freebsd-dev/etc/defaults/rc.conf

403 lines
21 KiB
Plaintext
Raw Normal View History

#!/bin/sh
#
# This is rc.conf - a file full of useful variables that you can set
# to change the default startup behavior of your system. You should
# not edit this file! Put any overrides into one of the ${rc_conf_files}
# instead and you will be able to update these defaults later without
# spamming your local configuration information.
#
# The ${rc_conf_files} files should only contain values which override
# values set in this file. This eases the upgrade path when defaults
# are changed and new features are added.
#
1997-04-28 10:14:45 +00:00
# All arguments must be in double or single quotes.
#
1999-08-27 23:37:10 +00:00
# $FreeBSD$
##############################################################
### Important initial Boot-time options ####################
##############################################################
1997-04-28 10:14:45 +00:00
swapfile="NO" # Set to name of swapfile if aux swapfile desired.
apm_enable="NO" # Set to YES to enable APM BIOS functions (or NO).
apmd_enable="NO" # Run apmd to handle APM event from userland.
apmd_flags="" # Flags to apmd (if enabled).
1997-04-28 10:14:45 +00:00
pccard_enable="NO" # Set to YES if you want to configure PCCARD devices.
pccard_mem="DEFAULT" # If pccard_enable=YES, this is card memory address.
pccard_beep="2" # pccard beep type.
1997-04-28 10:14:45 +00:00
pccard_ifconfig="NO" # Specialized pccard ethernet configuration (or NO).
1999-07-04 14:41:20 +00:00
pccardd_flags="" # Additional flags for pccardd.
pccard_conf="/etc/defaults/pccard.conf" # pccardd(8) config file
pccard_ether_delay="5" # Delay before trying to start dhclient in pccard_ether
removable_interfaces="" # Removable network interfaces for /etc/pccard_ether.
local_startup="/usr/local/etc/rc.d /usr/X11R6/etc/rc.d" # startup script dirs.
script_name_sep=" " # Change if your startup scripts' names contain spaces
rc_conf_files="/etc/rc.conf /etc/rc.conf.local"
fsck_y_enable="NO" # Set to YES to do fsck -y if the initial preen fails.
background_fsck="YES" # Attempt to run fsck in the background where possible.
extra_netfs_types="NO" # List of network extra filesystem types for delayed
# mount at startup (or NO).
##############################################################
### Network configuration sub-section ######################
##############################################################
### Basic network and firewall/security options: ###
1999-07-18 09:58:01 +00:00
hostname="" # Set this!
1997-04-28 10:14:45 +00:00
nisdomainname="NO" # Set to NIS domain if using NIS (or NO).
dhcp_program="/sbin/dhclient" # Path to dhcp client program.
dhcp_flags="" # Additional flags to pass to dhcp client.
firewall_enable="NO" # Set to YES to enable firewall functionality
firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall)
firewall_quiet="NO" # Set to YES to suppress rule display
firewall_logging="NO" # Set to YES to enable events logging
firewall_flags="" # Flags passed to ipfw when type is a file
ip_portrange_first="NO" # Set first dynamically allocated port
ip_portrange_last="NO" # Set last dynamically allocated port
ipsec_enable="NO" # Set to YES to run setkey on ipsec_file
ipsec_file="/etc/ipsec.conf" # Name of config file for setkey
1999-03-24 10:27:46 +00:00
natd_program="/sbin/natd" # path to natd, if you want a different one.
natd_enable="NO" # Enable natd (if firewall_enable == YES).
natd_interface="" # Public interface or IPaddress to use.
natd_flags="" # Additional flags for natd.
ipfilter_enable="NO" # Set to YES to enable ipfilter functionality
ipfilter_program="/sbin/ipf" # where the ipfilter program lives
ipfilter_rules="/etc/ipf.rules" # rules definition file for ipfilter, see
# /usr/src/contrib/ipfilter/rules for examples
ipfilter_flags="" # additional flags for ipfilter
ipnat_enable="NO" # Set to YES to enable ipnat functionality
ipnat_program="/sbin/ipnat" # where the ipnat program lives
ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat
ipnat_flags="" # additional flags for ipnat
ipmon_enable="NO" # Set to YES for ipmon; needs ipfilter or ipnat
ipmon_program="/sbin/ipmon" # where the ipfilter monitor program lives
ipmon_flags="-Ds" # typically "-Ds" or "-D /var/log/ipflog"
ipfs_enable="NO" # Set to YES to enable saving and restoring
# of state tables at shutdown and boot
ipfs_program="/sbin/ipfs" # where the ipfs program lives
ipfs_flags="" # additional flags for ipfs
2001-05-25 01:46:39 +00:00
tcp_extensions="YES" # Set to NO to turn off RFC1323 extensions.
log_in_vain="0" # >=1 to log connects to ports w/o listeners.
1999-08-14 03:42:27 +00:00
tcp_keepalive="YES" # Enable stale TCP connection timeout (or NO).
# For the following two options, you need to have TCP_DROP_SYNFIN and
# TCP_RESTRICT_RST set in your kernel. Please refer to LINT for details.
tcp_drop_synfin="NO" # Set to YES to drop TCP packets with SYN+FIN
2000-05-18 19:02:47 +00:00
# NOTE: this violates the TCP specification
icmp_drop_redirect="NO" # Set to YES to ignore ICMP REDIRECT packets
icmp_log_redirect="NO" # Set to YES to log ICMP REDIRECT packets
network_interfaces="auto" # List of network interfaces (or "auto").
cloned_interfaces="" # List of cloned network interfaces to create.
#cloned_interfaces="gif0 gif1 gif2 gif3" # Pre-cloning GENERIC config.
ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration.
#ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias entry.
#ifconfig_ed0_ipx="ipx 0x00010010" # Sample IPX address family entry.
#
# If you have any sppp(4) interfaces above, you might also want to set
# the following parameters. Refer to spppcontrol(8) for their meaning.
sppp_interfaces="" # List of sppp interfaces.
#sppp_interfaces="isp0" # example: sppp over ISDN
#spppconfig_isp0="authproto=chap myauthname=foo myauthsecret='top secret' hisauthname=some-gw hisauthsecret='another secret'"
gif_interfaces="NO" # List of GIF tunnels (or "NO").
#gif_interfaces="gif0 gif1" # Examples typically for a router.
# Choose correct tunnel addrs.
#gifconfig_gif0="10.1.1.1 10.1.2.1" # Examples typically for a router.
#gifconfig_gif1="10.1.1.2 10.1.2.2" # Examples typically for a router.
# User ppp configuration.
ppp_enable="NO" # Start user-ppp (or NO).
ppp_mode="auto" # Choice of "auto", "ddial", "direct" or "dedicated".
# For details see man page for ppp(8). Default is auto.
ppp_nat="YES" # Use PPP's internal network address translation or NO.
ppp_profile="papchap" # Which profile to use from /etc/ppp/ppp.conf.
ppp_user="root" # Which user to run ppp as
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
### Network daemon (miscellaneous) ###
1997-04-28 10:14:45 +00:00
syslogd_enable="YES" # Run syslog daemon (or NO).
syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one.
syslogd_flags="-s" # Flags to syslogd (if enabled).
#syslogd_flags="-ss" # Syslogd flags to not bind an inet socket
inetd_enable="NO" # Run the network daemon dispatcher (YES/NO).
inetd_program="/usr/sbin/inetd" # path to inetd, if you want a different one.
inetd_flags="-wW" # Optional flags to inetd
#
# named. It may be possible to run named in a sandbox, man security for
# details.
#
1997-04-28 10:14:45 +00:00
named_enable="NO" # Run named, the DNS server (or NO).
1998-05-04 05:26:46 +00:00
named_program="named" # path to named, if you want a different one.
named_flags="-u bind -g bind" # Flags for named
#
# kerberos. Do not run the admin daemons on slave servers
#
kerberos4_server_enable="NO" # Run a kerberos IV master server (or NO).
kerberos4_server="/usr/sbin/kerberos" # path to kerberos IV KDC
kadmind4_server_enable="NO" # Run kadmind (or NO)
kadmind4_server="/usr/sbin/kadmind" # path to kerberos IV admin daemon
kerberos5_server_enable="NO" # Run a kerberos 5 master server (or NO).
kerberos5_server="/usr/libexec/kdc" # path to kerberos 5 KDC
kadmind5_server_enable="NO" # Run kadmind (or NO)
kadmind5_server="/usr/libexec/k5admind" # path to kerberos 5 admin daemon
kerberos_stash="" # Is the kerberos master key stashed?
1997-04-28 10:14:45 +00:00
rwhod_enable="NO" # Run the rwho daemon (or NO).
rwhod_flags="" # Flags for rwhod
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
rarpd_enable="NO" # Run rarpd (or NO).
rarpd_flags="" # Flags to rarpd.
xtend_enable="NO" # Run the X-10 power controller daemon.
xtend_flags="" # Flags to xtend (if enabled).
pppoed_enable="NO" # Run the PPP over Ethernet daemon.
pppoed_provider="*" # Provider and ppp(8) config file entry.
pppoed_flags="-P /var/run/pppoed.pid" # Flags to pppoed (if enabled).
pppoed_interface="fxp0" # The interface that pppoed runs on.
sshd_enable="NO" # Enable sshd
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one.
sshd_flags="" # Additional flags for sshd.
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
### Network daemon (NFS) Need all portmap_enable="YES" ###
1997-04-28 10:14:45 +00:00
amd_enable="NO" # Run amd service with $amd_flags (or NO).
amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map"
amd_map_program="NO" # Can be set to "ypcat -k amd.master"
1997-04-28 10:14:45 +00:00
nfs_client_enable="NO" # This host is an NFS client (or NO).
nfs_access_cache="2" # Client cache timeout in seconds
1997-04-28 10:14:45 +00:00
nfs_server_enable="NO" # This host is an NFS server (or NO).
nfs_server_flags="-u -t -n 4" # Flags to nfsd (if enabled).
single_mountd_enable="NO" # Run mountd only (or NO).
mountd_flags="-r" # Flags to mountd (if NFS server enabled).
weak_mountd_authentication="NO" # Allow non-root mount requests to be served.
1997-04-28 10:14:45 +00:00
nfs_reserved_port_only="NO" # Provide NFS only on secure port (or NO).
nfs_bufpackets="DEFAULT" # bufspace (in packets) for client (or DEFAULT)
rpc_lockd_enable="NO" # Run NFS rpc.lockd needed for client/server.
rpc_statd_enable="NO" # Run NFS rpc.statd needed for client/server.
portmap_enable="NO" # Run the portmapper service (YES/NO).
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
portmap_program="/usr/sbin/rpcbind" # path to portmap, if you want a different one.
portmap_flags="" # Flags to portmap (if enabled).
rpc_ypupdated_enable="NO" # Run if NIS master and SecureRPC (or NO).
keyserv_enable="NO" # Run the SecureRPC keyserver (or NO).
keyserv_flags="" # Flags to keyserv (if enabled).
### Network Time Services options: ###
timed_enable="NO" # Run the time daemon (or NO).
timed_flags="" # Flags to timed (if enabled).
ntpdate_enable="NO" # Run ntpdate to sync time on boot (or NO).
ntpdate_program="ntpdate" # path to ntpdate, if you want a different one.
ntpdate_flags="-b" # Flags to ntpdate (if enabled).
xntpd_enable="NO" # Run ntpd Network Time Protocol (or NO).
xntpd_program="ntpd" # path to ntpd, if you want a different one.
xntpd_flags="-p /var/run/ntpd.pid" # Flags to ntpd (if enabled).
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
# Network Information Services (NIS) options: Need all portmap_enable="YES" ###
1997-06-24 22:36:42 +00:00
nis_client_enable="NO" # We're an NIS client (or NO).
nis_client_flags="" # Flags to ypbind (if enabled).
1997-04-28 10:14:45 +00:00
nis_ypset_enable="NO" # Run ypset at boot time (or NO).
nis_ypset_flags="" # Flags to ypset (if enabled).
1997-06-24 22:36:42 +00:00
nis_server_enable="NO" # We're an NIS server (or NO).
nis_server_flags="" # Flags to ypserv (if enabled).
1997-04-28 10:14:45 +00:00
nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO).
nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled).
nis_yppasswdd_enable="NO" # Run rpc.yppasswdd at boot time (or NO).
nis_yppasswdd_flags="" # Flags to rpc.yppasswdd (if enabled).
### Network routing options: ###
1997-04-28 10:14:45 +00:00
defaultrouter="NO" # Set to default gateway (or NO).
static_routes="" # Set to static route list (or leave empty).
1997-04-28 10:14:45 +00:00
gateway_enable="NO" # Set to YES if this host will be a gateway.
router_enable="NO" # Set to YES to enable a routing daemon.
1997-04-28 10:14:45 +00:00
router="routed" # Name of routing daemon to use if enabled.
router_flags="-q" # Flags for routing daemon.
1997-06-24 22:36:42 +00:00
mrouted_enable="NO" # Do multicast routing (see /etc/mrouted.conf).
mrouted_flags="" # Flags for multicast routing daemon.
1997-04-28 10:14:45 +00:00
ipxgateway_enable="NO" # Set to YES to enable IPX routing.
ipxrouted_enable="NO" # Set to YES to run the IPX routing daemon.
ipxrouted_flags="" # Flags for IPX routing daemon.
arpproxy_all="NO" # replaces obsolete kernel option ARP_PROXYALL.
forward_sourceroute="NO" # do source routing (only if gateway_enable is set to "YES")
accept_sourceroute="NO" # accept source routed packets to us
### ATM interface options: ###
atm_enable="NO" # Configure ATM interfaces (or NO).
#atm_netif_hea0="atm 1" # Network interfaces for physical interface.
#atm_sigmgr_hea0="uni31" # Signalling manager for physical interface.
#atm_prefix_hea0="ILMI" # NSAP prefix (UNI interfaces only) (or ILMI).
#atm_macaddr_hea0="NO" # Override physical MAC address (or NO).
#atm_arpserver_atm0="0x47.0005.80.999999.9999.9999.9999.999999999999.00" # ATMARP server address (or local).
#atm_scsparp_atm0="NO" # Run SCSP/ATMARP on network interface (or NO).
atm_pvcs="" # Set to PVC list (or leave empty).
atm_arps="" # Set to permanent ARP list (or leave empty).
### ISDN interface options: (see also: /usr/share/examples/isdn) ###
isdn_enable="NO" # Enable the ISDN subsystem (or NO).
isdn_fsdev="NO" # Output device for fullscreen mode (or NO for daemon mode).
isdn_flags="-dn -d0x1f9" # Flags for isdnd
isdn_ttype="cons25" # terminal type for fullscreen mode
isdn_screenflags="NO" # screenflags for ${isdn_fsdev}
isdn_trace="NO" # Enable the ISDN trace subsystem (or NO).
isdn_traceflags="-f /var/tmp/isdntrace0" # Flags for isdntrace
### Miscellaneous network options: ###
icmp_bmcastecho="NO" # respond to broadcast ping packets
### IPv6 options: ###
ipv6_enable="NO" # Set to YES to set up for IPv6.
ipv6_network_interfaces="auto" # List of network interfaces (or "auto").
ipv6_defaultrouter="NO" # Set to IPv6 default gateway (or NO).
#ipv6_defaultrouter="2002:c058:6301::" # Use this for 6to4 (RFC 3068)
ipv6_static_routes="" # Set to static route list (or leave empty).
#ipv6_static_routes="xxx" # An example to set fec0:0000:0000:0006::/64
# route toward loopback interface.
#ipv6_route_xxx="fec0:0000:0000:0006:: -prefixlen 64 ::1"
ipv6_gateway_enable="NO" # Set to YES if this host will be a gateway.
ipv6_router_enable="NO" # Set to YES to enable an IPv6 routing daemon.
ipv6_router="/usr/sbin/route6d" # Name of IPv6 routing daemon.
ipv6_router_flags="" # Flags to IPv6 routing daemon.
#ipv6_router_flags="-l" # Example for route6d with only IPv6 site local
# addrs.
#ipv6_network_interfaces="ed0 ep0" # Examples for router
# or static configuration for end node.
# Choose correct prefix value.
#ipv6_prefix_ed0="fec0:0000:0000:0001 fec0:0000:0000:0002" # Examples for rtr.
#ipv6_prefix_ep0="fec0:0000:0000:0003 fec0:0000:0000:0004" # Examples for rtr.
#ipv6_ifconfig_ed0="fec0:0:0:5::1 prefixlen 64" # Sample manual assign entry
#ipv6_ifconfig_ed0_alias0="fec0:0:0:5::2 prefixlen 64" # Sample alias entry.
ipv6_default_interface="NO" # Default output interface for scoped addrs.
# Now this works only for IPv6 link local
# multicast addrs.
rtadvd_enable="NO" # Set to YES to enable an IPv6 router
# advertisement daemon. If set to YES,
# this router becomes a possible candidate
# IPv6 default router for local subnets.
rtadvd_interfaces="" # Interfaces rtadvd sends RA packets.
mroute6d_enable="NO" # Do IPv6 multicast routing.
mroute6d_program="/usr/local/sbin/pim6dd" # Name of IPv6 multicast
# routing daemon. You need to
# install it from package or
# port.
mroute6d_flags="" # Flags to IPv6 multicast routing daemon.
stf_interface_ipv4addr="" # Local IPv4 addr for 6to4 IPv6 over IPv4
# tunneling interface. Specify this entry
# to enable 6to4 interface.
stf_interface_ipv4plen="0" # Prefix length for 6to4 IPv4 addr,
# to limit peer addr range. Effective value
# is 0-31.
stf_interface_ipv6_ifid="0:0:0:1" # IPv6 interface id for stf0.
# If you like, you can set "AUTO" for this.
stf_interface_ipv6_slaid="0000" # IPv6 Site Level Aggregator for stf0
ipv6_faith_prefix="NO" # Set faith prefix to enable a FAITH
# IPv6-to-IPv4 TCP translator. You also need
# faithd(8) setup.
ipv6_ipv4mapping="YES" # Leave empty to disable IPv4 mapped IPv6 addr
# communication. (like ::ffff:a.b.c.d)
ipv6_firewall_enable="NO" # Set to YES to enable IPv6 firewall
# functionality
ipv6_firewall_script="/etc/rc.firewall6" # Which script to run to set up the IPv6 firewall
ipv6_firewall_type="UNKNOWN" # IPv6 Firewall type (see /etc/rc.firewall6)
ipv6_firewall_quiet="NO" # Set to YES to suppress rule display
ipv6_firewall_logging="NO" # Set to YES to enable events logging
ipv6_firewall_flags="" # Flags passed to ip6fw when type is a file
##############################################################
### System console options #################################
##############################################################
1997-04-28 10:14:45 +00:00
keymap="NO" # keymap in /usr/share/syscons/keymaps/* (or NO).
keyrate="NO" # keyboard rate to: slow, normal, fast (or NO).
keybell="NO" # bell to duration.pitch or normal or visual (or NO).
keychange="NO" # function keys default values (or NO).
cursor="NO" # cursor type {normal|blink|destructive} (or NO).
scrnmap="NO" # screen map in /usr/share/syscons/scrnmaps/* (or NO).
font8x16="NO" # font 8x16 from /usr/share/syscons/fonts/* (or NO).
font8x14="NO" # font 8x14 from /usr/share/syscons/fonts/* (or NO).
font8x8="NO" # font 8x8 from /usr/share/syscons/fonts/* (or NO).
blanktime="300" # blank time (in seconds) or "NO" to turn it off.
saver="NO" # screen saver: Uses /modules/${saver}_saver.ko
moused_enable="NO" # Run the mouse daemon.
moused_type="auto" # See man page for rc.conf(5) for available settings.
moused_port="/dev/psm0" # Set to your mouse port.
moused_flags="" # Any additional flags to moused.
mousechar_start="NO" # if 0xd0-0xd3 default range is occuped in your
# language code table, specify alternative range
# start like mousechar_start=3, see vidcontrol(1)
allscreens_flags="" # Set this vidcontrol mode for all virtual screens
allscreens_kbdflags="" # Set this kbdcontrol mode for all virtual screens
##############################################################
### Miscellaneous administrative options ###################
##############################################################
1997-06-24 22:36:42 +00:00
cron_enable="YES" # Run the periodic job daemon.
cron_program="/usr/sbin/cron" # Which cron executable to run (if enabled).
cron_flags="" # Which options to pass to the cron daemon.
lpd_enable="NO" # Run the line printer daemon.
lpd_program="/usr/sbin/lpd" # path to lpd, if you want a different one.
lpd_flags="" # Flags to lpd (if enabled).
1999-01-10 22:06:22 +00:00
usbd_enable="NO" # Run the usbd daemon.
usbd_flags="" # Flags to usbd (if enabled).
sendmail_enable="NO" # Run the sendmail inbound daemon (YES/NO).
sendmail_flags="-L sm-mta -bd -q30m" # Flags to sendmail (as a server)
sendmail_outbound_enable="YES" # Dequeue stuck mail (YES/NO).
sendmail_outbound_flags="-L sm-queue -q30m" # Flags to sendmail (outbound only)
sendmail_msp_queue_enable="YES" # Dequeue stuck clientmqueue mail (YES/NO).
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q30m"
# Dequeue stuck clientmqueue mail (YES/NO).
sendmail_submit_enable="YES" # Start a localhost-only MTA for mail submission
sendmail_submit_flags="-L sm-mta-submit -bd -q30m -ODaemonPortOptions=Addr=localhost"
# Flags for localhost-only MTA
dumpdev="NO" # Device name to crashdump to (or NO).
dumpdir="/var/crash" # Directory where crash dumps are to be stored
savecore_flags="" # Used if dumpdev is enabled above, and present.
enable_quotas="NO" # turn on quotas on startup (or NO).
check_quotas="YES" # Check quotas on startup (or NO).
accounting_enable="NO" # Turn on process accounting (or NO).
1997-04-28 10:14:45 +00:00
ibcs2_enable="NO" # Ibcs2 (SCO) emulation loaded at startup (or NO).
ibcs2_loaders="coff" # List of additional Ibcs2 loaders (or NO).
sysvipc_enable="NO" # Load System V IPC primitives at startup (or NO).
1999-09-15 02:25:13 +00:00
linux_enable="NO" # Linux binary compatibility loaded at startup (or NO).
svr4_enable="NO" # SysVR4 emulation loaded at startup (or NO).
osf1_enable="NO" # Alpha OSF/1 emulation loaded at startup (or NO).
clear_tmp_enable="NO" # Clear /tmp at startup.
ldconfig_insecure="NO" # Set to YES to disable ldconfig security checks
1999-01-10 22:06:22 +00:00
ldconfig_paths="/usr/lib/compat /usr/X11R6/lib /usr/local/lib"
# shared library search paths
ldconfig_paths_aout="/usr/lib/compat/aout /usr/X11R6/lib/aout /usr/local/lib/aout"
# a.out shared library search paths
kern_securelevel_enable="NO" # kernel security level (see init(8)),
1998-12-16 17:14:16 +00:00
kern_securelevel="-1" # range: -1..3 ; `-1' is the most insecure
update_motd="YES" # update version info in /etc/motd (or NO)
start_vinum="NO" # set to YES to start vinum
unaligned_print="YES" # print unaligned access warnings on the alpha (or NO).
entropy_file="/entropy" # Set to NO to disable caching entropy through reboots.
# /var/db/entropy is preferred if / is not available.
entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron.
entropy_save_sz="2048" # Size of the entropy cache files.
entropy_save_num="8" # Number of entropy cache files to save.
harvest_interrupt="YES" # Entropy device harvests interrupt randomness
harvest_ethernet="YES" # Entropy device harvests ethernet randomness
harvest_p_to_p="YES" # Entropy device harvests point-to-point randomness
##############################################################
### Define source_rc_confs, the mechanism used by /etc/rc.* ##
### scripts to source rc_conf_files overrides safely. ##
##############################################################
if [ -z "${source_rc_confs_defined}" ]; then
source_rc_confs_defined=yes
source_rc_confs () {
local i sourced_files
for i in ${rc_conf_files}; do
case ${sourced_files} in
*:$i:*)
;;
*)
sourced_files="${sourced_files}:$i:"
if [ -r $i ]; then
. $i
fi
;;
esac
done
}
fi