921 lines
29 KiB
Groff
921 lines
29 KiB
Groff
.\" $NetBSD: options.4,v 1.19 1997/06/14 18:33:11 mrg Exp $
|
|
.\"
|
|
.\" Copyright (c) 1996
|
|
.\" Perry E. Metzger. All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed for the NetBSD Project
|
|
.\" by Perry E. Metzger.
|
|
.\" 4. The name of the author may not be used to endorse or promote products
|
|
.\" derived from this software without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
.\"
|
|
.\"
|
|
.Dd October 20, 1996
|
|
.Os NetBSD 1.3
|
|
.Dt OPTIONS 4
|
|
.Sh NAME
|
|
.Nm options
|
|
.Nd Miscellaneous kernel configuration options
|
|
.Sh SYNOPSIS
|
|
.Cd options ...
|
|
.Sh DESCRIPTION
|
|
This manual page describes a number of miscellaneous kernel
|
|
configuration options that may be specified in a kernel config
|
|
file. See
|
|
.Xr config 8
|
|
for information on how to configure and build kernels.
|
|
.Em Note:
|
|
Options are passed to the compile process as -D flags to the C
|
|
compiler.
|
|
.Ss Compatibility Options
|
|
.Bl -ohang
|
|
.It Cd options COMPAT_09
|
|
Enable binary compatibility with
|
|
.Nx 0.9 .
|
|
This enables support for
|
|
16-bit user, group, and process ids (following revisions support
|
|
32-bit identifiers),
|
|
It also allows the use of the deprecated getdomainname, setdomainname,
|
|
and uname syscalls.
|
|
This option also allows using numeric fileystem identifiers rather
|
|
than strings. Post 0.9 versions use string identifiers.
|
|
.It Cd options COMPAT_10
|
|
Enable binary compatibility with
|
|
.Nx 1.0 .
|
|
This option allows the use of the filesystem name of
|
|
.Dq ufs
|
|
as an alias for
|
|
.Dq ffs .
|
|
The name
|
|
.Dq ffs
|
|
should be used post 1.0 in
|
|
.Pa /etc/fstab
|
|
and other files. It also adds old syscalls for the
|
|
.At V
|
|
shared memory interface. This was changed post 1.0 to work on 64-bit
|
|
architectures. This option also enables
|
|
.Dq sgtty
|
|
compatibility, without which programs using the old interface produce
|
|
an
|
|
.Dq inapropriate ioctl
|
|
error.
|
|
.It Cd options COMPAT_11
|
|
Enable binary compatibility with
|
|
.Nx 1.1 .
|
|
This allows binaries running on the i386 port to gain direct access to
|
|
the io ports by opening
|
|
.Pa /dev/io
|
|
read/write. This functionality was
|
|
replaced by
|
|
.Xr i386_iopl 2
|
|
post 1.1.
|
|
On the
|
|
.Tn Atari
|
|
port, the location of the disk label was moved after 1.1. When the
|
|
.Em COMPAT_11
|
|
option is set, the kernel will read (pre) 1.1 style disk labels as a
|
|
last resort. When a disklabel is re-written, the old style label will
|
|
be replaced with a post 1.1 style label.
|
|
.It Cd options COMPAT_12
|
|
Enable binary compatibility with
|
|
.Nx 1.2 .
|
|
This allows the use of old syscalls for
|
|
.Fn reboot , and
|
|
.Fn swapon .
|
|
The syscall numbers was changed post 1.2 to add functionality to the
|
|
reboot syscall, and the new
|
|
.Fn swapctl
|
|
interface was introduced.
|
|
.It Cd options COMPAT_43
|
|
Enables compatibility with
|
|
.Bx 4.3 .
|
|
This adds an old syscall for lseek. It also adds the ioctls for
|
|
TIOCGETP and TIOCSETP. The return values for getpid, getgid, and
|
|
getuid syscalls are modified as well, to return the parent's pid and
|
|
uid as well as the current process's. It also enables the deprecated
|
|
NTTYDISC terminal line disipline.
|
|
It also provides backwards compatibility with
|
|
.Dq old
|
|
SIOC[GS]IF{ADDR,DSTADDR,BRDADDR,NETMASK} interface ioctls, including
|
|
binary compatibility with code written before the introduction of the
|
|
sa_len field in sockaddrs.
|
|
It also enables
|
|
support for some older pre BSD 4.4 socket calls.
|
|
.It Cd options COMPAT_SVR4
|
|
On those architectures that support it, this enables binary
|
|
compatibility with
|
|
.At V.4
|
|
applications built for the same architecture. This currently includes
|
|
the sparc, and i386.
|
|
.It Cd options COMPAT_LINUX
|
|
On those architectures that support it, this enables binary
|
|
compatibility with Linux ELF and a.out
|
|
applications built for the same architecture. This is currently limited
|
|
to the i386.
|
|
.It Cd options COMPAT_SUNOS
|
|
On those architectures that support it, this enables binary
|
|
compatibility with SunOS 4.1
|
|
applications built for the same architecture. This currently includes
|
|
the sparc and most or all m68k platforms.
|
|
.It Cd options COMPAT_ULTRIX
|
|
On those architectures that support it, this enables binary
|
|
compatibility with Ultrix
|
|
applications built for the same architecture. This currently is limited
|
|
to the pmax. The functionality of this option is unknown.
|
|
.It Cd options COMPAT_FREEBSD
|
|
On those architectures that support it, this enables binary
|
|
compatibility with FreeBSD
|
|
applications built for the same architecture. This is obviously limited
|
|
to the i386.
|
|
.It Cd options COMPAT_HPUX
|
|
On those architectures that support it, this enables binary
|
|
compatibility with HP/UX
|
|
applications built for the same architecture. This is limited to the
|
|
hp300 port, and has some known bugs. A limited set of programs do work.
|
|
.It Cd options COMPAT_IBCS2
|
|
On those architectures that support it, this enables binary
|
|
compatibility with iBCS2
|
|
applications built for the same architecture. This is currently
|
|
limited to the i386.
|
|
.It Cd options COMPAT_OSF1
|
|
On those architectures that support it, this enables binary
|
|
compatibility with Digital UNIX (formerly OSF/1)
|
|
applications built for the same architecture. This is currently
|
|
limited to the alpha, and may not even work.
|
|
.El
|
|
.Ss Debugging Options
|
|
.Bl -ohang
|
|
.It Cd options DDB
|
|
Compiles in a kernel debugger for diagnosing kernel problems. See
|
|
.Xr ddb 4
|
|
for details.
|
|
.Em NOTE:
|
|
not available on all architectures.
|
|
.It Cd options DDB_ONPANIC
|
|
If set to non-zero, the DDB will be entered upon kernel panic. The
|
|
default if not specified is "1". Note that this sets the value of
|
|
the
|
|
.Em ddb.onpanic
|
|
sysctl variable which may be changed at run time -- see
|
|
.Xr sysctl 8
|
|
for details.
|
|
.It Cd options KGDB
|
|
Compiles in a remote kernel debugger stub for diagnosing kernel problems
|
|
using the
|
|
.Dq remote target
|
|
feature of gdb. See
|
|
.Xr gdb 1
|
|
for details.
|
|
.Em NOTE:
|
|
not available on all architectures.
|
|
.It Cd makeoptions DEBUG="-g"
|
|
The -g flag causes
|
|
.Pa netbsd.gdb
|
|
to be built in addition to
|
|
.Pa netbsd .
|
|
.Pa netbsd.gdb
|
|
is useful for debugging kernel crash dumps with gdb.
|
|
The command
|
|
.Dl gdb -k
|
|
invokes gdb in kernel debugger mode.
|
|
See
|
|
.Xr gdb 1
|
|
for details. This also turns on
|
|
.Em options DEBUG
|
|
(which see).
|
|
.It Cd options DEBUG
|
|
Turns on miscellaneous kernel debugging. Since options are turned into
|
|
preprocessor defines (see above),
|
|
.Em options DEBUG
|
|
is equivalent to doing a
|
|
.Em #define DEBUG
|
|
throughout the kernel. Much of the kernel has
|
|
.Em #ifdef DEBUG
|
|
conditionalized debugging code. Note that many parts of the kernel
|
|
(typically device drivers) include their own
|
|
.Em #ifdef XXX_DEBUG
|
|
conditionals instead.
|
|
This option also turns on certain other options, notably the
|
|
.Em KMEMSTATS
|
|
option, which may decrease system performance.
|
|
.It Cd options DIAGNOSTIC
|
|
Adds code to the kernel that does internal consistency checks. This
|
|
code will cause the kernel to panic if corruption of internal data
|
|
structures is detected.
|
|
.It Cd options KTRACE
|
|
Add hooks for the system call tracing facility, which allows users to
|
|
watch the system call invokation behavior of processes. See
|
|
.Xr ktrace 1
|
|
for details.
|
|
.El
|
|
.Ss File Systems
|
|
.Bl -ohang
|
|
.It Cd file-system FFS
|
|
Includes code implementing the Berkeley Fast File System
|
|
.Em ( FFS ) .
|
|
Most machines need this if they are not running diskless.
|
|
.It Cd file-system EXT2FS
|
|
Includes code implementing the Second Extended File System
|
|
.Em ( EXT2FS ) .
|
|
This is the most commonly used file system on the Linux operating system,
|
|
and is provided here for compatibility. Some of the specific features
|
|
of
|
|
.Em EXT2FS
|
|
like the "behavior on errors" are not implemented. This file system can't be
|
|
used with UID or GID greather than 65535. See
|
|
.Xr mount_ext2fs 8
|
|
for details.
|
|
.It Cd file-system LFS
|
|
Include the log structured file system
|
|
.Em ( LFS ) .
|
|
See
|
|
.Xr mount_lfs 8
|
|
and
|
|
.Xr newlfs 8
|
|
for details.
|
|
.It Cd file-system MFS
|
|
Include the memory file system
|
|
.Em ( MFS ) .
|
|
This file system stores files in swappable memory, and produces
|
|
notable performance improvements when it is used as the file store
|
|
for
|
|
.Pa /tmp
|
|
and similar file systems. See
|
|
.Xr mount_mfs 8
|
|
for details.
|
|
.It Cd file-system NFS
|
|
Include the client side of the
|
|
.Em NFS
|
|
(Network File System) remote file sharing protocol.
|
|
Although the bulk of the code implementing
|
|
.Em NFS
|
|
is kernel based, several user level daemons are needed for it to
|
|
work. See
|
|
.Xr mount_nfs 8
|
|
and
|
|
.Xr nfsiod 8
|
|
for details.
|
|
.It Cd file-system CD9660
|
|
Includes code for the ISO 9660 + Rock Ridge file system, which is the
|
|
standard file system on many CD-ROMs. Useful mostly if you have a CD
|
|
drive. See
|
|
.Xr mount_cd9660 8
|
|
for details.
|
|
.It Cd file-system MSDOSFS
|
|
Includes the
|
|
.Tn MS-DOS
|
|
FAT file system, which is reportedly still used
|
|
by unfortunate people who have not heard about
|
|
.Nx .
|
|
Also implements the
|
|
.Tn Windows 95
|
|
extensions to the same, which permit the use of longer, mixed case
|
|
file names. see
|
|
.Xr mount_msdos 8
|
|
and
|
|
.Xr fsck_msdos 8
|
|
for details.
|
|
.It Cd file-system FDESC
|
|
Includes code for a file system, conventionally mounted on
|
|
.Pa /dev/fd ,
|
|
which permits access to the per-process file descriptor space via
|
|
special files in the file system.
|
|
See
|
|
.Xr mount_fdesc 8
|
|
for details.
|
|
Note that this facility is redundant, and thus unneeded on most
|
|
.Nx
|
|
systems, since the
|
|
.Xr fd 4
|
|
pseudodevice driver already provides identical functionality. On most
|
|
.Nx
|
|
systems, instances of
|
|
.Xr fd 4
|
|
are mknoded under
|
|
.Pa /dev/fd/
|
|
and on
|
|
.Pa /dev/stdin ,
|
|
.Pa /dev/stdout ,
|
|
and
|
|
.Pa /dev/stderr .
|
|
.It Cd file-system KERNFS
|
|
Includes code which permits the mounting of a special file system
|
|
(normally mounted on
|
|
.Pa /kern )
|
|
in which files representing various kernel variables and parameters
|
|
may be found.
|
|
See
|
|
.Xr mount_kernfs 8
|
|
for details.
|
|
.It Cd file-system NULLFS
|
|
Includes code for a loopback file system. This permits portions of the file
|
|
hierarchy to be re-mounted in other places. The code really exists to
|
|
provide an example of a stackable file system layer. See
|
|
.Xr mount_null 8
|
|
for details.
|
|
.It Cd file-system PORTAL
|
|
Includes the (experimental) portal filesystem. This permits
|
|
interesting tricks like opening TCP sockets by opening files in the
|
|
file system. The portal file system is conventionally mounted on
|
|
.Pa /p
|
|
and is partially implemented by a special daemon. See
|
|
.Xr mount_portal 8
|
|
for details.
|
|
.It Cd file-system PROCFS
|
|
Includes code for a special file system (conventionally mounted on
|
|
.Pa /proc )
|
|
in which the process space becomes visible in the file system. Among
|
|
other things, the memory spaces of processes running on the system are
|
|
visible as files, and signals may be sent to processes by writing to
|
|
.Pa ctl
|
|
files in the procfs namespace. See
|
|
.Xr mount_procfs 8
|
|
for details.
|
|
.It Cd file-system UMAPFS
|
|
Includes a loopback file system in which user and group ids may be
|
|
remapped -- this can be useful when mounting alien file systems with
|
|
different uids and gids than the local system.
|
|
See
|
|
.Xr mount_umap 8
|
|
for details.
|
|
.It Cd file-system UNION
|
|
Includes code for the union file system, which permits directories to
|
|
be mounted on top of each other in such a way that both file systems
|
|
remain visible -- this permits tricks like allowing writing (and the
|
|
deleting of files) on a read-only file system like a CD-ROM by
|
|
mounting a local writable file system on top of the read-only file
|
|
system. See
|
|
.Xr mount_union 8
|
|
for details.
|
|
.El
|
|
.Ss File System Options
|
|
.Bl -ohang
|
|
.It Cd options NFSSERVER
|
|
Include the server side of the
|
|
.Em NFS
|
|
(Network File System) remote file sharing protocol.
|
|
Although the bulk of the code implementing
|
|
.Em NFS
|
|
is kernel based, several user level daemons are needed for it to
|
|
work. See
|
|
.Xr mountd 8
|
|
and
|
|
.Xr nfsd 8
|
|
for details.
|
|
.It Cd options QUOTA
|
|
Enables kernel support for file system quotas. See
|
|
.Xr quotaon 8 ,
|
|
.Xr edquota 8 ,
|
|
and
|
|
.Xr quota 1
|
|
for details. Note that quotas only work on
|
|
.Dq ffs
|
|
file systems, although
|
|
.Xr rpc.rquotad 8
|
|
permits them to be accessed over
|
|
.Em NFS .
|
|
.It Cd options FIFO
|
|
Augments the system to permit the use of
|
|
.At V
|
|
style FIFOs (i.e.
|
|
.Dq named pipes
|
|
). This option is recommended.
|
|
.It Cd options NVNODE=integer
|
|
This option sets the size of the cache used by the name-to-inode translation
|
|
routines, (a.k.a. the
|
|
.Fn namei
|
|
cache, though called by many other names in the kernel source). By default,
|
|
this cache has NPROC (set as 20 + 16 * MAXUSERS) * (80 + NPROC / 8) entries.
|
|
A reasonable way to derive a value of NVNODE, should you notice a large
|
|
number of namei cache misses with a tool such as
|
|
.Xr systat 1 ,
|
|
is to examine your system's current computed value with
|
|
.Xr sysctl 1 ,
|
|
(which calls this parameter "kern.maxvnodes") and to increase this value
|
|
until either the namei cache hit rate improves or it is determined that
|
|
your system does not benefit substantially from an increase in the size of
|
|
the namei cache.
|
|
.It Cd options EXT2FS_SYSTEM_FLAGS
|
|
This option changes the behavior of the APPEND and IMMUTABLE flags
|
|
for a file on an
|
|
.Em EXT2FS
|
|
filesystem. Without this option, the superuser or owner of the file can
|
|
set and clear them. With this option, only the superuser can set them, and
|
|
they can't be cleared if the securelevel is greather than 0. See also
|
|
.Xr chflags 1 .
|
|
.El
|
|
.Ss Miscellaneous Options
|
|
.Bl -ohang
|
|
.It Cd options LKM
|
|
Enable loadable kernel modules. See
|
|
.Xr lkm 4
|
|
for details.
|
|
.Em NOTE:
|
|
not available on all architectures.
|
|
.It Cd options INSECURE
|
|
Hardwires the kernel security level at -1. This means that the system
|
|
always runs in secure level 0 mode, even when running multiuser. See
|
|
the manual page for
|
|
.Xr init 8
|
|
for details on the implications of this. The kernel secure level may
|
|
manipulated by the superuser by altering the
|
|
.Em kern.securelevel
|
|
sysctl variable. (It should be noted that the secure level may only be
|
|
lowered by a call from process id 1, i.e.
|
|
.Em init . )
|
|
See also
|
|
.Xr sysctl 8
|
|
and
|
|
.Xr sysctl 3 .
|
|
.It Cd options UCONSOLE
|
|
Normally, only the superuser can execute the TIOCCONS ioctl, which
|
|
redirects console output to a non-console tty. (See
|
|
.Xr tty 4
|
|
for details).
|
|
This option permits any user to execute the ioctl. This is useful on
|
|
machines such as personal workstations which run X servers, where one
|
|
would prefer to permit console output to be viewed in a window without
|
|
requiring a suid root program to do it.
|
|
.It Cd options MACHINE_NONCONTIG
|
|
This option changes part of the VM/pmap interface, to allow for
|
|
non-contiguous memory. On some ports it is not an option. These
|
|
ports typically only use one of the interfaces.
|
|
.It Cd options MEMORY_DISK_HOOKS
|
|
This option allows for some machine dependent functions to be called when
|
|
the ramdisk driver is configured. This can result in automatically loading
|
|
a ramdisk from floppy on open (among other things).
|
|
.It Cd options MEMORY_DISK_IS_ROOT
|
|
Forces the ramdisk to be the root device. This can only be overridden when
|
|
the kernel is booted in the 'ask-for-root' mode.
|
|
.It Cd options NTP
|
|
Turns on in-kernel precision timekeeping support used by software
|
|
implementing
|
|
.Em NTP
|
|
(Network Time Protocol, RFC1305).
|
|
The
|
|
.Em NTP
|
|
option adds an in-kernel phase-locked loop (PLL) for normal
|
|
.Em NTP
|
|
operation, and a frequency-locked loop (FLL) for intermittently-connected
|
|
operation.
|
|
.Xr xntpd 8
|
|
will employ a user-level PLL when kernel support is unavailable,
|
|
but the in-kernel version has lower latency and more precision, and
|
|
so typically keeps much better time.
|
|
The interface to the kernel
|
|
.Em NTP
|
|
support is provided by the
|
|
.Xr ntp_adjtime 2
|
|
and
|
|
.Xr ntp_gettime 2
|
|
system calls, which are intended for use by
|
|
.Xr xntpd 8
|
|
and are enabled by the option.
|
|
On systems with sub-microsecond resolution timers, or where (HZ / 100000)
|
|
is not an integer, the
|
|
.Em NTP
|
|
option also enables extended-precision arithmetic to keep track of
|
|
fractional clock ticks at NTP time-format precision.
|
|
.It Cd options PPS
|
|
This option enables a kernel serial line discipline for receiving time
|
|
phase signals from an external reference clock such as a radio clock.
|
|
(The
|
|
.Em NTP
|
|
option (which see) must be on if the
|
|
.Em PPS
|
|
option is used.)
|
|
Some reference clocks generate a pulse per second (PPS) signal in
|
|
phase with their time source. The
|
|
.Em PPS
|
|
line discipline receives this signal on either the data leads
|
|
or the DCD control lead of a serial port.
|
|
.Em NTP
|
|
uses the PPS signal to discipline the local clock oscillator to a high
|
|
degree of precision (typically less than 50 microseconds in time and
|
|
0.1 ppm in accuracy).
|
|
.Em PPS
|
|
can also generate a serial output pulse when the system receives a PPS
|
|
interrupt. This can be used to measure the system interrupt latency
|
|
and thus calibrate
|
|
.Em NTP
|
|
to account for it.
|
|
Using
|
|
.Em PPS
|
|
usually requires a
|
|
gadget box
|
|
to convert from TTL to RS-232 signal levels.
|
|
The gadget box and PPS are described in more detail in the HTML documentation
|
|
shipped with the xntpd distribution.
|
|
.It Cd option SETUIDSCRIPTS
|
|
Allows scripts with the setuid bit set to execute as the effective
|
|
user rather than the real user, just like binary executables.
|
|
NOTE: Using this option will also enable
|
|
.Em option FDSCRIPTS
|
|
.It Cd option FDSCRIPTS
|
|
Allows execution of scripts with the execute bit set, but not the
|
|
read bit, by opening the file and passing the file descriptor to
|
|
the shell, rather than the filename. NOTE: Execute only (non-readable)
|
|
scripts will have
|
|
.Va argv[0]
|
|
set to
|
|
.Pa /dev/fd/* .
|
|
What this option allows as far as security is
|
|
concerned, is the ability to safely ensure that the correct script
|
|
it run by the interpreter, as it is passed as an already open file.
|
|
.It Cd options RTC_OFFSET=integer
|
|
The kernel (and typically the hardware battery backed-up clock on
|
|
those machines that have one) keeps time in
|
|
.Em UTC
|
|
(Universal Coordinated Time, once known as
|
|
.Em GMT ,
|
|
or Greenwich Mean Time)
|
|
and not in the time of the local time zone.
|
|
The
|
|
.Em RTC_OFFSET
|
|
option is used on some ports (such as the i386) to tell the kernel
|
|
that the hardware clock is offset from
|
|
.Em UTC
|
|
by the specified number of minutes. This is typically used when a
|
|
machine boots several operating systems and one of them wants the
|
|
hardware clock to run in the local time zone and not in
|
|
.Em UTC ,
|
|
e.g.
|
|
.Em RTC_OFFSET=300
|
|
means
|
|
the hardware clock is set to US Eastern Time (300 minutes behind
|
|
.Em UTC ) ,
|
|
and not
|
|
.Em UTC .
|
|
(Note:
|
|
.Em RTC_OFFSET
|
|
is used to initialize a kernel variable named
|
|
.Va rtc_offset
|
|
which is the source actually used to determine the clock offset, and
|
|
which may be accessed via the kern.rtc_offset sysctl variable.
|
|
See
|
|
.Xr sysctl 8
|
|
and
|
|
.Xr sysctl 3
|
|
for details. Since the kernel clock is initialized from the hardware
|
|
clock very early in the boot process, it is not possible to meaningfully change
|
|
.Va rtc_offset
|
|
in system initialization scripts. Changing this value currently may
|
|
only be done at kernel compile time or by patching the kernel and
|
|
rebooting.)
|
|
.It Cd options CCDNBUF=integer
|
|
The
|
|
.Xr ccd 4
|
|
device driver uses "component buffers" to distribute I/O requests to the
|
|
components of a concatenated disk. It keeps a freelist of buffer headers
|
|
in order to reduce use of the kernel memory allocator.
|
|
.Em CCDNBUF
|
|
is the number of buffer headers allocated on the freelist for
|
|
each component buffer. It defaults to 8.
|
|
.It Cd options KMEMSTATS
|
|
The kernel memory allocator,
|
|
.Xr malloc 9 ,
|
|
will keep statistics on its performance if this option is enabled.
|
|
Unfortunately, this option therefore essentially disables
|
|
.Fn MALLOC
|
|
and
|
|
.Fn FREE
|
|
forms of the memory allocator, which are used to enhance the performance
|
|
of certain critical sections of code in the kernel.
|
|
This option therefore can
|
|
lead to a significant decrease in the performance of certain code in the kernel
|
|
if enabled. Examples of such code include the
|
|
.Fn namei
|
|
routine, the
|
|
.Xr ccd 4
|
|
driver,
|
|
the
|
|
.Xr ncr 4
|
|
driver,
|
|
and much of the networking code.
|
|
.Em N.B. This option is silently
|
|
.Em turned on by the DEBUG option.
|
|
.El
|
|
.Ss Networking Options
|
|
.Bl -ohang
|
|
.It Cd options GATEWAY
|
|
Enables
|
|
.Em IPFORWARDING
|
|
(which see)
|
|
and (on most ports) increases the size of
|
|
.Em NMBCLUSTERS
|
|
(which see). In general,
|
|
.Em GATEWAY
|
|
is used to indicate that a system should act as a router, and
|
|
.Em IPFORWARDING
|
|
is not invoked directly.
|
|
(Note that
|
|
.Em GATEWAY
|
|
has no impact on protocols other than IP, such as CLNP or XNS.)
|
|
.It Cd options IPFORWARDING
|
|
Enables IP routing behavior. With this option enabled, the machine
|
|
will forward IP datagrams between its interfaces that are destined for
|
|
other machines. Note that even without this option, the kernel will
|
|
still forward some packets (such as source routed packets) -- removing
|
|
.Em GATEWAY
|
|
and
|
|
.Em IPFORWARDING
|
|
is insufficient to stop all routing through a bastion host on a
|
|
firewall -- source routing is controlled independently.
|
|
To turn off source routing, use
|
|
.Em options IPFORWSRCRT=0
|
|
(which see).
|
|
Note that IP forwarding may be turned on and off independently of the
|
|
setting of the
|
|
.Em IPFORWARDING
|
|
option through the use of the
|
|
.Em net.inet.ip.forwarding
|
|
sysctl variable. If
|
|
.Em net.inet.ip.forwarding
|
|
is 1, IP forwarding is on. See
|
|
.Xr sysctl 8
|
|
and
|
|
.Xr sysctl 3
|
|
for details.
|
|
.It Cd options IPFORWSRCRT=value
|
|
If
|
|
.Em value
|
|
is set to zero, source routing of IP datagrams is turned off. If
|
|
.Em value
|
|
is set to one (the default) or the option is absent, source routed IP
|
|
datagrams are forwarded by the machine. Note that source routing of
|
|
IP packets may be turned on and off independently of the setting of
|
|
the
|
|
.Em IPFORWSRCRT
|
|
option through the use of the
|
|
.Em net.inet.ip.forwsrcrt
|
|
sysctl variable. If
|
|
.Em net.inet.ip.forwsrcrt
|
|
is 1, forwarding of source routed IP datagrams is on. See
|
|
.Xr sysctl 8
|
|
and
|
|
.Xr sysctl 3
|
|
for details.
|
|
.It Cd options MROUTING
|
|
Includes support for IP multicast routers. You certainly want
|
|
.Em INET
|
|
with this. Multicast routing is controlled by the
|
|
.Xr mrouted 8
|
|
daemon.
|
|
.It Cd options INET
|
|
Includes support for the TCP/IP protocol stack. You almost certainly
|
|
want this. See
|
|
.Xr inet 4
|
|
for details.
|
|
This option is currently required.
|
|
.It Cd options MCLSHIFT=value
|
|
This option is the base-2 logarithm of the size of mbuf clusters.
|
|
The BSD networking stack keeps network packets in a linked
|
|
list, or chain, of kernel buffer objects called mbufs. The system
|
|
provides larger mbuf clusters as an optimization for large packets,
|
|
instead of using long chains for large packets.
|
|
The mbuf cluster size,
|
|
or
|
|
.Em MCLBYTES,
|
|
must be a power of two, and is computed as two raised to the power
|
|
.Em MCLSHIFT.
|
|
On systems with Ethernet network adaptors,
|
|
.Em MCLSHIFT
|
|
is often set to 11, giving 2048-byte mbuf clusters, large enough to
|
|
hold a 1500-byte Ethernet frame in a single cluster. Systems with
|
|
networks supporting larger frame sizes like ATM, FDDI, or HIPPI may
|
|
perform better with MCLSHIFT set to 12 or 13, giving mbuf cluster
|
|
sizes of 4096 and 8192 bytes, respectively.
|
|
.It Cd options NS
|
|
Include support for the Xerox XNS protocol stack. See
|
|
.Xr ns 4
|
|
for details.
|
|
.It Cd options ISO,TPIP
|
|
Include support for the ubiquitous OSI protocol stack. See
|
|
.Xr iso 4
|
|
for details.
|
|
.It Cd options EON
|
|
Include support for OSI tunneling over IP.
|
|
.It Cd options CCITT,LLC,HDLC
|
|
Include support for the X.25 protocol stack.
|
|
The state of this code is currently unknown, and probably contains
|
|
bugs.
|
|
.It Cd options IPNOPRIVPORTS
|
|
Normally, only root can bind a socket descriptor to a so-called
|
|
.Dq privileged
|
|
TCP
|
|
port, that is, a port number in the range 0-1023. This option
|
|
eliminates those checks from the kernel. This can be useful if there
|
|
is a desire to allow daemons without privileges to bind those ports,
|
|
e.g. on firewalls. The security tradeoffs in doing this are subtle.
|
|
This option should only be used by experts.
|
|
.It Cd options TCP_COMPAT_42
|
|
TCP bug compatibility with 4.2BSD. In 4.2BSD, TCP sequence numbers
|
|
were 32-bit signed values. Modern implementations of TCP use unsigned
|
|
values. This option clamps the initial sequence number to start in
|
|
the range 2^31 rather than the full unsigned range of 2^32. Also,
|
|
under 4.2BSD, keepalive packets must contain at least one byte or else
|
|
the remote end would not respond.
|
|
.It Cd options PFIL_HOOKS
|
|
This option turns on the packet filter interface hooks. See
|
|
.Xr pfil 9
|
|
for details.
|
|
.It Cd options IPFILTER
|
|
This option enables the IP filtering on the packet level using the
|
|
ip-filter package. This option requies that the
|
|
.Em PFIL_HOOK
|
|
option also be included.
|
|
.It Cd options IPFILTER_LOG
|
|
This option, in conjuction with
|
|
.Em IPFILTER ,
|
|
enables logging of IP packets using ip-filter.
|
|
.It Cd options IPF_DEFAULT_PASS
|
|
This option sets the default policy of ip-filter. It should be set
|
|
to either
|
|
.Em FR_PASS
|
|
or
|
|
.Em FR_BLOCK ,
|
|
depending on whether the filter is to pass or block packets by
|
|
default, respectively.
|
|
.It Cd options PPP_FILTER
|
|
This option turns on
|
|
.Xr pcap 3
|
|
based filtering for ppp connections. This option is used by
|
|
.Xr pppd 8
|
|
which needs to be compiled with
|
|
.Em PPP_FILTER
|
|
defined (the current default).
|
|
.El
|
|
.Ss System V IPC Options
|
|
.Bl -ohang
|
|
.It Cd options SYSVMSG
|
|
Includes support for
|
|
.At V
|
|
style message queues. See
|
|
.Xr msgctl 2 ,
|
|
.Xr msgget 2 ,
|
|
.Xr msgrcv 2 ,
|
|
.Xr msgsnd 2 .
|
|
.It Cd options SYSVSEM
|
|
Includes support for
|
|
.At V
|
|
style semaphores. See
|
|
.Xr semctl 2 ,
|
|
.Xr semget 2 ,
|
|
.Xr semop 2 .
|
|
.It Cd options SYSVSHM
|
|
Includes support for
|
|
.At V
|
|
style shared memory. See
|
|
.Xr shmat 2 ,
|
|
.Xr shmctl 2 ,
|
|
.Xr shmdt 2 ,
|
|
.Xr shmget 2 .
|
|
.It Cd options SHMPAXPGS=value
|
|
Sets the maximum number of
|
|
.At V
|
|
style shared memory pages that are available through the
|
|
.Xr shmget 2
|
|
system call. Default value is 1024 on most ports. See
|
|
.Pa /usr/include/machine/vmparam.h
|
|
for the default.
|
|
.El
|
|
.Ss VM Related Options
|
|
.Bl -ohang
|
|
.It Cd options SWAPPAGER
|
|
Turns on paging. (To be specific, this enables the virtual memory
|
|
module responsible for handling page faults for
|
|
.Dq anonymous
|
|
objects (i.e. BSS pages)).
|
|
.Em MANDATORY
|
|
-- you cannot actually run without
|
|
this
|
|
.Dq option .
|
|
.It Cd options VNODEPAGER
|
|
Support for mmap()ing of files. (Specifically, this enables the
|
|
virtual memory module responsible for handling page faults on mapped
|
|
files (
|
|
.Dq plain file
|
|
vnodes)).
|
|
.Em MANDATORY
|
|
-- you cannot actually run without
|
|
this
|
|
.Dq option .
|
|
.It Cd options DEVPAGER
|
|
Support for mmap()ing of devices. (Specifically, this enables the
|
|
virtual memory module responsible for handling page faults on mapped
|
|
devices (
|
|
.Dq cdev
|
|
vnodes)).
|
|
.Em MANDATORY
|
|
-- you cannot actually run without
|
|
this
|
|
.Dq option .
|
|
.It Cd options NMBCLUSTERS=value
|
|
Size of kernel mbuf cluster map,
|
|
.Em mb_map ,
|
|
in CLBYTES-sized logical
|
|
pages. Default on most ports is 256 (512 with
|
|
.Dq options GATEWAY ).
|
|
See
|
|
.Pa /usr/include/machine/param.h
|
|
for exact default information. Increase this value if you get
|
|
.Dq mb_map full
|
|
messages.
|
|
.It Cd options NKMEMCLUSTERS=value
|
|
Size of kernel malloc arena in CLBYTES-sized logical pages. This area
|
|
is covered by the kernel submap
|
|
.Em kmem_map .
|
|
See
|
|
.Pa /usr/include/machine/param.h
|
|
for the default value, which is port specific. Increase this value if
|
|
you get
|
|
.Dq out of space in kmem_map
|
|
panics.
|
|
.\" , which mean you have run out of mallocable kernel memory.
|
|
.It Cd options NBUF=value
|
|
.It Cd options BUFPAGES=value
|
|
These option set the number of pages available for the buffer cache.
|
|
Their default value is a machine depedant value, often calculated as
|
|
between 5% and 10% of total available RAM.
|
|
.El
|
|
.\" The following requests should be uncommented and used where appropriate.
|
|
.\" .Sh FILES
|
|
.\" .Sh EXAMPLES
|
|
.Sh SEE ALSO
|
|
.Xr config 8 ,
|
|
.Xr init 8 ,
|
|
.Xr gettimeofday 2 ,
|
|
.Xr sysctl 8 ,
|
|
.Xr sysctl 3 ,
|
|
.Xr xntpd 8 ,
|
|
.Xr ntp_adjtime 2 ,
|
|
.Xr ntp_gettime 2 ,
|
|
.Xr i386_iopl 2 ,
|
|
.Xr msgctl 2 ,
|
|
.Xr msgget 2 ,
|
|
.Xr msgrcv 2 ,
|
|
.Xr msgsnd 2 ,
|
|
.Xr semctl 2 ,
|
|
.Xr semget 2 ,
|
|
.Xr semop 2 ,
|
|
.Xr shmat 2 ,
|
|
.Xr shmctl 2 ,
|
|
.Xr shmdt 2 ,
|
|
.Xr shmget 2 ,
|
|
.Xr ddb 4 ,
|
|
.Xr lkm 4 ,
|
|
.Xr inet 4 ,
|
|
.Xr ns 4 ,
|
|
.Xr iso 4 ,
|
|
.Xr mrouted 8 ,
|
|
.Xr mount_lfs 8 ,
|
|
.Xr newlfs 8 ,
|
|
.Xr mount_mfs 8 ,
|
|
.Xr mount_nfs 8 ,
|
|
.Xr mount_cd9660 8 ,
|
|
.Xr mount_msdos 8 ,
|
|
.Xr mount_fdesc 8 ,
|
|
.Xr mount_kernfs 8 ,
|
|
.Xr mount_null 8 ,
|
|
.Xr mount_portal 8 ,
|
|
.Xr mount_procfs 8 ,
|
|
.Xr mount_umap 8 ,
|
|
.Xr mount_union 8 ,
|
|
.Xr edquota 8 ,
|
|
.Xr quotaon 8 ,
|
|
.Xr quota 1 ,
|
|
.Xr rpc.rquotad 8 ,
|
|
.Xr ktrace 1 ,
|
|
.Xr gdb 1
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
man page first appeared in
|
|
.Nx 1.3 .
|
|
.Sh BUGS
|
|
The
|
|
.Em INET
|
|
and the
|
|
.Em VNODEPAGER
|
|
options should not be required.
|