28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
38started up at system initial boot time.
39In new installations, the
40.Nm
41file is generally initialized by the system installation utility,
42.Xr sysinstall 8 .
43.Pp
44The purpose of
45.Nm
46is not to run commands or perform system startup actions
47directly.
48Instead, it is included by the
49various generic startup scripts in
50.Pa /etc
51which conditionalize their
52internal actions according to the settings found there.
53.Pp
54The
55.Pa /etc/rc.conf
56file is included from the file
57.Pa /etc/defaults/rc.conf ,
58which specifies the default settings for all the available options.
59Options need only be specified in
60.Pa /etc/rc.conf
61when the system administrator wishes to override these defaults.
62The file
63.Pa /etc/rc.conf.local
64is used to override settings in
65.Pa /etc/rc.conf
66for historical reasons.
67See the
68.Va rc_conf_files
69variable below.
70.Pp
71Options are set with
72.Dq Ar name Ns Li = Ns Ar value
73assignments that use
74.Xr sh 1
75syntax.
76The following list provides a name and short description for each
77variable that can be set in the
78.Nm
79file:
80.Bl -tag -width indent-two
81.It Va rc_debug
82.Pq Vt bool
83If set to
84.Dq Li YES ,
85enable output of debug messages from rc scripts.
86This variable can be helpful in diagnosing mistakes when
87editing or integrating new scripts.
88Beware that this produces copious output to the terminal and
89.Xr syslog 3 .
90.It Va rc_info
91.Pq Vt bool
92If set to
93.Dq Li NO ,
94disable informational messages from the rc scripts.
95Informational messages are displayed when
96a condition that is not serious enough to warrant a warning or
97an error occurs.
98.It Va early_late_divider
99.Pq Vt str
100The name of the script that should be used as the
101delimiter between the
102.Dq early
103and
104.Dq late
105stages of the boot process.
106The early stage should contain all the services needed to
107get the disks (local or remote) mounted so that the late
108stage can include scripts contained in the directories
109listed in the
110.Va local_startup
111variable (see below).
112Thus, the two likely candidates for this value are
113.Pa mountcritlocal
114for the typical system, and
115.Pa mountcritremote
116if the system needs remote file
117systems mounted to get access to the
118.Va local_startup
119directories; for example when
120.Pa /usr/local
121is NFS mounted.
122For
123.Pa rc.conf
124within a
125.Xr jail 8
126.Pa NETWORKING
127is likely to be an appropriate value.
128Extreme care should be taken when changing this value,
129and before changing it one should ensure that there are
130adequate provisions to recover from a failed boot
131(such as physical contact with the machine,
132or reliable remote console access).
133.It Va swapfile
134.Pq Vt str
135If set to
136.Dq Li NO ,
137no swapfile is installed, otherwise the value is used as the full
138pathname to a file to use for additional swap space.
139.It Va apm_enable
140.Pq Vt bool
141If set to
142.Dq Li YES ,
143enable support for Automatic Power Management with
144the
145.Xr apm 8
146command.
147.It Va apmd_enable
148.Pq Vt bool
149Run
150.Xr apmd 8
151to handle APM event from userland.
152This also enables support for APM.
153.It Va apmd_flags
154.Pq Vt str
155If
156.Va apmd_enable
157is set to
158.Dq Li YES ,
159these are the flags to pass to the
160.Xr apmd 8
161daemon.
162.It Va devd_enable
163.Pq Vt bool
164Run
165.Xr devd 8
166to handle device added, removed or unknown events from the kernel.
167.It Va kldxref_enable
168.Pq Vt bool
169Set to
170.Dq Li NO
171by default.
172Set to
173.Dq Li YES
174to automatically rebuild
175.Pa linker.hints
176files with
177.Xr kldxref 8
178at boot time.
179.It Va kldxref_clobber
180.Pq Vt bool
181Set to
182.Dq Li NO
183by default.
184If
185.Va kldxref_enable
186is true,
187setting to
188.Dq Li YES
189will overwrite existing
190.Pa linker.hints
191files at boot time.
192Otherwise,
193only missing
194.Pa linker.hints
195files are generated.
196.It Va kldxref_module_path
197.Pq Vt str
198Empty by default.
199A semi-colon
200.Pq Ql \&;
201delimited list of paths containing
202.Xr kld 4
203modules.
204If empty,
205the contents of the
206.Va kern.module_path
207.Xr sysctl 8
208are used.
209.It Va powerd_enable
210.Pq Vt bool
211If set to
212.Dq Li YES ,
213enable the system power control facility with the
214.Xr powerd 8
215daemon.
216.It Va powerd_flags
217.Pq Vt str
218If
219.Va powerd_enable
220is set to
221.Dq Li YES ,
222these are the flags to pass to the
223.Xr powerd 8
224daemon.
225.It Va tmpmfs
226Controls the creation of a
227.Pa /tmp
228memory file system.
229Always happens if set to
230.Dq Li YES
231and never happens if set to
232.Dq Li NO .
233If set to anything else, a memory file system is created if
234.Pa /tmp
235is not writable.
236.It Va tmpsize
237Controls the size of a created
238.Pa /tmp
239memory file system.
240.It Va tmpmfs_flags
241Extra options passed to the
242.Xr mdmfs 8
243utility when the memory file system for
244.Pa /tmp
245is created.
246The default is
247.Dq Li "-S -M" ,
248which inhibits the use of softupdates on
249.Pa /tmp
250to waste as little space as possible
251and creates a pure memory backed disk, which will never be swapped out,
252for maximum performance and system stability at low memory conditions.
253See
254.Xr mdmfs 8
255for other options you can use in
256.Va tmpmfs_flags .
257.It Va varmfs
258Controls the creation of a
259.Pa /var
260memory file system.
261Always happens if set to
262.Dq Li YES
263and never happens if set to
264.Dq Li NO .
265If set to anything else, a memory file system is created if
266.Pa /var
267is not writable.
268.It Va varsize
269Controls the size of a created
270.Pa /var
271memory file system.
272.It Va varmfs_flags
273Extra options passed to the
274.Xr mdmfs 8
275utility when the memory file system for
276.Pa /var
277is created.
278The default is
279.Dq Li "-S -M" ,
280which inhibits the use of softupdates on
281.Pa /var
282to waste as little space as possible
283and creates a pure memory backed disk, which will never be swapped out,
284for maximum performance and system stability at low memory conditions.
285See
286.Xr mdmfs 8
287for other options you can use in
288.Va varmfs_flags .
289.It Va populate_var
290Controls the automatic population of the
291.Pa /var
292file system.
293Always happens if set to
294.Dq Li YES
295and never happens if set to
296.Dq Li NO .
297If set to anything else, a memory file system is created if
298.Pa /var
299is not writable.
300Note that this process requires access to certain commands in
301.Pa /usr
302before
303.Pa /usr
304is mounted on normal systems.
305.It Va cleanvar_enable
306.Pq Vt bool
307Clean the
308.Pa /var
309directory.
310.It Va local_startup
311.Pq Vt str
312List of directories to search for startup script files.
313.It Va script_name_sep
314.Pq Vt str
315The field separator to use for breaking down the list of startup script files
316into individual filenames.
317The default is a space.
318It is not necessary to change this unless there are startup scripts with names
319containing spaces.
320.It Va hostapd_enable
321.Pq Vt bool
322Set to
323.Dq Li YES
324to start
325.Xr hostapd 8
326at system boot time.
327.It Va hostname
328.Pq Vt str
329The fully qualified domain name (FQDN) of this host on the network.
330This should almost certainly be set to something meaningful, even if
331there is no network connection.
332If
333.Xr dhclient 8
334is used to set the hostname via DHCP,
335this variable should be set to an empty string.
336.It Va ipv6_enable
337.Pq Vt bool
338Enable support for IPv6 networking.
339Note that this requires that the kernel has been compiled with
340.Cd "options INET6" .
341.It Va nisdomainname
342.Pq Vt str
343The NIS domain name of this host, or
344.Dq Li NO
345if NIS is not used.
346.It Va dhclient_program
347.Pq Vt str
348Path to the DHCP client program
349.Pa ( /sbin/dhclient ,
350the
351.Ox
352DHCP client,
353is the default).
354.It Va dhclient_flags
355.Pq Vt str
356Additional flags to pass to the DHCP client program.
357For the
358.Ox
359DHCP client, see the
360.Xr dhclient 8
361manpage for a description of the command line options available.
362.It Va dhclient_flags_ Ns Aq Ar iface
363Additional flags to pass to the DHCP client program running on
364.Ar iface
365only.
366When specified, this variable overrides
367.Va dhclient_flags .
368.It Va background_dhclient
369.Pq Vt bool
370Set to
371.Dq Li YES
372to start the DHCP client in background.
373This can cause trouble with applications depending on
374a working network, but it will provide a faster startup
375in many cases.
376.It Va background_dhclient_ Ns Aq Ar iface
377When specified, this variable overrides the
378.Va background_dhclient
379variable for interface
380.Ar iface
381only.
382.It Va synchronous_dhclient
383.Pq Bt bool
384Set to
385.Dq Li NO
386to start
387.Xr dhclient 8
388only in response to interface events and not synchronously at startup.
389This behavior can be overridden on a per-interface basis by replacing
390the
391.Dq Li DHCP
392keyword in the
393.Va ifconfig_ Ns Aq Ar interface
394variable with
395.Dq Li SYNCDHCP
396or
397.Dq Li NOSYNCDHCP .
398.It Va firewall_enable
399.Pq Vt bool
400Set to
401.Dq Li YES
402to load firewall rules at startup.
403If the kernel was not built with
404.Cd "options IPFIREWALL" ,
405the
406.Pa ipfw.ko
407kernel module will be loaded.
408See also
409.Va ipfilter_enable .
410.It Va ipv6_firewall_enable
411.Pq Vt bool
412The IPv6 equivalent of
413.Va firewall_enable .
414Set to
415.Dq Li YES
416to load IPv6 firewall rules at startup.
417If the kernel was not built with
418.Cd "options IPV6FIREWALL" ,
419the
420.Pa ipfw.ko
421kernel module will be loaded.
422.It Va firewall_script
423.Pq Vt str
424This variable specifies the full path to the firewall script to run.
425The default is
426.Pa /etc/rc.firewall .
427.It Va ipv6_firewall_script
428.Pq Vt str
429The IPv6 equivalent of
430.Va firewall_script .
431.It Va firewall_type
432.Pq Vt str
433Names the firewall type from the selection in
434.Pa /etc/rc.firewall ,
435or the file which contains the local firewall ruleset.
436Valid selections from
437.Pa /etc/rc.firewall
438are:
439.Pp
440.Bl -tag -width ".Li simple" -compact
441.It Li open
442unrestricted IP access
443.It Li closed
444all IP services disabled, except via
445.Dq Li lo0
446.It Li client
447basic protection for a workstation
448.It Li simple
449basic protection for a LAN.
450.El
451.Pp
452If a filename is specified, the full path
453must be given.
454.It Va ipv6_firewall_type
455.Pq Vt str
456The IPv6 equivalent of
457.Va firewall_type .
458.It Va firewall_quiet
459.Pq Vt bool
460Set to
461.Dq Li YES
462to disable the display of firewall rules on the console during boot.
463.It Va ipv6_firewall_quiet
464.Pq Vt bool
465The IPv6 equivalent of
466.Va firewall_quiet .
467.It Va firewall_logging
468.Pq Vt bool
469Set to
470.Dq Li YES
471to enable firewall event logging.
472This is equivalent to the
473.Dv IPFIREWALL_VERBOSE
474kernel option.
475.It Va ipv6_firewall_logging
476.Pq Vt bool
477The IPv6 equivalent of
478.Va firewall_logging .
479.It Va firewall_flags
480.Pq Vt str
481Flags passed to
482.Xr ipfw 8
483if
484.Va firewall_type
485specifies a filename.
486.It Va ipv6_firewall_flags
487.Pq Vt str
488The IPv6 equivalent of
489.Va firewall_flags .
490.It Va natd_program
491.Pq Vt str
492Path to
493.Xr natd 8 .
494.It Va natd_enable
495.Pq Vt bool
496Set to
497.Dq Li YES
498to enable
499.Xr natd 8 .
500.Va firewall_enable
501must also be set to
502.Dq Li YES ,
503and
504.Xr divert 4
505sockets must be enabled in the kernel.
506If the kernel was not built with
507.Cd "options IPDIVERT" ,
508the
509.Pa ipdivert.ko
510kernel module will be loaded.
511.It Va natd_interface
512.Pq Vt str
513This is the name of the public interface on which
514.Xr natd 8
515should run.
516The interface may be given as an interface name or as an IP address.
517.It Va natd_flags
518.Pq Vt str
519Additional
520.Xr natd 8
521flags should be placed here.
522The
523.Fl n
524or
525.Fl a
526flag is automatically added with the above
527.Va natd_interface
528as an argument.
529.\" ----- ipfilter_enable setting --------------------------------
530.It Va ipfilter_enable
531.Pq Vt bool
532Set to
533.Dq Li NO
534by default.
535Setting this to
536.Dq Li YES
537enables
538.Xr ipf 8
539packet filtering.
540.Pp
541Typical usage will require putting
542.Bd -literal
543ipfilter_enable="YES"
544ipnat_enable="YES"
545ipmon_enable="YES"
546ipfs_enable="YES"
547.Ed
548.Pp
549into
550.Pa /etc/rc.conf
551and editing
552.Pa /etc/ipf.rules
553and
554.Pa /etc/ipnat.rules
555appropriately.
556.Pp
557Note that
558.Va ipfilter_enable
559and
560.Va ipnat_enable
561can be enabled independently.
562.Va ipmon_enable
563and
564.Va ipfs_enable
565both require at least one of
566.Va ipfilter_enable
567and
568.Va ipnat_enable
569to be enabled.
570.Pp
571Having
572.Bd -literal
573options IPFILTER
574options IPFILTER_LOG
575options IPFILTER_DEFAULT_BLOCK
576.Ed
577.Pp
578in the kernel configuration file is a good idea, too.
579.\" ----- ipfilter_program setting ------------------------------
580.It Va ipfilter_program
581.Pq Vt str
582Path to
583.Xr ipf 8
584(default
585.Pa /sbin/ipf ) .
586.\" ----- ipfilter_rules setting --------------------------------
587.It Va ipfilter_rules
588.Pq Vt str
589Set to
590.Pa /etc/ipf.rules
591by default.
592This variable contains the name of the filter rule definition file.
593The file is expected to be readable for the
594.Xr ipf 8
595command to execute.
596.\" ----- ipv6_ipfilter_rules setting ---------------------------
597.It Va ipv6_ipfilter_rules
598.Pq Vt str
599Set to
600.Pa /etc/ipf6.rules
601by default.
602This variable contains the IPv6 filter rule definition file.
603The file is expected to be readable for the
604.Xr ipf 8
605command to execute.
606.\" ----- ipfilter_flags setting --------------------------------
607.It Va ipfilter_flags
608.Pq Vt str
609Empty by default.
610This variable contains flags passed to the
611.Xr ipf 8
612program.
613.\" ----- ipnat_enable setting ----------------------------------
614.It Va ipnat_enable
615.Pq Vt bool
616Set to
617.Dq Li NO
618by default.
619Set it to
620.Dq Li YES
621to enable
622.Xr ipnat 8
623network address translation.
624See
625.Va ipfilter_enable
626for a detailed discussion.
627.\" ----- ipnat_program setting ---------------------------------
628.It Va ipnat_program
629.Pq Vt str
630Path to
631.Xr ipnat 8
632(default
633.Pa /sbin/ipnat ) .
634.\" ----- ipnat_rules setting -----------------------------------
635.It Va ipnat_rules
636.Pq Vt str
637Set to
638.Pa /etc/ipnat.rules
639by default.
640This variable contains the name of the file
641holding the network address translation definition.
642This file is expected to be readable for the
643.Xr ipnat 8
644command to execute.
645.\" ----- ipnat_flags setting -----------------------------------
646.It Va ipnat_flags
647.Pq Vt str
648Empty by default.
649This variable contains flags passed to the
650.Xr ipnat 8
651program.
652.\" ----- ipmon_enable setting ----------------------------------
653.It Va ipmon_enable
654.Pq Vt bool
655Set to
656.Dq Li NO
657by default.
658Set it to
659.Dq Li YES
660to enable
661.Xr ipmon 8
662monitoring (logging
663.Xr ipf 8
664and
665.Xr ipnat 8
666events).
667Setting this variable needs setting
668.Va ipfilter_enable
669or
670.Va ipnat_enable
671too.
672See
673.Va ipfilter_enable
674for a detailed discussion.
675.\" ----- ipmon_program setting ---------------------------------
676.It Va ipmon_program
677.Pq Vt str
678Path to
679.Xr ipmon 8
680(default
681.Pa /sbin/ipmon ) .
682.\" ----- ipmon_flags setting -----------------------------------
683.It Va ipmon_flags
684.Pq Vt str
685Set to
686.Dq Li -Ds
687by default.
688This variable contains flags passed to the
689.Xr ipmon 8
690program.
691Another typical example would be
692.Dq Fl D Pa /var/log/ipflog
693to have
694.Xr ipmon 8
695log directly to a file bypassing
696.Xr syslogd 8 .
697Make sure to adjust
698.Pa /etc/newsyslog.conf
699in such case like this:
700.Bd -literal
701/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
702.Ed
703.\" ----- ipfs_enable setting -----------------------------------
704.It Va ipfs_enable
705.Pq Vt bool
706Set to
707.Dq Li NO
708by default.
709Set it to
710.Dq Li YES
711to enable
712.Xr ipfs 8
713saving the filter and NAT state tables during shutdown
714and reloading them during startup again.
715Setting this variable needs setting
716.Va ipfilter_enable
717or
718.Va ipnat_enable
719to
720.Dq Li YES
721too.
722See
723.Va ipfilter_enable
724for a detailed discussion.
725Note that if
726.Va kern_securelevel
727is set to 3,
728.Va ipfs_enable
729cannot be used
730because the raised securelevel will prevent
731.Xr ipfs 8
732from saving the state tables at shutdown time.
733.\" ----- ipfs_program setting ----------------------------------
734.It Va ipfs_program
735.Pq Vt str
736Path to
737.Xr ipfs 8
738(default
739.Pa /sbin/ipfs ) .
740.\" ----- ipfs_flags setting ------------------------------------
741.It Va ipfs_flags
742.Pq Vt str
743Empty by default.
744This variable contains flags passed to the
745.Xr ipfs 8
746program.
747.\" ----- end of added ipf hook ---------------------------------
748.It Va pf_enable
749.Pq Vt bool
750Set to
751.Dq Li NO
752by default.
753Setting this to
754.Dq Li YES
755enables
756.Xr pf 4
757packet filtering.
758.Pp
759Typical usage will require putting
760.Pp
761.Dl pf_enable="YES"
762.Pp
763into
764.Pa /etc/rc.conf
765and editing
766.Pa /etc/pf.conf
767appropriately.
768.Pp
769.Dl "device pf"
770.Pp
771builds
772.Xr pf 4
773into the kernel.
774Otherwise it is loaded from a module.
775.It Va pf_rules
776.Pq Vt str
777Path to
778.Xr pf 4
779ruleset configuration file
780(default
781.Pa /etc/pf.conf ) .
782.It Va pf_program
783.Pq Vt str
784Path to
785.Xr pfctl 8
786(default
787.Pa /sbin/pfctl ) .
788.It Va pf_flags
789.Pq Vt str
790If
791.Va pf_enable
792is set to
793.Dq Li YES ,
794these flags are passed to the
795.Xr pfctl 8
796program when loading the ruleset.
797.It Va pflog_enable
798.Pq Vt bool
799Set to
800.Dq Li NO
801by default.
802Setting this to
803.Dq Li YES
804enables
805.Xr pflogd 8
806which logs packets from the
807.Xr pf 4
808packet filter.
809.It Va pflog_logfile
810.Pq Vt str
811If
812.Va pflog_enable
813is set to
814.Dq Li YES
815this controls where
816.Xr pflogd 8
817stores the logfile
818(default
819.Pa /var/log/pflog ) .
820Check
821.Pa /etc/newsyslog.conf
822to adjust logfile rotation for this.
823.It Va pflog_program
824.Pq Vt str
825Path to
826.Xr pflogd 8
827(default
828.Pa /sbin/pflogd ) .
829.It Va pflog_flags
830.Pq Vt str
831Empty by default.
832This variable contains additional flags passed to the
833.Xr pflogd 8
834program.
835.It Va pfsync_enable
836.Pq Vt bool
837Set to
838.Dq Li NO
839by default.
840Setting this to
841.Dq Li YES
842enables exposing
843.Xr pf 4
844state changes to other hosts over the network by means of
845.Xr pfsync 4 .
846The
847.Va pfsync_syncdev
848variable
849must also be set then.
850.It Va pfsync_syncdev
851.Pq Vt str
852Empty by default.
853This variable specifies the name of the network interface
854.Xr pfsync 4
855should operate through.
856It must be set accordingly if
857.Va pfsync_enable
858is set to
859.Dq Li YES .
860.It Va pfsync_ifconfig
861.Pq Vt str
862Empty by default.
863This variable can contain additional options to be passed to the
864.Xr ifconfig 8
865command used to set up
866.Xr pfsync 4 .
867.It Va tcp_extensions
868.Pq Vt bool
869Set to
870.Dq Li YES
871by default.
872Setting this to
873.Dq Li NO
874disables certain TCP options as described by
875.Rs
876.%T "RFC 1323"
877.Re
878Setting this to
879.Dq Li NO
880might help remedy such problems with connections as randomly hanging
881or other weird behavior.
882Some network devices are known
883to be broken with respect to these options.
884.It Va log_in_vain
885.Pq Vt int
886Set to 0 by default.
887The
888.Xr sysctl 8
889variables,
890.Va net.inet.tcp.log_in_vain
891and
892.Va net.inet.udp.log_in_vain ,
893as described in
894.Xr tcp 4
895and
896.Xr udp 4 ,
897are set to the given value.
898.It Va tcp_keepalive
899.Pq Vt bool
900Set to
901.Dq Li YES
902by default.
903Setting to
904.Dq Li NO
905will disable probing idle TCP connections to verify that the
906peer is still up and reachable.
907.It Va tcp_drop_synfin
908.Pq Vt bool
909Set to
910.Dq Li NO
911by default.
912Setting to
913.Dq Li YES
914will cause the kernel to ignore TCP frames that have both
915the SYN and FIN flags set.
916This prevents OS fingerprinting, but may
917break some legitimate applications.
918This option is only available if the
919kernel was built with the
920.Dv TCP_DROP_SYNFIN
921option.
922.It Va icmp_drop_redirect
923.Pq Vt bool
924Set to
925.Dq Li NO
926by default.
927Setting to
928.Dq Li YES
929will cause the kernel to ignore ICMP REDIRECT packets.
930Refer to
931.Xr icmp 4
932for more information.
933.It Va icmp_log_redirect
934.Pq Vt bool
935Set to
936.Dq Li NO
937by default.
938Setting to
939.Dq Li YES
940will cause the kernel to log ICMP REDIRECT packets.
941Note that
942the log messages are not rate-limited, so this option should only be used
943for troubleshooting networks.
944Refer to
945.Xr icmp 4
946for more information.
947.It Va icmp_bmcastecho
948.Pq Vt bool
949Set to
950.Dq Li YES
951to respond to broadcast or multicast ICMP ping packets.
952Refer to
953.Xr icmp 4
954for more information.
955.It Va ip_portrange_first
956.Pq Vt int
957If not set to
958.Dq Li NO ,
959this is the first port in the default portrange.
960Refer to
961.Xr ip 4
962for more information.
963.It Va ip_portrange_last
964.Pq Vt int
965If not set to
966.Dq Li NO ,
967this is the last port in the default portrange.
968Refer to
969.Xr ip 4
970for more information.
971.It Va network_interfaces
972.Pq Vt str
973Set to the list of network interfaces to configure on this host or
974.Dq Li AUTO
975(the default) for all current interfaces.
976Setting the
977.Va network_interfaces
978variable to anything other than the default is deprecated.
979Interfaces that the administrator wishes to store configration for,
980but not start at boot should be configured with the
981.Dq Li NOAUTO
982keyword in their
983.Va ifconfig_ Ns Aq Ar interface
984variables as described below.
985.Pp
986An
987.Va ifconfig_ Ns Aq Ar interface
988variable is also assumed to exist for each value of
989.Ar interface .
990When an interface name contains any of the characters
991.Dq Li .-/+
992they are translated to
993.Dq Li _
994before lookup.
995The variable can contain arguments to
996.Xr ifconfig 8 ,
997as well as special case-insensitive keywords described below.
998Such keywords are removed before passing the value to
999.Xr ifconfig 8
1000while the order of the other arguments is preserved.
1001.Pp
1002One can configure more than one IPv4 address with the
1003.Va ipv4_addrs_ Ns Aq Ar interface
1004variable.
1005One or more IP addresses must be provided in Classless Inter-Domain
1006Routing (CIDR) address notation, whose last byte can be a range like
1007192.168.0.5-23/24.
1008In this case the address 192.168.0.5 will be configured with the
1009netmask /24 and the addresses 192.168.0.6 to 192.168.0.23 with
1010the non-conflicting netmask /32 as explained in the
1011.Xr ifconfig 8
1012alias section.
1013With the interface in question being
1014.Li ed0 ,
1015an example could look like:
1016.Bd -literal
1017ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28"
1018.Ed
1019.Pp
1020It is also possible to add IP alias entries using
1021.Xr ifconfig 8
1022syntax.
1023Assuming that the interface in question was
1024.Li ed0 ,
1025it might look
1026something like this:
1027.Bd -literal
1028ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
1029ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
1030.Ed
1031.Pp
1032And so on.
1033For each
1034.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
1035entry that is found,
1036its contents are passed to
1037.Xr ifconfig 8 .
1038Execution stops at the first unsuccessful access, so if
1039something like this is present:
1040.Bd -literal
1041ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
1042ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
1043ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
1044ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
1045.Ed
1046.Pp
1047Then note that alias4 would
1048.Em not
1049be added since the search would
1050stop with the missing
1051.Dq Li alias3
1052entry.
1053Due to this difficult to manage behavior, the
1054.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
1055form is deprecated.
1056.Pp
1057If the
1058.Pa /etc/start_if. Ns Aq Ar interface
1059file is present, it is read and executed by the
1060.Xr sh 1
1061interpreter
1062before configuring the interface as specified in the
1063.Va ifconfig_ Ns Aq Ar interface
1064and
1065.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
1066variables.
1067.Pp
1068If the
1069.Va ifconfig_ Ns Aq Ar interface
1070contains the keyword
1071.Dq Li NOAUTO
1072then the interface will not be configured
1073at boot or by
1074.Pa /etc/pccard_ether
1075when
1076.Va network_interfaces
1077is set to
1078.Dq Li AUTO .
1079.Pp
1080It is possible to bring up an interface with DHCP by adding
1081.Dq Li DHCP
1082to the
1083.Va ifconfig_ Ns Aq Ar interface
1084variable.
1085For instance, to initialize the
1086.Li ed0
1087device via DHCP,
1088it is possible to use something like:
1089.Bd -literal
1090ifconfig_ed0="DHCP"
1091.Ed
1092.Pp
1093Also, if your interface needs WPA authentication, it is possible to add
1094.Dq Li WPA
1095to the
1096.Va ifconfig_ Ns Aq Ar interface
1097variable.
1098.Pp
1099Finally, you can add
1100.Xr ifconfig 8
1101options in this variable, in addition to the
1102.Pa /etc/start_if. Ns Aq Ar interface
1103file.
1104For instance, to initialize the
1105.Li wi0
1106device via DHCP, using WPA authentication and 802.11b mode, it is
1107possible to use something like:
1108.Bd -literal
1109ifconfig_wi0="DHCP WPA mode 11b"
1110.Ed
1111.Pp
1112In addition to the
1113.Va ifconfig_ Ns Aq Ar interface
1114form, a fallback variable
1115.Va ifconfig_DEFAULT
1116may be configured.
1117It will be used for all interfaces with no
1118.Va ifconfig_ Ns Aq Ar interface
1119variable.
1120This is intended to replace the no longer supported
1121.Va pccard_ifconfig
1122variable.
1123.Pp
1124It is also possible to rename interface by doing:
1125.Bd -literal
1126ifconfig_ed0_name="net0"
1127ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
1128.Ed
1129.It Va ipv6_network_interfaces
1130.Pq Vt str
1131This is the IPv6 equivalent of
1132.Va network_interfaces .
1133Instead of setting the ifconfig variables as
1134.Va ifconfig_ Ns Aq Ar interface
1135they should be set as
1136.Va ipv6_ifconfig_ Ns Aq Ar interface .
1137Aliases should be set as
1138.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
1139.Va ipv6_prefix_ Ns Aq Ar interface
1140does something.
1141Interfaces that do not have a
1142.Va ipv6_ifconfig_ Ns Aq Ar interface
1143setting will be auto configured by
1144.Xr rtsol 8
1145if the
1146.Va ipv6_gateway_enable
1147is set to
1148.Dq Li NO .
1149Note that the IPv6 networking code does not support the
1150.Pa /etc/start_if. Ns Aq Ar interface
1151files.
1152.It Va ipv6_default_interface
1153.Pq Vt str
1154If not set to
1155.Dq Li NO ,
1156this is the default output interface for scoped addresses.
1157Now this works only for IPv6 link local multicast addresses.
1158.It Va cloned_interfaces
1159.Pq Vt str
1160Set to the list of clonable network interfaces to create on this host.
1161Entries in
1162.Va cloned_interfaces
1163are automatically appended to
1164.Va network_interfaces
1165for configuration.
1166.It Va gif_interfaces
1167.Pq Vt str
1168Set to the list of
1169.Xr gif 4
1170tunnel interfaces to configure on this host.
1171A
1172.Va gifconfig_ Ns Aq Ar interface
1173variable is assumed to exist for each value of
1174.Ar interface .
1175The value of this variable is used to configure the link layer of the
1176tunnel according to the syntax of the
1177.Cm tunnel
1178option to
1179.Xr ifconfig 8 .
1180Additionally, this option ensures that each listed interface is created
1181via the
1182.Cm create
1183option to
1184.Xr ifconfig 8
1185before attempting to configure it.
1186.It Va sppp_interfaces
1187.Pq Vt str
1188Set to the list of
1189.Xr sppp 4
1190interfaces to configure on this host.
1191A
1192.Va spppconfig_ Ns Aq Ar interface
1193variable is assumed to exist for each value of
1194.Ar interface .
1195Each interface should also be configured by a general
1196.Va ifconfig_ Ns Aq Ar interface
1197setting.
1198Refer to
1199.Xr spppcontrol 8
1200for more information about available options.
1201.It Va ppp_enable
1202.Pq Vt bool
1203If set to
1204.Dq Li YES ,
1205run the
1206.Xr ppp 8
1207daemon.
1208.It Va ppp_mode
1209.Pq Vt str
1210Mode in which to run the
1211.Xr ppp 8
1212daemon.
1213Accepted modes are
1214.Dq Li auto ,
1215.Dq Li ddial ,
1216.Dq Li direct
1217and
1218.Dq Li dedicated .
1219See the manual for a full description.
1220.It Va ppp_nat
1221.Pq Vt bool
1222If set to
1223.Dq Li YES ,
1224enables network address translation.
1225Used in conjunction with
1226.Va gateway_enable
1227allows hosts on private network addresses access to the Internet using
1228this host as a network address translating router.
1229.It Va ppp_profile
1230.Pq Vt str
1231The name of the profile to use from
1232.Pa /etc/ppp/ppp.conf .
1233.It Va ppp_user
1234.Pq Vt str
1235The name of the user under which
1236.Xr ppp 8
1237should be started.
1238By
1239default,
1240.Xr ppp 8
1241is started as
1242.Dq Li root .
1243.It Va rc_conf_files
1244.Pq Vt str
1245This option is used to specify a list of files that will override
1246the settings in
1247.Pa /etc/defaults/rc.conf .
1248The files will be read in the order in which they are specified and should
1249include the full path to the file.
1250By default, the files specified are
1251.Pa /etc/rc.conf
1252and
1253.Pa /etc/rc.conf.local
1254.It Va gbde_autoattach_all
1255.Pq Vt bool
1256If set to
1257.Dq Li YES ,
1258.Pa /etc/rc.d/gbde
1259will attempt to automatically initialize your .bde devices in
1260.Pa /etc/fstab .
1261.It Va gbde_devices
1262.Pq Vt str
1263List the devices that the script should try to attach,
1264or
1265.Dq Li AUTO .
1266.It Va gbde_lockdir
1267.Pq Vt str
1268The directory where the
1269.Xr gbde 4
1270lockfiles are located.
1271The default lockfile directory is
1272.Pa /etc .
1273.Pp
1274The lockfile for each individual
1275.Xr gbde 4
1276device can be overridden by setting the variable
1277.Va gbde_lock_ Ns Aq Ar device ,
1278where
1279.Ar device
1280is the encrypted device without the
1281.Dq Pa /dev/
1282and
1283.Dq Pa .bde
1284parts.
1285.It Va gbde_attach_attempts
1286.Pq Vt int
1287Number of times to attempt attaching to a
1288.Xr gbde 4
1289device, i.e., how many times the user is asked for the pass-phrase.
1290Default is 3.
1291.It Va geli_devices
1292.Pq Vt str
1293List of devices to automatically attach on boot.
1294Note that .eli devices from
1295.Pa /etc/fstab
1296are automatically appended to this list.
1297.It Va geli_tries
1298.Pq Vt int
1299Number of times user is asked for the pass-phrase.
1300If empty, it will be taken from
1301.Va kern.geom.eli.tries
1302sysctl variable.
1303.It Va geli_default_flags
1304.Pq Vt str
1305Default flags to use by
1306.Xr geli 8
1307when configuring disk encryption.
1308Flags can be configured for every device separately by defining
1309.Va geli_ Ns Ao Ar device Ac Ns Va _flags
1310variable.
1311.It Va geli_autodetach
1312.Pq Vt str
1313Specifies if GELI devices should be marked for detach on last close after
1314file systems are mounted.
1315Default is
1316.Dq Li YES .
1317This can be changed for every device separately by defining
1318.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach
1319variable.
1320.It Va geli_swap_flags
1321Options passed to the
1322.Xr geli 8
1323utility when encrypted GEOM providers for swap partitions are created.
1324The default is
1325.Dq Li "-a aes -l 256 -s 4096 -d" .
1326.It Va root_rw_mount
1327.Pq Vt bool
1328Set to
1329.Dq Li YES
1330by default.
1331After the file systems are checked at boot time, the root file system
1332is remounted as read-write if this is set to
1333.Dq Li YES .
1334Diskless systems that mount their root file system from a read-only remote
1335NFS share should set this to
1336.Dq Li NO
1337in their
1338.Pa rc.conf .
1339.It Va fsck_y_enable
1340.Pq Vt bool
1341If set to
1342.Dq Li YES ,
1343.Xr fsck 8
1344will be run with the
1345.Fl y
1346flag if the initial preen
1347of the file systems fails.
1348.It Va background_fsck
1349.Pq Vt bool
1350If set to
1351.Dq Li YES ,
1352the system will attempt to run
1353.Xr fsck 8
1354in the background where possible.
1355.It Va background_fsck_delay
1356.Pq Vt int
1357The amount of time in seconds to sleep before starting a background
1358.Xr fsck 8 .
1359It defaults to sixty seconds to allow large applications such as
1360the X server to start before disk I/O bandwidth is monopolized by
1361.Xr fsck 8 .
1362.It Va netfs_types
1363.Pq Vt str
1364List of file system types that are network-based.
1365This list should generally not be modified by end users.
1366Use
1367.Va extra_netfs_types
1368instead.
1369.It Va extra_netfs_types
1370.Pq Vt str
1371If set to something other than
1372.Dq Li NO
1373(the default),
1374this variable extends the list of file system types
1375for which automatic mounting at startup by
1376.Xr rc 8
1377should be delayed until the network is initialized.
1378It should contain
1379a whitespace-separated list of network file system descriptor pairs,
1380each consisting of a file system type as passed to
1381.Xr mount 8
1382and a human-readable, one-word description,
1383joined with a colon
1384.Pq Ql \&: .
1385Extending the default list in this way is only necessary
1386when third party file system types are used.
1387.It Va syslogd_enable
1388.Pq Vt bool
1389If set to
1390.Dq Li YES ,
1391run the
1392.Xr syslogd 8
1393daemon.
1394.It Va syslogd_program
1395.Pq Vt str
1396Path to
1397.Xr syslogd 8
1398(default
1399.Pa /usr/sbin/syslogd ) .
1400.It Va syslogd_flags
1401.Pq Vt str
1402If
1403.Va syslogd_enable
1404is set to
1405.Dq Li YES ,
1406these are the flags to pass to
1407.Xr syslogd 8 .
1408.It Va inetd_enable
1409.Pq Vt bool
1410If set to
1411.Dq Li YES ,
1412run the
1413.Xr inetd 8
1414daemon.
1415.It Va inetd_program
1416.Pq Vt str
1417Path to
1418.Xr inetd 8
1419(default
1420.Pa /usr/sbin/inetd ) .
1421.It Va inetd_flags
1422.Pq Vt str
1423If
1424.Va inetd_enable
1425is set to
1426.Dq Li YES ,
1427these are the flags to pass to
1428.Xr inetd 8 .
1429.It Va named_enable
1430.Pq Vt bool
1431If set to
1432.Dq Li YES ,
1433run the
1434.Xr named 8
1435daemon.
1436.It Va named_program
1437.Pq Vt str
1438Path to
1439.Xr named 8
1440(default
1441.Pa /usr/sbin/named ) .
1442.It Va named_flags
1443.Pq Vt str
1444If
1445.Va named_enable
1446is set to
1447.Dq Li YES ,
1448these are the flags to pass to
1449.Xr named 8 .
1450.It Va named_pidfile
1451.Pq Vt str
1452This is the default path to the
1453.Xr named 8
1454daemon's PID file.
1455This must match the location in
1456.Xr named.conf 5 .
1457.It Va named_uid
1458.Pq Vt str
1459The user that the
1460.Xr named 8
1461process should be run as.
1462.It Va named_chrootdir
1463.Pq Vt str
1464The root directory for a name server run in a
1465.Xr chroot 8
1466environment (default
1467.Pa /var/named ) .
1468If left empty
1469.Xr named 8
1470will not be run in a
1471.Xr chroot 8
1472environment.
1473.It Va named_chroot_autoupdate
1474.Pq Vt bool
1475Set to
1476.Dq Li NO
1477to disable automatic update of the
1478.Xr chroot 8
1479environment.
1480.It Va named_symlink_enable
1481.Pq Vt bool
1482Set to
1483.Dq Li NO
1484to disable symlinking of
1485daemon's PID file
1486into the
1487.Xr chroot 8
1488environment.
1489.It Va kerberos5_server_enable
1490.Pq Vt bool
1491Set to
1492.Dq Li YES
1493to start a Kerberos 5 authentication server
1494at boot time.
1495.It Va kerberos5_server
1496.Pq Vt str
1497If
1498.Va kerberos5_server_enable
1499is set to
1500.Dq Li YES
1501this is the path to Kerberos 5 Authentication Server.
1502.It Va kerberos5_server_flags
1503.Pq Vt str
1504Empty by default.
1505This variable contains additional flags to be passed to the Kerberos 5
1506authentication server.
1507.It Va kadmind5_server_enable
1508.Pq Vt bool
1509Set to
1510.Dq Li YES
1511to start
1512.Xr kadmind 8 ,
1513the Kerberos 5 Administration Daemon; set to
1514.Dq Li NO
1515on a slave server.
1516.It Va kadmind5_server
1517.Pq Vt str
1518If
1519.Va kadmind5_server_enable
1520is set to
1521.Dq Li YES
1522this is the path to Kerberos 5 Administration Daemon.
1523.It Va kpasswdd_server_enable
1524.Pq Vt bool
1525Set to
1526.Dq Li YES
1527to start
1528.Xr kpasswdd 8 ,
1529the Kerberos 5 Password-Changing Daemon; set to
1530.Dq Li NO
1531on a slave server.
1532.It Va kpasswdd_server
1533.Pq Vt str
1534If
1535.Va kpasswdd_server_enable
1536is set to
1537.Dq Li YES
1538this is the path to Kerberos 5 Password-Changing Daemon.
1539.It Va rwhod_enable
1540.Pq Vt bool
1541If set to
1542.Dq Li YES ,
1543run the
1544.Xr rwhod 8
1545daemon at boot time.
1546.It Va rwhod_flags
1547.Pq Vt str
1548If
1549.Va rwhod_enable
1550is set to
1551.Dq Li YES ,
1552these are the flags to pass to it.
1553.It Va amd_enable
1554.Pq Vt bool
1555If set to
1556.Dq Li YES ,
1557run the
1558.Xr amd 8
1559daemon at boot time.
1560.It Va amd_flags
1561.Pq Vt str
1562If
1563.Va amd_enable
1564is set to
1565.Dq Li YES ,
1566these are the flags to pass to it.
1567See the
1568.Xr amd 8
1569manpage for more information.
1570.It Va amd_map_program
1571.Pq Vt str
1572If set,
1573the specified program is run to get the list of
1574.Xr amd 8
1575maps.
1576For example, if the
1577.Xr amd 8
1578maps are stored in NIS, one can set this to
1579run
1580.Xr ypcat 1
1581to get a list of
1582.Xr amd 8
1583maps from the
1584.Pa amd.master
1585NIS map.
1586.It Va update_motd
1587.Pq Vt bool
1588If set to
1589.Dq Li YES ,
1590.Pa /etc/motd
1591will be updated at boot time to reflect the kernel release
1592being run.
1593If set to
1594.Dq Li NO ,
1595.Pa /etc/motd
1596will not be updated.
1597.It Va nfs_client_enable
1598.Pq Vt bool
1599If set to
1600.Dq Li YES ,
1601run the NFS client daemons at boot time.
1602.It Va nfs_access_cache
1603.Pq Vt int
1604If
1605.Va nfs_client_enable
1606is set to
1607.Dq Li YES ,
1608this can be set to
1609.Dq Li 0
1610to disable NFS ACCESS RPC caching, or to the number of seconds for which
1611NFS ACCESS
1612results should be cached.
1613A value of 2-10 seconds will substantially reduce network
1614traffic for many NFS operations.
1615.It Va nfs_server_enable
1616.Pq Vt bool
1617If set to
1618.Dq Li YES ,
1619run the NFS server daemons at boot time.
1620.It Va nfs_server_flags
1621.Pq Vt str
1622If
1623.Va nfs_server_enable
1624is set to
1625.Dq Li YES ,
1626these are the flags to pass to the
1627.Xr nfsd 8
1628daemon.
1629.It Va mountd_enable
1630.Pq Vt bool
1631If set to
1632.Dq Li YES ,
1633and no
1634.Va nfs_server_enable
1635is set, start
1636.Xr mountd 8 ,
1637but not
1638.Xr nfsd 8
1639daemon.
1640It is commonly needed to run CFS without real NFS used.
1641.It Va mountd_flags
1642.Pq Vt str
1643If
1644.Va mountd_enable
1645is set to
1646.Dq Li YES ,
1647these are the flags to pass to the
1648.Xr mountd 8
1649daemon.
1650.It Va weak_mountd_authentication
1651.Pq Vt bool
1652If set to
1653.Dq Li YES ,
1654allow services like PCNFSD to make non-privileged mount
1655requests.
1656.It Va nfs_reserved_port_only
1657.Pq Vt bool
1658If set to
1659.Dq Li YES ,
1660provide NFS services only on a secure port.
1661.It Va nfs_bufpackets
1662.Pq Vt int
1663If set to a number, indicates the number of packets worth of
1664socket buffer space to reserve on an NFS client.
1665The kernel default is typically 4.
1666Using a higher number may be
1667useful on gigabit networks to improve performance.
1668The minimum value is
16692 and the maximum is 64.
1670.It Va rpc_lockd_enable
1671.Pq Vt bool
1672If set to
1673.Dq Li YES
1674and also an NFS server or client, run
1675.Xr rpc.lockd 8
1676at boot time.
1677.It Va rpc_statd_enable
1678.Pq Vt bool
1679If set to
1680.Dq Li YES
1681and also an NFS server or client, run
1682.Xr rpc.statd 8
1683at boot time.
1684.It Va rpcbind_program
1685.Pq Vt str
1686Path to
1687.Xr rpcbind 8
1688(default
1689.Pa /usr/sbin/rpcbind ) .
1690.It Va rpcbind_enable
1691.Pq Vt bool
1692If set to
1693.Dq Li YES ,
1694run the
1695.Xr rpcbind 8
1696service at boot time.
1697.It Va rpcbind_flags
1698.Pq Vt str
1699If
1700.Va rpcbind_enable
1701is set to
1702.Dq Li YES ,
1703these are the flags to pass to the
1704.Xr rpcbind 8
1705daemon.
1706.It Va keyserv_enable
1707.Pq Vt bool
1708If set to
1709.Dq Li YES ,
1710run the
1711.Xr keyserv 8
1712daemon on boot for running Secure RPC.
1713.It Va keyserv_flags
1714.Pq Vt str
1715If
1716.Va keyserv_enable
1717is set to
1718.Dq Li YES ,
1719these are the flags to pass to
1720.Xr keyserv 8
1721daemon.
1722.It Va pppoed_enable
1723.Pq Vt bool
1724If set to
1725.Dq Li YES ,
1726run the
1727.Xr pppoed 8
1728daemon at boot time to provide PPP over Ethernet services.
1729.It Va pppoed_ Ns Aq Ar provider
1730.Pq Vt str
1731.Xr pppoed 8
1732listens to requests to this
1733.Ar provider
1734and ultimately runs
1735.Xr ppp 8
1736with a
1737.Ar system
1738argument of the same name.
1739.It Va pppoed_flags
1740.Pq Vt str
1741Additional flags to pass to
1742.Xr pppoed 8 .
1743.It Va pppoed_interface
1744.Pq Vt str
1745The network interface to run
1746.Xr pppoed 8
1747on.
1748This is mandatory when
1749.Va pppoed_enable
1750is set to
1751.Dq Li YES .
1752.It Va timed_enable
1753.Pq Vt bool
1754If set to
1755.Dq Li YES ,
1756run the
1757.Xr timed 8
1758service at boot time.
1759This command is intended for networks of
1760machines where a consistent
1761.Dq "network time"
1762for all hosts must be established.
1763This is often useful in large NFS
1764environments where time stamps on files are expected to be consistent
1765network-wide.
1766.It Va timed_flags
1767.Pq Vt str
1768If
1769.Va timed_enable
1770is set to
1771.Dq Li YES ,
1772these are the flags to pass to the
1773.Xr timed 8
1774service.
1775.It Va ntpdate_enable
1776.Pq Vt bool
1777If set to
1778.Dq Li YES ,
1779run
1780.Xr ntpdate 8
1781at system startup.
1782This command is intended to
1783synchronize the system clock only
1784.Em once
1785from some standard reference.
1786An option to set this up initially
1787(from a list of known servers) is also provided by the
1788.Xr sysinstall 8
1789program when the system is first installed.
1790.It Va ntpdate_config
1791.Pq Vt str
1792Configuration file for
1793.Xr ntpdate 8 .
1794Default
1795.Pa /etc/ntp.conf .
1796.It Va ntpdate_hosts
1797.Pq Vt str
1798A whitespace-separated list of NTP servers to synchronize with at startup.
1799The default is to use the servers listed in
1800.Va ntpdate_config ,
1801if that file exists.
1802.It Va ntpdate_program
1803.Pq Vt str
1804Path to
1805.Xr ntpdate 8
1806(default
1807.Pa /usr/sbin/ntpdate ) .
1808.It Va ntpdate_flags
1809.Pq Vt str
1810If
1811.Va ntpdate_enable
1812is set to
1813.Dq Li YES ,
1814these are the flags to pass to the
1815.Xr ntpdate 8
1816command (typically a hostname).
1817.It Va ntpd_enable
1818.Pq Vt bool
1819If set to
1820.Dq Li YES ,
1821run the
1822.Xr ntpd 8
1823command at boot time.
1824.It Va ntpd_program
1825.Pq Vt str
1826Path to
1827.Xr ntpd 8
1828(default
1829.Pa /usr/sbin/ntpd ) .
1830.It Va ntpd_config
1831.Pq Vt str
1832Path to
1833.Xr ntpd 8
1834configuration file.
1835Default
1836.Pa /etc/ntp.conf .
1837.It Va ntpd_flags
1838.Pq Vt str
1839If
1840.Va ntpd_enable
1841is set to
1842.Dq Li YES ,
1843these are the flags to pass to the
1844.Xr ntpd 8
1845daemon.
1846.It Va ntpd_sync_on_start
1847.Pq Vt bool
1848If set to
1849.Dq Li YES ,
1850.Xr ntpd 8
1851is run with the
1852.Fl g
1853flag, which syncs the system's clock on startup.
1854See
1855.Xr ntpd 8
1856for more information regarding the
1857.Fl g
1858option.
1859This is a preferred alternative to using
1860.Xr ntpdate 8
1861or specifying the
1862.Va ntpdate_enable
1863variable.
1864.It Va nis_client_enable
1865.Pq Vt bool
1866If set to
1867.Dq Li YES ,
1868run the
1869.Xr ypbind 8
1870service at system boot time.
1871.It Va nis_client_flags
1872.Pq Vt str
1873If
1874.Va nis_client_enable
1875is set to
1876.Dq Li YES ,
1877these are the flags to pass to the
1878.Xr ypbind 8
1879service.
1880.It Va nis_ypset_enable
1881.Pq Vt bool
1882If set to
1883.Dq Li YES ,
1884run the
1885.Xr ypset 8
1886daemon at system boot time.
1887.It Va nis_ypset_flags
1888.Pq Vt str
1889If
1890.Va nis_ypset_enable
1891is set to
1892.Dq Li YES ,
1893these are the flags to pass to the
1894.Xr ypset 8
1895daemon.
1896.It Va nis_server_enable
1897.Pq Vt bool
1898If set to
1899.Dq Li YES ,
1900run the
1901.Xr ypserv 8
1902daemon at system boot time.
1903.It Va nis_server_flags
1904.Pq Vt str
1905If
1906.Va nis_server_enable
1907is set to
1908.Dq Li YES ,
1909these are the flags to pass to the
1910.Xr ypserv 8
1911daemon.
1912.It Va nis_ypxfrd_enable
1913.Pq Vt bool
1914If set to
1915.Dq Li YES ,
1916run the
1917.Xr rpc.ypxfrd 8
1918daemon at system boot time.
1919.It Va nis_ypxfrd_flags
1920.Pq Vt str
1921If
1922.Va nis_ypxfrd_enable
1923is set to
1924.Dq Li YES ,
1925these are the flags to pass to the
1926.Xr rpc.ypxfrd 8
1927daemon.
1928.It Va nis_yppasswdd_enable
1929.Pq Vt bool
1930If set to
1931.Dq Li YES ,
1932run the
1933.Xr rpc.yppasswdd 8
1934daemon at system boot time.
1935.It Va nis_yppasswdd_flags
1936.Pq Vt str
1937If
1938.Va nis_yppasswdd_enable
1939is set to
1940.Dq Li YES ,
1941these are the flags to pass to the
1942.Xr rpc.yppasswdd 8
1943daemon.
1944.It Va rpc_ypupdated_enable
1945.Pq Vt bool
1946If set to
1947.Dq Li YES ,
1948run the
1949.Nm rpc.ypupdated
1950daemon at system boot time.
1951.It Va bsnmpd_enable
1952.Pq Vt bool
1953If set to
1954.Dq Li YES ,
1955run the
1956.Xr bsnmpd 1
1957daemon at system boot time.
1958Be sure to understand the security implications of running SNMP daemon
1959on your host.
1960.It Va bsnmpd_flags
1961.Pq Vt str
1962If
1963.Va bsnmpd_enable
1964is set to
1965.Dq Li YES ,
1966these are the flags to pass to the
1967.Xr bsnmpd 1
1968daemon.
1969.It Va defaultrouter
1970.Pq Vt str
1971If not set to
1972.Dq Li NO ,
1973create a default route to this host name or IP address
1974(use an IP address if this router is also required to get to the
1975name server!).
1976.It Va ipv6_defaultrouter
1977.Pq Vt str
1978The IPv6 equivalent of
1979.Va defaultrouter .
1980.It Va static_routes
1981.Pq Vt str
1982Set to the list of static routes that are to be added at system
1983boot time.
1984If not set to
1985.Dq Li NO
1986then for each whitespace separated
1987.Ar element
1988in the value, a
1989.Va route_ Ns Aq Ar element
1990variable is assumed to exist
1991whose contents will later be passed to a
1992.Dq Nm route Cm add
1993operation.
1994For example:
1995.Bd -literal
1996static_routes="mcast gif0local"
1997route_mcast="-net 224.0.0.0/4 -iface gif0"
1998route_gif0local="-host 169.254.1.1 -iface lo0"
1999.Ed
2000.It Va ipv6_static_routes
2001.Pq Vt str
2002The IPv6 equivalent of
2003.Va static_routes .
2004If not set to
2005.Dq Li NO
2006then for each whitespace separated
2007.Ar element
2008in the value, a
2009.Va ipv6_route_ Ns Aq Ar element
2010variable is assumed to exist
2011whose contents will later be passed to a
2012.Dq Nm route Cm add Fl inet6
2013operation.
2014.It Va natm_static_routes
2015.Pq Vt str
2016The
2017.Xr natmip 4
2018equivalent of
2019.Va static_routes .
2020If not empty then for each whitespace separated
2021.Ar element
2022in the value, a
2023.Va route_ Ns Aq Ar element
2024variable is assumed to exist whose contents will later be passed to a
2025.Dq Nm atmconfig Cm natm Cm add
2026operation.
2027.It Va gateway_enable
2028.Pq Vt bool
2029If set to
2030.Dq Li YES ,
2031configure host to act as an IP router, e.g.\& to forward packets
2032between interfaces.
2033.It Va ipv6_gateway_enable
2034.Pq Vt bool
2035The IPv6 equivalent of
2036.Va gateway_enable .
2037.It Va router_enable
2038.Pq Vt bool
2039If set to
2040.Dq Li YES ,
2041run a routing daemon of some sort, based on the
2042settings of
2043.Va router
2044and
2045.Va router_flags .
2046.It Va ipv6_router_enable
2047.Pq Vt bool
2048The IPv6 equivalent of
2049.Va router_enable .
2050If set to
2051.Dq Li YES ,
2052run a routing daemon of some sort, based on the
2053settings of
2054.Va ipv6_router
2055and
2056.Va ipv6_router_flags .
2057.It Va router
2058.Pq Vt str
2059If
2060.Va router_enable
2061is set to
2062.Dq Li YES ,
2063this is the name of the routing daemon to use.
2064.It Va ipv6_router
2065.Pq Vt str
2066The IPv6 equivalent of
2067.Va router .
2068.It Va router_flags
2069.Pq Vt str
2070If
2071.Va router_enable
2072is set to
2073.Dq Li YES ,
2074these are the flags to pass to the routing daemon.
2075.It Va ipv6_router_flags
2076.Pq Vt str
2077The IPv6 equivalent of
2078.Va router_flags .
2079.It Va mrouted_enable
2080.Pq Vt bool
2081If set to
2082.Dq Li YES ,
2083run the multicast routing daemon,
2084.Xr mrouted 8 .
2085.It Va mroute6d_enable
2086.Pq Vt bool
2087The IPv6 equivalent of
2088.Va mrouted_enable .
2089If set to
2090.Dq Li YES ,
2091run the IPv6 multicast routing daemon.
2092.Pp
2093Note that multicast routing daemons are no longer included in the
2094.Fx
2095base system, however, both
2096.Xr mrouted 8
2097and
2098.Xr pim6dd 8
2099may be installed from the
2100.Fx
2101Ports Collection.
2102.It Va mrouted_flags
2103.Pq Vt str
2104If
2105.Va mrouted_enable
2106is set to
2107.Dq Li YES ,
2108these are the flags to pass to the
2109.Xr mrouted 8
2110daemon.
2111.It Va mroute6d_flags
2112.Pq Vt str
2113The IPv6 equivalent of
2114.Va mrouted_flags .
2115If
2116.Va mroute6d_enable
2117is set to
2118.Dq Li YES ,
2119these are the flags passed to the IPv6 multicast routing daemon.
2120.It Va mroute6d_program
2121.Pq Vt str
2122If
2123.Va mroute6d_enable
2124is set to
2125.Dq Li YES ,
2126this is the path to the IPv6 multicast routing daemon.
2127.It Va rtadvd_enable
2128.Pq Vt bool
2129If set to
2130.Dq Li YES ,
2131run the
2132.Xr rtadvd 8
2133daemon at boot time.
2134.Xr rtadvd 8
2135will only run if
2136.Va ipv6_gateway_enable
2137is also set to
2138.Dq Li YES .
2139The
2140.Xr rtadvd 8
2141utility sends router advertisement packets to the interfaces specified in
2142.Va rtadvd_interfaces
2143and should only be enabled with great care.
2144You may want to fine-tune
2145.Xr rtadvd.conf 5 .
2146.It Va rtadvd_interfaces
2147.Pq Vt str
2148If
2149.Va rtadvd_enable
2150is set to
2151.Dq Li YES
2152this is the list of interfaces to use.
2153.It Va ipxgateway_enable
2154.Pq Vt bool
2155If set to
2156.Dq Li YES ,
2157enable the routing of IPX traffic.
2158.It Va ipxrouted_enable
2159.Pq Vt bool
2160If set to
2161.Dq Li YES ,
2162run the
2163.Xr IPXrouted 8
2164daemon at system boot time.
2165.It Va ipxrouted_flags
2166.Pq Vt str
2167If
2168.Va ipxrouted_enable
2169is set to
2170.Dq Li YES ,
2171these are the flags to pass to the
2172.Xr IPXrouted 8
2173daemon.
2174.It Va arpproxy_all
2175.Pq Vt bool
2176If set to
2177.Dq Li YES ,
2178enable global proxy ARP.
2179.It Va forward_sourceroute
2180.Pq Vt bool
2181If set to
2182.Dq Li YES
2183and
2184.Va gateway_enable
2185is also set to
2186.Dq Li YES ,
2187source-routed packets are forwarded.
2188.It Va accept_sourceroute
2189.Pq Vt bool
2190If set to
2191.Dq Li YES ,
2192the system will accept source-routed packets directed at it.
2193.It Va rarpd_enable
2194.Pq Vt bool
2195If set to
2196.Dq Li YES ,
2197run the
2198.Xr rarpd 8
2199daemon at system boot time.
2200.It Va rarpd_flags
2201.Pq Vt str
2202If
2203.Va rarpd_enable
2204is set to
2205.Dq Li YES ,
2206these are the flags to pass to the
2207.Xr rarpd 8
2208daemon.
2209.It Va bootparamd_enable
2210.Pq Vt bool
2211If set to
2212.Dq Li YES ,
2213run the
2214.Xr bootparamd 8
2215daemon at system boot time.
2216.It Va bootparamd_flags
2217.Pq Vt str
2218If
2219.Va bootparamd_enable
2220is set to
2221.Dq Li YES ,
2222these are the flags to pass to the
2223.Xr bootparamd 8
2224daemon.
2225.It Va stf_interface_ipv4addr
2226.Pq Vt str
2227If not set to
2228.Dq Li NO ,
2229this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling
2230interface).
2231Specify this entry to enable the 6to4 interface.
2232.It Va stf_interface_ipv4plen
2233.Pq Vt int
2234Prefix length for 6to4 IPv4 addresses, to limit peer address range.
2235An effective value is 0-31.
2236.It Va stf_interface_ipv6_ifid
2237.Pq Vt str
2238IPv6 interface ID for
2239.Xr stf 4 .
2240This can be set to
2241.Dq Li AUTO .
2242.It Va stf_interface_ipv6_slaid
2243.Pq Vt str
2244IPv6 Site Level Aggregator for
2245.Xr stf 4 .
2246.It Va ipv6_faith_prefix
2247.Pq Vt str
2248If not set to
2249.Dq Li NO ,
2250this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP
2251translator.
2252You also need
2253.Xr faithd 8
2254setup.
2255.It Va ipv6_ipv4mapping
2256.Pq Vt bool
2257If set to
2258.Dq Li YES
2259this enables IPv4 mapped IPv6 address communication (like
2260.Li ::ffff:a.b.c.d ) .
2261.It Va atm_enable
2262.Pq Vt bool
2263Set to
2264.Dq Li YES
2265to enable the configuration of ATM interfaces at system boot time.
2266For all of the ATM variables described below, please refer to the
2267.Xr atm 8
2268manual page for further details on the available command parameters.
2269Also refer to the files in
2270.Pa /usr/share/examples/atm
2271for more detailed configuration information.
2272.It Va atm_load
2273.Pq Vt str
2274This is a list of physical ATM interface drivers to load.
2275Typical values are
2276.Dq Li hfa_pci
2277and/or
2278.Dq Li hea_pci .
2279.It Va atm_netif_ Ns Aq Ar intf
2280.Pq Vt str
2281For the ATM physical interface
2282.Ar intf ,
2283this variable defines the name prefix and count for the ATM network
2284interfaces to be created.
2285The value will be passed as the parameters of an
2286.Dq Nm atm Cm "set netif" Ar intf
2287command.
2288.It Va atm_sigmgr_ Ns Aq Ar intf
2289.Pq Vt str
2290For the ATM physical interface
2291.Ar intf ,
2292this variable defines the ATM signalling manager to be used.
2293The value will be passed as the parameters of an
2294.Dq Nm atm Cm attach Ar intf
2295command.
2296.It Va atm_prefix_ Ns Aq Ar intf
2297.Pq Vt str
2298For the ATM physical interface
2299.Ar intf ,
2300this variable defines the NSAP prefix for interfaces using a UNI signalling
2301manager.
2302If set to
2303.Dq Li ILMI ,
2304the prefix will automatically be set via the
2305.Xr ilmid 8
2306daemon.
2307Otherwise, the value will be passed as the parameters of an
2308.Dq Nm atm Cm "set prefix" Ar intf
2309command.
2310.It Va atm_macaddr_ Ns Aq Ar intf
2311.Pq Vt str
2312For the ATM physical interface
2313.Ar intf ,
2314this variable defines the MAC address for interfaces using a UNI signalling
2315manager.
2316If set to
2317.Dq Li NO ,
2318the hardware MAC address contained in the ATM interface card will be used.
2319Otherwise, the value will be passed as the parameters of an
2320.Dq Nm atm Cm "set mac" Ar intf
2321command.
2322.It Va atm_arpserver_ Ns Aq Ar netif
2323.Pq Vt str
2324For the ATM network interface
2325.Ar netif ,
2326this variable defines the ATM address for a host which is to provide ATMARP
2327service.
2328This variable is only applicable to interfaces using a UNI signalling
2329manager.
2330If set to
2331.Dq Li local ,
2332this host will become an ATMARP server.
2333The value will be passed as the parameters of an
2334.Dq Nm atm Cm "set arpserver" Ar netif
2335command.
2336.It Va atm_scsparp_ Ns Aq Ar netif
2337.Pq Vt bool
2338If set to
2339.Dq Li YES ,
2340SCSP/ATMARP service for the network interface
2341.Ar netif
2342will be initiated using the
2343.Xr scspd 8
2344and
2345.Xr atmarpd 8
2346daemons.
2347This variable is only applicable if
2348.Va atm_arpserver_ Ns Aq Ar netif
2349is set to
2350.Dq Li local .
2351.It Va atm_pvcs
2352.Pq Vt str
2353Set to the list of ATM PVCs to be added at system
2354boot time.
2355For each whitespace separated
2356.Ar element
2357in the value, an
2358.Va atm_pvc_ Ns Aq Ar element
2359variable is assumed to exist.
2360The value of each of these variables
2361will be passed as the parameters of an
2362.Dq Nm atm Cm "add pvc"
2363command.
2364.It Va atm_arps
2365.Pq Vt str
2366Set to the list of permanent ATM ARP entries to be added
2367at system boot time.
2368For each whitespace separated
2369.Ar element
2370in the value, an
2371.Va atm_arp_ Ns Aq Ar element
2372variable is assumed to exist.
2373The value of each of these variables
2374will be passed as the parameters of an
2375.Dq Nm atm Cm "add arp"
2376command.
2377.It Va natm_interfaces
2378.Pq Vt str
2379Set to the list of
2380.Xr natm 4
2381interfaces that will also be used for HARP through
2382.Xr harp 4 .
2383If this list is not empty all interfaces in the list will be brought up
2384with
2385.Xr ifconfig 8
2386and
2387.Xr harp 4
2388will be loaded.
2389For this to work the interface drivers must be either compiled into the
2390kernel or must reside on the root partition.
2391.It Va keybell
2392.Pq Vt str
2393The keyboard bell sound.
2394Set to
2395.Dq Li normal ,
2396.Dq Li visual ,
2397.Dq Li off ,
2398or
2399.Dq Li NO
2400if the default behavior is desired.
2401For details, refer to the
2402.Xr kbdcontrol 1
2403manpage.
2404.It Va keyboard
2405.Pq Vt str
2406If set to a non-null string, the virtual console's keyboard input is
2407set to this device.
2408.It Va keymap
2409.Pq Vt str
2410If set to
2411.Dq Li NO ,
2412no keymap is installed, otherwise the value is used to install
2413the keymap file in
2414.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
2415.It Va keyrate
2416.Pq Vt str
2417The keyboard repeat speed.
2418Set to
2419.Dq Li slow ,
2420.Dq Li normal ,
2421.Dq Li fast ,
2422or
2423.Dq Li NO
2424if the default behavior is desired.
2425.It Va keychange
2426.Pq Vt str
2427If not set to
2428.Dq Li NO ,
2429attempt to program the function keys with the value.
2430The value should
2431be a single string of the form:
2432.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
2433.It Va cursor
2434.Pq Vt str
2435Can be set to the value of
2436.Dq Li normal ,
2437.Dq Li blink ,
2438.Dq Li destructive ,
2439or
2440.Dq Li NO
2441to set the cursor behavior explicitly or choose the default behavior.
2442.It Va scrnmap
2443.Pq Vt str
2444If set to
2445.Dq Li NO ,
2446no screen map is installed, otherwise the value is used to install
2447the screen map file in
2448.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
2449.It Va font8x16
2450.Pq Vt str
2451If set to
2452.Dq Li NO ,
2453the default 8x16 font value is used for screen size requests, otherwise
2454the value in
2455.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2456is used.
2457.It Va font8x14
2458.Pq Vt str
2459If set to
2460.Dq Li NO ,
2461the default 8x14 font value is used for screen size requests, otherwise
2462the value in
2463.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2464is used.
2465.It Va font8x8
2466.Pq Vt str
2467If set to
2468.Dq Li NO ,
2469the default 8x8 font value is used for screen size requests, otherwise
2470the value in
2471.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
2472is used.
2473.It Va blanktime
2474.Pq Vt int
2475If set to
2476.Dq Li NO ,
2477the default screen blanking interval is used, otherwise it is set
2478to
2479.Ar value
2480seconds.
2481.It Va saver
2482.Pq Vt str
2483If not set to
2484.Dq Li NO ,
2485this is the actual screen saver to use
2486.Li ( blank , snake , daemon ,
2487etc).
2488.It Va moused_nondefault_enable
2489.Pq Vt str
2490If set to
2491.Dq Li NO ,
2492the mouse device specified on
2493the command line is not automatically treated as enabled by the
2494.Pa /etc/rc.d/moused
2495script.
2496Having this variable set to
2497.Dq Li YES
2498allows a
2499.Xr usb 4
2500mouse,
2501for example,
2502to be enabled as soon as it is plugged in.
2503.It Va moused_enable
2504.Pq Vt str
2505If set to
2506.Dq Li YES ,
2507the
2508.Xr moused 8
2509daemon is started for doing cut/paste selection on the console.
2510.It Va moused_type
2511.Pq Vt str
2512This is the protocol type of the mouse connected to this host.
2513This variable must be set if
2514.Va moused_enable
2515is set to
2516.Dq Li YES .
2517The
2518.Xr moused 8
2519daemon
2520is able to detect the appropriate mouse type automatically in many cases.
2521Set this variable to
2522.Dq Li auto
2523to let the daemon detect it, or
2524select one from the following list if the automatic detection fails.
2525.Pp
2526If the mouse is attached to the PS/2 mouse port, choose
2527.Dq Li auto
2528or
2529.Dq Li ps/2 ,
2530regardless of the brand and model of the mouse.
2531Likewise, if the
2532mouse is attached to the bus mouse port, choose
2533.Dq Li auto
2534or
2535.Dq Li busmouse .
2536All other protocols are for serial mice and will not work with
2537the PS/2 and bus mice.
2538If this is a USB mouse,
2539.Dq Li auto
2540is the only protocol type which will work.
2541.Pp
2542.Bl -tag -width ".Li x10mouseremote" -compact
2543.It Li microsoft
2544Microsoft mouse (serial)
2545.It Li intellimouse
2546Microsoft IntelliMouse (serial)
2547.It Li mousesystems
2548Mouse systems Corp.\& mouse (serial)
2549.It Li mmseries
2550MM Series mouse (serial)
2551.It Li logitech
2552Logitech mouse (serial)
2553.It Li busmouse
2554A bus mouse
2555.It Li mouseman
2556Logitech MouseMan and TrackMan (serial)
2557.It Li glidepoint
2558ALPS GlidePoint (serial)
2559.It Li thinkingmouse
2560Kensington ThinkingMouse (serial)
2561.It Li ps/2
2562PS/2 mouse
2563.It Li mmhittab
2564MM HitTablet (serial)
2565.It Li x10mouseremote
2566X10 MouseRemote (serial)
2567.It Li versapad
2568Interlink VersaPad (serial)
2569.El
2570.Pp
2571Even if the mouse is not in the above list, it may be compatible
2572with one in the list.
2573Refer to the manual page for
2574.Xr moused 8
2575for compatibility information.
2576.Pp
2577It should also be noted that while this is enabled, any
2578other client of the mouse (such as an X server) should access
2579the mouse through the virtual mouse device,
2580.Pa /dev/sysmouse ,
2581and configure it as a
2582.Dq Li sysmouse
2583type mouse, since all
2584mouse data is converted to this single canonical format when
2585using
2586.Xr moused 8 .
2587If the client program does not support the
2588.Dq Li sysmouse
2589type,
2590specify the
2591.Dq Li mousesystems
2592type.
2593It is the second preferred type.
2594.It Va moused_port
2595.Pq Vt str
2596If
2597.Va moused_enable
2598is set to
2599.Dq Li YES ,
2600this is the actual port the mouse is on.
2601It might be
2602.Pa /dev/cuad0
2603for a COM1 serial mouse,
2604.Pa /dev/psm0
2605for a PS/2 mouse or
2606.Pa /dev/mse0
2607for a bus mouse, for example.
2608.It Va moused_flags
2609.Pq Vt str
2610If
2611.Va moused_type
2612is set, these are the additional flags to pass to the
2613.Xr moused 8
2614daemon.
2615.It Va mousechar_start
2616.Pq Vt int
2617If set to
2618.Dq Li NO ,
2619the default mouse cursor character range
2620.Li 0xd0 Ns - Ns Li 0xd3
2621is used,
2622otherwise the range start is set
2623to
2624.Ar value
2625character, see
2626.Xr vidcontrol 1 .
2627Use if the default range is occupied in the language code table.
2628.It Va allscreens_flags
2629.Pq Vt str
2630If set,
2631.Xr vidcontrol 1
2632is run with these options for each of the virtual terminals
2633.Pq Pa /dev/ttyv* .
2634For example,
2635.Dq Fl m Cm on
2636will enable the mouse pointer on all virtual terminals
2637if
2638.Va moused_enable
2639is set to
2640.Dq Li YES .
2641.It Va allscreens_kbdflags
2642.Pq Vt str
2643If set,
2644.Xr kbdcontrol 1
2645is run with these options for each of the virtual terminals
2646.Pq Pa /dev/ttyv* .
2647For example,
2648.Dq Fl h Li 200
2649will set the
2650.Xr syscons 4
2651scrollback (history) buffer to 200 lines.
2652.It Va cron_enable
2653.Pq Vt bool
2654If set to
2655.Dq Li YES ,
2656run the
2657.Xr cron 8
2658daemon at system boot time.
2659.It Va cron_program
2660.Pq Vt str
2661Path to
2662.Xr cron 8
2663(default
2664.Pa /usr/sbin/cron ) .
2665.It Va cron_flags
2666.Pq Vt str
2667If
2668.Va cron_enable
2669is set to
2670.Dq Li YES ,
2671these are the flags to pass to
2672.Xr cron 8 .
2673.It Va cron_dst
2674.Pq Vt bool
2675If set to
2676.Dq Li YES ,
2677enable the special handling of transitions to and from the
2678Daylight Saving Time in
2679.Xr cron 8
2680(equivalent to using the flag
2681.Fl s ) .
2682.It Va lpd_program
2683.Pq Vt str
2684Path to
2685.Xr lpd 8
2686(default
2687.Pa /usr/sbin/lpd ) .
2688.It Va lpd_enable
2689.Pq Vt bool
2690If set to
2691.Dq Li YES ,
2692run the
2693.Xr lpd 8
2694daemon at system boot time.
2695.It Va lpd_flags
2696.Pq Vt str
2697If
2698.Va lpd_enable
2699is set to
2700.Dq Li YES ,
2701these are the flags to pass to the
2702.Xr lpd 8
2703daemon.
2704.It Va chkprintcap_enable
2705.Pq Vt bool
2706If set to
2707.Dq Li YES ,
2708run the
2709.Xr chkprintcap 8
2710command before starting the
2711.Xr lpd 8
2712daemon.
2713.It Va chkprintcap_flags
2714.Pq Vt str
2715If
2716.Va lpd_enable
2717and
2718.Va chkprintcap_enable
2719are set to
2720.Dq Li YES ,
2721these are the flags to pass to the
2722.Xr chkprintcap 8
2723program.
2724The default is
2725.Dq Li -d ,
2726which causes missing directories to be created.
2727.It Va mta_start_script
2728.Pq Vt str
2729This variable specifies the full path to the script to run to start
2730a mail transfer agent.
2731The default is
2732.Pa /etc/rc.sendmail .
2733The
2734.Va sendmail_*
2735variables which
2736.Pa /etc/rc.sendmail
2737uses are documented in the
2738.Xr rc.sendmail 8
2739manual page.
2740.It Va dumpdev
2741.Pq Vt str
2742Indicates the device (usually a swap partition) to which a crash dump
2743should be written in the event of a system crash.
2744If the value of this variable is
2745.Dq Li AUTO ,
2746the first suitable swap device listed in
2747.Pa /etc/fstab
2748will be used as dump device.
2749Otherwise, the value of this variable is passed as the argument to
2750.Xr dumpon 8 .
2751To disable crash dumps, set this variable to
2752.Dq Li NO .
2753.It Va dumpdir
2754.Pq Vt str
2755When the system reboots after a crash and a crash dump is found on the
2756device specified by the
2757.Va dumpdev
2758variable,
2759.Xr savecore 8
2760will save that crash dump and a copy of the kernel to the directory
2761specified by the
2762.Va dumpdir
2763variable.
2764The default value is
2765.Pa /var/crash .
2766Set to
2767.Dq Li NO
2768to not run
2769.Xr savecore 8
2770at boot time when
2771.Va dumpdir
2772is set.
2773.It Va savecore_flags
2774.Pq Vt str
2775If crash dumps are enabled, these are the flags to pass to the
2776.Xr savecore 8
2777utility.
2778.It Va enable_quotas
2779.Pq Vt bool
2780Set to
2781.Dq Li YES
2782to turn on user disk quotas on system startup via the
2783.Xr quotaon 8
2784command.
2785.It Va check_quotas
2786.Pq Vt bool
2787Set to
2788.Dq Li YES
2789to enable user disk quota checking via the
2790.Xr quotacheck 8
2791command.
2792.It Va accounting_enable
2793.Pq Vt bool
2794Set to
2795.Dq Li YES
2796to enable system accounting through the
2797.Xr accton 8
2798facility.
2799.It Va ibcs2_enable
2800.Pq Vt bool
2801Set to
2802.Dq Li YES
2803to enable iBCS2 (SCO) binary emulation at system initial boot
2804time.
2805.It Va ibcs2_loaders
2806.Pq Vt str
2807If not set to
2808.Dq Li NO
2809and if
2810.Va ibcs2_enable
2811is set to
2812.Dq Li YES ,
2813this specifies a list of additional iBCS2 loaders to enable.
2814.It Va linux_enable
2815.Pq Vt bool
2816Set to
2817.Dq Li YES
2818to enable Linux/ELF binary emulation at system initial
2819boot time.
2820.It Va svr4_enable
2821.Pq Vt bool
2822If set to
2823.Dq Li YES ,
2824enable SysVR4 emulation at boot time.
2825.It Va sysvipc_enable
2826.Pq Vt bool
2827If set to
2828.Dq Li YES ,
2829load System V IPC primitives at boot time.
2830.It Va clear_tmp_enable
2831.Pq Vt bool
2832Set to
2833.Dq Li YES
2834to have
2835.Pa /tmp
2836cleaned at startup.
2837.It Va clear_tmp_X
2838.Pq Vt bool
2839Set to
2840.Dq Li NO
2841to disable removing of X11 lock files,
2842and the removal and (secure) recreation
2843of the various socket directories for X11
2844related programs.
2845.It Va ldconfig_paths
2846.Pq Vt str
2847Set to the list of shared library paths to use with
2848.Xr ldconfig 8 .
2849NOTE:
2850.Pa /usr/lib
2851will always be added first, so it need not appear in this list.
2852.It Va ldconfig32_paths
2853.Pq Vt str
2854Set to the list of 32-bit compatibility shared library paths to
2855use with
2856.Xr ldconfig 8 .
2857.It Va ldconfig_paths_aout
2858.Pq Vt str
2859Set to the list of shared library paths to use with
2860.Xr ldconfig 8
2861legacy
2862.Xr a.out 5
2863support.
2864.It Va ldconfig_insecure
2865.Pq Vt bool
2866The
2867.Xr ldconfig 8
2868utility normally refuses to use directories
2869which are writable by anyone except root.
2870Set this variable to
2871.Dq Li YES
2872to disable that security check during system startup.
2873.It Va ldconfig_local_dirs
2874.Pq Vt str
2875Set to the list of local
2876.Xr ldconfig 8
2877directories.
2878The names of all files in the directories listed will be
2879passed as arguments to
2880.Xr ldconfig 8 .
2881.It Va ldconfig_local32_dirs
2882.Pq Vt str
2883Set to the list of local 32-bit compatibility
2884.Xr ldconfig 8
2885directories.
2886The names of all files in the directories listed will be
2887passed as arguments to
2888.Dq Nm ldconfig Fl 32 .
2889.It Va kern_securelevel_enable
2890.Pq Vt bool
2891Set to
2892.Dq Li YES
2893to set the kernel security level at system startup.
2894.It Va kern_securelevel
2895.Pq Vt int
2896The kernel security level to set at startup.
2897The allowed range of
2898.Ar value
2899ranges from \-1 (the compile time default) to 3 (the
2900most secure).
2901See
2902.Xr init 8
2903for the list of possible security levels and their effect
2904on system operation.
2905.It Va sshd_program
2906.Pq Vt str
2907Path to the SSH server program
2908.Pa ( /usr/sbin/sshd
2909is the default).
2910.It Va sshd_enable
2911.Pq Vt bool
2912Set to
2913.Dq Li YES
2914to start
2915.Xr sshd 8
2916at system boot time.
2917.It Va sshd_flags
2918.Pq Vt str
2919If
2920.Va sshd_enable
2921is set to
2922.Dq Li YES ,
2923these are the flags to pass to the
2924.Xr sshd 8
2925daemon.
2926.It Va ftpd_program
2927.Pq Vt str
2928Path to the FTP server program
2929.Pa ( /usr/libexec/ftpd
2930is the default).
2931.It Va ftpd_enable
2932.Pq Vt bool
2933Set to
2934.Dq Li YES
2935to start
2936.Xr ftpd 8
2937as a stand-alone daemon at system boot time.
2938.It Va ftpd_flags
2939.Pq Vt str
2940If
2941.Va ftpd_enable
2942is set to
2943.Dq Li YES ,
2944these are the additional flags to pass to the
2945.Xr ftpd 8
2946daemon.
2947.It Va watchdogd_enable
2948.Pq Vt bool
2949If set to
2950.Dq Li YES ,
2951start the
2952.Xr watchdogd 8
2953daemon at boot time.
2954This requires that the kernel have been compiled with a
2955.Xr watchdog 4
2956compatible device.
2957.It Va watchdogd_flags
2958.Pq Vt str
2959If
2960.Va watchdogd_enable
2961is set to
2962.Dq Li YES ,
2963these are the flags passed to the
2964.Xr watchdogd 8
2965daemon.
2966.It Va performance_cx_lowest
2967.Pq Vt str
2968CPU idle state to use while on AC power.
2969The string
2970.Dq Li LOW
2971indicates that
2972.Xr acpi 4
2973should use the lowest power state available while
2974.Dq Li HIGH
2975indicates that the lowest latency state (less power savings) should be used.
2976.It Va performance_cpu_freq
2977.Pq Vt str
2978CPU clock frequency to use while on AC power.
2979The string
2980.Dq Li LOW
2981indicates that
2982.Xr cpufreq 4
2983should use the lowest frequency available while
2984.Dq Li HIGH
2985indicates that the highest frequency (less power savings) should be used.
2986.It Va economy_cx_lowest
2987.Pq Vt str
2988CPU idle state to use when off AC power.
2989The string
2990.Dq Li LOW
2991indicates that
2992.Xr acpi 4
2993should use the lowest power state available while
2994.Dq Li HIGH
2995indicates that the lowest latency state (less power savings) should be used.
2996.It Va economy_cpu_freq
2997.Pq Vt str
2998CPU clock frequency to use when off AC power.
2999The string
3000.Dq Li LOW
3001indicates that
3002.Xr cpufreq 4
3003should use the lowest frequency available while
3004.Dq Li HIGH
3005indicates that the highest frequency (less power savings) should be used.
3006.It Va jail_enable
3007.Pq Vt bool
3008If set to
3009.Dq Li NO ,
3010any configured jails will not be started.
3011.It Va jail_list
3012.Pq Vt str
3013A space separated list of names for jails.
3014This is purely a configuration aid to help identify and
3015configure multiple jails.
3016The names specified in this list will be used to
3017identify settings common to an instance of a jail.
3018Assuming that the jail in question was named
3019.Li vjail ,
3020you would have the following dependent variables:
3021.Bd -literal
3022jail_vjail_hostname="jail.example.com"
3023jail_vjail_ip="192.168.1.100"
3024jail_vjail_rootdir="/var/jails/vjail/root"
3025.Ed
3026.Pp
3027.It Va jail_flags
3028.Pq Vt str
3029Unset by default.
3030When set, use as default value for
3031.Va jail_ Ns Ao Ar jname Ac Ns Va _flags
3032for every jail in
3033.Va jail_list .
3034.It Va jail_interface
3035.Pq Vt str
3036Unset by default.
3037When set, use as default value for
3038.Va jail_ Ns Ao Ar jname Ac Ns Va _interface
3039for every jail in
3040.Va jail_list .
3041.It Va jail_fstab
3042.Pq Vt str
3043Unset by default.
3044When set, use as default value for
3045.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
3046for every jail in
3047.Va jail_list .
3048.It Va jail_mount_enable
3049.Pq Vt bool
3050Set to
3051.Dq Li NO
3052by default.
3053When set to
3054.Dq Li YES ,
3055sets
3056.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
3057to
3058.Dq Li YES
3059by default for every jail in
3060.Va jail_list .
3061.It Va jail_devfs_ruleset
3062.Pq Vt str
3063Unset by default.
3064When set, sets
3065.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset
3066to given value for every jail in
3067.Va jail_list .
3068.It Va jail_devfs_enable
3069.Pq Vt bool
3070Set to
3071.Dq Li NO
3072by default.
3073When set to
3074.Dq Li YES ,
3075sets
3076.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
3077to
3078.Dq Li YES
3079by default for every jail in
3080.Va jail_list .
3081.It Va jail_fdescfs_enable
3082.Pq Vt bool
3083Set to
3084.Dq Li NO
3085by default.
3086When set to
3087.Dq Li YES ,
3088sets
3089.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
3090to
3091.Dq Li YES
3092by default for every jail in
3093.Va jail_list .
3094.It Va jail_procfs_enable
3095.Pq Vt bool
3096Set to
3097.Dq Li NO
3098by default.
3099When set to
3100.Dq Li YES ,
3101sets
3102.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
3103to
3104.Dq Li YES
3105by default for every jail in
3106.Va jail_list .
3107.It Va jail_exec_start
3108.Pq Vt str
3109Unset by default.
3110When set, use as default value for
3111.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
3112for every jail in
3113.Va jail_list .
3114.It Va jail_exec_afterstart Ns Aq Ar N
3115.Pq Vt str
3116Unset by default.
3117When set, use as default value for
3118.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N
3119for every jail in
3120.Va jail_list .
3121.It Va jail_exec_stop
3122Unset by default.
3123When set, use as default value for
3124.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
3125for every jail in
3126.Va jail_list .
3127.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
3128.Pq Vt str
3129Unset by default.
3130Set to the root directory used by jail
3131.Va jname .
3132.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
3133.Pq Vt str
3134Unset by default.
3135Set to the fully qualified domain name (FQDN) assigned to jail
3136.Va jname .
3137.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip
3138.Pq Vt str
3139Unset by default.
3140Set to the IP address assigned to jail
3141.Va jname .
3142.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags
3143.Pq Vt str
3144Set to
3145.Dq Li -l -U root
3146by default.
3147These are flags to pass to
3148.Xr jail .
3149.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface
3150.Pq Vt str
3151Unset by default.
3152When set, sets the interface to use when setting IP address alias.
3153Note that the alias is created at jail startup and removed at jail shutdown.
3154.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
3155.Pq Vt str
3156Set to
3157.Pa /etc/fstab. Ns Aq Ar jname
3158by default.
3159This is the file system information file to use for jail
3160.Va jname .
3161.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
3162.Pq Vt bool
3163Set to
3164.Dq Li NO
3165by default.
3166When set to
3167.Dq Li YES ,
3168mount all file systems from
3169.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
3170at jail startup.
3171.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset
3172.Pq Vt str
3173Unset by default.
3174When set, defines the device file system ruleset file to use for jail
3175.Va jname .
3176.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
3177.Pq Vt bool
3178Set to
3179.Dq Li NO
3180by default.
3181When set to
3182.Dq Li YES ,
3183mount the device file system inside jail
3184.Ar jname
3185at jail startup.
3186.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
3187.Pq Vt bool
3188Set to
3189.Dq Li NO
3190by default.
3191When set to
3192.Dq Li YES ,
3193mount the file-descriptor file system inside jail
3194.Ar jname
3195at jail startup.
3196.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
3197.Pq Vt bool
3198Set to
3199.Dq Li NO
3200by default.
3201When set to
3202.Dq Li YES ,
3203mount the process file system inside jail
3204.Ar jname
3205at jail startup.
3206.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
3207.Pq Vt str
3208Set to
3209.Dq Li /bin/sh /etc/rc
3210by default.
3211This is the command executed at jail startup.
3212.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N
3213.Pq Vt str
3214Unset by default.
3215This is the command run as
3216.Ar N Ns
3217th command
3218after jail startup, where
3219.Ar N
3220is 1, 2, and so on.
3221.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
3222.Pq Vt str
3223Set to
3224.Dq Li /bin/sh /etc/rc.shutdown
3225by default.
3226This is the command executed at jail shutdown.
3227.It Va jail_set_hostname_allow
3228.Pq Vt bool
3229If set to
3230.Dq Li NO ,
3231do not allow the root user in a jail to set its hostname.
3232.It Va jail_socket_unixiproute_only
3233.Pq Vt bool
3234If set to
3235.Dq Li YES ,
3236do not allow any sockets,
3237besides UNIX/IP/route sockets,
3238to be used within a jail.
3239.It Va jail_sysvipc_allow
3240.Pq Vt bool
3241If set to
3242.Dq Li YES ,
3243allow applications within a jail to use System V IPC.
3244.\" ----- ISDN settings ---------------------------------
3245.It Va isdn_enable
3246.Pq Vt bool
3247Set to
3248.Dq Li NO
3249by default.
3250When set to
3251.Dq Li YES ,
3252starts the
3253.Xr isdnd 8
3254daemon
3255at system boot time.
3256.It Va isdn_flags
3257.Pq Vt str
3258Set to
3259.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9
3260by default.
3261Additional flags to pass to
3262.Xr isdnd 8
3263(but see
3264.Va isdn_fsdev
3265and
3266.Va isdn_ttype
3267for certain tunable parameters).
3268.It Va isdn_ttype
3269.Pq Vt str
3270Set to
3271.Dq Li cons25
3272by default.
3273The terminal type of the output device when
3274.Xr isdnd 8
3275operates in full-screen mode.
3276.It Va isdn_screenflags
3277.Pq Vt str
3278Set to
3279.Dq Li NO
3280by default.
3281The video mode for full-screen mode (only for
3282.Xr syscons 4
3283console driver, see
3284.Xr vidcontrol 1
3285for valid modes).
3286.It Va isdn_fsdev
3287.Pq Vt str
3288Set to
3289.Dq Li NO
3290by default.
3291The output device for
3292.Xr isdnd 8
3293in full-screen mode (or
3294.Dq Li NO
3295for daemon mode).
3296.It Va isdn_trace
3297.Pq Vt bool
3298Set to
3299.Dq Li NO
3300by default.
3301When set to
3302.Dq Li YES ,
3303enables the ISDN protocol trace utility
3304.Xr isdntrace 8
3305at system boot time.
3306.It Va isdn_traceflags
3307.Pq Vt str
3308Set to
3309.Dq Fl f Pa /var/tmp/isdntrace0
3310by default.
3311Flags for
3312.Xr isdntrace 8 .
3313.\" -----------------------------------------------------
3314.It Va harvest_interrupt
3315.Pq Vt bool
3316Set to
3317.Dq Li YES
3318to use hardware interrupts as an entropy source.
3319Refer to
3320.Xr random 4
3321for more information.
3322.It Va harvest_ethernet
3323.Pq Vt bool
3324Set to
3325.Dq Li YES
3326to use LAN traffic as an entropy source.
3327Refer to
3328.Xr random 4
3329for more information.
3330.It Va harvest_p_to_p
3331.Pq Vt bool
3332Set to
3333.Dq Li YES
3334to use serial line traffic as an entropy source.
3335Refer to
3336.Xr random 4
3337for more information.
3338.It Va entropy_dir
3339.Pq Vt str
3340Set to
3341.Dq Li NO
3342to disable caching entropy via
3343.Xr cron 8 .
3344Otherwise set to the directory used to store entropy files in.
3345.It Va entropy_file
3346.Pq Vt str
3347Set to
3348.Dq Li NO
3349to disable caching entropy through reboots.
3350Otherwise set to the filename used to store cached entropy through
3351reboots.
3352This file should be located on the root file system to seed the
3353.Xr random 4
3354device as early as possible in the boot process.
3355.It Va entropy_save_sz
3356.Pq Vt int
3357Size of the entropy cache files saved by
3358.Nm save-entropy
3359periodically.
3360.It Va entropy_save_num
3361.Pq Vt int
3362Number of entropy cache files to save by
3363.Nm save-entropy
3364periodically.
3365.It Va ipsec_enable
3366.Pq Vt bool
3367Set to
3368.Dq Li YES
3369to run
3370.Xr setkey 8
3371on
3372.Va ipsec_file
3373at boot time.
3374.It Va ipsec_file
3375.Pq Vt str
3376Configuration file for
3377.Xr setkey 8 .
3378.It Va dmesg_enable
3379.Pq Vt bool
3380Set to
3381.Dq Li YES
3382to save
3383.Xr dmesg 8
3384to
3385.Pa /var/run/dmesg.boot
3386on boot.
3387.It Va rcshutdown_timeout
3388.Pq Vt int
3389If set, start a watchdog timer in the background which will terminate
3390.Pa rc.shutdown
3391if
3392.Xr shutdown 8
3393has not completed within the specified time (in seconds).
3394Notice that in addition to this soft timeout,
3395.Xr init 8
3396also applies a hard timeout for the execution of
3397.Pa rc.shutdown .
3398This is configured via
3399.Xr sysctl 8
3400variable
3401.Va kern.init_shutdown_timeout
3402and defaults to 120 seconds.
3403Setting the value of
3404.Va rcshutdown_timeout
3405to more than 120 seconds will have no effect until the
3406.Xr sysctl 8
3407variable
3408.Va kern.init_shutdown_timeout
3409is also increased.
3410.It Va virecover_enable
3411.Pq Vt bool
3412Set to
3413.Dq Li NO
3414to prevent the system from trying to
3415recover pre-maturely terminated
3416.Xr vi 1
3417sessions.
3418.It Va ugidfw_enable
3419.Pq Vt bool
3420Set to
3421.Dq Li YES
3422to load the
3423.Xr mac_bsdextended 4
3424module upon system initialization and load a default
3425ruleset file.
3426.It Va bsdextended_script
3427.Pq Vt str
3428The default
3429.Xr mac_bsdextended 4
3430ruleset file to load.
3431The default value of this variable is
3432.Pa /etc/rc.bsdextended .
3433.It Va newsyslog_enable
3434.Pq Vt bool
3435If set to
3436.Dq Li YES ,
3437run
3438.Xr newsyslog 8
3439command at startup.
3440.It Va newsyslog_flags
3441.Pq Vt str
3442If
3443.Va newsyslog_enable
3444is set to
3445.Dq Li YES ,
3446these are the flags to pass to the
3447.Xr newsyslog 8
3448program.
3449The default is
3450.Dq Li -CN ,
3451which causes log files flagged with a
3452.Cm C
3453to be created.
3454.It Va mdconfig_md Ns Aq Ar X
3455.Pq Vt str
3456Arguments to
3457.Xr mdconfig 8
3458for
3459.Xr md 4
3460device
3461.Ar X .
3462At minimum a
3463.Fl t Ar type
3464must be specified and either a
3465.Fl s Ar size
3466for malloc or swap backed
3467.Xr md 4
3468devices or a
3469.Fl f Ar file
3470for vnode backed
3471.Xr md 4
3472devices.
3473Note that
3474.Va mdconfig_md Ns Aq Ar X
3475variables are evaluated until one variable is unset or null.
3476.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs
3477.Pq Vt str
3478Optional arguments passed to
3479.Xr newfs 8
3480to initialize
3481.Xr md 4
3482device
3483.Ar X .
3484.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner
3485.Pq Vt str
3486An ownership specification passed to
3487.Xr chown 8
3488after the specified
3489.Xr md 4
3490device
3491.Ar X
3492has been mounted.
3493Both the
3494.Xr md 4
3495device and the mount point will be changed.
3496.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms
3497.Pq Vt str
3498A mode string passed to
3499.Xr chmod 1
3500after the specified
3501.Xr md 4
3502device
3503.Ar X
3504has been mounted.
3505Both the
3506.Xr md 4
3507device and the mount point will be changed.
3508.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files
3509.Pq Vt str
3510Files to be copied to the mount point of the
3511.Xr md 4
3512device
3513.Ar X
3514after it has been mounted.
3515.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd
3516.Pq Vt str
3517Command to execute after the specified
3518.Xr md 4
3519device
3520.Ar X
3521has been mounted.
3522Note that the command is passed to
3523.Ic eval
3524and that both
3525.Va _dev
3526and
3527.Va _mp
3528variables can be used to reference respectively the
3529.Xr md 4
3530device and the mount point.
3531Assuming that the
3532.Xr md 4
3533device is
3534.Li md0 ,
3535one could set the following:
3536.Bd -literal
3537mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}"
3538.Ed
3539.It Va ramdisk_units
3540.Pq Vt str
3541A list of one or more ramdisk units to configure with
3542.Xr mdconfig 8
3543and
3544.Xr newfs 8
3545in time to be mounted from
3546.Xr fstab 5 .
3547Each listed unit
3548.Ar X
3549must specify at least a
3550.Ar type
3551in a
3552.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config
3553variable.
3554Note that this way to configure ramdisks has been deprecated
3555in favor of new
3556.Va mdconfig_md*
3557variables (see above).
3558.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config
3559.Pq Vt str
3560Arguments to
3561.Xr mdconfig 8
3562for ramdisk
3563.Ar X .
3564At minimum a
3565.Fl t Ar type
3566must be specified, where
3567.Ar type
3568must be one of
3569.Cm malloc
3570or
3571.Cm swap .
3572.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs
3573.Pq Vt str
3574Optional arguments passed to
3575.Xr newfs 8
3576to initialize ramdisk
3577.Ar X .
3578.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner
3579.Pq Vt str
3580An ownership specification passed to
3581.Xr chown 8
3582after the specified ramdisk unit
3583.Ar X
3584has been mounted.
3585Both the
3586.Xr md 4
3587device and the mount point will be changed.
3588.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms
3589.Pq Vt str
3590A mode string passed to
3591.Xr chmod 1
3592after the specified ramdisk unit
3593.Ar X
3594has been mounted.
3595Both the
3596.Xr md 4
3597device and the mount point will be changed.
3598.It Va autobridge_interfaces
3599.Pq Vt str
3600Set to the list of bridge interfaces that will have newly arriving interfaces
3601checked against to be automatically added.
3602If not set to
3603.Dq Li NO
3604then for each whitespace separated
3605.Ar element
3606in the value, a
3607.Va autobridge_ Ns Aq Ar element
3608variable is assumed to exist which has a whitespace separated list of interface
3609names to match, these names can use wildcards.
3610For example:
3611.Bd -literal
3612autobridge_interfaces="bridge0"
3613autobridge_bridge0="tap* dc0 vlan[345]"
3614.Ed
|