[Midnightbsd-cvs] src: rc.conf: Add defaults for several daemons.

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Sat Jan 17 13:37:38 EST 2009 

Log Message:
-----------
Add defaults for several daemons.

Modified Files:
--------------
    src/etc/defaults:
        rc.conf (r1.21 -> r1.22)

-------------- next part --------------
Index: rc.conf
===================================================================
RCS file: /home/cvs/src/etc/defaults/rc.conf,v
retrieving revision 1.21
retrieving revision 1.22
diff -L etc/defaults/rc.conf -L etc/defaults/rc.conf -u -r1.21 -r1.22
--- etc/defaults/rc.conf
+++ etc/defaults/rc.conf
@@ -77,7 +77,7 @@
 #geli_da1_autodetach="NO"
 #geli_mirror_home_flags="-k /etc/geli/home.keys"
 
-geli_swap_flags="-a aes -l 256 -s 4096 -d"	# Options for GELI-encrypted
+geli_swap_flags="-e aes -l 256 -s 4096 -d"	# Options for GELI-encrypted
 						# swap partitions.
 
 root_rw_mount="YES"	# Set to NO to inhibit remounting root read-write.
@@ -98,7 +98,8 @@
 hostid_file="/etc/hostid"	# File with hostuuid.
 nisdomainname="NO"		# Set to NIS domain if using NIS (or NO).
 dhclient_program="/sbin/dhclient"	# Path to dhcp client program.
-dhclient_flags=""		# Additional flags to pass to dhcp client.
+dhclient_flags=""		# Extra flags to pass to dhcp client.
+#dhclient_flags_fxp0=""		# Extra dhclient flags for fxp0 only
 background_dhclient="NO"	# Start dhcp client in the background.
 #background_dhclient_fxp0="YES"	# Start dhcp client on fxp0 in the background.
 synchronous_dhclient="YES"	# Start dhclient directly on configured
@@ -106,9 +107,19 @@
 firewall_enable="YES"		# Set to YES to enable firewall functionality
 firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
 firewall_type="DESKTOP"		# Firewall type (see /etc/rc.firewall)
-firewall_quiet="YES"		# Set to YES to suppress rule display
+firewall_quiet="NO"		# Set to YES to suppress rule display
 firewall_logging="NO"		# Set to YES to enable events logging
 firewall_flags=""		# Flags passed to ipfw when type is a file
+firewall_myservices=""		# List of TCP ports on which this host
+				#  offers services
+firewall_allowservices=""	# List of IPs which has access to
+				#  $firewall_myservices
+firewall_trusted=""		# List of IPs which has full access to this host
+firewall_logdeny="NO"		# Set to YES to log default denied incoming
+				#  packets.
+firewall_nologports="135-139,445 1026,1027 1433,1434" # List of TCP/UDP ports
+				#  for which denied incoming packets are not
+				#  logged.
 ip_portrange_first="NO"		# Set first dynamically allocated port
 ip_portrange_last="NO"		# Set last dynamically allocated port
 ike_enable="NO"			# Enable IKE daemon (usually racoon or isakmpd)
@@ -148,12 +159,11 @@
 ftpproxy_flags=""		# additional flags for ftp-proxy(8)
 pfsync_enable="NO"		# Expose pf state to other hosts for syncing
 pfsync_syncdev=""		# Interface for pfsync to work through
+pfsync_syncpeer=""		# IP address of pfsync peer host
 pfsync_ifconfig=""		# Additional options to ifconfig(8) for pfsync
 tcp_extensions="YES"		# Set to NO to turn off RFC1323 extensions.
 log_in_vain="0"			# >=1 to log connects to ports w/o listeners.
 tcp_keepalive="YES"		# Enable stale TCP connection timeout (or NO).
-# For the following option you need to have TCP_DROP_SYNFIN set in your
-# kernel.  Please refer to LINT and NOTES for details.
 tcp_drop_synfin="NO"		# Set to YES to drop TCP packets with SYN+FIN
 				# NOTE: this violates the TCP specification
 icmp_drop_redirect="NO" 	# Set to YES to ignore ICMP REDIRECT packets
@@ -167,6 +177,9 @@
 #ifconfig_fxp0_name="net0"	# Change interface name from fxp0 to net0.
 #ipv4_addrs_fxp0="192.168.0.1/24 192.168.1.1-5/28" # example IPv4 address entry.
 #
+#autobridge_interfaces="bridge0"	# List of bridges to check 
+#autobridge_bridge0="tap* vlan0"	# Interface glob to automatically add to the bridge
+#
 # If you have any sppp(4) interfaces above, you might also want to set
 # the following parameters.  Refer to spppcontrol(8) for their meaning.
 sppp_interfaces=""		# List of sppp interfaces.
@@ -177,6 +190,10 @@
 				# Choose correct tunnel addrs.
 #gifconfig_gif0="10.1.1.1 10.1.2.1"	# Examples typically for a router.
 #gifconfig_gif1="10.1.1.2 10.1.2.2"	# Examples typically for a router.
+fec_interfaces=""		# List of Fast EtherChannels.
+#fec_interfaces="fec0 fec1"
+#fecconfig_fec0="fxp0 dc0"	# Examples typically for two NICs
+#fecconfig_fec1="em0 em1 bge0 bge1"	# Examples typically for four NICs
 
 # User ppp configuration.
 ppp_enable="NO"		# Start user-ppp (or NO).
@@ -187,6 +204,12 @@
 ppp_profile="papchap"	# Which profile to use from /etc/ppp/ppp.conf.
 ppp_user="root"		# Which user to run ppp as
 
+# Start multiple instances of ppp at boot time
+#ppp_profile="profile1 profile2 profile3"	# Which profiles to use
+#ppp_profile1_mode="ddial"	# Override ppp mode for profile1
+#ppp_profile2_nat="NO"		# Override nat mode for profile2
+# profile3 uses default ppp_mode and ppp_nat
+
 ### Network daemon (miscellaneous) ###
 hostapd_enable="NO"		# Run hostap daemon.
 syslogd_enable="YES"		# Run syslog daemon (or NO).
@@ -239,19 +262,24 @@
 
 ### Network daemon (NFS): All need rpcbind_enable="YES" ###
 amd_enable="NO"			# Run amd service with $amd_flags (or NO).
+amd_program="/usr/sbin/amd"	# path to amd, if you want a different one.
 amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map"
 amd_map_program="NO"		# Can be set to "ypcat -k amd.master"
 nfs_client_enable="NO"		# This host is an NFS client (or NO).
 nfs_access_cache="60"		# Client cache timeout in seconds
 nfs_server_enable="NO"		# This host is an NFS server (or NO).
 nfs_server_flags="-u -t -n 4"	# Flags to nfsd (if enabled).
+idmapd_enable="NO"		# Run the NFS4 id mapper (YES/NO).
+idmapd_flags=""			# Additional flags for idmapd.
 mountd_enable="NO"		# Run mountd (or NO).
 mountd_flags="-r"		# Flags to mountd (if NFS server enabled).
 weak_mountd_authentication="NO"	# Allow non-root mount requests to be served.
 nfs_reserved_port_only="NO"	# Provide NFS only on secure port (or NO).
 nfs_bufpackets=""		# bufspace (in packets) for client
 rpc_lockd_enable="NO"		# Run NFS rpc.lockd needed for client/server.
+rpc_lockd_flags=""		# Flags to rpc.lockd (if enabled).
 rpc_statd_enable="NO"		# Run NFS rpc.statd needed for client/server.
+rpc_statd_flags=""		# Flags to rpc.statd (if enabled).
 rpcbind_enable="NO"		# Run the portmapper service (YES/NO).
 rpcbind_program="/usr/sbin/rpcbind"	# path to rpcbind, if you want a different one.
 rpcbind_flags=""		# Flags to rpcbind (if enabled).
@@ -295,7 +323,11 @@
 router_enable="NO"		# Set to YES to enable a routing daemon.
 router="/sbin/routed"		# Name of routing daemon to use if enabled.
 router_flags="-q"		# Flags for routing daemon.
-mrouted_enable="NO"		# Do multicast routing (see /etc/mrouted.conf).
+mrouted_enable="NO"		# Do IPv4 multicast routing.
+mrouted_program="/usr/sbin/mrouted"		# Name of IPv4 multicast
+						# routing daemon.  You need to
+						# install it from package or
+						# port.
 mrouted_flags=""		# Flags for multicast routing daemon.
 ipxgateway_enable="NO"		# Set to YES to enable IPX routing.
 ipxrouted_enable="NO"		# Set to YES to run the IPX routing daemon.
@@ -334,8 +366,8 @@
 sdpd_username="nobody"		# it initializes
 
 bthidd_enable="NO"		# Enable bthidd(8) (or NO)
-bthidd_config="/etc/bluetooth/bthidd.conf"	# bthidd(8) configuration file
-bthidd_hids="/var/db/bthidd.hids"	# bthidd(8) known HID devices file
+bthidd_config="/etc/bluetooth/bthidd.conf" # bthidd(8) configuration file
+bthidd_hids="/var/db/bthidd.hids" # bthidd(8) known HID devices file
 
 ### Miscellaneous network options: ###
 icmp_bmcastecho="NO"	# respond to broadcast ping packets
@@ -424,18 +456,16 @@
 saver="NO"		# screen saver: Uses /boot/kernel/${saver}_saver.ko
 moused_nondefault_enable="YES" # Treat non-default mice as enabled unless
 			       # specifically overriden in rc.conf(5).
-moused_enable="YES"	# Run the mouse daemon.
+moused_enable="NO"	# Run the mouse daemon.
 moused_type="auto"	# See man page for rc.conf(5) for available settings.
 moused_port="/dev/psm0"	# Set to your mouse port.
 moused_flags=""		# Any additional flags to moused.
 mousechar_start="NO"	# if 0xd0-0xd3 default range is occupied in your
 			# language code table, specify alternative range
 			# start like mousechar_start=3, see vidcontrol(1)
-allscreens_flags="-t off"	# Set this vidcontrol mode for all virtual
-				# screens
+allscreens_flags=""	# Set this vidcontrol mode for all virtual screens
 allscreens_kbdflags=""	# Set this kbdcontrol mode for all virtual screens
 
-
 ##############################################################
 ###  Mail Transfer Agent (MTA) options  ######################
 ##############################################################
@@ -455,7 +485,7 @@
 sendmail_msp_queue_enable="YES"	# Dequeue stuck clientmqueue mail (YES/NO).
 sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q30m"
 				# Flags for sendmail_msp_queue daemon.
-sendmail_rebuild_aliases="NO"	# will not rebuild aliases on startup automatically
+sendmail_rebuild_aliases="NO"	# Run newaliases if necessary (YES/NO).
 
 
 ##############################################################
@@ -469,17 +499,20 @@
 cron_program="/usr/sbin/cron"	# Which cron executable to run (if enabled).
 cron_dst="YES"		# Handle DST transitions intelligently (YES/NO)
 cron_flags=""		# Which options to pass to the cron daemon.
-nscd_enable="NO"	# Run the nsswitch caching daemon.
 lpd_enable="NO"		# Run the line printer daemon.
 lpd_program="/usr/sbin/lpd"	# path to lpd, if you want a different one.
 lpd_flags=""		# Flags to lpd (if enabled).
+nscd_enable="NO"	# Run the nsswitch caching daemon.
 chkprintcap_enable="NO"	# Run chkprintcap(8) before running lpd.
 chkprintcap_flags="-d"	# Create missing directories by default.
-dumpdev="NO"		# Device to crashdump to (device name, AUTO, or NO).
+dumpdev="AUTO"		# Device to crashdump to (device name, AUTO, or NO).
 dumpdir="/var/crash"	# Directory where crash dumps are to be stored
 savecore_flags=""	# Used if dumpdev is enabled above, and present.
 enable_quotas="NO"	# turn on quotas on startup (or NO).
 check_quotas="YES"	# Check quotas on startup (or NO).
+quotaon_flags="-a"	# Turn quotas on for all file systems (if enabled)
+quotaoff_flags="-a"	# Turn quotas off for all file systems at shutdown
+quotacheck_flags="-a"	# Check all file system quotas (if enabled)
 accounting_enable="NO"	# Turn on process accounting (or NO).
 ibcs2_enable="NO"	# Ibcs2 (SCO) emulation loaded at startup (or NO).
 ibcs2_loaders="coff"	# List of additional Ibcs2 loaders (or NO).
@@ -547,12 +580,19 @@
 #
 # To use rc's built-in jail infrastructure create entries for
 # each jail, specified in jail_list, with the following variables.
-# NOTE: replace 'example' with the jail's name.
+# NOTES:
+# - replace 'example' with the jail's name.
+# - except rootdir, hostname and ip, all of the following variables may be made
+#   global jail variables if you don't specify a jail name (ie. jail_interface).
 #
 #jail_example_rootdir="/usr/jail/default"	# Jail's root directory
 #jail_example_hostname="default.domain.com"	# Jail's hostname
 #jail_example_ip="192.168.0.10"			# Jail's IP number
+#jail_example_interface=""			# Interface to create the IP alias on
 #jail_example_exec_start="/bin/sh /etc/rc"		# command to execute in jail for starting
+#jail_example_exec_afterstart0="/bin/sh command"	# command to execute after the one for 
+							# starting the jail. More than one can be
+							# specified using a trailing number
 #jail_example_exec_stop="/bin/sh /etc/rc.shutdown"	# command to execute in jail for stopping
 #jail_example_devfs_enable="NO"			# mount devfs in the jail
 #jail_example_fdescfs_enable="NO"		# mount fdescfs in the jail

More information about the Midnightbsd-cvs mailing list