rc.conf revision 1.75
1 # $NetBSD: rc.conf,v 1.75 2006/04/30 12:54:26 rpaulo Exp $ 2 # 3 # /etc/defaults/rc.conf -- 4 # default configuration of /etc/rc.conf 5 # 6 # see rc.conf(5) for more information. 7 # 8 # DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE. 9 # EDIT /etc/rc.conf INSTEAD. 10 # 11 12 # 13 # Use program=YES to enable program, NO to disable it. program_flags are 14 # passed to the program on the command line. 15 # 16 17 # Uncomment this if you want to use local paths in rc. 18 # 19 #export PATH=$PATH:/usr/pkg/sbin:/usr/pkg/bin:/usr/local/sbin:/usr/local/bin 20 21 # Uncomment the following to execute each /etc/rc.d script in 22 # the current shell rather than in a subshell. This may be 23 # faster on very slow machines that have an expensive fork(2). 24 # NOTE: USE THIS AT YOUR OWN RISK; A ROGUE COMMAND 25 # MAY INADVERTENTLY PREVENT BOOT TO MULTIUSER. 26 # 27 #rc_fast_and_loose=YES 28 29 # Additional flags to the rcorder(8) that's run by /etc/rc. 30 # 31 rc_rcorder_flags="" 32 33 # If this is set to NO, shutdown(8) will not run /etc/rc.shutdown. 34 # 35 do_rcshutdown=YES 36 37 # Additional flags to the rcorder(8) that's run by /etc/rc.shutdown. 38 # 39 rcshutdown_rcorder_flags="" 40 41 # If this is non-blank, use as the number of seconds to run a watchdog 42 # timer which will terminate /etc/rc.shutdown if the timeout expires. 43 # 44 rcshutdown_timeout="" 45 46 47 # Basic network configuration 48 # 49 50 # Fully Qualified Internet Domain Name (a.k.a. hostname, e.g. foo.baz.edu). 51 # If blank, use /etc/myname. 52 # 53 hostname="" 54 55 # If there's only one way out of your IPv4 network, set this to the hostname 56 # or the IPv4 address of the router that will get your packets off the LAN. 57 # If blank, use /etc/mygate. 58 # 59 defaultroute="" 60 61 # Same thing for IPv6. If blank, use /etc/mygate6. 62 # 63 defaultroute6="" 64 65 # The NIS domain name (formerly known as Yellow Pages); not in any way 66 # related to Internet domain names. 67 # If blank, use /etc/defaultdomain. 68 # 69 domainname="" 70 71 # Filesystems to mount early in boot-up. 72 # Note that `/var' is needed in $critical_filesystems_local (or 73 # implied as part of `/') as certain services that need /var (such as 74 # dhclient) may be needed to get the network operational enough to mount 75 # the $critical_filesystems_remote. 76 # 77 critical_filesystems_local="/var" 78 critical_filesystems_remote="/usr" 79 80 # Swap device controls. 81 # 82 no_swap=NO # Set to YES if you have purposefully setup no swap 83 # partitions and don't want to be warned about it. 84 swapoff=YES # Remove block-type swap partitions upon shutdown 85 # This defaults to yes, so that raids shutdown cleanly 86 87 # Concatenated disk driver. 88 # 89 ccd=YES 90 91 # RAIDframe driver (manually configured devices). 92 # 93 raidframe=YES 94 95 # Crypto file system. 96 # 97 cgd=YES 98 99 # One-time actions and programs on boot-up. 100 # 101 lkm=NO # Run /etc/rc.lkm. /usr needs to be part of /, or 102 # part of critical_filesystems_local. 103 104 savecore=YES savecore_flags="-z" 105 savecore_dir="/var/crash" 106 clear_tmp=YES # clear /tmp after reboot 107 update_motd=YES # updates /etc/motd 108 dmesg=YES dmesg_flags="" # write /var/run/dmesg.boot 109 accounting=NO # uses /var/account/acct 110 newsyslog=NO newsyslog_flags="" # trim log files 111 quota=YES # check and enable quotas 112 ldconfig=YES # rebuild a.out ldconfig cache 113 114 # cope with other OSes using the real time clock at localtime on this 115 # machine (by adjusting kern.rtc_offset at boot) 116 rtclocaltime=NO 117 118 # NOTE: default coredump name now set in /etc/sysctl.conf 119 120 # Automatically check for and repair the botched superblock problem 121 fixsb=YES 122 123 # 124 # File system check flags; default to preen mode, checking filesystems 125 # that are listed in /etc/fstab in parallel as the fsck pass number 126 # permits. Fix minor faults automatically, and exit with non 0 only 127 # when major errors occur. 128 # 129 fsck_flags=-p 130 131 # Security setting. If $securelevel is non-empty, the system securelevel 132 # is set to this value early in the boot sequence. Otherwise the default 133 # action is taken (see init(8)). 134 # 135 securelevel="" # securelevel to set to 136 137 # To set the IP address of an interface either use 138 # ifconfig_xxN="IP-NO" 139 # where xxN is the interface. If this variable is not set then 140 # contents of the file /etc/ifconfig.xxN is used. 141 142 # Networking startup. 143 # 144 ipfilter=NO # uses /etc/ipf.conf 145 ipnat=NO # uses /etc/ipnat.conf 146 ipfs=NO ipfs_flags="" # save/load ipnat and ipf states 147 ipsec=NO # uses /etc/ipsec.conf 148 ipmon=NO ipmon_flags="-Dns" # syslog ipfilter messages 149 pf=NO pf_rules="/etc/pf.conf" 150 pflogd=NO 151 racoon=NO # IKE daemon 152 auto_ifconfig=YES # config all avail. interfaces 153 net_interfaces="" # used only if above is NO 154 flushroutes=YES # flush routes in netstart 155 dhclient=NO # behave as a DHCP client 156 dhclient_flags="" # blank: config all interfaces 157 ntpdate=NO ntpdate_flags="-b -s" # May need '-u' thru firewall 158 ppp_peers="" # /etc/ppp/peers to call 159 ip6mode=host # host, autohost or router 160 ip6uniquelocal=NO # IPv6 unique-local forwarding 161 rtsol=NO rtsol_flags="-a" # for ip6mode=autohost only 162 163 # Special treatment for interfaces that need to be downed on 164 # shutdown (because they might cause unnecessary costs or block resources 165 # on the peer). All pppoe* interfaces are automatically included in this 166 # list, add others here manually. 167 #force_down_interfaces="" 168 169 ifwatchd=NO # execute up/down scripts for in-kernel PPPoE interfaces 170 ifwatchd_flags="-u /etc/ppp/ip-up -d /etc/ppp/ip-down pppoe0" 171 172 # ALTQ configuration/monitoring daemon 173 altqd=NO altqd_flags="" 174 175 # Daemons required by servers. These are not needed for strictly client use. 176 # 177 178 # inetd is used to start the IP-based services enabled in /etc/inetd.conf 179 # 180 inetd=YES inetd_flags="-l" # -l logs libwrap 181 182 # identd 183 # 184 identd=NO identd_flags="-b -l -u nobody" 185 186 # rpcbind (formerly known as 'portmap') is used to look up RPC-based services. 187 # 188 rpcbind=NO rpcbind_flags="-l" # -l logs libwrap 189 190 # Commonly used daemons. 191 # 192 syslogd=YES syslogd_flags="-s" # -s "secure" unix domain only 193 cron=YES 194 named=NO named_flags="" # see below for named_chrootdir 195 timed=NO timed_flags="" 196 ntpd=NO ntpd_flags="" # see below for ntpd_chrootdir 197 postfix=NO 198 lpd=NO lpd_flags="-s" # -s "secure" unix domain only 199 sshd=NO sshd_flags="" 200 ssh_keygen_flags="-b 1024" # generate 1024 bit keys if host keys missing 201 ftpd=NO ftpd_flags="-ll" 202 203 # sendmail can now be run either as a suid root binary or as a sgid 204 # smmsp binary. In the former case, you must not have the file 205 # /etc/mail/submit.cf, otherwise sendmail will behave as if it was 206 # sgid. This can result in mail not being delivered. You must also 207 # manually set the owner and mode on the sendmail binary. 208 # 209 # The smmsp process is a sendmail helper that periodically flushes the 210 # "client" queue in the sgid case. If you are using sendmail as a 211 # suid root program, then smmsp is not needed. 212 # 213 # The default setting for sendmail here is NO, but gets re-examined by 214 # the rc.d/sendmail startup script when it runs. The script sets 215 # _rc_d_sendmail to "check", and then causes all rc.conf settings to 216 # be re-evaluated. If the value of $sendmail after this is "check", 217 # the script then checks to see if any changes have been made to the 218 # default mailer configuration. If no changes are detected, the value 219 # of $sendmail is set to YES to cause the sendmail daemon to be 220 # started. This is so that local processes can send mail without it 221 # getting left in the submission queue. Changes are defined as any of 222 # the following: 223 # 224 # * path to sendmail in mailer.conf is different 225 # * sendmail not found at the default path 226 # * sendmail_suidroot is yes 227 # * if the binary is not sgid to smmsp 228 # 229 # If $sendmail is set to YES or NO in /etc/rc.conf, these checks are 230 # skipped. 231 # 232 sendmail=${_rc_d_sendmail:-NO} 233 sendmail_flags="-Lsm-mta -bd -q30m" 234 sendmail_suidroot=NO 235 smmsp=NO smmsp_flags="-Lsm-msp-queue -Ac -q30m" 236 237 238 # To run the named(8) DNS server as an unprivileged user under a 239 # chroot(2) cage, uncomment the following after migrating the contents 240 # of /etc/namedb to /var/chroot/named/etc/namedb 241 # 242 #named_chrootdir="/var/chroot/named" 243 244 # To run the ntpd(8) NTP server as an unprivileged user under a 245 # chroot(2) cage, uncomment the following, after ensuring that: 246 # - The kernel has "pseudo-device clockctl" compiled in 247 # - /dev/clockctl is present 248 # 249 #ntpd_chrootdir="/var/chroot/ntpd" 250 251 # Routing daemons. 252 # 253 routed=NO routed_flags="-q" 254 gated=NO 255 mrouted=NO mrouted_flags="" 256 route6d=NO route6d_flags="" 257 rtsold=NO rtsold_flags="" # for ip6mode=autohost only 258 259 # Daemons used to boot other hosts over a network. 260 # 261 rarpd=NO rarpd_flags="-a" 262 bootparamd=NO bootparamd_flags="" 263 dhcpd=NO dhcpd_flags="-q" 264 dhcrelay=NO dhcrelay_flags="" 265 rbootd=NO rbootd_flags="" 266 mopd=NO mopd_flags="-a" 267 ndbootd=NO ndbootd_flags="-s /tftpboot /tftpboot/bootyy" 268 rtadvd=NO rtadvd_flags="" 269 270 # X11 daemons. 271 # 272 xfs=NO xfs_flags="" # X11 font server 273 xdm=NO xdm_flags="" # X11 display manager; needs 274 # wscons=YES for local displays. 275 276 # YP (NIS) daemons. 277 # 278 ypbind=NO ypbind_flags="" 279 ypserv=NO ypserv_flags="-d" 280 yppasswdd=NO yppasswdd_flags="" 281 282 # NFS daemons and parameters. 283 # 284 mountd=NO mountd_flags="" # NFS mount requests daemon 285 nfs_client=NO # enable client daemons 286 nfs_server=NO # enable server daemons 287 nfsd_flags="-6tun 4" 288 lockd=NO lockd_flags="" 289 statd=NO statd_flags="" 290 amd=NO amd_flags="-l syslog -x error,noinfo,nostats" 291 amd_dir=/amd # mount dir 292 293 # Heimdal Kerberos 5 KDC (with Kerberos IV compatibility) 294 kdc=NO kdc_flags="" 295 296 # iSCSI target 297 iscsi_target=NO iscsi_target_flags="" 298 299 # WPA daemons. 300 hostapd=NO hostapd_flags="-B /etc/hostapd.conf" 301 302 # ISDN daemon 303 isdnd=NO isdnd_flags="" 304 305 # Other daemons. 306 # 307 rwhod=NO rwhod_flags="-u _rwhod" 308 309 # Hardware daemons. 310 # 311 apmd=NO apmd_flags="" # APM power management daemon. 312 poffd=NO # x68k power switch monitor 313 poffd_flags="'shutdown -p now'" 314 powerd=NO powerd_flags="" # power management daemon 315 screenblank=NO screenblank_flags="" # wscons and FBIO screenblanker 316 317 moused=NO # serial mouse handler 318 moused_flags="-p /dev/tty00" 319 320 wdogctl=NO # watchdog timer control 321 # wdogctl_flags="-k devicename" 322 323 # Configuration of "wscons" console driver virtual screens. 324 # 325 wscons=NO wscons_flags="" # setup wscons from wscons.conf 326 327 # Configuration of "wsmoused" console driver cut-n-paste support 328 # 329 wsmoused=NO wsmoused_flags="" 330 331 # Configuration of "tpctl" touch panel calibration utility 332 # 333 tpctl=NO tpctl_flags="" 334 335 # Mixer setting 336 # 337 mixerctl=NO mixerctl_mixers="" # "mixer0 mixer1" means saving 338 # and restoring their settings 339 340 # Vi recovery notification. Vi(1)'s -r option can recover files which were 341 # accidentally closed. See vi(1) for more details. 342 # 343 virecover=YES 344 345 # Verified exec signature loading. 346 # 347 veriexec=NO 348 veriexec_strict=0 349 veriexec_verbose=0 350
Indexes created Thu Oct 02 14:10:14 GMT 2025