NetBSD/sbin/sysctl/sysctl.8

447 lines
15 KiB
Groff

.\" $NetBSD: sysctl.8,v 1.68 2001/08/20 10:31:46 hubertf Exp $
.\"
.\" Copyright (c) 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by the University of
.\" California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)sysctl.8 8.1 (Berkeley) 6/6/93
.\"
.Dd June 6, 1993
.Dt SYSCTL 8
.Os
.Sh NAME
.Nm sysctl
.Nd get or set kernel state
.Sh SYNOPSIS
.Nm sysctl
.Op Fl n
.Ar name ...
.Nm sysctl
.Op Fl n
.Fl w
.Ar name Ns Li = Ns Ar value ...
.Nm sysctl
.Op Fl n
.Fl a
.Nm sysctl
.Op Fl n
.Fl A
.Nm sysctl
.Op Fl n
.Fl f
.Ar file
.Sh DESCRIPTION
The
.Nm sysctl
utility retrieves kernel state and allows processes with
appropriate privilege to set kernel state.
The state to be retrieved or set is described using a
``Management Information Base'' (``MIB'') style name,
described as a dotted set of components.
The
.Fl a
flag can be used to list all the currently available string or integer values.
The
.Fl A
flag will list all the known MIB names including tables.
Those with string or integer values will be printed as with the
.Fl a
flag; for the table values,
the name of the utility to retrieve them is given.
.Pp
The
.Fl n
flag specifies that the printing of the field name should be
suppressed and that only its value should be output.
This flag is useful for setting shell variables.
For example, to save the pagesize in variable psize, use:
.Bd -literal -offset indent -compact
set psize=`sysctl -n hw.pagesize`
.Ed
.Pp
If just a MIB style name is given,
the corresponding value is retrieved.
If a value is to be set, the
.Fl w
flag must be specified and the MIB name followed
by an equal sign and the new value to be used.
.Pp
The
.Fl f
flag specifies the name of a file to read and process. Blank lines and
comments (beginning with
.Ql # )
are ignored. Line continuations with
.Ql \e
are permitted. Remaining lines are processed similarly to
command line arguments of the form
.Ar name
or
.Ar name Ns Li = Ns Ar value .
The
.Fl w
flag is implied by
.Fl f .
.Pp
The
.Ql proc
top-level MIB has a special semantic: it represent per-process values
and as such may differ from one process to another. The second-level name
is the pid of the process (in decimal form), or the special word
.Ql curproc .
For variables below
.Ql proc.<pid>.rlimit ,
the integer value may be replaced
with the string
.Ql unlimited
if it matches the magic value used to disable
a limit.
.Pp
The information available from
.Nm sysctl
consists of integers, strings, and tables.
The tabular information can only be retrieved by special
purpose programs such as
.Nm ps ,
.Nm systat ,
and
.Nm netstat .
The string and integer information is summarized below.
For a detailed description of these variable see
.Xr sysctl 3 .
The changeable column indicates whether a process with appropriate
privilege can change the value.
.Bl -column proc.<pid>.rlimit.coredumpsize.hardxxxxxx integerxxx
.It Sy Name Type Changeable
.It ddb.fromconsole integer yes
.It ddb.lines integer yes
.It ddb.maxoff integer yes
.It ddb.maxwidth integer yes
.It ddb.onpanic integer yes
.It ddb.radix integer yes
.It ddb.tabstops integer yes
.It hw.alignbytes integer no
.It hw.byteorder integer no
.\".It hw.disknames struct no
.\".It hw.diskstats struct no
.It hw.machine string no
.It hw.machine_arch string no
.It hw.model string no
.It hw.ncpu integer no
.It hw.pagesize integer no
.It hw.physmem integer no
.It hw.usermem integer no
.It hw.cnmagic string yes
.It kern.argmax integer no
.It kern.autonicetime integer yes
.It kern.autoniceval integer yes
.It kern.boottime struct no
.It kern.chown_restricted integer no
.It kern.clockrate struct no
.It kern.defcorename string yes
.It kern.fsync integer no
.It kern.hostid integer yes
.It kern.hostname string yes
.It kern.iov_max integer no
.It kern.job_control integer no
.It kern.link_max integer no
.It kern.login_name_max integer no
.It kern.logsigexit integer yes
.It kern.max_canon integer no
.It kern.max_input integer no
.It kern.maxfiles integer yes
.It kern.maxpartitions integer no
.It kern.maxproc integer yes
.It kern.maxptys integer yes, special
.It kern.maxvnodes integer raise only
.It kern.mapped_files integer no
.It kern.memlock integer no
.It kern.memlock_rage integer no
.It kern.memory_protection integer no
.It kern.mbuf.mblowat integer yes
.It kern.mbuf.mcllowat integer yes
.It kern.mbuf.mclsize integer no
.It kern.mbuf.msize integer no
.It kern.mbuf.nmbclusters integer raise only
.It kern.msgbufsize integer no
.It kern.name_max integer no
.It kern.ngroups integer no
.It kern.no_trunc integer no
.It kern.osrelease string no
.It kern.osrevision integer no
.It kern.ostype string no
.It kern.path_max integer no
.It kern.pipe.maxkvasz integer yes
.It kern.pipe.maxloankvasz integer yes
.It kern.pipe.maxbigpipes integer yes
.It kern.pipe.nbigpipes integer no
.It kern.pipe.kvasize integer no
.It kern.posix1version integer no
.It kern.rawpartition integer no
.It kern.saved_ids integer no
.It kern.securelevel integer raise only
.It kern.synchronized_io integer no
.It kern.sysvmsg integer no
.It kern.sysvsem integer no
.It kern.sysvshm integer no
.It kern.vdisable integer no
.It kern.version string no
.It machdep.console_device dev_t no
.It net.inet.icmp.maskrepl integer yes
.It net.inet.icmp.errppslimit integer yes
.It net.inet.ip.allowsrcrt integer yes
.It net.inet.ip.anonportmax integer yes
.It net.inet.ip.anonportmin integer yes
.It net.inet.ip.directed-broadcast integer yes
.It net.inet.ip.forwarding integer yes
.It net.inet.ip.forwsrcrt integer yes
.It net.inet.ip.maxfragpacket integer yes
.It net.inet.ip.lowportmax integer yes
.It net.inet.ip.lowportmin integer yes
.It net.inet.ip.mtudisc integer yes
.It net.inet.ip.mtudisctimeout integer yes
.It net.inet.ip.redirect integer yes
.It net.inet.ip.subnetsarelocal integer yes
.It net.inet.ip.ttl integer yes
.It net.inet.ipsec.ah_cleartos integer yes
.It net.inet.ipsec.ah_net_deflev integer yes
.It net.inet.ipsec.ah_offsetmask integer yes
.It net.inet.ipsec.ah_trans_deflev integer yes
.It net.inet.ipsec.def_policy integer yes
.It net.inet.ipsec.dfbit integer yes
.It net.inet.ipsec.ecn integer yes
.It net.inet.ipsec.esp_net_deflev integer yes
.It net.inet.ipsec.esp_trans_deflev integer yes
.It net.inet.ipsec.inbound_call_ike integer yes
.It net.inet.tcp.ack_on_push integer yes
.It net.inet.tcp.compat_42 integer yes
.It net.inet.tcp.cwm integer yes
.It net.inet.tcp.cwm_burstsize integer yes
.It net.inet.tcp.init_win integer yes
.It net.inet.tcp.keepcnt integer yes
.It net.inet.tcp.keepidle integer yes
.It net.inet.tcp.keepintvl integer yes
.It net.inet.tcp.log_refused integer yes
.It net.inet.tcp.mss_ifmtu integer yes
.It net.inet.tcp.mssdflt integer yes
.It net.inet.tcp.recvspace integer yes
.It net.inet.tcp.rfc1323 integer yes
.It net.inet.tcp.rstppslimit integer yes
.It net.inet.tcp.sack integer yes
.It net.inet.tcp.sendspace integer yes
.It net.inet.tcp.slowhz integer no
.It net.inet.tcp.syn_bucket_limit integer yes
.It net.inet.tcp.syn_cache_interval integer yes
.It net.inet.tcp.syn_cache_limit integer yes
.It net.inet.tcp.timestamps integer yes
.It net.inet.tcp.win_scale integer yes
.It net.inet.udp.checksum integer yes
.It net.inet.udp.recvspace integer yes
.It net.inet.udp.sendspace integer yes
.It net.inet6.icmp6.errppslimit integer yes
.It net.inet6.icmp6.mtudisc_hiwat integer yes
.It net.inet6.icmp6.mtudisc_lowat integer yes
.It net.inet6.icmp6.nd6_debug integer yes
.It net.inet6.icmp6.nd6_delay integer yes
.It net.inet6.icmp6.nd6_maxnudhint integer yes
.It net.inet6.icmp6.nd6_mmaxtries integer yes
.It net.inet6.icmp6.nd6_prune integer yes
.It net.inet6.icmp6.nd6_umaxtries integer yes
.It net.inet6.icmp6.nd6_useloopback integer yes
.It net.inet6.icmp6.nodeinfo integer yes
.It net.inet6.icmp6.rediraccept integer yes
.It net.inet6.icmp6.redirtimeout integer yes
.It net.inet6.ip6.accept_rtadv integer yes
.It net.inet6.ip6.anonportmax integer yes
.It net.inet6.ip6.anonportmin integer yes
.It net.inet6.ip6.auto_flowlabel integer yes
.It net.inet6.ip6.bindv6only integer yes
.It net.inet6.ip6.dad_count integer yes
.It net.inet6.ip6.defmcasthlim integer yes
.It net.inet6.ip6.forwarding integer yes
.It net.inet6.ip6.gif_hlim integer yes
.It net.inet6.ip6.hdrnestlimit integer yes
.It net.inet6.ip6.hlim integer yes
.It net.inet6.ip6.kame_version string no
.It net.inet6.ip6.keepfaith integer yes
.It net.inet6.ip6.log_interval integer yes
.It net.inet6.ip6.lowportmax integer yes
.It net.inet6.ip6.lowportmin integer yes
.It net.inet6.ip6.maxfragpackets integer yes
.It net.inet6.ip6.redirect integer yes
.It net.inet6.ip6.rr_prune integer yes
.It net.inet6.ip6.use_deprecated integer yes
.It net.inet6.ipsec6.ah_net_deflev integer yes
.It net.inet6.ipsec6.ah_trans_deflev integer yes
.It net.inet6.ipsec6.def_policy integer yes
.It net.inet6.ipsec6.ecn integer yes
.It net.inet6.ipsec6.esp_net_deflev integer yes
.It net.inet6.ipsec6.esp_trans_deflev integer yes
.It net.inet6.ipsec6.inbound_call_ike integer yes
.It net.inet6.udp6.recvspace integer yes
.It net.inet6.udp6.sendspace integer yes
.It net.key.acq_exp_int integer yes
.It net.key.acq_maxtime integer yes
.It net.key.debug integer yes
.It net.key.kill_int integer yes
.It net.key.random_int integer yes
.It net.key.spi_max_value integer yes
.It net.key.spi_min_value integer yes
.It net.key.spi_try integer yes
.It proc.<pid>.corename string yes
.It proc.<pid>.rlimit.coredumpsize.hard integer yes
.It proc.<pid>.rlimit.coredumpsize.soft integer yes
.It proc.<pid>.rlimit.cputime.hard integer yes
.It proc.<pid>.rlimit.cputime.soft integer yes
.It proc.<pid>.rlimit.datasize.hard integer yes
.It proc.<pid>.rlimit.datasize.soft integer yes
.It proc.<pid>.rlimit.filesize.hard integer yes
.It proc.<pid>.rlimit.filesize.soft integer yes
.It proc.<pid>.rlimit.maxproc.hard integer yes
.It proc.<pid>.rlimit.maxproc.soft integer yes
.It proc.<pid>.rlimit.memorylocked.hard integer yes
.It proc.<pid>.rlimit.memorylocked.soft integer yes
.It proc.<pid>.rlimit.memoryuse.hard integer yes
.It proc.<pid>.rlimit.memoryuse.soft integer yes
.It proc.<pid>.rlimit.stacksize.hard integer yes
.It proc.<pid>.rlimit.stacksize.soft integer yes
.It user.bc_base_max integer no
.It user.bc_dim_max integer no
.It user.bc_scale_max integer no
.It user.bc_string_max integer no
.It user.coll_weights_max integer no
.It user.cs_path string no
.It user.expr_nest_max integer no
.It user.line_max integer no
.It user.posix2_c_bind integer no
.It user.posix2_c_dev integer no
.It user.posix2_char_term integer no
.It user.posix2_fort_dev integer no
.It user.posix2_fort_run integer no
.It user.posix2_localedef integer no
.It user.posix2_sw_dev integer no
.It user.posix2_upe integer no
.It user.posix2_version integer no
.It user.re_dup_max integer no
.It vendor.<vendor>.* ? vendor specific
.It vfs.generic.usermount integer yes
.It vm.anonmin integer yes
.It vm.loadavg struct no
.It vm.nkmempages integer no
.It vm.uvmexp struct no
.It vm.uvmexp2 struct no
.It vm.vmmeter struct no
.It vm.vnodemin integer yes
.It vm.vtextmin integer yes
.El
.Pp
Entries found under
.Dq vendor.<vendor>
are left to be specified (and used) by vendors
using the NetBSD operating system in their products.
Values and structure are vendor-defined, and no registry
exists right now.
.Sh EXAMPLES
.Pp
For example, to retrieve the maximum number of processes allowed
in the system, one would use the following request:
.Bd -literal -offset indent -compact
sysctl kern.maxproc
.Ed
.Pp
To set the maximum number of processes allowed
in the system to 1000, one would use the following request:
.Bd -literal -offset indent -compact
sysctl -w kern.maxproc=1000
.Ed
.Pp
Information about the system clock rate may be obtained with:
.Bd -literal -offset indent -compact
sysctl kern.clockrate
.Ed
.Pp
Information about the load average history may be obtained with:
.Bd -literal -offset indent -compact
sysctl vm.loadavg
.Ed
.Pp
To view the values of the per-process variables of the current shell,
the request:
.Bd -literal -offset indent -compact
sysctl proc.$$
.Ed
can be used if the shell interpreter replaces $$ with it's pid (this is true
for most shells).
.Pp
To redirect core dumps to the /var/tmp/<username> directory,
.Bd -literal -offset indent -compact
sysctl -w proc.$$.corename=/var/tmp/%u/%n.core
.Ed
Shall be used.
.Bd -literal -offset indent -compact
sysctl -w proc.curproc.corename=/var/tmp/%u/%n.core
.Ed
changes the value for the sysctl process itself, and will not have the desired
effect.
.Sh FILES
.Bl -tag -width <netinet6/udp6Xvar.h> -compact
.It Pa <sys/sysctl.h>
definitions for top level identifiers, second level kernel and hardware
identifiers, and user level identifiers
.It Pa <sys/socket.h>
definitions for second level network identifiers
.It Pa <sys/gmon.h>
definitions for third level profiling identifiers
.It Pa <uvm/uvm_param.h>
definitions for second level virtual memory identifiers
.It Pa <netinet/in.h>
definitions for third level IPv4/v6 identifiers and
fourth level IPv4/v6 identifiers
.It Pa <netinet/icmp_var.h>
definitions for fourth level ICMP identifiers
.It Pa <netinet/icmp6.h>
definitions for fourth level ICMPv6 identifiers
.It Pa <netinet/tcp_var.h>
definitions for fourth level TCP identifiers
.It Pa <netinet/udp_var.h>
definitions for fourth level UDP identifiers
.It Pa <netinet6/udp6_var.h>
definitions for fourth level IPv6 UDP identifiers
.It Pa <netinet6/ipsec.h>
definitions for fourth level IPsec identifiers
.El
.Sh SEE ALSO
.Xr sysctl 3
.Sh HISTORY
.Nm sysctl
first appeared in
.Bx 4.4 .