DragonFly On-Line Manual Pages
RC.CONF(5) DragonFly File Formats Manual RC.CONF(5)
NAME
rc.conf - system configuration information
DESCRIPTION
The file rc.conf contains descriptive information about the local host
name, configuration details for any potential network interfaces and
which services should be started up at system initial boot time. In new
installations, the rc.conf file is generally initialized by the
installer.
The purpose of rc.conf is not to run commands or perform system startup
actions directly. Instead, it is included by the various generic startup
scripts in /etc which conditionalize their internal actions according to
the settings found there.
The /etc/defaults/rc.conf file specifies the default settings for all the
available options, the /etc/rc.conf file specifies override settings.
Options need only be specified in /etc/rc.conf when the system
administrator wishes to override the defaults. The file
/etc/rc.conf.local is used to override settings in /etc/rc.conf for
historical reasons. In addition to /etc/rc.conf.local you can also place
smaller configuration files for each rc(8) script in the /etc/rc.conf.d
directory, which will be included by the load_rc_config function. For
jail configurations you could use the file /etc/rc.conf.d/jail to store
jail specific configuration options. Also see the rc_conf_files variable
below.
The following list provides a name and short description for each
variable that can be set in the rc.conf file. To set a variable of bool
type, specify either "YES", "TRUE", "ON", or "1". To unset, specify
"NO", "FALSE", "OFF", or "0". These values are case insensitive. The
_enable postfix in the name of a variable for starting a service can be
omitted (as in NetBSD).
rc_conf_files
(str) This option is used to specify a list of files that
will override the settings in /etc/defaults/rc.conf. The
files will be read in the order in which they are specified
and should include the full path to the file. By default,
the files specified are /etc/rc.conf and /etc/rc.conf.local
rc_debug (bool) If set to "YES", enable output of debug messages from
rc scripts. This variable can be helpful in diagnosing
mistakes when editing or integrating new scripts. Beware
that this produces copious output to the terminal and
syslog(3).
rc_info (bool) If set to "NO", disable informational messages from
the rc scripts. Informational messages are displayed when a
condition that is not serious enough to warrant a warning or
an error occurs.
rc_startmsgs
(bool) If set to "YES", show "Starting foo:" when faststart
is used (e.g., at boot time).
swapfile (str) If set to "NO", no swapfile is installed, otherwise the
value is used as the full pathname to a file to use for
additional swap space. The vn(4) driver is needed for a
swapfile and will be loaded if it is not already compiled
into the kernel or loaded via loader.conf(5).
<module>_load
(bool) If set to "YES", that kernel module will be loaded.
If no <module>_name is defined (see below), the module's name
is taken to be <module>.
<module>_name
(str) Defines the name of the module.
devd_enable
(bool) Run devd(8) to handle device added, removed or unknown
events from the kernel.
devd_flags (str) If devd_enable is set to "YES", these are the flags to
pass to the devd(8) daemon.
powerd_enable
(bool) Set to "NO" by default. Setting this to "YES" enables
powerd(8), a CPU speed control daemon.
powerd_flags
(str) Empty by default. Additional flags passed to the
powerd(8) program.
If you are running a serial port at 115200 baud we recommend
setting the flags to "-l 1500" as lower frequencies will
cause characters to drop.
sensorsd_enable
(bool) Set to "NO" by default. Setting this to "YES" enables
sensorsd(8), a sensors monitoring and logging daemon.
sensorsd_flags
(str) Empty by default. Additional flags passed to the
sensorsd(8) program.
sysvipcd_enable
(bool) Set to "NO" by default. Setting this to "YES" enables
sysvipcd(8), a daemon needed for the userspace implementation
of the XSI Interprocess Communication functions.
sysvipcd_flags
(str) Empty by default. Additional flags passed to the
sysvipcd(8) program.
hotplugd_enable
(bool) Set to "NO" by default. Setting this to "YES" enables
hotplugd(8), a devices hot plugging monitoring daemon.
hotplugd_flags
(str) Empty by default. Additional flags passed to the
hotplugd(8) program.
pccard_ifconfig
(str) List of arguments to be passed to ifconfig(8) at boot
time or on insertion of the card (e.g. "inet 192.168.1.1
netmask 255.255.255.0" for a fixed address or "DHCP" for a
DHCP client).
removable_interfaces
(str) List of removable network interfaces to be supported by
/etc/pccard_ether.
local_startup
(str) List of directories to search for startup script files.
script_name_sep
(str) The field separator to use for breaking down the list
of startup script files into individual filenames. The
default is a space. It is not necessary to change this
unless there are startup scripts with names containing
spaces.
hostname (str) The fully qualified domain name (FQDN) of this host on
the network. This should almost certainly be set to
something meaningful, even if there is no network connection.
If DHCP is used to set the hostname, this variable should be
set to an empty string.
ipv6_enable
(bool) Enable support for IPv6 networking. Note that this
requires that the kernel have been compiled with options
INET6.
nisdomainname
(str) The NIS domain name of this host, or "NO" if NIS is not
used.
dhcp_client
(str) Set the rc script that is called to start the DHCP
client. This can be set to "dhclient" (default) or "dhcpcd".
dhclient_program
(str) Path to the dhclient(8) program (default
/sbin/dhclient).
dhclient_flags
(str) Additional flags to pass to the dhclient(8) program.
dhclient_flags_<interface>
Additional flags to pass to the dhclient(8) program running
on interface only. When specified, this variable overrides
dhclient_flags.
dhcpcd_enable
(bool) Set to "YES" to run dhcpcd(8) in master mode (i.e.,
configure all available Ethernet interfaces) at startup.
dhcpcd_program
(str) Path to the dhcpcd(8) program (default /sbin/dhcpcd).
dhcpcd_flags
(str) Additional flags to pass to the dhcpcd(8) program. The
default value is -b, i.e., tell dhcpcd(8) to go to background
immediately.
pf_enable (bool) Set to "YES" to load pf(4) at startup. If the kernel
was not built with device pf, the pf.ko kernel module will be
loaded. See also firewall_enable.
pf_rules (str) Path to the pf(4) ruleset definition file.
pf_program (str) Path to pfctl(8).
pf_flags (str) If pf_enable is set to "YES", these are the flags to
pass to pfctl(8) when loading the ruleset.
pflog_enable
(bool) Set this to "YES" to enable pflogd(8) which logs
packets from pf(4).
pflog_logfile
(str) If pflog_enable is set to "YES" this specifies the path
of the log file.
pflog_program
(str) Path to pflogd(8).
pflog_flags
(str) If pflog_enable is set to "YES", these are the flags to
pass to pflogd(8).
firewall_enable
(bool) Set to "YES" to load firewall rules at startup. If
the kernel was not built with options IPFIREWALL, the ipfw.ko
kernel module will be loaded. See also pf_enable.
ipv6_firewall_enable
(bool) The IPv6 equivalent of firewall_enable. Set to "YES"
to load IPv6 firewall rules at startup. If the kernel was
not built with options IPV6FIREWALL, the ip6fw.ko kernel
module will be loaded.
firewall_script
(str) The full path to the firewall script to run (default
/etc/rc.firewall).
ipv6_firewall_script
(str) The IPv6 equivalent of firewall_script.
firewall_type
(str) Names the firewall type from the selection in
/etc/rc.firewall, or the file which contains the local
firewall ruleset. Valid selections from /etc/rc.firewall
are:
open unrestricted IP access
closed all IP services disabled, except via "lo0"
client basic protection for a workstation on a LAN
simple alias for client.
If a filename is specified, the full path must be given.
firewall_trusted_nets
(str) List of trusted networks (if firewall_type is set to
client).
firewall_trusted_interfaces
(str) List of trusted network interfaces (if firewall_type is
set to client).
firewall_allowed_icmp_types
(str) List of allowed ICMP types (if firewall_type is set to
client).
firewall_open_tcp_ports
(str) List of TCP ports to open (if firewall_type is set to
client).
firewall_open_udp_ports
(str) List of UDP ports to open (if firewall_type is set to
client).
ipv6_firewall_type
(str) The IPv6 equivalent of firewall_type.
firewall_quiet
(bool) Set to "YES" to disable the display of firewall rules
on the console during boot.
ipv6_firewall_quiet
(bool) The IPv6 equivalent of firewall_quiet.
firewall_logging
(bool) Set to "YES" to enable firewall event logging. This
is equivalent to the IPFIREWALL_VERBOSE kernel option.
ipv6_firewall_logging
(bool) The IPv6 equivalent of firewall_logging.
firewall_flags
(str) Flags passed to ipfw(8) if firewall_type specifies a
filename.
ipv6_firewall_flags
(str) The IPv6 equivalent of firewall_flags.
ipfw3_enable
(bool) Set to "YES" to enable ipfw3(8).
ipfw3_program
(str) Path to ipfw3(8).
ipfw3_script
(str) The full path to the shell script to run to set up the
ipfw3 firewall rules (default /etc/ipfw3.rules).
ipfw3_modules
(str) List of ipfw3 modules to be loaded before executing the
above ipfw3_script. (default "ipfw3 ipfw3_basic").
natd_program
(str) Path to natd(8).
natd_enable
(bool) Set to "YES" to enable natd(8). firewall_enable must
also be set to "YES", and divert(4) sockets must be enabled
in the kernel.
natd_interface
(str) This is the name of the public interface on which
natd(8) should run. The interface may be given as an
interface name or as an IP address.
natd_flags (str) Additional natd(8) flags should be placed here. The -n
or -a flag is automatically added with the above
natd_interface as an argument.
tcp_extensions
(bool) Set to "YES" by default. Setting this to "NO"
disables certain TCP options as described by RFC 1323.
Setting this to "NO" might help remedy such problems with
connections as randomly hanging or other weird behavior.
Some network devices are known to be broken with respect to
these options.
log_in_vain
(int) Set to 0 by default. The sysctl(8) variables,
net.inet.tcp.log_in_vain and net.inet.udp.log_in_vain, as
described in tcp(4) and udp(4), are set to the given value.
tcp_keepalive
(bool) Set to "YES" by default. Setting to "NO" will disable
probing idle TCP connections to verify that the peer is still
up and reachable.
tcp_drop_synfin
(bool) Set to "NO" by default. Setting to "YES" will cause
the kernel to ignore TCP frames that have both the SYN and
FIN flags set. This prevents OS fingerprinting, but may
break some legitimate applications. This option is only
available if the kernel was built with the TCP_DROP_SYNFIN
option.
icmp_drop_redirect
(bool) Set to "NO" by default. Setting to "YES" will cause
the kernel to ignore ICMP REDIRECT packets. Refer to icmp(4)
for more information.
icmp_log_redirect
(bool) Set to "NO" by default. Setting to "YES" will cause
the kernel to log ICMP REDIRECT packets. Note that the log
messages are not rate-limited, so this option should only be
used for troubleshooting networks. Refer to icmp(4) for more
information.
icmp_bmcastecho
(bool) Set to "YES" to respond to broadcast or multicast ICMP
ping packets. Refer to icmp(4) for more information.
ip_portrange_first
(int) If not set to "NO", this is the first port in the
default portrange. Refer to ip(4) for more information.
ip_portrange_last
(int) If not set to "NO", this is the last port in the
default portrange. Refer to ip(4) for more information.
ifconfig_<interface>
(str) Configuration for "interface". Typically includes IP
address. Assuming that the interface in question was ed0, it
might look something like this:
ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000"
If the /etc/start_if.<interface> file is present, it is read
and executed by the sh(1) interpreter before configuring the
interface as specified in the ifconfig_<interface> and
ifconfig_<interface>_alias<n> variables.
It is possible to bring up an interface with DHCP by adding
"DHCP" to the ifconfig_<interface> variable. For instance,
to initialize the ed0 device via DHCP, it is possible to use
something like:
ifconfig_ed0="DHCP"
If a vlans_<interface> variable is set, a vlan(4) interface
will be created for each item in the list with the vlandev
argument set to interface. If a vlan interface's name is a
number, then that number is used as the vlan tag and the new
vlan interface is named interface.tag. Otherwise, the vlan
tag must be specified via a vlan parameter in the
create_args_<interface> variable.
To create a vlan device named em0.101 on em0 with the vlan
tag 101 and the optional the IPv4 address 192.0.2.1/24:
vlans_em0="101"
ifconfig_em0_101="inet 192.0.2.1/24"
To create a vlan device named myvlan on em0 with the vlan tag
102:
vlans_em0="myvlan"
create_args_myvlan="vlan 102"
If a wlans_<interface> variable is set, an wlan(4) interface
will be created for each item in the list with the wlandev
argument set to interface. Further wlan cloning arguments
may be passed to the ifconfig(8) create command by setting
the create_args_<interface> variable. One or more wlan(4)
devices must be created for each wireless devices as of
DragonFly 2.5. Debugging flags for wlan(4) devices as set by
wlandebug(8) may be specified with an wlandebug_<interface>
variable. The contents of this variable will be passed
directly to wlandebug(8).
Also, if your interface needs WPA authentication, it is
possible to add "WPA" to the ifconfig_<interface> variable.
This will start wpa_supplicant(8). See
wpa_supplicant.conf(5) for configuring authentication
information. But see also wpa_supplicant_enable.
Finally, you can add ifconfig(8) options in this variable, in
addition to the /etc/start_if.<interface> file. For
instance, to initialize the wi0 device via DHCP, using WPA
authentication and 802.11b mode, it is possible to use
something like:
wlans_wi0="wlan0"
ifconfig_wlan0="up DHCP WPA mode 11b"
ifconfig_<interface>_alias<n>
(str) Configuration to establish an additional network
address for "interface". Assuming that the interface in
question was ed0, it might look something like this:
ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
And so on. For each ifconfig_<interface>_alias<n> entry that
is found, its contents are passed to ifconfig(8). Execution
stops at the first unsuccessful access, so if something like
this is present:
ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
Then note that alias4 would not be added since the search
would stop with the missing alias3 entry.
ifconfig_<interface>_name
(str) New name for "interface". It is possible to rename
interface by doing:
ifconfig_ed0_name="net0"
ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
netif_enable
(bool) Set to "YES" by default. Setting to "NO" will disable
the configuration of network interfaces.
network_interfaces
(str) The list of network interfaces to configure on this
host, or "auto" to configure all network interfaces (default
"auto"). For example, if the only network devices to be
configured are the loopback device (lo0) and a NIC using the
em(4) driver, this could be set to "lo0 em0". An
ifconfig_<interface> variable is assumed to exist for each
value of interface.
ipv6_network_interfaces
(str) This is the IPv6 equivalent of network_interfaces.
Instead of setting the ifconfig variables as
ifconfig_<interface> they should be set as
ipv6_ifconfig_<interface>. Aliases should be set as
ipv6_ifconfig_<interface>_alias<n>. Interfaces that do not
have a ipv6_ifconfig_<interface> setting will be auto
configured by rtsol(8) if the ipv6_gateway_enable is set to
"NO". Note that the IPv6 networking code does not support
the /etc/start_if.<interface> files.
ipv6_prefix_<interface>
(str) Assign prefix to interface, prefixlen 64 is used.
ipv6_default_interface
(str) If not set to "NO", this is the default output
interface for scoped addresses. Now this works only for IPv6
link local multicast addresses.
ip6addrctl_enable
(bool) This variable is to enable configuring the default
address selection policy table (RFC 3484). The default value
is "YES", and the policy table to be installed is specified
by the ip6addrctl_policy variable below.
ip6addrctl_policy
(str) This variable specifies the policy table to be
installed, and can be one of the following keywords:
"ipv4_prefer", "ipv6_prefer", or "AUTO" (default).
If "ipv4_prefer" or "ipv6_prefer" is specified, ip6addrctl(8)
installs a pre-defined policy table described in Section 2.1
(IPv6-preferred) or 10.3 (IPv4-preferred) of RFC 3484.
If "AUTO" is specified, it attempts to read a file
/etc/ip6addrctl.conf first. If this file is found,
ip6addrctl(8) reads and installs it. If not found, a policy
is automatically set according to ipv6_enable variable; if
the variable is set to "YES" the IPv6-preferred one is used.
Otherwise IPv4-preferred.
ip6addrctl_verbose
(bool) If set to "YES", print the installed policy table
after configuring. The default value is "NO".
cloned_interfaces
(str) Set to the list of clonable network interfaces to
create on this host. Entries in cloned_interfaces are
automatically appended to network_interfaces for
configuration.
gif_interfaces
(str) Set to the list of gif(4) tunnel interfaces to
configure on this host. A gifconfig_<interface> variable is
assumed to exist for each value of interface. The value of
this variable is used to configure the link layer of the
tunnel according to the syntax of the tunnel option to
ifconfig(8). Additionally, this option ensures that each
listed interface is created via the create option to
ifconfig(8) before attempting to configure it.
sppp_interfaces
(str) Set to the list of sppp(4) interfaces to configure on
this host. A spppconfig_<interface> variable is assumed to
exist for each value of interface. Each interface should
also be configured by a general ifconfig_<interface> setting.
Refer to spppcontrol(8) for more information about available
options.
ppp_enable (bool) If set to "YES", run the ppp(8) daemon.
ppp_mode (str) Mode in which to run the ppp(8) daemon. Accepted modes
are "auto", "ddial", "direct" and "dedicated". See the
manual for a full description.
ppp_nat (bool) If set to "YES", enables network address translation.
Used in conjunction with gateway_enable allows hosts on
private network addresses access to the Internet using this
host as a network address translating router.
ppp_profile
(str) The name of the profile to use from /etc/ppp/ppp.conf.
Also used for per-profile overrides of ppp_<profile>_unit.
Where the profile contains any of the characters ".-/+" they
are translated to "_" for the purposes of the override
variable names.
ppp_<profile>_unit
(int) Set the unit number to be used for this profile. See
the manual description of -unitN in ppp(8) for details.
ppp_user (str) The name of the user under which ppp(8) should be
started. By default, ppp(8) is started as "root".
wg_enable (bool) Set to "YES" to configure the wg(4) interfaces
specified in wg_interfaces below.
wg_interfaces
(str) Specify the list of wg(4) interfaces to configure.
Each listed interface is configured according to its config
file at /etc/wireguard/<interface>.conf. Refer to wg.conf(5)
for more information.
wg_config_dir
(str) Specify the directory to find the config files for the
wg(4) interfaces listed in wg_interfaces. The default is
/etc/wireguard.
root_rw_mount
(bool) Set to "YES" by default. After the file systems are
checked at boot time, the root filesystem is remounted as
read-write if this is set to "YES". Diskless systems that
mount their root filesystem from a read-only remote share
should set this to "NO" in rc.conf.
fsck_y_enable
(bool) If set to "YES", fsck(8) will be run with the -y flag
if the initial preen of the file systems fails.
netfs_types
(str) List of file system types that are network-based. This
list should generally not be modified by end users. Use
extra_netfs_types instead.
extra_netfs_types
(str) If set to something other than "NO" (the default), this
variable extends the list of file system types for which
automatic mounting at startup by rc(8) should be delayed
until the network is initialized. It should contain a
whitespace-separated list of network file system descriptor
pairs, each consisting of a file system type as passed to
mount(8) and a human-readable, one-word description, joined
with a colon (`:'). Extending the default list in this way
is only necessary when third party file system types are
used.
devfs_config_files
(str) This option is used to specify a list of configuration
files containing devfs(5) rules that will be applied by
devfsctl(8) in the order in which they are specified and must
include the full path to the file.
tmpfs_var_run
(bool) If set to "YES", a tmpfs(5) will be mounted at
/var/run. Necessary directories under there will be
automatically created.
tmpfs_tmp (bool) If set to "YES", a tmpfs(5) will be mounted at /tmp.
syslogd_enable
(bool) If set to "YES", run the syslogd(8) daemon.
syslogd_program
(str) Path to syslogd(8) (default /usr/sbin/syslogd).
syslogd_flags
(str) If syslogd_enable is set to "YES", these are the flags
to pass to syslogd(8).
inetd_enable
(bool) If set to "YES", run the inetd(8) daemon.
inetd_program
(str) Path to inetd(8) (default /usr/sbin/inetd).
inetd_flags
(str) If inetd_enable is set to "YES", these are the flags to
pass to inetd(8).
rwhod_enable
(bool) If set to "YES", run the rwhod(8) daemon at boot time.
rwhod_flags
(str) If rwhod_enable is set to "YES", these are the flags to
pass to it.
update_motd
(bool) If set to "YES", /etc/motd will be updated at boot
time to reflect the kernel release being run. If set to
"NO", /etc/motd will not be updated.
nfs_client_enable
(bool) If set to "YES", setup NFS client parameters at boot
time.
nfs_access_cache
(int) If nfs_client_enable is set to "YES", this can be set
to "0" to disable NFS ACCESS RPC caching, or to the number of
seconds for which NFS ACCESS results should be cached. A
value of 2-10 seconds will substantially reduce network
traffic for many NFS operations. The default is 5 seconds.
Note that the attribute cache holds stat information only.
The NFS data cache is independent of the attribute cache and
is only invalidated when the client detects that the server
has modified the underlying file. This value specifies a
maximum timeout. The NFS client will automatically use a
shorter timeout for files which have been recently modified.
nfs_neg_cache
(int) If nfs_client_enable is set to "YES", this can be set
to "0" to disable the caching of NEGATIVE LOOKUPS (lookups of
non-existent filenames), or to the number of seconds for
which negative lookups should be cached. A value of 2-10
seconds will substantially reduce network traffic for many
NFS operations, especially source code builds. The default
is 3 seconds.
nfs_server_enable
(bool) If set to "YES", run the NFS server daemons at boot
time.
nfs_server_flags
(str) If nfs_server_enable is set to "YES", these are the
flags to pass to the nfsd(8) daemon.
mountd_enable
(bool) If set to "YES", and no nfs_server_enable is set,
start mountd(8), but not nfsd(8) daemon. It is commonly
needed to run CFS without real NFS used.
mountd_flags
(str) If mountd_enable is set to "YES", these are the flags
to pass to the mountd(8) daemon.
weak_mountd_authentication
(bool) If set to "YES", allow services like PCNFSD to make
non-privileged mount requests.
nfs_reserved_port_only
(bool) If set to "YES", provide NFS services only on a secure
port.
nfs_bufpackets
(int) If set to a number, indicates the number of packets
worth of socket buffer space to reserve on an NFS client.
The kernel default is typically 4. Using a higher number may
be useful on gigabit networks to improve performance. The
minimum value is 2 and the maximum is 64.
rpc_umntall_enable
(bool) If set to "YES" (default) and we are also an NFS
client, run rpc.umntall(8) at boot time to clear out old
mounts on remote servers. If set to "NO" then rpc.umntall(8)
will not be run at boot time.
rpc_lockd_enable
(bool) If set to "YES" and also an NFS server, run
rpc.lockd(8) at boot time.
rpc_lockd_flags
(str) If rpc_lockd_enable is set to "YES", these are the
flags to pass to rpc.lockd(8).
rpc_statd_enable
(bool) If set to "YES" and also an NFS server, run
rpc.statd(8) at boot time.
rpc_statd_flags
(str) If rpc_statd_enable is set to "YES", these are the
flags to pass to rpc.statd(8).
rpcbind_program
(str) Path to program for rpcbind daemon (default
/usr/sbin/rpcbind).
rpcbind_enable
(bool) If set to "YES", run rpcbind_program at boot time.
rpcbind_flags
(str) If rpcbind_enable is set to "YES", these are the flags
to pass to rpcbind_program.
keyserv_enable
(bool) If set to "YES", run the keyserv(8) daemon on boot for
running Secure RPC.
keyserv_flags
(str) If keyserv_enable is set to "YES", these are the flags
to pass to keyserv(8) daemon.
pppoed_enable
(bool) If set to "YES", run the pppoed(8) daemon at boot time
to provide PPP over Ethernet services.
pppoed_provider
(str) pppoed(8) listens to requests to this provider and
ultimately runs ppp(8) with a system argument of the same
name.
pppoed_flags
(str) Additional flags to pass to pppoed(8).
pppoed_interface
(str) The network interface to run pppoed(8) on. This is
mandatory when pppoed_enable is set to "YES".
dntpd_enable
(bool) If set to "YES", run dntpd(8) at system boot time.
dntpd_program
(str) Path to dntpd(8) (default /usr/sbin/dntpd).
dntpd_flags
(str) If dntpd_enable is set to "YES", these are the flags to
pass to the dntpd(8) daemon.
btconfig_enable
(bool) If set to "YES", configure Bluetooth devices via
btconfig(8) at system boot time.
btconfig_devices
(str) If btconfig_enable is set to "YES", this is the list of
Bluetooth devices to configure. If btconfig_devices is not
specified, all devices known to the system will be
configured. A btconfig_<device> variable can be set to
specify parameters to be passed to device.
btconfig_args
(str) If btconfig_enable is set to "YES", this is the list of
configuration parameters to pass to all Bluetooth devices.
sdpd_enable
(bool) If set to "YES", run the Service Discovery Profile
daemon (sdpd(8)) at system boot time.
sdpd_flags (str) If sdpd_enable is set to "YES", these are the flags to
pass to the sdpd(8) daemon.
bthcid_enable
(bool) If set to "YES", run the Bluetooth Link Key/PIN Code
Manager daemon (bthcid(8)) at system boot time.
bthcid_flags
(str) If bthcid_enable is set to "YES", these are the flags
to pass to the bthcid(8) daemon.
nis_client_enable
(bool) If set to "YES", run the ypbind(8) service at system
boot time.
nis_client_flags
(str) If nis_client_enable is set to "YES", these are the
flags to pass to the ypbind(8) service.
nis_ypset_enable
(bool) If set to "YES", run the ypset(8) daemon at system
boot time.
nis_ypset_flags
(str) If nis_ypset_enable is set to "YES", these are the
flags to pass to the ypset(8) daemon.
nis_server_enable
(bool) If set to "YES", run the ypserv(8) daemon at system
boot time.
nis_server_flags
(str) If nis_server_enable is set to "YES", these are the
flags to pass to the ypserv(8) daemon.
nis_ypxfrd_enable
(bool) If set to "YES", run the rpc.ypxfrd(8) daemon at
system boot time.
nis_ypxfrd_flags
(str) If nis_ypxfrd_enable is set to "YES", these are the
flags to pass to the rpc.ypxfrd(8) daemon.
nis_yppasswdd_enable
(bool) If set to "YES", run the rpc.yppasswdd(8) daemon at
system boot time.
nis_yppasswdd_flags
(str) If nis_yppasswdd_enable is set to "YES", these are the
flags to pass to the rpc.yppasswdd(8) daemon.
rpc_ypupdated_enable
(bool) If set to "YES", run the rpc.ypupdated daemon at
system boot time.
defaultrouter
(str) If not set to "NO", create a default route to this host
name or IP address (use an IP address if this router is also
required to get to the name server!).
ipv6_defaultrouter
(str) The IPv6 equivalent of defaultrouter.
static_routes
(str) Set to the list of static routes that are to be added
at system boot time. If not set to "NO" then for each
whitespace separated element in the value, a route_<element>
variable is assumed to exist whose contents will later be
passed to a "route add" operation.
change_routes
(str) Set to the list of static routes that are to be changed
at system boot time (such as those added by the kernel). If
not set to "NO" then for each whitespace separated element in
the value, a change_route_<element> variable is assumed to
exist whose contents will later be passed to a "route change"
operation.
ipv6_static_routes
(str) The IPv6 equivalent of static_routes. If not set to
"NO" then for each whitespace separated element in the value,
a ipv6_route_<element> variable is assumed to exist whose
contents will later be passed to a "route add -inet6"
operation.
gateway_enable
(bool) If set to "YES", configure host to act as an IP
router, e.g. to forward packets between interfaces.
ipv6_gateway_enable
(bool) The IPv6 equivalent of gateway_enable.
router_enable
(bool) If set to "YES", run a routing daemon of some sort,
based on the settings of router_program and router_flags.
ipv6_router_enable
(bool) The IPv6 equivalent of router_enable. If set to
"YES", run a routing daemon of some sort, based on the
settings of ipv6_router_program and ipv6_router_flags.
router_program
(str) If router_enable is set to "YES", this is the name of
the routing daemon to use (default /sbin/routed).
ipv6_router_program
(str) The IPv6 equivalent of router_program (default
/sbin/route6d).
router_flags
(str) If router_enable is set to "YES", these are the flags
to pass to the routing daemon.
ipv6_router_flags
(str) The IPv6 equivalent of router_flags.
rtadvd_enable
(bool) If set to "YES", run the rtadvd(8) daemon at boot
time. rtadvd(8) will only run if ipv6_gateway_enable is also
set to "YES". The rtadvd(8) utility sends router
advertisement packets to the interfaces specified in
rtadvd_interfaces. rtadvd(8) and should only be enabled with
great care. You may want to fine-tune rtadvd.conf(5).
rtadvd_interfaces
(str) If rtadvd_enable is set to "YES" this is the list of
interfaces to use.
rtsold_enable
(bool) If set to "YES", run the rtsold(8) daemon at boot
time. The rtsold(8) daemon is used for automatic discovery
of non-link local addresses.
rtsold_flags
(str) If rtsold_enable is set to "YES", these are the flags
to pass to the rtsold(8) daemon.
arpproxy_all
(bool) If set to "YES", enable global proxy ARP.
forward_sourceroute
(bool) If set to "YES" and gateway_enable is also set to
"YES", source-routed packets are forwarded.
accept_sourceroute
(bool) If set to "YES", the system will accept source-routed
packets directed at it.
rarpd_enable
(bool) If set to "YES", run the rarpd(8) daemon at system
boot time.
rarpd_flags
(str) If rarpd_enable is set to "YES", these are the flags to
pass to the rarpd(8) daemon.
wpa_supplicant_enable
(bool) If set to "YES", run the wpa_supplicant(8) daemon in
"interface matching mode" at system boot time.
wpa_supplicant_program
(str) Path to wpa_supplicant(8).
wpa_supplicant_flags
(str) If wpa_supplicant_enable is set to "YES", these are the
flags to pass to the wpa_supplicant(8) daemon.
bootparamd_enable
(bool) If set to "YES", run the bootparamd(8) daemon at
system boot time.
bootparamd_flags
(str) If bootparamd_enable is set to "YES", these are the
flags to pass to the bootparamd(8) daemon.
stf_interface_ipv4addr
(str) If not set to "NO", this is the local IPv4 address for
6to4 (IPv6 over IPv4 tunneling interface). Specify this
entry to enable the 6to4 interface.
stf_interface_ipv4plen
(int) Prefix length for 6to4 IPv4 addresses, to limit peer
address range. An effective value is 0-31.
stf_interface_ipv6_ifid
(str) IPv6 interface ID for stf(4). This can be set to
"AUTO".
stf_interface_ipv6_slaid
(str) IPv6 Site Level Aggregator for stf(4).
keybell (str) The keyboard bell sound. Set to "normal", "visual",
"off", or "NO" if the default behavior is desired. For
details, refer to the kbdcontrol(1) manpage.
keymap (str) If set to "NO", no keymap is installed, otherwise the
value is used to install the keymap file in
/usr/share/syscons/keymaps/<value>.kbd.
keyrate (str) The keyboard repeat speed. Set to "slow", "normal",
"fast", or "NO" if the default behavior is desired.
keychange (str) If not set to "NO", attempt to program the function
keys with the value. The value should be a single string of
the form: "funkey_number new_value [funkey_number new_value
...]".
cursor (str) Can be set to the value of "normal", "blink",
"destructive", or "NO" to set the cursor behavior explicitly
or choose the default behavior.
scrnmap (str) If set to "NO", no screen map is installed, otherwise
the value is used to install the screen map file in
/usr/share/syscons/scrnmaps/<value>.
font8x16 (str) If set to "NO", the default 8x16 font value is used for
screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
font8x14 (str) If set to "NO", the default 8x14 font value is used for
screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
font8x8 (str) If set to "NO", the default 8x8 font value is used for
screen size requests, otherwise the value in
/usr/share/syscons/fonts/<value> is used.
blanktime (int) If set to "NO", the default screen blanking interval is
used, otherwise it is set to value seconds.
saver (str) If not set to "NO", this is the actual screen saver to
use (blank, snake, daemon, etc).
moused_nondefault_enable
(str) If set to "NO", the mouse device specified on the
command line is not automatically treated as enabled by the
/etc/rc.d/moused script. Having this variable set to "YES"
allows a usb(4) mouse, for example, to be enabled as soon as
it is plugged in.
moused_enable
(str) If set to "YES", the moused(8) daemon is started for
doing cut/paste selection on the console.
moused_type
(str) If moused_enable is set to "YES", this is the protocol
type of the mouse connected to this host. The default type
is "auto". The moused(8) daemon is able to detect the
appropriate mouse type automatically in many cases. Leave
this variable at the default "auto" to let the daemon detect
it, or select one from the following list if the automatic
detection fails.
If the mouse is attached to the PS/2 mouse port, leave the
variable at the default "auto" or set it to "ps/2",
regardless of the brand and model of the mouse. Likewise, if
the mouse is attached to the bus mouse port, leave it at
"auto" or set it to "busmouse". All other protocols are for
serial mice and will not work with the PS/2 and bus mice. If
this is a USB mouse, "auto" is the only protocol type which
will work.
microsoft Microsoft mouse (serial)
intellimouse Microsoft IntelliMouse (serial)
mousesystems Mouse systems Corp. mouse (serial)
mmseries MM Series mouse (serial)
logitech Logitech mouse (serial)
busmouse A bus mouse
mouseman Logitech MouseMan and TrackMan (serial)
glidepoint ALPS GlidePoint (serial)
thinkingmouse Kensington ThinkingMouse (serial)
ps/2 PS/2 mouse
mmhittab MM HitTablet (serial)
x10mouseremote X10 MouseRemote (serial)
versapad Interlink VersaPad (serial)
Even if the mouse is not in the above list, it may be
compatible with one in the list. Refer to the man page for
moused(8) for compatibility information.
It should also be noted that while this is enabled, any other
client of the mouse (such as an X server) should access the
mouse through the virtual mouse device, /dev/sysmouse, and
configure it as a "sysmouse" type mouse, since all mouse data
is converted to this single canonical format when using
moused(8). If the client program does not support the
"sysmouse" type, specify the "mousesystems" type. It is the
second preferred type.
moused_port
(str) If moused_enable is set to "YES", this is the actual
port the mouse is on. It might be /dev/cuaa0 for a COM1
serial mouse or /dev/psm0 for a PS/2 mouse, for example.
moused_flags
(str) If moused_type is set, these are the additional flags
to pass to the moused(8) daemon.
mousechar_start
(int) If set to "NO", the default mouse cursor character
range 0xd0-0xd3 is used, otherwise the range start is set to
value character, see vidcontrol(1). Use if the default range
is occupied in the language code table.
vidhistory (int) Set the size of the history (scrollback) buffer in
lines.
allscreens_flags
(str) If set, vidcontrol(1) is run with these options for
each of the virtual terminals (/dev/ttyv*). For example, "-m
on" will enable the mouse pointer on all virtual terminals if
moused_enable is set to "YES".
allscreens_kbdflags
(str) If set, kbdcontrol(1) is run with these options for
each of the virtual terminals (/dev/ttyv*). For example, "-h
200" will set the syscons(4) scrollback (history) buffer to
200 lines.
cron_enable
(bool) If set to "YES", run the cron(8) daemon at system boot
time.
cron_program
(str) Path to cron(8) (default /usr/sbin/cron).
cron_flags (str) If cron_enable is set to "YES", these are the flags to
pass to cron(8).
lpd_program
(str) Path to lpd(8) (default /usr/sbin/lpd).
lpd_enable (bool) If set to "YES", run the lpd(8) daemon at system boot
time.
lpd_flags (str) If lpd_enable is set to "YES", these are the flags to
pass to the lpd(8) daemon.
nscd_enable
(bool) If set to "YES", run the nscd(8) daemon at system boot
time.
mixer_enable
(bool) If set to "YES", preserve mixer(8) settings across
reboots.
mta_start_script
(str) The full path to the script to run to start a mail
transfer agent. The default is /etc/rc.sendmail. The
sendmail_* variables which /etc/rc.sendmail uses are
documented in the rc.sendmail(8) man page.
fixbootfile
(bool) In a `HAMMER ROOT with UFS /boot' setup, the boot
loader will not set up the kern.bootfile sysctl correctly.
The system will attempt to fix this on its own. Set this
variable to "NO" to turn this behavior off.
dumpdev (str) Indicates the device (usually a swap partition) to
which a crash dump should be written in the event of a system
crash. The value of this variable is passed as the argument
to dumpon(8) and savecore(8). To disable crash dumps, set
this variable to "NO".
dumpdir (str) When the system reboots after a crash and a crash dump
is found on the device specified by the dumpdev variable,
savecore(8) will save that crash dump and a copy of the
kernel to the directory specified by the dumpdir variable.
The default value is /var/crash. Set to "NO" to not run
savecore(8) at boot time when dumpdir is set.
savecore_flags
(str) If crash dumps are enabled, these are the flags to pass
to the savecore(8) utility.
crashinfo_enable
(bool) Set to "YES" to turn on automatic crash dump summary
generation using the utility specified by the
crashinfo_program variable.
crashinfo_program
(str) Program to run to generate a crash dump summary if the
variable crashinfo_enable is set to "YES". The default value
is /usr/sbin/crashinfo.
enable_quotas
(bool) Set to "YES" to turn on user disk quotas on system
startup via the quotaon(8) command.
check_quotas
(bool) Set to "YES" to enable user disk quota checking via
the quotacheck(8) command.
accounting_enable
(bool) Set to "YES" to enable system accounting through the
accton(8) facility.
cleanvar_enable
(bool) Set to "YES" to have /var/run, /var/spool/lock and
/var/spool/uucp/.Temp/* cleaned at startup.
clear_tmp_enable
(bool) Set to "YES" to have /tmp cleaned at startup.
ldconfig_paths
(str) Set to the list of shared library paths to use with
ldconfig(8). NOTE: /usr/lib will always be added first, so
it need not appear in this list.
ldconfig_insecure
(bool) The ldconfig(8) utility normally refuses to use
directories which are writable by anyone except root. Set
this variable to "YES" to disable that security check during
system startup.
ldconfig_local_dirs
(str) Set to the list of local ldconfig(8) directories. The
names of all files in the directories listed will be passed
as arguments to ldconfig(8).
kern_securelevel
(int) The kernel security level to set at startup. The
allowed range of value ranges from -1 (the compile time
default) to 3 (the most secure). See init(8) for the list of
possible security levels and their effect on system
operation.
start_vinum
(bool) Set to "YES" to start vinum(8) at system boot time.
sshd_enable
(bool) Set to "YES" to start sshd(8) at system boot time.
sshd_program
(str) Path to the SSH server program (default
/usr/sbin/sshd).
sshd_flags (str) If sshd_enable is set to "YES", these are the flags to
pass to the sshd(8) daemon.
ftpd_enable
(bool) Set to "YES" to start ftpd(8) at system boot time.
ftpd_flags (str) If ftpd_enable is set to "YES", these are the flags to
pass to the ftpd(8) daemon.
watchdogd_enable
(bool) If set to "YES", start the watchdogd(8) daemon at boot
time.
jail_enable
(bool) If set to "NO", any configured jails will not be
started.
jail_list (str) A space separated list of names for jails. This is
purely a configuration aid to help identify and configure
multiple jails. The names specified in this list will be
used to identify settings common to an instance of a jail.
Assuming that the jail in question was named vjail, you would
have the following dependent variables:
jail_vjail_hostname="jail.example.com"
jail_vjail_ip="192.168.1.100"
jail_vjail_rootdir="/var/jails/vjail/root"
jail_flags (str) Unset by default. When set, use as default value for
jail_<jname>_flags for every jail in jail_list.
jail_interface
(str) Unset by default. When set, use as default value for
jail_<jname>_interface for every jail in jail_list.
jail_fstab (str) Unset by default. When set, use as default value for
jail_<jname>_fstab for every jail in jail_list.
jail_mount_enable
(bool) Set to "NO" by default. When set to "YES", sets
jail_<jname>_mount_enable to "YES" by default for every jail
in jail_list.
jail_procfs_enable
(bool) Set to "NO" by default. When set to "YES", sets
jail_<jname>_procfs_enable to "YES" by default for every jail
in jail_list.
jail_devfs_enable
(bool) Set to "NO" by default. When set to "YES", sets
jail_<jname>_devfs_enable to "YES" by default for every jail
in jail_list.
jail_exec_start
(str) Unset by default. When set, use as default value for
jail_<jname>_exec_start for every jail in jail_list.
jail_exec_stop
Unset by default. When set, use as default value for
jail_<jname>_exec_stop for every jail in jail_list.
jail_<jname>_rootdir
(str) Unset by default. Set to the root directory used by
jail jname.
jail_<jname>_hostname
(str) Unset by default. Set to the fully qualified domain
name (FQDN) assigned to jail jname.
jail_<jname>_ip
(str) Unset by default. Set to the IP address assigned to
jail jname.
jail_<jname>_flags
(str) Set to "-l -U root" by default. These are flags to
pass to jail(8).
jail_<jname>_interface
(str) Unset by default. When set, sets the interface to use
when setting IP address alias. Note that the alias is
created at jail startup and removed at jail shutdown.
jail_<jname>_fstab
(str) Set to /etc/fstab.<jname> by default. This is the file
system information file to use for jail jname.
jail_<jname>_mount_enable
(bool) Set to "NO" by default. When set to "YES", mount all
file systems from jail_<jname>_fstab at jail startup.
jail_<jname>_procfs_enable
(bool) Set to "NO" by default. When set to "YES", mount the
process file system inside jail jname at jail startup.
jail_<jname>_devfs_enable
(bool) Set to "NO" by default. When set to "YES", mount the
device file system inside jail jname at jail startup.
jail_<jname>_exec_start
(str) Set to "/bin/sh /etc/rc" by default. This is the
command executed at jail startup.
jail_<jname>_exec_stop
(str) Set to "/bin/sh /etc/rc.shutdown" by default. This is
the command executed at jail shutdown.
jail_default_set_hostname_allow
(bool) If set to "NO", do not allow the root user in a jail
to set its hostname.
jail_default_socket_unixiproute_only
(bool) If set to "YES", do not allow any sockets, besides
UNIX/IP/route sockets, to be used within a jail.
jail_default_sysvipc_allow
(bool) If set to "YES", allow applications within a jail to
use System V IPC.
jail_default_chflags_allow
(bool) If set to "YES", allow applications within a jail to
alter system file flags.
jail_default_raw_sockets_allow
(bool) If set to "YES", allow applications within a jail to
user raw sockets.
jail_default_allow_listen_override
(bool) If set to "YES",
allows both wildcard and non-wildcard listen sockets in the
jail to override wildcard listen sockets on the host.
lvm_enable (bool) If set to "YES" LVM volumes will be discovered and
configured on boot.
newsyslog_enable
(bool) If set to "YES", run newsyslog(8) before syslogd
starts.
newsyslog_flags
(str) If newsyslog_enable is set to "YES", these are the
flags passed to newsyslog(8).
resident_enable
(bool) If set to "YES", make the dynamic binaries listed in
/etc/resident.conf resident.
varsym_enable
(bool) If set to "YES", process /etc/varsym.conf to set
system-wide variables for variant symlinks.
rand_irqs (str) Set either to "NO" or a whitespace separated list of
IRQ numbers which will be used as a source of randomness.
entropy_dir
(str) Set to "NO" to disable caching entropy via cron(8).
Otherwise set to the directory used to store entropy files
in.
entropy_file
(str) Set to "NO" to disable caching entropy through reboots.
Otherwise set to the filename used to store cached entropy
through reboots. This file should be located on the root
file system to seed the random(4) device as early as possible
in the boot process.
entropy_save_sz
(int) Determines the size of the entropy cache files used for
entropy cached through reboots and also entropy cached via
cron(8). The entropy is fed to the system in blocks of 512
bytes, so this number should be large enough to fill as many
of the entropy pools in the kernel CSPRNG as possible. By
default, it is set to 16384, which should be able to seed all
32 entropy pools in the Fortuna CSPRNG.
dmesg_enable
(bool) Set to "YES" to save dmesg(8) to /var/run/dmesg.boot
on boot.
rcshutdown_timeout
(int) If set, start a watchdog timer in the background which
will terminate rc.shutdown if shutdown(8) has not completed
within the specified time (in seconds). Notice that in
addition to this soft timeout, init(8) also applies a hard
timeout for the execution of rc.shutdown. This is configured
via sysctl(8) variable kern.init_shutdown_timeout and
defaults to 120 seconds. Setting the value of
rcshutdown_timeout to more than 120 seconds will have no
effect until the sysctl(8) variable
kern.init_shutdown_timeout is also increased.
udevd_enable
(bool) If set to "YES", the udevd daemon will be started on
boot.
vfs_quota_enable
(bool) If set to "YES", vfs quota rc.d scripts will be run on
boot.
vfs_quota_sync
(str) List of mount points whose counters are to be
synchronized with on-disk usage during system startup. See
also vquota(8).
vknetd_enable
(bool) If set to "YES", vknetd(8) will be started on boot.
vknetd_flags
(bool) Additional flags passed to vknetd(8). Usually
address/cidrbits is specified here. When no flags are
passed, default option -U will be used.
vkernel_enable
(bool) If set to "NO", any configured vkernels will not be
started.
vkernel_kill_timeout
(int) This defines the default number of seconds that we will
wait for the vkernel to shut down on its own. If after this
time it's still alive, it will be killed with SIGKILL.
vkernel_bin
(str) Defines the default path to the vkernel binary.
vkernel_list
(str) A space separated list of names for vkernels. This is
purely a configuration aid to help identify and configure
multiple vkernels. The names specified in this list will be
used to identify settings common to a vkernel instance.
Assuming that the vkernel in question was named example, you
would have the following dependent variables (filled with
reference values in this text):
vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug"
vkernel_example_memsize="64m"
vkernel_example_rootimg_list="/var/vkernel/rootimg.01"
vkernel_example_memimg="/var/vkernel/memimg.000001"
vkernel_example_user="myuser"
vkernel_example_iface_list="auto:bridge0"
vkernel_example_logfile="/dev/null"
vkernel_example_flags="-U"
vkernel_example_kill_timeout="45"
The last six are optional. They default to an empty string
if not set, except for logfile which defaults to /dev/null if
it is not set.
Note that in case vkernel_memimg is not set, the rc.d script
will create /var/vkernel, which is the vkernel's default
directory for memory images, with permissions of 1777, i.e.
world writable with the sticky bit set (see sticky(8)).
autofs_enable
(bool) If set to "YES", start the automount(8) utility and
the automountd(8) and autounmountd(8) daemons at boot time.
automount_flags
(str) If autofs_enable is set to "YES", these are the flags
to pass to the automount(8) program. By default no flags are
passed.
automountd_flags
(str) If autofs_enable is set to "YES", these are the flags
to pass to the automountd(8) daemon. By default no flags are
passed.
autounmountd_flags
(str) If autofs_enable is set to "YES", these are the flags
to pass to the autounmountd(8) daemon. By default no flags
are passed.
FILES
/etc/defaults/rc.conf
/etc/rc.conf
/etc/rc.conf.local
/etc/start_if.<interface>
SEE ALSO
gdb(1), info(1), kbdcontrol(1), varsym(1), vidcontrol(1), ip(4), ipfw(4),
kld(4), pf(4), tcp(4), udp(4), vlan(4), wg(4), autofs(5), auto_master(5),
exports(5), motd(5), resident.conf(5), varsym.conf(5), accton(8),
automount(8), automountd(8), autounmountd(8), btconfig(8), bthcid(8),
cron(8), devd(8), dhclient(8), dhcpcd(8), dntpd(8), ftpd(8), ifconfig(8),
inetd(8), ip6addrctl(8), jail(8), lpd(8), makewhatis(8), mixer(8),
mountd(8), moused(8), nfsd(8), pcnfsd(8), pfctl(8), pflogd(8),
quotacheck(8), quotaon(8), rc(8), rc.sendmail(8), resident(8),
rndcontrol(8), route(8), routed(8), rpcbind(8), rpc.lockd(8),
rpc.statd(8), rtadvd(8), rtsold(8), rwhod(8), savecore(8), sdpd(8),
sensorsd(8), sshd(8), swapon(8), sysctl(8), syslogd(8), sysvipcd(8),
vinum(8), wpa_supplicant(8), yp(8), ypbind(8), ypserv(8), ypset(8)
HISTORY
The rc.conf file appeared in FreeBSD 2.2.2.
AUTHORS
Jordan K. Hubbard.
DragonFly 6.5-DEVELOPMENT December 3, 2024 DragonFly 6.5-DEVELOPMENT