1 # $NetBSD: rc.conf,v 1.167 2023/10/05 08:19:27 abs Exp $ 2 # 3 # /etc/defaults/rc.conf -- 4 # default configuration of /etc/rc.conf 5 # 6 # see rc.conf(5) for more information. 7 # 8 # DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE. 9 # EDIT /etc/rc.conf INSTEAD. 10 # 11 12 # 13 # Use program=YES to enable program, NO to disable it. program_flags are 14 # passed to the program on the command line. 15 # 16 17 # Uncomment this if you want to use local paths in rc. 18 # 19 #export PATH=$PATH:/usr/pkg/sbin:/usr/pkg/bin:/usr/local/sbin:/usr/local/bin 20 21 # Uncomment the following to execute each /etc/rc.d script in 22 # the current shell rather than in a subshell. This may be 23 # faster on very slow machines that have an expensive fork(2). 24 # NOTE: USE THIS AT YOUR OWN RISK; A ROGUE COMMAND 25 # MAY INADVERTENTLY PREVENT BOOT TO MULTIUSER. 26 # 27 #rc_fast_and_loose=YES 28 29 # If rc_silent is true then /etc/rc will suppress most output to 30 # the console. The default is taken from the AB_SILENT flag passed 31 # from the boot loader to the kernel in the boothowto(9) variable. 32 # 33 # rc_silent_cmd is executed once for each suppressed line of output. 34 # Useful values are ":" and "twiddle". 35 # 36 rc_silent=$( [ "$(( $(/sbin/sysctl -n kern.boothowto 2>/dev/null || echo 0) \ 37 & 0x40000 ))" != 0 ] && echo true || echo false ) 38 rc_silent_cmd=twiddle 39 40 # Additional flags to the rcorder(8) that's run by /etc/rc. 41 # 42 rc_rcorder_flags="" 43 44 # The directories searched for rc scripts. 45 # These directories must be part of the root file system. 46 rc_directories=/etc/rc.d 47 48 # If this is set to NO, shutdown(8) will not run /etc/rc.shutdown. 49 # 50 do_rcshutdown=YES 51 52 # Additional flags to the rcorder(8) that's run by /etc/rc.shutdown. 53 # 54 rcshutdown_rcorder_flags="" 55 56 # If this is non-blank, use as the number of seconds to run a watchdog 57 # timer which will terminate /etc/rc.shutdown if the timeout expires. 58 # 59 rcshutdown_timeout="" 60 61 62 # Basic network configuration 63 # 64 65 # Fully Qualified Internet Domain Name (a.k.a. hostname, e.g. foo.baz.edu). 66 # If blank, use /etc/myname. 67 # 68 hostname="" 69 70 # If there's only one way out of your IPv4 network, set this to the hostname 71 # or the IPv4 address of the router that will get your packets off the LAN. 72 # If blank, use /etc/mygate. 73 # 74 defaultroute="" 75 76 # Same thing for IPv6. If blank, use /etc/mygate6. 77 # 78 defaultroute6="" 79 80 # The NIS domain name (formerly known as Yellow Pages); not in any way 81 # related to Internet domain names. 82 # If blank, use /etc/defaultdomain. 83 # 84 domainname="" 85 86 # Filesystems to mount early in boot-up. 87 # Note that `/var' is needed in $critical_filesystems_local (or 88 # implied as part of `/') as certain services that need /var (such as 89 # dhcpcd) may be needed to get the network operational enough to mount 90 # the $critical_filesystems_remote. Prepending "OPTIONAL:" means it 91 # will not be an error if that file system is not present in fstab(5). 92 # 93 critical_filesystems_local="OPTIONAL:/var" 94 critical_filesystems_remote="OPTIONAL:/usr" 95 critical_filesystems_zfs="" 96 97 # Swap device controls. 98 # 99 no_swap=NO # Set to YES if you have purposefully setup no swap 100 # partitions and don't want to be warned about it. 101 swapoff=YES # Remove block-type swap partitions upon shutdown 102 # This defaults to yes, so that raids shutdown cleanly 103 swapoff_umount=auto # Set to 'manual' to umount the tmpfs partitions listed 104 # in swapoff_umount_fs before removing swap. Set to 105 # 'auto' to umount all tmpfs partitions that contain 106 # no device nodes. 107 swapoff_umount_fs= # space-separated list of tmpfs mount points to umount 108 # before removing swap if swapoff_umount=manual 109 110 # Concatenated disk driver. 111 # 112 ccd=YES 113 114 # RAIDframe driver (manually configured devices). 115 # 116 raidframe=YES 117 118 # Crypto file system. 119 # 120 cgd=YES 121 122 # Logical Volume Manager 123 # 124 lvm=NO 125 126 # One-time actions and programs on boot-up. 127 # 128 savecore=YES savecore_flags="-z" 129 savecore_dir="/var/crash" 130 resize_disklabel=NO # resize disklabel to fill disk 131 resize_gpt=NO # resize GPT to fill disk 132 resize_root=NO # resize root to fill partition 133 per_user_tmp=NO # per-user /tmp directories 134 per_user_tmp_dir="/private/tmp" # real storage for /tmp 135 clear_tmp=YES # clear /tmp after reboot 136 update_motd=YES # updates /etc/motd 137 update_motd_release=NO motd_release_tag="" # release info in /etc/motd 138 dmesg=YES dmesg_flags="-t" # write /var/run/dmesg.boot 139 accounting=NO # uses /var/account/acct 140 newsyslog=NO newsyslog_flags="" # trim log files 141 quota=YES # check and enable quotas 142 ldconfig=YES # rebuild a.out ldconfig cache 143 sysdb=YES # build system databases 144 rndctl=NO rndctl_flags="" # configure rndctl(8) 145 gpio=NO # configure GPIO devices 146 modules=YES # process /etc/modules.conf 147 certctl_init=NO # rehash /etc/openssl/certs 148 149 # cope with other OSes using the real time clock at localtime on this 150 # machine (by adjusting kern.rtc_offset at boot) 151 rtclocaltime=NO 152 153 # NOTE: default coredump name now set in /etc/sysctl.conf 154 155 # 156 # File system check flags; default to preen mode, checking file systems 157 # that are listed in /etc/fstab in parallel as the fsck pass number 158 # permits. Fix minor faults automatically, and exit with non 0 only 159 # when major errors occur. 160 # 161 fsck_flags=-p 162 163 # Security setting. If $securelevel is non-empty, the system securelevel 164 # is set to this value early in the boot sequence. Otherwise the default 165 # action is taken (see init(8)). 166 # 167 securelevel="" # securelevel to set to 168 169 # To set the IP address of an interface either use 170 # ifconfig_xxN="IP-NO" 171 # where xxN is the interface. If this variable is not set then 172 # contents of the file /etc/ifconfig.xxN is used. 173 174 # Networking startup. 175 # 176 # Wait up to 15 seconds for the tentative flag to clear from all addresses. 177 # Wait up to 5 seconds for the detached flag to clear from all addresses. 178 # Addresses are detached if there is no carrier, thus we have a small 179 # wait to see if we get a carrier. 180 # Even a wired interface may not recognise it has a carrier right away. 181 ifconfig_wait_dad_flags="-w 15 -W 5" 182 183 mdnsd=NO 184 npf=NO npf_rules="/etc/npf.conf" 185 npfd=NO npfd_flags="" 186 ipfilter=NO ipfilter_flags="" # uses /etc/ipf.conf 187 ipnat=NO # uses /etc/ipnat.conf 188 ipfs=NO ipfs_flags="" # save/load ipnat and ipf states 189 ipsec=NO # uses /etc/ipsec.conf 190 ipmon=NO ipmon_flags="-Dns" # syslog ipfilter messages 191 pf=NO pf_rules="/etc/pf.conf" pf_flags="" 192 pflogd=NO 193 ftp_proxy=NO 194 racoon=NO # IKE daemon 195 auto_ifconfig=YES # config all avail. interfaces 196 net_interfaces="" # used only if above is NO 197 flushroutes=YES # flush routes in netstart 198 dhcpcd=NO dhcpcd_flags="-qM" # For ifconfig_XXX=dhcp. 199 ntpdate=NO ntpdate_flags="-b -s" # May need '-u' thru firewall 200 ppp=YES ppp_peers="" # /etc/ppp/peers to call 201 ip6mode=host # host, autohost or router 202 ip6uniquelocal=NO # IPv6 unique-local forwarding 203 204 # Special treatment for interfaces that need to be downed on 205 # shutdown (because they might cause unnecessary costs or block resources 206 # on the peer). All pppoe* interfaces are automatically included in this 207 # list, add others here manually. 208 #force_down_interfaces="" 209 210 ifwatchd=NO # execute up/down scripts for in-kernel PPPoE interfaces 211 ifwatchd_flags="-u /etc/ppp/ip-up -d /etc/ppp/ip-down pppoe0" 212 213 # ALTQ configuration/monitoring daemon 214 altqd=NO altqd_flags="" 215 216 # Daemons required by servers. These are not needed for strictly client use. 217 # 218 219 # inetd is used to start the IP-based services enabled in /etc/inetd.conf 220 # 221 inetd=YES inetd_flags="-l" # -l logs libwrap 222 223 # identd 224 # 225 identd=NO identd_flags="-b -l -u nobody" 226 227 # rpcbind (formerly known as 'portmap') is used to look up RPC-based services. 228 # 229 rpcbind=NO rpcbind_flags="-l" # -l logs libwrap 230 231 # Commonly used daemons. 232 # 233 syslogd=YES syslogd_flags="-s" # -s "secure" unix domain only 234 cron=YES 235 named=NO named_flags="" # see below for named_chrootdir 236 timed=NO timed_flags="" 237 ntpd=NO ntpd_flags="" # see below for ntpd_chrootdir 238 # The default setting for postfix here is YES, but gets re-examined by 239 # the rc.d/postfix startup script when it runs. The script sets 240 # _rc_d_postfix to "check", and then causes all rc.conf settings to 241 # be re-evaluated. If the value of $postfix after this is "check", 242 # the script then checks to see if /etc/mailer.conf selects the system 243 # postfix. If not, it does print a warning and does not start postfix 244 # to avoid conflict with a different MTA. 245 postfix=${_rc_d_postfix:-YES} 246 lpd=NO lpd_flags="-s" # -s "secure" unix domain only 247 sshd=NO sshd_flags="" 248 ssh_keygen_flags="" 249 ftpd=NO ftpd_flags="-ll" 250 httpd=NO httpd_flags="" 251 httpd_wwwdir="/var/www" 252 httpd_wwwuser="_httpd" 253 254 # To run the named(8) DNS server as an unprivileged user under a 255 # chroot(2) cage, uncomment the following after migrating the contents 256 # of /etc/namedb to /var/chroot/named/etc/namedb 257 # 258 #named_chrootdir="/var/chroot/named" 259 260 # To run the ntpd(8) NTP server as an unprivileged user under a 261 # chroot(2) cage, uncomment the following, after ensuring that: 262 # - The kernel has "pseudo-device clockctl" compiled in 263 # - /dev/clockctl is present 264 # 265 #ntpd_chrootdir="/var/chroot/ntpd" 266 267 # Routing daemons. 268 # 269 routed=NO routed_flags="-q" 270 gated=NO 271 mrouted=NO mrouted_flags="" 272 route6d=NO route6d_flags="" 273 ldpd=NO 274 275 # Daemons used to boot other hosts over a network. 276 # 277 rarpd=NO rarpd_flags="-a" 278 bootparamd=NO bootparamd_flags="" 279 dhcpd=NO dhcpd_flags="-q" 280 dhcpd6=NO dhcpd6_flags="-q -cf /etc/dhcpd6.conf" 281 dhcrelay=NO dhcrelay_flags="" 282 rbootd=NO rbootd_flags="" 283 mopd=NO mopd_flags="-a" 284 ndbootd=NO ndbootd_flags="-s /tftpboot /tftpboot/bootyy" 285 rtadvd=NO rtadvd_flags="" 286 isibootd=NO isibootd_flags="" 287 288 # X11 daemons. 289 # 290 xfs=NO xfs_flags="" # X11 font server 291 xdm=NO xdm_flags="" # X11 display manager; needs 292 # wscons=YES for local displays. 293 294 # Update fontconfig cache at boot 295 fccache=YES 296 297 # YP (NIS) daemons. 298 # 299 ypbind=NO ypbind_flags="" 300 ypserv=NO ypserv_flags="-d" 301 yppasswdd=NO yppasswdd_flags="" 302 303 # NFS daemons and parameters. 304 # 305 mountd=NO mountd_flags="" # NFS mount requests daemon 306 nfs_client=NO # enable client daemons 307 nfs_server=NO # enable server daemons 308 nfsd_flags="" 309 lockd=NO lockd_flags="" 310 statd=NO statd_flags="" 311 amd=NO amd_flags="-l syslog -x error,noinfo,nostats" 312 amd_dir=/amd # mount dir 313 314 # Heimdal Kerberos 5 KDC (with Kerberos IV compatibility) 315 kdc=NO kdc_flags="--detach" 316 317 # iSCSI target 318 iscsi_target=NO iscsi_target_flags="" 319 # iSCSI kernel initiator 320 iscsid=NO 321 # iSCSI attach from /etc/iscsi/volumes 322 iscsid_volumes=YES 323 324 # WPA daemons. 325 hostapd=NO hostapd_flags="-Bs /etc/hostapd.conf" 326 wpa_supplicant=NO wpa_supplicant_flags="-Ms -c /etc/wpa_supplicant.conf" 327 328 # Bluetooth configuration 329 bluetooth=NO 330 # and the following are used when bluetooth=YES 331 btconfig_devices="" # all 332 bthcid=YES bthcid_flags="" 333 sdpd=YES sdpd_flags="" 334 335 # Other daemons. 336 # 337 rwhod=NO rwhod_flags="-u _rwhod" 338 devpubd=NO devpubd_flags="" # autocreate nodes for new devs 339 envsys=NO # Set /etc/envsys.conf preferences 340 autofs=NO automount_flags="" 341 automountd_flags="" 342 autounmountd_flags="" 343 344 # Hardware daemons. 345 # 346 apmd=NO apmd_flags="" # APM power management daemon. 347 powerd=NO powerd_flags="" # power management daemon 348 screenblank=NO screenblank_flags="" # wscons and FBIO screenblanker 349 350 moused=NO # serial mouse handler 351 moused_flags="-p /dev/tty00" 352 353 wdogctl=NO # watchdog timer control 354 # wdogctl_flags="-k devicename" 355 irdaattach=NO # attach serial lines to IrDA 356 irdaattach_flags="tty00" 357 358 # Configuration of "wscons" console driver virtual screens. 359 # 360 wscons=NO wscons_flags="" # setup wscons from wscons.conf 361 362 # Configuration of "wsmoused" console driver cut-n-paste support 363 # 364 wsmoused=NO wsmoused_flags="" 365 366 # Configuration of "tpctl" touch panel calibration utility 367 # 368 tpctl=NO tpctl_flags="" 369 370 # Mixer setting 371 # 372 mixerctl=NO mixerctl_mixers="" # "mixer0 mixer1" means saving 373 # and restoring their settings 374 375 # Vi recovery notification. Vi(1)'s -r option can recover files which were 376 # accidentally closed. See vi(1) for more details. 377 # 378 virecover=YES 379 380 # Veriexec signature loading. 381 # 382 veriexec=NO 383 veriexec_strict=0 384 veriexec_verbose=0 385 veriexec_flags="-k" 386 387 # Entropy load/save to/from /dev/random at startup/shutdown 388 # 389 random_seed=YES 390 391 # Set to `check' to abort multi-user boot if not enough entropy, or 392 # `wait' to wait until enough entropy, or `' (empty) to boot without 393 # waiting or checking. 394 # 395 entropy="wait" 396 397 # Creating / updating of man page index on boot 398 makemandb=YES 399 400 # Disable Simultaneous Multi-Threading 401 smtoff=NO 402 403 # blocklist daemon, needs npf 404 blocklistd=NO 405 406 # IPv6 address selection policy 407 ip6addrctl=NO 408 # ipv6_prefer, ipv4_prefer, auto 409 ip6addrctl_policy=auto 410 ip6addrctl_verbose=NO 411 412 # Unbound 413 unbound=NO 414 unbound_chrootdir=/var/chroot/unbound 415 416 # Nsd 417 nsd=NO 418 nsd_chrootdir=/var/chroot/nsd 419 nsd_flags="-t ${nsd_chrootdir}" 420 421 # ZFS 422 zfs=NO 423
Indexes created Sun Sep 21 19:09:51 GMT 2025