFO

Return information on the System V style message facility.

Line 739 The third level names for the settings a

Line 745 The third level names for the settings a

.Bl -column "kern.module.autoload" "integer" "Changeable" -offset indent

.It Sy Third level name Type Changeable

.It kern.module.autoload integer yes

.It kern.module.autotime integer yes

.It kern.module.verbose integer yes

.El

.Pp

Line 749 A boolean that controls whether kernel m

Line 756 A boolean that controls whether kernel m

See

.Xr module 7

for additional details.

.It Li kern.module.autotime

An integer that controls the delay before an attempt is made to

automatically unload a module that was auto-loaded.

Setting this value to zero disables the auto-unload function.

.It Li kern.module.verbose

A boolean that enables or disables verbose

debug messages related to kernel modules.

Line 844 Number of

Line 855 Number of

.Dq big

pipes.

.El

.It Li kern.pool

Provides statistics about the

.Xr pool 9

and

.Xr pool_cache 9

subsystems.

.\" XXX: Undocumented .It Li kern.posix ( ? )

.\" This is a node in which the only variable is semmax.

.It Li kern.posix1version ( KERN_POSIX1 )

Line 1178 protocol number, though this is not alwa

Line 1195 protocol number, though this is not alwa

.It net.inet6 IPv6 values yes

.It net.key IPsec key management values yes

.El

.Pp

.Bl -tag -width "123456"

.It Li net.route ( PF_ROUTE )

.\" XXX really?

Line 1210 The currently defined protocols and name

Line 1226 The currently defined protocols and name

.It arp keep integer yes

.It arp log_movements integer yes

.It arp log_permanent_modify integer yes

.It arp log_unknown_network integer yes

.It arp log_wrong_iface integer yes

.It arp prune integer yes

.It arp refresh integer yes

Line 1225 The currently defined protocols and name

Line 1242 The currently defined protocols and name

.It ip allowsrcrt integer yes

.It ip anonportalgo.selected string yes

.It ip anonportalgo.available string yes

.It ip anonportalgo.reserve struct yes

.It ip anonportmax integer yes

.It ip anonportmin integer yes

.It ip checkinterface integer yes

Line 1329 Disabled by default.

Line 1347 Disabled by default.

If set to 1, the host accepts source routed packets.

.It Li ip.anonportalgo.available

The available RFC 6056 port randomization algorithms.

.It Li ip.anonportalgo.reserve

A bitmask of ports that will not be used during anonymous or privileged

port selection.

.It Li ip.anonportalgo.selected

The currently selected RFC 6056 port randomization algorithm.

.It Li ip.anonportmax

Line 1468 Number of ticks to delay sending an ACK.

Line 1489 Number of ticks to delay sending an ACK.

Perform TCP checksum on loopback.

.It Li tcp.init_win

A value indicating the TCP initial congestion window.

If this value is 0, an auto-tuning algorithm designed to use an initial

The valid range

window of approximately 4K bytes is in use.

is 0 to 10 (maximum specified by RFC6928),

Otherwise, this value indicates a fixed number of packets.

with a default of 4 (approximately 4K per RFC3390).

.It Li tcp.init_win_local

.Li tcp.init_win ,

Line 1599 The currently defined protocols and name

Line 1620 The currently defined protocols and name

.It ip6 accept_rtadv integer yes

.It ip6 anonportalgo.selected string yes

.It ip6 anonportalgo.available string yes

.It ip6 anonportalgo.reserve struct yes

.It ip6 anonportmax integer yes

.It ip6 anonportmin integer yes

.It ip6 auto_flowlabel integer yes

Line 1614 The currently defined protocols and name

Line 1636 The currently defined protocols and name

.It ip6 log_interval integer yes

.It ip6 lowportmax integer yes

.It ip6 lowportmin integer yes

.It ip6 maxdynroutes integer yes

.It ip6 maxifprefixes integer yes

.It ip6 maxifdefrouters integer yes

.It ip6 maxflows integer yes

.It ip6 maxfragpackets integer yes

.It ip6 maxfrags integer yes

.It ip6 neighborgcthresh integer yes

.It ip6 redirect integer yes

.It ip6 rr_prune integer yes

.It ip6 use_deprecated integer yes

Line 1636 The node must be a host

Line 1662 The node must be a host

for the option to be meaningful.

.It Li ip6.anonportalgo.available

The available RFC 6056 port randomization algorithms.

.It Li ip6.anonportalgo.reserve

A bitmask of ports that will not be used during anonymous or privileged

port selection.

.It Li ip6.anonportalgo.selected

The currently selected RFC 6056 port randomization algorithm.

.It Li ip6.anonportmax

Line 1715 The lowest port number to use for TCP an

Line 1744 The lowest port number to use for TCP an

This cannot be set to less than 0 or greater than 1024, and must

be smaller than

.Li ip6.lowportmax .

.It Li ip6.maxdynroutes

Maximum number of routes created by redirect.

Set it to negative to disable.

The default value is 4096.

.It Li ip6.maxifprefixes

Maximum number of prefixes created by route advertisements per interface.

Set it to negative to disable.

The default value is 16.

.It Li ip6.maxifdefrouters 16

Maximum number of default routers created by route advertisements per interface.

Set it to negative to disable.

The default value is 16.

.It Li ip6.maxflows

IPv6 Fast Forwarding is enabled by default.

If set to 0, IPv6 Fast Forwarding is disabled.

Line 1731 The maximum number of fragments the node

Line 1772 The maximum number of fragments the node

0 means that the node will not accept any fragments.

\-1 means that the node will accept as many fragments as it receives.

The flag is provided basically for avoiding possible DoS attacks.

.It Li ip6.neighborgcthresh

Maximum number of entries in neighbor cache.

Set to negative to disable.

The default value is 2048.

.It Li ip6.redirect

If set to 1, ICMPv6 redirects may be sent by the node.

This option is ignored unless the node is routing IP packets,

Line 1856 The currently defined variable and names

Line 1901 The currently defined variable and names

.Bl -column "blockacq_lifetime" "integer" "Changeable" -offset indent

.It Sy Variable name Type Changeable

.It debug integer yes

.It enabled integer yes

.It used integer no

.It spi_try integer yes

.It spi_min_value integer yes

.It spi_max_value integer yes

Line 1873 The variables are as follows:

Line 1920 The variables are as follows:

Turn on debugging message from within the kernel.

The value is a bitmap, as defined in

.In netkey/key_debug.h .

.It Li enabled

Control processing of IPsec control messages.

.Bl -tag -width indent

.It 0

Never allow IPsec processing

.It 1

Allow IPsec processing when SPD policies are present.

.It 2

Force IPsec processing even when SPD policies are not present.

.El

.It Li used

Based on if IPsec is enabled, and SPD rule existance, show if

IPsec is being used.

Note that currenly once IPsec is being used, it cannot be disabled.

.It Li spi_try

The number of times the kernel will try to obtain an unique SPI

when it generates it from random number generator.

Line 1985 set by the

Line 2046 set by the

and

.Dv SO_SNDBUF

options.

.It Li proc.pid.rlimit.vmemoryuse ( PROC_PID_LIMIT_AS )

The maximum size (in bytes) which a process can obtain.

.It Li proc.pid.rlimit.maxlwp ( PROC_PID_LIMIT_NTHR )

The maximum number of threads that cen be created and running at one time in

the process.

The first thread of each process is not counted against this.

.El

.Pp

The fifth level name is one of

Line 2170 privilege may change the value.

Line 2237 privilege may change the value.

.It vm.uvmexp2 struct uvmexp_sysctl no

.It vm.vmmeter struct vmtotal no

.El

.Pp

.Bl -tag -width "123456"

.It Li vm.anonmax ( VM_ANONMAX )

The percentage of physical memory which will be reclaimed

Line 2244 privilege may change the value.

Line 2310 privilege may change the value.

.It ddb.tee_msgbuf integer yes

.It ddb.commandonenter string yes

.El

.Pp

.Bl -tag -width "123456"

.It Li ddb.radix ( DDBCTL_RADIX )

The input and output radix.

Line 2296 The available second level names are:

Line 2361 The available second level names are:

.El

.Pp

Available settings are detailed below.

.Pp

.Bl -tag -width "123456"

.It Li security.curtain

If non-zero, will filter return objects according to the user

Line 2350 The available third and fourth level nam

Line 2414 The available third and fourth level nam

.It Li security.pax.segvguard.max_crashes integer yes

.It Li security.pax.segvguard.suspend_timeout integer yes

.El

.Pp

.Bl -tag -width "123456"

.It Li security.pax.aslr.enabled

Enable PaX ASLR (Address Space Layout Randomization).

CVSweb <webmaster@jp.NetBSD.org>