2006-08-09 02:11:42 +04:00
|
|
|
.\" $NetBSD: sysctl.8,v 1.151 2006/08/08 22:11:42 wiz Exp $
|
2004-11-22 01:18:10 +03:00
|
|
|
.\"
|
|
|
|
.\" Copyright (c) 2004 The NetBSD Foundation, Inc.
|
|
|
|
.\" All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
|
|
.\" must display the following acknowledgement:
|
|
|
|
.\" This product includes software developed by the NetBSD
|
|
|
|
.\" Foundation, Inc. and its contributors.
|
|
|
|
.\" 4. Neither the name of The NetBSD Foundation nor the names of its
|
|
|
|
.\" contributors may be used to endorse or promote products derived
|
|
|
|
.\" from this software without specific prior written permission.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
|
|
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
|
|
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
|
|
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
|
|
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
|
|
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
|
|
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
|
|
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
|
|
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
.\" POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
.\"
|
2000-01-17 05:31:50 +03:00
|
|
|
.\"
|
|
|
|
.\" Copyright (c) 1993
|
|
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
2003-08-07 14:04:22 +04:00
|
|
|
.\" 3. Neither the name of the University nor the names of its contributors
|
2000-01-17 05:31:50 +03:00
|
|
|
.\" may be used to endorse or promote products derived from this software
|
|
|
|
.\" without specific prior written permission.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
.\" SUCH DAMAGE.
|
|
|
|
.\"
|
|
|
|
.\" @(#)sysctl.8 8.1 (Berkeley) 6/6/93
|
|
|
|
.\"
|
2006-08-09 02:11:42 +04:00
|
|
|
.Dd August 8, 2006
|
2000-01-17 05:31:50 +03:00
|
|
|
.Dt SYSCTL 8
|
|
|
|
.Os
|
|
|
|
.Sh NAME
|
|
|
|
.Nm sysctl
|
|
|
|
.Nd get or set kernel state
|
|
|
|
.Sh SYNOPSIS
|
|
|
|
.Nm sysctl
|
2004-03-24 21:22:30 +03:00
|
|
|
.Op Fl AdeMn
|
2003-12-30 17:17:41 +03:00
|
|
|
.Oo
|
|
|
|
.Fl r |
|
|
|
|
.Fl x
|
|
|
|
.Oc
|
2003-12-31 04:21:49 +03:00
|
|
|
.Op Ar name ...
|
2000-01-17 05:31:50 +03:00
|
|
|
.Nm sysctl
|
2003-09-21 19:23:55 +04:00
|
|
|
.Op Fl nq
|
2003-12-30 17:17:41 +03:00
|
|
|
.Oo
|
|
|
|
.Fl r |
|
|
|
|
.Fl x
|
|
|
|
.Oc
|
2000-01-17 05:31:50 +03:00
|
|
|
.Fl w
|
2000-10-15 17:21:40 +04:00
|
|
|
.Ar name Ns Li = Ns Ar value ...
|
2000-01-17 05:31:50 +03:00
|
|
|
.Nm sysctl
|
2003-09-21 19:23:55 +04:00
|
|
|
.Op Fl en
|
2003-12-30 17:17:41 +03:00
|
|
|
.Oo
|
|
|
|
.Fl r |
|
|
|
|
.Fl x
|
|
|
|
.Oc
|
2000-04-09 03:18:27 +04:00
|
|
|
.Fl a
|
|
|
|
.Nm sysctl
|
2003-09-21 19:23:55 +04:00
|
|
|
.Op Fl nq
|
2003-12-30 17:17:41 +03:00
|
|
|
.Oo
|
|
|
|
.Fl r |
|
|
|
|
.Fl x
|
|
|
|
.Oc
|
2000-03-13 01:56:48 +03:00
|
|
|
.Fl f
|
|
|
|
.Ar file
|
2000-01-17 05:31:50 +03:00
|
|
|
.Sh DESCRIPTION
|
|
|
|
The
|
|
|
|
.Nm sysctl
|
|
|
|
utility retrieves kernel state and allows processes with
|
|
|
|
appropriate privilege to set kernel state.
|
|
|
|
The state to be retrieved or set is described using a
|
|
|
|
``Management Information Base'' (``MIB'') style name,
|
|
|
|
described as a dotted set of components.
|
2003-12-30 17:17:41 +03:00
|
|
|
The
|
|
|
|
.Sq /
|
|
|
|
character may also be used as a separator and a leading separator
|
|
|
|
character is accepted.
|
|
|
|
If
|
|
|
|
.Ar name
|
|
|
|
specifies a non-leaf node in the MIB, all the nodes underneath
|
|
|
|
.Ar name
|
|
|
|
will be printed.
|
2003-09-17 22:24:47 +04:00
|
|
|
.Pp
|
|
|
|
The following options are available:
|
|
|
|
.Bl -tag -width indent
|
|
|
|
.It Fl A
|
2003-12-30 17:17:41 +03:00
|
|
|
List all the known MIB names including tables, unless any MIB
|
|
|
|
arguments or
|
|
|
|
.Fl f Ar file
|
|
|
|
are given.
|
2000-01-17 05:31:50 +03:00
|
|
|
Those with string or integer values will be printed as with the
|
|
|
|
.Fl a
|
2003-12-30 17:17:41 +03:00
|
|
|
flag; for table or structure values that
|
|
|
|
.Nm
|
|
|
|
is not able to print,
|
2000-01-17 05:31:50 +03:00
|
|
|
the name of the utility to retrieve them is given.
|
2003-12-30 17:17:41 +03:00
|
|
|
Errors in retrieving or setting values will be directed to stdout
|
|
|
|
instead of stderr.
|
2003-10-15 23:58:24 +04:00
|
|
|
.It Fl a
|
|
|
|
List all the currently available string or integer values.
|
2003-12-30 17:17:41 +03:00
|
|
|
The use of a solitary separator character (either
|
|
|
|
.Sq \&.
|
|
|
|
or
|
|
|
|
.Sq / )
|
|
|
|
by
|
|
|
|
itself has the same effect.
|
|
|
|
Any given
|
|
|
|
.Ar name
|
|
|
|
arguments are ignored if this option is specified.
|
2004-03-24 21:22:30 +03:00
|
|
|
.It Fl d
|
|
|
|
Descriptions of each of the nodes selected will be printed instead of
|
|
|
|
their values.
|
2003-09-20 21:02:17 +04:00
|
|
|
.It Fl e
|
|
|
|
Separate the name and the value of the variable(s) with
|
|
|
|
.Ql = .
|
|
|
|
This is useful for producing output which can be fed back to the
|
|
|
|
.Nm
|
|
|
|
utility.
|
|
|
|
This option is ignored if
|
|
|
|
.Fl n
|
|
|
|
is specified or a variable is being set.
|
2003-09-17 22:24:47 +04:00
|
|
|
.It Fl f
|
|
|
|
Specifies the name of a file to read and process.
|
2002-10-03 19:41:44 +04:00
|
|
|
Blank lines and comments (beginning with
|
2000-10-15 17:21:40 +04:00
|
|
|
.Ql # )
|
2002-10-03 19:41:44 +04:00
|
|
|
are ignored.
|
|
|
|
Line continuations with
|
2000-10-15 17:40:53 +04:00
|
|
|
.Ql \e
|
2002-10-03 19:41:44 +04:00
|
|
|
are permitted.
|
|
|
|
Remaining lines are processed similarly to
|
2000-03-13 01:56:48 +03:00
|
|
|
command line arguments of the form
|
|
|
|
.Ar name
|
|
|
|
or
|
2000-10-15 17:21:40 +04:00
|
|
|
.Ar name Ns Li = Ns Ar value .
|
2000-03-13 01:56:48 +03:00
|
|
|
The
|
|
|
|
.Fl w
|
|
|
|
flag is implied by
|
|
|
|
.Fl f .
|
2003-12-30 17:17:41 +03:00
|
|
|
Any
|
|
|
|
.Ar name
|
|
|
|
arguments are ignored.
|
|
|
|
.It Fl M
|
|
|
|
Makes
|
|
|
|
.Nm
|
|
|
|
print the MIB instead of any of the actual values contained in the
|
|
|
|
MIB.
|
|
|
|
This causes the entire MIB to be printed unless specific MIB arguments
|
|
|
|
or
|
|
|
|
.Fl f Ar file
|
|
|
|
are also given.
|
2003-09-17 22:24:47 +04:00
|
|
|
.It Fl n
|
|
|
|
Specifies that the printing of the field name should be
|
|
|
|
suppressed and that only its value should be output.
|
|
|
|
This flag is useful for setting shell variables.
|
|
|
|
For example, to save the pagesize in variable psize, use:
|
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
set psize=`sysctl -n hw.pagesize`
|
|
|
|
.Ed
|
|
|
|
.It Fl q
|
|
|
|
Used to indicate that nothing should be printed for writes unless an
|
|
|
|
error is detected.
|
2003-12-30 17:17:41 +03:00
|
|
|
.It Fl r
|
|
|
|
Raw output form.
|
|
|
|
Values printed are in their raw binary forms as retrieved directly
|
|
|
|
from the kernel.
|
|
|
|
Some additional nodes that
|
|
|
|
.Nm
|
|
|
|
cannot print directly can be retrieved with this flag.
|
|
|
|
This option conflicts with the
|
|
|
|
.Fl x
|
|
|
|
option.
|
2003-09-17 22:24:47 +04:00
|
|
|
.It Fl w
|
|
|
|
Sets the MIB style name given to the value given.
|
|
|
|
The MIB style name and value must be separated by
|
|
|
|
.Ql =
|
|
|
|
with no whitespace.
|
2003-12-30 17:17:41 +03:00
|
|
|
Only integral and string values can be set via this method.
|
|
|
|
.It Fl x
|
|
|
|
Makes
|
|
|
|
.Nm
|
|
|
|
print the requested value in a hexadecimal representation instead of
|
|
|
|
its regular form.
|
|
|
|
If specified more than once, the output for each value resembles that of
|
|
|
|
.Xr hexdump 1
|
|
|
|
when given the
|
|
|
|
.Fl C
|
|
|
|
flag.
|
|
|
|
This option conflicts with the
|
|
|
|
.Fl r
|
|
|
|
option.
|
2000-03-13 01:56:48 +03:00
|
|
|
.Pp
|
2003-09-17 22:24:47 +04:00
|
|
|
.El
|
2000-10-15 17:21:40 +04:00
|
|
|
The
|
|
|
|
.Ql proc
|
|
|
|
top-level MIB has a special semantic: it represent per-process values
|
2002-10-03 19:41:44 +04:00
|
|
|
and as such may differ from one process to another.
|
|
|
|
The second-level name is the pid of the process (in decimal form),
|
|
|
|
or the special word
|
2000-10-15 17:21:40 +04:00
|
|
|
.Ql curproc .
|
|
|
|
For variables below
|
2003-07-04 17:32:13 +04:00
|
|
|
.Ql proc. Ns Ao pid Ac Ns .rlimit ,
|
2000-10-15 17:21:40 +04:00
|
|
|
the integer value may be replaced
|
|
|
|
with the string
|
|
|
|
.Ql unlimited
|
|
|
|
if it matches the magic value used to disable
|
2000-01-17 05:31:50 +03:00
|
|
|
a limit.
|
|
|
|
.Pp
|
|
|
|
The information available from
|
|
|
|
.Nm sysctl
|
|
|
|
consists of integers, strings, and tables.
|
|
|
|
The tabular information can only be retrieved by special
|
|
|
|
purpose programs such as
|
|
|
|
.Nm ps ,
|
|
|
|
.Nm systat ,
|
|
|
|
and
|
|
|
|
.Nm netstat .
|
|
|
|
The string and integer information is summarized below.
|
|
|
|
For a detailed description of these variable see
|
|
|
|
.Xr sysctl 3 .
|
|
|
|
The changeable column indicates whether a process with appropriate
|
|
|
|
privilege can change the value.
|
2002-10-01 18:57:46 +04:00
|
|
|
.Bl -column proc.xpidx.rlimit.coredumpsize.hardxxxxxx integerxxx
|
2000-01-17 05:31:50 +03:00
|
|
|
.It Sy Name Type Changeable
|
2005-11-27 16:12:03 +03:00
|
|
|
.It ddb.commandonenter string yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It ddb.fromconsole integer yes
|
2003-12-30 17:17:41 +03:00
|
|
|
.It ddb.lines integer yes
|
|
|
|
.It ddb.maxoff integer yes
|
|
|
|
.It ddb.maxwidth integer yes
|
|
|
|
.It ddb.onpanic integer yes
|
|
|
|
.It ddb.radix integer yes
|
|
|
|
.It ddb.tabstops integer yes
|
2006-01-14 13:33:11 +03:00
|
|
|
.It ddb.tee_msgbuf integer yes
|
2000-02-27 09:13:35 +03:00
|
|
|
.It hw.alignbytes integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It hw.byteorder integer no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It hw.cnmagic integer yes
|
2002-01-27 16:04:21 +03:00
|
|
|
.It hw.disknames string no
|
|
|
|
.It hw.diskstats struct no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It hw.machine string no
|
|
|
|
.It hw.machine_arch string no
|
|
|
|
.It hw.model string no
|
|
|
|
.It hw.ncpu integer no
|
|
|
|
.It hw.pagesize integer no
|
|
|
|
.It hw.physmem integer no
|
2003-12-30 17:17:41 +03:00
|
|
|
.It hw.physmem64 quad no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It hw.usermem integer no
|
2003-12-30 17:17:41 +03:00
|
|
|
.It hw.usermem64 quad no
|
2000-01-17 05:31:50 +03:00
|
|
|
.It kern.argmax integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.autonicetime integer yes
|
|
|
|
.It kern.autoniceval integer yes
|
|
|
|
.It kern.boottime struct no
|
2005-10-16 03:05:45 +04:00
|
|
|
.It kern.bufq.strategies string no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.ccpu integer no
|
2000-01-17 05:31:50 +03:00
|
|
|
.It kern.clockrate struct no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.consdev integer no
|
2006-07-15 01:55:19 +04:00
|
|
|
.It kern.coredump node not applicable
|
|
|
|
.It kern.coredump.setid node not applicable
|
|
|
|
.It kern.coredump.setid.dump integer yes
|
|
|
|
.It kern.coredump.setid.group integer yes
|
|
|
|
.It kern.coredump.setid.mode integer yes
|
|
|
|
.It kern.coredump.setid.owner integer yes
|
|
|
|
.It kern.coredump.setid.path string yes
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.cp_id struct no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.cp_time struct no
|
2006-03-06 03:51:48 +03:00
|
|
|
.It kern.cryptodevallowsoft int yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.defcorename string yes
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.domainname string yes
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.dump_on_panic integer yes
|
2003-09-27 23:07:12 +04:00
|
|
|
.It kern.drivers struct no
|
2006-01-14 14:52:20 +03:00
|
|
|
.It kern.file struct no
|
2002-12-11 22:14:34 +03:00
|
|
|
.It kern.forkfsleep integer yes
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.fscale integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.fsync integer no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.hardclock_ticks integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.hostid integer yes
|
|
|
|
.It kern.hostname string yes
|
|
|
|
.It kern.iov_max integer no
|
2000-01-17 05:31:50 +03:00
|
|
|
.It kern.job_control integer no
|
2002-12-11 15:59:29 +03:00
|
|
|
.It kern.labeloffset integer no
|
|
|
|
.It kern.labelsector integer no
|
2000-10-26 11:35:56 +04:00
|
|
|
.It kern.login_name_max integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.logsigexit integer yes
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.mapped_files integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.maxfiles integer yes
|
|
|
|
.It kern.maxpartitions integer no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.maxphys integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.maxproc integer yes
|
2000-10-26 11:35:56 +04:00
|
|
|
.It kern.maxptys integer yes, special
|
2000-09-09 21:06:34 +04:00
|
|
|
.It kern.maxvnodes integer raise only
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.mbuf.mblowat integer yes
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.mbuf.mclbytes integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.mbuf.mcllowat integer yes
|
|
|
|
.It kern.mbuf.mclsize integer no
|
|
|
|
.It kern.mbuf.msize integer no
|
|
|
|
.It kern.mbuf.nmbclusters integer raise only
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.memlock integer no
|
|
|
|
.It kern.memlock_range integer no
|
|
|
|
.It kern.memory_protection integer no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.monotonic_clock integer no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.msgbuf integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.msgbufsize integer no
|
|
|
|
.It kern.ngroups integer no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.ntptime struct no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.osrelease string no
|
|
|
|
.It kern.osrevision integer no
|
|
|
|
.It kern.ostype string no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.pipe.kvasize integer no
|
|
|
|
.It kern.pipe.maxbigpipes integer yes
|
2001-06-16 16:00:02 +04:00
|
|
|
.It kern.pipe.maxkvasz integer yes
|
|
|
|
.It kern.pipe.maxloankvasz integer yes
|
|
|
|
.It kern.pipe.nbigpipes integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.posix1version integer no
|
2003-02-02 23:33:05 +03:00
|
|
|
.It kern.posix_barriers integer no
|
|
|
|
.It kern.posix_reader_writer_locks integer no
|
|
|
|
.It kern.posix_semaphores integer no
|
|
|
|
.It kern.posix_spin_locks integer no
|
|
|
|
.It kern.posix_threads integer no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.posix_timers integer no
|
|
|
|
.It kern.proc struct no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.proc2 struct no
|
|
|
|
.It kern.proc_args string yes
|
2006-01-14 14:52:20 +03:00
|
|
|
.It kern.prof node not applicable
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.rawpartition integer no
|
2003-09-27 22:57:05 +04:00
|
|
|
.It kern.root_device string no
|
|
|
|
.It kern.root_partition integer no
|
2004-12-26 19:57:09 +03:00
|
|
|
.It kern.rtc_offset integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.saved_ids integer no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.sbmax integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.securelevel integer raise only
|
2003-07-04 00:15:28 +04:00
|
|
|
.It kern.somaxkva integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.synchronized_io integer no
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.sysvipc_info struct no
|
2000-01-17 05:31:50 +03:00
|
|
|
.It kern.sysvmsg integer no
|
|
|
|
.It kern.sysvsem integer no
|
|
|
|
.It kern.sysvshm integer no
|
2006-08-08 23:47:44 +04:00
|
|
|
.It kern.timecounter.choice string no
|
|
|
|
.It kern.timecounter.hardware string yes
|
|
|
|
.It kern.timecounter.timestepwarnings integer yes
|
2003-02-01 03:42:03 +03:00
|
|
|
.It kern.timex struct no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.tkstat.cancc quad no
|
2002-01-28 05:07:01 +03:00
|
|
|
.It kern.tkstat.nin quad no
|
|
|
|
.It kern.tkstat.nout quad no
|
|
|
|
.It kern.tkstat.rawcc quad no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It kern.urandom integer no
|
2006-03-06 03:51:48 +03:00
|
|
|
.It kern.userasymcrypto int yes
|
|
|
|
.It kern.usercrypto int yes
|
2005-05-20 00:16:19 +04:00
|
|
|
.It kern.veriexec.verbose integer yes
|
|
|
|
.It kern.veriexec.strict integer raise only
|
2005-05-20 23:52:52 +04:00
|
|
|
.It kern.veriexec.algorithms string no
|
okay, since there was no way to divide this to two commits, here it goes..
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
2006-07-14 22:41:40 +04:00
|
|
|
.It kern.veriexec.count.table\*[Lt]N\*[Gt] quad no
|
|
|
|
.It kern.veriexec.count.table\*[Lt]N\*[Gt].mntpt string no
|
|
|
|
.It kern.veriexec.count.table\*[Lt]N\*[Gt].fstype string no
|
|
|
|
.It kern.veriexec.count.table\*[Lt]N\*[Gt].nentries quad no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It kern.version string no
|
2006-01-14 14:52:20 +03:00
|
|
|
.It kern.vnode struct no
|
2000-01-17 05:31:50 +03:00
|
|
|
.It machdep.console_device dev_t no
|
2004-01-22 06:50:18 +03:00
|
|
|
.It net.bpf.maxbufsize integer yes
|
2005-08-05 00:10:24 +04:00
|
|
|
.It net.bpf.stats struct no
|
|
|
|
.It net.bpf.peers struct no
|
2004-04-28 18:15:10 +04:00
|
|
|
.It net.inet.arp.prune integer yes
|
|
|
|
.It net.inet.arp.keep integer yes
|
|
|
|
.It net.inet.arp.down integer yes
|
|
|
|
.It net.inet.arp.refresh integer yes
|
2006-05-29 23:11:16 +04:00
|
|
|
.It net.inet.carp.allow integer yes
|
|
|
|
.It net.inet.carp.arpbalance integer yes
|
|
|
|
.It net.inet.carp.log integer yes
|
|
|
|
.It net.inet.carp.preempt integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.icmp.maskrepl integer yes
|
2000-07-10 13:34:38 +04:00
|
|
|
.It net.inet.icmp.errppslimit integer yes
|
2001-10-30 09:43:21 +03:00
|
|
|
.It net.inet.icmp.rediraccept integer yes
|
|
|
|
.It net.inet.icmp.redirtimeout integer yes
|
2006-01-13 21:45:47 +03:00
|
|
|
.It net.inet.icmp.returndatabytes integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.ip.allowsrcrt integer yes
|
|
|
|
.It net.inet.ip.anonportmax integer yes
|
|
|
|
.It net.inet.ip.anonportmin integer yes
|
2003-04-12 08:32:54 +04:00
|
|
|
.It net.inet.ip.checkinterface integer yes
|
2003-12-30 17:17:41 +03:00
|
|
|
.It net.inet.ip.directed-broadcast integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.ip.do_loopback_cksum integer yes
|
2000-01-17 05:31:50 +03:00
|
|
|
.It net.inet.ip.forwarding integer yes
|
|
|
|
.It net.inet.ip.forwsrcrt integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.ip.gifttl integer yes
|
|
|
|
.It net.inet.ip.grettl integer yes
|
|
|
|
.It net.inet.ip.hostzerobroadcast integer yes
|
|
|
|
.It net.inet.ip.maxfragpackets integer yes
|
2000-08-26 15:00:41 +04:00
|
|
|
.It net.inet.ip.lowportmax integer yes
|
|
|
|
.It net.inet.ip.lowportmin integer yes
|
2000-01-17 05:31:50 +03:00
|
|
|
.It net.inet.ip.mtudisc integer yes
|
|
|
|
.It net.inet.ip.mtudisctimeout integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.ip.random_id integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.ip.redirect integer yes
|
|
|
|
.It net.inet.ip.subnetsarelocal integer yes
|
|
|
|
.It net.inet.ip.ttl integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.ip.ifq.drops integer no
|
|
|
|
.It net.inet.ip.ifq.len integer no
|
|
|
|
.It net.inet.ip.ifq.maxlen integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.ipsec.ah_cleartos integer yes
|
|
|
|
.It net.inet.ipsec.ah_net_deflev integer yes
|
|
|
|
.It net.inet.ipsec.ah_offsetmask integer yes
|
|
|
|
.It net.inet.ipsec.ah_trans_deflev integer yes
|
|
|
|
.It net.inet.ipsec.def_policy integer yes
|
|
|
|
.It net.inet.ipsec.dfbit integer yes
|
|
|
|
.It net.inet.ipsec.ecn integer yes
|
|
|
|
.It net.inet.ipsec.esp_net_deflev integer yes
|
|
|
|
.It net.inet.ipsec.esp_trans_deflev integer yes
|
|
|
|
.It net.inet.ipsec.inbound_call_ike integer yes
|
|
|
|
.It net.inet.tcp.ack_on_push integer yes
|
2000-01-17 05:31:50 +03:00
|
|
|
.It net.inet.tcp.compat_42 integer yes
|
|
|
|
.It net.inet.tcp.cwm integer yes
|
|
|
|
.It net.inet.tcp.cwm_burstsize integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.tcp.delack_ticks integer yes
|
|
|
|
.It net.inet.tcp.do_lookback_cksum integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.tcp.init_win integer yes
|
2003-03-01 07:43:42 +03:00
|
|
|
.It net.inet.tcp.init_win_local integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.tcp.keepcnt integer yes
|
2000-01-17 05:31:50 +03:00
|
|
|
.It net.inet.tcp.keepidle integer yes
|
|
|
|
.It net.inet.tcp.keepintvl integer yes
|
|
|
|
.It net.inet.tcp.log_refused integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.tcp.mss_ifmtu integer yes
|
|
|
|
.It net.inet.tcp.mssdflt integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.tcp.newreno integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.tcp.recvspace integer yes
|
|
|
|
.It net.inet.tcp.rfc1323 integer yes
|
2000-07-27 15:37:46 +04:00
|
|
|
.It net.inet.tcp.rstppslimit integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.tcp.sack.enable integer yes
|
|
|
|
.It net.inet.tcp.sack.globalholes integer no
|
|
|
|
.It net.inet.tcp.sack.globalmaxholes integer yes
|
|
|
|
.It net.inet.tcp.sack.maxholes integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.tcp.sendspace integer yes
|
|
|
|
.It net.inet.tcp.slowhz integer no
|
|
|
|
.It net.inet.tcp.syn_bucket_limit integer yes
|
|
|
|
.It net.inet.tcp.syn_cache_interval integer yes
|
|
|
|
.It net.inet.tcp.syn_cache_limit integer yes
|
|
|
|
.It net.inet.tcp.timestamps integer yes
|
|
|
|
.It net.inet.tcp.win_scale integer yes
|
2003-04-20 01:55:48 +04:00
|
|
|
.It net.inet.tcp.ident struct no
|
2005-09-06 07:22:58 +04:00
|
|
|
.It net.inet.tcp.debug struct no
|
|
|
|
.It net.inet.tcp.debx integer no
|
2000-01-17 05:31:50 +03:00
|
|
|
.It net.inet.udp.checksum integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet.udp.do_loopback_cksum integer yes
|
2000-01-17 05:31:50 +03:00
|
|
|
.It net.inet.udp.recvspace integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet.udp.sendspace integer yes
|
2005-09-06 07:22:58 +04:00
|
|
|
.It net.ns.spp.debug struct yes
|
|
|
|
.It net.ns.spp.debx integer yes
|
2000-07-09 17:31:14 +04:00
|
|
|
.It net.inet6.icmp6.errppslimit integer yes
|
2000-12-21 04:10:52 +03:00
|
|
|
.It net.inet6.icmp6.mtudisc_hiwat integer yes
|
|
|
|
.It net.inet6.icmp6.mtudisc_lowat integer yes
|
2001-02-07 11:59:47 +03:00
|
|
|
.It net.inet6.icmp6.nd6_debug integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet6.icmp6.nd6_delay integer yes
|
2000-07-09 17:31:14 +04:00
|
|
|
.It net.inet6.icmp6.nd6_maxnudhint integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet6.icmp6.nd6_mmaxtries integer yes
|
|
|
|
.It net.inet6.icmp6.nd6_prune integer yes
|
|
|
|
.It net.inet6.icmp6.nd6_umaxtries integer yes
|
|
|
|
.It net.inet6.icmp6.nd6_useloopback integer yes
|
|
|
|
.It net.inet6.icmp6.nodeinfo integer yes
|
|
|
|
.It net.inet6.icmp6.rediraccept integer yes
|
|
|
|
.It net.inet6.icmp6.redirtimeout integer yes
|
|
|
|
.It net.inet6.ip6.accept_rtadv integer yes
|
2000-08-26 15:03:45 +04:00
|
|
|
.It net.inet6.ip6.anonportmax integer yes
|
|
|
|
.It net.inet6.ip6.anonportmin integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet6.ip6.auto_flowlabel integer yes
|
|
|
|
.It net.inet6.ip6.dad_count integer yes
|
|
|
|
.It net.inet6.ip6.defmcasthlim integer yes
|
|
|
|
.It net.inet6.ip6.forwarding integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet6.ip6.gifhlim integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet6.ip6.hdrnestlimit integer yes
|
|
|
|
.It net.inet6.ip6.hlim integer yes
|
|
|
|
.It net.inet6.ip6.kame_version string no
|
|
|
|
.It net.inet6.ip6.keepfaith integer yes
|
|
|
|
.It net.inet6.ip6.log_interval integer yes
|
2000-08-26 15:03:45 +04:00
|
|
|
.It net.inet6.ip6.lowportmax integer yes
|
|
|
|
.It net.inet6.ip6.lowportmin integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet6.ip6.maxfragpackets integer yes
|
2002-05-28 07:17:26 +04:00
|
|
|
.It net.inet6.ip6.maxfrags integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet6.ip6.redirect integer yes
|
|
|
|
.It net.inet6.ip6.rr_prune integer yes
|
|
|
|
.It net.inet6.ip6.use_deprecated integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet6.ip6.v6only integer yes
|
|
|
|
.It net.inet6.ip6.ifq.drops integer no
|
|
|
|
.It net.inet6.ip6.ifq.len integer no
|
|
|
|
.It net.inet6.ip6.ifq.maxlen integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.inet6.ipsec6.ah_net_deflev integer yes
|
|
|
|
.It net.inet6.ipsec6.ah_trans_deflev integer yes
|
|
|
|
.It net.inet6.ipsec6.def_policy integer yes
|
|
|
|
.It net.inet6.ipsec6.ecn integer yes
|
|
|
|
.It net.inet6.ipsec6.esp_net_deflev integer yes
|
|
|
|
.It net.inet6.ipsec6.esp_trans_deflev integer yes
|
|
|
|
.It net.inet6.ipsec6.inbound_call_ike integer yes
|
2006-01-13 21:37:06 +03:00
|
|
|
.It net.inet6.udp6.do_loopback_cksum integer yes
|
2000-01-17 05:31:50 +03:00
|
|
|
.It net.inet6.udp6.recvspace integer yes
|
2000-05-23 16:35:34 +04:00
|
|
|
.It net.inet6.udp6.sendspace integer yes
|
2002-05-19 12:12:55 +04:00
|
|
|
.It net.key.ah_keymin integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.key.debug integer yes
|
2002-05-19 12:12:55 +04:00
|
|
|
.It net.key.esp_auth integer yes
|
|
|
|
.It net.key.esp_keymin integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It net.key.kill_int integer yes
|
|
|
|
.It net.key.spi_max_value integer yes
|
|
|
|
.It net.key.spi_min_value integer yes
|
|
|
|
.It net.key.spi_try integer yes
|
2002-02-08 04:21:55 +03:00
|
|
|
.It proc.\*[Lt]pid\*[Gt].corename string yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.soft integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.soft integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.soft integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.soft integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.soft integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.soft integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.soft integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.hard integer yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.soft integer yes
|
2002-11-07 03:22:28 +03:00
|
|
|
.It proc.\*[Lt]pid\*[Gt].stopexec int yes
|
|
|
|
.It proc.\*[Lt]pid\*[Gt].stopfork int yes
|
2005-10-04 02:22:10 +04:00
|
|
|
.It security.curtain integer yes
|
2006-05-16 04:08:24 +04:00
|
|
|
.It security.pax.mprotect.enabled integer yes
|
|
|
|
.It security.pax.mprotect.global_protection integer yes
|
2000-01-17 05:31:50 +03:00
|
|
|
.It user.bc_base_max integer no
|
|
|
|
.It user.bc_dim_max integer no
|
|
|
|
.It user.bc_scale_max integer no
|
|
|
|
.It user.bc_string_max integer no
|
|
|
|
.It user.coll_weights_max integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It user.cs_path string no
|
2000-01-17 05:31:50 +03:00
|
|
|
.It user.expr_nest_max integer no
|
|
|
|
.It user.line_max integer no
|
|
|
|
.It user.posix2_c_bind integer no
|
|
|
|
.It user.posix2_c_dev integer no
|
|
|
|
.It user.posix2_char_term integer no
|
|
|
|
.It user.posix2_fort_dev integer no
|
|
|
|
.It user.posix2_fort_run integer no
|
|
|
|
.It user.posix2_localedef integer no
|
|
|
|
.It user.posix2_sw_dev integer no
|
|
|
|
.It user.posix2_upe integer no
|
2000-02-06 10:31:23 +03:00
|
|
|
.It user.posix2_version integer no
|
|
|
|
.It user.re_dup_max integer no
|
2002-02-08 04:21:55 +03:00
|
|
|
.It vendor.\*[Lt]vendor\*[Gt].* ? vendor specific
|
2001-03-09 04:02:10 +03:00
|
|
|
.It vfs.generic.usermount integer yes
|
2004-11-22 01:18:10 +03:00
|
|
|
.It vfs.generic.fstypes string yes
|
|
|
|
.It vfs.ffs.doasyncfree integer yes
|
|
|
|
.It vfs.ffs.log_changeopt integer yes
|
2002-05-30 03:30:50 +04:00
|
|
|
.It vfs.nfs.iothreads integer yes
|
2004-11-22 01:18:10 +03:00
|
|
|
.It vfs.cd9660.utf8_joliet integer yes
|
2005-09-21 23:08:44 +04:00
|
|
|
.It vfs.sync.delay integer yes
|
|
|
|
.It vfs.sync.filedelay integer yes
|
|
|
|
.It vfs.sync.dirdelay integer yes
|
2005-09-23 23:58:28 +04:00
|
|
|
.It vfs.sync.metadelay integer yes
|
2001-12-24 03:49:36 +03:00
|
|
|
.It vm.anonmax integer yes
|
2001-03-09 04:02:10 +03:00
|
|
|
.It vm.anonmin integer yes
|
2004-10-15 12:47:16 +04:00
|
|
|
.It vm.bufcache integer yes
|
|
|
|
.It vm.bufmem integer no
|
|
|
|
.It vm.bufmem_hiwater integer yes
|
2006-01-14 13:33:11 +03:00
|
|
|
.It vm.bufmem_lowater integer yes
|
2001-12-24 03:49:36 +03:00
|
|
|
.It vm.execmax integer yes
|
|
|
|
.It vm.execmin integer yes
|
|
|
|
.It vm.filemax integer yes
|
|
|
|
.It vm.filemin integer yes
|
2005-12-13 13:07:21 +03:00
|
|
|
.It vm.idlezero integer yes
|
2006-01-14 13:33:11 +03:00
|
|
|
.It vm.inactivepct integer yes
|
2000-02-06 10:31:23 +03:00
|
|
|
.It vm.loadavg struct no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It vm.maxslp integer no
|
2001-03-09 04:02:10 +03:00
|
|
|
.It vm.nkmempages integer no
|
2006-01-14 13:33:11 +03:00
|
|
|
.It vm.uspace integer no
|
2001-03-09 04:02:10 +03:00
|
|
|
.It vm.uvmexp struct no
|
|
|
|
.It vm.uvmexp2 struct no
|
|
|
|
.It vm.vmmeter struct no
|
2000-01-17 05:31:50 +03:00
|
|
|
.El
|
2001-01-10 06:03:02 +03:00
|
|
|
.Pp
|
|
|
|
Entries found under
|
2003-07-04 17:32:13 +04:00
|
|
|
.Dq vendor. Ns Aq vendor
|
2001-01-10 06:03:02 +03:00
|
|
|
are left to be specified (and used) by vendors
|
2001-10-30 10:28:22 +03:00
|
|
|
using the
|
|
|
|
.Nx
|
|
|
|
operating system in their products.
|
|
|
|
Values and structure are vendor-defined, and no registry
|
2001-01-27 00:13:23 +03:00
|
|
|
exists right now.
|
2003-12-30 17:17:41 +03:00
|
|
|
.Sh CREATION AND DELETION
|
|
|
|
New nodes are allowed to be created by the superuser when the kernel
|
|
|
|
is running at security level 0.
|
|
|
|
These new nodes may refer to existing kernel data or to new data that
|
|
|
|
is only instrumented by
|
|
|
|
.Xr sysctl 3
|
|
|
|
itself.
|
|
|
|
.Pp
|
|
|
|
The syntax for creating new nodes is
|
|
|
|
.Dq //create=new.node.path
|
|
|
|
followed by one or more of the following attributes separated by
|
|
|
|
commas.
|
|
|
|
The use of a double separator (both
|
|
|
|
.Sq /
|
|
|
|
and
|
|
|
|
.Sq \&.
|
|
|
|
can be used as
|
|
|
|
separators) as the prefix tells sysctl that the first series of tokens
|
|
|
|
is not a MIB name, but a command.
|
|
|
|
It is recommended that the double separator preceding the command not
|
|
|
|
be the same as the separator used in naming the MIB entry so as to
|
|
|
|
avoid possible parse conflicts.
|
|
|
|
The
|
|
|
|
.Dq value
|
|
|
|
assigned, if one is given, must be last.
|
|
|
|
.Pp
|
|
|
|
.Bl -bullet -compact
|
|
|
|
.It
|
|
|
|
.Ar type= Ns Aq Ar T
|
|
|
|
where
|
|
|
|
.Ar T
|
|
|
|
must be one of
|
|
|
|
.Dq node ,
|
|
|
|
.Dq int ,
|
|
|
|
.Dq string ,
|
|
|
|
.Dq quad ,
|
|
|
|
or
|
|
|
|
.Dq struct .
|
|
|
|
If the type is omitted, the
|
|
|
|
.Dq node
|
|
|
|
type is assumed.
|
|
|
|
.It
|
2004-01-08 06:44:48 +03:00
|
|
|
.Ar size= Ns Aq Ar S
|
2003-12-30 17:17:41 +03:00
|
|
|
here,
|
|
|
|
.Ar S
|
|
|
|
asserts the size of the new node.
|
|
|
|
Nodes of type
|
|
|
|
.Dq node
|
|
|
|
should not have a size set.
|
|
|
|
The size may be omitted for nodes of types
|
|
|
|
.Dq int
|
|
|
|
or
|
|
|
|
.Dq quad .
|
|
|
|
If the size is omitted for a node of type
|
|
|
|
.Dq string ,
|
|
|
|
the size will be determined by the length of the given value, or by
|
|
|
|
the kernel for kernel strings.
|
|
|
|
Nodes of type
|
|
|
|
.Dq struct
|
|
|
|
must have their size explicitly set.
|
|
|
|
.It
|
|
|
|
.Ar addr= Ns Aq Ar A
|
|
|
|
or
|
|
|
|
.Ar symbol= Ns Aq Ar A
|
|
|
|
The kernel address of the data being instrumented.
|
|
|
|
If
|
|
|
|
.Dq symbol
|
|
|
|
is used, the symbol must be globally visible to the in-kernel
|
|
|
|
.Xr ksyms 4
|
|
|
|
driver.
|
|
|
|
.It
|
|
|
|
.Ar n= Ns Aq Ar N
|
|
|
|
The MIB number to be assigned to the new node.
|
|
|
|
If no number is specified, the kernel will assign a value.
|
|
|
|
.It
|
|
|
|
.Ar flags= Ns Aq Ar F
|
|
|
|
A concatenated string of single letters that govern the behavior of
|
|
|
|
the node.
|
|
|
|
Flags currently available are:
|
|
|
|
.Bl -tag -width www
|
|
|
|
.It a
|
|
|
|
Allow anyone to write to the node, if it is writable.
|
|
|
|
.It h
|
|
|
|
.Dq Hidden .
|
|
|
|
.Nm
|
|
|
|
must be invoked with
|
|
|
|
.Fl A
|
|
|
|
or the hidden node must be specifically requested in order to see it
|
|
|
|
.It i
|
|
|
|
.Dq Immediate .
|
|
|
|
Makes the node store data in itself, rather than allocating new space
|
|
|
|
for it.
|
|
|
|
This is the default for nodes of type
|
|
|
|
.Dq int
|
|
|
|
and
|
|
|
|
.Dq quad .
|
|
|
|
This is the opposite of owning data.
|
|
|
|
.It o
|
|
|
|
.Dq Own .
|
|
|
|
When the node is created, separate space will be allocated to store
|
|
|
|
the data to be instrumented.
|
|
|
|
This is the default for nodes of type
|
|
|
|
.Dq string
|
|
|
|
and
|
|
|
|
.Dq struct
|
|
|
|
where it is not possible to guarantee sufficient space to store the
|
|
|
|
data in the node itself.
|
|
|
|
.It p
|
|
|
|
.Dq Private .
|
|
|
|
Nodes that are marked private, and children of nodes so marked, are
|
|
|
|
only viewable by the superuser.
|
|
|
|
Be aware that the immediate data that some nodes may store is not
|
|
|
|
necessarily protected by this.
|
|
|
|
.It x
|
|
|
|
.Dq Hexadecimal .
|
|
|
|
Make
|
|
|
|
.Nm
|
|
|
|
default to hexadecimal display of the retrieved value
|
|
|
|
.It r
|
|
|
|
.Dq Read-only .
|
|
|
|
The data instrumented by the given node is read-only.
|
|
|
|
Note that other mechanisms may still exist for changing the data.
|
|
|
|
This is the default for nodes that instrument data.
|
|
|
|
.It w
|
|
|
|
.Dq Writable .
|
|
|
|
The data instrumented by the given node is writable at any time.
|
|
|
|
This is the default for nodes that can have children.
|
|
|
|
.It 1
|
|
|
|
.Dq Read-only at securelevel 1 .
|
|
|
|
The data instrumented by this node is writable until the securelevel
|
|
|
|
reaches or passes securelevel 1.
|
|
|
|
Examples of this include some network tunables.
|
|
|
|
.It 2
|
|
|
|
.Dq Read-only at securelevel 2 .
|
|
|
|
The data instrumented by this node is writable until the securelevel
|
|
|
|
reaches or passes securelevel 2.
|
|
|
|
An example of this is the per-process core filename setting.
|
|
|
|
.El
|
|
|
|
.Pp
|
|
|
|
.It
|
|
|
|
.Ar value= Ns Aq Ar V
|
|
|
|
An initial starting value for a new node that does not reference
|
|
|
|
existing kernel data.
|
|
|
|
Initial values can only be assigned for nodes of the
|
|
|
|
.Dq int ,
|
|
|
|
.Dq quad ,
|
|
|
|
and
|
|
|
|
.Dq string
|
|
|
|
types.
|
|
|
|
.El
|
|
|
|
.Pp
|
|
|
|
New nodes must fit the following set of criteria:
|
|
|
|
.Pp
|
|
|
|
.Bl -bullet -compact
|
|
|
|
.It
|
|
|
|
If the new node is to address an existing kernel object, only one of the
|
|
|
|
.Dq symbol
|
|
|
|
or
|
|
|
|
.Dq addr
|
|
|
|
arguments may be given.
|
|
|
|
.It
|
|
|
|
The size for a
|
|
|
|
.Dq struct
|
|
|
|
type node must be specified; no initial value is expected or permitted.
|
|
|
|
.It
|
|
|
|
Either the size or the initial value for a
|
|
|
|
.Dq string
|
|
|
|
node must be given.
|
|
|
|
.It
|
|
|
|
The node which will be the parent of the new node must be writable.
|
|
|
|
.El
|
|
|
|
.Pp
|
|
|
|
If any of the given parameters describes an invalid configuration,
|
|
|
|
.Nm
|
|
|
|
will emit a diagnostic message to the standard error and exit.
|
|
|
|
.Pp
|
2004-03-24 21:22:30 +03:00
|
|
|
Descriptions can be added by the super-user to any node that does not
|
2004-03-25 02:49:13 +03:00
|
|
|
have one, provided that the node is not marked with the
|
2004-03-24 21:22:30 +03:00
|
|
|
.Dq PERMANENT
|
|
|
|
flag.
|
|
|
|
The syntax is similar to the syntax for creating new nodes with the
|
|
|
|
exception of the keyword that follows the double separator at the
|
|
|
|
start of the command:
|
|
|
|
.Dq //describe=new.node.path=new node description .
|
|
|
|
Once a description has been added, it cannot be changed or removed.
|
|
|
|
.Pp
|
2003-12-30 17:17:41 +03:00
|
|
|
When destroying nodes, only the path to the node is necessary, i.e.,
|
|
|
|
.Dq //destroy=old.node.path .
|
|
|
|
No other parameters are expected or permitted.
|
|
|
|
Nodes being destroyed must have no children, and their parent must be
|
|
|
|
writable.
|
|
|
|
Nodes that are marked with the
|
|
|
|
.Dq Dv PERMANENT
|
|
|
|
flag (as assigned by the kernel) may not be deleted.
|
2004-03-24 21:22:30 +03:00
|
|
|
.Pp
|
|
|
|
In all cases, the initial
|
|
|
|
.Sq =
|
|
|
|
that follows the command (eg,
|
|
|
|
.Dq create ,
|
|
|
|
.Dq destroy ,
|
|
|
|
or
|
|
|
|
.Dq describe )
|
|
|
|
may be replaced with another instance of the separator character,
|
|
|
|
provided that the same separator character is used for the length of
|
|
|
|
the name specification.
|
2001-10-30 10:28:22 +03:00
|
|
|
.Sh FILES
|
2002-10-01 18:57:46 +04:00
|
|
|
.Bl -tag -width xnetinet6/udp6Xvar.hx -compact
|
2003-08-07 14:11:02 +04:00
|
|
|
.It Pa /etc/sysctl.conf
|
|
|
|
.Nm
|
|
|
|
variables set at boot time
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa sys/sysctl.h
|
2005-10-06 15:17:38 +04:00
|
|
|
definitions for top level identifiers, second level kernel, hardware,
|
2005-10-04 02:22:10 +04:00
|
|
|
and security identifiers, and user level identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa sys/socket.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for second level network identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa sys/gmon.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for third level profiling identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa uvm/uvm_param.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for second level virtual memory identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netinet/in.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for third level IPv4/v6 identifiers and
|
|
|
|
fourth level IPv4/v6 identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netinet/icmp_var.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for fourth level ICMP identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netinet/icmp6.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for fourth level ICMPv6 identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netinet/tcp_var.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for fourth level TCP identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netinet/udp_var.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for fourth level UDP identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netinet6/udp6_var.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for fourth level IPv6 UDP identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netinet6/ipsec.h
|
2001-10-30 10:28:22 +03:00
|
|
|
definitions for fourth level IPsec identifiers
|
2002-10-01 18:57:46 +04:00
|
|
|
.It Aq Pa netkey/key_var.h
|
2002-05-19 12:12:55 +04:00
|
|
|
definitions for third level PF_KEY identifiers
|
2005-05-20 00:16:19 +04:00
|
|
|
.It Aq Pa sys/verified_exec.h
|
|
|
|
definitions for third level verified exec identifiers
|
2001-10-30 10:28:22 +03:00
|
|
|
.El
|
2000-01-17 05:31:50 +03:00
|
|
|
.Sh EXAMPLES
|
|
|
|
For example, to retrieve the maximum number of processes allowed
|
|
|
|
in the system, one would use the following request:
|
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl kern.maxproc
|
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
To set the maximum number of processes allowed
|
|
|
|
in the system to 1000, one would use the following request:
|
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl -w kern.maxproc=1000
|
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
Information about the system clock rate may be obtained with:
|
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl kern.clockrate
|
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
Information about the load average history may be obtained with:
|
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl vm.loadavg
|
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
To view the values of the per-process variables of the current shell,
|
|
|
|
the request:
|
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl proc.$$
|
|
|
|
.Ed
|
2003-03-16 02:48:27 +03:00
|
|
|
can be used if the shell interpreter replaces $$ with its pid (this is true
|
2000-01-17 05:31:50 +03:00
|
|
|
for most shells).
|
|
|
|
.Pp
|
2003-07-04 17:32:13 +04:00
|
|
|
To redirect core dumps to the
|
|
|
|
.Pa /var/tmp/ Ns Aq username
|
|
|
|
directory,
|
2000-01-17 05:31:50 +03:00
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl -w proc.$$.corename=/var/tmp/%u/%n.core
|
|
|
|
.Ed
|
2003-12-30 17:17:41 +03:00
|
|
|
should be used.
|
2000-01-17 05:31:50 +03:00
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl -w proc.curproc.corename=/var/tmp/%u/%n.core
|
|
|
|
.Ed
|
|
|
|
changes the value for the sysctl process itself, and will not have the desired
|
|
|
|
effect.
|
2003-12-30 17:17:41 +03:00
|
|
|
.Pp
|
|
|
|
To create the root of a new sub-tree called
|
|
|
|
.Dq local
|
2004-03-25 02:49:13 +03:00
|
|
|
add some children to the new node, and some descriptions:
|
2003-12-30 17:17:41 +03:00
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl -w //create=local
|
2004-03-24 21:22:30 +03:00
|
|
|
sysctl -w //describe=local=my local sysctl tree
|
2003-12-30 17:17:41 +03:00
|
|
|
sysctl -w //create=local.esm_debug,type=int,symbol=esm_debug,flags=w
|
2004-03-24 21:22:30 +03:00
|
|
|
sysctl -w //describe=local.esm_debug=esm driver debug knob
|
2003-12-30 17:17:41 +03:00
|
|
|
sysctl -w //create=local.audiodebug,type=int,symbol=audiodebug,flags=w
|
2004-03-24 21:22:30 +03:00
|
|
|
sysctl -w //describe=local.audiodebug=generic audio debug knob
|
2003-12-30 17:17:41 +03:00
|
|
|
.Ed
|
|
|
|
Note that the children are made writable so that the two debug
|
|
|
|
settings in question can be tuned arbitrarily.
|
|
|
|
.Pp
|
|
|
|
To destroy that same subtree:
|
|
|
|
.Bd -literal -offset indent -compact
|
|
|
|
sysctl -w //destroy=local.esm_debug
|
|
|
|
sysctl -w //destroy=local.audiodebug
|
|
|
|
sysctl -w //destroy=local
|
|
|
|
.Ed
|
2000-01-17 05:31:50 +03:00
|
|
|
.Sh SEE ALSO
|
2003-12-30 17:17:41 +03:00
|
|
|
.Xr sysctl 3 ,
|
|
|
|
.Xr ksyms 4
|
2000-01-17 05:31:50 +03:00
|
|
|
.Sh HISTORY
|
|
|
|
.Nm sysctl
|
|
|
|
first appeared in
|
|
|
|
.Bx 4.4 .
|